Move forks inside monorepo (or delete them)

[lukeheath]

Goal

Our intention is to have a single fleet monorepo. Any additional public repositories must be documented in the handbook to explain why they are not in the monorepo.

There are several forks in the fleetdm org that are either no longer needed, or could be moved inside our monorepo. We need to evaluate each fork and take appropriate action.

Fleet server dependencies

1. goose

   • Used for database migrations.
   • This has diverged significantly from the original project.
   • TODO: Move into the monorepo.

2. kolide-kit

   • We are only referencing one file in this project.
   • TODO: Copy https://github.com/kolide/kit/blob/master/version/version.go (MIT-licensed) into fleetdm/fleet monorepo and remove dependency.

3. nanomdm

   • We are using the apple-mdm branch.
   • This has diverged significantly from the original project.
   • TODO: Move apple-mdm branch inside monorepo and delete fork.

4. nanodep

   • We are using the apple-mdm branch.
   • This has diverged significantly from the original project.
   • TODO: Move apple-mdm branch inside monorepo and delete fork.

5. scep

   • We've added one commit.
   • Can we contribute to the project, instead? Looks like we wanted a different scep URL.
   • We could contribute a parameter to set the URL and close the fork. If they don't want it, move to monorepo.
   • TODO: Consider contributing to project and going back upstream. If that's not feasible, move inside monorepo.

Makefile

6. mockimpl
   • mockimpl generates mocks for our backend tests.
   • Forked to wrap in Go module, and other changes.
   • TODO: Move to monorepo.

Other

7. kubequery

   • This exists because Uptycs deleted their original repo.
   • We offer Kubequery as an option to customers, so we need to continue to maintain this repo.
   • TODO: Move into monorepo.

8. nvdtools

   • There is a PR into our fork by @mostlikelee.
   • TODO: Determine if we can contribute directly to project and go back upstream. If not, move into monorepo.

9. osquery-in-a-box

   • We use this for fleetctl preview.
   • TODO: Move into monorepo.

[mostlikelee]

nvdtools will be used as a part of https://github.com/fleetdm/fleet/issues/14659 since the scope of pulling the logic into the Fleet repo is large, I suggest we create a separate story rather than increasing the scope of that task

[mostlikelee]

@zwass may have more context on kolide-kit, it was in his personal repo and we recently moved it. I believe it's pointing to a specific commit.

[zwass]

I believe we jut use a few lines for our --version information that's set in builds. We could probably just copy that (MIT licensed) code into our repo (with attribution).

[lukeheath]

@mostlikelee

nvdtools will be used as a part of https://github.com/fleetdm/fleet/issues/14659

Do we need to maintain the fork? Would it be possible to go back upstream to the original repo? If we need changes, could we contribute to the primary project instead of forking it?

[noahtalerman]

Is this quick for engineering team? If not, I'm inclined to wait to do this.

[lukeheath]

For anything we do need to separate from the original project we have two options:

1. Include it in the nvd repo, which will grow to become a monorepo.
2. Copy out the specific code we need (MIT licensed, with attribution) and put it into the Fleet the project.
3. If we need the whole project, copy it int othe Fleet monorepo.

[lukeheath]

@noahtalerman

Is this quick for engineering team? If not, I'm inclined to wait to do this.

It is a good amount of work. This is a Q4 OKR for the business, so if we don't prioritize it, we'll need to take it to the next e-group call to discuss.

[noahtalerman]

Luke to drive "design": coming up with a solid plan.

[lukeheath]

@sharon-fdm @georgekarrv Both EO and MDM will be working on this. I've separated each dependency into a sub-task so they can be assigned between teams. Please only estimate the sub-tasks that have your product group's label.

[lukeheath]

@sharon-fdm I checked out the code and it looks like we actually do need the kolide-kit version file. Please follow as spec'd, copy the version file over and delete the fork. Thanks!

[sabrinabuckets]

Smoke tested MDM functionality. No issues observed with ADE-eligible host enrollment flow, SCEP certificate, MDM commands, profile delivery, OS updates, etc.

[noahtalerman]

Closing this issue.

Change doesn't affect any customers.

No docs needed.

[fleet-release]

Forks unite in whole, Eases the code's gentle flow, Fleet's strength in control.