jfmonty2/creddy
2
1
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases 15 Wiki Activity

still in progress

Browse Source
This commit is contained in:
Joseph Montanaro
2024-06-25 15:19:29 -04:00
parent 9928996fab
commit 8c668e51a6
12 changed files with 1620 additions and 1138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
src-tauri/migrations/20240617142724_credential_split.sql
View File

@ -22,24 +22,49 @@ UNION ALL
SELECT 'verify_blob', secret_key_enc FROM latest_creds;
-- Credentials are now going to be stored in a separate table per type of credential
CREATE TABLE aws_credentials (
-- Credentials are now going to be stored in a main table
-- plus ancillary tables for type-specific data
-- stash existing AWS creds in temporary table so that we can remake it
CREATE TABLE aws_tmp (id, access_key_id, secret_key_enc, nonce, created_at);
INSERT INTO aws_tmp
SELECT randomblob(16), access_key_id, secret_key_enc, nonce, created_at
FROM credentials
ORDER BY created_at DESC
-- we only ever used one at a time in the past
LIMIT 1;
-- new master credentials table
DROP TABLE credentials;
CREATE TABLE credentials (
-- id is a UUID so we can generate it on the frontend
id BLOB UNIQUE NOT NULL,
name TEXT UNIQUE NOT NULL,
access_key_id TEXT NOT NULL,
secret_key_enc BLOB NOT NULL,
nonce BLOB NOT NULL,
-- at some point we may want to offer to auto-rotate AWS keys,
-- so let's make sure to keep track of when they were created
type TEXT NOT NULL,
created_at INTEGER NOT NULL
);
INSERT INTO aws_credentials (name, access_key_id, secret_key_enc, nonce, created_at)
SELECT 'default', access_key_id, secret_key_enc, nonce, created_at
FROM credentials
ORDER BY created_at DESC
LIMIT 1;
-- populate with basic data from existing AWS credential
INSERT INTO credentials (id, name, type, created_at)
SELECT id, 'default', 'aws', created_at FROM aws_tmp;
DROP TABLE credentials;
-- new AWS-specific table
CREATE TABLE aws_credentials (
id BLOB UNIQUE NOT NULL,
access_key_id TEXT NOT NULL,
secret_key_enc BLOB NOT NULL,
nonce BLOB NOT NULL,
FOREIGN KEY(id) REFERENCES credentials(id) ON DELETE CASCADE
);
-- populate with AWS-specific data from existing credential
INSERT INTO aws_credentials (id, access_key_id, secret_key_enc, nonce)
SELECT id, access_key_id, secret_key_enc, nonce
FROM aws_tmp;
-- done with this now
DROP TABLE aws_tmp;
-- SSH keys are the new hotness
@ -47,6 +72,5 @@ CREATE TABLE ssh_keys (
name TEXT UNIQUE NOT NULL,
public_key BLOB NOT NULL,
private_key_enc BLOB NOT NULL,
nonce BLOB NOT NULL,
created_at INTEGER NOT NULL
nonce BLOB NOT NULL
);