From 1ab0fde886dfde5181bd844b73a618def960379a Mon Sep 17 00:00:00 2001 From: George Karr Date: Tue, 28 Jan 2025 14:48:46 -0600 Subject: [PATCH] Adding changes for Fleet v4.62.3 (#25767) --- CHANGELOG.md | 11 +++++++++++ changes/24790-admx-policies | 1 - changes/25406-premature-ios-deletion | 1 - changes/25533-read-timeout-bootstrap-packages | 1 - changes/25609-archive-encryption-keys | 1 - changes/25615-windows-mdm-profiles | 1 - .../issue-21691-windows-disk-encryption-dont-resend | 2 -- charts/fleet/Chart.yaml | 4 ++-- charts/fleet/values.yaml | 2 +- infrastructure/dogfood/terraform/aws/variables.tf | 2 +- infrastructure/dogfood/terraform/gcp/variables.tf | 2 +- terraform/addons/vuln-processing/variables.tf | 4 ++-- terraform/byo-vpc/byo-db/byo-ecs/variables.tf | 4 ++-- terraform/byo-vpc/byo-db/variables.tf | 4 ++-- terraform/byo-vpc/example/main.tf | 2 +- terraform/byo-vpc/variables.tf | 4 ++-- terraform/example/main.tf | 4 ++-- terraform/variables.tf | 4 ++-- tools/fleetctl-npm/package.json | 2 +- 19 files changed, 30 insertions(+), 26 deletions(-) delete mode 100644 changes/24790-admx-policies delete mode 100644 changes/25406-premature-ios-deletion delete mode 100644 changes/25533-read-timeout-bootstrap-packages delete mode 100644 changes/25609-archive-encryption-keys delete mode 100644 changes/25615-windows-mdm-profiles delete mode 100644 changes/issue-21691-windows-disk-encryption-dont-resend diff --git a/CHANGELOG.md b/CHANGELOG.md index b2feb390d340..db43e1be699b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +## Fleet 4.62.3 (Jan 24, 2025) + +### Bug fixes + +* Fixed issue verifying Windows CSP profiles that contain ADMX policies. +* Archived disk encryption keys when they were created or updated. They were never fully deleted from the database. +* Fixed issue where some Windows MDM profiles were not sent to hosts when hosts came back online. +* Removed the resend button for failed Windows disk encryption profiles and added messaging that tells the user that Fleet will automatically retry the profile again. +* Fixed bug where iOS devices were being removed prematurely by expiration policy. +* Removed request timeout on bootstrap package uploads for consistency with software package upload endpoints. + ## Fleet 4.62.2 (Jan 17, 2025) ### Bug fixes diff --git a/changes/24790-admx-policies b/changes/24790-admx-policies deleted file mode 100644 index 515825cb48da..000000000000 --- a/changes/24790-admx-policies +++ /dev/null @@ -1 +0,0 @@ -Fixes issue verifying Windows CSP profiles that contain ADMX policies. diff --git a/changes/25406-premature-ios-deletion b/changes/25406-premature-ios-deletion deleted file mode 100644 index ba5f83f643f2..000000000000 --- a/changes/25406-premature-ios-deletion +++ /dev/null @@ -1 +0,0 @@ -- Fixed bug where iOS devices were being removed prematurely by expiration policy diff --git a/changes/25533-read-timeout-bootstrap-packages b/changes/25533-read-timeout-bootstrap-packages deleted file mode 100644 index 2562d5ac94b6..000000000000 --- a/changes/25533-read-timeout-bootstrap-packages +++ /dev/null @@ -1 +0,0 @@ -* Removed request timeout on bootstrap package uploads for consistency with software package upload endpoints diff --git a/changes/25609-archive-encryption-keys b/changes/25609-archive-encryption-keys deleted file mode 100644 index a3848afbd53a..000000000000 --- a/changes/25609-archive-encryption-keys +++ /dev/null @@ -1 +0,0 @@ -Disk encryption keys are now archived when they are created or updated. They are never fully deleted from the database. diff --git a/changes/25615-windows-mdm-profiles b/changes/25615-windows-mdm-profiles deleted file mode 100644 index 79e1239d1f2b..000000000000 --- a/changes/25615-windows-mdm-profiles +++ /dev/null @@ -1 +0,0 @@ -Fixed issue where some Windows MDM profiles were not being sent to hosts when hosts came back online. diff --git a/changes/issue-21691-windows-disk-encryption-dont-resend b/changes/issue-21691-windows-disk-encryption-dont-resend deleted file mode 100644 index b9d964677712..000000000000 --- a/changes/issue-21691-windows-disk-encryption-dont-resend +++ /dev/null @@ -1,2 +0,0 @@ -- remove the resend button for failed windows disk encryption profiles and add messaging that tells -the user that Fleet with automatically retry this profile again. diff --git a/charts/fleet/Chart.yaml b/charts/fleet/Chart.yaml index ee8635da633c..a6437c12f36d 100644 --- a/charts/fleet/Chart.yaml +++ b/charts/fleet/Chart.yaml @@ -4,11 +4,11 @@ name: fleet keywords: - fleet - osquery -version: v6.3.3 +version: v6.3.4 home: https://github.com/fleetdm/fleet sources: - https://github.com/fleetdm/fleet.git -appVersion: v4.62.2 +appVersion: v4.62.3 dependencies: - name: mysql condition: mysql.enabled diff --git a/charts/fleet/values.yaml b/charts/fleet/values.yaml index 5fb78cfc7faa..130b9cd16a93 100644 --- a/charts/fleet/values.yaml +++ b/charts/fleet/values.yaml @@ -3,7 +3,7 @@ hostName: fleet.localhost replicas: 3 # The number of Fleet instances to deploy imageRepository: fleetdm/fleet -imageTag: v4.62.2 # Version of Fleet to deploy +imageTag: v4.62.3 # Version of Fleet to deploy podAnnotations: {} # Additional annotations to add to the Fleet pod serviceAnnotations: {} # Additional annotations to add to the Fleet service serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account diff --git a/infrastructure/dogfood/terraform/aws/variables.tf b/infrastructure/dogfood/terraform/aws/variables.tf index 2ab9006afc39..b8e44db458a4 100644 --- a/infrastructure/dogfood/terraform/aws/variables.tf +++ b/infrastructure/dogfood/terraform/aws/variables.tf @@ -56,7 +56,7 @@ variable "database_name" { variable "fleet_image" { description = "the name of the container image to run" - default = "fleetdm/fleet:v4.62.2" + default = "fleetdm/fleet:v4.62.3" } variable "software_inventory" { diff --git a/infrastructure/dogfood/terraform/gcp/variables.tf b/infrastructure/dogfood/terraform/gcp/variables.tf index 8341a4eba823..dfe7b3b683e5 100644 --- a/infrastructure/dogfood/terraform/gcp/variables.tf +++ b/infrastructure/dogfood/terraform/gcp/variables.tf @@ -68,7 +68,7 @@ variable "redis_mem" { } variable "image" { - default = "fleetdm/fleet:v4.62.2" + default = "fleetdm/fleet:v4.62.3" } variable "software_installers_bucket_name" { diff --git a/terraform/addons/vuln-processing/variables.tf b/terraform/addons/vuln-processing/variables.tf index 0d64983f65ba..c64db774912c 100644 --- a/terraform/addons/vuln-processing/variables.tf +++ b/terraform/addons/vuln-processing/variables.tf @@ -24,7 +24,7 @@ variable "fleet_config" { vuln_processing_cpu = optional(number, 2048) vuln_data_stream_mem = optional(number, 1024) vuln_data_stream_cpu = optional(number, 512) - image = optional(string, "fleetdm/fleet:v4.62.2") + image = optional(string, "fleetdm/fleet:v4.62.3") family = optional(string, "fleet-vuln-processing") sidecars = optional(list(any), []) extra_environment_variables = optional(map(string), {}) @@ -82,7 +82,7 @@ variable "fleet_config" { vuln_processing_cpu = 2048 vuln_data_stream_mem = 1024 vuln_data_stream_cpu = 512 - image = "fleetdm/fleet:v4.62.2" + image = "fleetdm/fleet:v4.62.3" family = "fleet-vuln-processing" sidecars = [] extra_environment_variables = {} diff --git a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf index f0349522a251..4db920da1964 100644 --- a/terraform/byo-vpc/byo-db/byo-ecs/variables.tf +++ b/terraform/byo-vpc/byo-db/byo-ecs/variables.tf @@ -16,7 +16,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.62.2") + image = optional(string, "fleetdm/fleet:v4.62.3") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -119,7 +119,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.62.2" + image = "fleetdm/fleet:v4.62.3" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/byo-vpc/byo-db/variables.tf b/terraform/byo-vpc/byo-db/variables.tf index 52c11d26596a..87858f92e0a2 100644 --- a/terraform/byo-vpc/byo-db/variables.tf +++ b/terraform/byo-vpc/byo-db/variables.tf @@ -77,7 +77,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.62.2") + image = optional(string, "fleetdm/fleet:v4.62.3") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -205,7 +205,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.62.2" + image = "fleetdm/fleet:v4.62.3" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/byo-vpc/example/main.tf b/terraform/byo-vpc/example/main.tf index b74581dfed6d..38a3aa014e81 100644 --- a/terraform/byo-vpc/example/main.tf +++ b/terraform/byo-vpc/example/main.tf @@ -17,7 +17,7 @@ provider "aws" { } locals { - fleet_image = "fleetdm/fleet:v4.62.2" + fleet_image = "fleetdm/fleet:v4.62.3" domain_name = "example.com" } diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf index addfec305f4c..2178bd43bdd4 100644 --- a/terraform/byo-vpc/variables.tf +++ b/terraform/byo-vpc/variables.tf @@ -170,7 +170,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.62.2") + image = optional(string, "fleetdm/fleet:v4.62.3") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -298,7 +298,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.62.2" + image = "fleetdm/fleet:v4.62.3" family = "fleet" sidecars = [] depends_on = [] diff --git a/terraform/example/main.tf b/terraform/example/main.tf index f3beaf00e096..5fdcc9398b6b 100644 --- a/terraform/example/main.tf +++ b/terraform/example/main.tf @@ -63,8 +63,8 @@ module "fleet" { fleet_config = { # To avoid pull-rate limiting from dockerhub, consider using our quay.io mirror - # for the Fleet image. e.g. "quay.io/fleetdm/fleet:v4.62.2" - image = "fleetdm/fleet:v4.62.2" # override default to deploy the image you desire + # for the Fleet image. e.g. "quay.io/fleetdm/fleet:v4.62.3" + image = "fleetdm/fleet:v4.62.3" # override default to deploy the image you desire # See https://fleetdm.com/docs/deploy/reference-architectures#aws for appropriate scaling # memory and cpu. autoscaling = { diff --git a/terraform/variables.tf b/terraform/variables.tf index 21acfc950784..b1c5ee567512 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -218,7 +218,7 @@ variable "fleet_config" { mem = optional(number, 4096) cpu = optional(number, 512) pid_mode = optional(string, null) - image = optional(string, "fleetdm/fleet:v4.62.2") + image = optional(string, "fleetdm/fleet:v4.62.3") family = optional(string, "fleet") sidecars = optional(list(any), []) depends_on = optional(list(any), []) @@ -346,7 +346,7 @@ variable "fleet_config" { mem = 512 cpu = 256 pid_mode = null - image = "fleetdm/fleet:v4.62.2" + image = "fleetdm/fleet:v4.62.3" family = "fleet" sidecars = [] depends_on = [] diff --git a/tools/fleetctl-npm/package.json b/tools/fleetctl-npm/package.json index e13bc3c3e501..e14a6e6daf1c 100644 --- a/tools/fleetctl-npm/package.json +++ b/tools/fleetctl-npm/package.json @@ -1,6 +1,6 @@ { "name": "fleetctl", - "version": "v4.62.2", + "version": "v4.62.3", "description": "Installer for the fleetctl CLI tool", "bin": { "fleetctl": "./run.js"