mirror of
https://github.com/bitwarden/server.git
synced 2024-12-05 14:23:30 +01:00
1f0fc43278
Long lived feature branch for Secrets Manager Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com> Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> Co-authored-by: Thomas Avery <tavery@bitwarden.com> Co-authored-by: Colton Hurst <colton@coltonhurst.com>
326 lines
13 KiB
C#
326 lines
13 KiB
C#
using Microsoft.EntityFrameworkCore.Migrations;
|
|
|
|
#nullable disable
|
|
|
|
namespace Bit.PostgresMigrations.Migrations;
|
|
|
|
public partial class SecretsManager : Migration
|
|
{
|
|
protected override void Up(MigrationBuilder migrationBuilder)
|
|
{
|
|
migrationBuilder.AddColumn<bool>(
|
|
name: "UseSecretsManager",
|
|
table: "Organization",
|
|
type: "boolean",
|
|
nullable: false,
|
|
defaultValue: false);
|
|
|
|
migrationBuilder.AlterColumn<string>(
|
|
name: "RequestIpAddress",
|
|
table: "AuthRequest",
|
|
type: "character varying(50)",
|
|
maxLength: 50,
|
|
nullable: true,
|
|
oldClrType: typeof(string),
|
|
oldType: "text",
|
|
oldNullable: true);
|
|
|
|
migrationBuilder.AlterColumn<string>(
|
|
name: "RequestDeviceIdentifier",
|
|
table: "AuthRequest",
|
|
type: "character varying(50)",
|
|
maxLength: 50,
|
|
nullable: true,
|
|
oldClrType: typeof(string),
|
|
oldType: "text",
|
|
oldNullable: true);
|
|
|
|
migrationBuilder.AlterColumn<string>(
|
|
name: "AccessCode",
|
|
table: "AuthRequest",
|
|
type: "character varying(25)",
|
|
maxLength: 25,
|
|
nullable: true,
|
|
oldClrType: typeof(string),
|
|
oldType: "text",
|
|
oldNullable: true);
|
|
|
|
migrationBuilder.CreateTable(
|
|
name: "Project",
|
|
columns: table => new
|
|
{
|
|
Id = table.Column<Guid>(type: "uuid", nullable: false),
|
|
OrganizationId = table.Column<Guid>(type: "uuid", nullable: false),
|
|
Name = table.Column<string>(type: "text", nullable: true),
|
|
CreationDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
RevisionDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
DeletedDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: true)
|
|
},
|
|
constraints: table =>
|
|
{
|
|
table.PrimaryKey("PK_Project", x => x.Id);
|
|
table.ForeignKey(
|
|
name: "FK_Project_Organization_OrganizationId",
|
|
column: x => x.OrganizationId,
|
|
principalTable: "Organization",
|
|
principalColumn: "Id",
|
|
onDelete: ReferentialAction.Cascade);
|
|
});
|
|
|
|
migrationBuilder.CreateTable(
|
|
name: "Secret",
|
|
columns: table => new
|
|
{
|
|
Id = table.Column<Guid>(type: "uuid", nullable: false),
|
|
OrganizationId = table.Column<Guid>(type: "uuid", nullable: false),
|
|
Key = table.Column<string>(type: "text", nullable: true),
|
|
Value = table.Column<string>(type: "text", nullable: true),
|
|
Note = table.Column<string>(type: "text", nullable: true),
|
|
CreationDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
RevisionDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
DeletedDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: true)
|
|
},
|
|
constraints: table =>
|
|
{
|
|
table.PrimaryKey("PK_Secret", x => x.Id);
|
|
table.ForeignKey(
|
|
name: "FK_Secret_Organization_OrganizationId",
|
|
column: x => x.OrganizationId,
|
|
principalTable: "Organization",
|
|
principalColumn: "Id",
|
|
onDelete: ReferentialAction.Cascade);
|
|
});
|
|
|
|
migrationBuilder.CreateTable(
|
|
name: "ServiceAccount",
|
|
columns: table => new
|
|
{
|
|
Id = table.Column<Guid>(type: "uuid", nullable: false),
|
|
OrganizationId = table.Column<Guid>(type: "uuid", nullable: false),
|
|
Name = table.Column<string>(type: "text", nullable: true),
|
|
CreationDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
RevisionDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false)
|
|
},
|
|
constraints: table =>
|
|
{
|
|
table.PrimaryKey("PK_ServiceAccount", x => x.Id);
|
|
table.ForeignKey(
|
|
name: "FK_ServiceAccount_Organization_OrganizationId",
|
|
column: x => x.OrganizationId,
|
|
principalTable: "Organization",
|
|
principalColumn: "Id",
|
|
onDelete: ReferentialAction.Cascade);
|
|
});
|
|
|
|
migrationBuilder.CreateTable(
|
|
name: "ProjectSecret",
|
|
columns: table => new
|
|
{
|
|
ProjectsId = table.Column<Guid>(type: "uuid", nullable: false),
|
|
SecretsId = table.Column<Guid>(type: "uuid", nullable: false)
|
|
},
|
|
constraints: table =>
|
|
{
|
|
table.PrimaryKey("PK_ProjectSecret", x => new { x.ProjectsId, x.SecretsId });
|
|
table.ForeignKey(
|
|
name: "FK_ProjectSecret_Project_ProjectsId",
|
|
column: x => x.ProjectsId,
|
|
principalTable: "Project",
|
|
principalColumn: "Id",
|
|
onDelete: ReferentialAction.Cascade);
|
|
table.ForeignKey(
|
|
name: "FK_ProjectSecret_Secret_SecretsId",
|
|
column: x => x.SecretsId,
|
|
principalTable: "Secret",
|
|
principalColumn: "Id",
|
|
onDelete: ReferentialAction.Cascade);
|
|
});
|
|
|
|
migrationBuilder.CreateTable(
|
|
name: "AccessPolicy",
|
|
columns: table => new
|
|
{
|
|
Id = table.Column<Guid>(type: "uuid", nullable: false),
|
|
GroupId = table.Column<Guid>(type: "uuid", nullable: true),
|
|
GrantedProjectId = table.Column<Guid>(type: "uuid", nullable: true),
|
|
GrantedServiceAccountId = table.Column<Guid>(type: "uuid", nullable: true),
|
|
ServiceAccountId = table.Column<Guid>(type: "uuid", nullable: true),
|
|
OrganizationUserId = table.Column<Guid>(type: "uuid", nullable: true),
|
|
Read = table.Column<bool>(type: "boolean", nullable: false),
|
|
Write = table.Column<bool>(type: "boolean", nullable: false),
|
|
CreationDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
RevisionDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
Discriminator = table.Column<string>(type: "text", nullable: false)
|
|
},
|
|
constraints: table =>
|
|
{
|
|
table.PrimaryKey("PK_AccessPolicy", x => x.Id);
|
|
table.ForeignKey(
|
|
name: "FK_AccessPolicy_Group_GroupId",
|
|
column: x => x.GroupId,
|
|
principalTable: "Group",
|
|
principalColumn: "Id");
|
|
table.ForeignKey(
|
|
name: "FK_AccessPolicy_OrganizationUser_OrganizationUserId",
|
|
column: x => x.OrganizationUserId,
|
|
principalTable: "OrganizationUser",
|
|
principalColumn: "Id");
|
|
table.ForeignKey(
|
|
name: "FK_AccessPolicy_Project_GrantedProjectId",
|
|
column: x => x.GrantedProjectId,
|
|
principalTable: "Project",
|
|
principalColumn: "Id");
|
|
table.ForeignKey(
|
|
name: "FK_AccessPolicy_ServiceAccount_GrantedServiceAccountId",
|
|
column: x => x.GrantedServiceAccountId,
|
|
principalTable: "ServiceAccount",
|
|
principalColumn: "Id");
|
|
table.ForeignKey(
|
|
name: "FK_AccessPolicy_ServiceAccount_ServiceAccountId",
|
|
column: x => x.ServiceAccountId,
|
|
principalTable: "ServiceAccount",
|
|
principalColumn: "Id");
|
|
});
|
|
|
|
migrationBuilder.CreateTable(
|
|
name: "ApiKey",
|
|
columns: table => new
|
|
{
|
|
Id = table.Column<Guid>(type: "uuid", nullable: false),
|
|
ServiceAccountId = table.Column<Guid>(type: "uuid", nullable: true),
|
|
Name = table.Column<string>(type: "character varying(200)", maxLength: 200, nullable: true),
|
|
ClientSecret = table.Column<string>(type: "character varying(30)", maxLength: 30, nullable: true),
|
|
Scope = table.Column<string>(type: "character varying(4000)", maxLength: 4000, nullable: true),
|
|
EncryptedPayload = table.Column<string>(type: "character varying(4000)", maxLength: 4000, nullable: true),
|
|
Key = table.Column<string>(type: "text", nullable: true),
|
|
ExpireAt = table.Column<DateTime>(type: "timestamp with time zone", nullable: true),
|
|
CreationDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false),
|
|
RevisionDate = table.Column<DateTime>(type: "timestamp with time zone", nullable: false)
|
|
},
|
|
constraints: table =>
|
|
{
|
|
table.PrimaryKey("PK_ApiKey", x => x.Id);
|
|
table.ForeignKey(
|
|
name: "FK_ApiKey_ServiceAccount_ServiceAccountId",
|
|
column: x => x.ServiceAccountId,
|
|
principalTable: "ServiceAccount",
|
|
principalColumn: "Id");
|
|
});
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_AccessPolicy_GrantedProjectId",
|
|
table: "AccessPolicy",
|
|
column: "GrantedProjectId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_AccessPolicy_GrantedServiceAccountId",
|
|
table: "AccessPolicy",
|
|
column: "GrantedServiceAccountId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_AccessPolicy_GroupId",
|
|
table: "AccessPolicy",
|
|
column: "GroupId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_AccessPolicy_OrganizationUserId",
|
|
table: "AccessPolicy",
|
|
column: "OrganizationUserId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_AccessPolicy_ServiceAccountId",
|
|
table: "AccessPolicy",
|
|
column: "ServiceAccountId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_ApiKey_ServiceAccountId",
|
|
table: "ApiKey",
|
|
column: "ServiceAccountId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_Project_DeletedDate",
|
|
table: "Project",
|
|
column: "DeletedDate");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_Project_OrganizationId",
|
|
table: "Project",
|
|
column: "OrganizationId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_ProjectSecret_SecretsId",
|
|
table: "ProjectSecret",
|
|
column: "SecretsId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_Secret_DeletedDate",
|
|
table: "Secret",
|
|
column: "DeletedDate");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_Secret_OrganizationId",
|
|
table: "Secret",
|
|
column: "OrganizationId");
|
|
|
|
migrationBuilder.CreateIndex(
|
|
name: "IX_ServiceAccount_OrganizationId",
|
|
table: "ServiceAccount",
|
|
column: "OrganizationId");
|
|
}
|
|
|
|
protected override void Down(MigrationBuilder migrationBuilder)
|
|
{
|
|
migrationBuilder.DropTable(
|
|
name: "AccessPolicy");
|
|
|
|
migrationBuilder.DropTable(
|
|
name: "ApiKey");
|
|
|
|
migrationBuilder.DropTable(
|
|
name: "ProjectSecret");
|
|
|
|
migrationBuilder.DropTable(
|
|
name: "ServiceAccount");
|
|
|
|
migrationBuilder.DropTable(
|
|
name: "Project");
|
|
|
|
migrationBuilder.DropTable(
|
|
name: "Secret");
|
|
|
|
migrationBuilder.DropColumn(
|
|
name: "UseSecretsManager",
|
|
table: "Organization");
|
|
|
|
migrationBuilder.AlterColumn<string>(
|
|
name: "RequestIpAddress",
|
|
table: "AuthRequest",
|
|
type: "text",
|
|
nullable: true,
|
|
oldClrType: typeof(string),
|
|
oldType: "character varying(50)",
|
|
oldMaxLength: 50,
|
|
oldNullable: true);
|
|
|
|
migrationBuilder.AlterColumn<string>(
|
|
name: "RequestDeviceIdentifier",
|
|
table: "AuthRequest",
|
|
type: "text",
|
|
nullable: true,
|
|
oldClrType: typeof(string),
|
|
oldType: "character varying(50)",
|
|
oldMaxLength: 50,
|
|
oldNullable: true);
|
|
|
|
migrationBuilder.AlterColumn<string>(
|
|
name: "AccessCode",
|
|
table: "AuthRequest",
|
|
type: "text",
|
|
nullable: true,
|
|
oldClrType: typeof(string),
|
|
oldType: "character varying(25)",
|
|
oldMaxLength: 25,
|
|
oldNullable: true);
|
|
}
|
|
}
|