Found while load testing the macOS CIS benchmark policy queries using
`fleetd_tables` as an extension (#10292).
Basically, osqueryd passes the `--verbose` flag to the extension, so we
need to add it here to not fail the extension execution.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Related to #11534 this is an extract from the code I used to build a
prototype to see if `swiftDialog` would work for us.
This is very similar to the work we did for Nudge previously.
https://www.terraform.io/language/files/dependency-lock
```
You should include this file in your version control repository so that you can discuss potential changes to your external dependencies via code review, just as you would discuss potential changes to your configuration itself.
```
* Kickoff documentation for Orbit releasing
* Fixes to the github action
* Missing follow redirect on curl
* Run osqueryd --version to verify before uploading artifacts
* Use cmd as shell for windows-latest runner
* Final set of changes to the guide
* Add (beta) support for Fleet Desktop to linux
* Add dependency for linux desktop
* Amend makefile uname check
* Clarify env vars used for linux in execuser
* Add final set of fixes
* Remove -it from docker run
* Add desktop to the update runner for Linux
* Re-arrange tag.gz and fix upgrade check for linux desktop
Allows identification of which Orbit versions are in use from the update
server.
Refactored the build information into a separate `package build` to
support importing it from multiple places.
* WIP
* WIP2
* Fix orbit and fleetctl tests
* Amend macos-app default
* Add some fixes
* Use fleetctl updates roots command
* Add more fixes to Updater
* Fixes to app publishing and downloading
* Add more changes to support fleetctl cross generation
* Amend comment
* Add pkg generation to ease testing
* Make more fixes
* Add changes entry
* Add legacy targets (until our TUF system exposes the new app)
* Fix fleetctl preview
* Fix bool flag
* Fix orbit logic for disabled-updates and dev-mode
* Fix TestPreview
* Remove constant and fix zip-slip attack (codeql)
* Return unknown error
* Fix updater's checkExec
* Add support for executable signing in init_tuf.sh
* Try only signing orbit
* Fix init_tuf.sh targets, macos-app only for osqueryd
* Specify GOARCH to support M1s
* Add workflow to generate osqueryd.app.tar.gz
* Use 5.2.2 on init_tuf.sh
* Add unit test for tar.gz target
* Use artifacts instead of releases
* Remove copy paste residue
* Fleet Desktop Packaging WIP
* Ignore gosec warning
* Trigger on PR too
* Install Go in workflow
* Pass url parameter to desktop app
* Fix fleetctl package
* Final set of changes for v1 of Fleet Desktop
* Add changes
* PR fixes
* Fix CI build
* add larger menu bar icon
* Add transparency item
* Delete host_device_auth entry on host deletion
* Add SetTargetChannel
* Update white logo and add desktop to update runner
* Add fleet-desktop monitoring to orbit
* Define fleet-desktop app exec name
* Fix update runner creation
* Add API test before enabling the My device menu item
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
* Add CentOS parsing and post-processing in fleet
* Add tests and amend SyncCPEDatabase
* Add test for centosPostProcessing
* Changes from PR comments
* Amend software test
* Fix sync test
* Add index to source and vendor
* Use os.MkdirTemp
* Rearrange migrations
* Regenerate test schema
* Add support for testing migrations (#4112)
* Add support for testing migrations
* Rename migration in tests
* Changes suggested in PR
* Go mod tidy
This only effects contributor experience.
- Run Docker dependencies and Webpack when opening project.
- Run/debug configs for Fleet server and UI.
- Basic settings.
* added package command from orbit as fleetctl command
* update deployment docs
* add changes file
* added tests for package command, run go mod tidy & go mod verify
* validate that package files exist
* comment out msi packaging test until we can investigate github runner permission issues
Beginning of an e2e testing framework for the fleet application.
This uses [Cypress](https://www.cypress.io/) to implement a first end-to-end test in Fleet.
* start adding global search filter
* update polyfill setup to use async await for react-table
* update browerslist to sensible defaults
* get global search functionality woring
* more progress on the data table
* get label network calls working in hostdatatable
* get pagination functionality into the HostDataTable
* get search query making network call
* get ordering making query
* make actual sort order network calls
* disable cpu column sorting
* seperate get table data from get labels
* fix issues with input resetting and got search query working
* get sort working
* ignore vs code editor settings
* improve loading spinner to move inside the table
* improve styling
* add sorting arrows
* remove unused sorting arrow component
* add host query params to labels endpoint
* fix style for query textarea on label hosts
* got new pagination working
* set server data as source of truth for table global filter
* cleanup logs
* clean up pagination styles
* fix up paginationa and no host styles
* add result count to table
* remove logs
* tweak header styles
* fix to sort order
* simplify default sort direction
* keep sort order of server api responses and use in host table
* clean up logs
* Add styles for header cell and pagination
* fix tests for ManageHostPage
* fix tests for HostContainer
* fix lower level action reducer and thunk tests
* fix tests for hosts client
* fix up some host count styling
* added back no hosts start message
* fix linting errors
* remove unused old pagination code
* add back scrollToTop utility on pagination
* remove unused code in managehostpage test
Co-authored-by: Noah Talerman <noahtal@umich.edu>
Providing a Helm chart makes it easier for users to deploy to Kubernetes.
I think this is good to go, and I've tested deploying to Kind and GKE using the GKE ingress, sql proxy, and managed certificate, but I haven't tested anything AWS related.
Previously a Go package attempting to import Fleet packages would run
into an error like "server/kolide/emails.go:93:23: undefined: Asset".
This commit refactors bindata asset handling to allow importing Fleet as
a library without changing the typical developer experience.
- Add the server_url_prefix flag for configuring this functionality
- Add prefix handling to the server routes
- Refactor JS to use appropriate paths from modules
- Use JS template to get URL prefix into JS environment
- Update webpack config to support prefixing
Thanks to securityonion.net for sponsoring the development of this feature.
Closes#1661
* Add SCSS pipeline and fix login style issues
* Fix nav styles and make tests pass
* Fix nav header styles and animations
* Change font-size to 13px on nav
* Fix duplicate specificity of styles
* osquery services via go-kit
* Visual Studio Code configurations
* create query and pack endpoints
* organizing files more scalably
* modify query and pack endpoints
* delete query and pack endpoints
* get query and pack endpoints
* get all queries and packs endpoints
* add and remove queries from packs
* test stubs
* removing some indirection
* query service tests
* service pack tests
* transport tests
* adding config file flag back
* organizing package kolide
* get queries in pack endpoint
* run tests on 1.7?
* no 1.7 image :(
* typo in circle.yml
- Added all required methods for a UserService
- Added authentication handlers `/api/login` and `/api/logout`
- Added authMiddleware for authentication for `/api/v1/kolide` path
- Added authorization middleware for each endoint
- Added validation middleware for validating API inputs
- Began work on logging middleware
* tests for auth endpoints
* create user test and fatals instead of panics
* more tests
* remove init viper config setting
* stubbing
* more tests
* more tests
* organizing auth and users files
* rest of auth tests
* password reset tests