From b9dfbf0a7c280c8487c4fddd967f85c6f1e2f1d1 Mon Sep 17 00:00:00 2001
From: noahtalerman <47070608+noahtalerman@users.noreply.github.com>
Date: Tue, 29 Jun 2021 14:35:21 -0400
Subject: [PATCH] Prepare for 4.0.0 (#1258)
- Update CHANGELOG
- Edit Fleet version for Helm and NPM
- Add permalinks to Fleet product (links have been double checked)
---
CHANGELOG.md | 54 +++++++++++++++++++
charts/fleet/Chart.yaml | 4 +-
charts/fleet/values.yaml | 2 +-
.../admin/AppConfigForm/AppConfigForm.jsx | 4 +-
.../AgentOptionsPage/AgentOptionsPage.tsx | 2 +-
.../components/UserForm/UserForm.tsx | 4 +-
.../components/AddHostModal/AddHostModal.jsx | 2 +-
tools/fleetctl-npm/package.json | 2 +-
8 files changed, 64 insertions(+), 10 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index c237f3534f81..45c307fa7ca8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,57 @@
+## Fleet 4.0.0 (Jun 29, 2021)
+
+The primary additions in Fleet 4.0.0 are the new Role-based access control (RBAC) and Teams features.
+
+RBAC adds the ability to define a user's access to features in Fleet. This way, more individuals in an organization can utilize Fleet with appropriate levels of access.
+
+* Check out the [permissions documentation](https://github.com/fleetdm/fleet/blob/2f42c281f98e39a72ab4a5125ecd26d303a16a6b/docs/1-Using-Fleet/9-Permissions.md) for a breakdown of the new user roles.
+
+Teams adds the ability to separate hosts into exclusive groups. This way, users can easily act on consistent groups of hosts.
+
+* Read more about the Teams feature in [the documentation here](https://github.com/fleetdm/fleet/blob/2f42c281f98e39a72ab4a5125ecd26d303a16a6b/docs/1-Using-Fleet/10-Teams.md).
+
+### New features breakdown
+
+* Add ability to define a user's access to features in Fleet by introducing the Admin, Maintainer, and Observer roles. Available in Fleet Core.
+
+* Add ability to separate hosts into exclusive groups with the Teams feature. The Teams feature is available for Fleet Basic customers. Check out the list below for the new functionality included with Teams:
+
+* Teams: Add ability to enroll hosts to one team using team specific enroll secrets.
+
+* Teams: Add ability to manually transfer hosts to a different team in the Fleet UI.
+
+* Teams: Add ability to apply unique agent options to each team. Note that "osquery options" have been renamed to "agent options."
+
+* Teams: Add ability to grant users access to one or more teams. This allows you to define a user's access to specific groups of hosts in Fleet.
+
+* Add ability to create an API-only user. API-only users cannot access the Fleet UI. These users can access all Fleet API endpoints and `fleetctl` features. Available in Fleet Core.
+
+* Add Redis cluster support. Available in Fleet Core.
+
+* Fix a bug that prevented the columns chosen for the "Hosts" table from persisting after logging out of Fleet.
+
+### Upgrade plan
+
+Fleet 4.0.0 is a major release and introduces several breaking changes and database migrations. The following sections call out changes to consider when upgrading to Fleet 4.0.0:
+
+* The structure of Fleet's `.tar.gz` and `.zip` release archives have changed slightly. Deployments that use the binary artifacts may need to update scripts or tooling. The `fleetdm/fleet` Docker container maintains the same API.
+
+* Use strictly `fleet` in Fleet's configuration, API routes, and environment variables. Users must update all usage of `kolide` in these items (deprecated since Fleet 3.8.0).
+
+* Change your SAML SSO URI to use fleet instead of kolide . This is due to the changes to Fleet's API routes outlined in the section above.
+
+* Change configuration option `server_tlsprofile` to `server_tls_compatibility`. This options previously had an inconsistent key name.
+
+* Replace the use of the `api/v1/fleet/spec/osquery/options` with `api/v1/fleet/config`. In Fleet 4.0.0, "osquery options" are now called "agent options." The new agent options are moved to the Fleet application config spec file and the `api/v1/fleet/config` API endpoint.
+
+* Enroll secrets no longer have "names" and are now either global or for a specific team. Hosts no longer store the “name” of the enroll secret that was used. Users that want to be able to segment hosts (for configuration, queries, etc.) based on the enrollment secret should use the Teams feature in Fleet Basic.
+
+* JWT encoding is no longer used for session keys. Sessions now default to expiring in 4 hours of inactivity. `auth_jwt_key` and `auth_jwt_key_file` are no longer accepted as configuration.
+
+* The `username` artifact has been removed in favor of the more recognizable `name` (Full name). As a result the `email` artifact is now used for uniqueness in Fleet. Upon upgrading to Fleet 4.0.0, existing users will have the `name` field populated with `username`.
+
+* As of Fleet 4.0.0, Fleet Device Management Inc. periodically collects anonymous information about your instance. Sending usage statistics is turned off by default for users upgrading from a previous version of Fleet. Read more about the exact information collected [here](https://github.com/fleetdm/fleet/blob/2f42c281f98e39a72ab4a5125ecd26d303a16a6b/docs/1-Using-Fleet/11-Usage-statistics.md).
+
## Fleet 4.0.0 RC3 (Jun 25, 2021)
Primarily a test of the new release workflows. Relevant changelog will be updated for Fleet 4.0.
diff --git a/charts/fleet/Chart.yaml b/charts/fleet/Chart.yaml
index e90f68ec0d8c..1ae6ace0f2af 100644
--- a/charts/fleet/Chart.yaml
+++ b/charts/fleet/Chart.yaml
@@ -4,8 +4,8 @@ name: fleet
keywords:
- fleet
- osquery
-version: v4.0.0-rc3
+version: v4.0.0
home: https://github.com/fleetdm/fleet
sources:
- https://github.com/fleetdm/fleet.git
-appVersion: v4.0.0-rc3
+appVersion: v4.0.0
diff --git a/charts/fleet/values.yaml b/charts/fleet/values.yaml
index 8a57d1e02cb1..9cc9db011035 100644
--- a/charts/fleet/values.yaml
+++ b/charts/fleet/values.yaml
@@ -2,7 +2,7 @@
# All settings related to how Fleet is deployed in Kubernetes
hostName: fleet.localhost
replicas: 3 # The number of Fleet instances to deploy
-imageTag: v4.0.0-rc3 # Version of Fleet to deploy
+imageTag: v4.0.0 # Version of Fleet to deploy
createIngress: true # Whether or not to automatically create an Ingress
ingressAnnotations: {} # Additional annotation to add to the Ingress
podAnnotations: {} # Additional annotations to add to the Fleet pod
diff --git a/frontend/components/forms/admin/AppConfigForm/AppConfigForm.jsx b/frontend/components/forms/admin/AppConfigForm/AppConfigForm.jsx
index a28d6f733aeb..5561c2526918 100644
--- a/frontend/components/forms/admin/AppConfigForm/AppConfigForm.jsx
+++ b/frontend/components/forms/admin/AppConfigForm/AppConfigForm.jsx
@@ -490,7 +490,7 @@ class AppConfigForm extends Component {
How do global agent options interact with team-level agent
options?
{
See Fleet documentation for an example file that includes the overrides
option.{" "}
diff --git a/frontend/pages/admin/UserManagementPage/components/UserForm/UserForm.tsx b/frontend/pages/admin/UserManagementPage/components/UserForm/UserForm.tsx
index c98a18aa2f77..ae4973258b6c 100644
--- a/frontend/pages/admin/UserManagementPage/components/UserForm/UserForm.tsx
+++ b/frontend/pages/admin/UserManagementPage/components/UserForm/UserForm.tsx
@@ -230,7 +230,7 @@ class UserForm extends Component {
manage or observe all users, entities, and settings in Fleet.
@@ -266,7 +266,7 @@ class UserForm extends Component {
observe team-sepcific users, entities, and settings in Fleet.
diff --git a/frontend/pages/hosts/ManageHostsPage/components/AddHostModal/AddHostModal.jsx b/frontend/pages/hosts/ManageHostsPage/components/AddHostModal/AddHostModal.jsx
index ed6a455afafd..2fd4847c37cc 100644
--- a/frontend/pages/hosts/ManageHostsPage/components/AddHostModal/AddHostModal.jsx
+++ b/frontend/pages/hosts/ManageHostsPage/components/AddHostModal/AddHostModal.jsx
@@ -153,7 +153,7 @@ class AddHostModal extends Component {