Commit Graph

263 Commits

Author SHA1 Message Date
Robert Fairburn
f0c12bbf5d
Re-enable ABM (#15979)
This turns back on ABM now that we have the new cert and token.
2024-01-09 10:48:14 -06:00
Robert Fairburn
e10ab0f99b
Disable ABM until cert is renewed (#15973) 2024-01-08 18:31:07 -06:00
Robert Fairburn
ef842e5c4f
Update loadtesting RDS module to allow for a db parameter gorup (#15882) 2024-01-08 11:18:32 -06:00
Robert Fairburn
4c16e08a80
Update dogfood to use new downtime migrations (#15935)
This should be put in place prior to pushing the release or an RC to
dogfood.
2024-01-05 14:01:41 -06:00
dependabot[bot]
736ea4b1e3
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 in /infrastructure/sandbox/PreProvisioner/lambda (#15842)
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git)
from 5.4.2 to 5.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's
releases</a>.</em></p>
<blockquote>
<h2>v5.11.0</h2>
<h2>What's Changed</h2>
<ul>
<li>git: validate reference names (<a
href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by
<a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li>
<li>git: stop iterating at oldest shallow when pulling. Fixes <a
href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by
<a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li>
<li>plumbing: object, enable renames in getFileStatsFromFilePatches by
<a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li>
<li>storage: filesystem, Add option to set a specific FS for alternates
by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li>
<li>Align worktree validation with upstream and remove build warnings by
<a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li>
<li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p>
<h2>v5.10.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Worktree, ignore ModeSocket files by <a
href="https://github.com/steiler"><code>@​steiler</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li>
<li>git: add tracer package by <a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li>
<li>remote: Flip clause for fast-forward only check by <a
href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li>
<li>plumbing: transport/ssh, Fix nil pointer dereference caused when an
unreachable proxy server is set. Fixes <a
href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by
<a href="https://github.com/anandf"><code>@​anandf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li>
<li>plumbing: uppload-server-info, implement upload-server-info by <a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li>
<li>plumbing: optimise memory consumption for filesystem storage by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li>
<li>plumbing: format/packfile, Refactor patch delta by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li>
<li>plumbing: fix empty uploadpack request error by <a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li>
<li>plumbing: transport/git, Improve tests error message by <a
href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li>
<li>plumbing: format/pktline, Respect pktline error-line errors by <a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li>
<li>utils: remove ioutil.Pipe and use std library io.Pipe by <a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li>
<li>utils: move trace to utils by <a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li>
<li>cli: separate go module for cli by <a
href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a>
in <a
href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li>
<li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li>
<li>build: bump actions/setup-go from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li>
<li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li>
<li>build: bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li>
<li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li>
<li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li>
<li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li>
<li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/anandf"><code>@​anandf</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li>
<li><a href="https://github.com/steiler"><code>@​steiler</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p>
<h2>v5.10.0</h2>
<h2>What's Changed</h2>
<ul>
<li>PlainInitOptions.Bare and allow using InitOptions with
PlainInitWithOptions by <a
href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a
href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5d08d3bd94"><code>5d08d3b</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/958">#958</a>
from pjbgf/workval</li>
<li><a
href="5bd1d8f4ab"><code>5bd1d8f</code></a>
build: Ensure checkout is the first operation</li>
<li><a
href="b2c1982477"><code>b2c1982</code></a>
git: worktree, Align validation with upstream rules</li>
<li><a
href="cec7da63ca"><code>cec7da6</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/953">#953</a>
from pjbgf/alternates</li>
<li><a
href="8b47ceb1aa"><code>8b47ceb</code></a>
storage: filesystem, Add option to set a specific FS for alternates</li>
<li><a
href="4f61489104"><code>4f61489</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/941">#941</a>
from djmoch/filestats-rename</li>
<li><a
href="ae552ce0bf"><code>ae552ce</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/939">#939</a>
from dhoizner/fix-pull-after-shallow</li>
<li><a
href="cc1895b905"><code>cc1895b</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/950">#950</a>
from aymanbagabas/validate-ref</li>
<li><a
href="de1d5a5978"><code>de1d5a5</code></a>
git: validate reference names</li>
<li><a
href="d87110b492"><code>d87110b</code></a>
Merge pull request <a
href="https://redirect.github.com/go-git/go-git/issues/948">#948</a>
from go-git/dependabot/go_modules/cli/go-git/github.c...</li>
<li>Additional commits viewable in <a
href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/fleetdm/fleet/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-02 10:44:03 -06:00
Luke Heath
f5af49f766
Prepare v4.42.0 (#15812) 2023-12-21 15:30:40 -06:00
Robert Fairburn
fc4646670e
Dogfood: Migrations to depend on new geolite2 image (#15804) 2023-12-21 14:19:22 -06:00
Robert Fairburn
255bcd8002
GeoLite2 addon for Dogfood and Cloud (#15643) 2023-12-14 13:22:11 -06:00
Robert Fairburn
e064b58724
ECR Repo and images for osquery in dogfood-free (#15516) 2023-12-13 11:52:57 -06:00
Roberto Dip
6353849004
update Go to 1.21.5 (#15592)
for https://github.com/fleetdm/fleet/issues/15584

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
2023-12-13 13:57:12 -03:00
Roberto Dip
e24070b33a
adjust the loadtesting docs (#15526)
minor changes after running a loadtest
2023-12-08 16:15:18 -03:00
Luke Heath
3dc40d667e
Prepare v4.41.1 (#15500) 2023-12-07 16:06:17 -06:00
Robert Fairburn
b31e45244d
Some loadtesting improvements to solve common issues (#15360) 2023-11-30 16:36:04 -06:00
Robert Fairburn
5a99186fe2
Some documentation updates (#15369) 2023-11-29 17:23:49 -06:00
Robert Fairburn
1609c0fcb5
Increase dogfood containers to avoid vulnerabilities failures (#15357) 2023-11-29 09:06:41 -06:00
Luke Heath
f6cb052e7a
Prepare v4.41.0 (#15350) 2023-11-28 19:18:05 -06:00
Robert Fairburn
bd9236b705
Dogfood free fix (#15327)
This allows the image specified to also update the free deployment when
using the github action.
2023-11-27 16:52:51 -06:00
Benjamin Edwards
a77016d67c
Dogfood Free (#15326)
Creating free.fleetdm.com hosted in the same terraform workspace as
dogfood and thus will be controlled by dogfood deploys
2023-11-27 16:39:36 -05:00
Robert Fairburn
65edda3cf0
Use latest tf modules with dogfood (#15308) 2023-11-27 07:59:39 -06:00
Robert Fairburn
61a0dd4937
Host IDP Metadata in dogfood/s3 (#15132) 2023-11-14 13:45:32 -06:00
Luke Heath
8dbe690026
Prepare v4.40.0 (#14940) 2023-11-06 16:49:21 -06:00
dependabot[bot]
255ab88b8d
Bump golang.org/x/net from 0.10.0 to 0.17.0 in /infrastructure/sandbox/JITProvisioner/lambda (#14477) 2023-11-03 14:28:43 -05:00
dependabot[bot]
1fb08110e9
Bump golang.org/x/net from 0.7.0 to 0.17.0 in /infrastructure/sandbox/JITProvisioner/ingress_destroyer (#14475) 2023-11-03 14:27:52 -05:00
dependabot[bot]
b99ff2f464
Bump golang.org/x/net from 0.7.0 to 0.17.0 in /infrastructure/sandbox/PreProvisioner/lambda (#14476) 2023-11-03 14:27:16 -05:00
Robert Fairburn
7b31344988
Dogfood github actions and monitoring module fixes (#14875)
These items fix the github action for use with the updates to the
monitoring module.

Additionally there were some changes needed to the monitoring module to
make it behave inside the GH action.

Once this is approved/merged, the new tag for them monitoring module
will be created as `tf-mod-addon-monitoring-v1.1.1`
2023-11-01 16:34:13 -05:00
dependabot[bot]
f988ef8532
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.28.0 to 0.44.0 in /infrastructure/sandbox/JITProvisioner/lambda (#14586) 2023-11-01 13:25:47 -05:00
Robert Fairburn
b74f2c059c
initial fleet-cron monitoring script (#14579) 2023-11-01 12:01:02 -05:00
Lucas Manuel Rodriguez
3122d93ce4
loadtesting: Redirect osquery results and status logs to /dev/null (#14848)
This is to avoid firehose (rate limit) errors when load testing query
reports with thousands of hosts. (And may reduce cost by storing logs
nowhere.)

Thanks @rfairburn:
https://github.com/fleetdm/fleet/pull/14754#issuecomment-1788887575
2023-11-01 12:11:21 -03:00
dependabot[bot]
2d73d26bcf
Bump google.golang.org/grpc from 1.55.0 to 1.56.3 in /infrastructure/sandbox/JITProvisioner/lambda (#14744) 2023-10-31 14:26:05 -05:00
Robert Fairburn
dae94c3129
Fix ACL Errors (#14525) 2023-10-27 10:20:07 -05:00
Luke Heath
653aeceb06
Prepare v4.39.0 (#14647) 2023-10-26 15:07:58 -05:00
Roberto Dip
ad9e30f120
Update Go to v1.21.3 (#14634)
for #14633
2023-10-19 10:01:05 -03:00
Robert Fairburn
eb0babe51a
Sandbox-v4.38.1 (#14524) 2023-10-13 15:35:42 -05:00
Lucas Manuel Rodriguez
910e26b93e
Amend loadtesting terraform docs (#14549) 2023-10-13 17:05:00 -03:00
Roberto Dip
e46e83baf8
upgrade Go to 1.21.1 for infra (#13878)
related to #13715, this updates the infra dependencies for the general
go upgrade that's happening at
https://github.com/fleetdm/fleet/pull/13877

I'm thinking we probably want to merge this after we're sure that
everything works well, maybe even after we have a release with go 1.21.1
out, so I'm making a separate PR.

---------

Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
2023-10-12 21:09:17 -05:00
Luke Heath
191348208e
Update contact instructions (#14333) 2023-10-05 15:09:09 -05:00
Roberto Dip
6702e3ddb8
prepare v4.38.1 (#14303) 2023-10-05 11:13:24 -05:00
Robert Fairburn
0f4e24a40a
Initial saml-auth-proxy code. (#14017) 2023-09-28 12:48:57 -05:00
Luke Heath
6807cfe897
Prepare v4.38.0 (#14123) 2023-09-25 16:43:52 -05:00
Martin Angers
1ce9eb5976
Fix invalid digest used in loadtest dockerfile (#13916) 2023-09-13 16:02:33 -04:00
Luke Heath
a745c3a8a8
Prepare Fleet v4.37.0 (#13821) 2023-09-08 13:35:44 -05:00
Zachary Winnerman
075ecf4a62
Add separate kms key for installers (#13786)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes (docs/Using
Fleet/manage-access.md)
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-09-07 07:21:24 -04:00
Robert Fairburn
595ccd376f
Update dogfood mdm module version (#13751) 2023-09-06 15:26:50 -05:00
Robert Fairburn
8a653c1b00
Enable windows mdm on dogfood (#13739) 2023-09-06 11:33:04 -05:00
Robert Fairburn
21b01605ae
Update nginx for redirect container in sandbox (#13509) 2023-09-06 11:16:27 -05:00
Roberto Dip
5ad734d617
upgrade go to v1.19.12 (#13617) 2023-08-31 13:49:24 -05:00
Lucas Manuel Rodriguez
22b879bcef
Add instructions to deploy server code changes to a loadtest env (#13563)
#12696
2023-08-29 11:06:32 -03:00
Luke Heath
1260db9360
Prepare v4.36.0 (#13364) 2023-08-17 16:11:19 -05:00
Luke Heath
21b21abd22
Prepare v4.35.2 (#13273) 2023-08-10 11:35:03 -07:00
Luke Heath
f3b9bcc02a
Prepare v4.35.1 (#13163) 2023-08-10 08:43:52 -07:00