v0.0.2-beta (#5)

Makefile

@@ -19,39 +19,19 @@ info:
 clean: info
 	@ rm -rf target
 
-.PHONY: deps
-deps: info clean
+.PHONY: dependencies
+dependencies: info clean
 	@ go mod tidy
 
 .PHONY: test
-test: info clean deps
+test: info clean dependencies
 	@ go test -v -cover -short $$(go list ./... | grep -v /examples)
 
 .PHONY: build
 build: info clean
 	@ GOOS=darwin GOARCH=amd64 go build $(LDFLAGS) -o $(BIN)/darwin/$(SERVICE) cmd/server/main.go
 	@ GOOS=linux GOARCH=amd64 go build $(LDFLAGS) -o $(BIN)/linux/$(SERVICE) cmd/server/main.go
 
-.PHONY: postgres
-postgres:
-	@ docker run --name baseca -p 5432:5432  -v /path/to/baseca/db/init:/db/init -e POSTGRES_USER=root -e POSTGRES_PASSWORD=secret -d postgres:latest
-
-.PHONY: createdb
-createdb:
-	@ docker exec -it baseca createdb --username=root --owner=root baseca
-
-.PHONY: dropdb
-dropdb:
-	@ docker exec -it baseca dropdb baseca
-
-.PHONY: migrateup
-migrateup:
-	@ migrate -path db/migration -database "postgresql://root:secret@localhost:5432/baseca?sslmode=disable" -verbose up
-
-.PHONY: migratedown
-migratedown:
-	@ migrate -path db/migration -database "postgresql://root:secret@localhost:5432/baseca?sslmode=disable" -verbose down
-
 .PHONY: sqlc
 sqlc:
 	@ sqlc generate -f db/sqlc.yaml
@@ -66,7 +46,7 @@ gen: info clean
 
 .PHONY: server 
 server:
-	@ password=${DATABASE_CREDENTIALS} \
+	@ database_credentials=${DATABASE_CREDENTIALS} \
 		go run cmd/server/main.go
 
 .PHONY: lint

db/migration/000001_init_schema.up.sql

@@ -22,6 +22,7 @@ CREATE TABLE "accounts" (
   "extended_key" varchar(100) NOT NULL,
   "certificate_validity" smallserial NOT NULL,
   "subordinate_ca" varchar(100) NOT NULL,
+  "provisioned" boolean NOT NULL,
   "node_attestation" varchar(100)[],
   "created_at" timestamptz NOT NULL DEFAULT (now()),
   "created_by" uuid NOT NULL

db/query/accounts.sql

@@ -12,11 +12,12 @@ INSERT INTO accounts (
     extended_key,
     certificate_validity,
     subordinate_ca,
+    provisioned,
     node_attestation,
     created_at,
     created_by
 ) VALUES (
-    $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15
+    $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16
 ) RETURNING *;
 
 -- name: GetServiceUUID :one
@@ -58,4 +59,12 @@ RETURNING *;
 
 -- name: DeleteServiceAccount :exec
 DELETE FROM accounts 
-WHERE client_id = $1;
+WHERE client_id = $1;
+
+-- name: GetServiceAccountBySAN :many
+SELECT * FROM accounts
+WHERE valid_subject_alternate_name = ANY($1::string[]);
+
+-- name: GetServiceAccountByMetadata :many
+SELECT * FROM accounts
+WHERE service_account LIKE $1 AND environment LIKE $2 AND extended_key LIKE $3;

db/query/certificate.sql

@@ -32,4 +32,8 @@ OFFSET $2;
 -- name: RevokeIssuedCertificateSerialNumber :exec
 UPDATE certificates
 SET revoked = TRUE, revoke_date = $2, revoked_by = $3
-WHERE serial_number = $1;
+WHERE serial_number = $1;
+
+-- name: GetSignedCertificateByMetadata :many
+SELECT * FROM certificates
+WHERE serial_number LIKE $1 AND account LIKE $2 AND environment LIKE $3 AND extended_key LIKE $4;

db/query/provisioners.sql

@@ -0,0 +1,32 @@
+-- name: CreateProvisionerAccount :one
+INSERT INTO provisioners (
+    client_id,
+    api_token,
+    provisioner_account,
+    environments,
+    team,
+    email,
+    regular_expression,
+    node_attestation,
+    valid_subject_alternate_names,
+    extended_keys,
+    max_certificate_validity,
+    created_at,
+    created_by
+) VALUES (
+    $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13
+) RETURNING *;
+
+-- name: GetProvisionerUUID :one
+SELECT * FROM provisioners
+WHERE client_id = $1;
+
+-- name: DeleteProvisionerAccount :exec
+DELETE FROM provisioners 
+WHERE client_id = $1;
+
+-- name: ListProvisionerAccounts :many
+SELECT * FROM provisioners
+ORDER BY provisioners
+LIMIT $1
+OFFSET $2;