This fixes a bug in which the frontend expected the entity ID to be returned in the response body of a deletion request. Because the API does not do this (and we don't want to make it do this), the ID needs to be made available for updating the UI after the request returns.
Fixes#1398
- Set default database character set to utf8mb4
- Convert character sets for each table to utf8mb4
- Use utf8mb4 as charset in connection string
Closes#1268
* Lower HTTP timeout settings.
In an effort to provide a more resilient web server, timeouts are more strictly enforced by the Kolide HTTP server (regardless of whether or not you're using the built-in TLS termination). If your Kolide environment is particularly latent and you observe requests timing out, contact us at [help@kolide.co](mailto:help@kolide.co).
* Harden TLS server settings.
For customers using Kolide's built-in TLS server (if the `server.tls` configuration is `true`), the server was hardened to only accept modern cipher suites as recommended by [Mozilla](https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility).
Improve the mechanism used to calculate whether or not hosts are online.
Previously, hosts were categorized as "online" if they had been seen within the past 30 minutes. To make the "online" status more representative of reality, hosts are marked "online" if the Kolide server has heard from them within two times the lowest polling interval as described by the Kolide-managed osquery configuration. For example, if you've configured osqueryd to check-in with Kolide every 10 seconds, only hosts that Kolide has heard from within the last 20 seconds will be marked "online".
healthz should only return 200 or 500 response.
returning error messages in the HTTP response can leak sensitive connection information
The exact error is logged by the server instead.
rotate osqueryd logs on SIGHUP
Closes#1256
Note: Sometimes the test fails to rotate the log on SIGHUP, although
that doesn't appear to be the case with a long running process.
After some discussion and debugging with @zwass we agreed to call
t.Log and come back to this issue at a later time.
* Adds tests for the TargetDetails component
* Adds tests for Select Targets Menu
* Rename target_stub to target_mock
* Adds tests for the SelectTargetsDropdown & minor refactor
* Isolate each API entity
* Improve code structure in API client and request mocks
* Standardize on a request mock structure
* Use helper for creating request mocks
* Adds Request class to handle API requests
Use the [SockJS Protocol](https://github.com/sockjs/sockjs-protocol) to handle
bidirectional communication instead of plain websockets. This allows
distributed queries to function in situations in which they previously failed
(Load balancers not supporting websockets, issues with Safari and self-signed
certs, etc.).
Also includes fixes to the JS message handling logic where slightly different
message delivery semantics (when using XHR) were exposing bugs.
Fixes#1241, #1327.
Due to recreating the 'All Hosts' label in #1282, we get inconsistent counts
for hosts that have not checked in since that migration. This seems acceptable
for other labels, but it is important that 'All Hosts' really includes all the
hosts.
This migration adds all the hosts into that label.
Fixes#1329
