https://about.gitlab.com/handbook/product/product-principles/#the-minimal-viable-change-mvc
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Closes: https://github.com/fleetdm/confidential/issues/3356
Changes:
- Updated the `receive-from-stripe` webhook not to throw an error if it
receives an event that stripe sends before we create a subscription
record in the website's database. It will now check if the Stripe
customer referenced in the event matches a User record in the database
and throws an error if it no matching user is found.
#11939
- This PR fixes typos in three CIS Windows queries (the queries were
failing with `invalid SQL syntax`).
- Also adds tooling to perform similar testing that we ran for macOS
(using `fleetd_tables` as an extension).
Updating post-signature actions for consultants, and correcting broken
intake links.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
changelog for the version bump can be found here:
https://github.com/macadmins/osquery-extension/releases/tag/v0.0.15
related to #13158 as this fixes a bug in the extension causing `profiles
show --type enrollment` to be run almost every time we queried something
from the `mdm` table.
I couldn't find any new tables. Other than that, some dependencies were
updated on their repo as well, most notably `osquery/osquery-go`
TUF root keys have been rotated on the server. This brings the default
roots up to date with that newest metadata.
Verified that the new `fleetctl` still builds packages successfully.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Manual QA for all new/changed functionality
<!-- It's not this actually- this is an unrelated issue:
https://github.com/fleetdm/confidential/issues/2187 -->
...
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
Related to #12627
Changes:
- Removed the `docs/deploy/server-installation` page and moved the
content into three deployment guides.
- Updated links to the server installation page
- Renamed the Cloud.gov page ("Cloud.gov" » "Deploy Fleet on Cloud.gov")
- Add instructions for setting up end user migration workflow
- Break out a separate section to default migration workflow for
automatically enrolled (DEP hosts)
- Break out separate end user instructions for manually enrolled hosts,
automatically enrolled hosts - default migration workflow, and
automatically enrolled hosts - end user migration workflow.
#13182
[This PR](https://github.com/fleetdm/osquery-in-a-box/pull/18) in the
osquery-in-a-box repository recently added a new host to the simulated
host list which broke the CI job in the fleetdm/fleet repository.
PR run with this branch:
https://github.com/fleetdm/fleet/actions/runs/5866786432
PS: One of the reasons we had this osquery-in-a-box repository outside
the monorepo was to not break customers using `fleetctl preview`. But
now that we have Fleet Sandbox and we don't encourage users to use
`fleetctl preview`:
1. Does it make sense to have the separate repository?
2. Does it make sense to continue supporting this workflow in CI?
Automation: Try removing trailing slash on `handbook/` in this config to
verify that editing https://github.com/fleetdm/fleet/pull/13196 as me
does put the `#g-ceo` label properly back on this PR.
If that doesn't work, then we need to keep digging into what's wrong.
Closes#13324
Previously, `expectedReviewers` were not built for draft PRs, (they were
left empty) which meant the code for determining whether a PR should get
the #g-ceo label didn't work for PRs that began their life as draft PRs.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md))..
