fleet/it-and-security/default.yml
Victor Lyuboslavsky f36b7d4d6d
Use gitops with dogfood. (#17098)
#17043

Set up dogfood to use gitops. I copied the current dogfood
configs/policies/queries into the gitops flow.

Successful workflow run:
https://github.com/fleetdm/fleet/actions/runs/8023101797/job/21918883543?pr=17098

---------

Co-authored-by: Noah Talerman <noahtal@umich.edu>
2024-02-28 10:50:10 -06:00

87 lines
2.3 KiB
YAML

agent_options:
path: ./lib/agent-options.yml
controls:
enable_disk_encryption: true
macos_migration:
enable: true
mode: voluntary
webhook_url: $DOGFOOD_MACOS_MIGRATION_WEBHOOK_URL
macos_settings:
custom_settings: null
macos_setup:
bootstrap_package: ""
enable_end_user_authentication: false
macos_setup_assistant: null
macos_updates:
deadline: "2023-06-13"
minimum_version: 13.4.1
windows_enabled_and_configured: true
windows_settings:
custom_settings: []
windows_updates:
deadline_days: 3
grace_period_days: 2
scripts: []
org_settings:
features:
enable_host_users: true
enable_software_inventory: true
fleet_desktop:
transparency_url: https://fleetdm.com/transparency
host_expiry_settings:
host_expiry_enabled: false
host_expiry_window: 7
integrations:
jira: [ ]
zendesk: [ ]
mdm:
apple_bm_default_team: $DOGFOOD_APPLE_BM_DEFAULT_TEAM
org_info:
contact_url: https://fleetdm.com/company/contact
org_logo_url: ""
org_logo_url_light_background: ""
org_name: Fleet Device Management
secrets:
- secret: $DOGFOOD_GLOBAL_ENROLL_SECRET
server_settings:
debug_host_ids:
- 1
- 3
deferred_save_host: false
enable_analytics: true
live_query_disabled: false
query_reports_disabled: false
scripts_disabled: false
server_url: https://dogfood.fleetdm.com
sso_settings:
enable_jit_provisioning: true
enable_jit_role_sync: false
enable_sso: true
enable_sso_idp_login: false
entity_id: dogfood.fleetdm.com
idp_image_url: ""
idp_name: Google
issuer_uri: $DOGFOOD_SSO_ISSUER_URI
metadata: |-
$DOGFOOD_SSO_METADATA
metadata_url: ""
webhook_settings:
failing_policies_webhook:
destination_url: $DOGFOOD_FAILING_POLICIES_WEBHOOK_URL
enable_failing_policies_webhook: true
host_batch_size: 0
policy_ids: []
host_status_webhook:
days_count: 1
destination_url: ""
enable_host_status_webhook: false
host_percentage: 25
interval: 1m0s
vulnerabilities_webhook:
destination_url: $DOGFOOD_VULNERABILITIES_WEBHOOK_URL
enable_vulnerabilities_webhook: true
host_batch_size: 0
policies:
queries:
- path: ./lib/collect-fleetd-update-channels.queries.yml