From 1a716f50a1b86843902a53463973d666780c930d Mon Sep 17 00:00:00 2001 From: Ian Littman Date: Fri, 22 Nov 2024 20:46:30 -0600 Subject: [PATCH] Test configuration profile visibility for Linux disk encryption --- server/service/integration_enterprise_test.go | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/server/service/integration_enterprise_test.go b/server/service/integration_enterprise_test.go index 824f3f65cc6d..bc5de824933c 100644 --- a/server/service/integration_enterprise_test.go +++ b/server/service/integration_enterprise_test.go @@ -2901,13 +2901,26 @@ func (s *integrationEnterpriseTestSuite) TestLinuxDiskEncryption() { }) require.NoError(t, err) - // turn on disk encryption enforcement - s.Do("POST", "/api/latest/fleet/disk_encryption", updateDiskEncryptionRequest{EnableDiskEncryption: true}, http.StatusNoContent) + // config profiles endpoint should work but show all zeroes + var profileSummary getMDMProfilesSummaryResponse + s.DoJSON("GET", "/api/latest/fleet/configuration_profiles/summary", getMDMProfilesSummaryRequest{}, http.StatusOK, &profileSummary) + require.Equal(t, fleet.MDMProfilesSummary{}, profileSummary.MDMProfilesSummary) // set encrypted for host require.NoError(t, s.ds.SetOrUpdateHostDisksEncryption(context.Background(), hostLin.ID, true)) - // should succeed as we no longer require MDM to access this endpoint, as Linux encryption doesn't require MDM + // should still show zeroes + s.DoJSON("GET", "/api/latest/fleet/configuration_profiles/summary", getMDMProfilesSummaryRequest{}, http.StatusOK, &profileSummary) + require.Equal(t, fleet.MDMProfilesSummary{}, profileSummary.MDMProfilesSummary) + + // turn on disk encryption enforcement + s.Do("POST", "/api/latest/fleet/disk_encryption", updateDiskEncryptionRequest{EnableDiskEncryption: true}, http.StatusNoContent) + + // should show the Linux host as pending + s.DoJSON("GET", "/api/latest/fleet/configuration_profiles/summary", getMDMProfilesSummaryRequest{}, http.StatusOK, &profileSummary) + require.Equal(t, fleet.MDMProfilesSummary{Pending: 1}, profileSummary.MDMProfilesSummary) + + // encryption summary should succeed (Linux encryption doesn't require MDM) var summary getMDMDiskEncryptionSummaryResponse s.DoJSON("GET", "/api/latest/fleet/mdm/disk_encryption/summary", getMDMDiskEncryptionSummaryRequest{}, http.StatusOK, &summary) s.DoJSON("GET", "/api/latest/fleet/disk_encryption", getMDMDiskEncryptionSummaryRequest{}, http.StatusOK, &summary)