Commit Graph

190 Commits

Author SHA1 Message Date
Lucas Manuel Rodriguez
c46b6bdbbe
Remove ineffective rate limit to /api/fleet/device/ping and api/fleet/orbit/ping endpoints (#16334)
#16076

This change removes ineffective rate limit to `/api/fleet/device/ping`
and `api/fleet/orbit/ping`.
Currently these endpoints are not rate limited, because the rate
limiting used in these was the `errorLimiter` which only takes effect if
the request fails and the ping endpoints never fail. So... we were
making ineffective Redis accesses on every `/api/fleet/device/ping` and
`api/fleet/orbit/ping` requests (we use Redis as the limiter store).

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
2024-01-25 15:05:52 -03:00
Lucas Manuel Rodriguez
eeb9931f40
Move external dependency mockimpl to monorepo (#15863)
#15560

Probably best to review commit by commit.
First commit adds the mockimpl files, second commit amends README.md and
third commit fixes golangci-lint issues.

- [X] Manual QA for all new/changed functionality

Tested by adding a dummy method to service.go and running `make
generate-mock`.

---------

Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
2024-01-10 11:46:24 -03:00
Lucas Manuel Rodriguez
417f45fc61
Move external dependency fleetdm/kolide-kit to monorepo (#15861)
#15556

We will need to pay attention when releasing fleet (the github actions
were modified to use the local file now).

Should be reviewed by commits (first commit is the actual adding of the
`version.go` file)

- [X] Manual QA for all new/changed functionality

Manually tested the following:
- `Settings -> My account` on the UI and checked the `/version` endpoint
response. (Or also visiting https://localhost:8080/version on a
browser).
- Ran `make fleetctl fleet`, `./build/fleetctl --version` and
`./build/fleet version`.
2024-01-02 18:22:52 -03:00
Lucas Manuel Rodriguez
38b8c9cc58
Move external dependency goose to monorepo (#15859)
#15555

Probably the best way to review this is commit by commit:
- First commit does the actual moving.
- Second commit fixes golangci-lint issues (in the least effort way to
avoid refactoring or rearrangement of some of the code).
- Third commit moves a printf to before the migration step is executed.
In the past some customers hitting migration issues (like migration
steps hanging or taking long to execute) and wanted to know which one
was it. The only way to know was to look at the repository and looking
for the next migration after the last one logged.

Checks:
- [X] Manual QA for all new/changed functionality

Manual tests:
- `make fleet && make db-reset`.
- Adding a new migration via `make migration name=Foobar` and then
running `./build/fleet prepare db`.
- Enrolling a new device to Fleet (smoke test).
2024-01-02 17:52:00 -03:00
Martin Angers
fb01e30f27
Require a custom Clone for cacheable items, add tooling and CI check to help catch issues (#15458) 2023-12-06 14:34:22 -05:00
Eric
ed7c51c9c9
Add --coverpkg flag to go test in the Makefile (#15153)
Related to: #10209

Changes:
 - Updated the go test in the Makefile to have the `--codepkg` flag.
- Added a newline to the `test-go` GH workflow to trigger a run for this
PR


> Note: I'm creating this as a draft PR to see the results of the "Test
Go" workflow
2023-11-20 17:01:19 -06:00
Lucas Manuel Rodriguez
bc045bdc95
Orbit kolide table build fixes (#14972)
Fixes Orbit builds needed for releasing it.
2023-11-06 17:53:02 -03:00
George Karr
970854e078
Switching systray dependency to one without glibc requirements (#14197) 2023-11-02 14:40:21 -05:00
Sharon Katz
ab7717009e
Add Kolide osquery tables 2023-11-01 20:11:35 -06:00
Roberto Dip
65c08b77ba
update swift dialog version (#14000)
For #13386, #13373 and #13385, this updates the swiftDialog version.

I have tested locally that everything works as expected.
2023-09-19 13:49:58 -03:00
George Karr
4849c29a53
Adding libcairo to packaged shared libraries to fix version mismatch (#13802)
# Checklist for submitter
- [x] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [x] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).

---------

Co-authored-by: George Karr <gkarr@xerithas-mac-16.local>
2023-09-18 20:27:24 -05:00
Erik Gomez
18df844412
enhance the build process for the fleetd-tables (#11968)
- Adds a `universal` method for building the fleetd tables for darwin
- Sets `.exe` for the windows extension
- Adds an `all` method for building all fleetd tables
2023-05-26 17:25:32 -03:00
Roberto Dip
8829b84a63
add migration support to FD and orbit (#11741)
https://github.com/fleetdm/fleet/issues/11534
2023-05-18 14:21:54 -03:00
Juan Fernandez
827c4a7c33
Feature 8058: Added resource.syso metadata file (#10783)
Addresses https://github.com/fleetdm/fleet/issues/8058, https://github.com/fleetdm/fleet/issues/11012 and https://github.com/fleetdm/fleet/issues/11013

This PR adds a new VERSIONINFO metadata file using the
https://github.com/josephspurrier/goversioninfo library.
2023-05-17 18:53:25 -03:00
Roberto Dip
4103e77e90
add swiftDialog to TUF (#11643)
Related to #11534 this is an extract from the code I used to build a
prototype to see if `swiftDialog` would work for us.

This is very similar to the work we did for Nudge previously.
2023-05-11 15:01:43 -03:00
Zach Wasserman
a14228dd11
Upgrade webpack to v5 (#11173)
Upgrades webpack and other JS dependencies. This was primarily motivated
by GitHub reporting a vulnerability in Webpack (which shouldn't actually
effect our use of Webpack) and wanting to clean up some tech debt.

Note that equivalent functionality for url-loader and file-loader is now
included in webpack itself.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Manual QA for all new/changed functionality
2023-04-14 07:58:54 -07:00
Benjamin Edwards
879d02c219
add simple go osquery extension & readme to register orbit tables (#10795)
closes https://github.com/fleetdm/fleet/issues/10708

New osquery extension & readme that describes how to build and get
osqueryd to autoload.
2023-03-31 10:39:13 -04:00
Roberto Dip
edc0324ac0
update mockimpl version to allow concurrent mock calls (#9989)
this uses the associated new version in our fork

ecbb3041ea

to allow for concurrent access to mocks
2023-02-21 16:36:06 -03:00
Roberto Dip
a7f546b192
Use openssl legacy provider to run webpack until we upgrade (#9950)
Related to https://github.com/fleetdm/fleet/issues/9945, this changes
our Makefile to use the project-local `webpack` binary and to use
`NODE_OPTIONS=--openssl-legacy-provider` as described here:
https://github.com/webpack/webpack/issues/14532

The real fix is to upgrade webpack to v5 or newer, but that can be a can
of worms.
2023-02-20 14:35:15 -03:00
gillespi314
bcdc4691bb
Enable installation and auto-updates of Nudge via Orbit (#9605)
Issue #9093 

Co-authored-by: Roberto Dip <me@roperzh.com>
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2023-02-10 17:03:43 -03:00
Roberto Dip
4c4c114e96
add mocks + tests and move things around (#9574)
#8948

- Add more go:generate commands for MDM mocks
- Add unit and integration tests for MDM code
- Move interfaces from their PoC location to match existing patterns
2023-01-31 11:46:01 -03:00
Lucas Manuel Rodriguez
1cdfe2d351
Add summary of hardcoded detail queries (#9425)
Adds a process to generate a summary of the hardcoded Fleet queries.
2023-01-19 17:44:03 -03:00
Zach Wasserman
f1fdcfc481
Don't go get go-ruleguard in make deps-go (#9335)
Doing this could cause the package to update and therefore generate a
dirty worktree after a run of `make deps-go`. Goreleaser will refuse to
make a build on a dirty work tree (which is probably the behavior we
want, as we only want to build with committed changes).
2023-01-13 16:42:46 -08:00
Lucas Manuel Rodriguez
39f1029390
Make activities typed and auto-generate docs for each type (#9069)
* Make activities type and auto-generate docs for each type

* Add pageOrderInSection to not break site

* Add do not edit note to generated file

* Add make generate-doc step

* Fix main merge
2022-12-23 13:05:16 -03:00
Tomas Touceda
7f8099db57
Add sandbox fleet serve config (#6619)
* Add sandbox fleet serve config

* Update docs

* Maybe fix lint issues

* Add lint dep
2022-07-12 18:21:15 -03:00
Roberto Dip
f7dd8c86cd
implement a docker image to package orbit natively in Linux (#6504)
Related to #6364 and #6363, this:

- Adds a new Docker image, `fleetdm/fleetctl` equipped with all necessary dependencies to build Fleet-osquery binaries for all platforms
- Modifies the package generation logic to special case this scenario via an environment variable `FLEETCTL_NATIVE_TOOLING`
- Adds a new GitHub workflow to test this

There are more details in the README, but part of the special-casing logic is in place to output the binaries to a folder named `build` when they are run with `FLEETCTL_NATIVE_TOOLING`, this is so we can persist the binary generated by the docker container via a bind mount:

```bash
docker run -v "$(pwd):/build" fleetdm/fleetctl package --type=msi
```

To test this changeset, I have generated packages for all platforms, both via the new Docker image and via the classic `fleetctl package`.
2022-07-11 09:49:13 -03:00
Lucas Manuel Rodriguez
a336ed61e5
Add gotestfmt to improve test output and fix flaky tests (#6528) 2022-07-11 08:12:33 -03:00
Zach Wasserman
db22f68c88
Separate health checks for MySQL and Redis (#6468)
This required a bit of refactoring of some mocking due to how the code
generation does not handle having the same function in different types.
2022-07-01 08:08:03 -03:00
Lucas Manuel Rodriguez
22382c757c
Add better support for M1 to docker-compose.yml and add fleet-dev target to Makefile (#6432)
* Add better support for M1 to docker-compose.yml and add fleet-dev target

* Amend comment
2022-06-29 14:38:23 -03:00
gillespi314
2715f8eb32
Add fixtures for software and vulnerabilities end-to-end tests (#6337) 2022-06-23 10:01:37 -05:00
Zach Wasserman
ca1c8ffd58
Generate targets for osquery 5.3.0 (#6188) 2022-06-13 08:04:21 -07:00
Lucas Manuel Rodriguez
4cfeaa1580
Do not use golangci action for better reproducibility (use make lint-go) (#6175)
* Do not use golangci action for better reproducibility

* Add fix to trigger build

* Fix all reported issues

* fix more lint errors

* Add missing import

* Remove unused method

* Remove change not necessary
2022-06-10 18:52:24 -03:00
gillespi314
4a4e832d3a
Increase minimum password length to 12 characters (#5712) 2022-05-18 12:03:00 -05:00
Lucas Manuel Rodriguez
74dfdcb882
Kickoff documentation for Orbit Release Process (#5544)
* Kickoff documentation for Orbit releasing

* Fixes to the github action

* Missing follow redirect on curl

* Run osqueryd --version to verify before uploading artifacts

* Use cmd as shell for windows-latest runner

* Final set of changes to the guide
2022-05-13 07:15:29 -03:00
Martin Angers
b52ce46627
Fix desktop build and test on non-Ubuntu linux (#5643) 2022-05-10 09:20:07 -04:00
Lucas Manuel Rodriguez
b6bbbbe186
Add (beta) support for Fleet Desktop to linux (#5221)
* Add (beta) support for Fleet Desktop to linux

* Add dependency for linux desktop

* Amend makefile uname check

* Clarify env vars used for linux in execuser

* Add final set of fixes

* Remove -it from docker run

* Add desktop to the update runner for Linux

* Re-arrange tag.gz and fix upgrade check for linux desktop
2022-05-04 11:14:12 -03:00
Zach Wasserman
64b6f748fe
Updates for Fleet 4.13.2 (#5361)
Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-04-25 14:54:25 -07:00
Martin Angers
f28dc10a51
Merge jira-integration branch to main (#4949) 2022-04-05 12:56:15 -04:00
Lucas Manuel Rodriguez
57816592ba
Add read replica testing helpers and fix non-sso login bug (#4908)
not set on the INSERT.
- OUT: Only sets the ID on the passed session and returns it. (`CreatedAt`, `AccessedAt`, are not set.)

New version:

```go
func (ds *Datastore) NewSession(ctx context.Context, userID uint, sessionKey string) (*fleet.Session, error) {
	sqlStatement := `
		INSERT INTO sessions (
			user_id,
			` + "`key`" + `
		)
		VALUES(?,?)
	`
	result, err := ds.writer.ExecContext(ctx, sqlStatement, userID, sessionKey)
	if err != nil {
		return nil, ctxerr.Wrap(ctx, err, "inserting session")
	}

	id, _ := result.LastInsertId() // cannot fail with the mysql driver
	return ds.sessionByID(ctx, ds.writer, uint(id))
}
```

- IN: Define arguments that are truly used when creating a session.
- OUT: Load and return the fleet.Session struct with all values set (using the `ds.writer` to support read replicas correctly).

PS: The new `NewSession` version mimics what we already do with other entities, like policies (`Datastore.NewGlobalPolicy`).
2022-04-04 16:52:05 -07:00
Lucas Manuel Rodriguez
c82c580716
Orbit: Add Fleet Desktop support to Windows (#4873)
* Orbit: Add Fleet Desktop support to Windows

* Rename workflow, fix linux build

* Do not compile systray on linux

* nolint on unused

* Fix lint properly

* nolint both checkers

* Fix monitor logic in desktopRunner

* Fix interrupt and execute order
2022-04-01 17:28:51 -03:00
Lucas Manuel Rodriguez
ecdfd627b6
Fleet Desktop MVP (#4530)
* WIP

* WIP2

* Fix orbit and fleetctl tests

* Amend macos-app default

* Add some fixes

* Use fleetctl updates roots command

* Add more fixes to Updater

* Fixes to app publishing and downloading

* Add more changes to support fleetctl cross generation

* Amend comment

* Add pkg generation to ease testing

* Make more fixes

* Add changes entry

* Add legacy targets (until our TUF system exposes the new app)

* Fix fleetctl preview

* Fix bool flag

* Fix orbit logic for disabled-updates and dev-mode

* Fix TestPreview

* Remove constant and fix zip-slip attack (codeql)

* Return unknown error

* Fix updater's checkExec

* Add support for executable signing in init_tuf.sh

* Try only signing orbit

* Fix init_tuf.sh targets, macos-app only for osqueryd

* Specify GOARCH to support M1s

* Add workflow to generate osqueryd.app.tar.gz

* Use 5.2.2 on init_tuf.sh

* Add unit test for tar.gz target

* Use artifacts instead of releases

* Remove copy paste residue

* Fleet Desktop Packaging WIP

* Ignore gosec warning

* Trigger on PR too

* Install Go in workflow

* Pass url parameter to desktop app

* Fix fleetctl package

* Final set of changes for v1 of Fleet Desktop

* Add changes

* PR fixes

* Fix CI build

* add larger menu bar icon

* Add transparency item

* Delete host_device_auth entry on host deletion

* Add SetTargetChannel

* Update white logo and add desktop to update runner

* Add fleet-desktop monitoring to orbit

* Define fleet-desktop app exec name

* Fix update runner creation

* Add API test before enabling the My device menu item

Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-03-21 14:53:53 -03:00
Lucas Manuel Rodriguez
f4d3159cc9
Fleetctl to package .app bundles for osquery (and changes for orbit to support them) (#4393)
* WIP

* WIP2

* Fix orbit and fleetctl tests

* Amend macos-app default

* Add some fixes

* Use fleetctl updates roots command

* Add more fixes to Updater

* Fixes to app publishing and downloading

* Add more changes to support fleetctl cross generation

* Amend comment

* Add pkg generation to ease testing

* Make more fixes

* Add changes entry

* Add legacy targets (until our TUF system exposes the new app)

* Fix fleetctl preview

* Fix bool flag

* Fix orbit logic for disabled-updates and dev-mode

* Fix TestPreview

* Remove constant and fix zip-slip attack (codeql)

* Return unknown error

* Fix updater's checkExec

* Add support for executable signing in init_tuf.sh

* Try only signing orbit

* Fix init_tuf.sh targets, macos-app only for osqueryd

* Specify GOARCH to support M1s

* Add workflow to generate osqueryd.app.tar.gz

* Use 5.2.2 on init_tuf.sh

* Add unit test for tar.gz target

* Use artifacts instead of releases

* Remove copy paste residue

* Trigger workflow on PR

* Fixes to ease handling of artifact

* Fix, do not use target name as dir

* Remove workaround
2022-03-15 16:04:12 -03:00
Lucas Manuel Rodriguez
297dd245ec
Run go tests with -race at night (#4090)
* Run go tests with race at night

* Add missing run on step

* Fix boolean logic

* Allow manual run for test-go.yaml

* Add slack notification step

* Try global environment variable for cron schedule

* Fix indentation

* Try number 2

* Try setting cron as usual

* Remove global env

* Only send notification in case of failure when running schedule

* Run with race enable to test

* Add more fixes

* Fix github event variable name

* Set timeouts

* Fix slack notification link

* Re-enable if clause

* Last try on Github Actions

* Re-enable the if clause
2022-02-14 16:38:53 -03:00
Zach Wasserman
ab664e5304
Clean up E2E testing configurations (#3360) 2021-12-24 12:18:00 -08:00
Zach Wasserman
3ff3d35f45
Update Orbit changelog for 0.0.4 release (#3415) 2021-12-19 17:38:10 -08:00
Tomas Touceda
142006cbdd
Issue 2099 enable vulnerability processing new installs (#3104)
* Enable vulnerability processing by default

* Add changes file

* Remove wrong env var

* Fix import

* Fix tests

* Update log line

* Remove unneeded import
2021-12-03 14:44:57 -03:00
Tomas Touceda
a0404b6736
Add software count API (#3105)
* Add software count API

* Fix makefile

* Fine no mock generating at this point

* Actually, one last try

* Use go install instead

* Fix go sum/mod

* Improve documentation

* Try setting node to 14
2021-12-03 10:54:17 -03:00
Lucas Manuel Rodriguez
964f85b174
Amend policy creation and spec (for proprietary query), and add update APIs (#2890)
* Amend policy creation (proprietary query), add update APIs

* Fix Datastore.SavePolicy bug (and add tests)

* Add integration tests for new policy APIs

* Add author email

* Add activities

* Push breaking changes for return policy fields

* WIP

* Add integration test for host policies

* Make more improvements to policy representation

* Improve upgrade code (from PR review comments)

* PR changes

* Revert activities for policies

* Use *uint instead of uint for queryID, use fleet.PolicyPayload

* Filter out other schemas

* New policy flow (#2922)

* created new policy flow -- no API connection

* added api props

* fixed prop name

* lint fixes

* removed unused modal; fixed style

* name, desc icons; created global components

* lint fixes

* ignoring certain files and lines for prettier

* Update frontend/pages/policies/PolicyPage/PolicyPage.tsx

* Make policy names unique across deployment

* Amend upgrade script

* Fix migration for unique names

* Do not deduplicate but instead rename policies

Co-authored-by: Martavis Parker <47053705+martavis@users.noreply.github.com>
2021-11-24 14:16:42 -03:00
Zach Wasserman
e279dc1682
Implement fleetctl updates rotate (#2831)
Add support for updating keys used in the TUF update system.
2021-11-15 10:01:48 -08:00
Zach Wasserman
8dc34be3a3
Updates and fixes for packaging (#2682)
- Fix Windows MSI generation by changing permissions (#2655).
- Refactor temp directory initialization.
- Use root user for Wine in WiX Docker container.
- Support .pkg packaging on Linux without dependencies (besides Docker)
2021-10-27 16:17:41 -07:00