Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions cmd/fleet/serve.go
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,7 @@ the way that the Fleet server works.
//
// For example:
// platform_logging.DisableTopic("deprecated-api-keys")
platform_logging.DisableTopic(platform_logging.DeprecatedFieldTopic)
Comment thread
iansltx marked this conversation as resolved.

// Apply log topic overrides from config. Enables run first, then
// disables, so disable wins on conflict.
Expand Down
21 changes: 17 additions & 4 deletions cmd/fleetctl/fleetctl/apply.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (

"github.com/fleetdm/fleet/v4/pkg/spec"
"github.com/fleetdm/fleet/v4/server/fleet"
"github.com/fleetdm/fleet/v4/server/platform/logging"
"github.com/urfave/cli/v2"
)

Expand Down Expand Up @@ -49,8 +50,17 @@ func applyCommand() *cli.Command {
configFlag(),
contextFlag(),
debugFlag(),
enableLogTopicsFlag(),
disableLogTopicsFlag(),
},
Action: func(c *cli.Context) error {
// Disable field deprecation warnings for now.
// TODO - remove this in future release to unleash warnings.
logging.DisableTopic(logging.DeprecatedFieldTopic)

// Apply log topic overrides from flags/env vars.
applyLogTopicFlags(c)
Comment thread
iansltx marked this conversation as resolved.

if flFilename == "" {
return errors.New("-f must be specified")
}
Expand All @@ -72,14 +82,17 @@ func applyCommand() *cli.Command {
return fmt.Errorf("Invalid file extension %s: only .yml or .yaml files can be applied", ext)
}

specs, err := spec.GroupFromBytes(b)
if err != nil {
return err
}
logf := func(format string, a ...interface{}) {
fmt.Fprintf(c.App.Writer, format, a...)
}

specs, err := spec.GroupFromBytes(b, spec.GroupFromBytesOpts{
LogFn: logf,
})
if err != nil {
return err
}

opts := fleet.ApplyClientSpecOptions{
ApplySpecOptions: fleet.ApplySpecOptions{
Force: flForce,
Expand Down
71 changes: 68 additions & 3 deletions cmd/fleetctl/fleetctl/apply_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ import (
"github.com/fleetdm/fleet/v4/server/mock"
mdmmock "github.com/fleetdm/fleet/v4/server/mock/mdm"
nanodep_mock "github.com/fleetdm/fleet/v4/server/mock/nanodep"
"github.com/fleetdm/fleet/v4/server/platform/logging"
"github.com/fleetdm/fleet/v4/server/ptr"
"github.com/fleetdm/fleet/v4/server/service"
"github.com/google/uuid"
Expand Down Expand Up @@ -122,6 +123,7 @@ spec:
}

func TestApplyUserRolesDeprecated(t *testing.T) {
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)
_, ds := testing_utils.RunServerWithMockedDS(t)

ds.ListUsersFunc = func(ctx context.Context, opt fleet.UserListOptions) ([]*fleet.User, error) {
Expand Down Expand Up @@ -175,9 +177,29 @@ spec:
team: team1
`)
require.NoError(t, err)
assert.Equal(t, "[+] applied user roles\n", RunAppForTest(t, []string{"apply", "-f", tmpFile.Name()}))
expected := "[!] In user_roles: `team` is deprecated, please use `fleet` instead.\n[!] In user_roles: `teams` is deprecated, please use `fleets` instead.\n[+] applied user roles\n"
assert.Equal(t, expected, RunAppForTest(t, []string{"apply", "-f", tmpFile.Name()}))
require.Len(t, userRoleSpecList[1].Teams, 1)
assert.Equal(t, fleet.RoleMaintainer, userRoleSpecList[1].Teams[0].Role)

_, err = tmpFile.WriteString(`
---
apiVersion: v1
kind: user_roles
spec:
roles:
admin1@example.com:
global_role: admin
teams: null
admin2@example.com:
global_role: null
teams:
- role: maintainer
team: team1
fleet: team1
`)
require.NoError(t, err)
RunAppCheckErr(t, []string{"apply", "-f", tmpFile.Name()}, "in user_roles spec: Conflicting field names: cannot specify both `team` (deprecated) and `fleet` in the same request")
}

func TestApplyTeamSpecs(t *testing.T) {
Expand Down Expand Up @@ -663,6 +685,8 @@ func writeTmpJSON(t *testing.T, v any) string {
}

func TestApplyAppConfig(t *testing.T) {
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

license := &fleet.LicenseInfo{Tier: fleet.TierPremium, Expiration: time.Now().Add(24 * time.Hour)}
_, ds := testing_utils.RunServerWithMockedDS(t, &service.TestServerOpts{License: license})

Expand Down Expand Up @@ -788,6 +812,33 @@ spec:
// agent options were not modified, since they were not provided
assert.Equal(t, string(defaultAgentOpts), string(*savedAppConfig.AgentOptions))

// Test key rewriting (deprecated -> new)
name = writeTmpYml(t, `---
apiVersion: v1
kind: config
spec:
server_settings:
report_cap: 100
`)

assert.Equal(t, "[+] applied fleet config\n", RunAppForTest(t, []string{"apply", "-f", name}))
require.NotNil(t, savedAppConfig)
assert.Equal(t, 100, savedAppConfig.ServerSettings.QueryReportCap)

// Test deprecation warnings
expected := "[!] In config: `query_report_cap` is deprecated, please use `report_cap` instead.\n[+] applied fleet config\n"
name = writeTmpYml(t, `---
apiVersion: v1
kind: config
spec:
server_settings:
query_report_cap: 200
`)

assert.Equal(t, expected, RunAppForTest(t, []string{"apply", "-f", name}))
require.NotNil(t, savedAppConfig)
assert.Equal(t, 200, savedAppConfig.ServerSettings.QueryReportCap)

name = writeTmpYml(t, `---
apiVersion: v1
kind: config
Expand Down Expand Up @@ -840,6 +891,20 @@ spec:
assert.Equal(t, newMDMSettings, savedAppConfig.MDM)
}

func TestApplyAppConfigAliasConfict(t *testing.T) {
// Test conflict error
name := writeTmpYml(t, `---
apiVersion: v1
kind: config
spec:
server_settings:
query_report_cap: 200
report_cap: 200
`)

RunAppCheckErr(t, []string{"apply", "-f", name}, "in config spec: Conflicting field names: cannot specify both `query_report_cap` (deprecated) and `report_cap` in the same request")
}

func TestApplyAppConfigDryRunIssue(t *testing.T) {
// reproduces the bug fixed by https://github.com/fleetdm/fleet/pull/8194
_, ds := testing_utils.RunServerWithMockedDS(t)
Expand Down Expand Up @@ -1198,11 +1263,11 @@ kind: pack
spec:
name: osquery_monitoring
reports:
- query: osquery_version
- report: osquery_version
name: osquery_version_snapshot
interval: 7200
snapshot: true
- query: osquery_version
- report: osquery_version
name: osquery_version_differential
interval: 7200
`
Expand Down
5 changes: 5 additions & 0 deletions cmd/fleetctl/fleetctl/gitops.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (

"github.com/fleetdm/fleet/v4/pkg/spec"
"github.com/fleetdm/fleet/v4/server/fleet"
"github.com/fleetdm/fleet/v4/server/platform/logging"
"github.com/fleetdm/fleet/v4/server/ptr"
"github.com/fleetdm/fleet/v4/server/service"
"github.com/urfave/cli/v2"
Expand Down Expand Up @@ -80,6 +81,10 @@ func gitopsCommand() *cli.Command {
disableLogTopicsFlag(),
},
Action: func(c *cli.Context) error {
// Disable field deprecation warnings for now.
// TODO - remove this in future release to unleash warnings.
logging.DisableTopic(logging.DeprecatedFieldTopic)
Comment thread
iansltx marked this conversation as resolved.

logf := func(format string, a ...interface{}) {
_, _ = fmt.Fprintf(c.App.Writer, format, a...)
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ import (
"github.com/fleetdm/fleet/v4/server/datastore/mysql"
"github.com/fleetdm/fleet/v4/server/dev_mode"
"github.com/fleetdm/fleet/v4/server/fleet"
"github.com/fleetdm/fleet/v4/server/platform/logging"
"github.com/fleetdm/fleet/v4/server/ptr"
"github.com/fleetdm/fleet/v4/server/test"
"github.com/go-git/go-git/v5"
Expand All @@ -30,6 +31,7 @@ import (

func (s *enterpriseIntegrationGitopsTestSuite) TestDeleteMacOSSetupDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

user := s.createGitOpsUser(t)
fleetctlConfig := s.createFleetctlConfig(t, user)
Expand Down Expand Up @@ -147,6 +149,8 @@ team_settings:

func (s *enterpriseIntegrationGitopsTestSuite) TestUnsetConfigurationProfileLabelsDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -270,6 +274,8 @@ team_settings:

func (s *enterpriseIntegrationGitopsTestSuite) TestUnsetSoftwareInstallerLabelsDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -416,6 +422,8 @@ team_settings:

func (s *enterpriseIntegrationGitopsTestSuite) TestNoTeamWebhookSettingsDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := t.Context()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -681,6 +689,8 @@ team_settings:

func (s *enterpriseIntegrationGitopsTestSuite) TestMacOSSetupDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -820,6 +830,8 @@ team_settings:

func (s *enterpriseIntegrationGitopsTestSuite) TestIPASoftwareInstallersDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -1033,6 +1045,8 @@ team_settings:
// are properly applied via GitOps.
func (s *enterpriseIntegrationGitopsTestSuite) TestGitOpsSoftwareDisplayNameDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -1151,6 +1165,8 @@ team_settings:
// and fleet maintained apps are properly applied via GitOps.
func (s *enterpriseIntegrationGitopsTestSuite) TestGitOpsSoftwareIconsDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -1336,6 +1352,8 @@ team_settings:

func (s *enterpriseIntegrationGitopsTestSuite) TestGitOpsTeamLabelsDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

user := s.createGitOpsUser(t)
Expand Down Expand Up @@ -1527,6 +1545,8 @@ labels:
// Multiple repos are simulated by copying over the example repository multiple times.
func (s *enterpriseIntegrationGitopsTestSuite) TestGitOpsTeamLabelsMultipleReposDeprecated() {
t := s.T()
t.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)

ctx := context.Background()

type repoSetup struct {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,8 @@ func (s *enterpriseIntegrationGitopsTestSuite) assertDryRunOutput(t *testing.T,
s.assertDryRunOutputWithDeprecation(t, output, false)
}

func (s *enterpriseIntegrationGitopsTestSuite) assertDryRunOutputWithDeprecation(t *testing.T, output string, allowDeprecation bool) {
func (s *enterpriseIntegrationGitopsTestSuite) assertDryRunOutputWithDeprecation(t *testing.T, output string, expectDeprecation bool) {
var sawDeprecation bool
allowedVerbs := []string{
"moved",
"deleted",
Expand All @@ -204,13 +205,17 @@ func (s *enterpriseIntegrationGitopsTestSuite) assertDryRunOutputWithDeprecation
pattern := fmt.Sprintf("\\[([+\\-!])] would've (%s)", strings.Join(allowedVerbs, "|"))
reg := regexp.MustCompile(pattern)
for line := range strings.SplitSeq(output, "\n") {
if allowDeprecation && line != "" && strings.Contains(line, "is deprecated") {
if expectDeprecation && line != "" && strings.Contains(line, "is deprecated") {
sawDeprecation = true
continue
}
if line != "" && !strings.Contains(line, "succeeded") {
assert.Regexp(t, reg, line, "on dry run")
}
}
if expectDeprecation {
assert.True(t, sawDeprecation, "expected to see deprecation warning in dry run output")
}
}

func (s *enterpriseIntegrationGitopsTestSuite) assertRealRunOutput(t *testing.T, output string) {
Expand Down Expand Up @@ -244,6 +249,9 @@ func (s *enterpriseIntegrationGitopsTestSuite) assertRealRunOutputWithDeprecatio
// TestFleetGitops runs `fleetctl gitops` command on configs in https://github.com/fleetdm/fleet-gitops repo.
// Changes to that repo may cause this test to fail.
func (s *enterpriseIntegrationGitopsTestSuite) TestFleetGitops() {
os.Setenv("FLEET_ENABLE_LOG_TOPICS", logging.DeprecatedFieldTopic)
defer os.Unsetenv("FLEET_ENABLE_LOG_TOPICS")

t := s.T()

user := s.createGitOpsUser(t)
Expand Down
1 change: 1 addition & 0 deletions infrastructure/dogfood/terraform/aws-tf-module/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ locals {
OTEL_EXPORTER_OTLP_ENDPOINT = "https://otlp.signoz.dogfood.fleetdm.com"
# FLEET_LOGGING_TRACING_ENABLED = "true"
# FLEET_LOGGING_TRACING_TYPE = "elasticapm"
FLEET_LOGGING_ENABLE_TOPICS = "deprecated-field-names"
Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rfairburn I think this is the right place to add an env var for our Dogfood server, let me know if there's a different place I need to change. This will turn on deprecation warnings on Dogfood so we can see them. The warnings will be turned off by default for the upcoming release.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

FLEET_MYSQL_MAX_OPEN_CONNS = "10"
FLEET_MYSQL_READ_REPLICA_MAX_OPEN_CONNS = "10"
FLEET_VULNERABILITIES_DATABASES_PATH = "/home/fleet"
Expand Down
6 changes: 5 additions & 1 deletion pkg/spec/gitops_deprecations.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ package spec
import (
"fmt"
"strings"

"github.com/fleetdm/fleet/v4/server/platform/logging"
)

// DeprecatedKeyMapping defines a mapping from an old YAML key path to a new one.
Expand Down Expand Up @@ -122,7 +124,9 @@ func migrateLeafKey(data map[string]any, oldKey, newKey, fullOldPath, fullNewPat

// Log deprecation warning
if logFn != nil {
logFn("[!] '%s' is deprecated; use '%s' instead\n", fullOldPath, fullNewPath)
if logging.TopicEnabled(logging.DeprecatedFieldTopic) {
logFn("[!] '%s' is deprecated; use '%s' instead\n", fullOldPath, fullNewPath)
}
}

// Copy value to new key and remove old key
Expand Down
Loading
Loading