Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSVL: Skip policy if associated software label scope doesn't match host #24533

Closed
georgekarrv opened this issue Dec 9, 2024 · 2 comments
Closed

SSVL: Skip policy if associated software label scope doesn't match host #24533

georgekarrv opened this issue Dec 9, 2024 · 2 comments
Assignees
@jahzielv
Labels
~backend Backend-related issue. #g-mdm MDM product group :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. ~sub-task A technical sub-task that is part of a story. (Not QA'd. Not estimated.)
Milestone
4.62.0

Comments

@georgekarrv
Copy link
Member

No description provided.

@georgekarrv georgekarrv added :product Product Design department (shows up on 🦢 Drafting board) #g-mdm MDM product group ~sub-task A technical sub-task that is part of a story. (Not QA'd. Not estimated.) ~backend Backend-related issue. labels Dec 9, 2024
@georgekarrv
Copy link
Member Author

Hey team! Please add your planning poker estimate with Zenhub @dantecatalfamo @getvictor @gillespi314 @jahzielv @mna

@georgekarrv georgekarrv added :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. and removed :product Product Design department (shows up on 🦢 Drafting board) labels Dec 9, 2024
@georgekarrv georgekarrv added this to the 4.62.0-tentative milestone Dec 11, 2024
@jahzielv jahzielv self-assigned this Dec 12, 2024
@jahzielv jahzielv mentioned this issue Dec 17, 2024
Merged
4 tasks
jahzielv added a commit that referenced this issue Dec 18, 2024
@jahzielv
feat: skip automatic install policy if installer is not scoped to host (
fe8324b 
#24843)

> Related issue: #24533

- We're still running the policy, but in the handler for the results we
check if the software is in label scope. If not, we set the policy to be
"undetermined" and we do not add an installation request
- Added checks for label scoping to the "install software" and "self
service install" endpoints

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
@iansltx iansltx mentioned this issue Jan 3, 2025
Closed
@fleet-release
Copy link
Contributor

Software label scope,
Swift as a river, matches host.
No needless loop, hope.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jahzielv jahzielv

Labels
~backend Backend-related issue. #g-mdm MDM product group :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. ~sub-task A technical sub-task that is part of a story. (Not QA'd. Not estimated.)
Milestone
4.62.0
Development

No branches or pull requests
4 participants
@georgekarrv @lukeheath @jahzielv @fleet-release