Lucas Manuel Rodriguez

> Path /tmp/2091266637/extracted already exists with mode 20000000700 instead of the expected 20000000755" This is a security check added to TUF downloads. Seems related to https://github.com/fleetdm/fleet/issues/25775. @jmwatts What's the output...

> [@lucasmrod](https://github.com/lucasmrod) Yeah, I backed out that check at the beginning of the call (for installs only; kept it for TUF) but didn't account for needing to create additional directories...

> Left a comment in the other issue, but so we have it tracked here: we should make sure the fleetdm.com proxy has a record of which licenses belong to...

We met with @getvictor and @eashaw and agreed that the two proxies will look the same around using "fleet_server_key" as the secret that identifies each integration/customer (returned on the first...

I've created https://github.com/fleetdm/fleet/issues/27200 to answer some questions during the development of the integration. (There's no public information to answer these, so we'll need to test the assumptions during the development...

> [@lucasmrod](https://github.com/lucasmrod) For "7. Add new API endpoint for the admin consent webhook": Does the webhook need to do anything else after the database record for the tenant is updated,...

> Sounds good! How would you like the webhook to respond if the admin does not grant permissions? I believe we want to record the error in the integration row,...

Dupe of existing https://github.com/fleetdm/fleet/issues/7629.

Video of the last manual update of the timestamp: https://www.loom.com/share/a195e866b72c496f80c3ff8f00bdbac5 Currently the timestamp signature update is performed the following way: ```sh AWS_PROFILE=tuf \ TUF_DIRECTORY=/Users/luk/tuf.fleetctl.com \ ACTION=update-timestamp \ KEYS_SOURCE_DIRECTORY=/Volumes/FLEET-TUF/keys \ TIMESTAMP_PASSPHRASE_1PASSWORD_PATH="Private/TUF...

This is blocked by https://github.com/fleetdm/confidential/issues/8942.