fleet
fleet copied to clipboard
fleetdm
Unable to set failing_policies_webhook via GitOps
Fleet version: Latest on dogfood
Web browser and operating system: Any
💥 Actual behavior
I am attempting to set the following in Fleet via GitOps:
webhook_settings:
failing_policies_webhook:
destination_url: $DOGFOOD_FAILING_POLICIES_WEBHOOK_URL
enable_failing_policies_webhook: true
host_batch_size: 0
policy_ids:
- 14937
- 14946
- 15329
- 14100
This was working up until January 24, 2025 and no policy_ids were set. See https://fleetdm.slack.com/archives/C089S7EAJE9. Today, in order to test, I set explicit policy IDs and this is still not working.
@harrisonravazzolo also ran into this issue in yesterday's hand-on GitOps training.
🧑💻 Steps to reproduce
- Attempt to set failing_policies_webhook via GitOps
- Notice the webhook does not get enabled in Fleet UI
- Ponder the meaning of it all
🕯️ More info (optional)
This is observable in dogfood: https://github.com/fleetdm/fleet/blob/eaa3ce071c8d48bb8a7cdbc17ee74ac3718fb3d6/it-and-security/default.yml#L67C1-L76C16
Allow for failing policies webhook to be set and managed via GitOps (YAML).
@lukeheath I think this bug is a P2. Why? Supported workflow is not functioning as intended.
I think we want prioritize this one at the top of the next sprint (4.68).
cc @allenhouchins @rachaelshaw @sharon-fdm
Hey team! Please add your planning poker estimate with Zenhub @dantecatalfamo @jacobshandling @lucasmrod @sgress454
@allenhouchins I haven't been able to reproduce this. Would you have time to discuss this ticket?
We discovered that the issue is that team policy failure webhooks have to be defined under the team_settings.webhook_settings. The webhook URL and settings are per-team and you have to define as such.
@dantecatalfamo Fixed in dogfood. Thanks for the help looking into this.
