Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: reset token team assignments to defaults #22326

Merged
merged 11 commits into from
Oct 1, 2024
Merged

fix: reset token team assignments to defaults #22326

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
a2d246d
fix: sentence case
jahzielv Sep 19, 2024
6f06ad8
fix: reset teams
jahzielv Sep 23, 2024
11f7a28
chore: update tests
jahzielv Sep 23, 2024
4e4aa50
chore: changes file
jahzielv Sep 23, 2024
0978957
chore: feedback
jahzielv Sep 24, 2024
41ce6f2
fix: lots of tests
jahzielv Sep 24, 2024
a005876
chore: more test fixes
jahzielv Sep 24, 2024
88684db
chore: more test fixes
jahzielv Sep 24, 2024
9ea5578
fix: tests
jahzielv Sep 24, 2024
74da8ff
fix: tests
jahzielv Sep 24, 2024
7029ac9
fix: tests
jahzielv Sep 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions changes/22198-defaults
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- Fixes a bug where removing a VPP or ABM token from a GitOps YAML file would leave the team
assignments unchanged.
91 changes: 91 additions & 0 deletions cmd/fleetctl/apply_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -657,6 +657,18 @@ func TestApplyAppConfig(t *testing.T) {
return []*fleet.TeamSummary{{Name: "team1", ID: 1}}, nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{{OrganizationName: t.Name()}}, nil
}

name := writeTmpYml(t, `---
apiVersion: v1
kind: config
Expand Down Expand Up @@ -782,6 +794,18 @@ func TestApplyAppConfigDryRunIssue(t *testing.T) {
return nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

// first, set the default app config's agent options as set after fleetctl setup
name := writeTmpYml(t, `---
apiVersion: v1
Expand Down Expand Up @@ -914,6 +938,18 @@ func TestApplyAppConfigDeprecatedFields(t *testing.T) {
return nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

name := writeTmpYml(t, `---
apiVersion: v1
kind: config
Expand Down Expand Up @@ -1316,6 +1352,14 @@ func TestApplyAsGitOps(t *testing.T) {
return []*fleet.ABMToken{{ID: 1}}, nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

// Apply global config.
name := writeTmpYml(t, `---
apiVersion: v1
Expand Down Expand Up @@ -1873,6 +1917,18 @@ func TestCanApplyIntervalsInNanoseconds(t *testing.T) {
return nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

name := writeTmpYml(t, `---
apiVersion: v1
kind: config
Expand Down Expand Up @@ -1908,6 +1964,18 @@ func TestCanApplyIntervalsUsingDurations(t *testing.T) {
return nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

name := writeTmpYml(t, `---
apiVersion: v1
kind: config
Expand Down Expand Up @@ -2091,6 +2159,18 @@ func TestApplyMacosSetup(t *testing.T) {
return []*fleet.ABMToken{{ID: 1}}, nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

return ds
}

Expand Down Expand Up @@ -2764,6 +2844,17 @@ func TestApplySpecs(t *testing.T) {
ds.DeleteMDMWindowsConfigProfileByTeamAndNameFunc = func(ctx context.Context, teamID *uint, profileName string) error {
return nil
}

// VPP/AMB
ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}
ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}
ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}
}

cases := []struct {
Expand Down
80 changes: 80 additions & 0 deletions cmd/fleetctl/gitops_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,18 @@ func TestGitOpsBasicGlobalFree(t *testing.T) {
return nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

tmpFile, err := os.CreateTemp(t.TempDir(), "*.yml")
require.NoError(t, err)

Expand Down Expand Up @@ -233,6 +245,18 @@ func TestGitOpsBasicGlobalPremium(t *testing.T) {
return nil, nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

tmpFile, err := os.CreateTemp(t.TempDir(), "*.yml")
require.NoError(t, err)

Expand Down Expand Up @@ -582,6 +606,17 @@ func TestGitOpsFullGlobal(t *testing.T) {
return nil
}

// Needed for checking tokens
ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}
ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}
ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

const (
fleetServerURL = "https://fleet.example.com"
orgName = "GitOps Test"
Expand Down Expand Up @@ -1062,6 +1097,18 @@ func TestGitOpsBasicGlobalAndTeam(t *testing.T) {
return nil, 0, nil, nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

globalFile, err := os.CreateTemp(t.TempDir(), "*.yml")
require.NoError(t, err)

Expand Down Expand Up @@ -1324,6 +1371,18 @@ func TestGitOpsBasicGlobalAndNoTeam(t *testing.T) {
return nil, 0, nil, nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

globalFileBasic, err := os.CreateTemp(t.TempDir(), "*.yml")
require.NoError(t, err)

Expand Down Expand Up @@ -1583,6 +1642,18 @@ func TestGitOpsFullGlobalAndTeam(t *testing.T) {
return team, nil
}

ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}

ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}

ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

apnsCert, apnsKey, err := mysql.GenerateTestCertBytes()
require.NoError(t, err)
crt, key, err := apple_mdm.NewSCEPCACertKey()
Expand Down Expand Up @@ -2206,6 +2277,15 @@ func setupFullGitOpsPremiumServer(t *testing.T) (*mock.Store, **fleet.AppConfig,
ds.ListSoftwareTitlesFunc = func(ctx context.Context, opt fleet.SoftwareTitleListOptions, tmFilter fleet.TeamFilter) ([]fleet.SoftwareTitleListResult, int, *fleet.PaginationMetadata, error) {
return nil, 0, nil, nil
}
ds.SaveABMTokenFunc = func(ctx context.Context, tok *fleet.ABMToken) error {
return nil
}
ds.ListVPPTokensFunc = func(ctx context.Context) ([]*fleet.VPPTokenDB, error) {
return []*fleet.VPPTokenDB{}, nil
}
ds.ListABMTokensFunc = func(ctx context.Context) ([]*fleet.ABMToken, error) {
return []*fleet.ABMToken{}, nil
}

t.Setenv("FLEET_SERVER_URL", fleetServerURL)
t.Setenv("ORG_NAME", orgName)
Expand Down
4 changes: 2 additions & 2 deletions ...in/IntegrationsPage/cards/MdmSettings/VppPage/components/VppTable/TeamsCell/TeamsCell.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ const generateCell = (teams: ITokenTeam[] | null) => {
}

if (teams.length === 0) {
return <TextCell value="All Teams" />;
return <TextCell value="All teams" />;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, thanks

}

let text = "";
Expand Down Expand Up @@ -83,7 +83,7 @@ const TeamsCell = ({ teams, className }: ITeamsCellProps) => {
}

if (teams.length === 0) {
return <TextCell value="All Teams" />;
return <TextCell value="All teams" />;
}

if (teams.length === 1) {
Expand Down
42 changes: 41 additions & 1 deletion server/service/appconfig.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -545,15 +545,55 @@ func (svc *Service) ModifyAppConfig(ctx context.Context, p []byte, applyOpts fle
}
}

// Reset teams for ABM tokens that exist in Fleet but aren't present in the config being passed
tokensInCfg := make(map[string]struct{})
for _, t := range newAppConfig.MDM.AppleBusinessManager.Value {
tokensInCfg[t.OrganizationName] = struct{}{}
}

toks, err := svc.ds.ListABMTokens(ctx)
if err != nil {
return nil, ctxerr.Wrap(ctx, err, "listing ABM tokens")
}
for _, tok := range toks {
if _, ok := tokensInCfg[tok.OrganizationName]; !ok {
tok.MacOSDefaultTeamID = nil
tok.IOSDefaultTeamID = nil
tok.IPadOSDefaultTeamID = nil
if err := svc.ds.SaveABMToken(ctx, tok); err != nil {
return nil, ctxerr.Wrap(ctx, err, "saving ABM token assignments")
}
}
}

if (appConfig.MDM.AppleBusinessManager.Set && appConfig.MDM.AppleBusinessManager.Valid) || appConfig.MDM.DeprecatedAppleBMDefaultTeam != "" {
for _, tok := range abmAssignments {
fmt.Println(tok.EncryptedToken)
if err := svc.ds.SaveABMToken(ctx, tok); err != nil {
return nil, ctxerr.Wrap(ctx, err, "saving ABM token assignments")
}
}
}

// Reset teams for VPP tokens that exist in Fleet but aren't present in the config being passed
clear(tokensInCfg)

for _, t := range newAppConfig.MDM.VolumePurchasingProgram.Value {
tokensInCfg[t.Location] = struct{}{}
}

vppToks, err := svc.ds.ListVPPTokens(ctx)
if err != nil {
return nil, ctxerr.Wrap(ctx, err, "listing VPP tokens")
}
for _, tok := range vppToks {
if _, ok := tokensInCfg[tok.Location]; !ok {
tok.Teams = nil
if _, err := svc.ds.UpdateVPPTokenTeams(ctx, tok.ID, nil); err != nil {
return nil, ctxerr.Wrap(ctx, err, "saving VPP token teams")
}
}
}

if appConfig.MDM.VolumePurchasingProgram.Set && appConfig.MDM.VolumePurchasingProgram.Valid {
for tokenID, tokenTeams := range vppAssignments {
if _, err := svc.ds.UpdateVPPTokenTeams(ctx, tokenID, tokenTeams); err != nil {
Expand Down
Loading
Loading