@highstate/backend 0.9.26 → 0.9.28

package/dist/index.js

@@ -1,4 +1,4 @@
-import { AccessError, InstanceLockLostError, globalProjectSpace, codebaseLibrary, hostPulumiBackend, codebaseProjectModelStorage, databaseProjectModelStorage, ProjectLockedError, ProjectNotFoundError, BackendError, forSchema, projectOutputSchema, InstanceStateNotFoundError, InstanceLockedError, waitAll, OperationNotFoundError, InputResolver, CannotDeleteLastUnlockMethodError, InvalidInstanceKindError, operationOutputSchema, terminalOutputSchema, toTerminalOutput, terminalDetailsOutputSchema, toTerminalDetailsOutput, serviceAccountOutputSchema, apiKeyOutputSchema, toApiKeyOutput, workerOutputSchema, toWorkerOutput, workerVersionOutputSchema, toWorkerVersionOutput, pageDetailsOutputSchema, toPageOutput, secretOutputSchema, toSecretOutput, artifactOutputSchema, triggerOutputSchema, unlockMethodOutputSchema, pageOutputSchema, toTerminalSessionOutput, extractDigestFromImage, getWorkerIdentity, WorkerVersionNotFoundError, createAsyncBatcher, operationOptionsSchema, finalOperationStatuses, finalInstanceOperationStatuses, diffLibraries, isTransientInstanceOperationStatus, InputHashResolver, PromiseTracker, workerUnitRegistrationEventSchema, terminalSessionOutputSchema, operationEventSchema, projectModelEventSchema, instanceLockEventSchema, instanceStateEventSchema, projectUnlockStateSchema, isVirtualGhostInstance } from './chunk-GJTMJQUW.js';
+import { AccessError, BackendUnlockMethodNotFoundError, CannotDeleteLastBackendUnlockMethodError, InstanceLockLostError, globalProjectSpace, codebaseLibrary, hostPulumiBackend, codebaseProjectModelStorage, databaseProjectModelStorage, ProjectLockedError, ProjectNotFoundError, BackendError, forSchema, projectOutputSchema, InstanceStateNotFoundError, InstanceLockedError, waitAll, OperationNotFoundError, InputResolver, CannotDeleteLastUnlockMethodError, InvalidInstanceKindError, operationOutputSchema, terminalOutputSchema, toTerminalOutput, terminalDetailsOutputSchema, toTerminalDetailsOutput, serviceAccountOutputSchema, apiKeyOutputSchema, toApiKeyOutput, workerOutputSchema, toWorkerOutput, workerVersionOutputSchema, toWorkerVersionOutput, pageDetailsOutputSchema, toPageOutput, secretOutputSchema, toSecretOutput, artifactOutputSchema, triggerOutputSchema, unlockMethodOutputSchema, pageOutputSchema, toTerminalSessionOutput, extractDigestFromImage, getWorkerIdentity, WorkerVersionNotFoundError, createAsyncBatcher, operationOptionsSchema, finalOperationStatuses, finalInstanceOperationStatuses, diffLibraries, isTransientInstanceOperationStatus, InputHashResolver, PromiseTracker, workerUnitRegistrationEventSchema, terminalSessionOutputSchema, operationEventSchema, projectModelEventSchema, instanceLockEventSchema, instanceStateEventSchema, projectUnlockStateSchema, isVirtualGhostInstance } from './chunk-QSHSXLO2.js';
 import { codebaseConfig, stringArrayType, createProjectLogger, isAbortErrorLike, getCodebaseHighstatePath, resolveMainLocalProject, errorToString, waitForAbort, AbortError, renderTree, runWithRetryOnError } from './chunk-VB4YL327.js';
 import { __using, __callDispose } from './chunk-I7BWSAN6.js';
 import { randomBytes, createHash } from 'node:crypto';
@@ -6,6 +6,8 @@ import { createId } from '@paralleldrive/cuid2';
 import { hubModelSchema, instanceModelSchema, parseInstanceId, isUnitModel, HighstateConfigKey, unitArtifactSchema, unitWorkerSchema, unitTriggerSchema, unitPageSchema, unitTerminalSchema, instanceStatusFieldSchema, getInstanceId } from '@highstate/contract';
 import { omit, isNonNullish, groupBy, pipe, flatMap, unique, map, mapValues, join as join$1, omitBy } from 'remeda';
 import z3, { z } from 'zod';
+import * as os from 'node:os';
+import { tmpdir, hostname } from 'node:os';
 import { PrismaLibSQL } from '@prisma/adapter-libsql';
 import { generateIdentity, armor, Decrypter, Encrypter, identityToRecipient } from 'age-encryption';
 import * as path4 from 'node:path';
@@ -30,8 +32,6 @@ import { decode, encode } from '@msgpack/msgpack';
 import { BetterLock } from 'better-lock';
 import { readPackageJSON } from 'pkg-types';
 import Watcher from 'watcher';
-import * as os from 'node:os';
-import { tmpdir } from 'node:os';
 import { crc32 } from 'node:zlib';
 import { sha256 } from '@noble/hashes/sha2';
 import { pipeline } from 'node:stream/promises';
@@ -242,6 +242,65 @@ var ArtifactService = class {
     });
   }
 };
+
+// src/business/backend-unlock.ts
+var BackendUnlockService = class {
+  constructor(database, logger) {
+    this.database = database;
+    this.logger = logger;
+  }
+  /**
+   * Lists backend unlock methods ordered by creation time.
+   *
+   * @returns The ordered unlock method collection.
+   */
+  async listUnlockMethods() {
+    return await this.database.backend.backendUnlockMethod.findMany({
+      orderBy: { createdAt: "asc" }
+    });
+  }
+  /**
+   * Stores a new unlock method and refreshes master-key recipients.
+   *
+   * @param input Unlock method payload gathered from the CLI or automation.
+   * @returns The persisted unlock method.
+   */
+  async addUnlockMethod(input) {
+    const record = await this.database.backend.backendUnlockMethod.create({ data: input });
+    await this.reencryptBackendMasterKey();
+    return record;
+  }
+  /**
+   * Removes an unlock method by identifier and rotates the encrypted master key.
+   *
+   * @param id Identifier of the unlock method to delete.
+   */
+  async deleteUnlockMethod(id) {
+    const methods = await this.database.backend.backendUnlockMethod.findMany();
+    const method = methods.find((m) => m.id === id);
+    if (!method) {
+      throw new BackendUnlockMethodNotFoundError(id);
+    }
+    if (methods.length === 1) {
+      throw new CannotDeleteLastBackendUnlockMethodError();
+    }
+    await this.database.backend.backendUnlockMethod.delete({ where: { id } });
+    await this.reencryptBackendMasterKey();
+  }
+  async reencryptBackendMasterKey() {
+    if (!this.database.isEncryptionEnabled) {
+      return;
+    }
+    const recipients = await this.database.backend.backendUnlockMethod.findMany({
+      select: { recipient: true }
+    });
+    await this.database.updateBackendUnlockRecipients(recipients.map((method) => method.recipient));
+    this.logger.debug(
+      { recipientCount: recipients.length },
+      "updated backend master key recipients"
+    );
+  }
+};
 var InstanceLockService = class {
   constructor(database, pubsubManager, logger) {
     this.database = database;
@@ -561,63 +620,66 @@ var InstanceLockService = class {
 };
 
 // src/database/abstractions.ts
-var backendDatabaseVersion = 2;
-var projectDatabaseVersion = 10;
+var backendDatabaseVersion = 1;
+var projectDatabaseVersion = 1;
 var config = {
-  generator: {
-    name: "client",
-    provider: {
-      fromEnvVar: null,
-      value: "prisma-client"
+  "generator": {
+    "name": "client",
+    "provider": {
+      "fromEnvVar": null,
+      "value": "prisma-client"
     },
-    output: {
-      value: "/home/exeteres/Projects/personal/highstate/packages/platform/backend/src/database/_generated/backend/sqlite",
-      fromEnvVar: null
+    "output": {
+      "value": "/home/exeteres/Projects/personal/highstate/packages/platform/backend/src/database/_generated/backend/sqlite",
+      "fromEnvVar": null
     },
-    config: {
-      importFileExtension: "ts",
-      moduleFormat: "esm",
-      generatedFileExtension: "ts",
-      engineType: "client"
+    "config": {
+      "moduleFormat": "esm",
+      "generatedFileExtension": "ts",
+      "importFileExtension": "ts",
+      "engineType": "client"
     },
-    binaryTargets: [
+    "binaryTargets": [
       {
-        fromEnvVar: null,
-        value: "linux-nixos",
-        native: true
+        "fromEnvVar": null,
+        "value": "linux-nixos",
+        "native": true
       }
     ],
-    previewFeatures: ["driverAdapters", "queryCompiler"],
-    sourceFilePath: "/home/exeteres/Projects/personal/highstate/packages/platform/backend/prisma/backend/sqlite/main.prisma",
-    isCustomOutput: true
+    "previewFeatures": [
+      "driverAdapters",
+      "queryCompiler"
+    ],
+    "sourceFilePath": "/home/exeteres/Projects/personal/highstate/packages/platform/backend/prisma/backend/sqlite/main.prisma",
+    "isCustomOutput": true
   },
-  relativePath: "../../../../../prisma/backend/sqlite",
-  clientVersion: "6.14.0",
-  engineVersion: "717184b7b35ea05dfa71a3236b7af656013e1e49",
-  datasourceNames: ["db"],
-  activeProvider: "sqlite",
-  postinstall: false,
-  inlineDatasources: {
-    db: {
-      url: {
-        fromEnvVar: null,
-        value: "<invalid>"
+  "relativePath": "../../../../../prisma/backend/sqlite",
+  "clientVersion": "6.14.0",
+  "engineVersion": "717184b7b35ea05dfa71a3236b7af656013e1e49",
+  "datasourceNames": [
+    "db"
+  ],
+  "activeProvider": "sqlite",
+  "postinstall": false,
+  "inlineDatasources": {
+    "db": {
+      "url": {
+        "fromEnvVar": "HIGHSTATE_MIGRATION_DATABASE_URL",
+        "value": null
       }
     }
   },
-  inlineSchema: 'model UserWorkspaseLayout {\n  /// The opaque ID of the user to which this layout belongs.\n  userId String @id\n\n  /// The layout of the user workspace managed by the frontend.\n  layout Json\n}\n\nmodel Library {\n  /// The CUIDv2 of the library.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the library managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the library.\n  ///\n  /// [LibrarySpec]\n  spec Json\n\n  /// The projects using this library.\n  projects Project[]\n}\n\nmodel Project {\n  /// The CUIDv2 of the project.\n  id String @id @default(cuid(2))\n\n  /// Project meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The name of the project within the space.\n  name String\n\n  /// The ID of the project space this project belongs to.\n  spaceId String\n\n  /// The ID of the project model storage this project uses.\n  modelStorageId String\n\n  /// The ID of the library used by this project.\n  libraryId String\n\n  /// The ID of the Pulumi backend used by this project.\n  pulumiBackendId String\n\n  /// Encrypted project master key in AGE format.\n  encryptedMasterKey String\n\n  /// The unlock suite for this project.\n  ///\n  /// [ProjectUnlockSuite]\n  unlockSuite Json\n\n  /// The current version of the project database.\n  /// This is used to determine if the project needs to be migrated.\n  databaseVersion Int\n\n  /// The date and time when the project was created.\n  createdAt DateTime @default(now())\n\n  /// The date and time when the project was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The project space this project belongs to.\n  space ProjectSpace @relation(fields: [spaceId], references: [id])\n\n  /// The project model storage this project uses.\n  modelStorage ProjectModelStorage @relation(fields: [modelStorageId], references: [id])\n\n  /// The library used by this project.\n  library Library @relation(fields: [libraryId], references: [id])\n\n  /// The Pulumi backend used by this project.\n  pulumiBackend PulumiBackend @relation(fields: [pulumiBackendId], references: [id])\n\n  @@unique([spaceId, name])\n}\n\nmodel ProjectSpace {\n  /// The CUIDv2 of the project space.\n  id String @id @default(cuid(2))\n\n  /// The name of the project space within the parent space.\n  ///\n  /// Will be null for the global project space.\n  name String?\n\n  /// The ID of the parent project space, if any.\n  parentId String?\n\n  /// The metadata of the project space managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The projects in this project space.\n  projects Project[]\n\n  /// The parent project space, if any.\n  parent ProjectSpace? @relation("ProjectSpaceHierarchy", fields: [parentId], references: [id])\n\n  /// The child project spaces, if any.\n  children ProjectSpace[] @relation("ProjectSpaceHierarchy")\n}\n\nmodel ProjectModelStorage {\n  /// The CUIDv2 of the project model storage.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the project model storage managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The specification of the project model storage.\n  ///\n  /// [ProjectModelStorageSpec]\n  spec Json\n\n  /// The projects using this model storage.\n  projects Project[]\n}\n\nmodel PulumiBackend {\n  /// The CUIDv2 of the Pulumi backend.\n  id String @id @default(cuid(2))\n\n  /// The backend meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the Pulumi backend.\n  ///\n  /// [PulumiBackendSpec]\n  spec Json\n\n  /// The projects using this backend.\n  projects Project[]\n}\n\ndatasource db {\n  provider  = "sqlite"\n  directUrl = env("HIGHSTATE_MIGRATION_DATABASE_URL")\n}\n\ngenerator client {\n  provider               = "prisma-client"\n  previewFeatures        = ["queryCompiler", "driverAdapters"]\n  output                 = "../../../src/database/_generated/backend/sqlite"\n  moduleFormat           = "esm"\n  generatedFileExtension = "ts"\n  importFileExtension    = "ts"\n}\n\ngenerator json {\n  provider = "prisma-json-types-generator"\n}\n',
-  inlineSchemaHash: "5f72ff333e4519a038ec922562f162a877719127538df9de3cc6af3d476a0ef7",
-  copyEngine: true,
-  runtimeDataModel: {
-    models: {},
-    enums: {},
-    types: {}
+  "inlineSchema": 'model UserWorkspaceLayout {\n  /// The opaque ID of the user to which this layout belongs.\n  userId String @id\n\n  /// The layout of the user workspace managed by the frontend.\n  ///\n  /// ![unknown]\n  layout Json\n}\n\nmodel Library {\n  /// The CUIDv2 of the library.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the library managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the library.\n  ///\n  /// [LibrarySpec]\n  spec Json\n\n  /// The projects using this library.\n  projects Project[]\n}\n\nmodel Project {\n  /// The CUIDv2 of the project.\n  id String @id @default(cuid(2))\n\n  /// Project meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The name of the project within the space.\n  name String\n\n  /// The ID of the project space this project belongs to.\n  spaceId String\n\n  /// The ID of the project model storage this project uses.\n  modelStorageId String\n\n  /// The ID of the library used by this project.\n  libraryId String\n\n  /// The ID of the Pulumi backend used by this project.\n  pulumiBackendId String\n\n  /// Encrypted project master key in AGE format.\n  encryptedMasterKey String\n\n  /// The unlock suite for this project.\n  ///\n  /// [ProjectUnlockSuite]\n  unlockSuite Json\n\n  /// The current version of the project database.\n  /// This is used to determine if the project needs to be migrated.\n  databaseVersion Int\n\n  /// The time when the project was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the project was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The project space this project belongs to.\n  space ProjectSpace @relation(fields: [spaceId], references: [id])\n\n  /// The project model storage this project uses.\n  modelStorage ProjectModelStorage @relation(fields: [modelStorageId], references: [id])\n\n  /// The library used by this project.\n  library Library @relation(fields: [libraryId], references: [id])\n\n  /// The Pulumi backend used by this project.\n  pulumiBackend PulumiBackend @relation(fields: [pulumiBackendId], references: [id])\n\n  @@unique([spaceId, name])\n}\n\nmodel ProjectSpace {\n  /// The CUIDv2 of the project space.\n  id String @id @default(cuid(2))\n\n  /// The name of the project space within the parent space.\n  ///\n  /// Will be null for the global project space.\n  name String?\n\n  /// The ID of the parent project space, if any.\n  parentId String?\n\n  /// The metadata of the project space managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The projects in this project space.\n  projects Project[]\n\n  /// The parent project space, if any.\n  parent ProjectSpace? @relation("ProjectSpaceHierarchy", fields: [parentId], references: [id])\n\n  /// The child project spaces, if any.\n  children ProjectSpace[] @relation("ProjectSpaceHierarchy")\n\n  @@unique([parentId, name])\n}\n\nmodel ProjectModelStorage {\n  /// The CUIDv2 of the project model storage.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the project model storage managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The specification of the project model storage.\n  ///\n  /// [ProjectModelStorageSpec]\n  spec Json\n\n  /// The projects using this model storage.\n  projects Project[]\n}\n\nmodel PulumiBackend {\n  /// The CUIDv2 of the Pulumi backend.\n  id String @id @default(cuid(2))\n\n  /// The backend meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the Pulumi backend.\n  ///\n  /// [PulumiBackendSpec]\n  spec Json\n\n  /// The projects using this backend.\n  projects Project[]\n}\n\n/// Unlock methods describe trusted identities that can decrypt the backend master key.\nmodel BackendUnlockMethod {\n  /// The CUIDv2 of the unlock method.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the unlock method managed by the backend.\n  /// \n  /// [BackendUnlockMethodMeta]\n  meta Json\n\n  /// The AGE recipient for this unlock method.\n  recipient String @unique\n\n  /// The time when the unlock method was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the unlock method was last updated.\n  updatedAt DateTime @updatedAt\n}\n\ndatasource db {\n  provider = "sqlite"\n  url      = env("HIGHSTATE_MIGRATION_DATABASE_URL")\n}\n\ngenerator client {\n  provider               = "prisma-client"\n  previewFeatures        = ["queryCompiler", "driverAdapters"]\n  output                 = "../../../src/database/_generated/backend/sqlite"\n  moduleFormat           = "esm"\n  generatedFileExtension = "ts"\n  importFileExtension    = "ts"\n}\n\ngenerator json {\n  provider = "prisma-json-types-generator"\n}\n',
+  "inlineSchemaHash": "a1ceaf17c7e387f39b598365de3b12cae9e6d31f021d9ab4f958f2c85bb34129",
+  "copyEngine": true,
+  "runtimeDataModel": {
+    "models": {},
+    "enums": {},
+    "types": {}
   },
-  dirname: ""
+  "dirname": ""
 };
-config.runtimeDataModel = JSON.parse(
-  '{"models":{"UserWorkspaseLayout":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"layout","kind":"scalar","type":"Json"}],"dbName":null},"Library":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"LibraryToProject"}],"dbName":null},"Project":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"name","kind":"scalar","type":"String"},{"name":"spaceId","kind":"scalar","type":"String"},{"name":"modelStorageId","kind":"scalar","type":"String"},{"name":"libraryId","kind":"scalar","type":"String"},{"name":"pulumiBackendId","kind":"scalar","type":"String"},{"name":"encryptedMasterKey","kind":"scalar","type":"String"},{"name":"unlockSuite","kind":"scalar","type":"Json"},{"name":"databaseVersion","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"space","kind":"object","type":"ProjectSpace","relationName":"ProjectToProjectSpace"},{"name":"modelStorage","kind":"object","type":"ProjectModelStorage","relationName":"ProjectToProjectModelStorage"},{"name":"library","kind":"object","type":"Library","relationName":"LibraryToProject"},{"name":"pulumiBackend","kind":"object","type":"PulumiBackend","relationName":"ProjectToPulumiBackend"}],"dbName":null},"ProjectSpace":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"parentId","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectSpace"},{"name":"parent","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"},{"name":"children","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"}],"dbName":null},"ProjectModelStorage":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectModelStorage"}],"dbName":null},"PulumiBackend":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToPulumiBackend"}],"dbName":null}},"enums":{},"types":{}}'
-);
+config.runtimeDataModel = JSON.parse('{"models":{"UserWorkspaceLayout":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"layout","kind":"scalar","type":"Json"}],"dbName":null},"Library":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"LibraryToProject"}],"dbName":null},"Project":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"name","kind":"scalar","type":"String"},{"name":"spaceId","kind":"scalar","type":"String"},{"name":"modelStorageId","kind":"scalar","type":"String"},{"name":"libraryId","kind":"scalar","type":"String"},{"name":"pulumiBackendId","kind":"scalar","type":"String"},{"name":"encryptedMasterKey","kind":"scalar","type":"String"},{"name":"unlockSuite","kind":"scalar","type":"Json"},{"name":"databaseVersion","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"space","kind":"object","type":"ProjectSpace","relationName":"ProjectToProjectSpace"},{"name":"modelStorage","kind":"object","type":"ProjectModelStorage","relationName":"ProjectToProjectModelStorage"},{"name":"library","kind":"object","type":"Library","relationName":"LibraryToProject"},{"name":"pulumiBackend","kind":"object","type":"PulumiBackend","relationName":"ProjectToPulumiBackend"}],"dbName":null},"ProjectSpace":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"parentId","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectSpace"},{"name":"parent","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"},{"name":"children","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"}],"dbName":null},"ProjectModelStorage":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectModelStorage"}],"dbName":null},"PulumiBackend":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToPulumiBackend"}],"dbName":null},"BackendUnlockMethod":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"recipient","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null}},"enums":{},"types":{}}');
 config.engineWasm = void 0;
 async function decodeBase64AsWasm(wasmBase64) {
   const { Buffer: Buffer2 } = await import('node:buffer');
@@ -754,6 +816,47 @@ var localBackendDatabaseConfig = z.object({
   HIGHSTATE_BACKEND_DATABASE_LOCAL_PATH: z.string().optional(),
   HIGHSTATE_ENCRYPTION_ENABLED: z.stringbool().default(true)
 });
+var LocalBackendDatabaseBackend = class {
+  constructor(database, databasePath, logger, isEncryptionEnabled) {
+    this.database = database;
+    this.databasePath = databasePath;
+    this.logger = logger;
+    this.isEncryptionEnabled = isEncryptionEnabled;
+  }
+  /**
+   * Rewrites the encrypted master key to match the provided recipients.
+   *
+   * @param recipients AGE recipients that should retain access to the backend master key.
+   */
+  async reencryptMasterKey(recipients) {
+    if (!this.isEncryptionEnabled) {
+      return;
+    }
+    const meta = await readMetaFile(this.databasePath);
+    if (!meta?.masterKey) {
+      this.logger.warn(
+        { databasePath: this.databasePath },
+        "backend meta file does not contain a master key; skipping re-encryption"
+      );
+      return;
+    }
+    const identity = await getOrCreateBackendIdentity(this.logger);
+    const decrypter = new Decrypter();
+    decrypter.addIdentity(identity);
+    const plaintextMasterKey = await decrypter.decrypt(armor.decode(meta.masterKey), "text");
+    const encrypter = new Encrypter();
+    const allowedRecipients = new Set(recipients);
+    allowedRecipients.add(await identityToRecipient(identity));
+    for (const recipient of allowedRecipients) {
+      encrypter.addRecipient(recipient);
+    }
+    const encrypted = await encrypter.encrypt(plaintextMasterKey);
+    await writeMetaFile(this.databasePath, {
+      ...meta,
+      masterKey: armor.encode(encrypted)
+    });
+  }
+};
 async function createMasterKey(logger) {
   const identity = await getOrCreateBackendIdentity(logger);
   const masterKey = randomBytes(32).toString("hex");
@@ -762,7 +865,7 @@ async function createMasterKey(logger) {
   encrypter.addRecipient(recipient);
   const encryptedMasterKey = await encrypter.encrypt(masterKey);
   const armoredMasterKey = armor.encode(encryptedMasterKey);
-  return { armoredMasterKey, masterKey };
+  return { armoredMasterKey, masterKey, recipient };
 }
 async function ensureDatabaseInitialized(databasePath, encryptionEnabled, logger) {
   const meta = await readMetaFile(databasePath);
@@ -773,7 +876,13 @@ async function ensureDatabaseInitialized(databasePath, encryptionEnabled, logger
       version: backendDatabaseVersion,
       masterKey: masterKey2?.armoredMasterKey
     };
-    return { shouldMigrate: true, masterKey: masterKey2?.masterKey, metaFile };
+    return {
+      shouldMigrate: true,
+      masterKey: masterKey2?.masterKey,
+      metaFile,
+      created: true,
+      initialRecipient: masterKey2?.recipient
+    };
   }
   if (meta.version > backendDatabaseVersion) {
     throw new Error(
@@ -784,12 +893,13 @@ async function ensureDatabaseInitialized(databasePath, encryptionEnabled, logger
     return {
       shouldMigrate: meta.version < backendDatabaseVersion,
       masterKey: void 0,
-      metaFile: meta
+      metaFile: meta,
+      created: false
     };
   }
   if (!meta.masterKey) {
     throw new Error(
-      `Database meta file at "${databasePath}/meta.yaml" does not contain a master key.`
+      `Database meta file at "${databasePath}/backend.meta.yaml" does not contain a master key.`
     );
   }
   const identity = await getOrCreateBackendIdentity(logger);
@@ -801,20 +911,17 @@ async function ensureDatabaseInitialized(databasePath, encryptionEnabled, logger
   return {
     shouldMigrate: meta.version < backendDatabaseVersion,
     masterKey,
-    metaFile: meta
+    metaFile: meta,
+    created: false
   };
 }
-async function createLocalBackendDatabase(config4, logger) {
+async function createLocalBackendDatabaseBackend(config4, logger) {
   if (!config4.HIGHSTATE_ENCRYPTION_ENABLED) {
     logger.warn("local database encryption is disabled, this is not recommended for production use");
   }
   let databasePath = config4.HIGHSTATE_BACKEND_DATABASE_LOCAL_PATH;
   databasePath ??= await getCodebaseHighstatePath(config4, logger);
-  const { shouldMigrate, masterKey, metaFile } = await ensureDatabaseInitialized(
-    databasePath,
-    config4.HIGHSTATE_ENCRYPTION_ENABLED,
-    logger
-  );
+  const { shouldMigrate, masterKey, metaFile, created, initialRecipient } = await ensureDatabaseInitialized(databasePath, config4.HIGHSTATE_ENCRYPTION_ENABLED, logger);
   const databaseUrl = `file:${databasePath}/backend.db`;
   if (shouldMigrate) {
     await migrateDatabase(databaseUrl, "backend/sqlite", masterKey, logger);
@@ -827,65 +934,98 @@ async function createLocalBackendDatabase(config4, logger) {
   const prismaClient = new PrismaClient({
     adapter
   });
-  await ensureWellKnownEntitiesCreated(prismaClient);
-  logger.info("database is ready");
-  return prismaClient;
+  const database = prismaClient;
+  await ensureWellKnownEntitiesCreated(database);
+  const backendLogger = logger.child({ service: "LocalBackendDatabaseBackend" });
+  await ensureInitialUnlockMethod(database, created, initialRecipient, backendLogger);
+  backendLogger.info("database is ready");
+  return new LocalBackendDatabaseBackend(
+    database,
+    databasePath,
+    backendLogger,
+    config4.HIGHSTATE_ENCRYPTION_ENABLED
+  );
+}
+function getInitialBackendUnlockMethodMeta(host) {
+  const trimmed = host?.trim() ?? "";
+  const title = trimmed.length > 0 ? trimmed : "initial";
+  const description = trimmed.length > 0 ? `Identity automatically registered for ${trimmed} when this backend database was created.` : "Identity automatically registered when this backend database was created.";
+  return { title, description };
+}
+async function ensureInitialUnlockMethod(database, created, initialRecipient, logger) {
+  if (!created || !initialRecipient) {
+    return;
+  }
+  const meta = getInitialBackendUnlockMethodMeta(hostname());
+  await database.backendUnlockMethod.create({
+    data: {
+      recipient: initialRecipient,
+      meta
+    }
+  });
+  logger.info(
+    { title: meta.title, recipient: initialRecipient },
+    "registered initial backend unlock method"
+  );
 }
 var config2 = {
-  generator: {
-    name: "client",
-    provider: {
-      fromEnvVar: null,
-      value: "prisma-client"
+  "generator": {
+    "name": "client",
+    "provider": {
+      "fromEnvVar": null,
+      "value": "prisma-client"
     },
-    output: {
-      value: "/home/exeteres/Projects/personal/highstate/packages/platform/backend/src/database/_generated/backend/postgresql",
-      fromEnvVar: null
+    "output": {
+      "value": "/home/exeteres/Projects/personal/highstate/packages/platform/backend/src/database/_generated/backend/postgresql",
+      "fromEnvVar": null
     },
-    config: {
-      importFileExtension: "ts",
-      generatedFileExtension: "ts",
-      moduleFormat: "esm",
-      engineType: "client"
+    "config": {
+      "moduleFormat": "esm",
+      "generatedFileExtension": "ts",
+      "importFileExtension": "ts",
+      "engineType": "client"
     },
-    binaryTargets: [
+    "binaryTargets": [
       {
-        fromEnvVar: null,
-        value: "linux-nixos",
-        native: true
+        "fromEnvVar": null,
+        "value": "linux-nixos",
+        "native": true
       }
     ],
-    previewFeatures: ["driverAdapters", "queryCompiler"],
-    sourceFilePath: "/home/exeteres/Projects/personal/highstate/packages/platform/backend/prisma/backend/postgresql/main.prisma",
-    isCustomOutput: true
+    "previewFeatures": [
+      "driverAdapters",
+      "queryCompiler"
+    ],
+    "sourceFilePath": "/home/exeteres/Projects/personal/highstate/packages/platform/backend/prisma/backend/postgresql/main.prisma",
+    "isCustomOutput": true
   },
-  relativePath: "../../../../../prisma/backend/postgresql",
-  clientVersion: "6.14.0",
-  engineVersion: "717184b7b35ea05dfa71a3236b7af656013e1e49",
-  datasourceNames: ["db"],
-  activeProvider: "postgresql",
-  postinstall: false,
-  inlineDatasources: {
-    db: {
-      url: {
-        fromEnvVar: "BACKEND_DATABASE_URL",
-        value: null
+  "relativePath": "../../../../../prisma/backend/postgresql",
+  "clientVersion": "6.14.0",
+  "engineVersion": "717184b7b35ea05dfa71a3236b7af656013e1e49",
+  "datasourceNames": [
+    "db"
+  ],
+  "activeProvider": "postgresql",
+  "postinstall": false,
+  "inlineDatasources": {
+    "db": {
+      "url": {
+        "fromEnvVar": "HIGHSTATE_MIGRATION_DATABASE_URL",
+        "value": null
       }
     }
   },
-  inlineSchema: 'model UserWorkspaseLayout {\n  /// The opaque ID of the user to which this layout belongs.\n  userId String @id\n\n  /// The layout of the user workspace managed by the frontend.\n  layout Json\n}\n\nmodel Library {\n  /// The CUIDv2 of the library.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the library managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the library.\n  ///\n  /// [LibrarySpec]\n  spec Json\n\n  /// The projects using this library.\n  projects Project[]\n}\n\nmodel Project {\n  /// The CUIDv2 of the project.\n  id String @id @default(cuid(2))\n\n  /// Project meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The name of the project within the space.\n  name String\n\n  /// The ID of the project space this project belongs to.\n  spaceId String\n\n  /// The ID of the project model storage this project uses.\n  modelStorageId String\n\n  /// The ID of the library used by this project.\n  libraryId String\n\n  /// The ID of the Pulumi backend used by this project.\n  pulumiBackendId String\n\n  /// Encrypted project master key in AGE format.\n  encryptedMasterKey String\n\n  /// The unlock suite for this project.\n  ///\n  /// [ProjectUnlockSuite]\n  unlockSuite Json\n\n  /// The current version of the project database.\n  /// This is used to determine if the project needs to be migrated.\n  databaseVersion Int\n\n  /// The date and time when the project was created.\n  createdAt DateTime @default(now())\n\n  /// The date and time when the project was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The project space this project belongs to.\n  space ProjectSpace @relation(fields: [spaceId], references: [id])\n\n  /// The project model storage this project uses.\n  modelStorage ProjectModelStorage @relation(fields: [modelStorageId], references: [id])\n\n  /// The library used by this project.\n  library Library @relation(fields: [libraryId], references: [id])\n\n  /// The Pulumi backend used by this project.\n  pulumiBackend PulumiBackend @relation(fields: [pulumiBackendId], references: [id])\n\n  @@unique([spaceId, name])\n}\n\nmodel ProjectSpace {\n  /// The CUIDv2 of the project space.\n  id String @id @default(cuid(2))\n\n  /// The name of the project space within the parent space.\n  ///\n  /// Will be null for the global project space.\n  name String?\n\n  /// The ID of the parent project space, if any.\n  parentId String?\n\n  /// The metadata of the project space managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The projects in this project space.\n  projects Project[]\n\n  /// The parent project space, if any.\n  parent ProjectSpace? @relation("ProjectSpaceHierarchy", fields: [parentId], references: [id])\n\n  /// The child project spaces, if any.\n  children ProjectSpace[] @relation("ProjectSpaceHierarchy")\n}\n\nmodel ProjectModelStorage {\n  /// The CUIDv2 of the project model storage.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the project model storage managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The specification of the project model storage.\n  ///\n  /// [ProjectModelStorageSpec]\n  spec Json\n\n  /// The projects using this model storage.\n  projects Project[]\n}\n\nmodel PulumiBackend {\n  /// The CUIDv2 of the Pulumi backend.\n  id String @id @default(cuid(2))\n\n  /// The backend meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the Pulumi backend.\n  ///\n  /// [PulumiBackendSpec]\n  spec Json\n\n  /// The projects using this backend.\n  projects Project[]\n}\n\ndatasource db {\n  provider = "postgresql"\n  url      = env("BACKEND_DATABASE_URL")\n}\n\ngenerator client {\n  provider               = "prisma-client"\n  previewFeatures        = ["queryCompiler", "driverAdapters"]\n  output                 = "../../../src/database/_generated/backend/postgresql"\n  moduleFormat           = "esm"\n  generatedFileExtension = "ts"\n  importFileExtension    = "ts"\n}\n\ngenerator json {\n  provider = "prisma-json-types-generator"\n}\n',
-  inlineSchemaHash: "a9f8f833ee80dd30f73e3d8814f0e839840f42a7aa9f38b22facef5f37924b37",
-  copyEngine: true,
-  runtimeDataModel: {
-    models: {},
-    enums: {},
-    types: {}
+  "inlineSchema": 'model UserWorkspaceLayout {\n  /// The opaque ID of the user to which this layout belongs.\n  userId String @id\n\n  /// The layout of the user workspace managed by the frontend.\n  ///\n  /// ![unknown]\n  layout Json\n}\n\nmodel Library {\n  /// The CUIDv2 of the library.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the library managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the library.\n  ///\n  /// [LibrarySpec]\n  spec Json\n\n  /// The projects using this library.\n  projects Project[]\n}\n\nmodel Project {\n  /// The CUIDv2 of the project.\n  id String @id @default(cuid(2))\n\n  /// Project meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The name of the project within the space.\n  name String\n\n  /// The ID of the project space this project belongs to.\n  spaceId String\n\n  /// The ID of the project model storage this project uses.\n  modelStorageId String\n\n  /// The ID of the library used by this project.\n  libraryId String\n\n  /// The ID of the Pulumi backend used by this project.\n  pulumiBackendId String\n\n  /// Encrypted project master key in AGE format.\n  encryptedMasterKey String\n\n  /// The unlock suite for this project.\n  ///\n  /// [ProjectUnlockSuite]\n  unlockSuite Json\n\n  /// The current version of the project database.\n  /// This is used to determine if the project needs to be migrated.\n  databaseVersion Int\n\n  /// The time when the project was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the project was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The project space this project belongs to.\n  space ProjectSpace @relation(fields: [spaceId], references: [id])\n\n  /// The project model storage this project uses.\n  modelStorage ProjectModelStorage @relation(fields: [modelStorageId], references: [id])\n\n  /// The library used by this project.\n  library Library @relation(fields: [libraryId], references: [id])\n\n  /// The Pulumi backend used by this project.\n  pulumiBackend PulumiBackend @relation(fields: [pulumiBackendId], references: [id])\n\n  @@unique([spaceId, name])\n}\n\nmodel ProjectSpace {\n  /// The CUIDv2 of the project space.\n  id String @id @default(cuid(2))\n\n  /// The name of the project space within the parent space.\n  ///\n  /// Will be null for the global project space.\n  name String?\n\n  /// The ID of the parent project space, if any.\n  parentId String?\n\n  /// The metadata of the project space managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The projects in this project space.\n  projects Project[]\n\n  /// The parent project space, if any.\n  parent ProjectSpace? @relation("ProjectSpaceHierarchy", fields: [parentId], references: [id])\n\n  /// The child project spaces, if any.\n  children ProjectSpace[] @relation("ProjectSpaceHierarchy")\n\n  @@unique([parentId, name])\n}\n\nmodel ProjectModelStorage {\n  /// The CUIDv2 of the project model storage.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the project model storage managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The specification of the project model storage.\n  ///\n  /// [ProjectModelStorageSpec]\n  spec Json\n\n  /// The projects using this model storage.\n  projects Project[]\n}\n\nmodel PulumiBackend {\n  /// The CUIDv2 of the Pulumi backend.\n  id String @id @default(cuid(2))\n\n  /// The backend meta managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The spec of the Pulumi backend.\n  ///\n  /// [PulumiBackendSpec]\n  spec Json\n\n  /// The projects using this backend.\n  projects Project[]\n}\n\n/// Unlock methods describe trusted identities that can decrypt the backend master key.\nmodel BackendUnlockMethod {\n  /// The CUIDv2 of the unlock method.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the unlock method managed by the backend.\n  /// \n  /// [BackendUnlockMethodMeta]\n  meta Json\n\n  /// The AGE recipient for this unlock method.\n  recipient String @unique\n\n  /// The time when the unlock method was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the unlock method was last updated.\n  updatedAt DateTime @updatedAt\n}\n\ndatasource db {\n  provider = "postgresql"\n  url      = env("HIGHSTATE_MIGRATION_DATABASE_URL")\n}\n\ngenerator client {\n  provider               = "prisma-client"\n  previewFeatures        = ["queryCompiler", "driverAdapters"]\n  output                 = "../../../src/database/_generated/backend/postgresql"\n  moduleFormat           = "esm"\n  generatedFileExtension = "ts"\n  importFileExtension    = "ts"\n}\n\ngenerator json {\n  provider = "prisma-json-types-generator"\n}\n',
+  "inlineSchemaHash": "da1dbb64b6c731ded11a88c53a02bc985f6d5732acc37035289eded446f9fbcc",
+  "copyEngine": true,
+  "runtimeDataModel": {
+    "models": {},
+    "enums": {},
+    "types": {}
   },
-  dirname: ""
+  "dirname": ""
 };
-config2.runtimeDataModel = JSON.parse(
-  '{"models":{"UserWorkspaseLayout":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"layout","kind":"scalar","type":"Json"}],"dbName":null},"Library":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"LibraryToProject"}],"dbName":null},"Project":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"name","kind":"scalar","type":"String"},{"name":"spaceId","kind":"scalar","type":"String"},{"name":"modelStorageId","kind":"scalar","type":"String"},{"name":"libraryId","kind":"scalar","type":"String"},{"name":"pulumiBackendId","kind":"scalar","type":"String"},{"name":"encryptedMasterKey","kind":"scalar","type":"String"},{"name":"unlockSuite","kind":"scalar","type":"Json"},{"name":"databaseVersion","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"space","kind":"object","type":"ProjectSpace","relationName":"ProjectToProjectSpace"},{"name":"modelStorage","kind":"object","type":"ProjectModelStorage","relationName":"ProjectToProjectModelStorage"},{"name":"library","kind":"object","type":"Library","relationName":"LibraryToProject"},{"name":"pulumiBackend","kind":"object","type":"PulumiBackend","relationName":"ProjectToPulumiBackend"}],"dbName":null},"ProjectSpace":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"parentId","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectSpace"},{"name":"parent","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"},{"name":"children","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"}],"dbName":null},"ProjectModelStorage":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectModelStorage"}],"dbName":null},"PulumiBackend":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToPulumiBackend"}],"dbName":null}},"enums":{},"types":{}}'
-);
+config2.runtimeDataModel = JSON.parse('{"models":{"UserWorkspaceLayout":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"layout","kind":"scalar","type":"Json"}],"dbName":null},"Library":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"LibraryToProject"}],"dbName":null},"Project":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"name","kind":"scalar","type":"String"},{"name":"spaceId","kind":"scalar","type":"String"},{"name":"modelStorageId","kind":"scalar","type":"String"},{"name":"libraryId","kind":"scalar","type":"String"},{"name":"pulumiBackendId","kind":"scalar","type":"String"},{"name":"encryptedMasterKey","kind":"scalar","type":"String"},{"name":"unlockSuite","kind":"scalar","type":"Json"},{"name":"databaseVersion","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"space","kind":"object","type":"ProjectSpace","relationName":"ProjectToProjectSpace"},{"name":"modelStorage","kind":"object","type":"ProjectModelStorage","relationName":"ProjectToProjectModelStorage"},{"name":"library","kind":"object","type":"Library","relationName":"LibraryToProject"},{"name":"pulumiBackend","kind":"object","type":"PulumiBackend","relationName":"ProjectToPulumiBackend"}],"dbName":null},"ProjectSpace":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"parentId","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectSpace"},{"name":"parent","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"},{"name":"children","kind":"object","type":"ProjectSpace","relationName":"ProjectSpaceHierarchy"}],"dbName":null},"ProjectModelStorage":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToProjectModelStorage"}],"dbName":null},"PulumiBackend":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"projects","kind":"object","type":"Project","relationName":"ProjectToPulumiBackend"}],"dbName":null},"BackendUnlockMethod":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"recipient","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null}},"enums":{},"types":{}}');
 config2.engineWasm = void 0;
 async function decodeBase64AsWasm2(wasmBase64) {
   const { Buffer: Buffer2 } = await import('node:buffer');
@@ -937,9 +1077,9 @@ var config3 = {
       "fromEnvVar": null
     },
     "config": {
-      "moduleFormat": "esm",
-      "generatedFileExtension": "ts",
       "importFileExtension": "ts",
+      "generatedFileExtension": "ts",
+      "moduleFormat": "esm",
       "engineType": "client"
     },
     "binaryTargets": [
@@ -963,17 +1103,16 @@ var config3 = {
     "db"
   ],
   "activeProvider": "sqlite",
-  "postinstall": false,
   "inlineDatasources": {
     "db": {
       "url": {
-        "fromEnvVar": null,
-        "value": "<invalid>"
+        "fromEnvVar": "HIGHSTATE_MIGRATION_DATABASE_URL",
+        "value": null
       }
     }
   },
-  "inlineSchema": '/// The API key provides authentication tokens for accessing the platform API.\n///\n/// Each API key impersonates a service account, inheriting its permissions and access scope.\n/// Keys are automatically created for worker versions and can be manually created for\n/// external integrations. The token is a 32-byte random hex string that can be regenerated.\nmodel ApiKey {\n  /// The CUIDv2 of the API key.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the API key managed by the backend.\n  ///\n  /// [ApiKeyMeta]\n  meta Json\n\n  /// The ID of the service account impersonated by this API key.\n  serviceAccountId String\n\n  /// The API token for authentication.\n  token String @unique\n\n  /// The time when the API key was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the API key was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The worker version that owns this API key.\n  worker WorkerVersion?\n\n  /// The service account which this API key impersonates.\n  serviceAccount ServiceAccount @relation(fields: [serviceAccountId], references: [id], onDelete: Cascade)\n}\n\n/// The artifact represents a file or folder stored in the system.\n///\n/// It can be produced by units or manually uploaded via API by service accounts.\n///\n/// Since different actors can produce the same artifact with the same content and hash,\n/// there is the ownership/usage concept to track which entities produce or use the artifact.\n/// The "ownership" and "usage" are synonymous in this context and often referred to as "usage".\n///\n/// When no usages are present, the artifact will be automatically garbage collected after a certain period.\nmodel Artifact {\n  /// The CUIDv2 of the artifact.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the artifact managed by the backend.\n  ///\n  /// Since multiple actors can produce the same artifact,\n  /// this metadata is the last one provided by any actor.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The SHA256 hash of the artifact content.\n  hash String @unique\n\n  /// The size of the compressed artifact content in bytes.\n  ///\n  /// Does not represent the size of the original file or folder,\n  /// but the size used to store the artifact in the system.\n  size Int\n\n  /// The chunk size of the artifact content in bytes.\n  /// Used to split the artifact into smaller chunks for storage.\n  chunkSize Int\n\n  /// The timestamp when the artifact fist appeared in the system.\n  createdAt DateTime @default(now())\n\n  /// The timestamp when the artifact was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The service accounts using this artifact.\n  serviceAccounts ServiceAccount[]\n\n  /// The instances using this artifact.\n  instances InstanceState[]\n\n  /// The terminals using this artifact.\n  terminals Terminal[]\n\n  /// The pages using this artifact.\n  pages Page[]\n}\n\nmodel InstanceCustomStatus {\n  /// The ID of the instance state this status belongs to.\n  stateId String\n\n  /// The ID of the service account which attached this custom status.\n  serviceAccountId String\n\n  /// The name of the custom status unique within the instance and service account.\n  name String\n\n  /// The metadata of the custom status managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The status value of the custom status.\n  value String\n\n  /// The message describing the instance\'s custom status.\n  /// \n  /// Can be used to provide additional context or information about the status.\n  ///\n  /// The message will be displayed in the 800x600 ANSI terminal in the UI,\n  /// so differenet TUI elements should be drawn within this area.\n  message String?\n\n  /// The order of the custom status in the list of statuses.\n  ///\n  /// Should be values from 0 to 100, where 0 is the highest priority.\n  /// By default, the order is 50.\n  order Int @default(50)\n\n  /// The time when the custom status was first attached to the instance.\n  createdAt DateTime @default(now())\n\n  /// The time when the custom status was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this custom status belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  /// The service account this custom status belongs to.\n  serviceAccount ServiceAccount @relation(fields: [serviceAccountId], references: [id])\n\n  @@id([stateId, serviceAccountId, name]) // the name must be unique within the instance and service account\n}\n\nenum InstanceEvaluationStatus {\n  /// transient statuses (not persisted in the database)\n  evaluating\n\n  /// stable statuses\n  evaluated\n  error\n}\n\n/// The evaluation state tracks the result of evaluating composite instances to produce virtual instances.\n///\n/// Composite instances are template components that generate other instances (virtual instances) when evaluated.\n/// The evaluation process executes the composite\'s create function with resolved inputs to produce a tree\n/// of child instances. These virtual instances exist in the source "virtual" state and can be units\n/// (mapping to Pulumi resources) or other composites (producing more virtual instances recursively).\n///\n/// Evaluation happens automatically after project unlock and library reloads to keep virtual instances\n/// synchronized with their composite definitions. Evaluation state persists the produced instance model\n/// and tracks success/error status with descriptive messages showing the instance tree or error details.\nmodel InstanceEvaluationState {\n  /// The ID of the state of the instance.\n  stateId String @id\n\n  /// The status of the instance evaluation.\n  status InstanceEvaluationStatus\n\n  /// The message describing the evaluation status.\n  /// If the evaluation is failed, this message will contain the error description.\n  message String?\n\n  /// The model produced by the evaluation.\n  ///\n  /// Will be `null` if the evaluation is failed.\n  ///\n  /// Can be set for both: real composite instances and virtual instances produced by the evaluation.\n  ///\n  /// [InstanceModel]\n  model Json?\n\n  /// The time when the last evaluation was finished.\n  evaluatedAt DateTime @updatedAt\n\n  /// The instance this state belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n}\n\nenum InstanceStatus {\n  /// The instance is exists in the model (resident or virtual), but not yet deployed or was completely destroyed.\n  ///\n  /// "attempted", "deployed" and "failed" instances can be transitioned back to "undeployed" after\n  /// successful "destroy" operation.\n  undeployed\n\n  /// The instance is attempted, but not yet fully deployed.\n  ///\n  /// Normally, this status is very short-lived, and here to indicate that the instance\n  /// cannot be safely deleted from the the model until it will be completely destroyed.\n  attempted\n\n  /// The initial deployment of the instance was successful.\n  ///\n  /// The transition of "deployed -> failed" is not possible, so consequent failed operations\n  /// will not affect this status.\n  ///\n  /// Like "attempted", that instance cannot be safely deleted from the model until it will be completely destroyed.\n  deployed\n\n  /// The initial deployment of the instance failed.\n  /// It can still be transitioned to "deployed" by a successful operation\n  ///\n  /// Like "attempted", that instance cannot be safely deleted from the model until it will be completely destroyed.\n  failed\n}\n\nenum InstanceSource {\n  /// The instance is defined in the project model.\n  resident\n\n  /// The instance is produced by evaluation of composite instance.\n  virtual\n}\n\nmodel InstanceState {\n  /// The surrogate CUIDv2 primary key of the instance to allow renaming instances.\n  id String @id @default(cuid(2))\n\n  /// The ID of the instance managed by the system.\n  ///\n  /// [InstanceId]\n  instanceId String @unique\n\n  /// The status of the instance.\n  status InstanceStatus\n\n  /// The source of the instance.\n  source InstanceSource\n\n  /// The kind of the instance.\n  ///\n  /// [InstanceKind]\n  kind String\n\n  /// The ID of the parent instance state, if this instance is a child of another composite instance.\n  parentId String?\n\n  /// The 32-bit nonce used to invalidate the input hash when secrets are updated.\n  inputHashNonce Int?\n\n  /// The calculated instance CRC32 input hash at the moment of last operation completion.\n  ///\n  /// This hash covers:\n  /// - the instance\'s configuration (name, args, secret hashes);\n  /// - component definition hash;\n  /// - the unit\'s source hash (if applicable);\n  /// - the input hashes and output hashes of all input instances.\n  inputHash Int?\n\n  /// The CRC32 of the SHA256 of the output produced by the instance at the moment of last operation completion.\n  ///\n  /// Does not depend on anything except the instance\'s output.\n  outputHash Int?\n\n  /// The calculated CRC32 dependency output hash at the moment of last operation completion.\n  ///\n  /// This hash is calculated as combination of output hashes of all input instances and nothing else.\n  ///\n  /// The primary use case of this hash is to "short-circuit" execution:\n  /// if the outputs of input instances have not changed, dependent instances can skip execution,\n  /// even if their input hashes changed due to upstream config changes.\n  /// This prevents unnecessary re-execution of the entire dependency graph when only non-output-affecting inputs are modified.\n  dependencyOutputHash Int?\n\n  /// The mapping of instance output names to artifact IDs passed via them.\n  ///\n  /// Used to authorize access to artifacts for other instances connected to these outputs.\n  ///\n  /// [InstanceArtifactIds]\n  exportedArtifactIds Json?\n\n  /// The snapshot of the instance model at the moment of last non-preview operation start.\n  ///\n  /// Null if the instance was never operated on.\n  ///\n  /// [InstanceModel]\n  model Json?\n\n  /// The snapshot of the resolved inputs at the moment of last non-preview operation start.\n  ///\n  /// Null if the instance was never operated on.\n  ///\n  /// [InstanceResolvedInputs]\n  resolvedInputs Json?\n\n  /// The count of Pulumi resources currently managed by this instance.\n  currentResourceCount Int?\n\n  /// The status fields produced by the last operation.\n  ///\n  /// [InstanceStatusFields]\n  statusFields Json?\n\n  /// The parent instance.\n  parent InstanceState? @relation("InstanceHierarchy", fields: [parentId], references: [id])\n\n  /// The child instances, if any.\n  children InstanceState[] @relation("InstanceHierarchy")\n\n  /// The evaluation state of this instance.\n  evaluationState InstanceEvaluationState?\n\n  /// The operation states associated with this instance.\n  operationStates InstanceOperationState[]\n\n  /// The secrets associated with this instance.\n  secrets Secret[]\n\n  /// The terminals associated with this instance.\n  terminals Terminal[]\n\n  /// The pages associated with this instance.\n  pages Page[]\n\n  /// The triggers associated with this instance.\n  triggers Trigger[]\n\n  /// Custom statuses for this instance.\n  customStatuses InstanceCustomStatus[]\n\n  /// The lock that is currently held on this instance.\n  lock InstanceLock?\n\n  /// Worker registrations associated with this instance.\n  workerRegistrations WorkerUnitRegistration[]\n\n  /// The artifacts produced or used by this instance.\n  artifacts Artifact[]\n\n  /// The operation logs associated with this instance.\n  operationLogs OperationLog[]\n\n  /// The user viewports associated with this instance.\n  userViewports UserCompositeViewport[]\n}\n\nmodel UserProjectViewport {\n  /// The opaque ID of the user to which this viewport belongs.\n  userId String @id\n\n  /// The viewport of the user project managed by the frontend.\n  viewport Json\n}\n\nmodel UserCompositeViewport {\n  /// The opaque ID of the user to which this viewport belongs.\n  userId String\n\n  /// The ID of the state of the composite instance to which this viewport belongs.\n  stateId String\n\n  /// The viewport of the user composite instance managed by the frontend.\n  viewport Json\n\n  /// The instance state to which this viewport belongs.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  @@id([userId, stateId])\n}\n\nmodel InstanceLock {\n  /// The ID of the instance state being locked.\n  stateId String @id\n\n  /// The metadata of the lock managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The CUIDv2 token to ensure ownership of the lock.\n  token String\n\n  /// The time when the lock was acquired.\n  acquiredAt DateTime @default(now())\n\n  /// The instance being locked.\n  state InstanceState @relation(fields: [stateId], references: [id])\n}\n\ndatasource db {\n  provider  = "sqlite"\n  directUrl = env("HIGHSTATE_MIGRATION_DATABASE_URL")\n}\n\ngenerator client {\n  provider               = "prisma-client"\n  previewFeatures        = ["queryCompiler", "driverAdapters"]\n  output                 = "../../src/database/_generated/project"\n  moduleFormat           = "esm"\n  generatedFileExtension = "ts"\n  importFileExtension    = "ts"\n}\n\ngenerator json {\n  provider = "prisma-json-types-generator"\n}\n\n/// The container for project instances. \n///\n/// Only used when "database" project model storage is used.\nmodel InstanceModel {\n  /// The ID of the instance in the format of `{type}:{name}`.\n  id String @id\n\n  /// The model of the instance managed by the backend.\n  ///\n  /// [InstanceModel]\n  model Json\n\n  /// The time when the instance model was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the instance model was last updated.\n  updatedAt DateTime @updatedAt\n}\n\n/// The container for project hubs.\n///\n/// Only used when "database" project model storage is used.\nmodel HubModel {\n  /// The CUIDv2 of the hub.\n  id String @id\n\n  /// The model of the hub managed by the backend.\n  ///\n  /// [HubModel]\n  model Json\n\n  /// The time when the hub model was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the hub model was last updated.\n  updatedAt DateTime @updatedAt\n}\n\nenum OperationStatus {\n  // transient statuses\n  pending\n  running\n  failing\n\n  // stable statuses\n  completed\n  failed\n  cancelled\n}\n\nenum OperationType {\n  update\n  preview\n  destroy\n  recreate\n  refresh\n}\n\nenum InstanceOperationStatus {\n  // transient statuses\n  updating\n  processing_triggers\n  previewing\n  destroying\n  refreshing\n  pending\n  cancelling\n\n  // stable statuses\n  updated\n  skipped\n  destroyed\n  refreshed\n  cancelled\n  failed\n}\n\nmodel Operation {\n  /// The CUIDv2 of the operation.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the operation.\n  ///\n  /// [OperationMeta]\n  meta Json\n\n  /// The type of the operation.\n  type OperationType\n\n  /// The status of the operation.\n  status OperationStatus @default(pending)\n\n  /// The options of the operation.\n  ///\n  /// [OperationOptions]\n  options Json\n\n  /// The IDs of the instances that were exlicitly requested to operate on.\n  ///\n  /// [InstanceIds]\n  requestedInstanceIds Json\n\n  /// The execution phases of the operation.\n  ///\n  /// [OperationPhase[]]\n  phases Json?\n\n  /// The time when the operation started.\n  startedAt DateTime @default(now())\n\n  /// The time when the operation was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The time when the operation finished.\n  finishedAt DateTime?\n\n  /// The operation states associated with this operation.\n  operationStates InstanceOperationState[]\n\n  /// The logs of the operation.\n  logs OperationLog[]\n}\n\nmodel InstanceOperationState {\n  /// The ID of the operation this state belongs to.\n  operationId String\n\n  /// The ID of the instance state affected by the operation.\n  stateId String\n\n  /// The enum representing the current status of the instance from the operation perspective.\n  status InstanceOperationStatus\n\n  /// The current count of the Pulumi resources being managed by this instance.\n  currentResourceCount Int?\n\n  /// The total count of the Pulumi resources that this instance is expected to manage.\n  totalResourceCount Int?\n\n  /// The snapshot of the instance model at the moment of operation start.\n  ///\n  /// [InstanceModel]\n  model Json\n\n  /// The snapshot of the resolved inputs at the moment of operation start.\n  ///\n  /// [InstanceResolvedInputs]\n  resolvedInputs Json\n\n  /// The time when the operation on this instance started.\n  /// Not populated on create, even if the instance is ready to start immediately.\n  startedAt DateTime?\n\n  /// The time when the operation on this instance finished.\n  finishedAt DateTime?\n\n  /// The operation this state belongs to.\n  operation Operation @relation(fields: [operationId], references: [id])\n\n  /// The instance this state belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  @@id([operationId, stateId])\n}\n\nmodel OperationLog {\n  /// The ULID of the log. Also used to extract the timestamp.\n  id String @id\n\n  /// The ID of the operation this log belongs to.\n  operationId String\n\n  /// The ID of the instance state this log produced by.\n  /// Can be `null` if the log is not associated with any instance.\n  stateId String?\n\n  /// The content of the log.\n  content String\n\n  /// The operation this log belongs to.\n  operation Operation @relation(fields: [operationId], references: [id])\n\n  /// The instance this log produced by.\n  /// Can be `null` if the log is not associated with any instance.\n  state InstanceState? @relation(fields: [stateId], references: [id])\n}\n\n/// The page provides custom UI content for instances and service accounts.\n///\n/// Pages can be created by units to display instance-specific information or by service accounts.\n/// The content consists of blocks that support markdown text, QR codes with optional content display,\n/// and file attachments (inline or artifact references). Instance pages are explicitly deleted\n/// when instances are destroyed.\nmodel Page {\n  /// The CUIDv2 of the page.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the page managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The ID of the instance state that owns this page.\n  stateId String?\n\n  /// The name of the page within the instance.\n  /// Will be null if the page is not owned by an instance.\n  name String?\n\n  /// The ID of the service account that owns this page.\n  serviceAccountId String?\n\n  /// The content of the page as an array of blocks.\n  ///\n  /// Supports markdown, QR codes, and file blocks.\n  ///\n  /// [PageContent]\n  content Json\n\n  /// The time when the page was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the page was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this page belongs to if any.\n  state InstanceState? @relation(fields: [stateId], references: [id])\n\n  /// The service account this page belongs to if any. \n  serviceAccount ServiceAccount? @relation(fields: [serviceAccountId], references: [id])\n\n  /// The artifacts used by this page.\n  artifacts Artifact[]\n\n  @@unique([stateId, name]) // the name is unique within the instance\n}\n\n/// The secret stores sensitive configuration values for instances, service accounts, and system components.\n///\n/// Secrets can be instance-owned (for unit configuration), service account-owned, or system-level\n/// (like Pulumi passwords). \n///\n/// Secrets persist through normal destroy (recreate) operations\n/// and are only deleted when explicitly forgetting instance state with the deleteSecrets flag or when manually deleted.\n///\n/// Secret updates invalidate instance input hashes via inputHashNonce, triggering re-execution\n/// during operations. But the content of the secrets itself do not contribute to the input hash.\n///\n/// System secrets like Pulumi passwords are created on-demand and persist for the whole project lifetime.\nmodel Secret {\n  /// The CUIDv2 of the secret.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the secret managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The ID of the state of the instance owning this secret.\n  stateId String?\n\n  /// The name of the secret within the instance.\n  ///\n  /// Will be null if the secret is not owned by an instance.\n  name String?\n\n  /// The name of the secret within the project if the secret is a system secret.\n  systemName String? @unique\n\n  /// The ID of the service account owning this secret.\n  serviceAccountId String?\n\n  /// The content of the secret.\n  ///\n  /// ![unknown]\n  content Json\n\n  /// The time when the secret was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the secret was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this secret belongs to.\n  state InstanceState? @relation(fields: [stateId], references: [id])\n\n  /// The service account this secret belongs to.\n  serviceAccount ServiceAccount? @relation(fields: [serviceAccountId], references: [id])\n\n  @@unique([stateId, name]) // the name must be unique within the instance\n}\n\n/// The service account represents an identity for non-human actors in the system.\n///\n/// Service accounts are automatically created for workers and can be manually created\n/// for external integrations. They define the access scope for resources like artifacts,\n/// secrets, terminals, and pages. Multiple API keys can impersonate the same service account,\n/// allowing different authentication tokens to share the same permissions.\nmodel ServiceAccount {\n  /// The CUIDv2 of the service account.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the service account managed by the backend.\n  ///\n  /// [ServiceAccountMeta]\n  meta Json\n\n  /// The time when the service account was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the service account was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The workers using this service account.\n  workers Worker[]\n\n  /// The artifacts used by this service account.\n  artifacts Artifact[]\n\n  /// The secrets owned by this service account.\n  secrets Secret[]\n\n  /// The terminals owned by this service account.\n  terminals Terminal[]\n\n  /// The pages owned by this service account.\n  pages Page[]\n\n  /// The instance custom statuses attached by this service account.\n  customStatuses InstanceCustomStatus[]\n\n  /// The API keys impersonating this service account.\n  apiKeys ApiKey[]\n}\n\n/// The terminal status indicates whether a terminal can accept new connections.\nenum TerminalStatus {\n  /// The terminal is currently active and can create new sessions.\n  active\n\n  /// The instance was destroyed and the terminal is no longer available, but here for historical purposes.\n  unavailable\n}\n\n/// The terminal provides interactive shell access to infrastructure resources.\n///\n/// Terminals can be created by units (owned by instances) or by service accounts.\n/// Each terminal maintains a specification for creating containers that power the terminal,\n/// including image, command, environment, and mounted files.\n///\n/// Instance-owned terminals are marked unavailable when the instance is destroyed, preserving session history.\n/// Service account terminals persist independently.\nmodel Terminal {\n  /// The CUIDv2 of the terminal.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the terminal managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The status of the terminal.\n  status TerminalStatus @default(active)\n\n  /// The specification for creating the container that powers this terminal.\n  ///\n  /// Includes image, command, working directory, environment variables, and files.\n  ///\n  /// [TerminalSpec]\n  spec Json\n\n  /// The ID of the instance state owning this terminal.\n  stateId String?\n\n  /// The name of the terminal within the instance.\n  ///\n  /// Will be null if the terminal is not owned by an instance.\n  name String?\n\n  /// The ID of the service account owning this terminal.\n  serviceAccountId String?\n\n  /// The time when the terminal was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the terminal was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this terminal belongs to.\n  state InstanceState? @relation(fields: [stateId], references: [id], onDelete: Cascade)\n\n  /// The service account this terminal belongs to.\n  serviceAccount ServiceAccount? @relation(fields: [serviceAccountId], references: [id], onDelete: Cascade)\n\n  /// The terminal sessions associated with this terminal.\n  sessions TerminalSession[]\n\n  /// The artifacts used by this terminal.\n  artifacts Artifact[]\n\n  @@unique([stateId, name]) // the name is unique within the instance\n}\n\n/// The terminal session represents a single interactive connection to a terminal.\n///\n/// Each session tracks when it started and finished. All session output is preserved in logs.\nmodel TerminalSession {\n  /// The CUIDv2 of the terminal session.\n  id String @id @default(cuid(2))\n\n  /// The ID of the terminal this session belongs to.\n  terminalId String\n\n  /// The time when the terminal session started.\n  startedAt DateTime @default(now())\n\n  /// The time when the terminal session finished.\n  finishedAt DateTime?\n\n  /// The terminal this session belongs to.\n  terminal Terminal @relation(fields: [terminalId], references: [id], onDelete: Cascade)\n\n  /// The logs of the terminal session.\n  logs TerminalSessionLog[]\n}\n\n/// The terminal session log captures all input and output from a terminal session.\n///\n/// Logs are stored with ULID identifiers for timestamp ordering.\nmodel TerminalSessionLog {\n  /// The ULID of the session log. Also used to extract the timestamp.\n  id String @id\n\n  /// The ID of the terminal session this log belongs to.\n  sessionId String\n\n  /// The content of the log.\n  content String\n\n  /// The terminal session this log belongs to.\n  session TerminalSession @relation(fields: [sessionId], references: [id], onDelete: Cascade)\n}\n\n/// The trigger defines automated actions that execute in response to specific events.\n///\n/// Triggers are created by units to perform actions at defined points in the instance lifecycle\n/// or on schedule. The spec field determines the trigger type and behavior - currently supporting\n/// before-destroy triggers, with planned support for additional types like cron scheduling.\n/// Triggers are deleted along with their instance.\nmodel Trigger {\n  /// The CUIDv2 of the trigger.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the trigger managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The ID of the instance state this trigger belongs to.\n  stateId String\n\n  /// The name of the trigger within the instance.\n  name String\n\n  /// The specification of the trigger describing its type and behavior.\n  ///\n  /// [TriggerSpec]\n  spec Json\n\n  /// The time when the trigger was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the trigger was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this trigger belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  @@unique([stateId, name]) // the name is unique within the instance\n}\n\n/// The unlock method type determines how users authenticate to decrypt project databases.\nenum UnlockMethodType {\n  /// The password is used to unlock the project.\n  password\n\n  /// The passkey (via WebAuthn) is used to unlock the project.\n  passkey\n}\n\n/// The unlock method enables decryption of project databases through user authentication.\n///\n/// Each project database is encrypted with a master key, which is then encrypted for each\n/// unlock method\'s recipient using AGE encryption. Users authenticate (password or passkey)\n/// to decrypt their specific AGE identity, which then decrypts the master key.\n///\n/// Multiple unlock methods can exist per project, allowing different authentication paths\n/// to the same encrypted database. When unlock methods are added/removed, the master key\n/// is re-encrypted for the new set of recipients.\n///\n/// The encryptedIdentity contains the AGE identity encrypted with the user\'s authentication\n/// method (password-derived key or WebAuthn), while the recipient is the public key\n/// corresponding to that identity.\nmodel UnlockMethod {\n  /// The CUIDv2 of the unlock method.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the unlock method managed by the backend.\n  /// \n  /// [UnlockMethodMeta]\n  meta Json\n\n  /// The type of unlock method.\n  type UnlockMethodType\n\n  /// The AGE identity encrypted and armored also with AGE.\n  encryptedIdentity String\n\n  /// The AGE recipient for this unlock method.\n  recipient String\n\n  /// The time when the unlock method was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the unlock method was last updated.\n  updatedAt DateTime @updatedAt\n}\n\n/// The worker represents a containerized application that extends unit capabilities beyond Pulumi execution.\n///\n/// Workers enable units to perform runtime operations after Pulumi program completion,\n/// such as attaching custom statuses, monitoring resources, or triggering unit reconfigurations.\n/// Since Pulumi programs cannot affect instances after execution, workers bypass this limitation\n/// by providing persistent runtime behavior.\n///\n/// The worker identity (fully qualified image name) indicates the same publisher/party and services as natural authentication mechanism.\n/// All versions of a worker share the same service account, meaning they operate over\n/// the same resources and have the same access scope within the platform.\nmodel Worker {\n  /// The CUIDv2 of the worker.\n  id String @id @default(cuid(2))\n\n  /// The identity of the worker derived from the container image.\n  ///\n  /// This is the fully qualified image name without the tag or digest.\n  /// The format is `{<registry>/}[<namespace>/]<name>`.\n  ///\n  /// For example: `ghcr.io/highstate/worker` or `docker.io/library/ubuntu`.\n  identity String @unique\n\n  /// The ID of the service account this worker uses.\n  serviceAccountId String @unique\n\n  /// The time this worker first appeared in the system.\n  createdAt DateTime @default(now())\n\n  /// The service account impersonating this worker.\n  serviceAccount ServiceAccount @relation(fields: [serviceAccountId], references: [id])\n\n  /// The versions of this worker.\n  versions WorkerVersion[]\n}\n\nenum WorkerVersionStatus {\n  /// The status is unknown.\n  unknown\n\n  /// The worker is being started by one of the runtimes.\n  starting\n\n  /// The worker is running and serving registrations.\n  running\n\n  /// The worker is being stopping (after was starting/running and was disabled).\n  stopping\n\n  /// The worker is stopped and not serving registrations.\n  stopped\n\n  /// The worker failed to start/crashed more than the allowed number of times.\n  error\n}\n\n/// The worker version represents a specific container image digest of a worker.\n///\n/// Each version corresponds to an immutable container image identified by its SHA256 digest.\n/// Versions are automatically created when units reference new image digests and deleted\n/// when no longer referenced by any unit registrations.\n///\n/// Each version has its own API key for isolation, but all versions of a worker\n/// share the same service account and thus the same access scope within the platform.\n/// The runtime starts containers when registrations exist and stops them when removed.\nmodel WorkerVersion {\n  /// The CUIDv2 of the worker version.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the worker version managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The current status of the worker version reported by the runtime.\n  status WorkerVersionStatus @default(unknown)\n\n  /// Whether this worker version is enabled and will be launched when project is unclocked.\n  enabled Boolean @default(true)\n\n  /// The ID of the runtime where this worker version currently runs.\n  runtimeId String?\n\n  /// The ID of the worker this version belongs to.\n  workerId String\n\n  /// The digest of the worker version used to identify it.\n  /// The format is raw SHA256 digest without the `sha256:` prefix.\n  digest String @unique\n\n  /// The ID of the API key this worker version uses.\n  apiKeyId String @unique\n\n  /// The time this worker version was created.\n  createdAt DateTime @default(now())\n\n  /// The time this worker version was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The worker this version belongs to.\n  worker Worker @relation(fields: [workerId], references: [id])\n\n  /// The API key this worker version uses.\n  apiKey ApiKey @relation(fields: [apiKeyId], references: [id])\n\n  /// The unit registrations for this worker version.\n  unitRegistrations WorkerUnitRegistration[]\n\n  /// The logs produced by this worker version.\n  logs WorkerVersionLog[]\n}\n\n/// The worker unit registration tracks which unit instances require specific worker versions.\n///\n/// Units declare worker dependencies through their outputs, creating registrations that\n/// trigger the runtime to start corresponding worker containers. Each registration\n/// includes parameters passed to the worker for unit-specific configuration.\n///\n/// Registrations are managed during operation execution - created when units declare workers\n/// and removed when units are destroyed. Worker versions without registrations are garbage collected.\nmodel WorkerUnitRegistration {\n  /// The ID of the state of the unit instance requesting the registration.\n  stateId String\n\n  /// The name of the worker within the instance.\n  name String\n\n  /// The parameters of the registration passed by the unit.\n  ///\n  /// [WorkerUnitRegistrationParams]\n  params Json\n\n  /// The ID of the worker version this registration currently uses.\n  workerVersionId String\n\n  /// The time this registration was created.\n  createdAt DateTime @default(now())\n\n  /// The time this registration was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The unit instance requesting the registration.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  /// The worker version this registration currently uses.\n  workerVersion WorkerVersion @relation(fields: [workerVersionId], references: [id])\n\n  @@id([stateId, name]) // the registration is identified by the instance and name\n}\n\n/// The worker version log captures output from running worker containers.\n///\n/// Logs include both worker-generated output and system messages from the runtime.\n/// The ULID identifier provides timestamp ordering. Logs are deleted with the worker version.\nmodel WorkerVersionLog {\n  /// The ULID of the worker log. Also used to extract the timestamp.\n  id String @id @default(ulid())\n\n  /// The ID of the worker version that produced this log.\n  workerVersionId String\n\n  /// The log content.\n  content String\n\n  /// Whether this log is a system/runtime message (vs worker output).\n  isSystem Boolean @default(false)\n\n  /// The worker version that produced this log.\n  workerVersion WorkerVersion @relation(fields: [workerVersionId], references: [id], onDelete: Cascade)\n}\n',
-  "inlineSchemaHash": "56f573323bf665e977575ff802fe9d1f0779f20fa18e1b04c625d281406eca55",
+  "inlineSchema": '/// The API key provides authentication tokens for accessing the platform API.\n///\n/// Each API key impersonates a service account, inheriting its permissions and access scope.\n/// Keys are automatically created for worker versions and can be manually created for\n/// external integrations. The token is a 32-byte random hex string that can be regenerated.\nmodel ApiKey {\n  /// The CUIDv2 of the API key.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the API key managed by the backend.\n  ///\n  /// [ApiKeyMeta]\n  meta Json\n\n  /// The ID of the service account impersonated by this API key.\n  serviceAccountId String\n\n  /// The API token for authentication.\n  ///\n  /// Should be treated as a secret and only shown once at creation/regeneration.\n  token String @unique\n\n  /// The time when the API key was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the API key was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The worker version that owns this API key.\n  worker WorkerVersion?\n\n  /// The service account which this API key impersonates.\n  serviceAccount ServiceAccount @relation(fields: [serviceAccountId], references: [id])\n}\n\n/// The artifact represents a file or folder stored in the system.\n///\n/// It can be produced by units or manually uploaded via API by service accounts.\n///\n/// Since different actors can produce the same artifact with the same content and hash,\n/// there is the ownership/usage concept to track which entities produce or use the artifact.\n/// The "ownership" and "usage" are synonymous in this context and often referred to as "usage".\n///\n/// When no usages are present, the artifact will be automatically garbage collected after a certain period.\nmodel Artifact {\n  /// The CUIDv2 of the artifact.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the artifact managed by the backend.\n  ///\n  /// Since multiple actors can produce the same artifact,\n  /// this metadata is the last one provided by any actor.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The SHA256 hash of the artifact content.\n  hash String @unique\n\n  /// The size of the compressed artifact content in bytes.\n  ///\n  /// Does not represent the size of the original file or folder,\n  /// but the size used to store the artifact in the system.\n  size Int\n\n  /// The chunk size of the artifact content in bytes.\n  /// Used to split the artifact into smaller chunks for storage.\n  chunkSize Int\n\n  /// The time when the artifact first appeared in the system.\n  createdAt DateTime @default(now())\n\n  /// The time when the artifact was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The service accounts using this artifact.\n  serviceAccounts ServiceAccount[]\n\n  /// The instances using this artifact.\n  instances InstanceState[]\n\n  /// The terminals using this artifact.\n  terminals Terminal[]\n\n  /// The pages using this artifact.\n  pages Page[]\n}\n\nmodel InstanceCustomStatus {\n  /// The ID of the instance state this status belongs to.\n  stateId String\n\n  /// The ID of the service account which attached this custom status.\n  serviceAccountId String\n\n  /// The name of the custom status unique within the instance and service account.\n  name String\n\n  /// The metadata of the custom status managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The status value of the custom status.\n  value String\n\n  /// The message describing the instance\'s custom status.\n  /// \n  /// Can be used to provide additional context or information about the status.\n  ///\n  /// The message will be displayed in the 800x600 ANSI terminal in the UI,\n  /// so different TUI elements should be drawn within this area.\n  message String?\n\n  /// The order of the custom status in the list of statuses.\n  ///\n  /// Should be values from 0 to 100, where 0 is the highest priority.\n  /// By default, the order is 50.\n  order Int @default(50)\n\n  /// The time when the custom status was first attached to the instance.\n  createdAt DateTime @default(now())\n\n  /// The time when the custom status was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this custom status belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  /// The service account this custom status belongs to.\n  serviceAccount ServiceAccount @relation(fields: [serviceAccountId], references: [id])\n\n  @@id([stateId, serviceAccountId, name]) // the name must be unique within the instance and service account\n}\n\nenum InstanceEvaluationStatus {\n  /// transient statuses (not persisted in the database)\n  evaluating\n\n  /// stable statuses\n  evaluated\n  error\n}\n\n/// The evaluation state tracks the result of evaluating composite instances to produce virtual instances.\n///\n/// Composite instances are template components that generate other instances (virtual instances) when evaluated.\n/// The evaluation process executes the composite\'s create function with resolved inputs to produce a tree\n/// of child instances. These virtual instances exist in the source "virtual" state and can be units\n/// (mapping to Pulumi resources) or other composites (producing more virtual instances recursively).\n///\n/// Evaluation happens automatically after project unlock and library reloads to keep virtual instances\n/// synchronized with their composite definitions. Evaluation state persists the produced instance model\n/// and tracks success/error status with descriptive messages showing the instance tree or error details.\nmodel InstanceEvaluationState {\n  /// The ID of the state of the instance.\n  stateId String @id\n\n  /// The status of the instance evaluation.\n  status InstanceEvaluationStatus\n\n  /// The message describing the evaluation status.\n  /// If the evaluation is failed, this message will contain the error description.\n  message String?\n\n  /// The model produced by the evaluation.\n  ///\n  /// Will be `null` if the evaluation is failed.\n  ///\n  /// Can be set for both: real composite instances and virtual instances produced by the evaluation.\n  ///\n  /// [InstanceModel]\n  model Json?\n\n  /// The time when the last evaluation was finished.\n  evaluatedAt DateTime @updatedAt\n\n  /// The instance this state belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n}\n\nenum InstanceStatus {\n  /// The instance is exists in the model (resident or virtual), but not yet deployed or was completely destroyed.\n  ///\n  /// "attempted", "deployed" and "failed" instances can be transitioned back to "undeployed" after\n  /// successful "destroy" operation.\n  undeployed\n\n  /// The instance is attempted, but not yet fully deployed.\n  ///\n  /// Normally, this status is very short-lived, and here to indicate that the instance\n  /// cannot be safely deleted from the the model until it will be completely destroyed.\n  attempted\n\n  /// The initial deployment of the instance was successful.\n  ///\n  /// The transition of "deployed -> failed" is not possible, so consequent failed operations\n  /// will not affect this status.\n  ///\n  /// Like "attempted", that instance cannot be safely deleted from the model until it will be completely destroyed.\n  deployed\n\n  /// The initial deployment of the instance failed.\n  /// It can still be transitioned to "deployed" by a successful operation\n  ///\n  /// Like "attempted", that instance cannot be safely deleted from the model until it will be completely destroyed.\n  failed\n}\n\nenum InstanceSource {\n  /// The instance is defined in the project model.\n  resident\n\n  /// The instance is produced by evaluation of composite instance.\n  virtual\n}\n\nmodel InstanceState {\n  /// The surrogate CUIDv2 primary key of the instance to allow renaming instances.\n  id String @id @default(cuid(2))\n\n  /// The ID of the instance managed by the system.\n  ///\n  /// [InstanceId]\n  instanceId String @unique\n\n  /// The status of the instance.\n  status InstanceStatus\n\n  /// The source of the instance.\n  source InstanceSource\n\n  /// The kind of the instance.\n  ///\n  /// [InstanceKind]\n  kind String\n\n  /// The ID of the parent instance state, if this instance is a child of another composite instance.\n  parentId String?\n\n  /// The 32-bit nonce used to invalidate the input hash when secrets are updated.\n  inputHashNonce Int?\n\n  /// The calculated instance CRC32 input hash at the moment of last operation completion.\n  ///\n  /// This hash covers:\n  /// - the instance\'s configuration (name, args, secret hashes);\n  /// - component definition hash;\n  /// - the unit\'s source hash (if applicable);\n  /// - the input hashes and output hashes of all input instances.\n  inputHash Int?\n\n  /// The CRC32 of the SHA256 of the output produced by the instance at the moment of last operation completion.\n  ///\n  /// Does not depend on anything except the instance\'s output.\n  outputHash Int?\n\n  /// The calculated CRC32 dependency output hash at the moment of last operation completion.\n  ///\n  /// This hash is calculated as combination of output hashes of all input instances and nothing else.\n  ///\n  /// The primary use case of this hash is to "short-circuit" execution:\n  /// if the outputs of input instances have not changed, dependent instances can skip execution,\n  /// even if their input hashes changed due to upstream config changes.\n  /// This prevents unnecessary re-execution of the entire dependency graph when only non-output-affecting inputs are modified.\n  dependencyOutputHash Int?\n\n  /// The mapping of instance output names to artifact IDs passed via them.\n  ///\n  /// Used to authorize access to artifacts for other instances connected to these outputs.\n  ///\n  /// [InstanceArtifactIds]\n  exportedArtifactIds Json?\n\n  /// The snapshot of the instance model at the moment of last non-preview operation start.\n  ///\n  /// Null if the instance was never operated on.\n  ///\n  /// [InstanceModel]\n  model Json?\n\n  /// The snapshot of the resolved inputs at the moment of last non-preview operation start.\n  ///\n  /// Null if the instance was never operated on.\n  ///\n  /// [InstanceResolvedInputs]\n  resolvedInputs Json?\n\n  /// The count of Pulumi resources currently managed by this instance.\n  currentResourceCount Int?\n\n  /// The status fields produced by the last operation.\n  ///\n  /// [InstanceStatusFields]\n  statusFields Json?\n\n  /// The parent instance.\n  parent InstanceState? @relation("InstanceHierarchy", fields: [parentId], references: [id])\n\n  /// The child instances, if any.\n  children InstanceState[] @relation("InstanceHierarchy")\n\n  /// The evaluation state of this instance.\n  evaluationState InstanceEvaluationState?\n\n  /// The operation states associated with this instance.\n  operationStates InstanceOperationState[]\n\n  /// The secrets associated with this instance.\n  secrets Secret[]\n\n  /// The terminals associated with this instance.\n  terminals Terminal[]\n\n  /// The pages associated with this instance.\n  pages Page[]\n\n  /// The triggers associated with this instance.\n  triggers Trigger[]\n\n  /// Custom statuses for this instance.\n  customStatuses InstanceCustomStatus[]\n\n  /// The lock that is currently held on this instance.\n  lock InstanceLock?\n\n  /// Worker registrations associated with this instance.\n  workerRegistrations WorkerUnitRegistration[]\n\n  /// The artifacts produced or used by this instance.\n  artifacts Artifact[]\n\n  /// The operation logs associated with this instance.\n  operationLogs OperationLog[]\n\n  /// The user viewports associated with this instance.\n  userViewports UserCompositeViewport[]\n}\n\nmodel UserProjectViewport {\n  /// The opaque ID of the user to which this viewport belongs.\n  userId String @id\n\n  /// The viewport of the user project managed by the frontend.\n  ///\n  /// ![unknown]\n  viewport Json\n}\n\nmodel UserCompositeViewport {\n  /// The opaque ID of the user to which this viewport belongs.\n  userId String\n\n  /// The ID of the state of the composite instance to which this viewport belongs.\n  stateId String\n\n  /// The viewport of the user composite instance managed by the frontend.\n  ///\n  /// ![unknown]\n  viewport Json\n\n  /// The instance state to which this viewport belongs.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  @@id([userId, stateId])\n}\n\nmodel InstanceLock {\n  /// The ID of the instance state being locked.\n  stateId String @id\n\n  /// The metadata of the lock managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The CUIDv2 token to ensure ownership of the lock.\n  token String\n\n  /// The time when the lock was acquired.\n  acquiredAt DateTime @default(now())\n\n  /// The instance being locked.\n  state InstanceState @relation(fields: [stateId], references: [id])\n}\n\ndatasource db {\n  provider = "sqlite"\n  url      = env("HIGHSTATE_MIGRATION_DATABASE_URL")\n}\n\ngenerator client {\n  provider               = "prisma-client"\n  previewFeatures        = ["queryCompiler", "driverAdapters"]\n  output                 = "../../src/database/_generated/project"\n  moduleFormat           = "esm"\n  generatedFileExtension = "ts"\n  importFileExtension    = "ts"\n}\n\ngenerator json {\n  provider = "prisma-json-types-generator"\n}\n\n/// The container for project instances. \n///\n/// Only used when "database" project model storage is used.\nmodel InstanceModel {\n  /// The ID of the instance in the format of `{type}:{name}`.\n  id String @id\n\n  /// The model of the instance managed by the backend.\n  ///\n  /// [InstanceModel]\n  model Json\n\n  /// The time when the instance model was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the instance model was last updated.\n  updatedAt DateTime @updatedAt\n}\n\n/// The container for project hubs.\n///\n/// Only used when "database" project model storage is used.\nmodel HubModel {\n  /// The CUIDv2 of the hub.\n  id String @id\n\n  /// The model of the hub managed by the backend.\n  ///\n  /// [HubModel]\n  model Json\n\n  /// The time when the hub model was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the hub model was last updated.\n  updatedAt DateTime @updatedAt\n}\n\nenum OperationStatus {\n  // transient statuses\n  pending\n  running\n  failing\n\n  // stable statuses\n  completed\n  failed\n  cancelled\n}\n\nenum OperationType {\n  update\n  preview\n  destroy\n  recreate\n  refresh\n}\n\nenum InstanceOperationStatus {\n  // transient statuses\n  updating\n  processing_triggers\n  previewing\n  destroying\n  refreshing\n  pending\n  cancelling\n\n  // stable statuses\n  updated\n  skipped\n  destroyed\n  refreshed\n  cancelled\n  failed\n}\n\nmodel Operation {\n  /// The CUIDv2 of the operation.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the operation.\n  ///\n  /// [OperationMeta]\n  meta Json\n\n  /// The type of the operation.\n  type OperationType\n\n  /// The status of the operation.\n  status OperationStatus @default(pending)\n\n  /// The options of the operation.\n  ///\n  /// [OperationOptions]\n  options Json\n\n  /// The IDs of the instances that were exlicitly requested to operate on.\n  ///\n  /// [InstanceIds]\n  requestedInstanceIds Json\n\n  /// The execution phases of the operation.\n  ///\n  /// [OperationPhase[]]\n  phases Json?\n\n  /// The time when the operation started.\n  startedAt DateTime @default(now())\n\n  /// The time when the operation was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The time when the operation finished.\n  finishedAt DateTime?\n\n  /// The operation states associated with this operation.\n  operationStates InstanceOperationState[]\n\n  /// The logs of the operation.\n  logs OperationLog[]\n}\n\nmodel InstanceOperationState {\n  /// The ID of the operation this state belongs to.\n  operationId String\n\n  /// The ID of the instance state affected by the operation.\n  stateId String\n\n  /// The enum representing the current status of the instance from the operation perspective.\n  status InstanceOperationStatus\n\n  /// The current count of the Pulumi resources being managed by this instance.\n  currentResourceCount Int?\n\n  /// The total count of the Pulumi resources that this instance is expected to manage.\n  totalResourceCount Int?\n\n  /// The snapshot of the instance model at the moment of operation start.\n  ///\n  /// [InstanceModel]\n  model Json\n\n  /// The snapshot of the resolved inputs at the moment of operation start.\n  ///\n  /// [InstanceResolvedInputs]\n  resolvedInputs Json\n\n  /// The time when the operation on this instance started.\n  /// Not populated on create, even if the instance is ready to start immediately.\n  startedAt DateTime?\n\n  /// The time when the operation on this instance finished.\n  finishedAt DateTime?\n\n  /// The operation this state belongs to.\n  operation Operation @relation(fields: [operationId], references: [id])\n\n  /// The instance this state belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  @@id([operationId, stateId])\n}\n\nmodel OperationLog {\n  /// The ULID of the log. Also used to extract the timestamp.\n  id String @id\n\n  /// The ID of the operation this log belongs to.\n  operationId String\n\n  /// The ID of the instance state this log produced by.\n  /// Can be `null` if the log is not associated with any instance.\n  stateId String?\n\n  /// Whether this log is a system/runtime message (vs unit output).\n  isSystem Boolean @default(false)\n\n  /// The content of the log.\n  content String\n\n  /// The operation this log belongs to.\n  operation Operation @relation(fields: [operationId], references: [id])\n\n  /// The instance this log produced by.\n  /// Can be `null` if the log is not associated with any instance.\n  state InstanceState? @relation(fields: [stateId], references: [id])\n}\n\n/// The page provides custom UI content for instances and service accounts.\n///\n/// Pages can be created by units to display instance-specific information or by service accounts.\n/// The content consists of blocks that support markdown text, QR codes with optional content display,\n/// and file attachments (inline or artifact references). Instance pages are explicitly deleted\n/// when instances are destroyed.\nmodel Page {\n  /// The CUIDv2 of the page.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the page managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The ID of the instance state that owns this page.\n  stateId String?\n\n  /// The name of the page within the instance.\n  /// Will be null if the page is not owned by an instance.\n  name String?\n\n  /// The ID of the service account that owns this page.\n  serviceAccountId String?\n\n  /// The content of the page as an array of blocks.\n  ///\n  /// Supports markdown, QR codes, and file blocks.\n  ///\n  /// [PageContent]\n  content Json\n\n  /// The time when the page was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the page was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this page belongs to if any.\n  state InstanceState? @relation(fields: [stateId], references: [id])\n\n  /// The service account this page belongs to if any. \n  serviceAccount ServiceAccount? @relation(fields: [serviceAccountId], references: [id])\n\n  /// The artifacts used by this page.\n  artifacts Artifact[]\n\n  @@unique([stateId, name]) // the name is unique within the instance\n}\n\n/// The secret stores sensitive configuration values for instances, service accounts, and system components.\n///\n/// Secrets can be instance-owned (for unit configuration), service account-owned, or system-level\n/// (like Pulumi passwords). \n///\n/// Secrets persist through normal destroy (recreate) operations\n/// and are only deleted when explicitly forgetting instance state with the deleteSecrets flag or when manually deleted.\n///\n/// Secret updates invalidate instance input hashes via inputHashNonce, triggering re-execution\n/// during operations. But the content of the secrets itself do not contribute to the input hash.\n///\n/// System secrets like Pulumi passwords are created on-demand and persist for the whole project lifetime.\nmodel Secret {\n  /// The CUIDv2 of the secret.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the secret managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The ID of the state of the instance owning this secret.\n  stateId String?\n\n  /// The name of the secret within the instance.\n  ///\n  /// Will be null if the secret is not owned by an instance.\n  name String?\n\n  /// The name of the secret within the project if the secret is a system secret.\n  systemName String? @unique\n\n  /// The ID of the service account owning this secret.\n  serviceAccountId String?\n\n  /// The content of the secret.\n  ///\n  /// ![unknown]\n  content Json\n\n  /// The time when the secret was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the secret was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this secret belongs to.\n  state InstanceState? @relation(fields: [stateId], references: [id])\n\n  /// The service account this secret belongs to.\n  serviceAccount ServiceAccount? @relation(fields: [serviceAccountId], references: [id])\n\n  @@unique([stateId, name]) // the name must be unique within the instance\n}\n\n/// The service account represents an identity for non-human actors in the system.\n///\n/// Service accounts are automatically created for workers and can be manually created\n/// for external integrations. They define the access scope for resources like artifacts,\n/// secrets, terminals, and pages. Multiple API keys can impersonate the same service account,\n/// allowing different authentication tokens to share the same permissions.\nmodel ServiceAccount {\n  /// The CUIDv2 of the service account.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the service account managed by the backend.\n  ///\n  /// [ServiceAccountMeta]\n  meta Json\n\n  /// The time when the service account was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the service account was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The workers using this service account.\n  workers Worker[]\n\n  /// The artifacts used by this service account.\n  artifacts Artifact[]\n\n  /// The secrets owned by this service account.\n  secrets Secret[]\n\n  /// The terminals owned by this service account.\n  terminals Terminal[]\n\n  /// The pages owned by this service account.\n  pages Page[]\n\n  /// The instance custom statuses attached by this service account.\n  customStatuses InstanceCustomStatus[]\n\n  /// The API keys impersonating this service account.\n  apiKeys ApiKey[]\n}\n\n/// The terminal status indicates whether a terminal can accept new connections.\nenum TerminalStatus {\n  /// The terminal is currently active and can create new sessions.\n  active\n\n  /// The instance was destroyed and the terminal is no longer available, but here for historical purposes.\n  unavailable\n}\n\n/// The terminal provides interactive shell access to infrastructure resources.\n///\n/// Terminals can be created by units (owned by instances) or by service accounts.\n/// Each terminal maintains a specification for creating containers that power the terminal,\n/// including image, command, environment, and mounted files.\n///\n/// Instance-owned terminals are marked unavailable when the instance is destroyed, preserving session history.\n/// Service account terminals persist independently.\nmodel Terminal {\n  /// The CUIDv2 of the terminal.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the terminal managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The status of the terminal.\n  status TerminalStatus @default(active)\n\n  /// The specification for creating the container that powers this terminal.\n  ///\n  /// Includes image, command, working directory, environment variables, and files.\n  ///\n  /// [TerminalSpec]\n  spec Json\n\n  /// The ID of the instance state owning this terminal.\n  stateId String?\n\n  /// The name of the terminal within the instance.\n  ///\n  /// Will be null if the terminal is not owned by an instance.\n  name String?\n\n  /// The ID of the service account owning this terminal.\n  serviceAccountId String?\n\n  /// The time when the terminal was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the terminal was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this terminal belongs to.\n  state InstanceState? @relation(fields: [stateId], references: [id])\n\n  /// The service account this terminal belongs to.\n  serviceAccount ServiceAccount? @relation(fields: [serviceAccountId], references: [id])\n\n  /// The terminal sessions associated with this terminal.\n  sessions TerminalSession[]\n\n  /// The artifacts used by this terminal.\n  artifacts Artifact[]\n\n  @@unique([stateId, name]) // the name is unique within the instance\n}\n\n/// The terminal session represents a single interactive connection to a terminal.\n///\n/// Each session tracks when it started and finished. All session output is preserved in logs.\nmodel TerminalSession {\n  /// The CUIDv2 of the terminal session.\n  id String @id @default(cuid(2))\n\n  /// The ID of the terminal this session belongs to.\n  terminalId String\n\n  /// The time when the terminal session started.\n  startedAt DateTime @default(now())\n\n  /// The time when the terminal session finished.\n  finishedAt DateTime?\n\n  /// The terminal this session belongs to.\n  terminal Terminal @relation(fields: [terminalId], references: [id], onDelete: Cascade)\n\n  /// The logs of the terminal session.\n  logs TerminalSessionLog[]\n}\n\n/// The terminal session log captures all input and output from a terminal session.\n///\n/// Logs are stored with ULID identifiers for timestamp ordering.\nmodel TerminalSessionLog {\n  /// The ULID of the session log. Also used to extract the timestamp.\n  id String @id\n\n  /// The ID of the terminal session this log belongs to.\n  sessionId String\n\n  /// The content of the log.\n  content String\n\n  /// The terminal session this log belongs to.\n  session TerminalSession @relation(fields: [sessionId], references: [id], onDelete: Cascade)\n}\n\n/// The trigger defines automated actions that execute in response to specific events.\n///\n/// Triggers are created by units to perform actions at defined points in the instance lifecycle\n/// or on schedule. The spec field determines the trigger type and behavior - currently supporting\n/// before-destroy triggers, with planned support for additional types like cron scheduling.\n/// Triggers are deleted along with their instance.\nmodel Trigger {\n  /// The CUIDv2 of the trigger.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the trigger managed by the backend.\n  ///\n  /// [GlobalCommonObjectMeta]\n  meta Json\n\n  /// The ID of the instance state this trigger belongs to.\n  stateId String\n\n  /// The name of the trigger within the instance.\n  name String\n\n  /// The specification of the trigger describing its type and behavior.\n  ///\n  /// [TriggerSpec]\n  spec Json\n\n  /// The time when the trigger was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the trigger was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The instance this trigger belongs to.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  @@unique([stateId, name]) // the name is unique within the instance\n}\n\n/// The unlock method type determines how users authenticate to decrypt project databases.\nenum UnlockMethodType {\n  /// The password is used to unlock the project.\n  password\n\n  /// The passkey (via WebAuthn) is used to unlock the project.\n  passkey\n}\n\n/// The unlock method enables decryption of project databases through user authentication.\n///\n/// Each project database is encrypted with a master key, which is then encrypted for each\n/// unlock method\'s recipient using AGE encryption. Users authenticate (password or passkey)\n/// to decrypt their specific AGE identity, which then decrypts the master key.\n///\n/// Multiple unlock methods can exist per project, allowing different authentication paths\n/// to the same encrypted database. When unlock methods are added/removed, the master key\n/// is re-encrypted for the new set of recipients.\n///\n/// The encryptedIdentity contains the AGE identity encrypted with the user\'s authentication\n/// method (password-derived key or WebAuthn), while the recipient is the public key\n/// corresponding to that identity.\nmodel UnlockMethod {\n  /// The CUIDv2 of the unlock method.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the unlock method managed by the backend.\n  /// \n  /// [UnlockMethodMeta]\n  meta Json\n\n  /// The type of unlock method.\n  type UnlockMethodType\n\n  /// The AGE identity encrypted and armored also with AGE.\n  encryptedIdentity String\n\n  /// The AGE recipient for this unlock method.\n  recipient String @unique\n\n  /// The time when the unlock method was created.\n  createdAt DateTime @default(now())\n\n  /// The time when the unlock method was last updated.\n  updatedAt DateTime @updatedAt\n}\n\n/// The worker represents a containerized application that extends unit capabilities beyond Pulumi execution.\n///\n/// Workers enable units to perform runtime operations after Pulumi program completion,\n/// such as attaching custom statuses, monitoring resources, or triggering unit reconfigurations.\n/// Since Pulumi programs cannot affect instances after execution, workers bypass this limitation\n/// by providing persistent runtime behavior.\n///\n/// The worker identity (fully qualified image name) indicates the same publisher/party and services as natural authentication mechanism.\n/// All versions of a worker share the same service account, meaning they operate over\n/// the same resources and have the same access scope within the platform.\nmodel Worker {\n  /// The CUIDv2 of the worker.\n  id String @id @default(cuid(2))\n\n  /// The identity of the worker derived from the container image.\n  ///\n  /// This is the fully qualified image name without the tag or digest.\n  /// The format is `{<registry>/}[<namespace>/]<name>`.\n  ///\n  /// For example: `ghcr.io/highstate/worker` or `docker.io/library/ubuntu`.\n  identity String @unique\n\n  /// The ID of the service account this worker uses.\n  serviceAccountId String @unique\n\n  /// The time this worker first appeared in the system.\n  createdAt DateTime @default(now())\n\n  /// The service account impersonating this worker.\n  serviceAccount ServiceAccount @relation(fields: [serviceAccountId], references: [id])\n\n  /// The versions of this worker.\n  versions WorkerVersion[]\n}\n\nenum WorkerVersionStatus {\n  /// The status is unknown.\n  unknown\n\n  /// The worker is being started by one of the runtimes.\n  starting\n\n  /// The worker is running and serving registrations.\n  running\n\n  /// The worker is being stopping (after was starting/running and was disabled).\n  stopping\n\n  /// The worker is stopped and not serving registrations.\n  stopped\n\n  /// The worker failed to start/crashed more than the allowed number of times.\n  error\n}\n\n/// The worker version represents a specific container image digest of a worker.\n///\n/// Each version corresponds to an immutable container image identified by its SHA256 digest.\n/// Versions are automatically created when units reference new image digests and deleted\n/// when no longer referenced by any unit registrations.\n///\n/// Each version has its own API key for isolation, but all versions of a worker\n/// share the same service account and thus the same access scope within the platform.\n/// The runtime starts containers when registrations exist and stops them when removed.\nmodel WorkerVersion {\n  /// The CUIDv2 of the worker version.\n  id String @id @default(cuid(2))\n\n  /// The metadata of the worker version managed by the backend.\n  ///\n  /// [CommonObjectMeta]\n  meta Json\n\n  /// The current status of the worker version reported by the runtime.\n  status WorkerVersionStatus @default(unknown)\n\n  /// Whether this worker version is enabled and will be launched when project is unclocked.\n  enabled Boolean @default(true)\n\n  /// The ID of the runtime where this worker version currently runs.\n  runtimeId String?\n\n  /// The ID of the worker this version belongs to.\n  workerId String\n\n  /// The digest of the worker version used to identify it.\n  /// The format is raw SHA256 digest without the `sha256:` prefix in lowercase hex.\n  digest String @unique\n\n  /// The ID of the API key this worker version uses.\n  apiKeyId String @unique\n\n  /// The time this worker version was created.\n  createdAt DateTime @default(now())\n\n  /// The time this worker version was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The worker this version belongs to.\n  worker Worker @relation(fields: [workerId], references: [id])\n\n  /// The API key this worker version uses.\n  apiKey ApiKey @relation(fields: [apiKeyId], references: [id])\n\n  /// The unit registrations for this worker version.\n  unitRegistrations WorkerUnitRegistration[]\n\n  /// The logs produced by this worker version.\n  logs WorkerVersionLog[]\n}\n\n/// The worker unit registration tracks which unit instances require specific worker versions.\n///\n/// Units declare worker dependencies through their outputs, creating registrations that\n/// trigger the runtime to start corresponding worker containers. Each registration\n/// includes parameters passed to the worker for unit-specific configuration.\n///\n/// Registrations are managed during operation execution - created when units declare workers\n/// and removed when units are destroyed. Worker versions without registrations are garbage collected.\nmodel WorkerUnitRegistration {\n  /// The ID of the state of the unit instance requesting the registration.\n  stateId String\n\n  /// The name of the worker within the instance.\n  name String\n\n  /// The parameters of the registration passed by the unit.\n  ///\n  /// [WorkerUnitRegistrationParams]\n  params Json\n\n  /// The ID of the worker version this registration currently uses.\n  workerVersionId String\n\n  /// The time this registration was created.\n  createdAt DateTime @default(now())\n\n  /// The time this registration was last updated.\n  updatedAt DateTime @updatedAt\n\n  /// The unit instance requesting the registration.\n  state InstanceState @relation(fields: [stateId], references: [id])\n\n  /// The worker version this registration currently uses.\n  workerVersion WorkerVersion @relation(fields: [workerVersionId], references: [id])\n\n  @@id([stateId, name]) // the registration is identified by the instance and name\n}\n\n/// The worker version log captures output from running worker containers.\n///\n/// Logs include both worker-generated output and system messages from the runtime.\n/// The ULID identifier provides timestamp ordering. Logs are deleted with the worker version.\nmodel WorkerVersionLog {\n  /// The ULID of the worker log. Also used to extract the timestamp.\n  id String @id @default(ulid())\n\n  /// The ID of the worker version that produced this log.\n  workerVersionId String\n\n  /// The log content.\n  content String\n\n  /// Whether this log is a system/runtime message (vs worker output).\n  isSystem Boolean @default(false)\n\n  /// The worker version that produced this log.\n  workerVersion WorkerVersion @relation(fields: [workerVersionId], references: [id], onDelete: Cascade)\n}\n',
+  "inlineSchemaHash": "2f2d2f1d9d315d96cd45552d603253449153e87ea24beb37eb23c907adc6e73d",
   "copyEngine": true,
   "runtimeDataModel": {
     "models": {},
@@ -982,7 +1121,7 @@ var config3 = {
   },
   "dirname": ""
 };
-config3.runtimeDataModel = JSON.parse('{"models":{"ApiKey":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"token","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"worker","kind":"object","type":"WorkerVersion","relationName":"ApiKeyToWorkerVersion"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"ApiKeyToServiceAccount"}],"dbName":null},"Artifact":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"hash","kind":"scalar","type":"String"},{"name":"size","kind":"scalar","type":"Int"},{"name":"chunkSize","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"serviceAccounts","kind":"object","type":"ServiceAccount","relationName":"ArtifactToServiceAccount"},{"name":"instances","kind":"object","type":"InstanceState","relationName":"ArtifactToInstanceState"},{"name":"terminals","kind":"object","type":"Terminal","relationName":"ArtifactToTerminal"},{"name":"pages","kind":"object","type":"Page","relationName":"ArtifactToPage"}],"dbName":null},"InstanceCustomStatus":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"value","kind":"scalar","type":"String"},{"name":"message","kind":"scalar","type":"String"},{"name":"order","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceCustomStatusToInstanceState"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"InstanceCustomStatusToServiceAccount"}],"dbName":null},"InstanceEvaluationState":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"status","kind":"enum","type":"InstanceEvaluationStatus"},{"name":"message","kind":"scalar","type":"String"},{"name":"model","kind":"scalar","type":"Json"},{"name":"evaluatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceEvaluationStateToInstanceState"}],"dbName":null},"InstanceState":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"instanceId","kind":"scalar","type":"String"},{"name":"status","kind":"enum","type":"InstanceStatus"},{"name":"source","kind":"enum","type":"InstanceSource"},{"name":"kind","kind":"scalar","type":"String"},{"name":"parentId","kind":"scalar","type":"String"},{"name":"inputHashNonce","kind":"scalar","type":"Int"},{"name":"inputHash","kind":"scalar","type":"Int"},{"name":"outputHash","kind":"scalar","type":"Int"},{"name":"dependencyOutputHash","kind":"scalar","type":"Int"},{"name":"exportedArtifactIds","kind":"scalar","type":"Json"},{"name":"model","kind":"scalar","type":"Json"},{"name":"resolvedInputs","kind":"scalar","type":"Json"},{"name":"currentResourceCount","kind":"scalar","type":"Int"},{"name":"statusFields","kind":"scalar","type":"Json"},{"name":"parent","kind":"object","type":"InstanceState","relationName":"InstanceHierarchy"},{"name":"children","kind":"object","type":"InstanceState","relationName":"InstanceHierarchy"},{"name":"evaluationState","kind":"object","type":"InstanceEvaluationState","relationName":"InstanceEvaluationStateToInstanceState"},{"name":"operationStates","kind":"object","type":"InstanceOperationState","relationName":"InstanceOperationStateToInstanceState"},{"name":"secrets","kind":"object","type":"Secret","relationName":"InstanceStateToSecret"},{"name":"terminals","kind":"object","type":"Terminal","relationName":"InstanceStateToTerminal"},{"name":"pages","kind":"object","type":"Page","relationName":"InstanceStateToPage"},{"name":"triggers","kind":"object","type":"Trigger","relationName":"InstanceStateToTrigger"},{"name":"customStatuses","kind":"object","type":"InstanceCustomStatus","relationName":"InstanceCustomStatusToInstanceState"},{"name":"lock","kind":"object","type":"InstanceLock","relationName":"InstanceLockToInstanceState"},{"name":"workerRegistrations","kind":"object","type":"WorkerUnitRegistration","relationName":"InstanceStateToWorkerUnitRegistration"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToInstanceState"},{"name":"operationLogs","kind":"object","type":"OperationLog","relationName":"InstanceStateToOperationLog"},{"name":"userViewports","kind":"object","type":"UserCompositeViewport","relationName":"InstanceStateToUserCompositeViewport"}],"dbName":null},"UserProjectViewport":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"viewport","kind":"scalar","type":"Json"}],"dbName":null},"UserCompositeViewport":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"viewport","kind":"scalar","type":"Json"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToUserCompositeViewport"}],"dbName":null},"InstanceLock":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"token","kind":"scalar","type":"String"},{"name":"acquiredAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceLockToInstanceState"}],"dbName":null},"InstanceModel":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"model","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null},"HubModel":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"model","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null},"Operation":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"type","kind":"enum","type":"OperationType"},{"name":"status","kind":"enum","type":"OperationStatus"},{"name":"options","kind":"scalar","type":"Json"},{"name":"requestedInstanceIds","kind":"scalar","type":"Json"},{"name":"phases","kind":"scalar","type":"Json"},{"name":"startedAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"finishedAt","kind":"scalar","type":"DateTime"},{"name":"operationStates","kind":"object","type":"InstanceOperationState","relationName":"InstanceOperationStateToOperation"},{"name":"logs","kind":"object","type":"OperationLog","relationName":"OperationToOperationLog"}],"dbName":null},"InstanceOperationState":{"fields":[{"name":"operationId","kind":"scalar","type":"String"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"status","kind":"enum","type":"InstanceOperationStatus"},{"name":"currentResourceCount","kind":"scalar","type":"Int"},{"name":"totalResourceCount","kind":"scalar","type":"Int"},{"name":"model","kind":"scalar","type":"Json"},{"name":"resolvedInputs","kind":"scalar","type":"Json"},{"name":"startedAt","kind":"scalar","type":"DateTime"},{"name":"finishedAt","kind":"scalar","type":"DateTime"},{"name":"operation","kind":"object","type":"Operation","relationName":"InstanceOperationStateToOperation"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceOperationStateToInstanceState"}],"dbName":null},"OperationLog":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"operationId","kind":"scalar","type":"String"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"String"},{"name":"operation","kind":"object","type":"Operation","relationName":"OperationToOperationLog"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToOperationLog"}],"dbName":null},"Page":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToPage"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"PageToServiceAccount"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToPage"}],"dbName":null},"Secret":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"systemName","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToSecret"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"SecretToServiceAccount"}],"dbName":null},"ServiceAccount":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"workers","kind":"object","type":"Worker","relationName":"ServiceAccountToWorker"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToServiceAccount"},{"name":"secrets","kind":"object","type":"Secret","relationName":"SecretToServiceAccount"},{"name":"terminals","kind":"object","type":"Terminal","relationName":"ServiceAccountToTerminal"},{"name":"pages","kind":"object","type":"Page","relationName":"PageToServiceAccount"},{"name":"customStatuses","kind":"object","type":"InstanceCustomStatus","relationName":"InstanceCustomStatusToServiceAccount"},{"name":"apiKeys","kind":"object","type":"ApiKey","relationName":"ApiKeyToServiceAccount"}],"dbName":null},"Terminal":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"status","kind":"enum","type":"TerminalStatus"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToTerminal"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"ServiceAccountToTerminal"},{"name":"sessions","kind":"object","type":"TerminalSession","relationName":"TerminalToTerminalSession"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToTerminal"}],"dbName":null},"TerminalSession":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"terminalId","kind":"scalar","type":"String"},{"name":"startedAt","kind":"scalar","type":"DateTime"},{"name":"finishedAt","kind":"scalar","type":"DateTime"},{"name":"terminal","kind":"object","type":"Terminal","relationName":"TerminalToTerminalSession"},{"name":"logs","kind":"object","type":"TerminalSessionLog","relationName":"TerminalSessionToTerminalSessionLog"}],"dbName":null},"TerminalSessionLog":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"sessionId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"String"},{"name":"session","kind":"object","type":"TerminalSession","relationName":"TerminalSessionToTerminalSessionLog"}],"dbName":null},"Trigger":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToTrigger"}],"dbName":null},"UnlockMethod":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"type","kind":"enum","type":"UnlockMethodType"},{"name":"encryptedIdentity","kind":"scalar","type":"String"},{"name":"recipient","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null},"Worker":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"identity","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"ServiceAccountToWorker"},{"name":"versions","kind":"object","type":"WorkerVersion","relationName":"WorkerToWorkerVersion"}],"dbName":null},"WorkerVersion":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"status","kind":"enum","type":"WorkerVersionStatus"},{"name":"enabled","kind":"scalar","type":"Boolean"},{"name":"runtimeId","kind":"scalar","type":"String"},{"name":"workerId","kind":"scalar","type":"String"},{"name":"digest","kind":"scalar","type":"String"},{"name":"apiKeyId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"worker","kind":"object","type":"Worker","relationName":"WorkerToWorkerVersion"},{"name":"apiKey","kind":"object","type":"ApiKey","relationName":"ApiKeyToWorkerVersion"},{"name":"unitRegistrations","kind":"object","type":"WorkerUnitRegistration","relationName":"WorkerUnitRegistrationToWorkerVersion"},{"name":"logs","kind":"object","type":"WorkerVersionLog","relationName":"WorkerVersionToWorkerVersionLog"}],"dbName":null},"WorkerUnitRegistration":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"params","kind":"scalar","type":"Json"},{"name":"workerVersionId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToWorkerUnitRegistration"},{"name":"workerVersion","kind":"object","type":"WorkerVersion","relationName":"WorkerUnitRegistrationToWorkerVersion"}],"dbName":null},"WorkerVersionLog":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"workerVersionId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"String"},{"name":"isSystem","kind":"scalar","type":"Boolean"},{"name":"workerVersion","kind":"object","type":"WorkerVersion","relationName":"WorkerVersionToWorkerVersionLog"}],"dbName":null}},"enums":{},"types":{}}');
+config3.runtimeDataModel = JSON.parse('{"models":{"ApiKey":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"token","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"worker","kind":"object","type":"WorkerVersion","relationName":"ApiKeyToWorkerVersion"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"ApiKeyToServiceAccount"}],"dbName":null},"Artifact":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"hash","kind":"scalar","type":"String"},{"name":"size","kind":"scalar","type":"Int"},{"name":"chunkSize","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"serviceAccounts","kind":"object","type":"ServiceAccount","relationName":"ArtifactToServiceAccount"},{"name":"instances","kind":"object","type":"InstanceState","relationName":"ArtifactToInstanceState"},{"name":"terminals","kind":"object","type":"Terminal","relationName":"ArtifactToTerminal"},{"name":"pages","kind":"object","type":"Page","relationName":"ArtifactToPage"}],"dbName":null},"InstanceCustomStatus":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"value","kind":"scalar","type":"String"},{"name":"message","kind":"scalar","type":"String"},{"name":"order","kind":"scalar","type":"Int"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceCustomStatusToInstanceState"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"InstanceCustomStatusToServiceAccount"}],"dbName":null},"InstanceEvaluationState":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"status","kind":"enum","type":"InstanceEvaluationStatus"},{"name":"message","kind":"scalar","type":"String"},{"name":"model","kind":"scalar","type":"Json"},{"name":"evaluatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceEvaluationStateToInstanceState"}],"dbName":null},"InstanceState":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"instanceId","kind":"scalar","type":"String"},{"name":"status","kind":"enum","type":"InstanceStatus"},{"name":"source","kind":"enum","type":"InstanceSource"},{"name":"kind","kind":"scalar","type":"String"},{"name":"parentId","kind":"scalar","type":"String"},{"name":"inputHashNonce","kind":"scalar","type":"Int"},{"name":"inputHash","kind":"scalar","type":"Int"},{"name":"outputHash","kind":"scalar","type":"Int"},{"name":"dependencyOutputHash","kind":"scalar","type":"Int"},{"name":"exportedArtifactIds","kind":"scalar","type":"Json"},{"name":"model","kind":"scalar","type":"Json"},{"name":"resolvedInputs","kind":"scalar","type":"Json"},{"name":"currentResourceCount","kind":"scalar","type":"Int"},{"name":"statusFields","kind":"scalar","type":"Json"},{"name":"parent","kind":"object","type":"InstanceState","relationName":"InstanceHierarchy"},{"name":"children","kind":"object","type":"InstanceState","relationName":"InstanceHierarchy"},{"name":"evaluationState","kind":"object","type":"InstanceEvaluationState","relationName":"InstanceEvaluationStateToInstanceState"},{"name":"operationStates","kind":"object","type":"InstanceOperationState","relationName":"InstanceOperationStateToInstanceState"},{"name":"secrets","kind":"object","type":"Secret","relationName":"InstanceStateToSecret"},{"name":"terminals","kind":"object","type":"Terminal","relationName":"InstanceStateToTerminal"},{"name":"pages","kind":"object","type":"Page","relationName":"InstanceStateToPage"},{"name":"triggers","kind":"object","type":"Trigger","relationName":"InstanceStateToTrigger"},{"name":"customStatuses","kind":"object","type":"InstanceCustomStatus","relationName":"InstanceCustomStatusToInstanceState"},{"name":"lock","kind":"object","type":"InstanceLock","relationName":"InstanceLockToInstanceState"},{"name":"workerRegistrations","kind":"object","type":"WorkerUnitRegistration","relationName":"InstanceStateToWorkerUnitRegistration"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToInstanceState"},{"name":"operationLogs","kind":"object","type":"OperationLog","relationName":"InstanceStateToOperationLog"},{"name":"userViewports","kind":"object","type":"UserCompositeViewport","relationName":"InstanceStateToUserCompositeViewport"}],"dbName":null},"UserProjectViewport":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"viewport","kind":"scalar","type":"Json"}],"dbName":null},"UserCompositeViewport":{"fields":[{"name":"userId","kind":"scalar","type":"String"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"viewport","kind":"scalar","type":"Json"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToUserCompositeViewport"}],"dbName":null},"InstanceLock":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"token","kind":"scalar","type":"String"},{"name":"acquiredAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceLockToInstanceState"}],"dbName":null},"InstanceModel":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"model","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null},"HubModel":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"model","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null},"Operation":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"type","kind":"enum","type":"OperationType"},{"name":"status","kind":"enum","type":"OperationStatus"},{"name":"options","kind":"scalar","type":"Json"},{"name":"requestedInstanceIds","kind":"scalar","type":"Json"},{"name":"phases","kind":"scalar","type":"Json"},{"name":"startedAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"finishedAt","kind":"scalar","type":"DateTime"},{"name":"operationStates","kind":"object","type":"InstanceOperationState","relationName":"InstanceOperationStateToOperation"},{"name":"logs","kind":"object","type":"OperationLog","relationName":"OperationToOperationLog"}],"dbName":null},"InstanceOperationState":{"fields":[{"name":"operationId","kind":"scalar","type":"String"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"status","kind":"enum","type":"InstanceOperationStatus"},{"name":"currentResourceCount","kind":"scalar","type":"Int"},{"name":"totalResourceCount","kind":"scalar","type":"Int"},{"name":"model","kind":"scalar","type":"Json"},{"name":"resolvedInputs","kind":"scalar","type":"Json"},{"name":"startedAt","kind":"scalar","type":"DateTime"},{"name":"finishedAt","kind":"scalar","type":"DateTime"},{"name":"operation","kind":"object","type":"Operation","relationName":"InstanceOperationStateToOperation"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceOperationStateToInstanceState"}],"dbName":null},"OperationLog":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"operationId","kind":"scalar","type":"String"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"isSystem","kind":"scalar","type":"Boolean"},{"name":"content","kind":"scalar","type":"String"},{"name":"operation","kind":"object","type":"Operation","relationName":"OperationToOperationLog"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToOperationLog"}],"dbName":null},"Page":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToPage"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"PageToServiceAccount"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToPage"}],"dbName":null},"Secret":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"systemName","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToSecret"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"SecretToServiceAccount"}],"dbName":null},"ServiceAccount":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"workers","kind":"object","type":"Worker","relationName":"ServiceAccountToWorker"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToServiceAccount"},{"name":"secrets","kind":"object","type":"Secret","relationName":"SecretToServiceAccount"},{"name":"terminals","kind":"object","type":"Terminal","relationName":"ServiceAccountToTerminal"},{"name":"pages","kind":"object","type":"Page","relationName":"PageToServiceAccount"},{"name":"customStatuses","kind":"object","type":"InstanceCustomStatus","relationName":"InstanceCustomStatusToServiceAccount"},{"name":"apiKeys","kind":"object","type":"ApiKey","relationName":"ApiKeyToServiceAccount"}],"dbName":null},"Terminal":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"status","kind":"enum","type":"TerminalStatus"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToTerminal"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"ServiceAccountToTerminal"},{"name":"sessions","kind":"object","type":"TerminalSession","relationName":"TerminalToTerminalSession"},{"name":"artifacts","kind":"object","type":"Artifact","relationName":"ArtifactToTerminal"}],"dbName":null},"TerminalSession":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"terminalId","kind":"scalar","type":"String"},{"name":"startedAt","kind":"scalar","type":"DateTime"},{"name":"finishedAt","kind":"scalar","type":"DateTime"},{"name":"terminal","kind":"object","type":"Terminal","relationName":"TerminalToTerminalSession"},{"name":"logs","kind":"object","type":"TerminalSessionLog","relationName":"TerminalSessionToTerminalSessionLog"}],"dbName":null},"TerminalSessionLog":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"sessionId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"String"},{"name":"session","kind":"object","type":"TerminalSession","relationName":"TerminalSessionToTerminalSessionLog"}],"dbName":null},"Trigger":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"spec","kind":"scalar","type":"Json"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToTrigger"}],"dbName":null},"UnlockMethod":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"type","kind":"enum","type":"UnlockMethodType"},{"name":"encryptedIdentity","kind":"scalar","type":"String"},{"name":"recipient","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"}],"dbName":null},"Worker":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"identity","kind":"scalar","type":"String"},{"name":"serviceAccountId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"serviceAccount","kind":"object","type":"ServiceAccount","relationName":"ServiceAccountToWorker"},{"name":"versions","kind":"object","type":"WorkerVersion","relationName":"WorkerToWorkerVersion"}],"dbName":null},"WorkerVersion":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"meta","kind":"scalar","type":"Json"},{"name":"status","kind":"enum","type":"WorkerVersionStatus"},{"name":"enabled","kind":"scalar","type":"Boolean"},{"name":"runtimeId","kind":"scalar","type":"String"},{"name":"workerId","kind":"scalar","type":"String"},{"name":"digest","kind":"scalar","type":"String"},{"name":"apiKeyId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"worker","kind":"object","type":"Worker","relationName":"WorkerToWorkerVersion"},{"name":"apiKey","kind":"object","type":"ApiKey","relationName":"ApiKeyToWorkerVersion"},{"name":"unitRegistrations","kind":"object","type":"WorkerUnitRegistration","relationName":"WorkerUnitRegistrationToWorkerVersion"},{"name":"logs","kind":"object","type":"WorkerVersionLog","relationName":"WorkerVersionToWorkerVersionLog"}],"dbName":null},"WorkerUnitRegistration":{"fields":[{"name":"stateId","kind":"scalar","type":"String"},{"name":"name","kind":"scalar","type":"String"},{"name":"params","kind":"scalar","type":"Json"},{"name":"workerVersionId","kind":"scalar","type":"String"},{"name":"createdAt","kind":"scalar","type":"DateTime"},{"name":"updatedAt","kind":"scalar","type":"DateTime"},{"name":"state","kind":"object","type":"InstanceState","relationName":"InstanceStateToWorkerUnitRegistration"},{"name":"workerVersion","kind":"object","type":"WorkerVersion","relationName":"WorkerUnitRegistrationToWorkerVersion"}],"dbName":null},"WorkerVersionLog":{"fields":[{"name":"id","kind":"scalar","type":"String"},{"name":"workerVersionId","kind":"scalar","type":"String"},{"name":"content","kind":"scalar","type":"String"},{"name":"isSystem","kind":"scalar","type":"Boolean"},{"name":"workerVersion","kind":"object","type":"WorkerVersion","relationName":"WorkerVersionToWorkerVersionLog"}],"dbName":null}},"enums":{},"types":{}}');
 config3.engineWasm = void 0;
 async function decodeBase64AsWasm3(wasmBase64) {
   const { Buffer: Buffer2 } = await import('node:buffer');
@@ -1045,13 +1184,16 @@ var databaseManagerConfig = z3.object({
   HIGHSTATE_ENCRYPTION_ENABLED: z3.stringbool().default(true)
 });
 var DatabaseManagerImpl = class {
-  constructor(backend, projectUnlockBackend, projectDatabaseBackend, config4, logger) {
-    this.backend = backend;
+  constructor(backendBackend, projectUnlockBackend, projectDatabaseBackend, config4, logger) {
+    this.backendBackend = backendBackend;
     this.projectUnlockBackend = projectUnlockBackend;
     this.projectDatabaseBackend = projectDatabaseBackend;
     this.config = config4;
     this.logger = logger;
   }
+  get backend() {
+    return this.backendBackend.database;
+  }
   // store the master keys in memory cache for 30 seconds
   projectMasterKeys = new LRUCache({
     ttl: 3e4,
@@ -1062,6 +1204,17 @@ var DatabaseManagerImpl = class {
   get isEncryptionEnabled() {
     return this.config.HIGHSTATE_ENCRYPTION_ENABLED;
   }
+  /**
+   * Delegates backend master-key rotation to the active backend database backend.
+   *
+   * @param recipients AGE recipients that must retain access to the backend master key.
+   */
+  async updateBackendUnlockRecipients(recipients) {
+    if (!this.backendBackend.isEncryptionEnabled) {
+      return;
+    }
+    await this.backendBackend.reencryptMasterKey(recipients);
+  }
   async getProjectMasterKey(projectId) {
     if (!this.isEncryptionEnabled) {
       return void 0;
@@ -1144,10 +1297,10 @@ var databaseConfig = z.object({
   ...localBackendDatabaseConfig.shape,
   ...databaseManagerConfig.shape
 });
-function createBackendDatabase(config4, logger) {
+function createBackendDatabaseBackend(config4, logger) {
   switch (config4.HIGHSTATE_BACKEND_DATABASE_TYPE) {
     case "local":
-      return createLocalBackendDatabase(config4, logger);
+      return createLocalBackendDatabaseBackend(config4, logger);
   }
 }
 function createProjectDatabaseBackend(config4, logger) {
@@ -6089,9 +6242,6 @@ var OperationContext = class _OperationContext {
 
 // src/orchestrator/operation-plan.ts
 function createOperationPlan(context, type, requestedInstanceIds, options) {
-  if (type === "preview") {
-    validatePreviewRestrictions(context, requestedInstanceIds);
-  }
   const workState = {
     included: /* @__PURE__ */ new Map(),
     compositeTypes: /* @__PURE__ */ new Map(),
@@ -6128,16 +6278,6 @@ function createOperationPlan(context, type, requestedInstanceIds, options) {
   }
   return createOrderedPhases(workState, context, type, options);
 }
-function validatePreviewRestrictions(context, requestedInstanceIds) {
-  for (const instanceId of requestedInstanceIds) {
-    const dependents = context.getDependentStates(instanceId);
-    if (dependents.length > 0) {
-      throw new Error(
-        `Preview operation not allowed for instance ${instanceId} - has dependent instances`
-      );
-    }
-  }
-}
 function processInstance(instanceId, workState, context, options, operationType) {
   const instance = context.getInstance(instanceId);
   updateCompositeClassification(instance, workState, context);
@@ -7241,7 +7381,10 @@ ${errors.join("\n")}`
   }
   async handleUnitError(update, state) {
     await this.workset.updateState(update.unitId, {
-      instanceState: {
+      instanceState: this.operation.type === "preview" ? (
+        // do not change instance status in preview mode
+        void 0
+      ) : {
         // keep "deployed" status for initially deployed instances even if the operation was failed or cancelled
         status: state.status === "deployed" ? "deployed" : "failed"
       },
@@ -7252,6 +7395,15 @@ ${errors.join("\n")}`
     });
   }
   async handleUnitCompletion(update, state) {
+    if (this.operation.type === "preview") {
+      await this.workset.updateState(update.unitId, {
+        operationState: {
+          status: this.workset.getStableStatusByOperationPhase(),
+          finishedAt: /* @__PURE__ */ new Date()
+        }
+      });
+      return;
+    }
     const instance = this.context.getInstance(update.unitId);
     const data = {
       status: this.workset.getNextStableInstanceStatus(instance.id),
@@ -7274,6 +7426,8 @@ ${errors.join("\n")}`
       data.dependencyOutputHash = null;
       data.outputHash = null;
       data.parentId = null;
+      data.model = null;
+      data.resolvedInputs = null;
     }
     await this.workset.updateState(instance.id, {
       // TODO: honestly, it is not correct
@@ -8566,6 +8720,7 @@ async function createServices({
     artifactBackend,
     artifactService,
     // business services
+    backendUnlockService,
     instanceLockService,
     projectUnlockService,
     operationService,
@@ -8584,10 +8739,10 @@ async function createServices({
   config4 ??= await loadConfig();
   logger ??= pino({ level: config4.HIGHSTATE_LOG_LEVEL, errorKey: "error" });
   projectUnlockBackend ??= new MemoryProjectUnlockBackend();
-  const backendDatabase = await createBackendDatabase(config4, logger);
+  const backendDatabaseBackend = await createBackendDatabaseBackend(config4, logger);
   const projectDatabaseBackend = await createProjectDatabaseBackend(config4, logger);
   database ??= new DatabaseManagerImpl(
-    backendDatabase,
+    backendDatabaseBackend,
     projectUnlockBackend,
     projectDatabaseBackend,
     config4,
@@ -8600,6 +8755,10 @@ async function createServices({
   libraryBackend ??= await createLibraryBackend(config4, logger);
   artifactBackend ??= await createArtifactBackend(config4, database, logger);
   artifactService ??= new ArtifactService(database, artifactBackend, logger);
+  backendUnlockService ??= new BackendUnlockService(
+    database,
+    logger.child({ service: "BackendUnlockService" })
+  );
   secretService ??= new SecretService(
     database,
     pubsubManager,
@@ -8733,6 +8892,7 @@ async function createServices({
     artifactBackend,
     artifactService,
     // business services
+    backendUnlockService,
     instanceLockService,
     projectUnlockService,
     operationService,
@@ -8782,6 +8942,6 @@ async function disposeServices(services) {
   await Promise.all(promises);
 }
 
-export { ApiKeyService, ArtifactService, PrismaClient2 as BackendDatabase, DatabaseManagerImpl, DbNull3 as DbNull, InstanceLockService, InstanceStateService, OperationManager, OperationService, PrismaClient3 as ProjectDatabase, ProjectModelService, ProjectService, ProjectUnlockService, SecretService, SettingsService, TerminalManager, TerminalSessionService, UnitExtraService, WorkerService, artifactChunkSize, backendDatabaseVersion, createBackendDatabase, createLibraryBackend, createProjectDatabaseBackend, createServices, createTerminalBackend, databaseConfig, databaseManagerConfig, disposeServices, ensureWellKnownEntitiesCreated, getOrCreateBackendIdentity, getSharedServices, includeForInstanceState, libraryBackendConfig, loadConfig, mapInstanceStateResult, projectDatabaseVersion, projectUnlockServiceConfig, terminalBackendConfig };
+export { ApiKeyService, ArtifactService, PrismaClient2 as BackendDatabase, BackendUnlockService, DatabaseManagerImpl, DbNull3 as DbNull, InstanceLockService, InstanceStateService, OperationManager, OperationService, PrismaClient3 as ProjectDatabase, ProjectModelService, ProjectService, ProjectUnlockService, SecretService, SettingsService, TerminalManager, TerminalSessionService, UnitExtraService, WorkerService, artifactChunkSize, backendDatabaseVersion, createBackendDatabaseBackend, createLibraryBackend, createProjectDatabaseBackend, createServices, createTerminalBackend, databaseConfig, databaseManagerConfig, disposeServices, ensureWellKnownEntitiesCreated, getOrCreateBackendIdentity, getSharedServices, includeForInstanceState, libraryBackendConfig, loadConfig, mapInstanceStateResult, projectDatabaseVersion, projectUnlockServiceConfig, terminalBackendConfig };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map