Closed roperzh closed 6 months ago
@roperzh I think we made the call not to rely on the IT admin to sign profiles for now (Fleet won't do it for them). Here's the thread in Slack where we made this decision: https://fleetdm.slack.com/archives/C03PK8PJDDE/p1668451248215009?thread_ts=1668184679.337339&cid=C03PK8PJDDE
Does this issue cover something else? I could be missing something.
@noahtalerman for now the main purpose of this task right now is to:
As a side note: I understand not taking action for profiles provided by the IT admin, but what about the enrollment profile? (and potentially any other profile sent by Fleet?)
for example @sharon-fdm was wondering if something was broken with Dogfood because the UI for unsigned profiles is not super reassuring:
keep track somewhere of the work we need to do
understand what we need to do (not take immediate action)
@roperzh got it! Doing the research makes sense. Thanks for filing this issue.
I sent this message this morning because I thought we were taking immediate action (building the feature). This is because I saw the issue in the release board.
I wanted to check if were building it because I would argue that there are other features in the roadmap board that are higher priority. This would let me know that I should work with Luke to move these features (that I think are higher priority) into the release board.
UI for unsigned profiles is not super reassuring
Yeah I agree the red is not great.
We are removing this from the product backlog and deferring until higher-priority features are complete.
Encrypting a profile protects the contents from unauthorized access
@roperzh how does encrypting a profile affect the IT admin UX? For example, if a profile is encrypted, can I see its description, settings, and details in System Settings?
Hi @noahtalerman , this story did not make it into the current sprint, so I'm de-prioritizing it. Please bring it back to FF if necessary.
potential implementation in this draft PR: https://github.com/fleetdm/fleet/pull/16490/files
Original issue description from @roperzh:
@Patagonia121 heads up, @marko-lisica and I updated this separate user story to cover signing for both the enrollment profile and configuration profiles: https://github.com/fleetdm/fleet/issues/10418
Closing this story as a duplicate.
Profiles now signed, No red message in sight, trust In clouds, takes flight.
UPDATE: @marko-lisica and I updated this separate user story to cover signing for enrollment profile and configuration profiles: #10418
Closing this story as a duplicate.
(2024-02-20)
Goal
The red "Unsigned" message:
Changes
Product
Engineering
Context
QA
Risk assessment
Manual testing steps
Testing notes
Confirmation