diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a50c0c809bf..019abf32b965 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,61 @@ +## Fleet 4.45.0 (Feb 20, 2024) + +### Changes + +* **Endpoint operations**: + - Added two new API endpoints for running provided live query SQL on a single host. + - Added `fleetctl gitops` command for GitOps workflow synchronization. + - Added capabilities to the `gitops` role to support reading queries/policies and writing scripts. + - Updated policy names to be unique per team. + - Updated fleetd-chrome to use the latest wa-sqlite v0.9.11. + - Updated "Add hosts" modal UI to dynamically include the `--enable-scripts` flag. + - Added count of upcoming activities to host vitals UI. + - Updated UI to include upcoming activity counts in host vitals. + - Updated 405 response for `POST` requests on the root path to highlight misconfigured osquery instances. + +* **Device management (MDM)**: + - Added MDM command payloads to the response of `GET /api/_version_/fleet/mdm/commandresults`. + - Changed several MDM-related endpoints to be platform-agnostic. + - Added script capabilities to UI for Linux hosts. + - Added UI for locking and unlocking hosts managed by Fleet MDM. + - Added `fleetctl mdm lock` and `fleetctl mdm unlock` commands. + - Added validation to reject script enqueue requests for hosts without fleetd. + - Added the `host_mdm_actions` DB table for MDM lock and wipe functionality. + - Updated backend MDM migration flow and added logging. + - Updated UI text for disk encryption to reflect cross-platform functionality. + - Renamed and updated fields in MDM configuration profiles for clarity. + - Improved validation of Windows profiles to prevent delivery errors. + - Improved Windows MDM profile error tooltip messages. + - Fixed MDM unlock flow and updated lock/unlock functionality for Windows and Linux. + - Fixed a bug that would cause OS Settings verification to fail with MySQL's `only_full_group_by` mode enabled. + +* **Vulnerability management**: + - Windows OS Vulnerabilities now include a `resolved_in_version` in the `/os_versions` API response. + - Fixed an issue where software from a Parallels VM would incorrectly appear as the host's software. + - Implemented permission checks for software and software titles. + - Fixed software title aggregation when triggering vulnerability scans. + +### Bug fixes and improvements + - Updated text and style across the app for consistency and clarity. + - Improved UI for the view disk encryption key, host details activity card, and "Add hosts" modal. + - Addressed a bug where updating the search field caused unwanted loss of focus. + - Corrected alignment bugs on empty table states for software details. + - Updated URL query parameters to reset when switching tabs. + - Fixed device page showing invalid date for the last restarted. + - Fixed visual display issues with chevron right icons on Chrome. + - Fixed Windows vulnerabilities without exploit/severity from crashing the software page. + - Fixed issues with checkboxes in hidden modals and long enroll secrets overlapping action buttons. + - Fixed a bug with built-in platform labels. + - Fixed enroll secret error messaging showing secret in cleartext. + - Fixed various UI bugs including disk encryption key input icons, alignment issues, and dropdown menus. + - Fixed dropdown behavior in administrative settings and software title/version tables. + - Fixed various UI and style bugs, including issues with long OS names causing table render issues. + - Fixed a bug where checkboxes within a hidden modal were not correctly hidden. + - Fixed vulnerable software dropdown from switching back to all teams. + - Fixed wall_time to report in milliseconds for consistency with other query performance stats. + - Fixed generating duplicate activities when locking or unlocking a host with scripts disabled. + - Fixed how errors are reported to APM to avoid duplicates and improve stack trace accuracy. + ## Fleet 4.44.1 (Feb 13, 2024) ### Bug fixes diff --git a/changes/10476-lock-unlock-api-changes b/changes/10476-lock-unlock-api-changes deleted file mode 100644 index a2f897f8ce6e..000000000000 --- a/changes/10476-lock-unlock-api-changes +++ /dev/null @@ -1 +0,0 @@ -* Added tracking of Windows and Linux' scripts to lock or unlock the host, report the proper current and pending states. diff --git a/changes/13643-fleetctl-gitops b/changes/13643-fleetctl-gitops deleted file mode 100644 index be7855dece47..000000000000 --- a/changes/13643-fleetctl-gitops +++ /dev/null @@ -1,2 +0,0 @@ -Added fleetctl gitops command: -- Synchronize Fleet configuration with provided file. This command is intended to be used in a GitOps workflow. diff --git a/changes/13643-gitops-role b/changes/13643-gitops-role deleted file mode 100644 index d7b4676b6b48..000000000000 --- a/changes/13643-gitops-role +++ /dev/null @@ -1 +0,0 @@ -gitops role can now read queries/policies and write (but not execute) scripts diff --git a/changes/13643-policy-name-uniqueness b/changes/13643-policy-name-uniqueness deleted file mode 100644 index ad220cb29cf7..000000000000 --- a/changes/13643-policy-name-uniqueness +++ /dev/null @@ -1 +0,0 @@ -Policy names are now unique per team -- different teams can have policies with the same name. diff --git a/changes/14444-mdm-migration-debug b/changes/14444-mdm-migration-debug deleted file mode 100644 index e030e3d206b7..000000000000 --- a/changes/14444-mdm-migration-debug +++ /dev/null @@ -1 +0,0 @@ -- Updated backend MDM migration flow and added logging to aid in debugging migration errors. \ No newline at end of file diff --git a/changes/14713-fix-apm-stacktrace-and-duplicates b/changes/14713-fix-apm-stacktrace-and-duplicates deleted file mode 100644 index 46458926727c..000000000000 --- a/changes/14713-fix-apm-stacktrace-and-duplicates +++ /dev/null @@ -1 +0,0 @@ -* Fixed how errors are sent to APM (Elastic) to avoid duplicates, cover more errors in background tasks (cron and worker jobs) and fix the reported stack trace. diff --git a/changes/14850-fix-ui-settings-action-dropdowns b/changes/14850-fix-ui-settings-action-dropdowns deleted file mode 100644 index 22b61a4e22e1..000000000000 --- a/changes/14850-fix-ui-settings-action-dropdowns +++ /dev/null @@ -1 +0,0 @@ -- Fixed UI issues where dropdown menus were not displaying correctly in the administrative settings page. diff --git a/changes/15082-make-endpoints-consistent b/changes/15082-make-endpoints-consistent deleted file mode 100644 index c72bd7b56abb..000000000000 --- a/changes/15082-make-endpoints-consistent +++ /dev/null @@ -1,9 +0,0 @@ -- Changed the following endpoints to be platform-agnostic. The old routes still work but are deprecated. - - POST /mdm/apple/setup/eula was replaced by POST /mdm/setup/eula - - GET /mdm/apple/setup/eula/metadata was replaced by GET /mdm/setup/eula/metadata - - DELETE /mdm/apple/setup/eula/:token was replaced by DELETE /mdm/setup/eula/:token - - GET /mdm/apple/setup/eula/:token was replaced by GET /mdm/setup/eula/:token - - POST /mdm/apple/bootstrap was replaced by POST /mdm/bootstrap - - GET /mdm/apple/bootstrap/:team_id/metadata was replaced by GET /mdm/bootstrap/:team_id/metadata - - DELETE /mdm/apple/bootstrap/:team_id was replaced by DELETE /mdm/bootstrap/:team_id - - GET /mdm/apple/bootstrap/summary was replaced by GET /mdm/bootstrap/summary diff --git a/changes/15283-linux-scripts b/changes/15283-linux-scripts deleted file mode 100644 index cfeb8d85f4d0..000000000000 --- a/changes/15283-linux-scripts +++ /dev/null @@ -1 +0,0 @@ -- Added script capabilities to UI for Linux hosts. \ No newline at end of file diff --git a/changes/15703-wall_time b/changes/15703-wall_time deleted file mode 100644 index 43eb3a6b221a..000000000000 --- a/changes/15703-wall_time +++ /dev/null @@ -1 +0,0 @@ -wall_time is now reported in milliseconds (as opposed to seconds), consistent with other query performance stats. diff --git a/changes/15855-vm-software b/changes/15855-vm-software deleted file mode 100644 index 7cb935cfe86a..000000000000 --- a/changes/15855-vm-software +++ /dev/null @@ -1,2 +0,0 @@ -- Fixes issue where software from a Parallels VM on a MacOS host would show up in Fleet as if it - were the host's software. \ No newline at end of file diff --git a/changes/15893-team-users b/changes/15893-team-users deleted file mode 100644 index dc8fcd801a97..000000000000 --- a/changes/15893-team-users +++ /dev/null @@ -1 +0,0 @@ -- Change verbiage around team members to users \ No newline at end of file diff --git a/changes/16014-add-osquery-db-flag-to-fleetd b/changes/16014-add-osquery-db-flag-to-fleetd deleted file mode 100644 index 0a38db7b0094..000000000000 --- a/changes/16014-add-osquery-db-flag-to-fleetd +++ /dev/null @@ -1 +0,0 @@ -* Add `--osquery-db` flag to `fleetctl package` command to configure a custom directory for osquery's database (`fleetctl package --osquery-db=/path/to/osquery.db`). diff --git a/changes/16051-rename-update-timestamp-mdm-profiles b/changes/16051-rename-update-timestamp-mdm-profiles deleted file mode 100644 index 43aa0d53d50f..000000000000 --- a/changes/16051-rename-update-timestamp-mdm-profiles +++ /dev/null @@ -1 +0,0 @@ -* Renamed the `mdm_windows_configuration_profiles` and `mdm_apple_configuration_profiles` `updated_at` field to `uploaded_at` and removed the automatic setting of the value, set explicity instead. diff --git a/changes/16133-icons b/changes/16133-icons deleted file mode 100644 index 27202b9e1ad5..000000000000 --- a/changes/16133-icons +++ /dev/null @@ -1 +0,0 @@ -* Fix visual display of chevron right icons on Chrome diff --git a/changes/16155-enroll-secret-bug b/changes/16155-enroll-secret-bug deleted file mode 100644 index fc66b23e303b..000000000000 --- a/changes/16155-enroll-secret-bug +++ /dev/null @@ -1 +0,0 @@ -- Fix a bug where long enroll enroll secrets would overlap with the action buttons on top of them. diff --git a/changes/16182-fail-post-to-root b/changes/16182-fail-post-to-root deleted file mode 100644 index caa704a3129c..000000000000 --- a/changes/16182-fail-post-to-root +++ /dev/null @@ -1,5 +0,0 @@ -* Return 405 when receiving `POST` requests on the root path. -WARNING: -We found that misconfigured (empty `logger_tls_endpoint`) osquery instances were sending log results (`POST` requests) to the root path and Fleet was incorrectly returning HTTP 200 responses on such root path. -This version will now return HTTP 405 (Method Not Allowed) when receiving `POST` requests on the root path so that this misconfiguration can be detected by administrators. -If you deploy this version of Fleet and there's log traffic on the root path it could cause increased network usage on your infrastructure because osquery will retry sending the logs and these will accumulate (up to a limit configured by logger flags). Thus, before upgrading, make sure there's no osquery traffic (`POST` requests) to Fleet's root path. diff --git a/changes/16232-resolved-in-version-windows b/changes/16232-resolved-in-version-windows deleted file mode 100644 index 25b24841bea6..000000000000 --- a/changes/16232-resolved-in-version-windows +++ /dev/null @@ -1 +0,0 @@ -- Windows OS Vulnerabilities now include a `resolved_in_version` in the `/os_versions` API response \ No newline at end of file diff --git a/changes/16273-remove-nested-transactions b/changes/16273-remove-nested-transactions deleted file mode 100644 index e7fa044306fe..000000000000 --- a/changes/16273-remove-nested-transactions +++ /dev/null @@ -1 +0,0 @@ -* Removed unnecessary nested database transactions in batch-setting of MDM profiles. diff --git a/changes/16316-windows-xml-validation b/changes/16316-windows-xml-validation deleted file mode 100644 index def14d8ae52c..000000000000 --- a/changes/16316-windows-xml-validation +++ /dev/null @@ -1,5 +0,0 @@ -* Improved the validation of Windows profiles to prevent errors when the - profiles are delivered to the hosts. If you need to embed a nested XML - structure (for example for Wi-Fi profiles) you can either: - - Escape the XML - - Use a wrapping `` element diff --git a/changes/16381-add-hosts-modal-enable-scripts b/changes/16381-add-hosts-modal-enable-scripts deleted file mode 100644 index b3e40d4d0020..000000000000 --- a/changes/16381-add-hosts-modal-enable-scripts +++ /dev/null @@ -1,2 +0,0 @@ -- Updated "Add hosts" modal UI to dynamically include the `--enable-scripts` flag unless scripts are - disabled in the server settings. diff --git a/changes/16382-fleetctl-copy b/changes/16382-fleetctl-copy deleted file mode 100644 index 6b0317202d03..000000000000 --- a/changes/16382-fleetctl-copy +++ /dev/null @@ -1 +0,0 @@ -- Updates the copy in `fleetctl`'s output to reference `fleetd`. \ No newline at end of file diff --git a/changes/16383-lock-cli b/changes/16383-lock-cli deleted file mode 100644 index e78fb887c4bf..000000000000 --- a/changes/16383-lock-cli +++ /dev/null @@ -1,2 +0,0 @@ -- Adds the `fleetctl mdm` commands `lock` and `unlock` -- Adds missing functionality for lock/unlock flows for Windows and Linux \ No newline at end of file diff --git a/changes/16386-host-lock-schema b/changes/16386-host-lock-schema deleted file mode 100644 index a36317345037..000000000000 --- a/changes/16386-host-lock-schema +++ /dev/null @@ -1 +0,0 @@ -- Adds the `host_mdm_actions` DB table to support MDM lock and wipe functionality. \ No newline at end of file diff --git a/changes/16394-fleetd-chrome-runtime-error b/changes/16394-fleetd-chrome-runtime-error deleted file mode 100644 index d6c03976d248..000000000000 --- a/changes/16394-fleetd-chrome-runtime-error +++ /dev/null @@ -1 +0,0 @@ -Updated fleetd-chrome to use the latest wa-sqlite v0.9.11 diff --git a/changes/16416-cmd-debugging b/changes/16416-cmd-debugging deleted file mode 100644 index 9fbfabad1945..000000000000 --- a/changes/16416-cmd-debugging +++ /dev/null @@ -1,4 +0,0 @@ -* Added MDM command payloads to the response of `GET /api/_version_/fleet/mdm/commandresults`. -* Added a new column named "PAYLOAD" to the output of `fleetctl get mdm-command-results` with the request payload. -* Replaced CmdID values in favor of the LocURI for messages for failed profiles. -* Added a new comment over CmdID elements generated by Fleet in Windows profiles and commands to make evident that Fleet is in control of those values. diff --git a/changes/16426-add-upcoming-activity-count b/changes/16426-add-upcoming-activity-count deleted file mode 100644 index 782518c46228..000000000000 --- a/changes/16426-add-upcoming-activity-count +++ /dev/null @@ -1,2 +0,0 @@ -- Updated `GET /api/v1/fleet/hosts/:id/activities/upcoming` response to include the count of all - upcoming activities for the host. diff --git a/changes/16426-host-upcoming-activities-count-ui b/changes/16426-host-upcoming-activities-count-ui deleted file mode 100644 index c82070f23ba0..000000000000 --- a/changes/16426-host-upcoming-activities-count-ui +++ /dev/null @@ -1 +0,0 @@ -- Added count of upcoming activities to host vitals UI. \ No newline at end of file diff --git a/changes/16431-scripts-result-message b/changes/16431-scripts-result-message deleted file mode 100644 index 3d29c82fd130..000000000000 --- a/changes/16431-scripts-result-message +++ /dev/null @@ -1 +0,0 @@ -- Fixes issue where an inaccurate message was returned after running an async (queued) script. \ No newline at end of file diff --git a/changes/16466-transfer-hosts-to-No-team b/changes/16466-transfer-hosts-to-No-team deleted file mode 100644 index d39f7e283bdd..000000000000 --- a/changes/16466-transfer-hosts-to-No-team +++ /dev/null @@ -1 +0,0 @@ -fleetctl can now transfer hosts to No team like: fleetctl hosts transfer --team '' --hosts yourHost diff --git a/changes/16541-create-user-with-bad-team b/changes/16541-create-user-with-bad-team deleted file mode 100644 index 2c92ab6a6063..000000000000 --- a/changes/16541-create-user-with-bad-team +++ /dev/null @@ -1 +0,0 @@ -Improved error message when creating a new user (via API or fleetctl) with a team that does not exist. diff --git a/changes/16569-setup-flow-alignment b/changes/16569-setup-flow-alignment deleted file mode 100644 index 3b8b317bfdef..000000000000 --- a/changes/16569-setup-flow-alignment +++ /dev/null @@ -1 +0,0 @@ -* Fix a small alignment bug in the setup flow diff --git a/changes/16621-obfuscate-enroll-secret b/changes/16621-obfuscate-enroll-secret deleted file mode 100644 index accfff76f3bf..000000000000 --- a/changes/16621-obfuscate-enroll-secret +++ /dev/null @@ -1 +0,0 @@ -When attempting to set an enroll secret which already exists in DB, error message no longer contains the secret in cleartext. diff --git a/changes/16649-ui-activity-disk-encryption b/changes/16649-ui-activity-disk-encryption deleted file mode 100644 index 5ca2a0e06a94..000000000000 --- a/changes/16649-ui-activity-disk-encryption +++ /dev/null @@ -1 +0,0 @@ -- Updated UI text for disk encryption activities to reflect cross-platform functionality. \ No newline at end of file diff --git a/changes/16669-fix-hardcoded-label-bug b/changes/16669-fix-hardcoded-label-bug deleted file mode 100644 index 396dea3ef752..000000000000 --- a/changes/16669-fix-hardcoded-label-bug +++ /dev/null @@ -1 +0,0 @@ -- Fixed built in platform labels bug diff --git a/changes/16672-software-url-states-bug b/changes/16672-software-url-states-bug deleted file mode 100644 index 7fcd985dac0d..000000000000 --- a/changes/16672-software-url-states-bug +++ /dev/null @@ -1,2 +0,0 @@ -- Fix URL query params to reset when switching tabs -- Fix vulnerable software dropdown from switching back to all teams diff --git a/changes/16681-device-last-restarted-bug b/changes/16681-device-last-restarted-bug deleted file mode 100644 index 912291b0316d..000000000000 --- a/changes/16681-device-last-restarted-bug +++ /dev/null @@ -1 +0,0 @@ -- Fix device page showing invalid date for last restarted diff --git a/changes/16700-scripts-disabled-osquery-only b/changes/16700-scripts-disabled-osquery-only deleted file mode 100644 index 3e01f1788712..000000000000 --- a/changes/16700-scripts-disabled-osquery-only +++ /dev/null @@ -1,2 +0,0 @@ -- Added validation to reject requests to enqueue scripts for hosts that do not have fleetd installed - (i.e. plain osquery hosts). diff --git a/changes/16724-capitalization-fixes b/changes/16724-capitalization-fixes deleted file mode 100644 index 90d4c6d635e7..000000000000 --- a/changes/16724-capitalization-fixes +++ /dev/null @@ -1 +0,0 @@ -- Fix title case to sentence case and a few other headers diff --git a/changes/16752-blur-on-software-search b/changes/16752-blur-on-software-search deleted file mode 100644 index ef80c99a39cb..000000000000 --- a/changes/16752-blur-on-software-search +++ /dev/null @@ -1,2 +0,0 @@ -- Fix a bug where updating the search field for the Software titles page caused an unwanted loss of - focus from the search field on rerender. diff --git a/changes/16765-windows-software-vuln-crash b/changes/16765-windows-software-vuln-crash deleted file mode 100644 index 5ecbff968979..000000000000 --- a/changes/16765-windows-software-vuln-crash +++ /dev/null @@ -1 +0,0 @@ -- Fix windows vulnerabilities without exploit/severity from crashing the page when rendered diff --git a/changes/16805-new-live-query-on-host-endpoint b/changes/16805-new-live-query-on-host-endpoint deleted file mode 100644 index 84918569b318..000000000000 --- a/changes/16805-new-live-query-on-host-endpoint +++ /dev/null @@ -1 +0,0 @@ -* Add two new API endpoints to run a live query SQL on one host: `POST /api/latest/fleet/hosts/identifier/{identifier}/query` and `POST /api/_version_/fleet/hosts/{id}/query`. diff --git a/changes/16856-fix-duplicate-activities-lock-unlock-scripts b/changes/16856-fix-duplicate-activities-lock-unlock-scripts deleted file mode 100644 index 0600cc82e2f6..000000000000 --- a/changes/16856-fix-duplicate-activities-lock-unlock-scripts +++ /dev/null @@ -1 +0,0 @@ -* Fixed generating duplicate activities when locking or unlocking a host with scripts disabled. diff --git a/changes/16910-sw-table-breakpoint b/changes/16910-sw-table-breakpoint deleted file mode 100644 index 9bc478cc66a3..000000000000 --- a/changes/16910-sw-table-breakpoint +++ /dev/null @@ -1,2 +0,0 @@ -- Fix a style bug where the controls on the software title and versions table would wrap and bump into - each other. diff --git "a/changes/16912-hide\342\200\223modal-checkboxes" "b/changes/16912-hide\342\200\223modal-checkboxes" deleted file mode 100644 index 100d9ddd869f..000000000000 --- "a/changes/16912-hide\342\200\223modal-checkboxes" +++ /dev/null @@ -1 +0,0 @@ -- Fix a bug where checkboxes within a hidden modal would not be hidden with the rest of the modal content. diff --git a/changes/16941-sw-os-table-overflows b/changes/16941-sw-os-table-overflows deleted file mode 100644 index 502ce6c44f2c..000000000000 --- a/changes/16941-sw-os-table-overflows +++ /dev/null @@ -1 +0,0 @@ -- Fix a bug where long OS names caused the table to render outside its bounds with smaller viewports diff --git a/changes/16942-empty-swversion-swos-details-tables b/changes/16942-empty-swversion-swos-details-tables deleted file mode 100644 index 7b83916600b4..000000000000 --- a/changes/16942-empty-swversion-swos-details-tables +++ /dev/null @@ -1,2 +0,0 @@ -* Fix alignment bugs on the Software > OS > details and Software > Versions > details empty table -states. diff --git a/changes/issue-10477-ui-for-locking-unlocking b/changes/issue-10477-ui-for-locking-unlocking deleted file mode 100644 index 86599a3dd5ec..000000000000 --- a/changes/issue-10477-ui-for-locking-unlocking +++ /dev/null @@ -1 +0,0 @@ -- add UI for locking and unlocking hosts managed by fleet mdm. diff --git a/changes/issue-16052-add-permission-checks-to-software-titles b/changes/issue-16052-add-permission-checks-to-software-titles deleted file mode 100644 index 98c672e5c710..000000000000 --- a/changes/issue-16052-add-permission-checks-to-software-titles +++ /dev/null @@ -1 +0,0 @@ -- Implemented permission checks for endpoints and UI routes related to software and software titles, restricting visibility to team-specific hosts. diff --git a/changes/issue-16417-improve-windows-profile-error-tooltip b/changes/issue-16417-improve-windows-profile-error-tooltip deleted file mode 100644 index 390aae2316c3..000000000000 --- a/changes/issue-16417-improve-windows-profile-error-tooltip +++ /dev/null @@ -1 +0,0 @@ -- improve windows mdm profile error tooltip messages. diff --git a/changes/issue-16747-fix-disk-encryption-key-input b/changes/issue-16747-fix-disk-encryption-key-input deleted file mode 100644 index 32b20e04acae..000000000000 --- a/changes/issue-16747-fix-disk-encryption-key-input +++ /dev/null @@ -1 +0,0 @@ -- fix UI bug for the view disk encryption key input icons diff --git a/changes/jve-lock-host-auth b/changes/jve-lock-host-auth deleted file mode 100644 index 9d842be43e95..000000000000 --- a/changes/jve-lock-host-auth +++ /dev/null @@ -1 +0,0 @@ -- Adds authorization tests for the MDM lock and unlock features. \ No newline at end of file diff --git a/changes/jve-macos-special-case b/changes/jve-macos-special-case deleted file mode 100644 index 33be35ffbed7..000000000000 --- a/changes/jve-macos-special-case +++ /dev/null @@ -1,2 +0,0 @@ -- Updates the MDM unlock flow to allow the PIN to unlock MacOS machines to be viewed as many times -as needed. \ No newline at end of file diff --git a/changes/lock-perms-docs b/changes/lock-perms-docs deleted file mode 100644 index b326b18431fb..000000000000 --- a/changes/lock-perms-docs +++ /dev/null @@ -1 +0,0 @@ -- Updates the permissions docs to include permissions for lock/unlock/wipe actions on a host. \ No newline at end of file diff --git a/changes/profiles-fix b/changes/profiles-fix deleted file mode 100644 index dfd4ed028786..000000000000 --- a/changes/profiles-fix +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug that would cause OS Settings to never get verified if the MySQL config of Fleet's database has `only_full_group_by` mode enabled (enabled by default). diff --git a/charts/fleet/Chart.yaml b/charts/fleet/Chart.yaml index a4f768464367..973a09604905 100644 --- a/charts/fleet/Chart.yaml +++ b/charts/fleet/Chart.yaml @@ -8,7 +8,7 @@ version: v6.0.2 home: https://github.com/fleetdm/fleet sources: - https://github.com/fleetdm/fleet.git -appVersion: v4.44.1 +appVersion: v4.45.0 dependencies: - name: mysql condition: mysql.enabled diff --git a/charts/fleet/values.yaml b/charts/fleet/values.yaml index 89dd2fad4cdc..d4e7f8ec2452 100644 --- a/charts/fleet/values.yaml +++ b/charts/fleet/values.yaml @@ -2,7 +2,7 @@ # All settings related to how Fleet is deployed in Kubernetes hostName: fleet.localhost replicas: 3 # The number of Fleet instances to deploy -imageTag: v4.44.1 # Version of Fleet to deploy +imageTag: v4.45.0 # Version of Fleet to deploy podAnnotations: {} # Additional annotations to add to the Fleet pod serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account resources: diff --git a/infrastructure/dogfood/terraform/aws/variables.tf b/infrastructure/dogfood/terraform/aws/variables.tf index 18c0d6541954..dc5e1f6af95b 100644 --- a/infrastructure/dogfood/terraform/aws/variables.tf +++ b/infrastructure/dogfood/terraform/aws/variables.tf @@ -56,7 +56,7 @@ variable "database_name" { variable "fleet_image" { description = "the name of the container image to run" - default = "fleetdm/fleet:v4.44.1" + default = "fleetdm/fleet:v4.45.0" } variable "software_inventory" { diff --git a/infrastructure/dogfood/terraform/gcp/variables.tf b/infrastructure/dogfood/terraform/gcp/variables.tf index 2148d56d5864..c859c1a39a9c 100644 --- a/infrastructure/dogfood/terraform/gcp/variables.tf +++ b/infrastructure/dogfood/terraform/gcp/variables.tf @@ -68,5 +68,5 @@ variable "redis_mem" { } variable "image" { - default = "fleet:v4.44.1" + default = "fleet:v4.45.0" } diff --git a/infrastructure/sandbox/JITProvisioner/jitprovisioner.tf b/infrastructure/sandbox/JITProvisioner/jitprovisioner.tf index f7a1daea08b6..a8949bfc3cde 100644 --- a/infrastructure/sandbox/JITProvisioner/jitprovisioner.tf +++ b/infrastructure/sandbox/JITProvisioner/jitprovisioner.tf @@ -206,7 +206,7 @@ resource "random_uuid" "jitprovisioner" { # Use the local to make the trigger work. locals { - fleet_tag = "v4.44.1" + fleet_tag = "v4.45.0" } resource "null_resource" "standard-query-library" { diff --git a/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf b/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf index 9c84cd5190b5..aaac5132cd3d 100644 --- a/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf +++ b/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf @@ -165,7 +165,7 @@ resource "helm_release" "main" { set { name = "imageTag" - value = "v4.44.1" + value = "v4.45.0" } set { diff --git a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf index 164dd33ac35b..bf017d4a2bcb 100644 --- a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf +++ b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf @@ -13,7 +13,7 @@ variable "fleet_config" { type = object({ mem = optional(number, 4096) cpu = optional(number, 512) - image = optional(string, "fleetdm/fleet:v4.44.1") + image = optional(string, "fleetdm/fleet:v4.45.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) diff --git a/terraform/byo-vpc/byo-db/variables.tf b/terraform/byo-vpc/byo-db/variables.tf index cf2e994f6ab2..04ec0c443f04 100644 --- a/terraform/byo-vpc/byo-db/variables.tf +++ b/terraform/byo-vpc/byo-db/variables.tf @@ -74,7 +74,7 @@ variable "fleet_config" { type = object({ mem = optional(number, 4096) cpu = optional(number, 512) - image = optional(string, "fleetdm/fleet:v4.44.1") + image = optional(string, "fleetdm/fleet:v4.45.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) diff --git a/terraform/byo-vpc/example/main.tf b/terraform/byo-vpc/example/main.tf index 0ca4e48839cb..6b607c1fa820 100644 --- a/terraform/byo-vpc/example/main.tf +++ b/terraform/byo-vpc/example/main.tf @@ -17,7 +17,7 @@ provider "aws" { } locals { - fleet_image = "fleetdm/fleet:v4.44.1" + fleet_image = "fleetdm/fleet:v4.45.0" domain_name = "example.com" } diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf index 91182619b965..1e1434e4cb4a 100644 --- a/terraform/byo-vpc/variables.tf +++ b/terraform/byo-vpc/variables.tf @@ -165,7 +165,7 @@ variable "fleet_config" { type = object({ mem = optional(number, 4096) cpu = optional(number, 512) - image = optional(string, "fleetdm/fleet:v4.44.1") + image = optional(string, "fleetdm/fleet:v4.45.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) diff --git a/terraform/variables.tf b/terraform/variables.tf index 0e5f1d4caa28..ebd0fb4c2baf 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -215,7 +215,7 @@ variable "fleet_config" { type = object({ mem = optional(number, 4096) cpu = optional(number, 512) - image = optional(string, "fleetdm/fleet:v4.44.1") + image = optional(string, "fleetdm/fleet:v4.45.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) diff --git a/tools/fleetctl-npm/package.json b/tools/fleetctl-npm/package.json index 80bccf314383..3ad54a3e9c4d 100644 --- a/tools/fleetctl-npm/package.json +++ b/tools/fleetctl-npm/package.json @@ -1,6 +1,6 @@ { "name": "fleetctl", - "version": "v4.44.1", + "version": "v4.45.0", "description": "Installer for the fleetctl CLI tool", "bin": { "fleetctl": "./run.js"