Software inventory: add IntelliJ plugins

[noahtalerman]

Goal

User story
As a security engineer on the Software page,
I want to see macOS IntelliJ plugins in Fleet's software inventory
so that I can report on the hosts that have vulnerable plugins.

Objective

Customer promises + renewal requests

Original request

• Surface IntelliJ plugins in software inventory #20644

Context

• Product designer: @noahtalerman

Changes

Product

• UI changes: Figma
• CLI (fleetctl) usage changes: N/A
• YAML changes: N/A
• REST API changes: N/A
• Fleet's agent (fleetd) changes: N/A
• Activity changes: N/A
• Permissions changes: N/A
• Changes to paid features or tiers: Fleet Free and Fleet Premium
• Other reference documentation changes: N/A
• Once shipped, requester has been notified

Engineering

• Feature guide changes: No need
• Database schema migrations: No need
• Load testing: No need
• Test-plan - To be created by the DRI engineer and approved by QA person

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

QA

Risk assessment

• Requires load testing: No
• Risk level: Low

Manual testing steps

1. Step 1
2. Step 2
3. Step 3

Testing notes

Confirmation

1. Engineer (@____): Added comment to user story confirming successful completion of QA.
2. QA (@____): Added comment to user story confirming successful completion of QA.

[sharon-fdm]

Hey team! Please add your planning poker estimate with Zenhub @getvictor @lucasmrod @mostlikelee

[sharon-fdm]

Please add your planning poker estimate with Zenhub @iansltx

[sharon-fdm]

@noahtalerman, if this is just Macos, the estimation will go down to (Edit:) 5 points

[getvictor]

down to 2-3 days, not points

[noahtalerman]

if this is just Macos, the estimation will go down to 2-3 points

@rachaelshaw how would this impact the IT admin experience?

It looks like we might already handle this scenario (some platforms support a type of software) by being explicit in the guide here:

If doing something similar for IntelliJ plugins makes sense I'm all for making this a smaller iterative change.

cc @sharon-fdm

[noahtalerman]

Hey @zayhanlon heads up, this user story didn't make it into the upcoming engineering sprint due to capacity.

It's still prioritized. We left it on the drafting board so that it can be pulled into the next engineering sprint.

[mostlikelee]

@noahtalerman @eugkuo i'll split this effort up by platform (macos / windows / linux) and plan to prioritize them in that same order

[ksykulev]

@noahtalerman - When I did the original research on this I found that we can implement this in one of two ways.

1. Add a new table to osquery
2. Add an osquery extension to fleet

The effort is probably fairly similar, however, the deployment time will likely vary. Osquery doesn't have quite the same release cadence as fleet. Osquery does feel like the more natural place for this code though. I also assume this will not be a premium feature. Any thoughts?

[noahtalerman]

@ksykulev I think let's get it in osquery even if it takes longer. Fleet is only as good as osquery.

also assume this will not be a premium feature.

Yep! Sorry this wasn't clear in the issue description. I added this:

• Changes to paid features or tiers: Fleet Free and Fleet Premium

[noahtalerman]

FYI @mostlikelee ^

[mostlikelee]

The osquery work is most likely going get released with osquery-v.5.18.0, meaning the Fleet changes will have to wait for that release. I pulled out the osquery work here so we can work on it now and will move this story back to the backlog until we are closer to that osquery release.