azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-06-21 13:11:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
43fe38e67d0db1da0f4afbddb3b3efcd1cc4afe8
admin/env/db/05_resources.sql
T
Oleksandr Bezdieniezhnykh 5ca9ccab2c [AZ-513] [AZ-196] [AZ-183] Add /classes CRUD, /devices, fleet OTA 
AZ-513: POST/PATCH/DELETE /classes for detection-class CRUD; new
DetectionClass entity, schema, DTOs, IDetectionClassService. Unblocks
ui/AZ-512.

AZ-196: POST /devices auto-assigns sequential azj-NNNN serial+email
+password and inserts a CompanionPC user. Returns plaintext credentials
for the provisioning script.

AZ-183: Resources table + POST /get-update + POST /resources/publish
for fleet OTA. Per-resource encryption_key column AES-256-CBC encrypted
at rest with ResourcesConfig.EncryptionMasterKey; ICache wraps the
per-(arch,stage) latest-versions lookup and is invalidated on publish.

Adds IDbFactory.RunAdmin<T> overload for write-and-return.

Backfills _docs/02_document/module-layout.md to satisfy the implement
skill's File Ownership prerequisite (the _docs/ artifact set predates
the Step 1.5 module-layout addition).

Code review: PASS_WITH_WARNINGS — see
_docs/03_implementation/reviews/batch_05_review.md.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-13 04:34:42 +03:00

25 lines
1.2 KiB
SQL
Raw Blame History

-- Resources table — stores per-artifact metadata for fleet OTA updates. Populated by CI/CD
-- via POST /resources/publish; queried by devices via POST /get-update. AZ-183.
create table if not exists resources
(
id uuid primary key,
resource_name varchar(120) not null,
dev_stage varchar(40) not null,
architecture varchar(40) not null,
version varchar(40) not null,
cdn_url varchar(500) not null,
sha256 varchar(128) not null,
encryption_key text not null, -- AES-encrypted at rest with ResourcesConfig.EncryptionMasterKey
size_bytes bigint not null,
created_at timestamp not null default now()
);
-- Latest-version-per-resource lookups filter by (architecture, dev_stage); index supports
-- both the in-memory cache miss path and the per-(arch,stage) GROUP BY.
create index if not exists resources_arch_stage_idx
on public.resources (architecture, dev_stage, resource_name, version);
grant select, insert, update, delete on public.resources to azaion_admin;
grant select on public.resources to azaion_reader;
Reference in New Issue View Git Blame Copy Permalink