Live policy updates

[GuillaumeRoss]

Goal

TODO This issue depends on https://github.com/fleetdm/fleet/issues/4106 - and should not be started before.

Fleet includes pre-written policy queries. The workflow works as such:

1. User creates new policy.
2. Picks a pre-written query.
3. Is shown the query (in the regular query UI)
4. Saves the query, with or without edits
5. A policy is now active with this query

For policy queries that are provided by Fleet, there should be an option to keep the actual policy up to date with the latest version of the query.

Ex:

User creates a policy to check laptop encryption status following the steps above. The user made NO edit to the policy. Then, a new version of the pre-written query is released, which checks for not only Bitlocker on Windows but a variety of third party encryption tools. The user would like this query to now be used, but has to create a new policy and delete the old one IF they even knew a new version of this query existed. It would be a better experience if the query could improve over time, like the rest of the product.

How?

• [ ] We should make this clear in the setup and settings, with a way to turn it completely off.
• [ ] Users should be able to pick between "Auto update unmodified policies" or "Warn me when new policies are available". If they use "warn", then they should be able to review the old vs new one and update the policy if they want to.
• [ ] Queries that were customized should NEVER be auto updated, but the user should be told when a new version of the query they based it on is available.

[GuillaumeRoss]

@noahtalerman Another one from our list!