Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Victor's rc-patch-fleet-v4.62.3 #25699

Draft
wants to merge 5 commits into
base: rc-patch-fleet-v4.62.2
Choose a base branch
from
Draft

Victor's rc-patch-fleet-v4.62.3 #25699

wants to merge 5 commits into from

Conversation

getvictor
Copy link
Member

Checklist for submitter

If some of the following don't apply, delete the relevant line.

  • Changes file added for user-visible changes in changes/, orbit/changes/ or ee/fleetd-chrome/changes.
    See Changes files for more information.
  • Input data is properly validated, SELECT * is avoided, SQL injection is prevented (using placeholders for values in statements)
  • Added support on fleet's osquery simulator cmd/osquery-perf for new osquery data ingestion features.
  • If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes
  • If database migrations are included, checked table schema to confirm autoupdate
  • For database migrations:
    • Checked schema for all modified table for columns that will auto-update timestamps during migration.
    • Confirmed that updating the timestamps is acceptable, and will not cause unwanted side effects.
    • Ensured the correct collation is explicitly set for character columns (COLLATE utf8mb4_unicode_ci).
  • Added/updated automated tests
  • A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it)
  • Manual QA for all new/changed functionality
  • For Orbit and Fleet Desktop changes:
    • Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (runtime.GOOS).
    • Manual QA must be performed in the three main OSs, macOS, Windows and Linux.
    • Auto-update manual QA, from released version of component to new version (see tools/tuf/test).

getvictor and others added 5 commits January 22, 2025 15:11
@getvictor
Refactoring VerifyHostMDMProfiles (#25515)
196627c 
For #24790

No functional changes.

Refactoring VerifyHostMDMProfiles to speed up current and future changes
and bug fixes.

(cherry picked from commit 7c6e0cb)
@getvictor
Fixes issue verifying Windows CSP profiles that contain ADMX policies. (
3b48bb3 
#25528)

For #24790

Support verifying Windows CSPs with ADMX policies.

https://learn.microsoft.com/en-us/windows/client-management/understanding-admx-backed-policies

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality

(cherry picked from commit e6e7c3f)
@getvictor
Fix issue where Windows MDM profiles are not sent to offline hosts (#…
118cbe9 
…25619)

For #25615

The actual fix is these two lines, where we only delete the command from
the queue for the specific host we're processing:
```
const dequeueCommandsStmt = `DELETE FROM windows_mdm_command_queue WHERE enrollment_id = ? AND command_uuid IN (?)`
stmt, params, err = sqlx.In(dequeueCommandsStmt, enrolledDevice.ID, matchingUUIDs)
```

Everything else is tests, cleanup, refactoring for readability.

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality

(cherry picked from commit 0860996)
@getvictor
Disk encryption keys are now archived when created/updated (#25638)
3696f34 
For #25609

Manual QA in progress. Putting this "In Review" since it is a P1.

Video explaining the PR: https://youtu.be/bUwIdjBLqiM

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality

(cherry picked from commit 62b7412)
@getvictor
Updated schema.sql
c399629
@codecov Codecov
Copy link

codecov bot commented Jan 22, 2025

Codecov Report

Attention: Patch coverage is 79.23729% with 98 lines in your changes missing coverage. Please review.

Project coverage is 63.85%. Comparing base (d7b61eb) to head (c399629).

Files with missing lines Patch % Lines
server/datastore/mysql/disk_encryption.go 75.34% 43 Missing and 11 partials ⚠️
server/mdm/microsoft/profile_verifier.go 78.31% 12 Missing and 6 partials ⚠️
...20250121094045_AddHostDiskEncryptionKeysArchive.go 65.30% 12 Missing and 5 partials ⚠️
server/service/microsoft_mdm.go 40.00% 2 Missing and 1 partial ⚠️
server/datastore/mysql/microsoft_mdm.go 92.59% 1 Missing and 1 partial ⚠️
server/fleet/microsoft_mdm.go 90.90% 2 Missing ⚠️
server/service/orbit.go 50.00% 0 Missing and 1 partial ⚠️
server/service/osquery_utils/queries.go 85.71% 1 Missing ⚠️
Additional details and impacted files 
@@                    Coverage Diff                     @@
##           rc-patch-fleet-v4.62.2   #25699      +/-   ##
==========================================================
+ Coverage                   63.84%   63.85%   +0.01%     
==========================================================
  Files                        1617     1620       +3     
  Lines                      153808   154028     +220     
  Branches                     4005     4005              
==========================================================
+ Hits                        98201    98360     +159     
- Misses                      47790    47837      +47     
- Partials                     7817     7831      +14
Flag Coverage Δ
backend 64.72% <79.23%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@getvictor