8000 chore(ci): update schema dump · sorokinvld/postgres@2e9bea5 · GitHub
[go: up one dir, main page]
Skip to content

Commit 2e9bea5

Browse files
soedirgosoedirgo
committed
chore(ci): update schema dump
1 parent 33bc774 commit 2e9bea5

File tree

1 file changed

+78
-13
lines changed

1 file changed

+78
-13
lines changed

migrations/schema.sql

Lines changed: 78 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,13 @@ CREATE SCHEMA realtime;
7979
CREATE SCHEMA storage;
8080

8181

82+
--
83+
-- Name: vault; Type: SCHEMA; Schema: -; Owner: -
84+
--
85+
86+
CREATE SCHEMA vault;
87+
88+
8289
--
8390
-- Name: pg_graphql; Type: EXTENSION; Schema: -; Owner: -
8491
--
@@ -135,6 +142,20 @@ CREATE EXTENSION IF NOT EXISTS pgjwt WITH SCHEMA extensions;
135142
COMMENT ON EXTENSION pgjwt IS 'JSON Web Token API for Postgresql';
136143

137144

145+
--
146+
-- Name: supabase_vault; Type: EXTENSION; Schema: -; Owner: -
147+
--
148+
149+
CREATE EXTENSION IF NOT EXISTS supabase_vault WITH SCHEMA vault;
150+
151+
152+
--
153+
-- Name: EXTENSION supabase_vault; Type: COMMENT; Schema: -; Owner: -
154+
--
155+
156+
COMMENT ON EXTENSION supabase_vault IS 'Supabase Vault Extension';
157+
158+
138159
--
139160
-- Name: uuid-ossp; Type: EXTENSION; Schema: -; Owner: -
140161
--
@@ -489,13 +510,6 @@ END;
489510
$$;
490511

491512

492-
--
493-
-- Name: TABLE key; Type: SECURITY LABEL; Schema: pgsodium; Owner: -
494-
--
495-
496-
SECURITY LABEL FOR pgsodium ON COLUMN pgsodium.key.raw_key IS 'ENCRYPT WITH KEY COLUMN parent_key ASSOCIATED (id, associated_data) NONCE raw_key_nonce';
497-
498-
499513
--
500514
-- Name: key_encrypt_secret(); Type: FUNCTION; Schema: pgsodium; Owner: -
501515
--
@@ -504,12 +518,12 @@ CREATE FUNCTION pgsodium.key_encrypt_secret() RETURNS trigger
504518
LANGUAGE plpgsql
505519
AS $$
506520
BEGIN
507-
new.raw_key = CASE WHEN new.parent_key IS NULL THEN NULL ELSE
521+
new.raw_key = CASE WHEN new.raw_key IS NULL THEN NULL ELSE
522+
CASE WHEN new.parent_key IS NULL THEN NULL ELSE
508523
pgsodium.crypto_aead_det_encrypt(new.raw_key::bytea, pg_catalog.convert_to((new.id::text || new.associated_data::text)::text, 'utf8'),
509524
new.parent_key::uuid,
510525
new.raw_key_nonce
511-
) END
512-
;
526+
) END END;
513527
RETURN new;
514528
END;
515529
$$;
@@ -582,6 +596,28 @@ END
582596
$$;
583597

584598

599+
--
600+
-- Name: secrets_encrypt_secret(); Type: FUNCTION; Schema: vault; Owner: -
601+
--
602+
603+
CREATE FUNCTION vault.secrets_encrypt_secret() RETURNS trigger
604+
LANGUAGE plpgsql
605+
AS $$
606+
BEGIN
607+
new.secret = CASE WHEN new.secret IS NULL THEN NULL ELSE
608+
CASE WHEN new.key_id IS NULL THEN NULL ELSE pg_catalog.encode(
609+
pgsodium.crypto_aead_det_encrypt(
610+
pg_catalog.convert_to(new.secret, 'utf8'),
611+
pg_catalog.convert_to((new.id::text || new.description::text || new.created_at::text || new.updated_at::text)::text, 'utf8'),
612+
new.key_id::uuid,
613+
new.nonce
614+
),
615+
'base64') END END;
616+
RETURN new;
617+
END;
618+
$$;
619+
620+
585621
SET default_tablespace = '';
586622

587623
SET default_table_access_method = heap;
@@ -734,11 +770,16 @@ CREATE VIEW pgsodium.decrypted_key AS
734770
key.associated_data,
735771
key.raw_key,
736772
CASE
737-
WHEN (key.parent_key IS NULL) THEN NULL::bytea
738-
ELSE pgsodium.crypto_aead_det_decrypt(key.raw_key, convert_to(((key.id)::text || key.associated_data), 'utf8'::name), key.parent_key, key.raw_key_nonce)
773+
WHEN (key.raw_key IS NULL) THEN NULL::bytea
774+
ELSE
775+
CASE
776+
WHEN (key.parent_key IS NULL) THEN NULL::bytea
777+
ELSE pgsodium.crypto_aead_det_decrypt(key.raw_key, convert_to(((key.id)::text || key.associated_data), 'utf8'::name), key.parent_key, key.raw_key_nonce)
778+
END
739779
END AS decrypted_raw_key,
740780
key.raw_key_nonce,
741-
key.parent_key
781+
key.parent_key,
782+
key.comment
742783
FROM pgsodium.key;
743784

744785

@@ -792,6 +833,30 @@ CREATE TABLE storage.objects (
792833
);
793834

794835

836+
--
837+
-- Name: decrypted_secrets; Type: VIEW; Schema: vault; Owner: -
838+
--
839+
840+
CREATE VIEW vault.decrypted_secrets AS
841+
SELECT secrets.id,
842+
secrets.name,
843+
secrets.description,
844+
secrets.secret,
845+
CASE
846+
WHEN (secrets.secret IS NULL) THEN NULL::text
847+
ELSE
848+
CASE
849+
WHEN (secrets.key_id IS NULL) THEN NULL::text
850+
ELSE convert_from(pgsodium.crypto_aead_det_decrypt(decode(secrets.secret, 'base64'::text), convert_to(((((secrets.id)::text || secrets.description) || (secrets.created_at)::text) || (secrets.updated_at)::text), 'utf8'::name), secrets.key_id, secrets.nonce), 'utf8'::name)
851+
END
852+
END AS decrypted_secret,
853+
secrets.key_id,
854+
secrets.nonce,
855+
secrets.created_at,
856+
secrets.updated_at
857+
FROM vault.secrets;
858+
859+
795860
--
796861
-- Name: refresh_tokens id; Type: DEFAULT; Schema: auth; Owner: -
797862
--

0 commit comments

Comments
 (0)
0