Add enterprise integration test for calendar events (#17900)

Integration tests for the calendar feature: #17441.

Adding coverage screenshots for the calendar cron and the osquery
distributed/write coverage:

![Screenshot 2024-03-27 at 14 20
44](https://github.com/fleetdm/fleet/assets/2073526/40d394ab-2208-4bec-981b-fe22fae8b5c1)
![Screenshot 2024-03-27 at 14 21
20](https://github.com/fleetdm/fleet/assets/2073526/1e4c8611-21ba-48a6-82f8-a163594f7f01)

Author: lucasmrod

cmd/fleet/serve.go

@@ -28,6 +28,7 @@ import (
 	configpkg "github.com/fleetdm/fleet/v4/server/config"
 	"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
 	licensectx "github.com/fleetdm/fleet/v4/server/contexts/license"
+	"github.com/fleetdm/fleet/v4/server/cron"
 	"github.com/fleetdm/fleet/v4/server/datastore/cached_mysql"
 	"github.com/fleetdm/fleet/v4/server/datastore/mysql"
 	"github.com/fleetdm/fleet/v4/server/datastore/mysqlredis"
@@ -773,9 +774,7 @@ the way that the Fleet server works.
 			if license.IsPremium() {
 				if err := cronSchedules.StartCronSchedule(
 					func() (fleet.CronSchedule, error) {
-						return newCalendarSchedule(
-							ctx, instanceID, ds, logger,
-						)
+						return cron.NewCalendarSchedule(ctx, instanceID, ds, 5*time.Minute, logger)
 					},
 				); err != nil {
 					initFatal(err, "failed to register calendar schedule")

ee/server/calendar/google_calendar_mock.go

@@ -93,3 +93,14 @@ func ClearMockEvents() {
 	defer mu.Unlock()
 	mockEvents = make(map[string]*calendar.Event)
 }
+
+func SetMockEventsToNow() {
+	mu.Lock()
+	defer mu.Unlock()
+
+	now := time.Now()
+	for _, mockEvent := range mockEvents {
+		mockEvent.Start = &calendar.EventDateTime{DateTime: now.Format(time.RFC3339)}
+		mockEvent.End = &calendar.EventDateTime{DateTime: now.Add(30 * time.Minute).Format(time.RFC3339)}
+	}
+}

cmd/fleet/calendar_cron.go server/cron/calendar_cron.go

@@ -1,4 +1,4 @@
-package main
+package cron
 
 import (
 	"context"
@@ -19,19 +19,19 @@ import (
 
 const calendarConsumers = 18
 
-func newCalendarSchedule(
+func NewCalendarSchedule(
 	ctx context.Context,
 	instanceID string,
 	ds fleet.Datastore,
+	interval time.Duration,
 	logger kitlog.Logger,
 ) (*schedule.Schedule, error) {
 	const (
-		name            = string(fleet.CronCalendar)
-		defaultInterval = 5 * time.Minute
+		name = string(fleet.CronCalendar)
 	)
 	logger = kitlog.With(logger, "cron", name)
 	s := schedule.New(
-		ctx, name, instanceID, defaultInterval, ds, ds,
+		ctx, name, instanceID, interval, ds, ds,
 		schedule.WithAltLockID("calendar"),
 		schedule.WithLogger(logger),
 		schedule.WithJob(
@@ -318,9 +318,6 @@ func processFailingHostExistingCalendarEvent(
 		}
 		// Even if fields haven't changed we want to update the calendar_events.updated_at below.
 		updated = true
-		//
-		// TODO(lucas): Check changing updatedEvent to UTC before consuming.
-		//
 	}
 
 	if updated {
@@ -367,8 +364,6 @@ func processFailingHostExistingCalendarEvent(
 		return fmt.Errorf("update host calendar webhook status: %w", err)
 	}
 
-	// TODO(lucas): If this doesn't work at scale, then implement a special refetch
-	// for policies only.
 	if err := ds.UpdateHostRefetchRequested(ctx, host.HostID, true); err != nil {
 		return fmt.Errorf("refetch host: %w", err)
 	}

cmd/fleet/calendar_cron_test.go server/cron/calendar_cron_test.go

@@ -1,11 +1,8 @@
-package main
+package cron
 
 import (
 	"context"
 	"fmt"
-	"io"
-	"net/http"
-	"net/http/httptest"
 	"os"
 	"strconv"
 	"strings"
@@ -17,7 +14,6 @@ import (
 	"github.com/fleetdm/fleet/v4/server/fleet"
 	"github.com/fleetdm/fleet/v4/server/mock"
 	kitlog "github.com/go-kit/log"
-
 	"github.com/stretchr/testify/require"
 )
 
@@ -207,16 +203,19 @@ func TestCalendarEventsMultipleHosts(t *testing.T) {
 		calendar.ClearMockEvents()
 	})
 
-	// TODO(lucas): Test!
-	webhookServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		require.Equal(t, "POST", r.Method)
-		requestBodyBytes, err := io.ReadAll(r.Body)
-		require.NoError(t, err)
-		t.Logf("webhook request: %s\n", requestBodyBytes)
-	}))
-	t.Cleanup(func() {
-		webhookServer.Close()
-	})
+	//
+	// Test setup
+	//
+	//	team1:
+	//
+	//	policyID1 (calendar)
+	//	policyID2 (calendar)
+	//
+	// 	hostID1 has [email protected] not passing policies.
+	//	hostID2 has [email protected] passing policies.
+	//	hostID3 does not have example.com email and is not passing policies.
+	//	hostID4 does not have example.com email and is passing policies.
+	//
 
 	ds.AppConfigFunc = func(ctx context.Context) (*fleet.AppConfig, error) {
 		return &fleet.AppConfig{
@@ -242,7 +241,7 @@ func TestCalendarEventsMultipleHosts(t *testing.T) {
 					Integrations: fleet.TeamIntegrations{
 						GoogleCalendar: &fleet.TeamGoogleCalendarIntegration{
 							Enable:     true,
-							WebhookURL: webhookServer.URL,
+							WebhookURL: "https://foo.example.com",
 						},
 					},
 				},
@@ -268,12 +267,13 @@ func TestCalendarEventsMultipleHosts(t *testing.T) {
 
 	hostID1, userEmail1 := uint(100), "[email protected]"
 	hostID2, userEmail2 := uint(101), "[email protected]"
-	hostID3, userEmail3 := uint(102), "[email protected]"
-	hostID4, userEmail4 := uint(103), "[email protected]"
+	hostID3 := uint(102)
+	hostID4 := uint(103)
 
 	ds.GetTeamHostsPolicyMembershipsFunc = func(
 		ctx context.Context, domain string, teamID uint, policyIDs []uint,
 	) ([]fleet.HostPolicyMembershipData, error) {
+		require.Equal(t, "example.com", domain)
 		require.Equal(t, teamID1, teamID)
 		require.Equal(t, []uint{policyID1, policyID2}, policyIDs)
 		return []fleet.HostPolicyMembershipData{
@@ -289,12 +289,12 @@ func TestCalendarEventsMultipleHosts(t *testing.T) {
 			},
 			{
 				HostID:  hostID3,
-				Email:   userEmail3,
+				Email:   "", // because it does not belong to example.com
 				Passing: false,
 			},
 			{
 				HostID:  hostID4,
-				Email:   userEmail4,
+				Email:   "", // because it does not belong to example.com
 				Passing: true,
 			},
 		}, nil
@@ -304,33 +304,54 @@ func TestCalendarEventsMultipleHosts(t *testing.T) {
 		return nil, nil, notFoundErr{}
 	}
 
+	var eventsMu sync.Mutex
+	calendarEvents := make(map[string]*fleet.CalendarEvent)
+	hostCalendarEvents := make(map[uint]*fleet.HostCalendarEvent)
+
 	ds.CreateOrUpdateCalendarEventFunc = func(ctx context.Context,
 		email string,
 		startTime, endTime time.Time,
 		data []byte,
 		hostID uint,
 		webhookStatus fleet.CalendarWebhookStatus,
 	) (*fleet.CalendarEvent, error) {
-		switch email {
-		case userEmail1:
-			require.Equal(t, hostID1, hostID)
-		case userEmail2:
-			require.Equal(t, hostID2, hostID)
-		case userEmail3:
-			require.Equal(t, hostID3, hostID)
-		case userEmail4:
-			require.Equal(t, hostID4, hostID)
-		}
+		require.Equal(t, hostID1, hostID)
+		require.Equal(t, userEmail1, email)
 		require.Equal(t, fleet.CalendarWebhookStatusNone, webhookStatus)
 		require.NotEmpty(t, data)
 		require.NotZero(t, startTime)
 		require.NotZero(t, endTime)
-		// Currently, the returned calendar event is unused.
+
+		eventsMu.Lock()
+		calendarEventID := uint(len(calendarEvents) + 1)
+		calendarEvents[email] = &fleet.CalendarEvent{
+			ID:        calendarEventID,
+			Email:     email,
+			StartTime: startTime,
+			EndTime:   endTime,
+			Data:      data,
+		}
+		hostCalendarEventID := uint(len(hostCalendarEvents) + 1)
+		hostCalendarEvents[hostID] = &fleet.HostCalendarEvent{
+			ID:              hostCalendarEventID,
+			HostID:          hostID,
+			CalendarEventID: calendarEventID,
+			WebhookStatus:   webhookStatus,
+		}
+		eventsMu.Unlock()
 		return nil, nil
 	}
 
 	err := cronCalendarEvents(ctx, ds, logger)
 	require.NoError(t, err)
+
+	eventsMu.Lock()
+	require.Len(t, calendarEvents, 1)
+	require.Len(t, hostCalendarEvents, 1)
+	eventsMu.Unlock()
+
+	createdCalendarEvents := calendar.ListGoogleMockEvents()
+	require.Len(t, createdCalendarEvents, 1)
 }
 
 type notFoundErr struct{}
@@ -356,17 +377,6 @@ func TestCalendarEvents1KHosts(t *testing.T) {
 		calendar.ClearMockEvents()
 	})
 
-	// TODO(lucas): Use for the test.
-	webhookServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		require.Equal(t, "POST", r.Method)
-		requestBodyBytes, err := io.ReadAll(r.Body)
-		require.NoError(t, err)
-		t.Logf("webhook request: %s\n", requestBodyBytes)
-	}))
-	t.Cleanup(func() {
-		webhookServer.Close()
-	})
-
 	ds.AppConfigFunc = func(ctx context.Context) (*fleet.AppConfig, error) {
 		return &fleet.AppConfig{
 			Integrations: fleet.Integrations{
@@ -395,7 +405,7 @@ func TestCalendarEvents1KHosts(t *testing.T) {
 					Integrations: fleet.TeamIntegrations{
 						GoogleCalendar: &fleet.TeamGoogleCalendarIntegration{
 							Enable:     true,
-							WebhookURL: webhookServer.URL,
+							WebhookURL: "https://foo.example.com",
 						},
 					},
 				},
@@ -406,7 +416,7 @@ func TestCalendarEvents1KHosts(t *testing.T) {
 					Integrations: fleet.TeamIntegrations{
 						GoogleCalendar: &fleet.TeamGoogleCalendarIntegration{
 							Enable:     true,
-							WebhookURL: webhookServer.URL,
+							WebhookURL: "https://foo.example.com",
 						},
 					},
 				},
@@ -417,7 +427,7 @@ func TestCalendarEvents1KHosts(t *testing.T) {
 					Integrations: fleet.TeamIntegrations{
 						GoogleCalendar: &fleet.TeamGoogleCalendarIntegration{
 							Enable:     true,
-							WebhookURL: webhookServer.URL,
+							WebhookURL: "https://foo.example.com",
 						},
 					},
 				},
@@ -428,7 +438,7 @@ func TestCalendarEvents1KHosts(t *testing.T) {
 					Integrations: fleet.TeamIntegrations{
 						GoogleCalendar: &fleet.TeamGoogleCalendarIntegration{
 							Enable:     true,
-							WebhookURL: webhookServer.URL,
+							WebhookURL: "https://foo.example.com",
 						},
 					},
 				},
@@ -439,7 +449,7 @@ func TestCalendarEvents1KHosts(t *testing.T) {
 					Integrations: fleet.TeamIntegrations{
 						GoogleCalendar: &fleet.TeamGoogleCalendarIntegration{
 							Enable:     true,
-							WebhookURL: webhookServer.URL,
+							WebhookURL: "https://foo.example.com",
 						},
 					},
 				},

server/datastore/mysql/calendar_events.go

@@ -52,7 +52,7 @@ func (ds *Datastore) CreateOrUpdateCalendarEvent(
 		} else {
 			stmt := `SELECT id FROM calendar_events WHERE email = ?`
 			if err := sqlx.GetContext(ctx, tx, &id, stmt, email); err != nil {
-				return ctxerr.Wrap(ctx, err, "query mdm solution id")
+				return ctxerr.Wrap(ctx, err, "calendar event id")
 			}
 		}
 

server/datastore/mysql/policies.go

@@ -1171,7 +1171,6 @@ func (ds *Datastore) GetCalendarPolicies(ctx context.Context, teamID uint) ([]fl
 	return policies, nil
 }
 
-// TODO(lucas): Must be tested at scale.
 func (ds *Datastore) GetTeamHostsPolicyMemberships(
 	ctx context.Context,
 	domain string,

server/fleet/datastore.go

@@ -594,6 +594,11 @@ type Datastore interface {
 
 	PolicyQueriesForHost(ctx context.Context, host *Host) (map[string]string, error)
 
+	// GetTeamHostsPolicyMembmerships returns the hosts that belong to the given team and their pass/fail statuses
+	// around the provided policyIDs.
+	// 	- Returns hosts of the team that are failing one or more of the provided policies.
+	//	- Returns hosts of the team that are passing all the policies (or are not running any of the provided policies)
+	//	  and have a calendar event scheduled.
 	GetTeamHostsPolicyMemberships(ctx context.Context, domain string, teamID uint, policyIDs []uint) ([]HostPolicyMembershipData, error)
 	GetCalendarPolicies(ctx context.Context, teamID uint) ([]PolicyCalendarData, error)