Skip to content

Commit

Permalink
updating file paths to resolve gitops errors
Browse files Browse the repository at this point in the history
  • Loading branch information
@allenhouchins
allenhouchins committed Dec 9, 2024
1 parent 39e7bb6 commit 77f8b5b
Show file tree
Hide file tree
Showing 2 changed files with 84 additions and 84 deletions.
92 changes: 46 additions & 46 deletions it-and-security/teams/workstations-canary.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,28 +65,28 @@ controls:
enable_disk_encryption: true
macos_settings:
custom_settings:
- path: ../lib/configuration-profiles/macos-chrome-enrollment.mobileconfig
- path: ../lib/configuration-profiles/macos-date-time.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-bluetooth-file-sharing.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-content-caching.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-guest-account.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-guest-shares.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-internet-sharing.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-media-sharing.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-safari-safefiles.mobileconfig
- path: ../lib/configuration-profiles/macos-enable-doh.mobileconfig
- path: ../lib/configuration-profiles/macos-enable-firewall-logging.mobileconfig
- path: ../lib/configuration-profiles/macos-enable-gatekeeper.mobileconfig
- path: ../lib/configuration-profiles/macos-enforce-library-validation.mobileconfig
- path: ../lib/configuration-profiles/macos-firewall.mobileconfig
- path: ../lib/configuration-profiles/macos-full-disk-access-for-fleetd.mobileconfig
- path: ../lib/configuration-profiles/macos-limit-ad-tracking.mobileconfig
- path: ../lib/configuration-profiles/macos-misc.mobileconfig
- path: ../lib/configuration-profiles/macos-prevent-autologon.mobileconfig
- path: ../lib/configuration-profiles/macos-secure-terminal-keyboard.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-update-notifications.mobileconfig
- path: ../lib/configuration-profiles/macos-ensure-show-status-bar-is-enabled.mobileconfig
- path: ../lib/declarations/macos-passcode-settings.json
- path: ../lib/macos/configuration-profiles/chrome-enrollment.mobileconfig
- path: ../lib/macos/configuration-profiles/date-time.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-bluetooth-file-sharing.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-content-caching.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-guest-account.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-guest-shares.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-internet-sharing.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-media-sharing.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-safari-safefiles.mobileconfig
- path: ../lib/macos/configuration-profiles/enable-doh.mobileconfig
- path: ../lib/macos/configuration-profiles/enable-firewall-logging.mobileconfig
- path: ../lib/macos/configuration-profiles/enable-gatekeeper.mobileconfig
- path: ../lib/macos/configuration-profiles/enforce-library-validation.mobileconfig
- path: ../lib/macos/configuration-profiles/firewall.mobileconfig
- path: ../lib/macos/configuration-profiles/full-disk-access-for-fleetd.mobileconfig
- path: ../lib/macos/configuration-profiles/limit-ad-tracking.mobileconfig
- path: ../lib/macos/configuration-profiles/misc.mobileconfig
- path: ../lib/macos/configuration-profiles/prevent-autologon.mobileconfig
- path: ../lib/macos/configuration-profiles/secure-terminal-keyboard.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-update-notifications.mobileconfig
- path: ../lib/macos/configuration-profiles/ensure-show-status-bar-is-enabled.mobileconfig
- path: ../lib/macos/declaration-profiles/passcode-settings.json
macos_setup:
bootstrap_package: ""
enable_end_user_authentication: false
Expand All @@ -96,28 +96,28 @@ controls:
minimum_version: "15.1.1"
windows_settings:
custom_settings:
- path: ../lib/configuration-profiles/windows-firewall.xml
- path: ../lib/configuration-profiles/windows-password.xml
- path: ../lib/configuration-profiles/windows-screen-lock.xml
- path: ../lib/windows/configuration-profiles/windows-firewall.xml
- path: ../lib/windows/configuration-profiles/windows-password.xml
- path: ../lib/windows/configuration-profiles/windows-screen-lock.xml
windows_updates:
deadline_days: 7
grace_period_days: 2
scripts:
- path: ../lib/scripts/macos-collect-fleetd-logs.sh
- path: ../lib/scripts/macos-execute-disable-fleet-desktop.sh
- path: ../lib/scripts/macos-see-automatic-enrollment-profile.sh
- path: ../lib/scripts/macos-remove-old-nudge.sh
- path: ../lib/scripts/macos-mdm-migration.sh
- path: ../lib/scripts/macos-system-maintenance.sh
- path: ../lib/macos/scripts/collect-fleetd-logs.sh
- path: ../lib/macos/scripts/execute-disable-fleet-desktop.sh
- path: ../lib/macos/scripts/see-automatic-enrollment-profile.sh
- path: ../lib/macos/scripts/remove-old-nudge.sh
- path: ../lib/macos/scripts/mdm-migration.sh
- path: ../lib/macos/scripts/system-maintenance.sh
- path: ../lib/scripts/windows-remove-fleetd.ps1
- path: ../lib/scripts/windows-turn-off-mdm.ps1
- path: ../lib/scripts/windows-install-bitdefender.ps1
- path: ../lib/scripts/windows-enable-ms-defender.ps1
- path: ../lib/windows/scripts/turn-off-mdm.ps1
- path: ../lib/windows/scripts/install-bitdefender.ps1
- path: ../lib/windows/scripts/enable-ms-defender.ps1
policies:
- path: ../lib/policies/macos-device-health.yml
- path: ../lib/policies/macos-upgrade-firefox.yml
- path: ../lib/policies/windows-device-health.yml
- path: ../lib/policies/linux-device-health.yml
- path: ../lib/macos/policies/device-health.yml
- path: ../lib/macos/policies/upgrade-firefox.yml
- path: ../lib/windows/policies/device-health.yml
- path: ../lib/linux/policies/linux-device-health.yml
- name: macOS - Check if latest version
query: SELECT 1 FROM os_version WHERE (major = '15' AND minor = '1' AND patch = '1');
critical: true
Expand All @@ -140,16 +140,16 @@ policies:
platform: darwin
calendar_events_enabled: false
queries:
- path: ../lib/queries/collect-failed-login-attempts.yml
- path: ../lib/queries/collect-fleetd-information.yml
- path: ../lib/queries/collect-usb-devices.yml
- path: ../lib/queries/collect-vs-code-extensions.yml
- path: ../lib/queries/collect-software-permissions-system.yml
- path: ../lib/queries/collect-software-permissions-user.yml
- path: ../lib/queries/collect-crowdstrike-info.yml
- path: ../lib/macos/queries/collect-failed-login-attempts.yml
- path: ../lib/all/queries/collect-fleetd-information.yml
- path: ../lib/all/queries/collect-usb-devices.yml
- path: ../lib/all/queries/collect-vs-code-extensions.yml
- path: ../lib/macos/queries/collect-software-permissions-system.yml
- path: ../lib/macos/queries/collect-software-permissions-user.yml
- path: ../lib/all/queries/collect-crowdstrike-info.yml
software:
packages:
- path: ../lib/software/macos-mozilla-firefox.yml # Mozilla Firefox for MacOS (universal)
- path: ../lib/macos/software/mozilla-firefox.yml # Mozilla Firefox for MacOS (universal)
app_store_apps:
- app_store_id: '803453959' # Slack Desktop
- app_store_id: '1333542190' # 1Password 7 Desktop
Expand Down
76 changes: 38 additions & 38 deletions it-and-security/teams/workstations.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,33 +36,33 @@ controls:
enable_disk_encryption: true
macos_settings:
custom_settings:
- path: ../lib/configuration-profiles/macos-date-time.mobileconfig
- path: ../lib/configuration-profiles/macos-chrome-enrollment.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-bluetooth-file-sharing.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-content-caching.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-guest-account.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-guest-shares.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-internet-sharing.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-media-sharing.mobileconfig
- path: ../lib/configuration-profiles/macos-disable-safari-safefiles.mobileconfig
- path: ../lib/configuration-profiles/macos-enable-doh.mobileconfig
- path: ../lib/configuration-profiles/macos-enable-firewall-logging.mobileconfig
- path: ../lib/configuration-profiles/macos-enable-gatekeeper.mobileconfig
- path: ../lib/configuration-profiles/macos-enforce-library-validation.mobileconfig
- path: ../lib/configuration-profiles/macos-firewall.mobileconfig
- path: ../lib/configuration-profiles/macos-full-disk-access-for-fleetd.mobileconfig
- path: ../lib/configuration-profiles/macos-limit-ad-tracking.mobileconfig
- path: ../lib/configuration-profiles/macos-misc.mobileconfig
- path: ../lib/configuration-profiles/macos-prevent-autologon.mobileconfig
- path: ../lib/configuration-profiles/macos-secure-terminal-keyboard.mobileconfig
- path: ../lib/configuration-profiles/macos-passcode-settings.json
- path: ../lib/macos/configuration-profiles/date-time.mobileconfig
- path: ../lib/macos/configuration-profiles/chrome-enrollment.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-bluetooth-file-sharing.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-content-caching.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-guest-account.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-guest-shares.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-internet-sharing.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-media-sharing.mobileconfig
- path: ../lib/macos/configuration-profiles/disable-safari-safefiles.mobileconfig
- path: ../lib/macos/configuration-profiles/enable-doh.mobileconfig
- path: ../lib/macos/configuration-profiles/enable-firewall-logging.mobileconfig
- path: ../lib/macos/configuration-profiles/enable-gatekeeper.mobileconfig
- path: ../lib/macos/configuration-profiles/enforce-library-validation.mobileconfig
- path: ../lib/macos/configuration-profiles/firewall.mobileconfig
- path: ../lib/macos/configuration-profiles/full-disk-access-for-fleetd.mobileconfig
- path: ../lib/macos/configuration-profiles/limit-ad-tracking.mobileconfig
- path: ../lib/macos/configuration-profiles/misc.mobileconfig
- path: ../lib/macos/configuration-profiles/prevent-autologon.mobileconfig
- path: ../lib/macos/configuration-profiles/secure-terminal-keyboard.mobileconfig
- path: ../lib/macos/declaration-profiles/passcode-settings.json
macos_setup:
bootstrap_package: ""
enable_end_user_authentication: true
macos_setup_assistant: ../lib/automatic-enrollment.dep.json
macos_setup_assistant: ../lib/all/enrollment-profiles/automatic-enrollment.dep.json
software:
- package_path: ../lib/software/macos-google-chrome.yml # Google Chrome for macOS
- package_path: ../lib/software/macos-zoom.yml # Zoom for macOS
- package_path: ../lib/macos/software/google-chrome.yml # Google Chrome for macOS
- package_path: ../lib/macos/software/zoom.yml # Zoom for macOS
- app_store_id: '803453959' # Slack Desktop
- app_store_id: '1333542190' # 1Password 7 Desktop
macos_updates:
Expand All @@ -74,17 +74,17 @@ controls:
deadline_days: 7
grace_period_days: 2
scripts:
- path: ../lib/scripts/collect-fleetd-logs.sh
- path: ../lib/scripts/macos-see-automatic-enrollment-profile.sh
- path: ../lib/scripts/macos-remove-old-nudge.sh
- path: ../lib/scripts/windows-remove-fleetd.ps1
- path: ../lib/scripts/windows-turn-off-mdm.ps1
- path: ../lib/macos/scripts/collect-fleetd-logs.sh
- path: ../lib/macos/scripts/see-automatic-enrollment-profile.sh
- path: ../lib/macos/scripts/remove-old-nudge.sh
- path: ../lib/windows/scripts/remove-fleetd.ps1
- path: ../lib/windows/scripts/turn-off-mdm.ps1
policies:
- path: ../lib/policies/macos-device-health.yml
- path: ../lib/policies/macos-cis.yml
- path: ../lib/policies/windows-device-health.yml
- path: ../lib/policies/windows-cis.yml
- path: ../lib/policies/linux-device-health.yml
- path: ../lib/macos/policies/device-health.yml
- path: ../lib/macos/policies/cis.yml
- path: ../lib/windows/policies/device-health.yml
- path: ../lib/windows/policies/cis.yml
- path: ../lib/linux/policies/linux-device-health.yml
- name: macOS - Check if latest version
query: SELECT 1 FROM os_version WHERE (major = '15' AND minor = '1' AND patch = '1');
critical: true
Expand All @@ -93,9 +93,9 @@ policies:
platform: darwin
calendar_events_enabled: false
queries:
- path: ../lib/queries/collect-failed-login-attempts.yml
- path: ../lib/queries/collect-usb-devices.yml
- path: ../lib/queries/collect-vs-code-extensions.yml
- path: ../lib/macos/queries/collect-failed-login-attempts.yml
- path: ../lib/all/queries/collect-usb-devices.yml
- path: ../lib/all/queries/collect-vs-code-extensions.yml
- name: Collect expiration date for MDM SCEP certificates
description: "For the following issue: https://github.com/fleetdm/confidential/issues/4518. Returns expiration date for macOS hosts's MDM SCEP certs."
query: "SELECT common_name, datetime(not_valid_after,'unixepoch') AS expires FROM certificates WHERE 'common_name' LIKE '%FleetDM Identity%';"
Expand All @@ -105,8 +105,8 @@ queries:
observer_can_run: true
software:
packages:
- path: ../lib/software/macos-zoom.yml # Zoom for macOS
- path: ../lib/software/macos-google-chrome.yml # Google Chrome for macOS
- path: ../lib/macos/software/zoom.yml # Zoom for macOS
- path: ../lib/macos/software/google-chrome.yml # Google Chrome for macOS
app_store_apps:
- app_store_id: '803453959' # Slack Desktop
- app_store_id: '1333542190' # 1Password 7 Desktop
Expand Down

0 comments on commit 77f8b5b

Please sign in to comment.