Implement upsert of maintained apps

Author: mna

server/datastore/mysql/maintained_apps.go

@@ -0,0 +1,55 @@
+package mysql
+
+import (
+	"context"
+
+	"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
+	"github.com/fleetdm/fleet/v4/server/fleet"
+	"github.com/jmoiron/sqlx"
+)
+
+func (ds *Datastore) UpsertMaintainedApp(ctx context.Context, app *fleet.MaintainedApp) error {
+	const upsertStmt = `
+INSERT INTO 
+	fleet_library_apps (
+		name, token, version, platform, installer_url, filename, 
+		sha256, bundle_identifier, install_script_content_id, uninstall_script_content_id
+	)
+VALUES 
+	( ?, ?, ?, ?, ?, ?,
+	  ?, ?, ?, ? )
+ON DUPLICATE KEY UPDATE
+	name = VALUES(name),
+	version = VALUES(version),
+	platform = VALUES(platform),
+	installer_url = VALUES(installer_url),
+	filename = VALUES(filename),
+	sha256 = VALUES(sha256),
+	bundle_identifier = VALUES(bundle_identifier),
+	install_script_content_id = VALUES(install_script_content_id),
+	uninstall_script_content_id = VALUES(uninstall_script_content_id)
+`
+
+	return ds.withRetryTxx(ctx, func(tx sqlx.ExtContext) error {
+		var err error
+
+		// ensure the install script exists
+		installRes, err := insertScriptContents(ctx, tx, app.InstallScript)
+		if err != nil {
+			return ctxerr.Wrap(ctx, err, "insert install script content")
+		}
+		installScriptID, _ := installRes.LastInsertId()
+
+		// ensure the uninstall script exists
+		uninstallRes, err := insertScriptContents(ctx, tx, app.UninstallScript)
+		if err != nil {
+			return ctxerr.Wrap(ctx, err, "insert uninstall script content")
+		}
+		uninstallScriptID, _ := uninstallRes.LastInsertId()
+
+		// upsert the maintained app
+		_, err = tx.ExecContext(ctx, upsertStmt, app.Name, app.Token, app.Version, app.Platform, app.InstallerURL, app.Filename,
+			app.SHA256, app.BundleIdentifier, installScriptID, uninstallScriptID)
+		return ctxerr.Wrap(ctx, err, "upsert maintained app")
+	})
+}

server/fleet/datastore.go

@@ -1685,6 +1685,10 @@ type Datastore interface {
 	GetPastActivityDataForVPPAppInstall(ctx context.Context, commandResults *mdm.CommandResults) (*User, *ActivityInstalledAppStoreApp, error)
 
 	GetVPPTokenByLocation(ctx context.Context, loc string) (*VPPTokenDB, error)
+
+	// UpsertMaintainedApp inserts or updates a maintained app using the updated
+	// metadata provided via app.
+	UpsertMaintainedApp(ctx context.Context, app *MaintainedApp) error
 }
 
 // MDMAppleStore wraps nanomdm's storage and adds methods to deal with

server/fleet/maintained_apps.go

@@ -0,0 +1,21 @@
+package fleet
+
+// MaintainedApp represets an app in the Fleet library of maintained apps,
+// as stored in the fleet_library_apps table.
+type MaintainedApp struct {
+	ID               uint                `json:"id" db:"id"`
+	Name             string              `json:"name" db:"name"`
+	Token            string              `json:"-" db:"name"`
+	Version          string              `json:"version" db:"version"`
+	Platform         AppleDevicePlatform `json:"platform" db:"platform"`
+	InstallerURL     string              `json:"-" db:"installer_url"`
+	Filename         string              `json:"filename" db:"filename"`
+	SHA256           string              `json:"-" db:"sha256"`
+	BundleIdentifier string              `json:"-" db:"bundle_identifier"`
+
+	// InstallScript and UninstallScript are not stored directly in the table, they
+	// must be filled via a JOIN on script_contents. On insert/update/upsert, these
+	// fields are used to provide the content of those scripts.
+	InstallScript   string `json:"install_script" db:"install_script"`
+	UninstallScript string `json:"uninstall_script" db:"uninstall_script"`
+}

server/mdm/maintainedapps/ingest.go

@@ -7,7 +7,9 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"net/url"
 	"os"
+	"path"
 	"time"
 
 	"github.com/fleetdm/fleet/v4/pkg/fleethttp"
@@ -29,6 +31,8 @@ type maintainedApp struct {
 
 const baseBrewAPIURL = "https://formulae.brew.sh/api/"
 
+// Refresh fetches the latest information about maintained apps from the brew
+// API and updates the Fleet database with the new information.
 func Refresh(ctx context.Context, ds fleet.Datastore, logger kitlog.Logger) error {
 	var apps []maintainedApp
 	if err := json.Unmarshal(appsJSON, &apps); err != nil {
@@ -60,7 +64,7 @@ func (i ingester) ingest(ctx context.Context, apps []maintainedApp) error {
 
 	client := fleethttp.NewClient(fleethttp.WithTimeout(10 * time.Second))
 
-	// run at most 3 concurrent requests
+	// run at most 3 concurrent requests to avoid overwhelming the brew API
 	g.SetLimit(3)
 	for _, app := range apps {
 		app := app // capture loop variable, not required in Go 1.23+
@@ -108,8 +112,52 @@ func (i ingester) ingestOne(ctx context.Context, app maintainedApp, client *http
 		return ctxerr.Wrapf(ctx, err, "unmarshal brew cask for %s", app.Identifier)
 	}
 
-	//i.ds.UpsertMaintainedApp(ctx, &fleet.MaintainedApp{})
-	panic("unimplemented")
+	// validate required fields
+	if len(cask.Name) == 0 || cask.Name[0] == "" {
+		return ctxerr.Errorf(ctx, "missing name for cask %s", app.Identifier)
+	}
+	if cask.Token == "" {
+		return ctxerr.Errorf(ctx, "missing token for cask %s", app.Identifier)
+	}
+	if cask.Version == "" {
+		return ctxerr.Errorf(ctx, "missing version for cask %s", app.Identifier)
+	}
+	if cask.URL == "" {
+		return ctxerr.Errorf(ctx, "missing URL for cask %s", app.Identifier)
+	}
+	parsedURL, err := url.Parse(cask.URL)
+	if err != nil {
+		return ctxerr.Wrapf(ctx, err, "parse URL for cask %s", app.Identifier)
+	}
+	filename := path.Base(parsedURL.Path)
+
+	installScript := installScriptForApp(app, &cask)
+	uninstallScript := uninstallScriptForApp(app, &cask)
+
+	err = i.ds.UpsertMaintainedApp(ctx, &fleet.MaintainedApp{
+		Name:    cask.Name[0],
+		Token:   cask.Token,
+		Version: cask.Version,
+		// for now, maintained apps are always macOS (darwin)
+		Platform:         fleet.MacOSPlatform,
+		InstallerURL:     cask.URL,
+		Filename:         filename,
+		SHA256:           cask.SHA256,
+		BundleIdentifier: app.BundleIdentifier,
+		InstallScript:    installScript,
+		UninstallScript:  uninstallScript,
+	})
+	return ctxerr.Wrap(ctx, err, "upsert maintained app")
+}
+
+func installScriptForApp(app maintainedApp, cask *brewCask) string {
+	// TODO: implement install script based on cask and app installer format
+	return "install"
+}
+
+func uninstallScriptForApp(app maintainedApp, cask *brewCask) string {
+	// TODO: implement uninstall script based on cask and app installer format
+	return "uninstall"
 }
 
 type brewCask struct {

server/mock/datastore_mock.go

@@ -1068,6 +1068,8 @@ type GetPastActivityDataForVPPAppInstallFunc func(ctx context.Context, commandRe
 
 type GetVPPTokenByLocationFunc func(ctx context.Context, loc string) (*fleet.VPPTokenDB, error)
 
+type UpsertMaintainedAppFunc func(ctx context.Context, app *fleet.MaintainedApp) error
+
 type DataStore struct {
 	HealthCheckFunc        HealthCheckFunc
 	HealthCheckFuncInvoked bool
@@ -2641,6 +2643,9 @@ type DataStore struct {
 	GetVPPTokenByLocationFunc        GetVPPTokenByLocationFunc
 	GetVPPTokenByLocationFuncInvoked bool
 
+	UpsertMaintainedAppFunc        UpsertMaintainedAppFunc
+	UpsertMaintainedAppFuncInvoked bool
+
 	mu sync.Mutex
 }
 
@@ -6311,3 +6316,10 @@ func (s *DataStore) GetVPPTokenByLocation(ctx context.Context, loc string) (*fle
 	s.mu.Unlock()
 	return s.GetVPPTokenByLocationFunc(ctx, loc)
 }
+
+func (s *DataStore) UpsertMaintainedApp(ctx context.Context, app *fleet.MaintainedApp) error {
+	s.mu.Lock()
+	s.UpsertMaintainedAppFuncInvoked = true
+	s.mu.Unlock()
+	return s.UpsertMaintainedAppFunc(ctx, app)
+}