Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Software inventory: add IntelliJ plugins #22463

Open
12 of 16 tasks
noahtalerman opened this issue Sep 27, 2024 · 11 comments
Open
12 of 16 tasks

Software inventory: add IntelliJ plugins #22463

noahtalerman opened this issue Sep 27, 2024 · 11 comments
Assignees
Labels
~csa Issue was created by or deemed important by the Customer Solutions Architect. customer-starchik customer-stazzema ~finalize-testplan test plan needs to be finalized by QA #g-software Software product group :product Product Design department (shows up on 🦢 Drafting board) ~pushed User story was pushed to next release. story A user story defining an entire feature

Comments

@noahtalerman
Copy link
Member

noahtalerman commented Sep 27, 2024

Goal

User story
As a security engineer on the Software page,
I want to see macOS IntelliJ plugins in Fleet's software inventory
so that I can report on the hosts that have vulnerable plugins.

Objective

Customer promises + renewal requests

Original request

Context

Changes

Product

  • UI changes: Figma
  • CLI (fleetctl) usage changes: N/A
  • YAML changes: N/A
  • REST API changes: N/A
  • Fleet's agent (fleetd) changes: N/A
  • Activity changes: N/A
  • Permissions changes: N/A
  • Changes to paid features or tiers: Fleet Free and Fleet Premium
  • Other reference documentation changes: N/A
  • Once shipped, requester has been notified

Engineering

  • Feature guide changes: No need
  • Database schema migrations: No need
  • Load testing: No need
  • Test-plan - To be created by the DRI engineer and approved by QA person

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

QA

Risk assessment

  • Requires load testing: No
  • Risk level: Low

Manual testing steps

  1. Step 1
  2. Step 2
  3. Step 3

Testing notes

Confirmation

  1. Engineer (@____): Added comment to user story confirming successful completion of QA.
  2. QA (@____): Added comment to user story confirming successful completion of QA.
@noahtalerman noahtalerman added story A user story defining an entire feature :product Product Design department (shows up on 🦢 Drafting board) #g-endpoint-ops Endpoint ops product group labels Sep 27, 2024
@nonpunctual nonpunctual added ~csa Issue was created by or deemed important by the Customer Solutions Architect. customer-starchik labels Sep 27, 2024
@sharon-fdm
Copy link
Collaborator

Hey team! Please add your planning poker estimate with Zenhub @getvictor @lucasmrod @mostlikelee

@sharon-fdm
Copy link
Collaborator

Please add your planning poker estimate with Zenhub @iansltx

@sharon-fdm
Copy link
Collaborator

sharon-fdm commented Oct 2, 2024

@noahtalerman, if this is just Macos, the estimation will go down to (Edit:) 5 points

@getvictor
Copy link
Member

down to 2-3 days, not points

@noahtalerman
Copy link
Member Author

if this is just Macos, the estimation will go down to 2-3 points

@rachaelshaw how would this impact the IT admin experience?

It looks like we might already handle this scenario (some platforms support a type of software) by being explicit in the guide here:

Screenshot 2024-10-02 at 5 45 11 PM

If doing something similar for IntelliJ plugins makes sense I'm all for making this a smaller iterative change.

cc @sharon-fdm

@noahtalerman noahtalerman added Epic DO NOT USE. Auto-created by ZenHub, cannot be disabled. customer-stazzema and removed Epic DO NOT USE. Auto-created by ZenHub, cannot be disabled. labels Oct 4, 2024
@noahtalerman
Copy link
Member Author

Hey @zayhanlon heads up, this user story didn't make it into the upcoming engineering sprint due to capacity.

It's still prioritized. We left it on the drafting board so that it can be pulled into the next engineering sprint.

@lukeheath lukeheath added #g-software Software product group and removed #g-endpoint-ops Endpoint ops product group labels Dec 19, 2024
@lukeheath lukeheath assigned mostlikelee and unassigned sharon-fdm Jan 3, 2025
@mostlikelee
Copy link
Contributor

@noahtalerman @eugkuo i'll split this effort up by platform (macos / windows / linux) and plan to prioritize them in that same order

@mostlikelee mostlikelee changed the title Software inventory: add IntelliJ plugins Software inventory: add IntelliJ plugins for macOS Jan 3, 2025
@mostlikelee mostlikelee added the ~finalize-testplan test plan needs to be finalized by QA label Jan 8, 2025
@mostlikelee mostlikelee changed the title Software inventory: add IntelliJ plugins for macOS Software inventory: add IntelliJ plugins Jan 22, 2025
@mostlikelee mostlikelee removed their assignment Feb 10, 2025
@mostlikelee mostlikelee added :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. and removed :product Product Design department (shows up on 🦢 Drafting board) labels Mar 24, 2025
@ksykulev
Copy link
Contributor

@noahtalerman - When I did the original research on this I found that we can implement this in one of two ways.

  1. Add a new table to osquery
  2. Add an osquery extension to fleet

The effort is probably fairly similar, however, the deployment time will likely vary. Osquery doesn't have quite the same release cadence as fleet. Osquery does feel like the more natural place for this code though. I also assume this will not be a premium feature. Any thoughts?

@noahtalerman
Copy link
Member Author

@ksykulev I think let's get it in osquery even if it takes longer. Fleet is only as good as osquery.

also assume this will not be a premium feature.

Yep! Sorry this wasn't clear in the issue description. I added this:

  • Changes to paid features or tiers: Fleet Free and Fleet Premium

@noahtalerman
Copy link
Member Author

FYI @mostlikelee ^

@mostlikelee
Copy link
Contributor

The osquery work is most likely going get released with osquery-v.5.18.0, meaning the Fleet changes will have to wait for that release. I pulled out the osquery work here so we can work on it now and will move this story back to the backlog until we are closer to that osquery release.

@mostlikelee mostlikelee added :product Product Design department (shows up on 🦢 Drafting board) ~pushed User story was pushed to next release. and removed :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. labels Apr 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
~csa Issue was created by or deemed important by the Customer Solutions Architect. customer-starchik customer-stazzema ~finalize-testplan test plan needs to be finalized by QA #g-software Software product group :product Product Design department (shows up on 🦢 Drafting board) ~pushed User story was pushed to next release. story A user story defining an entire feature
Projects
None yet
Development

No branches or pull requests

8 participants