Prepare Fleet v4.57.3

fleetdm · Oct 11, 2024 · dd86d61 · dd86d61
1 parent 2069217
commit dd86d61
Show file tree

Hide file tree

Showing 15 changed files with 127 additions and 20 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## Fleet 4.57.3 (Oct 11, 2024)
+
+### Bug fixes
+
+* Fixed Orbit configuration endpoint returning 500 for Macs running Rapid Security Response macOS releases that are enrolled in OS major version enforcement,
+
 ## Fleet 4.57.2 (Oct 02, 2024)
 
 ### Bug fixes

diff --git a/changes/22829-nudge-500-fix b/changes/22829-nudge-500-fix
diff --git a/charts/fleet/Chart.yaml b/charts/fleet/Chart.yaml
@@ -8,7 +8,7 @@ version: v6.2.0
 home: https://github.com/fleetdm/fleet
 sources:
   - https://github.com/fleetdm/fleet.git
-appVersion: v4.57.2
+appVersion: v4.57.3
 dependencies:
   - name: mysql
     condition: mysql.enabled

diff --git a/charts/fleet/values.yaml b/charts/fleet/values.yaml
@@ -3,7 +3,7 @@
 hostName: fleet.localhost
 replicas: 3 # The number of Fleet instances to deploy
 imageRepository: fleetdm/fleet
-imageTag: v4.57.2 # Version of Fleet to deploy
+imageTag: v4.57.3 # Version of Fleet to deploy
 podAnnotations: {} # Additional annotations to add to the Fleet pod
 serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account
 resources:

diff --git a/infrastructure/dogfood/terraform/aws/variables.tf b/infrastructure/dogfood/terraform/aws/variables.tf
@@ -56,7 +56,7 @@ variable "database_name" {
 
 variable "fleet_image" {
   description = "the name of the container image to run"
-  default     = "fleetdm/fleet:v4.57.2"
+  default     = "fleetdm/fleet:v4.57.3"
 }
 
 variable "software_inventory" {

diff --git a/infrastructure/dogfood/terraform/gcp/variables.tf b/infrastructure/dogfood/terraform/gcp/variables.tf
@@ -68,7 +68,7 @@ variable "redis_mem" {
 }
 
 variable "image" {
-  default = "fleetdm/fleet:v4.57.2"
+  default = "fleetdm/fleet:v4.57.3"
 }
 
 variable "software_installers_bucket_name" {

diff --git a/new_changelog b/new_changelog
@@ -0,0 +1,102 @@
+
+- Fix "no rows" error when adding a software installer that matches an existing title's name and source but not its bundle ID
+
+* GitOps script and software installer relative paths are now always relative to the file they're in. This change breaks existing YAML files that had to account for previous inconsistent behavior (e.g. script paths declared in no-team.yml being relative to default.yaml one directory up).
+
+* Fixed an issue with the migration adding support for multiple VPP tokens that would happen if a token is removed prior to upgrading Fleet.
+
+Added SCEP proxy for Windows NDES (Network Device Enrollment Service) AD CS server, which allows devices to request certificates.
+
+- Fix UI flow for observers to easily query hosts from the host details page
+
+- UI: Remove redundant built in label filter pills
+
+- Adds the `POST /software/fleet_maintained` endpoint for adding Fleet-maintained apps.
+
+- Add endpoint to retrieve details on fleet maintained app
+
+* Added support for uploading RPM packages.
+
+* Show the 'Unsupported screen size' UI on the My device page
+
+* Ensure request timeouts for software installer edits are just as high as for initial software installer uploads
+
+- Fix bug with label display names always sentence casing
+
+* Update success messages for lock, unlock, and wipe commands in the UI.
+
+- Fixes a bug where a profile wouldn't be removed from a host if it was deleted or if the host was
+  moved to another team before the profile was installed on the host.
+
+* Documented that Microsoft enrollments have less fields filled in the `mdm_enrolled` activity due to how this MDM enrollment flow is implemented.
+
+* Restrict width of policy description wrappers for better UI
+
+* Fix MSRC feed pulls (for NVD release builds) in environments where GitHub access is authenticated
+
+* Record which policy automation triggered a script run in the activity feed
+
+- UI cleanup: Host details about section condenses information into fewer columns at smaller widths
+
+- Fixes a bug where removing a VPP or ABM token from a GitOps YAML file would leave the team
+  assignments unchanged.
+
+- Fleet UI: Fix host software filter bug that resets dropdown filter on table changes (pagination, order by column, etc)
+
+- Add API endpoint to list team available Fleet-maintained apps
+
+- Update UI for software uploads to include upload progress bar.
+
+* Show software install activities from policy automations as authored by "Fleet", store policy ID and name on each activity
+
+- add UI for adding fleet maintained apps
+
+- added builtin label for Fedora Linux.  Warning: migrations will fail if a pre-existing 'Fedora Linux' label exists.  To resolve, delete the existing 'Fedora Linux' label.
+
+- Hide CVSS severity column from Fleet Free software details > vulnerabilities sections
+
+- Updates the guide for MDM migration to include the new UX in fleetd.
+
+- Increased performance for Host details and Fleet Desktop, particularly in environments using high volumes of live queries
+
+* Fixes Orbit configuration endpoint 500s for Macs running Rapid Security Response macOS releases that are enrolled in OS major version enforcement
+
+- updated activity cleanup job to remove all expired live queries to improve API performance in environment using large volumes of live queries.  To note, the cleanup cron may take longer on the first run after upgrade.
+
+- change add software modal to be seperate pages in Fleet UI
+
+- Fix UI bug: Edit team name closes modal
+
+* Update UI to remove leading/trailing whitespace when creating or editing team or query names.
+
+- UI Improvements to selecting live query targets (e.g. styling, closing behavior)
+
+- Improved performance of SQL queries used to determine MDM profile status for Apple hosts.
+
+- UI fix: Switching vulnerability search types does not cause page re-render
+
+* Return 409 instead of 500 when trying to delete an installer associated with a policy automation.
+
+* Fixed software uninstaller script for `pkg`s to only remove '.app' directories installed by the package.
+
+- Fleet UI: Fix policy automation truncation when selecting software to auto-install
+
+* Added the definition of the Fleet maintained apps and its ingestion.
+
+- battery health definitions now defined as cycle counts greater than 1000 or max capacity falling under 80% of designed capacity for macOS and Windows
+
+- Fixed UI design bug where software package file name was not displayed as expected.
+
+- Windows host details now include battery status
+- UI includes information on how battery health is defined
+
+* Fixed a bug where policy failures of a host were not being cleared in the host details page after configuring the host to not run any policies.
+
+* Fix a small UI bug where a button overlapped some copy.
+
+* Add ability to trigger script run on policy failure
+
+- Fleet UI: Surface duplicate label name error to user
+
+- show proper software icon for chrome packages
+
diff --git a/terraform/addons/vuln-processing/variables.tf b/terraform/addons/vuln-processing/variables.tf
@@ -24,7 +24,7 @@ variable "fleet_config" {
     vuln_processing_cpu                  = optional(number, 2048)
     vuln_data_stream_mem                 = optional(number, 1024)
     vuln_data_stream_cpu                 = optional(number, 512)
-    image                                = optional(string, "fleetdm/fleet:v4.57.2")
+    image                                = optional(string, "fleetdm/fleet:v4.57.3")
     family                               = optional(string, "fleet-vuln-processing")
     sidecars                             = optional(list(any), [])
     extra_environment_variables          = optional(map(string), {})
@@ -82,7 +82,7 @@ variable "fleet_config" {
     vuln_processing_cpu                  = 2048
     vuln_data_stream_mem                 = 1024
     vuln_data_stream_cpu                 = 512
-    image                                = "fleetdm/fleet:v4.57.2"
+    image                                = "fleetdm/fleet:v4.57.3"
     family                               = "fleet-vuln-processing"
     sidecars                             = []
     extra_environment_variables          = {}

diff --git a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf
@@ -16,7 +16,7 @@ variable "fleet_config" {
     mem                          = optional(number, 4096)
     cpu                          = optional(number, 512)
     pid_mode                     = optional(string, null)
-    image                        = optional(string, "fleetdm/fleet:v4.57.2")
+    image                        = optional(string, "fleetdm/fleet:v4.57.3")
     family                       = optional(string, "fleet")
     sidecars                     = optional(list(any), [])
     depends_on                   = optional(list(any), [])
@@ -119,7 +119,7 @@ variable "fleet_config" {
     mem                          = 512
     cpu                          = 256
     pid_mode                     = null
-    image                        = "fleetdm/fleet:v4.57.2"
+    image                        = "fleetdm/fleet:v4.57.3"
     family                       = "fleet"
     sidecars                     = []
     depends_on                   = []

diff --git a/terraform/byo-vpc/byo-db/variables.tf b/terraform/byo-vpc/byo-db/variables.tf
@@ -77,7 +77,7 @@ variable "fleet_config" {
     mem                          = optional(number, 4096)
     cpu                          = optional(number, 512)
     pid_mode                     = optional(string, null)
-    image                        = optional(string, "fleetdm/fleet:v4.57.2")
+    image                        = optional(string, "fleetdm/fleet:v4.57.3")
     family                       = optional(string, "fleet")
     sidecars                     = optional(list(any), [])
     depends_on                   = optional(list(any), [])
@@ -205,7 +205,7 @@ variable "fleet_config" {
     mem                          = 512
     cpu                          = 256
     pid_mode                     = null
-    image                        = "fleetdm/fleet:v4.57.2"
+    image                        = "fleetdm/fleet:v4.57.3"
     family                       = "fleet"
     sidecars                     = []
     depends_on                   = []

diff --git a/terraform/byo-vpc/example/main.tf b/terraform/byo-vpc/example/main.tf
@@ -17,7 +17,7 @@ provider "aws" {
 }
 
 locals {
-  fleet_image = "fleetdm/fleet:v4.57.2"
+  fleet_image = "fleetdm/fleet:v4.57.3"
   domain_name = "example.com"
 }
 

diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf
@@ -170,7 +170,7 @@ variable "fleet_config" {
     mem                          = optional(number, 4096)
     cpu                          = optional(number, 512)
     pid_mode                     = optional(string, null)
-    image                        = optional(string, "fleetdm/fleet:v4.57.2")
+    image                        = optional(string, "fleetdm/fleet:v4.57.3")
     family                       = optional(string, "fleet")
     sidecars                     = optional(list(any), [])
     depends_on                   = optional(list(any), [])
@@ -298,7 +298,7 @@ variable "fleet_config" {
     mem                          = 512
     cpu                          = 256
     pid_mode                     = null
-    image                        = "fleetdm/fleet:v4.57.2"
+    image                        = "fleetdm/fleet:v4.57.3"
     family                       = "fleet"
     sidecars                     = []
     depends_on                   = []

diff --git a/terraform/example/main.tf b/terraform/example/main.tf
@@ -63,8 +63,8 @@ module "fleet" {
 
   fleet_config = {
     # To avoid pull-rate limiting from dockerhub, consider using our quay.io mirror
-    # for the Fleet image. e.g. "quay.io/fleetdm/fleet:v4.57.2"
-    image = "fleetdm/fleet:v4.57.2" # override default to deploy the image you desire
+    # for the Fleet image. e.g. "quay.io/fleetdm/fleet:v4.57.3"
+    image = "fleetdm/fleet:v4.57.3" # override default to deploy the image you desire
     # See https://fleetdm.com/docs/deploy/reference-architectures#aws for appropriate scaling
     # memory and cpu.
     autoscaling = {

diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -218,7 +218,7 @@ variable "fleet_config" {
     mem                          = optional(number, 4096)
     cpu                          = optional(number, 512)
     pid_mode                     = optional(string, null)
-    image                        = optional(string, "fleetdm/fleet:v4.57.2")
+    image                        = optional(string, "fleetdm/fleet:v4.57.3")
     family                       = optional(string, "fleet")
     sidecars                     = optional(list(any), [])
     depends_on                   = optional(list(any), [])
@@ -346,7 +346,7 @@ variable "fleet_config" {
     mem                          = 512
     cpu                          = 256
     pid_mode                     = null
-    image                        = "fleetdm/fleet:v4.57.2"
+    image                        = "fleetdm/fleet:v4.57.3"
     family                       = "fleet"
     sidecars                     = []
     depends_on                   = []

diff --git a/tools/fleetctl-npm/package.json b/tools/fleetctl-npm/package.json
@@ -1,6 +1,6 @@
 {
   "name": "fleetctl",
-  "version": "v4.57.2",
+  "version": "v4.57.3",
   "description": "Installer for the fleetctl CLI tool",
   "bin": {
     "fleetctl": "./run.js"
@@ -24,4 +24,4 @@
     "osquery",
     "security"
   ]
-}
+}