Create policies automatically for Fleet-maintained apps

[noahtalerman]

Goal

User story
As an IT admin,
I want to install a Fleet-maintained app on all of my hosts that don't already have it
so that I can deploy a new productivity app to all my hosts w/o having to write a policy.

Objective

• 22616

Context

• Product designer: @marko-lisica

Changes

Product

• [ ] Reference documentation changes: Docs changes covered by API changes below.
• [ ] UI changes: Figma link
• [ ] CLI (fleetctl) usage changes: No fleetctl changes.
• [ ] YAML changes: No YAML changes
• [ ] REST API changes: #23649
• [ ] Fleet's agent (fleetd) changes: No fleetd changes.
• [ ] Activity changes: No activity changes.
• [ ] Permissions changes: No permissions changes. Software add/edit/remove permissions are already specified in the permissions guide.
• [ ] Changes to paid features or tiers: Available for Fleet Premium.

Engineering

• [ ] Feature guide changes: TODO
• [ ] Database schema migrations: TODO
• [ ] Load testing: TODO

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

QA

Risk assessment

• Requires load testing: TODO
• Risk level: Low / High TODO
• Risk description: TODO

Manual testing steps

1. Make sure that policy created by Fleet triggers install successfully for each Fleet-maintained app.
2. Step 2
3. Step 3

Testing notes

Confirmation

1. [ ] Engineer (@____): Added comment to user story confirming successful completion of QA.
2. [ ] QA (@____): Added comment to user story confirming successful completion of QA.

[noahtalerman]

Hey @georgekarrv just giving you a reminder that this story is ready to spec. Please let us know if we can help get this ready for estimation.

cc @marko-lisica

[noahtalerman]

Hey @georgekarrv just giving you a ping! as a reminder that this story is ready to spec. Please let us know if we can help get this ready for estimation.

Note that the API design PR is a draft but it's ready for review. It's in draft b/c it's helping us remember that we want to wait for the 4.58 reference docs to merge it into main before we merge this PR into the 4.59 on the reference docs.

cc @marko-lisica

[noahtalerman]

Hey @georgekarrv, just giving you another reminder that this story is ready for specs. Please ping @marko-lisica if we can help get this ready for estimation.

[noahtalerman]

Hey @georgekarrv heads up we decided to bring this this one back to design review. It's not ready for specs yet.

[marko-lisica]

Hey @georgekarrv, heads up, this story is ready to be specified.

cc @noahtalerman

[marko-lisica]

Hey @ghernandez345, I did small copy tweak here in case you started working on this.

[marko-lisica]

Hey @georgekarrv, I tried this query and it worked, it triggered installation on my host:

SELECT 1 FROM apps WHERE bundle_identifier = '<SOFTWARE_BUNDLE_IDENTIFIER>';

We already have bundle_identifier for each Fleet-maintained app in this file, but you mentioned yesterday that frontend don't have access to it.

I think we need a way for the frontend to know bundle_identifier, probably include it in Get Fleet-maintained app response.

@PezHub I also added note in QA section in the description that we should make sure that this query template works (triggers install) for each Fleet-maintained app.