Related to #9571, this adds a new value to both responses which is
calculated when the Fleet server is started, and only set to `true` if
the server is properly configured for MDM.
This helps the UI to determine wether or not we should show certain UI
elements that we only want to show to servers with MDM enabled.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Related to https://github.com/fleetdm/fleet/issues/9588, we now handle 4xx responses from the fleetdm.com server and forward those to the client.
At the time of this commit, the only 4xx response that wasn't already handled by the server is because of an invalid email domain, so we assume that, but we should look into establishing a pattern of error messages with the website instead.
Changes:
- Added a new page: `/upgrade-to-fleet-premium`
- Added a new action `deliver-premium-upgrade-form.js`
- Updated policies, routes, importer.less, and regenerated
cloud.setup.js
.
---------
Co-authored-by: Mike Thomas <mthomas@fleetdm.com>
#8948
- Add more go:generate commands for MDM mocks
- Add unit and integration tests for MDM code
- Move interfaces from their PoC location to match existing patterns
This resolves an issue with adding updates on a macOS 13 machine. It
seems like macOS may have changed the default directory permissions and
these new stricter permissions are compatible with that default.
This is the error that was encountered before these changes:
```
Error: create dst dir for copy: Path staged/targets already exists with
mode 20000000700 instead of the expected 20000000755
```
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
## Make sure authorized users can only a) see and b) access the Controls
page if MDM is enabled
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Found a few typos before publishing on socials - fixed
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
adding new article for splunk , osquery, mitre attck
---------
Co-authored-by: Dave Herder <dave@fleetdm.com>
Co-authored-by: Andrew Baker <89049099+DrewBakerfdm@users.noreply.github.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
See requirements in #8682.
Two assumptions on the implementation (@zayhanlon please take a look):
- Hosts explicitly selected to run always run the live query (no matter
the values on the selectors).
- When selecting `All hosts`, selecting any other platform or label is
kind of a no-op. We should look into graying out all the selectors if
the user selects `All hosts`.
- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [X] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- ~[ ] Documented any permissions changes~
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
- ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
# Follow up for #9349
- Address remaining small styling, directory organization/naming issues,
other than masthead styles, which are addressed separately
# Checklist for submitter
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
# Addresses #9365
# Implements
MDM enrollment modal that handles both automatic and manual enrollment
instructions:
- Automatic:
<img width="1181" alt="Screenshot 2023-01-20 at 4 33 50 PM"
src="https://user-images.githubusercontent.com/61553566/213829293-6d4a5053-9a3c-4f52-8cf8-a6607dc8df4e.png">
- Manual:
<img width="1158" alt="Screenshot 2023-01-20 at 4 35 04 PM"
src="https://user-images.githubusercontent.com/61553566/213829369-73ae779d-14a8-4aa7-9c6a-b97d046d0dc1.png">
- Also includes (by mistake, but might as well include them now) some
small bash scripts for use in MDM development
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`
- [x] Updated testing inventory
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
Closes: https://github.com/fleetdm/fleet/issues/6493
Changes:
- Added a new action, `get-one-rss-feed.js`. This action generates and
returns RSS feeds for article categories on fleetdm.com.
- This action has one required input: `categoryName`.
- Lives at `/rss/[Article Category Name]` e.g.,
`fleetdm.com/rss/releases`
- If `articles` is provided as the category, it returns an RSS feed of
all articles published on our blog.
- Updated `view-basic-article.js` to set an `articleCategorySlug`
variable, that is used to link to the RSS feed for an article category
from an article page.
- Added a "subscribe" button to articles and article category pages that
links to an RSS feed for that category.
Related to #9386 - this should fix one of the three reported problems.
* Add the ability to add exclusion rules to cpe_translations.
* Added exclusion rule for Docs chrome extension.
When the file is provided as an attachment to the Sails helper, it gets
decoded, since we need for the signed CSR to be delivered in base64
format, we doubly encode the contents before sending the email.
Two minor things are happening here:
1. A new direct dependency was added in #9489, this runs `go mod tidy`
to update `go.mod` and `go.sum`
2. `"go.uber.org/atomic"` was automatically imported instead of
`"sys/atomic"` in #9494
There was an issue when the osqueryd instance ran through `orbit shell` attempted to register the same named pipe name used by the osqueryd instance launched by orbit service
