feat: can delete via cron job if global flag set (#14398)

# Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added/updated tests --------- Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com>
2026-05-23 08:58:41 +00:00 · 2023-10-10 09:06:54 -04:00 · 2023-10-10 09:06:54 -04:00 · 0435431ae9
commit 0435431ae9
parent fa55d72118
4 changed files with 38 additions and 0 deletions
--- a/cmd/fleet/cron.go
+++ b/cmd/fleet/cron.go
@ -803,6 +803,20 @@ func newCleanupsAndAggregationSchedule(
 				return verifyDiskEncryptionKeys(ctx, logger, ds, config)
 			},
 		),
+		schedule.WithJob("query_results_cleanup", func(ctx context.Context) error {
+			config, err := ds.AppConfig(ctx)
+			if err != nil {
+				return err
+			}
+
+			if config.ServerSettings.QueryReportsDisabled {
+				if err = ds.CleanupGlobalDiscardQueryResults(ctx); err != nil {
+					return err
+				}
+			}
+
+			return nil
+		}),
 	)

 	return s, nil
--- a/server/datastore/mysql/queries.go
+++ b/server/datastore/mysql/queries.go
@ -566,3 +566,13 @@ func (ds *Datastore) ListScheduledQueriesForAgents(ctx context.Context, teamID *

 	return results, nil
 }
+
+func (ds *Datastore) CleanupGlobalDiscardQueryResults(ctx context.Context) error {
+	deleteStmt := "DELETE FROM query_results"
+	_, err := ds.writer(ctx).ExecContext(ctx, deleteStmt)
+	if err != nil {
+		return ctxerr.Wrapf(ctx, err, "delete all from query_result")
+	}
+
+	return nil
+}
--- a/server/fleet/datastore.go
+++ b/server/fleet/datastore.go
@ -91,6 +91,8 @@ type Datastore interface {
 	// ObserverCanRunQuery returns whether a user with an observer role is permitted to run the
 	// identified query
 	ObserverCanRunQuery(ctx context.Context, queryID uint) (bool, error)
+	// CleanupGlobalDiscardQueryResults deletes all cached query results. Used in cleanups_then_aggregation cron.
+	CleanupGlobalDiscardQueryResults(ctx context.Context) error

 	///////////////////////////////////////////////////////////////////////////////
 	// CampaignStore defines the distributed query campaign related datastore methods
--- a/server/mock/datastore_mock.go
+++ b/server/mock/datastore_mock.go
@ -76,6 +76,8 @@ type QueryByNameFunc func(ctx context.Context, teamID *uint, name string, opts .

 type ObserverCanRunQueryFunc func(ctx context.Context, queryID uint) (bool, error)

+type CleanupGlobalDiscardQueryResultsFunc func(ctx context.Context) error
+
 type NewDistributedQueryCampaignFunc func(ctx context.Context, camp *fleet.DistributedQueryCampaign) (*fleet.DistributedQueryCampaign, error)

 type DistributedQueryCampaignFunc func(ctx context.Context, id uint) (*fleet.DistributedQueryCampaign, error)
@ -778,6 +780,9 @@ type DataStore struct {
 	ObserverCanRunQueryFunc        ObserverCanRunQueryFunc
 	ObserverCanRunQueryFuncInvoked bool

+	CleanupGlobalDiscardQueryResultsFunc        CleanupGlobalDiscardQueryResultsFunc
+	CleanupGlobalDiscardQueryResultsFuncInvoked bool
+
 	NewDistributedQueryCampaignFunc        NewDistributedQueryCampaignFunc
 	NewDistributedQueryCampaignFuncInvoked bool

@ -1905,6 +1910,13 @@ func (s *DataStore) ObserverCanRunQuery(ctx context.Context, queryID uint) (bool
 	return s.ObserverCanRunQueryFunc(ctx, queryID)
 }

+func (s *DataStore) CleanupGlobalDiscardQueryResults(ctx context.Context) error {
+	s.mu.Lock()
+	s.CleanupGlobalDiscardQueryResultsFuncInvoked = true
+	s.mu.Unlock()
+	return s.CleanupGlobalDiscardQueryResultsFunc(ctx)
+}
+
 func (s *DataStore) NewDistributedQueryCampaign(ctx context.Context, camp *fleet.DistributedQueryCampaign) (*fleet.DistributedQueryCampaign, error) {
 	s.mu.Lock()
 	s.NewDistributedQueryCampaignFuncInvoked = true