Roberto Dip
743ac46a09
disable fleetctl preview tests on macos ( #8911 )
2022-12-02 11:29:38 -03:00
Marcos Oviedo
ff9206655a
Fixing UninstallString to properly include msiexec /x call ( #8857 )
...
* Fixing UninstallString to properly include msiexec /x call
2022-11-28 20:18:28 -03:00
Zach Wasserman
efbe4c0777
Update Go to 1.19.3 ( #8525 ) ( #8614 )
...
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
2022-11-08 13:03:23 -03:00
Zach Wasserman
875df496b1
Generate targets for osqueryd 5.6.0 ( #8355 )
2022-11-07 15:15:52 -08:00
Zach Wasserman
1920e64b93
Update Desktop version to 1.3.1 ( #8397 )
2022-11-07 15:15:21 -08:00
Luke Heath
8fb57d365b
Remove cypress dashboard ( #8518 )
2022-11-01 10:32:30 -05:00
Roberto Dip
e5f38f0015
fix integration.yml CI workflow by setting a Go version ( #8516 )
...
We don't have a `matrix.go-version` defined, so the task was using
`go1.17.13` as the default.
This explicitly sets the version to `go1.19.1`, I didn't use a `matrix`
definition because at least for now, we only want to run this test using a
single Go version.
Since I was there, I also updated test-native-tooling-packaging.yml to
use `go1.19.1` too.
2022-11-01 09:34:52 -03:00
Eric
a5ba469e41
update build-storybook step ( #8503 )
2022-10-31 14:02:29 -05:00
Guillaume Ross
75a9419412
8241 trivy ignore file action ( #8345 )
...
* Create .trivyignore
Adding original trivy ignore file. Working to resolve/document more of the findings, especially around go.mod. Will add a github action as well.
* Adding default trivy scan for testing
* Update trivy_scan.yml
Making it manual + daily for now
* Update trivy_scan.yml
updating name
* Renamed + configured Trivy scan
2022-10-31 10:50:29 -04:00
Eric
149a908b82
move build-storybook step ( #8492 )
2022-10-31 09:19:20 -05:00
Roberto Dip
96014148a8
run apt update before installing packages in golangci-lint ( #8487 )
2022-10-31 09:43:26 -03:00
Eric
c6698e242f
Website: Add storybook to Fleet website ( #8203 )
...
* Add build storybook to deploy website workflow
* add assets/storybook folder to .gitignore & .eslintIgnore
* Revert changes to website/.gitignore
* revert whitespace change
* Update deploy-fleet-website.yml
2022-10-28 19:48:14 -05:00
Marcos Oviedo
131cc7eeec
Orbit MSI installer now includes the necessary manifest file to use windows_event_log as a logger_plugin. ( #8343 )
...
* Orbit MSI installer now includes the necessary manifest file to use windows_event_log as a logger_plugin
2022-10-27 10:19:30 -03:00
Marcos Oviedo
8b77939494
Fixed an Orbit MSI installer bug that caused Orbit files not to be removed during uninstallation ( #8333 )
2022-10-25 09:00:37 -03:00
Michal Nicpon
56f3cb62ef
add concurrency to ci ( #8271 )
...
* add concurrency to ci
* add readme for workflows
2022-10-24 14:01:00 -06:00
Lucas Manuel Rodriguez
2bb7661b91
Update Fleet Desktop version to 1.3.0 ( #8202 )
2022-10-21 09:58:03 -07:00
Marcos Oviedo
ec3f49881f
8009 fleet desktop icon duplication ( #8017 )
...
* Adding a new synchronization mechanism between fleet-desktop app and Orbit service. Improved windows service teardown to ensure that fleet-desktop does not get force killed without getting signaled. Improved windows process enumeration to avoid unnecessary delays during windows service start and windows service teardown. Updating windows service to reflect service teardown extra time due to synchronization.
2022-10-13 10:58:37 -03:00
Lucas Manuel Rodriguez
bec3824ddb
Update mk-ca-bundle.pl tool in repository ( #8184 )
...
* Update mk-ca-bundle.pl in repository
* Update certs.pem with new version of mk-ca-bundle.pl
* Add extra check against curl.se site
2022-10-12 12:01:18 -03:00
Roberto Dip
174f894b53
fix migration order check by only checking additions ( #8172 )
...
this modifies the migration order CI check to only check for added files
by:
1. Escaping the blob we give to git, so bash doesn't perform expansion,
this lets git handle the blob matching, which for reasons I don't
fully understand allows to find file renames.
2. Applying `--diff-filter=A`, which makes git only list file additions.
2022-10-11 16:31:40 -03:00
Roberto Dip
2bb4ec2e6d
add script to check for migration order ( #7803 )
...
Related to #6142 , this adds a CI check for the order of migrations.
As I noted in a comment on the workflow file, it's important to keep in mind that some migrations might still go unnoticed even with this check, example:
1. PR1 adds a migration, CI check pass
2. PR2 adds a migration, CI pass, gets merged
3. PR1 can still be merged because the CI checks aren't run again
The check will fail in `main` however, so if we find the current script to be reliable, we could setup a Slack ping or something similar, to make sure somebody takes a look
2022-10-11 15:36:15 -03:00
dependabot[bot]
35ae71502f
Bump actions/setup-go from 3.2.1 to 3.3.0 ( #7470 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](84cbf80943...268d8c0ca0
2022-10-10 18:55:13 -03:00
Michal Nicpon
9056b22874
set default shell in workflows ( #8108 )
...
* wait for mysql in workflows
2022-10-07 09:43:56 -06:00
Lucas Manuel Rodriguez
127d18642d
Run TUF CI checks on ubuntu-latest ( #8088 )
...
* Run TUF CI checks on ubuntu-latest
* Add itself to path
2022-10-05 19:59:11 -03:00
Martin Angers
ec75fb10b2
Fix CI tests for Go ( #8079 )
2022-10-04 15:48:14 -04:00
Eric
fba863f1e1
Update test-website.yml ( #8076 )
2022-10-04 12:52:00 -05:00
Zach Wasserman
44dc5ab175
Add handling for Apple Team ID in Notarization ( #7991 )
...
Fleet's Notarization workflows no longer work without this argument, so this is added as an optional argument for Notarization.
2022-10-04 09:48:21 -07:00
Guillaume Ross
e48fbad3ac
Adding the schema path to the fleet website deployment workflow ( #8063 )
2022-10-03 12:20:30 -04:00
Zachary Winnerman
7e69a34f51
Make the github action fail if used on the main branch ( #7967 )
2022-09-29 17:30:47 +00:00
Martin Angers
7356378d0f
Update hashicorp/aws provider version for loadtesting and add CI validation ( #7937 )
...
* Update hashicorp/aws provider version for loadtesting and add CI validation
* Update name of the new workflow
2022-09-28 09:38:56 -05:00
Zach Wasserman
a106e1af83
Update Fleet Desktop version ( #7961 )
2022-09-27 19:22:40 -07:00
Zach Wasserman
855cca9368
Update notarization to use notarytool ( #7962 )
...
Updating from github.com/mitchellh/gon (old API) to the newer xcrun notarytool.
See https://github.com/fleetdm/fleet/actions/runs/3132173324/jobs/5084249006 for example run.
2022-09-27 08:25:42 -07:00
Marcos Oviedo
381f628be7
Bug 7874: Adding SCM calls to register Orbit as a windows service ( #7934 )
...
* Bug 7874: Adding SCM calls to register Orbit as a windows service
2022-09-27 11:52:41 -03:00
Martin Angers
84903deffb
Remove gotestfmt formatting on CI ( #7939 )
2022-09-26 11:37:21 -04:00
Gabriel Hernandez
fca5ad3158
add edit agent options activity text ( #7695 )
2022-09-23 12:05:07 -04:00
Luke Heath
a6dd4c3d0c
Add Cypress dashboard to CI ( #7899 )
2022-09-22 13:52:22 -05:00
Lucas Manuel Rodriguez
1a6380d590
Fix deprecated virtual runner and golangci-lint deprecated checkers ( #7716 )
2022-09-13 10:48:21 -03:00
Tomas Touceda
8457e55b53
Bump go to 1.19.1 ( #7690 )
...
* Bump go to 1.19.1
* Bump remaining go-version to the 1.19.1
* Add extra paths for test-go
* Oops, putting the right path in the right place
* gofmt file
* gofmt ALL THE THINGS
* Moar changes
* Actually, go.mod doesn't like minor versions
2022-09-12 20:32:43 -03:00
Roberto Dip
2397d744a2
fix conditional clauses to run workflows ( #7580 )
...
In https://github.com/fleetdm/fleet/pull/7399 we accidentally:
1. added a condition to `.github/workflows/fleet-and-orbit.yml` that always evaluates to `false` making this workflow always fail
2. modified the condition of `.github/workflows/fleetctl-preview-latest.yml`
This reverts those changes.
2022-09-06 10:20:45 -03:00
Roberto Dip
43785428fb
add workflow to test for uncommited schema changes ( #7467 )
...
This adds a new workflow to CI in order to test that the PR doesn't contain uncommited schema changes, which are the source of many merge conflicts and developer frustration.
2022-08-31 10:47:58 -03:00
dependabot[bot]
74839bc134
Bump dawidd6/action-download-artifact from 2.22.0 to 2.23.0 ( #7471 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.22.0 to 2.23.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](ea71f332a9...7847792dd4
2022-08-31 07:49:57 -03:00
dependabot[bot]
200ddfaaff
Bump actions/checkout from 2 to 3.0.2 ( #7301 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...2541b1294d2704b0964813337f33b291d3f8596b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-31 07:44:22 -03:00
dependabot[bot]
fda99bf3ca
Bump github/codeql-action from 2.1.17 to 2.1.21 ( #7400 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.21.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0c670bbf04...c7f292ea4f
2022-08-31 07:42:53 -03:00
dependabot[bot]
9e18a33eff
Bump actions/cache ( #7344 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 661fd3eb7f2f20d8c7c84bc2b0509efd7a826628 to 3.0.8. This release includes the previously tagged commit.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](661fd3eb7f...fd5de65bc8
2022-08-31 07:41:09 -03:00
Roberto Dip
715f320be1
reduce scope in which packaging and preview actions are run ( #7429 )
2022-08-29 15:38:30 -03:00
Roberto Dip
3d75ddcdc2
increase the CI timeout to install Docker on macOS ( #7430 )
...
in #7399 we reduced the timeout to 10 minutes, however there are multiple timing out and failing on main on the install docker step.
2022-08-29 12:50:16 -03:00
Michal Nicpon
f7b394b1a3
fix brew install warning ( #7399 )
2022-08-25 15:26:02 -06:00
Zach Wasserman
ecb428a904
Prepare for Orbit 1.1.0 ( #7315 )
2022-08-19 08:27:50 -07:00
Zach Wasserman
abe76968f7
Generate targets for osquery 5.5.1 ( #7290 )
2022-08-19 08:15:24 -07:00
Zach Wasserman
c3ab51bea5
Generate targets for osquery 5.5.0 ( #7265 )
2022-08-18 15:00:58 +00:00
Roberto Dip
05ddeade90
add back-end implementation for SSO JIT provisioning ( #7182 )
...
Related to #7053 , this uses the SSO config added in #7140 to enable JIT provisioning for premium instances.
2022-08-15 14:42:33 -03:00
dependabot[bot]
6f0e0873ca
Bump golang from 1.18.4-bullseye to 1.19.0-bullseye ( #7039 )
...
* Bump golang from 1.18.4-bullseye to 1.19.0-bullseye
Bumps golang from 1.18.4-bullseye to 1.19.0-bullseye.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update other golang deps as well
* Update missing go mods
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
2022-08-10 17:00:01 -03:00
dependabot[bot]
56ea9ee1b3
Bump dawidd6/action-download-artifact from 2.21.1 to 2.22.0 ( #7132 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.21.1 to 2.22.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](6765a42d86...ea71f332a9
2022-08-09 16:02:11 -03:00
Roberto Dip
bfd98557f9
update golangci-lint version ( #7115 )
2022-08-09 15:42:35 -03:00
Roberto Dip
e40c5b02c1
lock Docker version to 4.10.0 on macOS runners ( #7082 )
...
The macOS runners installing Docker are having problems initializing the new Docker version (4.11.0) which effectively blocks PRs with Go code.
This locks the Docker version we install to 4.10.0, which works until we figure out a solution or a new Docker version goes out.
2022-08-05 14:21:54 -03:00
dependabot[bot]
a8a41fce31
Bump github/codeql-action from 2.1.16 to 2.1.17 ( #6952 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3e7e3b32d0...0c670bbf04
2022-08-02 09:18:44 -03:00
Zach Wasserman
b3a575b023
Remove semgrep from Actions ( #6847 )
...
Sadly, this never saw the love it needed to bring value. No opposition
to bringing it back later, but removing it for now.
2022-07-25 10:53:06 -07:00
dependabot[bot]
90e3838134
Bump returntocorp/semgrep-action ( #6828 )
...
Bumps [returntocorp/semgrep-action](https://github.com/returntocorp/semgrep-action ) from 1c1ab0c45ee0495c4ce90cee74ee548e177e054b to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/returntocorp/semgrep-action/releases )
- [Changelog](https://github.com/returntocorp/semgrep-action/blob/develop/CHANGELOG.md )
- [Commits](1c1ab0c45e...ec5cff3867
2022-07-25 08:45:15 -07:00
dependabot[bot]
ff2afa8be0
Bump returntocorp/semgrep-action ( #6483 )
...
Bumps [returntocorp/semgrep-action](https://github.com/returntocorp/semgrep-action ) from 177d02a2d1c3f89e977083f7d979dc946b12323d to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/returntocorp/semgrep-action/releases )
- [Changelog](https://github.com/returntocorp/semgrep-action/blob/develop/CHANGELOG.md )
- [Commits](177d02a2d1...1c1ab0c45e
2022-07-21 18:47:13 -07:00
Eric
47a80ad483
Update deploy fleet website to run when an article has been updated ( #6545 )
2022-07-21 19:01:43 -05:00
Robert Fairburn
126fedfcd3
Allow VPN Access into Dogfood ( #6805 )
2022-07-21 13:38:50 -05:00
Zach Wasserman
a87736de5d
Bump Fleet Desktop version to 1.0.0 ( #6691 )
2022-07-19 08:01:28 -03:00
Lucas Manuel Rodriguez
2d3fff7f59
Do not use deprecated macos-10.15 runner ( #6724 )
2022-07-19 08:00:27 -03:00
Zach Wasserman
c9d173e974
Make targets for osquery 5.4.0 ( #6536 )
2022-07-18 14:25:55 -03:00
dependabot[bot]
ec31f523eb
Bump actions/setup-go from 3.2.0 to 3.2.1 ( #6590 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](b22fbbc292...84cbf80943
2022-07-18 14:24:51 -03:00
dependabot[bot]
f30a31012e
Bump github/codeql-action from 2.1.15 to 2.1.16 ( #6646 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.15 to 2.1.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3f62b754e2...3e7e3b32d0
2022-07-18 14:23:31 -03:00
Roberto Dip
86366b2ed8
add a new S3 datastore to retrieve pre-built packages ( #6631 )
...
Related to #6365 , this extends the datastore/s3 package to retrieve installers from S3 according to the conventions listed in the parent issue. This also includes:
- A minor refactor to decouple Carves-related functionality from the core S3 functionality
- Set-up to run tests using minio (only enabled via the FILE_STORAGE_TEST env flag)
2022-07-14 14:14:24 -03:00
Benjamin Edwards
dc40c80e2e
add tf vars for cloudwatch log retention & rds snapshot backup retention ( #6532 )
...
* add tf vars for cloudwatch log retention & rds snapshot backup retention, update github workflow to deploy new dogfood configurations for new tf vars
* typo and tf fmt
2022-07-11 15:30:36 -04:00
dependabot[bot]
b26a5cdb4e
Bump github.com/open-policy-agent/opa from 0.40.0 to 0.42.0 ( #6537 )
...
* Bump github.com/open-policy-agent/opa from 0.40.0 to 0.42.0
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa ) from 0.40.0 to 0.42.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases )
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-policy-agent/opa/compare/v0.40.0...v0.42.0 )
---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* Include go.* files in tests
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tomas Touceda <chiiph@gmail.com>
2022-07-11 14:58:27 -03:00
Roberto Dip
78fbf4c35a
tag fleetdm/fleetctl docker image before pushing to Hub ( #6585 )
2022-07-11 14:57:54 -03:00
Roberto Dip
6a1724a474
add a workflow to build and push fleetdm/fleetctl images ( #6533 )
2022-07-11 10:32:40 -03:00
Roberto Dip
f7dd8c86cd
implement a docker image to package orbit natively in Linux ( #6504 )
...
Related to #6364 and #6363 , this:
- Adds a new Docker image, `fleetdm/fleetctl` equipped with all necessary dependencies to build Fleet-osquery binaries for all platforms
- Modifies the package generation logic to special case this scenario via an environment variable `FLEETCTL_NATIVE_TOOLING`
- Adds a new GitHub workflow to test this
There are more details in the README, but part of the special-casing logic is in place to output the binaries to a folder named `build` when they are run with `FLEETCTL_NATIVE_TOOLING`, this is so we can persist the binary generated by the docker container via a bind mount:
```bash
docker run -v "$(pwd):/build" fleetdm/fleetctl package --type=msi
```
To test this changeset, I have generated packages for all platforms, both via the new Docker image and via the classic `fleetctl package`.
2022-07-11 09:49:13 -03:00
Lucas Manuel Rodriguez
a336ed61e5
Add gotestfmt to improve test output and fix flaky tests ( #6528 )
2022-07-11 08:12:33 -03:00
Lucas Manuel Rodriguez
e92ea532b6
Orbit to cleanup extension socket at startup ( #6474 )
...
* Orbit to cleanup extension socket at startup
* Remove extra quote
2022-07-01 16:56:37 -03:00
dependabot[bot]
3da9f6cb38
Bump ossf/scorecard-action from 1.0.4 to 1.1.2 ( #6419 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.0.4 to 1.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](c1aec4ac82...ce330fde6b
2022-06-28 18:31:37 -07:00
dependabot[bot]
985eccc442
Bump dawidd6/action-download-artifact from 2.19.0 to 2.21.1 ( #6418 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.19.0 to 2.21.1.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](b2abf17054...6765a42d86
2022-06-28 18:31:16 -07:00
dependabot[bot]
690595f9b3
Bump returntocorp/semgrep-action ( #6417 )
...
Bumps [returntocorp/semgrep-action](https://github.com/returntocorp/semgrep-action ) from 619fcfc626fd7b93e0f350c46e67671f2c962265 to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/returntocorp/semgrep-action/releases )
- [Changelog](https://github.com/returntocorp/semgrep-action/blob/develop/CHANGELOG.md )
- [Commits](619fcfc626...177d02a2d1
2022-06-28 18:30:50 -07:00
dependabot[bot]
c160588ef3
Bump aws-actions/amazon-ecr-login from 1.3.3 to 1.5.0 ( #6404 )
...
Bumps [aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login ) from 1.3.3 to 1.5.0.
- [Release notes](https://github.com/aws-actions/amazon-ecr-login/releases )
- [Changelog](https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md )
- [Commits](aaf69d68aa...b874a33292
2022-06-28 18:30:25 -07:00
dependabot[bot]
314afc694b
Bump tfsec/tfsec-sarif-action from 0.1.0 to 0.1.3 ( #6415 )
...
Bumps [tfsec/tfsec-sarif-action](https://github.com/tfsec/tfsec-sarif-action ) from 0.1.0 to 0.1.3.
- [Release notes](https://github.com/tfsec/tfsec-sarif-action/releases )
- [Commits](56bc584a83...5d34a982aa
2022-06-28 18:29:11 -07:00
dependabot[bot]
39192a2b89
Bump docker/login-action from 1.14.1 to 2 ( #5598 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.1 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](dd4fa0671b...49ed152c8e
2022-06-28 18:27:48 -07:00
dependabot[bot]
c90b4b8d50
Bump github/codeql-action from 2.1.11 to 2.1.15 ( #6416 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.11 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a3a6c128d7...3f62b754e2
2022-06-28 18:26:55 -07:00
dependabot[bot]
15873bfbe2
Bump codecov/codecov-action from 3.0.0 to 3.1.0 ( #5310 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](e3c560433a...81cd2dc814
2022-06-28 18:26:00 -07:00
dependabot[bot]
d317b2792c
Bump returntocorp/semgrep-action ( #5309 )
...
Bumps [returntocorp/semgrep-action](https://github.com/returntocorp/semgrep-action ) from a9f6c903be5b9bc982d6be6f9312146daa4964b5 to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/returntocorp/semgrep-action/releases )
- [Changelog](https://github.com/returntocorp/semgrep-action/blob/develop/CHANGELOG.md )
- [Commits](a9f6c903be...619fcfc626
2022-06-28 18:25:28 -07:00
dependabot[bot]
3b86836c3f
Bump actions/upload-artifact from 3.0.0 to 3.1.0 ( #5835 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](6673cd052c...3cea537223
2022-06-22 16:07:08 -03:00
Zach Wasserman
7cede96089
Generate osqueryd target from DEB package ( #6258 )
...
The DEB packages have a stripped (smaller) binary rather than the
unstripped binary in the tarball.
2022-06-20 11:13:01 -07:00
Zach Wasserman
8228681119
Bump Fleet Desktop version ( #6255 )
2022-06-16 18:34:30 -07:00
Zach Wasserman
12d915531e
Build universal macOS binaries for Orbit ( #6208 )
2022-06-13 19:43:47 -03:00
Zach Wasserman
ca1c8ffd58
Generate targets for osquery 5.3.0 ( #6188 )
2022-06-13 08:04:21 -07:00
Lucas Manuel Rodriguez
4cfeaa1580
Do not use golangci action for better reproducibility (use make lint-go) ( #6175 )
...
* Do not use golangci action for better reproducibility
* Add fix to trigger build
* Fix all reported issues
* fix more lint errors
* Add missing import
* Remove unused method
* Remove change not necessary
2022-06-10 18:52:24 -03:00
Lucas Manuel Rodriguez
33bb7886b6
Add automation for orbit shell (with TUF) ( #5856 )
...
* fix old root dir in orbit
* add changes
* Add automation for orbit shell (with TUF)
* Fix workflow syntax
* Add logging to latest fleetctl preview action
* Add changes to fix workflow
* Use macOS host for TUF server and package generation
* Remove copy/paste if clause
* Fix orbit logs on macOS, Ubuntu
* Simplify TUF and generation of packages
* Set enroll secret instead of getting it
* Increase timeouts
* Add step id
* Fixes to the upload/download of artifacts
* Rearrange steps to not lose the downloads
* Fix copy/paste
* Add fleetctl login step
* Add missing config set
* Fix quotes on Windows
* Increase timeout
* Fix job termination
* Disable FLEET_DESKTOP for now
* Checkout repository on macOS
* Fix logs path
* Enable fleet desktop
* Use cancel, nitpick
Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-06-01 13:54:16 -03:00
dependabot[bot]
e8c61abc92
Bump goreleaser/goreleaser-action from 2.9.1 to 3 ( #5972 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 2.9.1 to 3.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](b953231f81...68acf3b1ad
2022-05-31 13:24:23 -03:00
dependabot[bot]
de3e19e52f
Bump actions/setup-go from 3.0.0 to 3.2.0 ( #5917 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f6164bd8c8...b22fbbc292
2022-05-31 10:13:26 -03:00
Lucas Manuel Rodriguez
5527cf3cef
Add --fleet-desktop to linux packaging on test-integration.yml ( #5926 )
...
* Add --fleet-desktop to linux packaging on test-integration.yml
* Fix --fleet-desktop flag
2022-05-31 07:14:59 -03:00
Zach Wasserman
b9161d008f
Use goreleaser v1.1.0 for Orbit build ( #5934 )
2022-05-26 18:03:15 -07:00
Zach Wasserman
087b85a540
Bump Orbit Go version to 1.18.2 ( #5933 )
2022-05-26 17:32:34 -07:00
Zach Wasserman
023a9b4be6
Update Fleet Desktop version to 0.0.2 ( #5932 )
2022-05-26 17:26:00 -07:00
Zach Wasserman
bcaa95e5a2
Explicitly set goreleaser version in Orbit release ( #5931 )
2022-05-26 17:24:57 -07:00
Benjamin Edwards
58d2b66042
add github action deploy via OIDC credentials ( #5339 )
...
* remove unused iam poilcy attributes and remove github action on pull request, only workflow dispatch will be required
* update github.tf, commenting out all resources, but leaving in place in case someone else wants to use ODIC providers & Github actions
2022-05-25 14:03:29 -04:00
gillespi314
4a4e832d3a
Increase minimum password length to 12 characters ( #5712 )
2022-05-18 12:03:00 -05:00
dependabot[bot]
ade929bc90
Bump github/codeql-action ( #5779 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 75b4f1c4669133dc294b06c2794e969efa2e5316 to 2.1.11. This release includes the previously tagged commit.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](75b4f1c466...a3a6c128d7
2022-05-17 16:36:47 -03:00
Lucas Manuel Rodriguez
d50e97d250
Upload logs on fleetctl preview action ( #5745 )
...
* Upload logs on fleetctl preview action
* Group logs
* Avoid hidden folder
2022-05-16 18:39:31 -03:00
Lucas Manuel Rodriguez
74dfdcb882
Kickoff documentation for Orbit Release Process ( #5544 )
...
* Kickoff documentation for Orbit releasing
* Fixes to the github action
* Missing follow redirect on curl
* Run osqueryd --version to verify before uploading artifacts
* Use cmd as shell for windows-latest runner
* Final set of changes to the guide
2022-05-13 07:15:29 -03:00
dependabot[bot]
85013e87a4
Bump github/codeql-action from 2.1.9 to 2.1.10 ( #5668 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.9 to 2.1.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7502d6e991...75b4f1c466
2022-05-10 18:18:15 -07:00
Lucas Manuel Rodriguez
fda79a8770
Run network test serially to prevent timeouts on Github CI ( #5557 )
...
* Run network test serially to prevent timeouts on Github CI
* Revert lint changes
* Add simple file lock
* Revert test change
* Clarify error check
2022-05-10 11:52:33 -03:00
Lucas Manuel Rodriguez
b6bbbbe186
Add (beta) support for Fleet Desktop to linux ( #5221 )
...
* Add (beta) support for Fleet Desktop to linux
* Add dependency for linux desktop
* Amend makefile uname check
* Clarify env vars used for linux in execuser
* Add final set of fixes
* Remove -it from docker run
* Add desktop to the update runner for Linux
* Re-arrange tag.gz and fix upgrade check for linux desktop
2022-05-04 11:14:12 -03:00
Mike McNeil
0b7e07a9fb
Website: Ignore top level gitignore when deploying ( #5549 )
...
* Website: Ignore top level gitignore when deploying
* Update deploy-fleet-website.yml
2022-05-03 21:05:19 -05:00
Lucas Manuel Rodriguez
a5349672eb
Amend fleetctl package to support /var/lib legacy orbit (legacy would mean <= 0.0.11) ( #5532 )
...
* Add logs to troubleshoot orbit
* Run journalctl on a different step
* Add legacy orbit support to opt version of fleetctl
* Fix macos logs permission error
* Checkout repository
* Compile fleetctl from branch
2022-05-03 16:46:02 -03:00
Lucas Manuel Rodriguez
221232580c
Add fleetctl preview automation for latest changes ( #5485 )
...
* Add fleetctl preview automation for latest changes
* Fix pwd invocation and remove slack notification
* Just run on ubuntu-latest and macos-latest
* Fix path
2022-05-02 13:10:11 -03:00
Lucas Manuel Rodriguez
ed8faa791c
Add slack notification ( #5481 )
...
* Add slack notification
* Fix standard-query-library.yml
2022-05-02 08:42:20 -03:00
Zach Wasserman
26eae438f6
Document supported MySQL versions ( #5421 )
...
- Pin versions in development and CI.
2022-04-27 16:21:16 -07:00
Lucas Manuel Rodriguez
f2e8329e57
Changes to support fleetctl preview with custom TUF server ( #5418 )
2022-04-27 18:17:20 -03:00
dependabot[bot]
86c62a6cc4
Bump github/codeql-action from 2.1.8 to 2.1.9 ( #5419 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.8 to 2.1.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1ed1437484...7502d6e991
2022-04-27 11:57:42 -07:00
Lucas Manuel Rodriguez
f806cbc638
Update slack webhook urls to use new channel ( #5373 )
2022-04-26 14:44:46 -03:00
Zach Wasserman
54ab298363
Upgrade osquery version ( #5353 )
...
In preparation to deploy osquery 5.2.3
2022-04-25 10:47:36 -07:00
Lucas Manuel Rodriguez
77f3513020
Add fleet-desktop test to test-packaging.yml ( #5289 )
...
* Add fleet-desktop test to test-packaging.yml
* Add itself to be able to trigger action
* Use stable
* Add --fleet-desktop flag to integration.yml
2022-04-25 10:21:00 -03:00
Lucas Manuel Rodriguez
15636cd760
Add slack notif when integration test fails ( #5332 )
2022-04-22 14:39:55 -03:00
dependabot[bot]
a856d748bd
Bump returntocorp/semgrep-action ( #5259 )
...
Bumps [returntocorp/semgrep-action](https://github.com/returntocorp/semgrep-action ) from b93bc50eb1bd1a016cf749808608ee465db13f9d to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/returntocorp/semgrep-action/releases )
- [Changelog](https://github.com/returntocorp/semgrep-action/blob/develop/CHANGELOG.md )
- [Commits](b93bc50eb1...a9f6c903be
2022-04-20 16:45:36 -07:00
dependabot[bot]
1cf551be51
Bump akhileshns/heroku-deploy from 3.6.8 to 3.12.12 ( #5217 )
...
Bumps [akhileshns/heroku-deploy](https://github.com/akhileshns/heroku-deploy ) from 3.6.8 to 3.12.12.
- [Release notes](https://github.com/akhileshns/heroku-deploy/releases )
- [Commits](cdd8fc68da...79ef2ae4ff
2022-04-19 17:19:34 -07:00
dependabot[bot]
63df041ecc
Update github/codeql-action requirement to 1ed1437484560351c5be56cf73a48a279d116b78 ( #5213 )
...
Updates the requirements on [github/codeql-action](https://github.com/github/codeql-action ) to permit the latest version.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1ed1437484
2022-04-19 16:52:17 -07:00
dependabot[bot]
45e9b18b5e
Bump actions/setup-go from 2 to 3 ( #5215 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v2...f6164bd8c8acb4a71fb2791a8b6c4024ff038dab )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-19 16:51:42 -07:00
Lucas Manuel Rodriguez
2e7bbf960a
Add pre and post remove scripts for rpm and deb packages ( #5150 )
2022-04-19 09:32:47 -03:00
dependabot[bot]
11b19e1101
Bump returntocorp/semgrep-action ( #5208 )
...
Bumps [returntocorp/semgrep-action](https://github.com/returntocorp/semgrep-action ) from b4ae418326a5e8bd4fc3b0b658695aee09ca0e2a to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/returntocorp/semgrep-action/releases )
- [Changelog](https://github.com/returntocorp/semgrep-action/blob/develop/CHANGELOG.md )
- [Commits](b4ae418326...b93bc50eb1
2022-04-18 19:14:39 -07:00
dependabot[bot]
1a0b39fee3
Bump dawidd6/action-download-artifact from 2.16.0 to 2.19.0 ( #5207 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.16.0 to 2.19.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](09385b76de...b2abf17054
2022-04-18 19:14:13 -07:00
dependabot[bot]
24bc385ede
Bump codecov/codecov-action from 2.1.0 to 3 ( #5206 )
...
* Bump codecov/codecov-action from 2.1.0 to 3
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 2.1.0 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](f32b3a3741...e3c560433a
2022-04-18 19:12:18 -07:00
dependabot[bot]
1187a3fcad
Bump tfsec/tfsec-sarif-action ( #5204 )
...
Bumps [tfsec/tfsec-sarif-action](https://github.com/tfsec/tfsec-sarif-action ) from 7ae00b384bff7f14cfa52cc3c73a5e6807a41398 to 0.1.0. This release includes the previously tagged commit.
- [Release notes](https://github.com/tfsec/tfsec-sarif-action/releases )
- [Commits](7ae00b384b...56bc584a83
2022-04-18 19:11:24 -07:00
dependabot[bot]
a6763210c4
Bump gaurav-nelson/github-action-markdown-link-check ( #4639 )
...
Bumps [gaurav-nelson/github-action-markdown-link-check](https://github.com/gaurav-nelson/github-action-markdown-link-check ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/gaurav-nelson/github-action-markdown-link-check/releases )
- [Commits](9710f0fec8...58f84fd654
2022-04-18 19:11:01 -07:00
dependabot[bot]
d4c864e691
Bump docker/login-action from 1.10.0 to 1.14.1 ( #4638 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.10.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](f054a8b539...dd4fa0671b
2022-04-18 19:09:41 -07:00
dependabot[bot]
83ffcc4b7d
Bump actions/upload-artifact from 2.3.1 to 3 ( #4637 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](82c141cc51...6673cd052c
2022-04-18 19:09:17 -07:00
dependabot[bot]
5e1da4b28a
Bump actions/download-artifact from 2.1.0 to 3 ( #5205 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 2.1.0 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](f023be2c48...fb598a63ae
2022-04-18 18:59:59 -07:00
dependabot[bot]
3fbd017512
Bump goreleaser/goreleaser-action from 2.6.1 to 2.9.1 ( #4636 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 2.6.1 to 2.9.1.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](ac067437f5...b953231f81
2022-04-18 17:55:55 -07:00
dependabot[bot]
87d96c24e1
Bump stefanprodan/helm-gh-pages from 1.4.1 to 1.5.0 ( #4635 )
...
Bumps [stefanprodan/helm-gh-pages](https://github.com/stefanprodan/helm-gh-pages ) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/stefanprodan/helm-gh-pages/releases )
- [Commits](f1701eb82e...b43a8719cc
2022-04-18 17:52:54 -07:00
Zach Wasserman
7cb71bc5a8
Run CodeQL on every commit to main ( #4794 )
...
Practically, we were scanning enough previously (at least once a day, plus any commit that changed source files), but this will help check the box in CII Best Practices.
2022-04-11 11:53:08 -07:00
Zach Wasserman
025d6c7b96
Run CodeQL on all pushes ( #4960 )
...
Even when Go and JS files aren't changed, just to keep the security scanners happy.
2022-04-05 18:10:12 -07:00
Michal Nicpon
74555e4bf4
fix lint workflow ( #4935 )
...
* use go version 1.17 in golanci-lint workflow
2022-04-04 14:14:05 -06:00
Zach Wasserman
7d68f69ab4
Update CodeQL action version and exclude paths ( #4930 )
2022-04-04 12:14:21 -07:00
Lucas Manuel Rodriguez
c82c580716
Orbit: Add Fleet Desktop support to Windows ( #4873 )
...
* Orbit: Add Fleet Desktop support to Windows
* Rename workflow, fix linux build
* Do not compile systray on linux
* nolint on unused
* Fix lint properly
* nolint both checkers
* Fix monitor logic in desktopRunner
* Fix interrupt and execute order
2022-04-01 17:28:51 -03:00
Guillaume Ross
f87fcb544a
Update generate-desktop-app-tar-gz.yml ( #4893 )
...
Removing PR from this action as it contains secrets.
2022-03-31 16:38:44 -04:00
Guillaume Ross
e6c6b7e840
Added explicit read permissions + tweaked permissions ( #4843 )
...
* Added explicit read permissions + tweaked permissions
As a part of #4698 - this should fix the remaining warnings we get from the OSSF scorecard in relation to github workflows. They now all have explicit read permissions with more granular permissions granted in jobs.
* Update tfsec.yml
New workflow that I had not fixed in this PR.
2022-03-28 16:20:31 -04:00
Guillaume Ross
d0f6c9e32d
Adding tfsec for all *.tf pushes ( #4777 )
...
* Create tfsec.yml
Draft tfsec workflow for #4762
* Update tfsec.yml
* Update tfsec.yml
Fixed identation
2022-03-28 15:15:40 -04:00
Guillaume Ross
b94972351f
Adding permissions to some workflows ( #4698 )
...
* Adding permissions to docs.yml and integration.yml
* Update codeql-analysis.yml
Adding top level read permissions to codeql workflow
* Update codeql-analysis.yml
Adding manual dispatch to codeql - to be able to test it easier
* Update deploy-fleet-website.yml
Adding top level read permission + write in the job so it can push the website
* Update test-website.yml
test-website should only need read permissions on content.
* Update fleet-and-orbit.yml
Testing Fleet and Orbit should be fine with top level read access
* Update fleetctl-preview.yml
fleetctl-preview should be fine with just read access at top level
* Update push-osquery-perf-to-ecr.yml
ECR is out of github so read permissions should be enough
* Update semgrep-analysis.yml
semgrep should only need read
* Update test-packaging.yml
Should only need read permission - setting on top
* Update test.yml
Should not need any write access - setting to READ on top.
* Update deploy-fleet-website.yml
Removing git write permission - since this pushes to Heroku not GitHub
* Tweaked as per Zach's comments
Removed some useless restrictions (contents none on a public repo for example)
* Removed meaningless permissions
contents: none - this does not have any security advantage on a public repo
2022-03-25 14:19:42 -04:00
eashaw
666509e634
Ignore FleetDM GitHub project URLs when checking Markdown links ( #4712 )
...
* Add GitHub projects to link check ignorePatterns
* update pattern to exclude private GitHub projects
2022-03-21 17:21:12 -05:00
Zach Wasserman
cc687d9d1e
Add Notarization for Fleet Desktop ( #4720 )
2022-03-21 15:01:50 -07:00
Guillaume Ross
d60ee47545
Securing desktop github workflow ( #4718 )
...
Pinning the dependencies and putting an explicit read only permission on the new desktop github workflow
2022-03-21 15:38:21 -04:00
Lucas Manuel Rodriguez
ecdfd627b6
Fleet Desktop MVP ( #4530 )
...
* WIP
* WIP2
* Fix orbit and fleetctl tests
* Amend macos-app default
* Add some fixes
* Use fleetctl updates roots command
* Add more fixes to Updater
* Fixes to app publishing and downloading
* Add more changes to support fleetctl cross generation
* Amend comment
* Add pkg generation to ease testing
* Make more fixes
* Add changes entry
* Add legacy targets (until our TUF system exposes the new app)
* Fix fleetctl preview
* Fix bool flag
* Fix orbit logic for disabled-updates and dev-mode
* Fix TestPreview
* Remove constant and fix zip-slip attack (codeql)
* Return unknown error
* Fix updater's checkExec
* Add support for executable signing in init_tuf.sh
* Try only signing orbit
* Fix init_tuf.sh targets, macos-app only for osqueryd
* Specify GOARCH to support M1s
* Add workflow to generate osqueryd.app.tar.gz
* Use 5.2.2 on init_tuf.sh
* Add unit test for tar.gz target
* Use artifacts instead of releases
* Remove copy paste residue
* Fleet Desktop Packaging WIP
* Ignore gosec warning
* Trigger on PR too
* Install Go in workflow
* Pass url parameter to desktop app
* Fix fleetctl package
* Final set of changes for v1 of Fleet Desktop
* Add changes
* PR fixes
* Fix CI build
* add larger menu bar icon
* Add transparency item
* Delete host_device_auth entry on host deletion
* Add SetTargetChannel
* Update white logo and add desktop to update runner
* Add fleet-desktop monitoring to orbit
* Define fleet-desktop app exec name
* Fix update runner creation
* Add API test before enabling the My device menu item
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-03-21 14:53:53 -03:00
Guillaume Ross
befbe88eb8
Adding manual execution to ossf scorecard workflow
2022-03-18 14:36:10 -04:00
Guillaume Ross
62d3b9145f
4620 pin action dependencies ( #4622 )
...
* Update build-binaries.yaml
Pin action versions + add read only token to build-binaries.yaml
* Update codeql-analysis.yml
Pin dependencies with hash for codeql-analysis.yml
* Update deploy-fleet-website.yml
Pin dependencies in deploy-fleet-website.yml
* Update docs.yml
Pin dependencies for docs.yml
* Update fleet-and-orbit.yml
Pinning dependencies for fleet-and-orbit.yml
* Update generate-osqueryd-app-tar-gz.yml
Pin dependencies for generate-osqueryd-app-tar-gz.yml
* Pin dependencies in goreleaser workflows
Pinned dependencies in the 3 goreleaser workflows
* Update integration.yml
Pinned dependencies with hash
* Update pr-helm.yaml
Pinned dependencies with hash
* Update push-osquery-perf-to-ecr.yml
Pinned dependencies with a hash
* Update release-helm.yaml
Pinned one dependency with a hash
* Update semgrep-analysis.yml
Pinned dependencies with hashes
* Update test-go.yaml
Pinned dependencies with hash
* Update test-packaging.yml
Pinned dependencies with hashes
* Update test-website.yml
Pinned dependencies with hashes
* Update test.yml
Pinned dependencies with hashes
2022-03-16 15:42:28 -04:00
Guillaume Ross
8700fc6498
Go 1.17.8 ( #4560 )
...
* Go 1.17.8
* Enforcing go minimum 1.17.8
Bumping minimum version in a few more files
2022-03-16 14:56:58 -04:00
Lucas Manuel Rodriguez
f4d3159cc9
Fleetctl to package .app bundles for osquery (and changes for orbit to support them) ( #4393 )
...
* WIP
* WIP2
* Fix orbit and fleetctl tests
* Amend macos-app default
* Add some fixes
* Use fleetctl updates roots command
* Add more fixes to Updater
* Fixes to app publishing and downloading
* Add more changes to support fleetctl cross generation
* Amend comment
* Add pkg generation to ease testing
* Make more fixes
* Add changes entry
* Add legacy targets (until our TUF system exposes the new app)
* Fix fleetctl preview
* Fix bool flag
* Fix orbit logic for disabled-updates and dev-mode
* Fix TestPreview
* Remove constant and fix zip-slip attack (codeql)
* Return unknown error
* Fix updater's checkExec
* Add support for executable signing in init_tuf.sh
* Try only signing orbit
* Fix init_tuf.sh targets, macos-app only for osqueryd
* Specify GOARCH to support M1s
* Add workflow to generate osqueryd.app.tar.gz
* Use 5.2.2 on init_tuf.sh
* Add unit test for tar.gz target
* Use artifacts instead of releases
* Remove copy paste residue
* Trigger workflow on PR
* Fixes to ease handling of artifact
* Fix, do not use target name as dir
* Remove workaround
2022-03-15 16:04:12 -03:00
Guillaume Ross
b620d2b7d8
Fix code scanning issues with golangci-lint.yml ( #4606 )
...
Making permissions more restricted to reduce impact if token leaked, and pinning dependencies more strictly.
2022-03-15 14:44:30 -04:00
Lucas Manuel Rodriguez
29bd76f60d
Add manual dispatch to golangci-lint.yml ( #4440 )
2022-03-03 17:15:17 -03:00
Lucas Manuel Rodriguez
b5be858071
Fix update checks for orbit at startup ( #3835 )
...
* Fix update checks for orbit at startup
* Add tests
* Add scripts for testing local TUF server
* Remove -x used for debugging
2022-02-23 14:58:07 -03:00
Guillaume Ross
0ac0c9de3e
Update scorecards-analysis.yml ( #4322 )
...
Update scorecard analysis version from 1.0.2 to 1.0.4 - has updates on how env variables are handled, need to update and see if it fixes the issue we have with the cron job.
2022-02-22 20:00:41 -05:00
Lucas Manuel Rodriguez
e39ba93a90
Orbit to wait for osqueryd extension manager socket to be ready ( #3836 )
...
* Wait for osquery extension manager socket to be ready
* PR review feedback
* Add WIP Github Action to test orbit
* Set fleet address on fleetctl
* Add logging for troubleshooting
* Add prepare db statement
* Use tls-skip-verify on fleetctl
* Move steps around
* Fix addresses
* Fix fleetctl path
* Add certs.pem to orbit root dir
* Add orbit logs
* Increase timeout
* Add proper orbit log paths
* Fix tmp path orbit
* Add get hosts command to troubleshoot
* Fix orbit job termination
* Add comments to workflows
* Wait for server to go down
* Add orbit Windows job
* Use bash on windws-latest
* Fix missing quote
* Run orbit on Ubuntu
* Bump host count
* Increase timeout for extensions and not terminate on err
* Add comment to clarify high timeout value
* Revert change, we do want to exit in case of err
2022-02-22 15:05:32 -03:00
Lucas Manuel Rodriguez
d8b8794d51
Fix setting of envs for schedule ( #4205 )
...
* Attempt to fix setting of env for schedule
* Revert logic after testing
2022-02-15 09:26:28 -03:00
Lucas Manuel Rodriguez
297dd245ec
Run go tests with -race at night ( #4090 )
...
* Run go tests with race at night
* Add missing run on step
* Fix boolean logic
* Allow manual run for test-go.yaml
* Add slack notification step
* Try global environment variable for cron schedule
* Fix indentation
* Try number 2
* Try setting cron as usual
* Remove global env
* Only send notification in case of failure when running schedule
* Run with race enable to test
* Add more fixes
* Fix github event variable name
* Set timeouts
* Fix slack notification link
* Re-enable if clause
* Last try on Github Actions
* Re-enable the if clause
2022-02-14 16:38:53 -03:00
Lucas Manuel Rodriguez
0ed0c4e27f
Allow manual dispatch of test-go.yml ( #4160 )
2022-02-14 12:13:02 -03:00
Noah Talerman
67827474c2
Prepare for Fleet 4.10.0 ( #4161 )
...
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-02-13 18:13:06 -08:00
Zach Wasserman
96d81596f3
Add GitHub action for updating CA certs bundle ( #4041 )
...
See #4029
2022-02-07 09:44:31 -08:00
Mike McNeil
3f26d650a5
Disable link checking for more sites ( #4000 )
...
gusto, crunchbase, and angellist
relates to https://github.com/fleetdm/fleet/pull/3999#issuecomment-1028545628
2022-02-03 15:14:08 -06:00
Zach Wasserman
a5b2e60075
Update triggers for link check Action ( #3972 )
...
Only check on changes to .md files, nightly, and on manual trigger.
This was generating a lot of false positives in CI.
2022-02-01 18:02:37 -08:00
Guillaume Ross
05431b556a
Configuring OSSF Scorecard ( #3960 )
...
From https://github.com/ossf/scorecard-action#installation
Configuring the OSSF Scorecard on the Fleet repo and configuring it so results are sent back to dashboard and github codescanning alerts.
2022-02-01 09:31:07 -05:00
Zach Wasserman
b9696f67e6
Skip link check for goreportcard.com ( #3805 )
...
It goes down relatively often, causing flaky CI.
2022-01-19 17:56:01 -08:00
Zach Wasserman
be1105757b
Simplify docker publish action ( #3769 )
2022-01-18 18:03:14 -08:00
Zach Wasserman
1782fc7b8f
Build Docker images on push to any branch ( #3756 )
...
Allows for testing release branches and any others.
2022-01-18 12:41:04 -08:00
Zach Wasserman
9c845ec26b
Integration test packaging ( #3633 )
2022-01-13 13:59:22 -08:00
Zach Wasserman
d358c703b8
Only run E2E tests on relevant commits ( #3674 )
2022-01-13 10:48:26 -08:00
Lucas Manuel Rodriguez
49ceee59aa
Add fixes for running tests with mysql:8 and add mysql to test-go job matrix ( #3627 )
...
* Add fixes for running tests with mysql:8
* Add getServer function
* Test github matrix
* Add changes file for the user facing fix
* Remove unused mysql8 docker-compose
2022-01-11 22:44:37 -03:00
Zach Wasserman
b56c620007
Pin actions to commit ( #3566 )
2022-01-04 09:30:02 -08:00
Zach Wasserman
ee96418d82
Add integration test for fleetctl preview ( #3545 )
...
Add nightly and manual job to run `fleetctl preview` and check for enrolled hosts.
Works on macOS and Linux. Windows cannot be tested on GitHub Actions due to lack of Docker Linux support.
2022-01-01 09:24:52 -08:00
Zach Wasserman
404ca8a2bc
Download artifact to build path in staging deploy ( #3540 )
2021-12-30 15:57:51 -08:00
Zach Wasserman
26479ccd3f
Start staging tunnel in background ( #3538 )
2021-12-30 15:00:36 -08:00
Zach Wasserman
e008f70e1f
Fix staging action to deploy Fleet server on PR and merge ( #3531 )
2021-12-30 13:23:39 -08:00
Zach Wasserman
12df9fbfce
Add Fleet server deployment in CI ( #3530 )
...
Still needs further testing as it must be merged to `main` to test it out on GitHub.
2021-12-29 20:29:18 -08:00
Zach Wasserman
ab664e5304
Clean up E2E testing configurations ( #3360 )
2021-12-24 12:18:00 -08:00
Zach Wasserman
46ec514ffc
Remove certificate file after import in Orbit release Action ( #3416 )
...
Otherwise, GoReleaser errors due to a dirty git tree.
2021-12-19 17:43:54 -08:00
Zach Wasserman
698ef79495
Update GitHub goreleaser configuration for Orbit ( #3414 )
2021-12-19 17:37:54 -08:00
Zach Wasserman
4e72ebb68f
Build Orbit releases in GitHub Actions ( #3413 )
...
Complete build including macOS signing+notarization.
2021-12-19 17:06:17 -08:00
Zach Wasserman
cad7674430
Disable fail-fast for E2E test runs ( #3342 )
...
Also update to Go 1.17+
2021-12-12 18:10:06 -08:00
Zach Wasserman
4e7a0ce88a
Upload Cypress recordings/screenshots on E2E failure ( #3341 )
2021-12-12 18:08:07 -08:00
Tomas Touceda
a0404b6736
Add software count API ( #3105 )
...
* Add software count API
* Fix makefile
* Fine no mock generating at this point
* Actually, one last try
* Use go install instead
* Fix go sum/mod
* Improve documentation
* Try setting node to 14
2021-12-03 10:54:17 -03:00
Zach Wasserman
850d36543d
Filter GitHub actions triggers on file types ( #3009 )
...
Reduce the total amount of Actions running by only running actions
relevant to the changes.
2021-11-18 15:14:29 -08:00
Zach Wasserman
8d4416b2d3
Update Go versions to 1.17.2 ( #2805 )
2021-11-04 19:50:00 -07:00
Zach Wasserman
8dc34be3a3
Updates and fixes for packaging ( #2682 )
...
- Fix Windows MSI generation by changing permissions (#2655 ).
- Refactor temp directory initialization.
- Use root user for Wine in WiX Docker container.
- Support .pkg packaging on Linux without dependencies (besides Docker)
2021-10-27 16:17:41 -07:00
Zach Wasserman
27a4fa75d0
Run Actions on patch branches ( #2565 )
2021-10-18 14:49:32 -07:00
Martin Angers
eda6d60be8
Add replicas to the redis docker-compose setup. ( #2511 )
2021-10-18 08:33:26 -04:00
Tomas Touceda
07342e95c9
Need to checkout code explicitly ( #2192 )
2021-09-22 17:26:02 -03:00
Tomas Touceda
1db2acbff7
Add host count input ( #2191 )
2021-09-22 17:21:50 -03:00
Tomas Touceda
8600d71d35
Add osquery perf ( #2190 )
...
* Add osquery perf
* Update dockerfile and gh action
2021-09-22 17:18:55 -03:00
Zach Wasserman
bc3d7fbe2b
Always check doc links in CI ( #2178 )
...
- Check all links on every PR to better avoid broken links.
2021-09-22 10:29:43 -04:00
Zach Wasserman
8b04b84b0c
Fix tagging branch name in development Docker publish ( #2167 )
2021-09-21 14:01:38 -07:00
Benjamin Edwards
bd8cda15ce
Publish development Docker images ( #2114 )
...
Publish Docker images for the following events:
1) A user with write access to the repo opens a PR.
2) Any commit is made to the `main`, or `patch-*` branches.
2021-09-21 13:06:22 -07:00
Zach Wasserman
dd31779aac
Increase timeout for golangci-lint ( #2143 )
2021-09-20 11:13:55 -07:00
Martin Angers
86dce785ae
Improve performance of the Go test suite ( #2060 )
...
Closes #1805
2021-09-20 14:09:38 -04:00
Zach Wasserman
a905cb3be5
Update SSO configuration docs ( #2092 )
...
- Include full example for Google IDP configuration
2021-09-16 12:47:04 -07:00
Mike McNeil
029f67d36b
remove concept of "Detection", for now (in favor of what's coming) ( #2046 )
...
* remove concept of "Detection", for now (in favor of what's coming)
* remove extra --- to make YAML parse properly
* Simplify the check to remove remediation check for now
* Run compile script any time docs or handbook is changed
2021-09-14 11:43:45 -05:00
Tomas Touceda
6d2ae02efd
Rename core->free and basic->premium ( #1870 )
...
* Rename core->free and basic->premium
* Fix lint js
* Comment out portion of test that seems to timeout
* Rename tier to premium if basic is still loaded
2021-09-03 13:05:23 -03:00
Martin Angers
9a0871a2f1
Address issues related to Redis Cluster support ( #1885 )
...
Closes #1847 .
2021-09-01 16:32:57 -04:00
Zach Wasserman
530f913d6a
Run go tests & codecov only on Go PRs ( #1826 )
2021-08-26 11:25:25 -07:00
Zach Wasserman
8a15f6d270
Add codecov to CI ( #1824 )
...
This should cause codecov to run on all pull requests and all commits to main.
Currently only doing coverage for Go files.
2021-08-26 09:53:10 -07:00
Martin Angers
80fb3cb145
Run golangci-lint with the make lint-go target, adjust workflows ( #1778 )
2021-08-24 15:36:50 -04:00
Martin Angers
e61cb7e0db
Configure golangci-lint for the whole repository
...
Add a relatively minimal set of linters that raise safe and
mostly un-opinionated issues with the code. It runs
automatically on CI via a github action.
2021-08-24 13:35:03 -04:00
