Fix lint

server/datastore/mysql/apple_mdm.go

@@ -2535,243 +2535,6 @@ func (ds *Datastore) UpdateOrDeleteHostMDMAppleProfile(ctx context.Context, prof
 	return err
 }
 
-const (
-	appleMDMFailedProfilesStmt = `
-            h.uuid = hmap.host_uuid AND
-            hmap.status = :failed`
-
-	appleMDMPendingProfilesStmt = `
-            h.uuid = hmap.host_uuid AND
-            (
-                hmap.status IS NULL OR
-                hmap.status = :pending OR
-		-- special case for filevault, it's pending if the profile is
-		-- pending OR the profile is verified or verifying but we still
-		-- don't have an encryption key.
-                (
-                    hmap.profile_identifier = :filevault AND
-                    hmap.status IN (:verifying, :verified) AND
-                    hmap.operation_type = :install AND
-                    NOT EXISTS (
-                        SELECT 1
-                        FROM host_disk_encryption_keys hdek
-                        WHERE h.id = hdek.host_id AND
-                              (hdek.decryptable = 1 OR hdek.decryptable IS NULL)
-                    )
-                )
-            )`
-
-	appleMDMVerifyingProfilesStmt = `
-           h.uuid = hmap.host_uuid AND
-           hmap.operation_type = :install AND
-           (
-	       -- all profiles except filevault that are 'verifying'
-               (
-                   hmap.profile_identifier != :filevault AND
-                   hmap.status = :verifying
-               )
-               OR
-               -- special cases for filevault
-               (
-                   hmap.profile_identifier = :filevault AND
-                   (
-		       -- filevault profile is verified, but we didn't verify the encryption key
-                       (
-                           hmap.status = :verified AND
-                           EXISTS (
-                               SELECT 1
-                               FROM host_disk_encryption_keys AS hdek
-                               WHERE h.id = hdek.host_id AND
-                                     hdek.decryptable IS NULL
-                           )
-                       )
-                       OR
-		       -- filevault profile is verifying, and we already have an encryption key, in any state
-                       (
-                           hmap.status = :verifying AND
-                           EXISTS (
-                               SELECT 1
-                               FROM host_disk_encryption_keys AS hdek
-                               WHERE h.id = hdek.host_id AND
-                                     hdek.decryptable = 1 OR hdek.decryptable IS NULL
-                           )
-                       )
-                   )
-               )
-           )`
-
-	appleVerifiedProfilesStmt = `
-            h.uuid = hmap.host_uuid AND
-            hmap.operation_type = :install AND
-            hmap.status = :verified AND
-            (
-                hmap.profile_identifier != :filevault OR
-                EXISTS (
-                    SELECT 1
-                    FROM host_disk_encryption_keys hdek
-                    WHERE h.id = hdek.host_id AND
-                          hdek.decryptable = 1
-                )
-            )`
-)
-
-// subqueryAppleProfileStatus builds the right subquery that can be used to
-// filter hosts based on their profile status.
-//
-// The subquery mechanism works by finding profiles for hosts that:
-//   - match with the provided status
-//   - match any status that supercedes the provided status (eg: failed supercedes verifying)
-//
-// Hosts will be considered to be in the given status only if the profiles
-// match the given status and zero profiles match any superceding status.
-func subqueryAppleProfileStatus(status fleet.MDMDeliveryStatus) (string, []any, error) {
-	var condition string
-	var excludeConditions string
-	switch status {
-	case fleet.MDMDeliveryFailed:
-		condition = appleMDMFailedProfilesStmt
-		excludeConditions = "FALSE"
-	case fleet.MDMDeliveryPending:
-		condition = appleMDMPendingProfilesStmt
-		excludeConditions = appleMDMFailedProfilesStmt
-	case fleet.MDMDeliveryVerifying:
-		condition = appleMDMVerifyingProfilesStmt
-		excludeConditions = fmt.Sprintf("(%s) OR (%s)", appleMDMPendingProfilesStmt, appleMDMFailedProfilesStmt)
-	case fleet.MDMDeliveryVerified:
-		condition = appleVerifiedProfilesStmt
-		excludeConditions = fmt.Sprintf("(%s) OR (%s) OR (%s)", appleMDMPendingProfilesStmt, appleMDMFailedProfilesStmt, appleMDMVerifyingProfilesStmt)
-	default:
-		return "", nil, fmt.Errorf("invalid status: %s", status)
-	}
-
-	sql := fmt.Sprintf(`
-            SELECT 1
-            FROM host_mdm_apple_profiles hmap
-            WHERE %s AND
-                  NOT EXISTS (
-                      SELECT 1
-                      FROM host_mdm_apple_profiles hmap
-                      WHERE %s
-                  )`, condition, excludeConditions)
-
-	arg := map[string]any{
-		"install":   fleet.MDMOperationTypeInstall,
-		"verifying": fleet.MDMDeliveryVerifying,
-		"failed":    fleet.MDMDeliveryFailed,
-		"verified":  fleet.MDMDeliveryVerified,
-		"pending":   fleet.MDMDeliveryPending,
-		"filevault": mobileconfig.FleetFileVaultPayloadIdentifier,
-	}
-	query, args, err := sqlx.Named(sql, arg)
-	if err != nil {
-		return "", nil, fmt.Errorf("subqueryAppleProfileStatus %s: %w", status, err)
-	}
-
-	return query, args, nil
-}
-
-// subqueryAppleDeclarationStatus builds out the subquery for declaration status
-func subqueryAppleDeclarationStatus() (string, []any, error) {
-	const declNamedStmt = `
-		CASE WHEN EXISTS (
-			SELECT
-				1
-			FROM
-				host_mdm_apple_declarations d1
-			WHERE
-				h.uuid = d1.host_uuid
-				AND d1.operation_type = :install
-				AND d1.status = :failed
-				AND d1.declaration_name NOT IN (:reserved_names)) THEN
-			'declarations_failed'
-		WHEN EXISTS (
-			SELECT
-				1
-			FROM
-				host_mdm_apple_declarations d2
-			WHERE
-				h.uuid = d2.host_uuid
-				AND d2.operation_type = :install
-				AND(d2.status IS NULL
-					OR d2.status = :pending)
-				AND d2.declaration_name NOT IN (:reserved_names)
-				AND NOT EXISTS (
-					SELECT
-						1
-					FROM
-						host_mdm_apple_declarations d3
-					WHERE
-						h.uuid = d3.host_uuid
-						AND d3.operation_type = :install
-						AND d3.status = :failed
-						AND d3.declaration_name NOT IN (:reserved_names))) THEN
-			'declarations_pending'
-		WHEN EXISTS (
-			SELECT
-				1
-			FROM
-				host_mdm_apple_declarations d4
-			WHERE
-				h.uuid = d4.host_uuid
-				AND d4.operation_type = :install
-				AND d4.status = :verifying
-				AND d4.declaration_name NOT IN (:reserved_names)
-				AND NOT EXISTS (
-					SELECT
-						1
-					FROM
-						host_mdm_apple_declarations d5
-					WHERE (h.uuid = d5.host_uuid
-						AND d5.operation_type = :install
-						AND d5.declaration_name NOT IN (:reserved_names)
-						AND(d5.status IS NULL
-							OR d5.status IN(:pending, :failed))))) THEN
-			'declarations_verifying'
-		WHEN EXISTS (
-			SELECT
-				1
-			FROM
-				host_mdm_apple_declarations d6
-			WHERE
-				h.uuid = d6.host_uuid
-				AND d6.operation_type = :install
-				AND d6.status = :verified
-				AND d6.declaration_name NOT IN (:reserved_names)
-				AND NOT EXISTS (
-					SELECT
-						1
-					FROM
-						host_mdm_apple_declarations d7
-					WHERE (h.uuid = d7.host_uuid
-						AND d7.operation_type = :install
-						AND d7.declaration_name NOT IN (:reserved_names)
-						AND(d7.status IS NULL
-							OR d7.status IN(:pending, :failed, :verifying))))) THEN
-			'declarations_verified'
-		ELSE
-			''
-		END`
-
-	arg := map[string]any{
-		"install":        fleet.MDMOperationTypeInstall,
-		"verifying":      fleet.MDMDeliveryVerifying,
-		"failed":         fleet.MDMDeliveryFailed,
-		"verified":       fleet.MDMDeliveryVerified,
-		"pending":        fleet.MDMDeliveryPending,
-		"reserved_names": fleetmdm.ListFleetReservedMacOSDeclarationNames(),
-	}
-	query, args, err := sqlx.Named(declNamedStmt, arg)
-	if err != nil {
-		return "", nil, fmt.Errorf("subqueryAppleDeclarationStatus: %w", err)
-	}
-	query, args, err = sqlx.In(query, args...)
-	if err != nil {
-		return "", nil, fmt.Errorf("subqueryAppleDeclarationStatus resolve IN: %w", err)
-	}
-
-	return query, args, nil
-}
-
 // sqlCaseMDMAppleStatus returns a SQL snippet that can be used to determine the status of a host
 // based on the status of its profiles and declarations and filevault status. It should be used in
 // conjunction with sqlJoinMDMAppleProfilesStatus and sqlJoinMDMAppleDeclarationsStatus. It assumes the