feat: add credentials management

Signed-off-by: allanice001 <allanice001@gmail.com>
2026-02-13 12:50:05 +01:00 · 2025-11-09 21:46:31 +00:00
parent 56ea963b47
commit bc72df3c9a
43 changed files with 4671 additions and 15 deletions
--- a/internal/models/cluster.go
+++ b/internal/models/cluster.go
@@ -16,6 +16,7 @@ type Cluster struct {
 	Status              string       `json:"status"`
 	CaptainDomain       string       `gorm:"not null" json:"captain_domain"`
 	ClusterLoadBalancer string       `json:"cluster_load_balancer"`
+	ControlLoadBalancer string       `json:"control_load_balancer"`
 	RandomToken         string       `json:"random_token"`
 	CertificateKey      string       `json:"certificate_key"`
 	EncryptedKubeconfig string       `gorm:"type:text" json:"-"`
--- a/internal/models/credential.go
+++ b/internal/models/credential.go
@@ -0,0 +1,29 @@
+package models
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+	"gorm.io/datatypes"
+)
+
+type Credential struct {
+	ID               uuid.UUID      `gorm:"type:uuid;primaryKey;default:gen_random_uuid()"`
+	OrganizationID   uuid.UUID      `gorm:"type:uuid;not null;uniqueIndex:idx_credentials_org_provider" json:"organization_id"`
+	Organization     Organization   `gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE" json:"organization"`
+	Provider         string         `gorm:"type:varchar(50);not null;index"`
+	Kind             string         `gorm:"type:varchar(50);not null;index"` // "aws_access_key", "api_token", "basic_auth", ...
+	SchemaVersion    int            `gorm:"not null;default:1"`
+	Name             string         `gorm:"type:varchar(100);not null;default:''"` // human label, lets you have multiple for same service
+	ScopeKind        string         `gorm:"type:varchar(20);not null"`             // "provider" | "service" | "resource"
+	Scope            datatypes.JSON `gorm:"type:jsonb;not null;default:'{}'"`      // e.g. {"service":"route53"} or {"arn":"arn:aws:s3:::my-bucket"}
+	ScopeVersion     int            `gorm:"not null;default:1"`
+	AccountID        string         `gorm:"type:varchar(32)"` // AWS account ID if applicable
+	Region           string         `gorm:"type:varchar(32)"` // default region (non-secret)
+	ScopeFingerprint string         `gorm:"type:char(64);not null;index"`
+	EncryptedData    string         `gorm:"not null"`
+	IV               string         `gorm:"not null"`
+	Tag              string         `gorm:"not null"`
+	CreatedAt        time.Time      `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()" format:"date-time"`
+	UpdatedAt        time.Time      `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()" format:"date-time"`
+}
--- a/internal/models/dns.go
+++ b/internal/models/dns.go
@@ -0,0 +1,20 @@
+package models
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+)
+
+type Dns struct {
+	ID             uuid.UUID    `gorm:"type:uuid;primaryKey;default:gen_random_uuid()"`
+	OrganizationID uuid.UUID    `gorm:"type:uuid;not null;uniqueIndex:idx_credentials_org_provider" json:"organization_id"`
+	Organization   Organization `gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE" json:"organization"`
+	ClusterID      *uuid.UUID   `gorm:"type:uuid" json:"cluster_id,omitempty"`
+	Cluster        *Cluster     `gorm:"foreignKey:ClusterID" json:"cluster,omitempty"`
+	Type           string       `gorm:"not null" json:"type,omitempty"`
+	Name           string       `gorm:"not null" json:"name,omitempty"`
+	Content        string       `gorm:"not null" json:"content,omitempty"`
+	CreatedAt      time.Time    `json:"created_at,omitempty" gorm:"type:timestamptz;column:created_at;not null;default:now()"`
+	UpdatedAt      time.Time    `json:"updated_at,omitempty" gorm:"type:timestamptz;autoUpdateTime;column:updated_at;not null;default:now()"`
+}
--- a/internal/models/node_pool.go
+++ b/internal/models/node_pool.go
@@ -12,7 +12,7 @@ type NodePool struct {
 	Annotations  []Annotation `gorm:"many2many:node_annotations;constraint:OnDelete:CASCADE" json:"annotations,omitempty"`
 	Labels       []Label      `gorm:"many2many:node_labels;constraint:OnDelete:CASCADE" json:"labels,omitempty"`
 	Taints       []Taint      `gorm:"many2many:node_taints;constraint:OnDelete:CASCADE" json:"taints,omitempty"`
-	//Clusters       []Cluster    `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"clusters,omitempty"`
+	Clusters     []Cluster    `gorm:"many2many:cluster_node_pools;constraint:OnDelete:CASCADE" json:"clusters,omitempty"`
 	//Topology  string    `gorm:"not null,default:'stacked'" json:"topology,omitempty"` // stacked or external
 	Role string `gorm:"not null,default:'worker'" json:"role,omitempty"` // master, worker, or etcd (etcd only if topology = external
 }