Commit Graph

59 Commits

Author SHA1 Message Date
Lucas Manuel Rodriguez
7a33a108cb
Add --verbose flag to fleetd_tables (needed when osqueryd runs in verbose mode) (#12504)
Found while load testing the macOS CIS benchmark policy queries using
`fleetd_tables` as an extension (#10292).

Basically, osqueryd passes the `--verbose` flag to the extension, so we
need to add it here to not fail the extension execution.
2023-06-27 10:42:48 -03:00
Zachary Winnerman
85e0ac8cb7
Add aws guard duty alerts to slack and version bump the spend alerts (#12117)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-06-02 15:01:06 -04:00
Juan Fernandez
827c4a7c33
Feature 8058: Added resource.syso metadata file (#10783)
Addresses https://github.com/fleetdm/fleet/issues/8058, https://github.com/fleetdm/fleet/issues/11012 and https://github.com/fleetdm/fleet/issues/11013

This PR adds a new VERSIONINFO metadata file using the
https://github.com/josephspurrier/goversioninfo library.
2023-05-17 18:53:25 -03:00
Roberto Dip
4103e77e90
add swiftDialog to TUF (#11643)
Related to #11534 this is an extract from the code I used to build a
prototype to see if `swiftDialog` would work for us.

This is very similar to the work we did for Nudge previously.
2023-05-11 15:01:43 -03:00
Gabriel Hernandez
02a2a1e0f5
add os-setup-preview and reuse empty table for empty state (#11379)
relates to #10935

This adds the os setup gif and also reuses the EmptyTable component for
the empty state on the mac setup page.


![image](https://user-images.githubusercontent.com/1153709/234918995-10529140-f5ef-4808-8288-4b2dac30579a.png)

- [x] Manual QA for all new/changed functionality
2023-04-27 18:05:07 +01:00
Luke Heath
2844ed3157
Ignore .vscode changes (#10519) 2023-03-15 15:27:57 -05:00
Juan Fernandez
7e366272c0
Feature 9386: Parse the Mac Office release notes for vulnerability processing (#9993)
This PR adds the capability of parsing the release notes posted in https://learn.microsoft.com/en-us/officeupdates/release-notes-office-for-mac into a JSON metadata file (to be released in the NVD repo) and use it for detecting vulnerabilities on Mac Office apps.
2023-02-24 14:18:25 -04:00
gillespi314
bcdc4691bb
Enable installation and auto-updates of Nudge via Orbit (#9605)
Issue #9093 

Co-authored-by: Roberto Dip <me@roperzh.com>
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2023-02-10 17:03:43 -03:00
Martin Angers
d0e6891d10
Add endpoint to trigger CSR request for APNs on fleetdm.com (#9494) 2023-01-25 14:44:29 -05:00
Gabriel Hernandez
64e9341990
add coverage report to gitignore for fe tests (#8671) 2022-11-11 14:46:32 +00:00
Luke Heath
61ce9fc81a
Fix teams context on manage hosts and manage teams pages (#8605) 2022-11-07 11:14:40 -06:00
Juan Fernandez
f78dc8febd
Use directories to organize msrc assets (#7851)
Use directories to organize MSRC assets
2022-09-20 14:12:19 -04:00
Zachary Winnerman
87d459171a
Remove gitignore for terraform lock files (#6106)
https://www.terraform.io/language/files/dependency-lock
```
You should include this file in your version control repository so that you can discuss potential changes to your external dependencies via code review, just as you would discuss potential changes to your configuration itself.
```
2022-06-07 12:55:46 -04:00
Lucas Manuel Rodriguez
74dfdcb882
Kickoff documentation for Orbit Release Process (#5544)
* Kickoff documentation for Orbit releasing

* Fixes to the github action

* Missing follow redirect on curl

* Run osqueryd --version to verify before uploading artifacts

* Use cmd as shell for windows-latest runner

* Final set of changes to the guide
2022-05-13 07:15:29 -03:00
Lucas Manuel Rodriguez
b6bbbbe186
Add (beta) support for Fleet Desktop to linux (#5221)
* Add (beta) support for Fleet Desktop to linux

* Add dependency for linux desktop

* Amend makefile uname check

* Clarify env vars used for linux in execuser

* Add final set of fixes

* Remove -it from docker run

* Add desktop to the update runner for Linux

* Re-arrange tag.gz and fix upgrade check for linux desktop
2022-05-04 11:14:12 -03:00
Zach Wasserman
e5a80fa3f5
Add user agent to Orbit HTTP client (#5429)
Allows identification of which Orbit versions are in use from the update
server.

Refactored the build information into a separate `package build` to
support importing it from multiple places.
2022-05-02 11:03:49 -07:00
Lucas Manuel Rodriguez
ecdfd627b6
Fleet Desktop MVP (#4530)
* WIP

* WIP2

* Fix orbit and fleetctl tests

* Amend macos-app default

* Add some fixes

* Use fleetctl updates roots command

* Add more fixes to Updater

* Fixes to app publishing and downloading

* Add more changes to support fleetctl cross generation

* Amend comment

* Add pkg generation to ease testing

* Make more fixes

* Add changes entry

* Add legacy targets (until our TUF system exposes the new app)

* Fix fleetctl preview

* Fix bool flag

* Fix orbit logic for disabled-updates and dev-mode

* Fix TestPreview

* Remove constant and fix zip-slip attack (codeql)

* Return unknown error

* Fix updater's checkExec

* Add support for executable signing in init_tuf.sh

* Try only signing orbit

* Fix init_tuf.sh targets, macos-app only for osqueryd

* Specify GOARCH to support M1s

* Add workflow to generate osqueryd.app.tar.gz

* Use 5.2.2 on init_tuf.sh

* Add unit test for tar.gz target

* Use artifacts instead of releases

* Remove copy paste residue

* Fleet Desktop Packaging WIP

* Ignore gosec warning

* Trigger on PR too

* Install Go in workflow

* Pass url parameter to desktop app

* Fix fleetctl package

* Final set of changes for v1 of Fleet Desktop

* Add changes

* PR fixes

* Fix CI build

* add larger menu bar icon

* Add transparency item

* Delete host_device_auth entry on host deletion

* Add SetTargetChannel

* Update white logo and add desktop to update runner

* Add fleet-desktop monitoring to orbit

* Define fleet-desktop app exec name

* Fix update runner creation

* Add API test before enabling the My device menu item

Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-03-21 14:53:53 -03:00
Lucas Manuel Rodriguez
b5be858071
Fix update checks for orbit at startup (#3835)
* Fix update checks for orbit at startup

* Add tests

* Add scripts for testing local TUF server

* Remove -x used for debugging
2022-02-23 14:58:07 -03:00
Luke Heath
fbfc77150f
Version bump prop-types and storybook (#4236) 2022-02-16 17:09:41 -06:00
Lucas Manuel Rodriguez
be72dc356c
Add CentOS parsing+post-processing to reduce false positives in vulnerability processing (#4037)
* Add CentOS parsing and post-processing in fleet

* Add tests and amend SyncCPEDatabase

* Add test for centosPostProcessing

* Changes from PR comments

* Amend software test

* Fix sync test

* Add index to source and vendor

* Use os.MkdirTemp

* Rearrange migrations

* Regenerate test schema

* Add support for testing migrations (#4112)

* Add support for testing migrations

* Rename migration in tests

* Changes suggested in PR

* Go mod tidy
2022-02-14 15:13:44 -03:00
Lucas Manuel Rodriguez
c6fc91f2e4
Fix ListPoliciesForHost, missing filter by teams (#3106)
* Fix ListPoliciesForHost, missing filter by teams

* Amend existing tests
2021-11-24 18:17:44 -03:00
Zach Wasserman
005525c88a
Add vscode configs (#2347)
This only effects contributor experience.

- Run Docker dependencies and Webpack when opening project.
- Run/debug configs for Fleet server and UI.
- Basic settings.
2021-10-04 10:14:04 -07:00
Benjamin Edwards
fd4c90eddf
terraform reference arch (#1761)
* terraform initial architecture
* added ecs autoscaling and https alb listener
* add r53 hosted zone, dns cert verification, http -> https redirect
* fleet dogfood env dogfood.fleetdm.com now configured, added license key, added readreplica settings, enabled vuln processing
* add comment about using RDS serverless option
2021-09-21 14:19:19 -04:00
Benjamin Edwards
823775844e
added package command from orbit as fleetctl command (#1802)
* added package command from orbit as fleetctl command

* update deployment docs

* add changes file

* added tests for package command, run go mod tidy & go mod verify

* validate that package files exist

* comment out msi packaging test until we can investigate github runner permission issues
2021-09-09 01:34:12 -04:00
Zach Wasserman
8a15f6d270
Add codecov to CI (#1824)
This should cause codecov to run on all pull requests and all commits to main.

Currently only doing coverage for Go files.
2021-08-26 09:53:10 -07:00
Zach Wasserman
ffc5c5a91e
Add package-lock.json to .gitignore (#708) 2021-05-03 08:10:27 -07:00
Zach Wasserman
9ec122c249
Backup and restore for development database (#480)
Tooling to make backup and restore of the development database easy.
2021-03-16 08:33:42 -07:00
Zach Wasserman
39fc25cf5c
Refactor cypress tests and expand testing (#450)
- Add cypress commands `setup` and `login`.
- Test setup page.
- Test add new host dialog (MVP establishing testing patterns).
- Add `testing-library/cypress`.
- Add `cypress` directory to lint config.
2021-03-12 11:49:28 -08:00
Gabe Hernandez
0483cc7aaa
Bring in Cypress e2e framework (#380)
Beginning of an e2e testing framework for the fleet application.

This uses [Cypress](https://www.cypress.io/) to implement a first end-to-end test in Fleet.
2021-03-04 14:08:11 -08:00
Gabe Hernandez
4de0090bd3
Add edit column modal feature (#351)
This adds the column toggling to the feature to the host data table.

Co-authored-by: Noah Talerman <noahtal@umich.edu>
2021-02-25 09:13:13 -08:00
Gabe Hernandez
a6c8987200
Feature - add search and sort to host table (#341)
* start adding global search filter

* update polyfill setup to use async await for react-table

* update browerslist to sensible defaults

* get global search functionality woring

* more progress on the data table

* get label network calls working in hostdatatable

* get pagination functionality into the HostDataTable

* get search query making network call

* get ordering making query

* make actual  sort order network calls

* disable cpu column sorting

* seperate get table data from get labels

* fix issues with input resetting and got search query working

* get sort working

* ignore vs code editor settings

* improve loading spinner to move inside the table

* improve styling

* add sorting arrows

* remove unused sorting arrow component

* add host query params to labels endpoint

* fix style for query textarea on label hosts

* got new pagination working

* set server data as source of truth for table global filter

* cleanup logs

* clean up pagination styles

* fix up paginationa and no host styles

* add result count to table

* remove logs

* tweak header styles

* fix to sort order

* simplify default sort direction

* keep sort order of server api responses and use in host table

* clean up logs

* Add styles for header cell and pagination

* fix tests for ManageHostPage

* fix tests for HostContainer

* fix lower level action reducer and thunk tests

* fix tests for hosts client

* fix up some host count styling

* added back no hosts start message

* fix linting errors

* remove unused old pagination code

* add back scrollToTop utility on pagination

* remove unused code in managehostpage test

Co-authored-by: Noah Talerman <noahtal@umich.edu>
2021-02-25 12:05:08 +00:00
James Alseth
3d328db000
Add Helm chart (#250)
Providing a Helm chart makes it easier for users to deploy to Kubernetes.

I think this is good to go, and I've tested deploying to Kind and GKE using the GKE ingress, sql proxy, and managed certificate, but I haven't tested anything AWS related.
2021-02-01 15:46:01 -08:00
Zachary Wasserman
45f6a74740
Allow import of github.com/kolide/fleet (#2213)
Previously a Go package attempting to import Fleet packages would run
into an error like "server/kolide/emails.go:93:23: undefined: Asset".

This commit refactors bindata asset handling to allow importing Fleet as
a library without changing the typical developer experience.
2020-03-29 19:22:04 -07:00
Zachary Wasserman
adf87140a7
Add ability to prefix Fleet URLs (#2112)
- Add the server_url_prefix flag for configuring this functionality
- Add prefix handling to the server routes
- Refactor JS to use appropriate paths from modules
- Use JS template to get URL prefix into JS environment
- Update webpack config to support prefixing

Thanks to securityonion.net for sponsoring the development of this feature.

Closes #1661
2019-10-16 16:40:45 -07:00
Zachary Wasserman
c0d87cb69a Use persistent MySQL for local server, tmpfs MySQL for tests (#1245) 2017-02-17 09:15:10 -08:00
John Murphy
a1a0c91876 Licensing (#1123) 2017-02-03 04:30:59 +08:00
Mike Arpaia
a000751bfe renaming kolide-ose to kolide (#1143) 2017-02-01 10:20:50 -07:00
Jason Meller
35c7fd6e03 Build assets for production (#1022) 2017-01-19 10:24:10 -05:00
Kyle Knight
d9754bde20 Cleanup add host page (#546) 2016-12-09 17:30:32 -05:00
Victor Vrantchan
cf77cac929 pin typescrypt to not update minor version (#597)
ts does not seem to follow SemVer and introduces breaking changes in 2.1
2016-12-08 14:05:41 -05:00
Mike Arpaia
0482f12926 Organizing go code (#241) 2016-09-26 11:48:55 -07:00
Mike Arpaia
58ac5dc191 Removing generated assets from source control (#239) 2016-09-26 10:13:11 -07:00
Jason Meller
55307de42d SCSS Pipeline and style fixes (#229)
* Add SCSS pipeline and fix login style issues

* Fix nav styles and make tests pass

* Fix nav header styles and animations

* Change font-size to 13px on nav

* Fix duplicate specificity of styles
2016-09-23 14:04:01 -04:00
Mike Arpaia
52dee0e379 Removing old gitignore lines (#204) 2016-09-20 06:47:23 -04:00
Jason Meller
5e9f93d08a Add assets folder so we can serve images (#155) 2016-09-12 12:11:18 -04:00
Mike Arpaia
05f8fb3263 Serve frontend in kitserver (#107) 2016-09-05 10:15:58 -04:00
Mike Arpaia
53a1fe8d84 queries and packs services via go-kit (#102)
* osquery services via go-kit

* Visual Studio Code configurations

* create query and pack endpoints

* organizing files more scalably

* modify query and pack endpoints

* delete query and pack endpoints

* get query and pack endpoints

* get all queries and packs endpoints

* add and remove queries from packs

* test stubs

* removing some indirection

* query service tests

* service pack tests

* transport tests

* adding config file flag back

* organizing package kolide

* get queries in pack endpoint

* run tests on 1.7?

* no 1.7 image :(

* typo in circle.yml
2016-09-04 01:13:42 -04:00
Victor Vrantchan
9ab09f122a update user service (#101)
- Added all required methods for a UserService
- Added authentication handlers `/api/login` and `/api/logout`
- Added authMiddleware for authentication for `/api/v1/kolide` path
- Added authorization middleware for each endoint
- Added validation middleware for validating API inputs
- Began work on logging middleware
2016-09-01 00:51:38 -04:00
Mike Arpaia
b8d4c78f62 Integration tests (#90)
* tests for auth endpoints

* create user test and fatals instead of panics

* more tests

* remove init viper config setting

* stubbing

* more tests

* more tests

* organizing auth and users files

* rest of auth tests

* password reset tests
2016-08-19 23:56:49 -07:00
Victor Vrantchan
5d8ca61472 Domain Types (#83)
* create datastore package with New func to create a db connection

* separate creating a user object from saving to db
temporarily pass db around through gin context to compile app
main should create the datastore and pass it in to http handler explicitly instead

* create datastore from config params

* move gorm specific code to gorm.go

* re-export app.NewUser

* test new user

* add User() method for getting a user
temporary, the API will improve once I add filters

refactor test func to use sqlite by default and mysql if available

* add save user

* move some users tests to datastore, temporarily remove user tests from app

* add EnrollHost and test

* move enrollhost to datastore

* all enrollment tests now in datastore

* add datastore_test for re-enroll

* it compiles now...

* move other interfaces to models

* start wrapping errors in database error

* add tests for campaign

* move users to package kolide

* move hosts and passwordrequests

* package kolide

* moving all types to package kolide

* making new osquery endpoints use groob's new pattern
2016-08-18 14:16:44 -07:00