Why to get error in SQL Server While Loop?

Question

I am stuck with a nonsense error when running the below loop query. The thing is when I remove 'sum(case when...' lines it works fine. I have searched a lot but couldn't find any solution. I appreciate any help on this. Thanks in advance.

The error I got: Incorrect syntax near 'unit_'.:

DECLARE @Interval_List as TABLE (index_1 int, Interval VARCHAR(50), From_date date, To_date date)
INSERT INTO @Interval_List VALUES (1,  '2021_Q1',   '2021-01-01', '2021-03-31')
INSERT INTO @Interval_List VALUES (2,  '2021_Q2',   '2021-04-01', '2021-06-30')
INSERT INTO @Interval_List VALUES (3,  '2021_Q3',   '2021-07-01', '2021-09-30')
INSERT INTO @Interval_List VALUES (4,  '2021_Q4',   '2021-10-01', '2021-12-31')
INSERT INTO @Interval_List VALUES (5,  '2021_H1',   '2021-01-01', '2021-06-30')
INSERT INTO @Interval_List VALUES (6,  '2021_H2',   '2021-07-01', '2021-12-31')
INSERT INTO @Interval_List VALUES (7,  '2021',      '2021-07-01', '2021-12-31')

INSERT INTO @Interval_List VALUES (8,  '2022_Q1',   '2022-01-01', '2022-03-31')
INSERT INTO @Interval_List VALUES (9,  '2022_Q2',   '2022-04-01', '2022-06-30')
INSERT INTO @Interval_List VALUES (10, '2022_Q3',   '2022-07-01', '2022-09-30')
INSERT INTO @Interval_List VALUES (11, '2022_Q4',   '2022-10-01', '2022-12-31')
INSERT INTO @Interval_List VALUES (12, '2022_H1',   '2022-01-01', '2022-06-30')
INSERT INTO @Interval_List VALUES (13, '2022_H2',   '2022-07-01', '2022-12-31')
INSERT INTO @Interval_List VALUES (14, '2022',      '2022-01-01', '2022-12-31')

INSERT INTO @Interval_List VALUES (15,  '2023_Q1',  '2023-01-01', '2023-03-31')
INSERT INTO @Interval_List VALUES (16,  '2023_Q2',  '2023-04-01', '2023-06-30')
INSERT INTO @Interval_List VALUES (17,  '2023_Q3',  '2023-07-01', '2023-09-30')
INSERT INTO @Interval_List VALUES (18,  '2023_Q4',  '2023-10-01', '2023-12-31')
INSERT INTO @Interval_List VALUES (19,  '2023_H1',  '2023-01-01', '2023-06-30')
INSERT INTO @Interval_List VALUES (20,  '2023_H2',  '2023-07-01', '2023-12-31')
INSERT INTO @Interval_List VALUES (21,  '2023',     '2023-01-01', '2023-12-31')

INSERT INTO @Interval_List VALUES (22,  '2024_Q1',  '2024-01-01', '2024-03-31')
INSERT INTO @Interval_List VALUES (23,  '2024_Q2',  '2024-04-01', '2024-06-30')
INSERT INTO @Interval_List VALUES (24,  '2024_Q3',  '2024-07-01', '2024-09-30')
INSERT INTO @Interval_List VALUES (25,  '2024_Q4',  '2024-10-01', '2024-12-31')
INSERT INTO @Interval_List VALUES (26,  '2024_H1',  '2024-01-01', '2024-06-30')
INSERT INTO @Interval_List VALUES (27,  '2024_H2',  '2024-07-01', '2024-12-31')
INSERT INTO @Interval_List VALUES (28,  '2024',     '2024-01-01', '2024-12-31')

INSERT INTO @Interval_List VALUES (29,  'Previous_Month',  cast(dateadd(MM, datediff(MM, 0, getdate()) - 1, 0) as date), cast(DATEADD(MM, DATEDIFF(MM, -1, GETDATE())-1, -1) as date))
INSERT INTO @Interval_List VALUES (30,  'Current_Month',   cast(dateadd(MM, datediff(MM, 0, getdate()), 0) as date),     cast(DATEADD(MM, DATEDIFF(MM, -1, GETDATE()), -1) as date))
INSERT INTO @Interval_List VALUES (31,  'Previous_Week',   cast(dateadd(wk, datediff(wk, 0, getdate()) - 1, 0) as date), cast(DATEADD(wk, DATEDIFF(wk, 6, CURRENT_TIMESTAMP), 6) as date))
INSERT INTO @Interval_List VALUES (32,  'Current_Week',    cast(dateadd(wk, datediff(wk, 0, getdate()), 0) as date),     DATEADD(DAY, 8 - DATEPART(WEEKDAY, GETDATE()), CAST(GETDATE() AS DATE)))

DECLARE @StartDate AS DATE
DECLARE @EndDate AS DATE
DECLARE @CurrentDate AS DATE
DECLARE @index_first int
declare @index_last int
declare @interval VARCHAR(50)
declare @metric_table nvarchar(400)

SELECT @index_first = min(index_1),  @index_last = max(index_1) FROM @Interval_List

SET @CurrentDate = @StartDate
SET @metric_table = 'dbo.my_table'

WHILE (@index_first <= @index_last)
BEGIN

SELECT @StartDate = From_date,  @EndDate = To_date, @interval = Interval FROM @Interval_List where index_1 = @index_first

declare @query nvarchar(max);

set @query = 
'
SELECT 
Service_Group,
Portfolio,
etl_date,

sum(vulnerabilities) as vulnerabilities,
sum(security_hotspots) as security_hotspots,
sum(cast(uncovered_lines as float)) as uncovered_lines,
sum(cast(lines_to_cover as float)) as lines_to_cover,

sum(added_technical_debt) as added_technical_debt,
SUM(blocker_issues) as blocker_issues,
SUM(critical_issues) as critical_issues,
SUM(duplicated_blocks_on_new_code) as duplicated_blocks_on_new_code,
SUM(issues) as issues,
SUM(major_issues) as major_issues,

SUM(minor_issues) AS minor_issues,      
SUM(new_blocker_issues) AS new_blocker_issues,  
SUM(new_critical_issues) AS new_critical_issues,
SUM(new_issues) AS new_issues,          
SUM(new_major_issues) AS new_major_issues,  
SUM(new_minor_issues) AS new_minor_issues,  
SUM(technical_debt) AS technical_debt,      
SUM(unit_tests) AS unit_tests,          
SUM(wont_fix_issues) AS wont_fix_issues,    
SUM(bugs) AS bugs,              
SUM(code_smells) AS code_smells,        
SUM(duplicated_blocks) AS duplicated_blocks,    
SUM(duplicated_files) AS duplicated_files,  
SUM(new_bugs) AS new_bugs,          
SUM(new_code_smells) AS new_code_smells,    
SUM(new_security_hotspots) AS new_security_hotspots,
SUM(new_vulnerabilities) AS new_vulnerabilities,
SUM(open_issues) AS open_issues,


SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN vulnerabilities ELSE NULL END) AS vulnerabilities_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN vulnerabilities ELSE NULL END) AS vulnerabilities_OA,
SUM(vulnerabilities) as vulnerabilities,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN security_hotspots ELSE NULL END) AS security_hotspots_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN security_hotspots ELSE NULL END) AS security_hotspots_OA,
SUM(security_hotspots) as security_hotspots,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN uncovered_lines ELSE NULL END) AS uncovered_lines_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN uncovered_lines ELSE NULL END) AS uncovered_lines_OA,
SUM(uncovered_lines) as uncovered_lines,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN lines_to_cover ELSE NULL END) AS lines_to_cover_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN lines_to_cover ELSE NULL END) AS lines_to_cover_OA,
SUM(lines_to_cover) as lines_to_cover,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN added_technical_debt ELSE NULL END) AS added_technical_debt_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN added_technical_debt ELSE NULL END) AS added_technical_debt_OA,
SUM(added_technical_debt) as added_technical_debt,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN blocker_issues ELSE NULL END) AS blocker_issues_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN blocker_issues ELSE NULL END) AS blocker_issues_OA,
SUM(blocker_issues) as blocker_issues,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN critical_issues ELSE NULL END) AS critical_issues_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN critical_issues ELSE NULL END) AS critical_issues_OA,
SUM(critical_issues) as critical_issues,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN duplicated_blocks_on_new_code ELSE NULL END) AS duplicated_blocks_on_new_code_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN duplicated_blocks_on_new_code ELSE NULL END) AS duplicated_blocks_on_new_code_OA,
SUM(duplicated_blocks_on_new_code) as duplicated_blocks_on_new_code,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN issues ELSE NULL END) AS issues_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN issues ELSE NULL END) AS issues_OA,
SUM(issues) as issues,

SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203)        OR Service_Group IS NULL THEN major_issues ELSE NULL END) AS major_issues_New, 
SUM(CASE WHEN ETL_DATE_SERVICE_STATUS_ID IN (12500, 15203, 10236) OR Service_Group IS NULL THEN major_issues ELSE NULL END) AS major_issues_OA,
SUM(major_issues) as major_issues

FROM
(
SELECT 
Service_Group,
Portfolio,
etl_date,
ETL_DATE_SERVICE_STATUS_ID,
ETL_DATE_SERVICE_STATUS,

sum(vulnerabilities) as vulnerabilities,
sum(security_hotspots) as security_hotspots,
sum(cast(uncovered_lines as float)) as uncovered_lines,
sum(cast(lines_to_cover as float)) as lines_to_cover,

sum(added_technical_debt) as added_technical_debt,
SUM(blocker_issues) as blocker_issues,
SUM(critical_issues) as critical_issues,
SUM(duplicated_blocks_on_new_code) as duplicated_blocks_on_new_code,
SUM(issues) as issues,
SUM(major_issues) as major_issues,

SUM(minor_issues) AS minor_issues,      
SUM(new_blocker_issues) AS new_blocker_issues,  
SUM(new_critical_issues) AS new_critical_issues,
SUM(new_issues) AS new_issues,          
SUM(new_major_issues) AS new_major_issues,  
SUM(new_minor_issues) AS new_minor_issues,  
SUM(technical_debt) AS technical_debt,      
SUM(unit_tests) AS unit_tests,          
SUM(wont_fix_issues) AS wont_fix_issues,    
SUM(bugs) AS bugs,              
SUM(code_smells) AS code_smells,        
SUM(duplicated_blocks) AS duplicated_blocks,    
SUM(duplicated_files) AS duplicated_files,  
SUM(new_bugs) AS new_bugs,          
SUM(new_code_smells) AS new_code_smells,    
SUM(new_security_hotspots) AS new_security_hotspots,
SUM(new_vulnerabilities) AS new_vulnerabilities,
SUM(open_issues) AS open_issues         
'
+ ' from ' + @metric_table +
' where cast(FORMAT(etl_date, ''yyyyMMdd'') as varchar(30)) >= ' + cast(FORMAT(@StartDate, 'yyyyMMdd') as varchar(30)) 
+ ' AND cast(FORMAT(etl_date, ''yyyyMMdd'') as varchar(30)) <= ' + cast(FORMAT(@EndDate, 'yyyyMMdd') as varchar(30))
+
'
GROUP BY Service_Group,Portfolio,etl_date,ETL_DATE_SERVICE_STATUS_ID,ETL_DATE_SERVICE_STATUS
) A 
GROUP BY Service_Group,Portfolio,etl_date, ETL_DATE_SERVICE_STATUS_ID ;
'

exec (@query)

SET @index_first = @index_first + 1;
END
;

Answer 1

The existing code uses naive string concatenation and is fraught with other issues. The following minor changes will protect you from SQL injection vectors in a couple of ways, and will also prevent the string from being truncated at 4,000 characters (which is what is happening now; you'll see this with PRINT LEN(@query); as shown in this fiddle). Removing all the SUM lines doesn't fix any syntax or eliminate any "nonsense" errors, it just makes the string < 4,000 characters.

IF OBJECT_ID(@metric_table) IS NULL
BEGIN
  RAISERROR('Bad object!', 11, 1);
  RETURN;
END

declare @query nvarchar(max) = N'
---- this N is important ------^
SELECT 
...
-- 500 lines here
...,
SUM(open_issues) AS open_issues from ' + @metric_table 
  + N' where etl_date >= @StartDate
  AND etl_date < DATEADD(DAY, 1, @EndDate)
GROUP BY ...;';

EXEC sys.sp_executesql @query, 
     N'@StartDate date, @EndDate date', 
     @StartDate, @EndDate;

With these minor changes, the string is no longer truncated to 4,000 characters.

For much more on dynamic SQL and SQL injection, see this list of resources.