Include Linux disk encryption status in configuration profiles aggregate status response when applicable, fix disk encryption/MDM configuration order-of-operations issues, add integration tests for LUKS

[jacobshandling]

Addresses #24112, #24116, #23587

For #24112, Counts included:

• Include counts when disk encryption is enforced
• Exclude counts when disk encryption isn't enforced
  __
• Added/updated tests
• Manual QA for all new/changed functionality

[codecov]

Codecov Report

Attention: Patch coverage is 11.68831% with 68 lines in your changes missing coverage. Please review.

Project coverage is 54.07%. Comparing base (ee73249) to head (259fcad).
Report is 8 commits behind head on main.

Files with missing lines	Patch %	Lines
server/service/mdm.go	0.00%	39 Missing ⚠️
server/service/linux_mdm.go	0.00%	19 Missing ⚠️
ee/server/service/teams.go	20.00%	4 Missing ⚠️
server/service/apple_mdm.go	20.00%	4 Missing ⚠️
frontend/services/entities/mdm.ts	0.00%	1 Missing ⚠️
server/datastore/mysql/labels.go	0.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #24114      +/-   ##
==========================================
- Coverage   63.42%   54.07%   -9.35%     
==========================================
  Files        1579     1579              
  Lines      149948   150098     +150     
  Branches     3818     3818              
==========================================
- Hits        95106    81172   -13934     
- Misses      47261    62208   +14947     
+ Partials     7581     6718     -863     

Flag	Coverage Δ
backend	54.10% <11.84%> (-10.20%)	⬇️
frontend	52.55% <0.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

---

🚨 Try these New Features:

• Flaky Tests Detection - Detect and resolve failed and flaky tests
• JS Bundle Analysis - Avoid shipping oversized bundles

[iansltx]

Merging in my existing integration tests branch here as I need the integration test started there to confirm this is behaving correctly. Will probably expand PR scope for the other config known issue(s).

[lucasmrod]

LGTM!

Left just a small question.

[mna]

I think ListTeams is used in a few places to list all teams along with their config? E.g. here:

fleet/server/cron/calendar_cron.go

Lines 76 to 82 in b6c5113

	teams, err := ds.ListTeams(
	ctx, fleet.TeamFilter{
	User: &fleet.User{
	GlobalRole: ptr.String(fleet.RoleAdmin),
	},
	}, fleet.ListOptions{},
	)

[iansltx]

Yep. Considered that but it pulls way more data so it wasn't clear that it was better than an N+1 here, so will leave this as is.

[iansltx]

My approval specifically covers the FE changes @jacobshandling made (and that I didn't touch), in my capacity as "being able to review FE code"; thx @lucasmrod for the BE approval!

[iansltx]

TestIntegrationSync is an unrelated failure, as are the native tooling/Docker publish failures.