diff --git a/CHANGELOG.md b/CHANGELOG.md index 24d768a609dc..2e8745665715 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,24 +1,95 @@ +## Fleet 4.56.0 (Sep 7, 2024) + +### Endpoint operations + +- Added index to `query_results` DB table to speed up finding last query timestamp for a given query and host. +- Added a link in the UI to the error message when a CSR can't be downloaded due to missing private key. +- Added a disabled overlay to the Other Workflows modal on the policy page. +- Improved performance of live queries to accommodate for higher volumes when utilizing zero-trust workflows. +- Improved `fleetctl` gitops error message when trying to change team name to a team that already exists. + +### Device management + +- Added server support for multiple VPP tokens. +- Added new endpoints and updated existing endpoints for managing multiple Apple Business Manager tokens. +- Added support for S3 to store MDM bootstrap packages (uses the same bucket configuration as for software installers). +- Added support to UI for self service VPP software. +- Added backend and gitops support for self service VPP. +- Added ability for MDM migrations if the host is manually enrolled to a 3rd party MDM. +- Added an offline screen to the macOS MDM migration flow. +- Added new ABM page to Fleet UI. +- Added new VPP page to the fleet UI +- Added support to track the Apple Business Manager "terms expired" API error per token, as well as a global flag that gets set as soon as one token has its terms expired. +- Updated the instructions on "My device" for MDM migrations on pre-Sonoma macOS hosts. +- Updated to allow multiple teams to be assigned to the same VPP Token. +- Updated process so that deleting installed software or VPP app now makes it available for re-installation. +- Updated to enforce minimum OS version settings during Apple Automated Device Enrollment (ADE). +- Updated ABM ingestion so that deleted iOS/iPadOS host will continue to report to Fleet as long as host is in Apple Business Manager (ABM). +- Updated so that refetching an offline iOS/iPadOS host will not add new MDM commands to the queue if previous refetch has not completed yet. +- Updated UI so that downloading a software installer package now shows the browser's built-in progress bar. +- Updated relevant documentation to include references to multiple ABM and VPP tokens. +- Consolidated Automatic Enrollment and VPP settings under the MDM settings integration page. +- Cleared apps associated with a VPP token if it's moved off of a team. + +### Vulnerability management + +- Added ALAS bulletins as vulnerability source for Amazon Linux (instead of OVAL for Amazon Linux 2, and adds support for Amazon Linux 1, 2022, and 2023). +- Added matching rules for July and August Microsoft 365 security updates (https://learn.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates). +- Added the following filters to `/software/titles` and `/software/versions` API endpoints: `exploit: bool`, `min_cvss_score: float`, `max_cvss_score: float`. +- Updated software titles/versions tables to allow for filtering by vulnerabilities including severity and known exploit. +- Updated to use empty CVE description when the NVD CVE feed doesn't include description entries (instead of panicking). +- Updated matching software that is not installed by Fleet so that it shows up as 'Available for install' on host details page. +- Updated base images of `fleetdm/fleetctl`, `fleetdm/bomutils` and `fleetdm/wix` to fix critical vulnerabilities found by Trivy. +- Updated vulnerability scanning to use `macos` SW target for CPEs of homebrew packages. +- Updated vulnerability scanning to not ignore software with non-ASCII en dash and em dash characters. +- Updated `GET /api/v1/fleet/vulnerabilities/{cve}` endpoint to add validation of CVE format, and a 204 response. The 204 response indicates that the vulnerability is known to Fleet but not present on any hosts. +- Updated the UI to add new empty states for searching vulnerabilities: invalid CVE format searched, a known CVE serached but not present on hosts, not a known CVE searched, exploited vulnerability empty state, operating systems empty state, new icons. + +### Bug fixes and improvements + +- Added support for MySQL 8.4.2 LTS. +- Updated Go to go1.22.6. +- Updated Fleet server to now accept arguments via stdin. This is useful for passing secrets that you don't want to expose as env vars, in the command line, or in the config file. +- Updated text for "Turn on MDM" banners in UI. +- Updated ABM host tooltip copy on the manage host page to clarify when host vitals will be available to view. +- Updated copy on auotmatic enrollment modal on my device page. +- Updated host details activities tooltip and empty state copy to reflect recently added capabilities. +- Updated Fleet Free so users see a Premium feature message when clicking to add software. +- Updated usage reporting to report statistics on new AI features, maintenance window, and `fleetd`. +- Fixed bug where configuration profile was still showing the old label name after the name was updated. +- Fixed a bug when a cached prepared statement gets deleted in the MySQL server itself without Fleet knowing. +- Fixed a bug where the wrong API path was used to download a software installer. +- Fixed the failing_host_count so it is never 0. This count is normally updated once an hour during cleanups_then_aggregation cron job. +- Fixed CVE-2024-4030 in Vulncheck feed incorrectly targeting non-Windows hosts. +- Fixed a bug where the "Self-service" filter for the list of software and the list of host's software did not take App Store apps into account. +- Fixed a bug where the "My device" page in Fleet Desktop did not show the self-service software tab when App Store apps were available as self-install. +- Fixed a bug where a software installer (a package or a VPP app) that has been installed on a host still shows up as "Available for install" and can still be requested to be installed after the host is transferred to a different team without that installer (or after the installer is deleted). +- Fixed the "Available for install" filter in the host's software page so that installers that were requested to be installed on the host (regardless of installation status) also show up in the list. +- Fixed UI popup messages bleeding off viewport in some cases. +- Fixed an issue with the scheduling of cron jobs at startup if the job has never run, which caused it to be delayed. +- Fixed UI to display the label names in case-insensitive alphabetical order. + ## Fleet 4.55.2 (Sep 05, 2024) ### Bug fixes -* Removed validation of APNS certificate from server startup. This was no longer necessary because we now allow for APNS certificates to be renewed in the UI. -* Fixed logic to properly catch and log APNs errors. +- Removed validation of APNS certificate from server startup. This was no longer necessary because we now allow for APNS certificates to be renewed in the UI. +- Fixed logic to properly catch and log APNs errors. -## Fleet 4.55.1 (Aug 14, 2024) +## Fleet 4.55.1 (Aug 15, 2024) ### Bug fixes -* Added a disabled overlay to the Other Workflows modal on the policy page. -* Updated text for "Turn on MDM" banners in UI. -* Fixed a bug when a cached prepared statement got deleted in the MySQL server itself without Fleet knowing. -* Continued with an empty CVE description when the NVD CVE feed didn't include description entries (instead of panicking). -* Scheduled maintenance events are now scheduled over calendar events marked "Free" (not busy) in Google Calendar. -* Fixed a bug where the wrong API path was used to download a software installer. -* Improved fleetctl gitops error message when trying to change team name to a team that already exists. -* Updated ABM (Apple Business Manager) host tooltip copy on the manage host page to clarify when host vitals will be available to view. -* Added index to query_results DB table to speed up finding the last query timestamp for a given query and host. -* Displayed the label names in case-insensitive alphabetical order in the fleet UI. +- Added a disabled overlay to the Other Workflows modal on the policy page. +- Updated text for "Turn on MDM" banners in UI. +- Fixed a bug when a cached prepared statement got deleted in the MySQL server itself without Fleet knowing. +- Continued with an empty CVE description when the NVD CVE feed didn't include description entries (instead of panicking). +- Scheduled maintenance events are now scheduled over calendar events marked "Free" (not busy) in Google Calendar. +- Fixed a bug where the wrong API path was used to download a software installer. +- Improved fleetctl gitops error message when trying to change team name to a team that already exists. +- Updated ABM (Apple Business Manager) host tooltip copy on the manage host page to clarify when host vitals will be available to view. +- Added index to query_results DB table to speed up finding the last query timestamp for a given query and host. +- Displayed the label names in case-insensitive alphabetical order in the fleet UI. ## Fleet 4.55.0 (Aug 8, 2024) @@ -75,7 +146,6 @@ enrolled into teams (or no team) with disk encryption turned on. Thank you [home - Dropped support for MySQL 5.7 and raised minimum required to MySQL 8.0.36. - Updated software pre-install to use new GitOps format for query. - Updated UI tooltips for pending OS settings. -- Added a migration to migrate older team configurations to the new version that includes both installers and App Store apps. - Fixed a styling issue in the controls > OS settings > disk encryption table. - Fixed a bug in `fleetctl preview` that was causing it to fail if Docker was installed without support for the deprecated `docker-compose` CLI. - Fixed an issue where the app-wide warning banners were not showing on the initial page load. @@ -83,13 +153,9 @@ enrolled into teams (or no team) with disk encryption turned on. Thank you [home - Fixed a bug where software install results could not be retrieved for deleted hosts in the activity feed. - Fixed path that was incorrect for the download software installer package endpoint `GET /software/titles/:software_title_id/package`. - Fixed a bug that set `last_enrolled_at` during orbit re-enrollment, which caused osquery enroll failures when `FLEET_OSQUERY_ENROLL_COOLDOWN` is set. -- Fixed the "Available for install" filter in the host's software page so that installers that were requested to be installed on the host (regardless of installation status) also show up in the list. -- Fixed a styling issue in the Controls > OS Settings > disk encryption table. - Fixed a bug where Fleet google calendar events generated by Fleet <= 4.53.0 were not correctly processed by 4.54.0. -- Fixed a bug in `fleetctl preview` that was causing it to fail if Docker was installed without support for the deprecated `docker-compose` CLI. - Fixed a bug where software install results could not be retrieved for deleted hosts in the activity feed. - Fixed a bug where a software installer (a package or a VPP app) that has been installed on a host still shows up as "Available for install" and can still be requested to be installed after the host is transferred to a different team without that installer (or after the installer is deleted). -- Fixed the "Available for install" filter in the host's software page so that installers that were requested to be installed on the host (regardless of installation status) also show up in the list. ## Fleet 4.54.1 (Jul 24, 2024) diff --git a/changes/13157-fv-escrow b/changes/13157-fv-escrow deleted file mode 100644 index e6804a05ec4b..000000000000 --- a/changes/13157-fv-escrow +++ /dev/null @@ -1 +0,0 @@ -* `fleetd` now uses Escrow Buddy to rotate FileVault keys. Internal API endpoints documented in the API for contributors have been modified and/or removed. diff --git a/changes/16866-ade-force-filevault b/changes/16866-ade-force-filevault deleted file mode 100644 index 4486357bf558..000000000000 --- a/changes/16866-ade-force-filevault +++ /dev/null @@ -1,2 +0,0 @@ -- Adds enforcement of FileVault during the MacOS Setup Assistant process for hosts that are enrolled -into teams (or no team) with disk encryption turned on. \ No newline at end of file diff --git a/changes/17249-mysql-8 b/changes/17249-mysql-8 deleted file mode 100644 index b3948968cf08..000000000000 --- a/changes/17249-mysql-8 +++ /dev/null @@ -1,2 +0,0 @@ -* Drop support for MySQL 5.7 -* Minimum requirements raised to MySQL 8.0 diff --git a/changes/17379-live-query-caching b/changes/17379-live-query-caching deleted file mode 100644 index 949252299593..000000000000 --- a/changes/17379-live-query-caching +++ /dev/null @@ -1 +0,0 @@ -- Increased performance of live queries to accommodate for higher volumes when utilizing zero-trust workflows \ No newline at end of file diff --git a/changes/1845-linux-arm64 b/changes/1845-linux-arm64 deleted file mode 100644 index 6ebb53ff6380..000000000000 --- a/changes/1845-linux-arm64 +++ /dev/null @@ -1,2 +0,0 @@ -* Added support for generating fleetd packages for Linux ARM64 -* fleetctl: New `fleetctl package` --arch flag diff --git a/changes/18913-ignore-rejected-cves b/changes/18913-ignore-rejected-cves deleted file mode 100644 index 1fabe60f9ffb..000000000000 --- a/changes/18913-ignore-rejected-cves +++ /dev/null @@ -1 +0,0 @@ -CVEs identified as 'Rejected' in NVD will no longer match against software \ No newline at end of file diff --git a/changes/19037-support-s3-store-for-bootstrap-packages b/changes/19037-support-s3-store-for-bootstrap-packages deleted file mode 100644 index 400cc30b3cb3..000000000000 --- a/changes/19037-support-s3-store-for-bootstrap-packages +++ /dev/null @@ -1 +0,0 @@ -* Added support for S3 to store MDM bootstrap packages (uses the same bucket configuration as for software installers). diff --git a/changes/19099-sw-vuln-filters b/changes/19099-sw-vuln-filters deleted file mode 100644 index 06ef4ac4d2d8..000000000000 --- a/changes/19099-sw-vuln-filters +++ /dev/null @@ -1,2 +0,0 @@ -- adds the following filters to `/software/titles` and `/software/versions` API endpoints: `exploit: bool`, `min_cvss_score: float`, `max_cvss_score: float` -- Software titles/versions tables allow for filtering by vulnerabilities including severity and known exploit diff --git a/changes/19280-maintenance-window-descriptions b/changes/19280-maintenance-window-descriptions deleted file mode 100644 index 90848dcffe67..000000000000 --- a/changes/19280-maintenance-window-descriptions +++ /dev/null @@ -1 +0,0 @@ -Maintenance window descriptions are now updated regularly to match the failing policy description/resolution. diff --git a/changes/19352-calendar-real-time b/changes/19352-calendar-real-time deleted file mode 100644 index d96cf1fa1177..000000000000 --- a/changes/19352-calendar-real-time +++ /dev/null @@ -1,3 +0,0 @@ -- In maintenance windows using Google Calendar, calendar event is now recreated within 30 seconds if deleted or moved to the past. - - Fleet server watches for potential changes for up to 1 week after original event time. If event is moved forward more than 1 week, then after 1 week Fleet server will check for event changes once every 30 minutes. - - These near real-time updates may add additional load to the Google Calendar API, so it is recommended to use API usage alerts or other monitoring methods. diff --git a/changes/19447-ios-ipados-software b/changes/19447-ios-ipados-software deleted file mode 100644 index 26acad51315e..000000000000 --- a/changes/19447-ios-ipados-software +++ /dev/null @@ -1,3 +0,0 @@ -- iOS and iPadOS device details refetch can now be triggered with the existing `POST /api/latest/fleet/hosts/:id/refetch` endpoint. -- iOS and iPadOS user-installed apps can be viewed in Fleet -- iOS and iPadOS apps can be installed using Apple's VPP (Volume Purchase Program) diff --git a/changes/19550-software-no-teams b/changes/19550-software-no-teams deleted file mode 100644 index 933665cd22c0..000000000000 --- a/changes/19550-software-no-teams +++ /dev/null @@ -1 +0,0 @@ -- adds support for No teams on all software pages including adding software installers \ No newline at end of file diff --git a/changes/19561-browser-progress-bar b/changes/19561-browser-progress-bar deleted file mode 100644 index cfd16443d918..000000000000 --- a/changes/19561-browser-progress-bar +++ /dev/null @@ -1 +0,0 @@ -- In Fleet GUI, downloading a software installer package now shows the browser's built-in progress bar. diff --git a/changes/19562-python-vuln b/changes/19562-python-vuln deleted file mode 100644 index 928551bbce0e..000000000000 --- a/changes/19562-python-vuln +++ /dev/null @@ -1 +0,0 @@ -- Fixed CVE-2024-4030 in Vulncheck feed incorrectly targeting non-Windows hosts \ No newline at end of file diff --git a/changes/19646-ui-profiles-pending-tooltip b/changes/19646-ui-profiles-pending-tooltip deleted file mode 100644 index 824ba143c903..000000000000 --- a/changes/19646-ui-profiles-pending-tooltip +++ /dev/null @@ -1 +0,0 @@ -- Updated UI tooltips for pending OS settings. diff --git a/changes/19674-dep-min-os-version b/changes/19674-dep-min-os-version deleted file mode 100644 index b9adefe9ec57..000000000000 --- a/changes/19674-dep-min-os-version +++ /dev/null @@ -1 +0,0 @@ -- Updated MDM features to enforce minimum OS version settings during Apple Automated Device Enrollment (ADE). diff --git a/changes/19684-renew-scep-180 b/changes/19684-renew-scep-180 deleted file mode 100644 index 131c08ff5111..000000000000 --- a/changes/19684-renew-scep-180 +++ /dev/null @@ -1 +0,0 @@ -* Increase threshold to renew Apple SCEP certificates for MDM enrollments to 180 days. diff --git a/changes/19693-additional-stats b/changes/19693-additional-stats deleted file mode 100644 index 5978543420d6..000000000000 --- a/changes/19693-additional-stats +++ /dev/null @@ -1 +0,0 @@ -- Added additional statistics items for AI features, maintenance window, and Fleet Desktop diff --git a/changes/19853-homebrew-intellij b/changes/19853-homebrew-intellij deleted file mode 100644 index 713d4ae1423d..000000000000 --- a/changes/19853-homebrew-intellij +++ /dev/null @@ -1 +0,0 @@ -Fixed false negative vulnerabilities with IntelliJ IDEA CE and PyCharm CE installed via Homebrew. diff --git a/changes/19857-known_vulnerability b/changes/19857-known_vulnerability deleted file mode 100644 index b9c95991b3fc..000000000000 --- a/changes/19857-known_vulnerability +++ /dev/null @@ -1,2 +0,0 @@ -For GET /api/v1/fleet/vulnerabilities/{cve} endpoint, added validation of CVE format, and added a 204 response. The 204 response indicates that the vulnerability is known to Fleet but not present on any hosts. -For the UI, add new empty states for searching vulnerabilities: invalid CVE format searched, a known CVE serached but not present on hosts, not a known CVE searched, exploited vulnerability empty state, operating systems empty state, new icons diff --git a/changes/19864-vpp-token-crud b/changes/19864-vpp-token-crud deleted file mode 100644 index ee4a92e80f25..000000000000 --- a/changes/19864-vpp-token-crud +++ /dev/null @@ -1,2 +0,0 @@ -- Adds the functionality for the `POST /mdm/apple/vpp_token`, `DELETE /mdm/apple/vpp_token` and -`GET /vpp` endpoints. \ No newline at end of file diff --git a/changes/19865-db-schema b/changes/19865-db-schema deleted file mode 100644 index ede5f90ed005..000000000000 --- a/changes/19865-db-schema +++ /dev/null @@ -1 +0,0 @@ -- Adds DB updates to support the VPP software feature. \ No newline at end of file diff --git a/changes/19867-get-avail-apps b/changes/19867-get-avail-apps deleted file mode 100644 index 4ace068f95b1..000000000000 --- a/changes/19867-get-avail-apps +++ /dev/null @@ -1 +0,0 @@ -- Adds functionality for the `GET /software/app_store_apps` and `POST /software/app_store_apps` endpoints. \ No newline at end of file diff --git a/changes/19868-vpp-install-command b/changes/19868-vpp-install-command deleted file mode 100644 index 337b5d501004..000000000000 --- a/changes/19868-vpp-install-command +++ /dev/null @@ -1 +0,0 @@ -- Adds functionality for installing App Store apps to the VPP feature. \ No newline at end of file diff --git a/changes/19870-vpp-activities-backend b/changes/19870-vpp-activities-backend deleted file mode 100644 index 115f92e1fd77..000000000000 --- a/changes/19870-vpp-activities-backend +++ /dev/null @@ -1 +0,0 @@ -- Adds global activity support for VPP related activities. \ No newline at end of file diff --git a/changes/19871-gitops-vpp-config b/changes/19871-gitops-vpp-config deleted file mode 100644 index e9a02e0fa7d2..000000000000 --- a/changes/19871-gitops-vpp-config +++ /dev/null @@ -1 +0,0 @@ -* Add support for VPP to gitops config diff --git a/changes/19880-include-vpp-apps-in-software-titles-endpoints b/changes/19880-include-vpp-apps-in-software-titles-endpoints deleted file mode 100644 index 9503cdef99fc..000000000000 --- a/changes/19880-include-vpp-apps-in-software-titles-endpoints +++ /dev/null @@ -1,2 +0,0 @@ -* Added the associated VPP apps to the `GET /software/titles` and `GET /software/titles/:id` endpoints. -* Added the associated VPP apps to the `GET /hosts/:id/software` and `GET /device/:token/software` endpoints. diff --git a/changes/19882-ssvpp-backend b/changes/19882-ssvpp-backend deleted file mode 100644 index 64baa422e854..000000000000 --- a/changes/19882-ssvpp-backend +++ /dev/null @@ -1 +0,0 @@ -- Add backend and gitops support for self service VPP diff --git a/changes/19883-add-support-for-ui-self-service-vpp b/changes/19883-add-support-for-ui-self-service-vpp deleted file mode 100644 index fd5f9fe3c249..000000000000 --- a/changes/19883-add-support-for-ui-self-service-vpp +++ /dev/null @@ -1 +0,0 @@ -- add support to UI for self service VPP software diff --git a/changes/20042-remove-package-version b/changes/20042-remove-package-version deleted file mode 100644 index a4a580141767..000000000000 --- a/changes/20042-remove-package-version +++ /dev/null @@ -1 +0,0 @@ -In `fleetctl package` command, removed the `--version` flag. The version of the package can be controlled by `--orbit-channel` flag. diff --git a/changes/20100-os-version-compliance b/changes/20100-os-version-compliance deleted file mode 100644 index f14334f97f47..000000000000 --- a/changes/20100-os-version-compliance +++ /dev/null @@ -1 +0,0 @@ -- Fleet UI: Show OS version compliance on Host Details page diff --git a/changes/20194-sort-label-names-in-ui b/changes/20194-sort-label-names-in-ui deleted file mode 100644 index 2f27f77f0b5c..000000000000 --- a/changes/20194-sort-label-names-in-ui +++ /dev/null @@ -1 +0,0 @@ -- display the label names case-insensitive alphabetical order in the fleet UI diff --git a/changes/20271-deleted-host-software-installs b/changes/20271-deleted-host-software-installs deleted file mode 100644 index 674b8a823f4b..000000000000 --- a/changes/20271-deleted-host-software-installs +++ /dev/null @@ -1 +0,0 @@ -- Fig bug where software install results could not be retrieved for deleted hosts in the activity feed diff --git a/changes/20278-vpp-batch-api b/changes/20278-vpp-batch-api deleted file mode 100644 index e5cbbf7eca12..000000000000 --- a/changes/20278-vpp-batch-api +++ /dev/null @@ -1 +0,0 @@ -- GitOps supports VPP app associations diff --git a/changes/20310-update-my-device-copy b/changes/20310-update-my-device-copy deleted file mode 100644 index 9a91f6432ac4..000000000000 --- a/changes/20310-update-my-device-copy +++ /dev/null @@ -1 +0,0 @@ -- update copy on for automica enrollment modal on my device page. diff --git a/changes/20311-migrations b/changes/20311-migrations deleted file mode 100644 index 4cf8dffe0e5f..000000000000 --- a/changes/20311-migrations +++ /dev/null @@ -1,3 +0,0 @@ -- Adds ability for MDM migrations if the host is manually enrolled to a 3rd party MDM. -- Adds an offline screen to the macOS MDM migration flow. -- Updates the instructions on "My device" for MDM migrations on pre-Sonoma macOS hosts. \ No newline at end of file diff --git a/changes/20370-linux-nologin b/changes/20370-linux-nologin deleted file mode 100644 index 236418c9636c..000000000000 --- a/changes/20370-linux-nologin +++ /dev/null @@ -1 +0,0 @@ -- Linux lock/unlock scripts now make use of pam_nologin to keep AD users locked out diff --git a/changes/20395-DE-table-style-fix b/changes/20395-DE-table-style-fix deleted file mode 100644 index 8907c36986bb..000000000000 --- a/changes/20395-DE-table-style-fix +++ /dev/null @@ -1 +0,0 @@ -* Fix a styling issue in the Controls > OS Settings > disk encryption table \ No newline at end of file diff --git a/changes/20397-do-not-set-last_enrolled_at-when-enrolling-orbit b/changes/20397-do-not-set-last_enrolled_at-when-enrolling-orbit deleted file mode 100644 index c8f305c4d1a6..000000000000 --- a/changes/20397-do-not-set-last_enrolled_at-when-enrolling-orbit +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug that set `last_enrolled_at` during orbit re-enrollment, which caused osquery enroll failures when `FLEET_OSQUERY_ENROLL_COOLDOWN` is set . diff --git a/changes/20409-add-matching-rules-july-and-august-365 b/changes/20409-add-matching-rules-july-and-august-365 deleted file mode 100644 index 7acdea889db8..000000000000 --- a/changes/20409-add-matching-rules-july-and-august-365 +++ /dev/null @@ -1 +0,0 @@ -* Added matching rules for July and August Microsoft 365 security updates (https://learn.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates). diff --git a/changes/20440-Notion-exe-installer-name b/changes/20440-Notion-exe-installer-name deleted file mode 100644 index bc3996cc5dc5..000000000000 --- a/changes/20440-Notion-exe-installer-name +++ /dev/null @@ -1 +0,0 @@ -* Added a special-case to properly name the Notion .exe Windows installer the same as how it will be reported by osquery post-install. diff --git a/changes/20463-cpe-fixes b/changes/20463-cpe-fixes deleted file mode 100644 index d3c9453f37de..000000000000 --- a/changes/20463-cpe-fixes +++ /dev/null @@ -1,2 +0,0 @@ -- During vulnerability scanning, use 'macos' SW target for CPEs of homebrew packages -- During vulnerability scanning, don't ignore software with non-ASCII en dash and em dash characters diff --git a/changes/20467-vpp-ipadios-ui b/changes/20467-vpp-ipadios-ui deleted file mode 100644 index 2cc84e31cdf0..000000000000 --- a/changes/20467-vpp-ipadios-ui +++ /dev/null @@ -1 +0,0 @@ -* Add UI features for managing Apple VPP apps for iPadOS and iOS hosts \ No newline at end of file diff --git a/changes/20469-backend-ios-ipados-os-updates b/changes/20469-backend-ios-ipados-os-updates deleted file mode 100644 index 075cca487621..000000000000 --- a/changes/20469-backend-ios-ipados-os-updates +++ /dev/null @@ -1 +0,0 @@ -* Adding OS updates support to iOS/iPadOS devices. diff --git a/changes/20515-delete-vpp-app b/changes/20515-delete-vpp-app deleted file mode 100644 index 49599edf94b2..000000000000 --- a/changes/20515-delete-vpp-app +++ /dev/null @@ -1,2 +0,0 @@ -* Added support to delete a VPP app from a team in `DELETE /software/titles/:software_title_id/available_for_install`. -* Fixed path that was incorrect for the download software installer package endpoint `GET /software/titles/:software_title_id/package`. diff --git a/changes/20531-download-CSR-clickable-error b/changes/20531-download-CSR-clickable-error deleted file mode 100644 index aeaf1ad18c62..000000000000 --- a/changes/20531-download-CSR-clickable-error +++ /dev/null @@ -1,3 +0,0 @@ -* When a CSR can't be downloaded due to missing private key, make the link clickable in the error - message that is flashed. - \ No newline at end of file diff --git a/changes/20571-update-fleetctl-docker-debian-slim b/changes/20571-update-fleetctl-docker-debian-slim deleted file mode 100644 index 9f04c02a055b..000000000000 --- a/changes/20571-update-fleetctl-docker-debian-slim +++ /dev/null @@ -1 +0,0 @@ -* Update base images of `fleetdm/fleetctl`, `fleetdm/bomutils` and `fleetdm/wix` to fix CRITICAL vulnerabilities found by trivy. diff --git a/changes/20575-fix-profile-activities-to-include-ios-ipados b/changes/20575-fix-profile-activities-to-include-ios-ipados deleted file mode 100644 index bf089bf48948..000000000000 --- a/changes/20575-fix-profile-activities-to-include-ios-ipados +++ /dev/null @@ -1 +0,0 @@ -- Update profile activities to include iOS and iPadOS diff --git a/changes/20599-policy-webhook b/changes/20599-policy-webhook deleted file mode 100644 index 3255a6444eb5..000000000000 --- a/changes/20599-policy-webhook +++ /dev/null @@ -1 +0,0 @@ -- In policy webhook, made sure the failing_host_count is never 0. This count is normally updated once an hour during cleanups_then_aggregation cron job. diff --git a/changes/20604-hosts-page-pagination b/changes/20604-hosts-page-pagination deleted file mode 100644 index c1f68d5f94a4..000000000000 --- a/changes/20604-hosts-page-pagination +++ /dev/null @@ -1 +0,0 @@ -* Fix a bug where hosts page would sometimes allow excess pagination \ No newline at end of file diff --git a/changes/20618-nil-tz-not-handled b/changes/20618-nil-tz-not-handled deleted file mode 100644 index cbb5d0bd9961..000000000000 --- a/changes/20618-nil-tz-not-handled +++ /dev/null @@ -1,2 +0,0 @@ -* Fix a bug where Fleet google calendar events generated by Fleet <= 4.53.0 were not correctly - processed by 4.54.0 \ No newline at end of file diff --git a/changes/20730-hide-available-for-install-wrong-team b/changes/20730-hide-available-for-install-wrong-team deleted file mode 100644 index 270fa8e61468..000000000000 --- a/changes/20730-hide-available-for-install-wrong-team +++ /dev/null @@ -1 +0,0 @@ -* Fix a bug where a software installer (a package or a VPP app) that has been installed on a host still shows up as "Available for install" and can still be requested to be installed after the host is transferred to a different team without that installer (or after the installer is deleted). diff --git a/changes/20747-gitops-software-query b/changes/20747-gitops-software-query deleted file mode 100644 index 100efc17f3f1..000000000000 --- a/changes/20747-gitops-software-query +++ /dev/null @@ -1 +0,0 @@ -- Use new gitops format for software pre install query diff --git a/changes/20751-detect-held-linux-packages-as-installed b/changes/20751-detect-held-linux-packages-as-installed deleted file mode 100644 index 6aa524ce80cd..000000000000 --- a/changes/20751-detect-held-linux-packages-as-installed +++ /dev/null @@ -1 +0,0 @@ -Linux .deb packages 'on hold' are now included in the installed software list. diff --git a/changes/20781-cached-statements b/changes/20781-cached-statements deleted file mode 100644 index 58ae7c8c0d76..000000000000 --- a/changes/20781-cached-statements +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug when a cached prepared statement gets deleted in the MySQL server itself without Fleet knowing. diff --git a/changes/20882-ui-update-turn-on-mdm-banner b/changes/20882-ui-update-turn-on-mdm-banner deleted file mode 100644 index eca36625ce6e..000000000000 --- a/changes/20882-ui-update-turn-on-mdm-banner +++ /dev/null @@ -1 +0,0 @@ -- Updated text for "Turn on MDM" banners in UI. \ No newline at end of file diff --git a/changes/20897-add-software-premium-message b/changes/20897-add-software-premium-message deleted file mode 100644 index 82ab23030deb..000000000000 --- a/changes/20897-add-software-premium-message +++ /dev/null @@ -1 +0,0 @@ -- Fleet Free users see a Premium feature message when clicking to add Add software diff --git a/changes/20933-disable-overlay-other-workflows-modal b/changes/20933-disable-overlay-other-workflows-modal deleted file mode 100644 index e0386552c5cc..000000000000 --- a/changes/20933-disable-overlay-other-workflows-modal +++ /dev/null @@ -1 +0,0 @@ -- add a disabled overlay to the Other Workflows modal on the policy page. diff --git a/changes/20934-amazon-linux b/changes/20934-amazon-linux deleted file mode 100644 index 4b174b29ed34..000000000000 --- a/changes/20934-amazon-linux +++ /dev/null @@ -1 +0,0 @@ -Use ALAS bulletins as vulnerability source for Amazon Linux (instead of OVAL for Amazon Linux 2, and adds support for Amazon Linux 1, 2022, and 2023) diff --git a/changes/20948-fix-flash-bleeding-off-viewport b/changes/20948-fix-flash-bleeding-off-viewport deleted file mode 100644 index 12a6241da25b..000000000000 --- a/changes/20948-fix-flash-bleeding-off-viewport +++ /dev/null @@ -1 +0,0 @@ -- UI Fix: Flash message no longer bleeds off viewport diff --git a/changes/20955-host-activity-feed-copy-updates b/changes/20955-host-activity-feed-copy-updates deleted file mode 100644 index acfb44dfb01b..000000000000 --- a/changes/20955-host-activity-feed-copy-updates +++ /dev/null @@ -1,2 +0,0 @@ -* Update Host details activities tooltip and empty state copy to reflect recently added -capabilities. diff --git a/changes/21006-fleetctl-preview b/changes/21006-fleetctl-preview deleted file mode 100644 index 9fe2fd3286d8..000000000000 --- a/changes/21006-fleetctl-preview +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug in `fleetctl preview` that was causing it to fail if Docker was installed without support for the deprecated `docker-compose` CLI diff --git a/changes/21038-pass-fleet-args-via-stdin b/changes/21038-pass-fleet-args-via-stdin deleted file mode 100644 index 3112a06649c2..000000000000 --- a/changes/21038-pass-fleet-args-via-stdin +++ /dev/null @@ -1 +0,0 @@ -Fleet server now accepts arguments via stdin. This is useful for passing secrets that you don't want to expose as env vars, in the command line, or in the config file. diff --git a/changes/21065-update-host-tooltip-copy b/changes/21065-update-host-tooltip-copy deleted file mode 100644 index 18470a4db730..000000000000 --- a/changes/21065-update-host-tooltip-copy +++ /dev/null @@ -1,2 +0,0 @@ -- update ABM (Apple business manageer) host tooltip copy on the manage host page to clarify when - host vitals will be available to view. diff --git a/changes/21073-deleting-ios-host b/changes/21073-deleting-ios-host deleted file mode 100644 index 220687fdc9c2..000000000000 --- a/changes/21073-deleting-ios-host +++ /dev/null @@ -1,2 +0,0 @@ -- Deleted iOS/iPadOS host will continue to report to Fleet as long as host is in Apple Business Manager (ABM). -- Refetching an offline iOS/iPadOS host will not add new MDM commands to the queue if previous refetch has not completed yet. diff --git a/changes/21082-fix-available-for-install-filter-for-host-software b/changes/21082-fix-available-for-install-filter-for-host-software deleted file mode 100644 index 9c1b850570d6..000000000000 --- a/changes/21082-fix-available-for-install-filter-for-host-software +++ /dev/null @@ -1 +0,0 @@ -* Fixed the "Available for install" filter in the host's software page so that installers that were requested to be installed on the host (regardless of installation status) also show up in the list. diff --git a/changes/21104-gitops-team-conflict b/changes/21104-gitops-team-conflict deleted file mode 100644 index 6749b1b15a2b..000000000000 --- a/changes/21104-gitops-team-conflict +++ /dev/null @@ -1 +0,0 @@ -Improved fleetctl gitops error message when trying to change team name to a team that already exists. diff --git a/changes/21163-config-profile-label b/changes/21163-config-profile-label deleted file mode 100644 index fe23787fbaf5..000000000000 --- a/changes/21163-config-profile-label +++ /dev/null @@ -1 +0,0 @@ -- Fixed bug where configuration profile was still showing the old label name after the name was updated. diff --git a/changes/21177-abm-crud b/changes/21177-abm-crud deleted file mode 100644 index 3da1b68e12a2..000000000000 --- a/changes/21177-abm-crud +++ /dev/null @@ -1 +0,0 @@ -- Adds new endpoints and updates existing endpoints for managing multiple Apple Business Manager tokens. \ No newline at end of file diff --git a/changes/21178-mabm-vpp-crud b/changes/21178-mabm-vpp-crud deleted file mode 100644 index 44cd6aee80bf..000000000000 --- a/changes/21178-mabm-vpp-crud +++ /dev/null @@ -1 +0,0 @@ -- Add backend support for multiple VPP tokens diff --git a/changes/21184-consolidate-all-mdm-settings-under-mdm-section b/changes/21184-consolidate-all-mdm-settings-under-mdm-section deleted file mode 100644 index 5f0739e727fc..000000000000 --- a/changes/21184-consolidate-all-mdm-settings-under-mdm-section +++ /dev/null @@ -1 +0,0 @@ -- consolidates Automatic Enrollment and VPP settings under the MDM settings integration page. diff --git a/changes/21185-mabm-guide-updates b/changes/21185-mabm-guide-updates deleted file mode 100644 index da209e16ddde..000000000000 --- a/changes/21185-mabm-guide-updates +++ /dev/null @@ -1 +0,0 @@ -- Updated relevant documentation to include references to multiple ABM and VPP tokens. \ No newline at end of file diff --git a/changes/21186-new-abm-ui-page b/changes/21186-new-abm-ui-page deleted file mode 100644 index c3353457ba8b..000000000000 --- a/changes/21186-new-abm-ui-page +++ /dev/null @@ -1 +0,0 @@ -- add new Apple business manager page to fleet UI diff --git a/changes/21187-new-vpp-page b/changes/21187-new-vpp-page deleted file mode 100644 index 2c011411cf0c..000000000000 --- a/changes/21187-new-vpp-page +++ /dev/null @@ -1 +0,0 @@ -- add new vpp page to the fleet UI diff --git a/changes/21198-update-go b/changes/21198-update-go deleted file mode 100644 index bb2eac1add70..000000000000 --- a/changes/21198-update-go +++ /dev/null @@ -1 +0,0 @@ -* Updated go to go1.22.6 diff --git a/changes/21242-nvd-input-validation b/changes/21242-nvd-input-validation deleted file mode 100644 index cab3a2e77dec..000000000000 --- a/changes/21242-nvd-input-validation +++ /dev/null @@ -1 +0,0 @@ -Continue with an empty CVE description when the NVD CVE feed doesn't include description entries (instead of panicking) diff --git a/changes/21251-bugfix-download-software-installer b/changes/21251-bugfix-download-software-installer deleted file mode 100644 index fe56429b39d1..000000000000 --- a/changes/21251-bugfix-download-software-installer +++ /dev/null @@ -1 +0,0 @@ -* Fixed a bug where the wrong API path was used to download a software installer. diff --git a/changes/21268-calendar-free b/changes/21268-calendar-free deleted file mode 100644 index f51a103ecf8c..000000000000 --- a/changes/21268-calendar-free +++ /dev/null @@ -1 +0,0 @@ -Scheduled maintenance events will now be scheduled over calendar events marked "Free" (not busy) in Google Calendar. diff --git a/changes/21270-mysql-8.4.2 b/changes/21270-mysql-8.4.2 deleted file mode 100644 index 8d6844f0a23e..000000000000 --- a/changes/21270-mysql-8.4.2 +++ /dev/null @@ -1 +0,0 @@ -Added support for MySQL 8.4.2 LTS diff --git a/changes/21273-handle-abm-terms-expired-flags b/changes/21273-handle-abm-terms-expired-flags deleted file mode 100644 index 04c8415877e5..000000000000 --- a/changes/21273-handle-abm-terms-expired-flags +++ /dev/null @@ -1 +0,0 @@ -* Added support to track the Apple Business Manager "terms expired" API error per token, as well as a global flag that gets set as soon as one token has its terms expired. diff --git a/changes/21296-query-results-index b/changes/21296-query-results-index deleted file mode 100644 index a317b4747c16..000000000000 --- a/changes/21296-query-results-index +++ /dev/null @@ -1 +0,0 @@ -Added index to query_results DB table to speed up finding last query timestamp for a given query and host. diff --git a/changes/21423-fix-self-service-vppapps-filter b/changes/21423-fix-self-service-vppapps-filter deleted file mode 100644 index d839a5fe23bb..000000000000 --- a/changes/21423-fix-self-service-vppapps-filter +++ /dev/null @@ -1,2 +0,0 @@ -* Fixed a bug where the "Self-service" filter for the list of software and the list of host's software did not take App Store apps into account. -* Fixed a bug where the "My device" page in Fleet Desktop did not show the self-service software tab when App Store apps were available as self-install. diff --git a/changes/21427-deleting-software b/changes/21427-deleting-software deleted file mode 100644 index aac5bffd6941..000000000000 --- a/changes/21427-deleting-software +++ /dev/null @@ -1,2 +0,0 @@ -- Deleting installed software or VPP app now makes it available for re-installation. -- Matching software that is not installed by Fleet now shows up as 'Available for install' on host details page. diff --git a/changes/21439-multiple-teams-vpp-token b/changes/21439-multiple-teams-vpp-token deleted file mode 100644 index 5ec49a656001..000000000000 --- a/changes/21439-multiple-teams-vpp-token +++ /dev/null @@ -1 +0,0 @@ -- Allow multiple teams to be assigned to the same VPP Token diff --git a/changes/21757-fix-scheduling-cron-jobs-at-startup b/changes/21757-fix-scheduling-cron-jobs-at-startup deleted file mode 100644 index b54ae2c84f53..000000000000 --- a/changes/21757-fix-scheduling-cron-jobs-at-startup +++ /dev/null @@ -1 +0,0 @@ -* Fixed an issue with the scheduling of cron jobs at startup if the job has never run, which caused it to be delayed. diff --git a/changes/21804-vpp-clear-apps-on-move b/changes/21804-vpp-clear-apps-on-move deleted file mode 100644 index 3823274aaa12..000000000000 --- a/changes/21804-vpp-clear-apps-on-move +++ /dev/null @@ -1 +0,0 @@ -- Clear apps associated with a VPP token if it's moved off of a team diff --git a/changes/api-get-host-by-identifier-exclude-software b/changes/api-get-host-by-identifier-exclude-software deleted file mode 100644 index aa2aa5404af8..000000000000 --- a/changes/api-get-host-by-identifier-exclude-software +++ /dev/null @@ -1 +0,0 @@ -- add exclude_software query paramter to "Get host by identifier" API \ No newline at end of file diff --git a/changes/fix-software-array-migration b/changes/fix-software-array-migration deleted file mode 100644 index 27536ccc1ecd..000000000000 --- a/changes/fix-software-array-migration +++ /dev/null @@ -1,2 +0,0 @@ -- Adds a migration to migrate older team configurations to the new version that includes both - installers and App Store apps. \ No newline at end of file diff --git a/changes/issue-19691-add-vpp-token-expiry-banner b/changes/issue-19691-add-vpp-token-expiry-banner deleted file mode 100644 index d4f14c98c63b..000000000000 --- a/changes/issue-19691-add-vpp-token-expiry-banner +++ /dev/null @@ -1 +0,0 @@ -- add a warning banner to the UI if the uploaded VPP token is about to expire/has expired. diff --git a/changes/issue-19866-add-remove-disable-vpp-in-ui b/changes/issue-19866-add-remove-disable-vpp-in-ui deleted file mode 100644 index 09000dbff2e0..000000000000 --- a/changes/issue-19866-add-remove-disable-vpp-in-ui +++ /dev/null @@ -1 +0,0 @@ -- add ability to add/remove/disable vpp in the fleet UI. diff --git a/changes/issue-19869-vpp-ui-on-software-pages b/changes/issue-19869-vpp-ui-on-software-pages deleted file mode 100644 index 74f71d41c923..000000000000 --- a/changes/issue-19869-vpp-ui-on-software-pages +++ /dev/null @@ -1 +0,0 @@ -- add UI to support the apple vpp feature on the software pages. diff --git a/changes/issue-20612-ui-updates-host-software-device-user-pages-for-vpp b/changes/issue-20612-ui-updates-host-software-device-user-pages-for-vpp deleted file mode 100644 index 01e6073b2d91..000000000000 --- a/changes/issue-20612-ui-updates-host-software-device-user-pages-for-vpp +++ /dev/null @@ -1 +0,0 @@ -- add UI updates for VPP feature on host software and my device pages. diff --git a/changes/issue-20784-fix-app-wide-banner-showing b/changes/issue-20784-fix-app-wide-banner-showing deleted file mode 100644 index 9720e4b20bec..000000000000 --- a/changes/issue-20784-fix-app-wide-banner-showing +++ /dev/null @@ -1 +0,0 @@ -- fix an issue where the app-wide warning banners were not showing on the initial page load diff --git a/charts/fleet/Chart.yaml b/charts/fleet/Chart.yaml index 6921cfc2f0e4..adc22108c2d0 100644 --- a/charts/fleet/Chart.yaml +++ b/charts/fleet/Chart.yaml @@ -8,7 +8,7 @@ version: v6.2.0 home: https://github.com/fleetdm/fleet sources: - https://github.com/fleetdm/fleet.git -appVersion: v4.54.1 +appVersion: v4.56.0 dependencies: - name: mysql condition: mysql.enabled diff --git a/charts/fleet/values.yaml b/charts/fleet/values.yaml index 7c6376f6cc69..040a539a8376 100644 --- a/charts/fleet/values.yaml +++ b/charts/fleet/values.yaml @@ -3,7 +3,7 @@ hostName: fleet.localhost replicas: 3 # The number of Fleet instances to deploy imageRepository: fleetdm/fleet -imageTag: v4.54.1 # Version of Fleet to deploy +imageTag: v4.56.0 # Version of Fleet to deploy podAnnotations: {} # Additional annotations to add to the Fleet pod serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account resources: diff --git a/infrastructure/dogfood/terraform/aws/variables.tf b/infrastructure/dogfood/terraform/aws/variables.tf index 4329e1f0b4b7..db7a79e5e140 100644 --- a/infrastructure/dogfood/terraform/aws/variables.tf +++ b/infrastructure/dogfood/terraform/aws/variables.tf @@ -56,7 +56,7 @@ variable "database_name" { variable "fleet_image" { description = "the name of the container image to run" - default = "fleetdm/fleet:v4.54.1" + default = "fleetdm/fleet:v4.56.0" } variable "software_inventory" { diff --git a/infrastructure/dogfood/terraform/gcp/variables.tf b/infrastructure/dogfood/terraform/gcp/variables.tf index 0850224609a5..ba81f4af537b 100644 --- a/infrastructure/dogfood/terraform/gcp/variables.tf +++ b/infrastructure/dogfood/terraform/gcp/variables.tf @@ -68,7 +68,7 @@ variable "redis_mem" { } variable "image" { - default = "fleetdm/fleet:v4.54.1" + default = "fleetdm/fleet:v4.56.0" } variable "software_installers_bucket_name" { diff --git a/terraform/addons/vuln-processing/variables.tf b/terraform/addons/vuln-processing/variables.tf index eaea7243fa5b..feb850667dcc 100644 --- a/terraform/addons/vuln-processing/variables.tf +++ b/terraform/addons/vuln-processing/variables.tf @@ -24,7 +24,7 @@ variable "fleet_config" { vuln_processing_cpu = optional(number, 2048) vuln_data_stream_mem = optional(number, 1024) vuln_data_stream_cpu = optional(number, 512) - image = optional(string, "fleetdm/fleet:v4.54.1") + image = optional(string, "fleetdm/fleet:v4.56.0") family = optional(string, "fleet-vuln-processing") sidecars = optional(list(any), []) extra_environment_variables = optional(map(string), {}) @@ -82,7 +82,7 @@ variable "fleet_config" { vuln_processing_cpu = 2048 vuln_data_stream_mem = 1024 vuln_data_stream_cpu = 512 - image = "fleetdm/fleet:v4.54.1" + image = "fleetdm/fleet:v4.56.0" family = "fleet-vuln-processing" sidecars = [] extra_environment_variables = {} diff --git a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf index 192ce6e85e6f..0270c8fb5219 100644 --- a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf +++ b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf @@ -16,7 +16,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.54.1") + image = optional(string, "fleetdm/fleet:v4.56.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -119,7 +119,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.54.1" + image = "fleetdm/fleet:v4.56.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/byo-vpc/byo-db/variables.tf b/terraform/byo-vpc/byo-db/variables.tf index 3795ba3143b2..0044e48e5c8c 100644 --- a/terraform/byo-vpc/byo-db/variables.tf +++ b/terraform/byo-vpc/byo-db/variables.tf @@ -77,7 +77,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.54.1") + image = optional(string, "fleetdm/fleet:v4.56.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -205,7 +205,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.54.1" + image = "fleetdm/fleet:v4.56.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/byo-vpc/example/main.tf b/terraform/byo-vpc/example/main.tf index 4a34edd6f390..887b907b303a 100644 --- a/terraform/byo-vpc/example/main.tf +++ b/terraform/byo-vpc/example/main.tf @@ -17,7 +17,7 @@ provider "aws" { } locals { - fleet_image = "fleetdm/fleet:v4.54.1" + fleet_image = "fleetdm/fleet:v4.56.0" domain_name = "example.com" } diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf index 1c467222bb5d..cba22bf845ca 100644 --- a/terraform/byo-vpc/variables.tf +++ b/terraform/byo-vpc/variables.tf @@ -170,7 +170,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.54.1") + image = optional(string, "fleetdm/fleet:v4.56.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -298,7 +298,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.54.1" + image = "fleetdm/fleet:v4.56.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/example/main.tf b/terraform/example/main.tf index f7f06e4d19f2..33b6f5221ea3 100644 --- a/terraform/example/main.tf +++ b/terraform/example/main.tf @@ -63,8 +63,8 @@ module "fleet" { fleet_config = { # To avoid pull-rate limiting from dockerhub, consider using our quay.io mirror - # for the Fleet image. e.g. "quay.io/fleetdm/fleet:v4.54.1" - image = "fleetdm/fleet:v4.54.1" # override default to deploy the image you desire + # for the Fleet image. e.g. "quay.io/fleetdm/fleet:v4.56.0" + image = "fleetdm/fleet:v4.56.0" # override default to deploy the image you desire # See https://fleetdm.com/docs/deploy/reference-architectures#aws for appropriate scaling # memory and cpu. autoscaling = { diff --git a/terraform/variables.tf b/terraform/variables.tf index b81bc3265271..5933307f11f5 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -218,7 +218,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.54.1") + image = optional(string, "fleetdm/fleet:v4.56.0") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -346,7 +346,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.54.1" + image = "fleetdm/fleet:v4.56.0" family = "fleet" sidecars = [] depends_on = [] diff --git a/tools/fleetctl-npm/package.json b/tools/fleetctl-npm/package.json index 63a49c520892..0db37e98d5d1 100644 --- a/tools/fleetctl-npm/package.json +++ b/tools/fleetctl-npm/package.json @@ -1,6 +1,6 @@ { "name": "fleetctl", - "version": "v4.54.1", + "version": "v4.56.0", "description": "Installer for the fleetctl CLI tool", "bin": { "fleetctl": "./run.js"