fleetdm
diff --git a/‎CHANGELOG.md
+7 b/‎CHANGELOG.md
+7
diff --git a/‎changes/19526-installers-bucket
-2 b/‎changes/19526-installers-bucket
-2
diff --git a/‎charts/fleet/Chart.yaml
+1-1 b/‎charts/fleet/Chart.yaml
+1-1
diff --git a/‎charts/fleet/values.yaml
+1-1 b/‎charts/fleet/values.yaml
+1-1
diff --git a/‎infrastructure/dogfood/terraform/aws/variables.tf
+1-1 b/‎infrastructure/dogfood/terraform/aws/variables.tf
+1-1
diff --git a/‎infrastructure/dogfood/terraform/gcp/variables.tf
+1-1 b/‎infrastructure/dogfood/terraform/gcp/variables.tf
+1-1
diff --git a/‎terraform/README.md
+1-1 b/‎terraform/README.md
+1-1
diff --git a/‎terraform/addons/vuln-processing/variables.tf
+2-2 b/‎terraform/addons/vuln-processing/variables.tf
+2-2
diff --git a/‎terraform/byo-vpc/README.md
+1-1 b/‎terraform/byo-vpc/README.md
+1-1
diff --git a/‎terraform/byo-vpc/byo-db/README.md
+1-1 b/‎terraform/byo-vpc/byo-db/README.md
+1-1
@@ -1,3 +1,10 @@
+## Fleet 4.51.1 (Jun 11, 2024)
+
+### Bug fixes
+
+* Added S3 config variables with a `carves_` and `software_installers` prefix, which were used to configure buckets for those features. The existing non-prefixed variables were kept for backwards compatibility.
+* Fixed a bug that prevented unused script contents to be periodically cleaned up from the database.
+
 ## Fleet 4.51.0 (Jun 10, 2024)
 
 ### Endpoint Operations
 
@@ -8,7 +8,7 @@ version: v6.0.2
 home: https://github.com/fleetdm/fleet
 sources:
   - https://github.com/fleetdm/fleet.git
-appVersion: v4.51.0
+appVersion: v4.51.1
 dependencies:
   - name: mysql
     condition: mysql.enabled
 
@@ -2,7 +2,7 @@
 # All settings related to how Fleet is deployed in Kubernetes
 hostName: fleet.localhost
 replicas: 3 # The number of Fleet instances to deploy
-imageTag: v4.51.0 # Version of Fleet to deploy
+imageTag: v4.51.1 # Version of Fleet to deploy
 podAnnotations: {} # Additional annotations to add to the Fleet pod
 serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account
 resources:
 
@@ -56,7 +56,7 @@ variable "database_name" {
 
 variable "fleet_image" {
   description = "the name of the container image to run"
-  default     = "fleetdm/fleet:v4.51.0"
+  default     = "fleetdm/fleet:v4.51.1"
 }
 
 variable "software_inventory" {
 
@@ -68,5 +68,5 @@ variable "redis_mem" {
 }
 
 variable "image" {
-  default = "fleet:v4.51.0"
+  default = "fleet:v4.51.1"
 }
@@ -24,7 +24,7 @@ variable "fleet_config" {
     vuln_processing_cpu                  = optional(number, 2048)
     vuln_data_stream_mem                 = optional(number, 1024)
     vuln_data_stream_cpu                 = optional(number, 512)
-    image                                = optional(string, "fleetdm/fleet:v4.51.0")
+    image                                = optional(string, "fleetdm/fleet:v4.51.1")
     family                               = optional(string, "fleet-vuln-processing")
     sidecars                             = optional(list(any), [])
     extra_environment_variables          = optional(map(string), {})
@@ -82,7 +82,7 @@ variable "fleet_config" {
     vuln_processing_cpu                  = 2048
     vuln_data_stream_mem                 = 1024
     vuln_data_stream_cpu                 = 512
-    image                                = "fleetdm/fleet:v4.51.0"
+    image                                = "fleetdm/fleet:v4.51.1"
     family                               = "fleet-vuln-processing"
     sidecars                             = []
     extra_environment_variables          = {}
 
@@ -28,7 +28,7 @@ No requirements.
 |------|-------------|------|---------|:--------:|
 | <a name="input_alb_config"></a> [alb\_config](#input\_alb\_config) | n/a | <pre>object({<br>    name                 = optional(string, "fleet")<br>    subnets              = list(string)<br>    security_groups      = optional(list(string), [])<br>    access_logs          = optional(map(string), {})<br>    certificate_arn      = string<br>    allowed_cidrs        = optional(list(string), ["0.0.0.0/0"])<br>    allowed_ipv6_cidrs   = optional(list(string), ["::/0"])<br>    egress_cidrs         = optional(list(string), ["0.0.0.0/0"])<br>    egress_ipv6_cidrs    = optional(list(string), ["::/0"])<br>    extra_target_groups  = optional(any, [])<br>    https_listener_rules = optional(any, [])<br>    tls_policy           = optional(string, "ELBSecurityPolicy-TLS-1-2-2017-01")<br>    idle_timeout         = optional(number, 60)<br>  })</pre> | n/a | yes |
 | <a name="input_ecs_cluster"></a> [ecs\_cluster](#input\_ecs\_cluster) | The config for the terraform-aws-modules/ecs/aws module | <pre>object({<br>    autoscaling_capacity_providers = optional(any, {})<br>    cluster_configuration = optional(any, {<br>      execute_command_configuration = {<br>        logging = "OVERRIDE"<br>        log_configuration = {<br>          cloud_watch_log_group_name = "/aws/ecs/aws-ec2"<br>        }<br>      }<br>    })<br>    cluster_name = optional(string, "fleet")<br>    cluster_settings = optional(map(string), {<br>      "name" : "containerInsights",<br>      "value" : "enabled",<br>    })<br>    create                                = optional(bool, true)<br>    default_capacity_provider_use_fargate = optional(bool, true)<br>    fargate_capacity_providers = optional(any, {<br>      FARGATE = {<br>        default_capacity_provider_strategy = {<br>          weight = 100<br>        }<br>      }<br>      FARGATE_SPOT = {<br>        default_capacity_provider_strategy = {<br>          weight = 0<br>        }<br>      }<br>    })<br>    tags = optional(map(string))<br>  })</pre> | <pre>{<br>  "autoscaling_capacity_providers": {},<br>  "cluster_configuration": {<br>    "execute_command_configuration": {<br>      "log_configuration": {<br>        "cloud_watch_log_group_name": "/aws/ecs/aws-ec2"<br>      },<br>      "logging": "OVERRIDE"<br>    }<br>  },<br>  "cluster_name": "fleet",<br>  "cluster_settings": {<br>    "name": "containerInsights",<br>    "value": "enabled"<br>  },<br>  "create": true,<br>  "default_capacity_provider_use_fargate": true,<br>  "fargate_capacity_providers": {<br>    "FARGATE": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 100<br>      }<br>    },<br>    "FARGATE_SPOT": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 0<br>      }<br>    }<br>  },<br>  "tags": {}<br>}</pre> | no |
-| <a name="input_fleet_config"></a> [fleet\_config](#input\_fleet\_config) | The configuration object for Fleet itself. Fields that default to null will have their respective resources created if not specified. | <pre>object({<br>    mem                          = optional(number, 4096)<br>    cpu                          = optional(number, 512)<br>    image                        = optional(string, "fleetdm/fleet:v4.51.0")<br>    family                       = optional(string, "fleet")<br>    sidecars                     = optional(list(any), [])<br>    depends_on                   = optional(list(any), [])<br>    mount_points                 = optional(list(any), [])<br>    volumes                      = optional(list(any), [])<br>    extra_environment_variables  = optional(map(string), {})<br>    extra_iam_policies           = optional(list(string), [])<br>    extra_execution_iam_policies = optional(list(string), [])<br>    extra_secrets                = optional(map(string), {})<br>    security_groups              = optional(list(string), null)<br>    security_group_name          = optional(string, "fleet")<br>    iam_role_arn                 = optional(string, null)<br>    repository_credentials       = optional(string, "")<br>    private_key_secret_name      = optional(string, "fleet-server-private-key")<br>    service = optional(object({<br>      name = optional(string, "fleet")<br>      }), {<br>      name = "fleet"<br>    })<br>    database = optional(object({<br>      password_secret_arn = string<br>      user                = string<br>      database            = string<br>      address             = string<br>      rr_address          = optional(string, null)<br>      }), {<br>      password_secret_arn = null<br>      user                = null<br>      database            = null<br>      address             = null<br>      rr_address          = null<br>    })<br>    redis = optional(object({<br>      address = string<br>      use_tls = optional(bool, true)<br>      }), {<br>      address = null<br>      use_tls = true<br>    })<br>    awslogs = optional(object({<br>      name      = optional(string, null)<br>      region    = optional(string, null)<br>      create    = optional(bool, true)<br>      prefix    = optional(string, "fleet")<br>      retention = optional(number, 5)<br>      }), {<br>      name      = null<br>      region    = null<br>      prefix    = "fleet"<br>      retention = 5<br>    })<br>    loadbalancer = optional(object({<br>      arn = string<br>      }), {<br>      arn = null<br>    })<br>    extra_load_balancers = optional(list(any), [])<br>    networking = optional(object({<br>      subnets         = list(string)<br>      security_groups = optional(list(string), null)<br>      }), {<br>      subnets         = null<br>      security_groups = null<br>    })<br>    autoscaling = optional(object({<br>      max_capacity                 = optional(number, 5)<br>      min_capacity                 = optional(number, 1)<br>      memory_tracking_target_value = optional(number, 80)<br>      cpu_tracking_target_value    = optional(number, 80)<br>      }), {<br>      max_capacity                 = 5<br>      min_capacity                 = 1<br>      memory_tracking_target_value = 80<br>      cpu_tracking_target_value    = 80<br>    })<br>    iam = optional(object({<br>      role = optional(object({<br>        name        = optional(string, "fleet-role")<br>        policy_name = optional(string, "fleet-iam-policy")<br>        }), {<br>        name        = "fleet-role"<br>        policy_name = "fleet-iam-policy"<br>      })<br>      execution = optional(object({<br>        name        = optional(string, "fleet-execution-role")<br>        policy_name = optional(string, "fleet-execution-role")<br>        }), {<br>        name        = "fleet-execution-role"<br>        policy_name = "fleet-iam-policy-execution"<br>      })<br>      }), {<br>      name = "fleetdm-execution-role"<br>    })<br>  })</pre> | <pre>{<br>  "autoscaling": {<br>    "cpu_tracking_target_value": 80,<br>    "max_capacity": 5,<br>    "memory_tracking_target_value": 80,<br>    "min_capacity": 1<br>  },<br>  "awslogs": {<br>    "create": true,<br>    "name": null,<br>    "prefix": "fleet",<br>    "region": null,<br>    "retention": 5<br>  },<br>  "cpu": 256,<br>  "database": {<br>    "address": null,<br>    "database": null,<br>    "password_secret_arn": null,<br>    "rr_address": null,<br>    "user": null<br>  },<br>  "depends_on": [],<br>  "extra_environment_variables": {},<br>  "extra_execution_iam_policies": [],<br>  "extra_iam_policies": [],<br>  "extra_load_balancers": [],<br>  "extra_secrets": {},<br>  "family": "fleet",<br>  "iam": {<br>    "execution": {<br>      "name": "fleet-execution-role",<br>      "policy_name": "fleet-iam-policy-execution"<br>    },<br>    "role": {<br>      "name": "fleet-role",<br>      "policy_name": "fleet-iam-policy"<br>    }<br>  },<br>  "iam_role_arn": null,<br>  "image": "fleetdm/fleet:v4.31.1",<br>  "loadbalancer": {<br>    "arn": null<br>  },<br>  "mem": 512,<br>  "mount_points": [],<br>  "networking": {<br>    "security_groups": null,<br>    "subnets": null<br>  },<br>  "private_key_secret_name": "fleet-server-private-key",<br>  "redis": {<br>    "address": null,<br>    "use_tls": true<br>  },<br>  "repository_credentials": "",<br>  "security_group_name": "fleet",<br>  "security_groups": null,<br>  "service": {<br>    "name": "fleet"<br>  },<br>  "sidecars": [],<br>  "volumes": []<br>}</pre> | no |
+| <a name="input_fleet_config"></a> [fleet\_config](#input\_fleet\_config) | The configuration object for Fleet itself. Fields that default to null will have their respective resources created if not specified. | <pre>object({<br>    mem                          = optional(number, 4096)<br>    cpu                          = optional(number, 512)<br>    image                        = optional(string, "fleetdm/fleet:v4.51.1")<br>    family                       = optional(string, "fleet")<br>    sidecars                     = optional(list(any), [])<br>    depends_on                   = optional(list(any), [])<br>    mount_points                 = optional(list(any), [])<br>    volumes                      = optional(list(any), [])<br>    extra_environment_variables  = optional(map(string), {})<br>    extra_iam_policies           = optional(list(string), [])<br>    extra_execution_iam_policies = optional(list(string), [])<br>    extra_secrets                = optional(map(string), {})<br>    security_groups              = optional(list(string), null)<br>    security_group_name          = optional(string, "fleet")<br>    iam_role_arn                 = optional(string, null)<br>    repository_credentials       = optional(string, "")<br>    private_key_secret_name      = optional(string, "fleet-server-private-key")<br>    service = optional(object({<br>      name = optional(string, "fleet")<br>      }), {<br>      name = "fleet"<br>    })<br>    database = optional(object({<br>      password_secret_arn = string<br>      user                = string<br>      database            = string<br>      address             = string<br>      rr_address          = optional(string, null)<br>      }), {<br>      password_secret_arn = null<br>      user                = null<br>      database            = null<br>      address             = null<br>      rr_address          = null<br>    })<br>    redis = optional(object({<br>      address = string<br>      use_tls = optional(bool, true)<br>      }), {<br>      address = null<br>      use_tls = true<br>    })<br>    awslogs = optional(object({<br>      name      = optional(string, null)<br>      region    = optional(string, null)<br>      create    = optional(bool, true)<br>      prefix    = optional(string, "fleet")<br>      retention = optional(number, 5)<br>      }), {<br>      name      = null<br>      region    = null<br>      prefix    = "fleet"<br>      retention = 5<br>    })<br>    loadbalancer = optional(object({<br>      arn = string<br>      }), {<br>      arn = null<br>    })<br>    extra_load_balancers = optional(list(any), [])<br>    networking = optional(object({<br>      subnets         = list(string)<br>      security_groups = optional(list(string), null)<br>      }), {<br>      subnets         = null<br>      security_groups = null<br>    })<br>    autoscaling = optional(object({<br>      max_capacity                 = optional(number, 5)<br>      min_capacity                 = optional(number, 1)<br>      memory_tracking_target_value = optional(number, 80)<br>      cpu_tracking_target_value    = optional(number, 80)<br>      }), {<br>      max_capacity                 = 5<br>      min_capacity                 = 1<br>      memory_tracking_target_value = 80<br>      cpu_tracking_target_value    = 80<br>    })<br>    iam = optional(object({<br>      role = optional(object({<br>        name        = optional(string, "fleet-role")<br>        policy_name = optional(string, "fleet-iam-policy")<br>        }), {<br>        name        = "fleet-role"<br>        policy_name = "fleet-iam-policy"<br>      })<br>      execution = optional(object({<br>        name        = optional(string, "fleet-execution-role")<br>        policy_name = optional(string, "fleet-execution-role")<br>        }), {<br>        name        = "fleet-execution-role"<br>        policy_name = "fleet-iam-policy-execution"<br>      })<br>      }), {<br>      name = "fleetdm-execution-role"<br>    })<br>  })</pre> | <pre>{<br>  "autoscaling": {<br>    "cpu_tracking_target_value": 80,<br>    "max_capacity": 5,<br>    "memory_tracking_target_value": 80,<br>    "min_capacity": 1<br>  },<br>  "awslogs": {<br>    "create": true,<br>    "name": null,<br>    "prefix": "fleet",<br>    "region": null,<br>    "retention": 5<br>  },<br>  "cpu": 256,<br>  "database": {<br>    "address": null,<br>    "database": null,<br>    "password_secret_arn": null,<br>    "rr_address": null,<br>    "user": null<br>  },<br>  "depends_on": [],<br>  "extra_environment_variables": {},<br>  "extra_execution_iam_policies": [],<br>  "extra_iam_policies": [],<br>  "extra_load_balancers": [],<br>  "extra_secrets": {},<br>  "family": "fleet",<br>  "iam": {<br>    "execution": {<br>      "name": "fleet-execution-role",<br>      "policy_name": "fleet-iam-policy-execution"<br>    },<br>    "role": {<br>      "name": "fleet-role",<br>      "policy_name": "fleet-iam-policy"<br>    }<br>  },<br>  "iam_role_arn": null,<br>  "image": "fleetdm/fleet:v4.31.1",<br>  "loadbalancer": {<br>    "arn": null<br>  },<br>  "mem": 512,<br>  "mount_points": [],<br>  "networking": {<br>    "security_groups": null,<br>    "subnets": null<br>  },<br>  "private_key_secret_name": "fleet-server-private-key",<br>  "redis": {<br>    "address": null,<br>    "use_tls": true<br>  },<br>  "repository_credentials": "",<br>  "security_group_name": "fleet",<br>  "security_groups": null,<br>  "service": {<br>    "name": "fleet"<br>  },<br>  "sidecars": [],<br>  "volumes": []<br>}</pre> | no |
 | <a name="input_migration_config"></a> [migration\_config](#input\_migration\_config) | The configuration object for Fleet's migration task. | <pre>object({<br>    mem = number<br>    cpu = number<br>  })</pre> | <pre>{<br>  "cpu": 1024,<br>  "mem": 2048<br>}</pre> | no |
 | <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | n/a | `string` | n/a | yes |
Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ variable "database_name" {`
`56`	`56`
`57`	`57`	`variable "fleet_image" {`
`58`	`58`	`description = "the name of the container image to run"`
`59`		`- default = "fleetdm/fleet:v4.51.0"`
	`59`	`+ default = "fleetdm/fleet:v4.51.1"`
`60`	`60`	`}`
`61`	`61`
`62`	`62`	`variable "software_inventory" {`
Original file line number	Diff line number	Diff line change
`@@ -68,5 +68,5 @@ variable "redis_mem" {`
`68`	`68`	`}`
`69`	`69`
`70`	`70`	`variable "image" {`
`71`		`- default = "fleet:v4.51.0"`
	`71`	`+ default = "fleet:v4.51.1"`
`72`	`72`	`}`