fleet/server/service/live_queries.go

package service

import (
	"context"
	"fmt"
	"os"
	"strconv"
	"sync"
	"time"

	"github.com/fleetdm/fleet/v4/server"
	"github.com/fleetdm/fleet/v4/server/authz"
	"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
	"github.com/fleetdm/fleet/v4/server/contexts/logging"
	"github.com/fleetdm/fleet/v4/server/fleet"
	"github.com/fleetdm/fleet/v4/server/ptr"
)

type runLiveQueryRequest struct {
	QueryIDs []uint `json:"query_ids"`
	HostIDs  []uint `json:"host_ids"`
}

type summaryPayload struct {
	TargetedHostCount  int `json:"targeted_host_count"`
	RespondedHostCount int `json:"responded_host_count"`
}

type runLiveQueryResponse struct {
	Summary summaryPayload `json:"summary"`
	Err     error          `json:"error,omitempty"`

	Results []fleet.QueryCampaignResult `json:"live_query_results"`
}

func (r runLiveQueryResponse) error() error { return r.Err }

func runLiveQueryEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (errorer, error) {
	req := request.(*runLiveQueryRequest)

	// The period used here should always be less than the request timeout for any load
	// balancer/proxy between Fleet and the API client.
	period := os.Getenv("FLEET_LIVE_QUERY_REST_PERIOD")
	if period == "" {
		period = "25s"
	}
	duration, err := time.ParseDuration(period)
	if err != nil {
		duration = 25 * time.Second
		logging.WithExtras(ctx, "live_query_rest_period_err", err)
	}

	// Only allow a host to be specified once in HostIDs
	req.HostIDs = server.RemoveDuplicatesFromSlice(req.HostIDs)
	res := runLiveQueryResponse{
		Summary: summaryPayload{
			TargetedHostCount:  len(req.HostIDs),
			RespondedHostCount: 0,
		},
	}

	queryResults, respondedHostCount, err := svc.RunLiveQueryDeadline(ctx, req.QueryIDs, req.HostIDs, duration)
	if err != nil {
		return nil, err
	}
	// Check if all query results were forbidden due to lack of authorization.
	allResultsForbidden := len(queryResults) > 0 && respondedHostCount == 0
	if allResultsForbidden {
		for _, r := range queryResults {
			if r.Error == nil || *r.Error != authz.ForbiddenErrorMessage {
				allResultsForbidden = false
				break
			}
		}
	}
	if allResultsForbidden {
		return nil, authz.ForbiddenWithInternal("All Live Query results were forbidden.", authz.UserFromContext(ctx), nil, nil)
	}
	res.Results = queryResults
	res.Summary.RespondedHostCount = respondedHostCount

	return res, nil
}

func (svc *Service) RunLiveQueryDeadline(
	ctx context.Context, queryIDs []uint, hostIDs []uint, deadline time.Duration,
) ([]fleet.QueryCampaignResult, int, error) {
	if len(queryIDs) == 0 || len(hostIDs) == 0 {
		svc.authz.SkipAuthorization(ctx)
		return nil, 0, ctxerr.Wrap(ctx, badRequest("query_ids and host_ids are required"))
	}
	wg := sync.WaitGroup{}

	resultsCh := make(chan fleet.QueryCampaignResult)

	counterMutex := sync.Mutex{}
	respondedHostIDs := make(map[uint]struct{})

	for _, queryID := range queryIDs {
		queryID := queryID
		wg.Add(1)
		go func() {
			defer wg.Done()
			campaign, err := svc.NewDistributedQueryCampaign(ctx, "", &queryID, fleet.HostTargets{HostIDs: hostIDs})
			if err != nil {
				resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(err.Error())}
				return
			}

			readChan, cancelFunc, err := svc.GetCampaignReader(ctx, campaign)
			if err != nil {
				resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(err.Error())}
				return
			}
			defer cancelFunc()

			defer func() {
				err := svc.CompleteCampaign(ctx, campaign)
				if err != nil {
					resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(err.Error())}
				}
			}()

			var results []fleet.QueryResult
			timeout := time.After(deadline)
		loop:
			for {
				select {
				case res := <-readChan:
					switch res := res.(type) {
					case fleet.DistributedQueryResult:
						results = append(results, fleet.QueryResult{HostID: res.Host.ID, Rows: res.Rows, Error: res.Error})
						counterMutex.Lock()
						respondedHostIDs[res.Host.ID] = struct{}{}
						counterMutex.Unlock()
					case error:
						resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(res.Error())}
						return
					}
				case <-timeout:
					break loop
				case <-ctx.Done():
					break loop
				}
			}
			resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Results: results}
		}()
	}

	// Iterate collecting results until all the goroutines have returned
	go func() {
		wg.Wait()
		close(resultsCh)
	}()

	var results []fleet.QueryCampaignResult
	for result := range resultsCh {
		results = append(results, result)
	}

	return results, len(respondedHostIDs), nil
}

func (svc *Service) GetCampaignReader(ctx context.Context, campaign *fleet.DistributedQueryCampaign) (<-chan interface{}, context.CancelFunc, error) {
	// Open the channel from which we will receive incoming query results
	// (probably from the redis pubsub implementation)
	cancelCtx, cancelFunc := context.WithCancel(ctx)

	readChan, err := svc.resultStore.ReadChannel(cancelCtx, *campaign)
	if err != nil {
		cancelFunc()
		return nil, nil, fmt.Errorf("cannot open read channel for campaign %d ", campaign.ID)
	}

	campaign.Status = fleet.QueryRunning
	if err := svc.ds.SaveDistributedQueryCampaign(ctx, campaign); err != nil {
		cancelFunc()
		return nil, nil, ctxerr.Wrap(ctx, err, "error saving campaign state")
	}

	return readChan, cancelFunc, nil
}

func (svc *Service) CompleteCampaign(ctx context.Context, campaign *fleet.DistributedQueryCampaign) error {
	campaign.Status = fleet.QueryComplete
	err := svc.ds.SaveDistributedQueryCampaign(ctx, campaign)
	if err != nil {
		return ctxerr.Wrap(ctx, err, "saving distributed campaign after complete")
	}
	err = svc.liveQueryStore.StopQuery(strconv.Itoa(int(campaign.ID)))
	if err != nil {
		return ctxerr.Wrap(ctx, err, "stopping query after after complete")
	}
	return nil
}
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`package service`

			`import (`
			`"context"`
			`"fmt"`
			`"os"`
			`"strconv"`
			`"sync"`
			`"time"`

Fixes to /fleet/queries/run endpoint (#14909) Fixes to /fleet/queries/run endpoint: - now returns 403 for an unauthorized user - now returns 400 when query_ids or host_ids are not specified #11446 and #11901 # Checklist for submitter If some of the following don't apply, delete the relevant line. API clarifications are in a separate PR https://github.com/fleetdm/fleet/pull/14956 - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2023-11-06 17:03:42 +00:00			`"github.com/fleetdm/fleet/v4/server"`
			`"github.com/fleetdm/fleet/v4/server/authz"`
Use new error handling approach in other packages (#2954) 2021-11-22 14:13:26 +00:00			`"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`"github.com/fleetdm/fleet/v4/server/contexts/logging"`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`"github.com/fleetdm/fleet/v4/server/fleet"`
			`"github.com/fleetdm/fleet/v4/server/ptr"`
			`)`

			`type runLiveQueryRequest struct {`
			QueryIDs []uint `json:"query_ids"`
			HostIDs []uint `json:"host_ids"`
			`}`

			`type summaryPayload struct {`
			TargetedHostCount int `json:"targeted_host_count"`
			RespondedHostCount int `json:"responded_host_count"`
			`}`

			`type runLiveQueryResponse struct {`
			Summary summaryPayload `json:"summary"`
			Err error `json:"error,omitempty"`

Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			Results []fleet.QueryCampaignResult `json:"live_query_results"`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`

			`func (r runLiveQueryResponse) error() error { return r.Err }`

Set interface for response types (#9121) * Set interface for response types * Fix TestEndpointer test 2022-12-27 14:26:59 +00:00			`func runLiveQueryEndpoint(ctx context.Context, request interface{}, svc fleet.Service) (errorer, error) {`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`req := request.(*runLiveQueryRequest)`

Shorten "simple" query API period to 25s (#3775) This helps the period stay under the default request timeouts for most load balancers. Some default timeouts: * AWS ALB - 60s * Nginx - 60s * GCP LB - 30s 2022-01-20 01:48:57 +00:00			`// The period used here should always be less than the request timeout for any load`
			`// balancer/proxy between Fleet and the API client.`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`period := os.Getenv("FLEET_LIVE_QUERY_REST_PERIOD")`
			`if period == "" {`
Shorten "simple" query API period to 25s (#3775) This helps the period stay under the default request timeouts for most load balancers. Some default timeouts: * AWS ALB - 60s * Nginx - 60s * GCP LB - 30s 2022-01-20 01:48:57 +00:00			`period = "25s"`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`
			`duration, err := time.ParseDuration(period)`
			`if err != nil {`
Shorten "simple" query API period to 25s (#3775) This helps the period stay under the default request timeouts for most load balancers. Some default timeouts: * AWS ALB - 60s * Nginx - 60s * GCP LB - 30s 2022-01-20 01:48:57 +00:00			`duration = 25 * time.Second`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`logging.WithExtras(ctx, "live_query_rest_period_err", err)`
			`}`

Fixes to /fleet/queries/run endpoint (#14909) Fixes to /fleet/queries/run endpoint: - now returns 403 for an unauthorized user - now returns 400 when query_ids or host_ids are not specified #11446 and #11901 # Checklist for submitter If some of the following don't apply, delete the relevant line. API clarifications are in a separate PR https://github.com/fleetdm/fleet/pull/14956 - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2023-11-06 17:03:42 +00:00			`// Only allow a host to be specified once in HostIDs`
			`req.HostIDs = server.RemoveDuplicatesFromSlice(req.HostIDs)`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`res := runLiveQueryResponse{`
			`Summary: summaryPayload{`
			`TargetedHostCount: len(req.HostIDs),`
			`RespondedHostCount: 0,`
			`},`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`

Fixes to /fleet/queries/run endpoint (#14909) Fixes to /fleet/queries/run endpoint: - now returns 403 for an unauthorized user - now returns 400 when query_ids or host_ids are not specified #11446 and #11901 # Checklist for submitter If some of the following don't apply, delete the relevant line. API clarifications are in a separate PR https://github.com/fleetdm/fleet/pull/14956 - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2023-11-06 17:03:42 +00:00			`queryResults, respondedHostCount, err := svc.RunLiveQueryDeadline(ctx, req.QueryIDs, req.HostIDs, duration)`
			`if err != nil {`
			`return nil, err`
			`}`
			`// Check if all query results were forbidden due to lack of authorization.`
			`allResultsForbidden := len(queryResults) > 0 && respondedHostCount == 0`
			`if allResultsForbidden {`
			`for _, r := range queryResults {`
			`if r.Error == nil \|\| *r.Error != authz.ForbiddenErrorMessage {`
			`allResultsForbidden = false`
			`break`
			`}`
			`}`
			`}`
			`if allResultsForbidden {`
			`return nil, authz.ForbiddenWithInternal("All Live Query results were forbidden.", authz.UserFromContext(ctx), nil, nil)`
			`}`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`res.Results = queryResults`
			`res.Summary.RespondedHostCount = respondedHostCount`

			`return res, nil`
			`}`

Fixes to /fleet/queries/run endpoint (#14909) Fixes to /fleet/queries/run endpoint: - now returns 403 for an unauthorized user - now returns 400 when query_ids or host_ids are not specified #11446 and #11901 # Checklist for submitter If some of the following don't apply, delete the relevant line. API clarifications are in a separate PR https://github.com/fleetdm/fleet/pull/14956 - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2023-11-06 17:03:42 +00:00			`func (svc *Service) RunLiveQueryDeadline(`
			`ctx context.Context, queryIDs []uint, hostIDs []uint, deadline time.Duration,`
			`) ([]fleet.QueryCampaignResult, int, error) {`
			`if len(queryIDs) == 0 \|\| len(hostIDs) == 0 {`
			`svc.authz.SkipAuthorization(ctx)`
			`return nil, 0, ctxerr.Wrap(ctx, badRequest("query_ids and host_ids are required"))`
			`}`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`wg := sync.WaitGroup{}`

			`resultsCh := make(chan fleet.QueryCampaignResult)`

			`counterMutex := sync.Mutex{}`
			`respondedHostIDs := make(map[uint]struct{})`

			`for _, queryID := range queryIDs {`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`queryID := queryID`
			`wg.Add(1)`
			`go func() {`
			`defer wg.Done()`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`campaign, err := svc.NewDistributedQueryCampaign(ctx, "", &queryID, fleet.HostTargets{HostIDs: hostIDs})`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`if err != nil {`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(err.Error())}`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`return`
			`}`

			`readChan, cancelFunc, err := svc.GetCampaignReader(ctx, campaign)`
			`if err != nil {`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(err.Error())}`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`return`
			`}`
			`defer cancelFunc()`

			`defer func() {`
			`err := svc.CompleteCampaign(ctx, campaign)`
			`if err != nil {`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(err.Error())}`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`
			`}()`

Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`var results []fleet.QueryResult`
			`timeout := time.After(deadline)`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`loop:`
			`for {`
			`select {`
			`case res := <-readChan:`
			`switch res := res.(type) {`
			`case fleet.DistributedQueryResult:`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`results = append(results, fleet.QueryResult{HostID: res.Host.ID, Rows: res.Rows, Error: res.Error})`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`counterMutex.Lock()`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`respondedHostIDs[res.Host.ID] = struct{}{}`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`counterMutex.Unlock()`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`case error:`
			`resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Error: ptr.String(res.Error())}`
			`return`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`case <-timeout:`
			`break loop`
			`case <-ctx.Done():`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`break loop`
			`}`
			`}`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`resultsCh <- fleet.QueryCampaignResult{QueryID: queryID, Results: results}`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}()`
			`}`

Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`// Iterate collecting results until all the goroutines have returned`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`go func() {`
			`wg.Wait()`
			`close(resultsCh)`
			`}()`

Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`var results []fleet.QueryCampaignResult`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`for result := range resultsCh {`
Live queries post merge fixes (#2684) * Refactor based on PR review comments * Use deadline instead of duration * Address review comments * Only set the timeout once 2021-10-26 19:12:07 +00:00			`results = append(results, result)`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`

Fixes to /fleet/queries/run endpoint (#14909) Fixes to /fleet/queries/run endpoint: - now returns 403 for an unauthorized user - now returns 400 when query_ids or host_ids are not specified #11446 and #11901 # Checklist for submitter If some of the following don't apply, delete the relevant line. API clarifications are in a separate PR https://github.com/fleetdm/fleet/pull/14956 - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2023-11-06 17:03:42 +00:00			`return results, len(respondedHostIDs), nil`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`

			`func (svc Service) GetCampaignReader(ctx context.Context, campaign fleet.DistributedQueryCampaign) (<-chan interface{}, context.CancelFunc, error) {`
			`// Open the channel from which we will receive incoming query results`
			`// (probably from the redis pubsub implementation)`
			`cancelCtx, cancelFunc := context.WithCancel(ctx)`

			`readChan, err := svc.resultStore.ReadChannel(cancelCtx, *campaign)`
			`if err != nil {`
			`cancelFunc()`
			`return nil, nil, fmt.Errorf("cannot open read channel for campaign %d ", campaign.ID)`
			`}`

			`campaign.Status = fleet.QueryRunning`
			`if err := svc.ds.SaveDistributedQueryCampaign(ctx, campaign); err != nil {`
			`cancelFunc()`
Use new error handling approach in other packages (#2954) 2021-11-22 14:13:26 +00:00			`return nil, nil, ctxerr.Wrap(ctx, err, "error saving campaign state")`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`

			`return readChan, cancelFunc, nil`
			`}`

			`func (svc Service) CompleteCampaign(ctx context.Context, campaign fleet.DistributedQueryCampaign) error {`
			`campaign.Status = fleet.QueryComplete`
			`err := svc.ds.SaveDistributedQueryCampaign(ctx, campaign)`
			`if err != nil {`
Use new error handling approach in other packages (#2954) 2021-11-22 14:13:26 +00:00			`return ctxerr.Wrap(ctx, err, "saving distributed campaign after complete")`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`
			`err = svc.liveQueryStore.StopQuery(strconv.Itoa(int(campaign.ID)))`
			`if err != nil {`
Use new error handling approach in other packages (#2954) 2021-11-22 14:13:26 +00:00			`return ctxerr.Wrap(ctx, err, "stopping query after after complete")`
Issue 1798 rest api for live queries (#2675) * wip * wip * Make tests not flaky * Add changes file * Make logging and authz thread safe * Move cancel defer below err check 2021-10-26 14:33:31 +00:00			`}`
			`return nil`
			`}`