From d2fd3694b84b8856d331b47dd70f29d1d6bd46f7 Mon Sep 17 00:00:00 2001
From: Martin Angers <martin.n.angers@gmail.com>
Date: Wed, 3 Apr 2024 11:13:18 -0400
Subject: [PATCH] Add macOS 14+ built-in label

---
 ...403104633_CreateMacOSSonomaBuiltinLabel.go | 56 +++++++++++++++++++
 ...4633_CreateMacOSSonomaBuiltinLabel_test.go | 20 +++++++
 2 files changed, 76 insertions(+)
 create mode 100644 server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel.go
 create mode 100644 server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel_test.go

diff --git a/server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel.go b/server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel.go
new file mode 100644
index 0000000000..5a38646f8c
--- /dev/null
+++ b/server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel.go
@@ -0,0 +1,56 @@
+package tables
+
+import (
+	"database/sql"
+	"fmt"
+
+	"github.com/VividCortex/mysqlerr"
+	"github.com/fleetdm/fleet/v4/server/fleet"
+	"github.com/go-sql-driver/mysql"
+)
+
+func init() {
+	MigrationClient.AddMigration(Up_20240403104633, Down_20240403104633)
+}
+
+func Up_20240403104633(tx *sql.Tx) error {
+	const stmt = `
+		INSERT INTO labels (
+			name,
+			description,
+			query,
+			platform,
+			label_type,
+			label_membership_type
+		) VALUES (?, ?, ?, ?, ?)
+`
+
+	const labelName = "macOS 14+ (Sonoma+)"
+	_, err := tx.Exec(
+		stmt,
+		labelName,
+		"macOS hosts with version 14 and above",
+		`select 1 from os_version where platform = 'darwin' and major >= 14;`,
+		"darwin",
+		fleet.LabelTypeBuiltIn,
+		fleet.LabelMembershipTypeDynamic,
+	)
+	if err != nil {
+		if driverErr, ok := err.(*mysql.MySQLError); ok {
+			if driverErr.Number == mysqlerr.ER_DUP_ENTRY {
+				// TODO(mna): how do we feel about this approach to ensure the new
+				// Fleet-reserved name is unique? All label names need to be unique
+				// across built-in and regular. (I don't think we've done anything
+				// special before, but this seems a bit nicer/clearer as to why the
+				// migration may have failed and how to fix it)
+				return fmt.Errorf("a label with the name %q already exists, please rename it before applying this migration: %w", labelName, err)
+			}
+		}
+		return err
+	}
+	return nil
+}
+
+func Down_20240403104633(tx *sql.Tx) error {
+	return nil
+}
diff --git a/server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel_test.go b/server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel_test.go
new file mode 100644
index 0000000000..478a22327a
--- /dev/null
+++ b/server/datastore/mysql/migrations/tables/20240403104633_CreateMacOSSonomaBuiltinLabel_test.go
@@ -0,0 +1,20 @@
+package tables
+
+import "testing"
+
+func TestUp_20240403104633(t *testing.T) {
+	db := applyUpToPrev(t)
+
+	//
+	// Insert data to test the migration
+	//
+	// ...
+
+	// Apply current migration.
+	applyNext(t, db)
+
+	//
+	// Check data, insert new entries, e.g. to verify migration is safe.
+	//
+	// ...
+}