@lucern/contracts 0.3.0-alpha.1 → 0.3.0-alpha.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/dist/api-enums.contract.d.ts +5 -3
- package/dist/api-enums.contract.js +14 -12
- package/dist/api-enums.contract.js.map +1 -1
- package/dist/component-boundary.contract.d.ts +14 -0
- package/dist/component-boundary.contract.js +174 -0
- package/dist/component-boundary.contract.js.map +1 -0
- package/dist/component-host-boundary.contract.d.ts +46 -0
- package/dist/component-host-boundary.contract.js +60 -0
- package/dist/component-host-boundary.contract.js.map +1 -0
- package/dist/context-pack.contract.d.ts +5 -3
- package/dist/context-pack.contract.js.map +1 -1
- package/dist/{defineTable-CBQ03FXl.d.ts → defineTable-t1wr5wgn.d.ts} +1 -1
- package/dist/{dsl-BgpoVOVQ.d.ts → dsl-DVPthQGY.d.ts} +2 -2
- package/dist/dsl.d.ts +2 -2
- package/dist/dsl.js +1 -4
- package/dist/dsl.js.map +1 -1
- package/dist/edge-policy-manifest-Dw5IhT1L.d.ts +133 -0
- package/dist/function-registry/beliefs.d.ts +54 -41
- package/dist/function-registry/beliefs.js +759 -38
- package/dist/function-registry/beliefs.js.map +1 -1
- package/dist/function-registry/coding.d.ts +9 -0
- package/dist/function-registry/coding.js +811 -39
- package/dist/function-registry/coding.js.map +1 -1
- package/dist/function-registry/context.d.ts +19 -13
- package/dist/function-registry/context.js +750 -42
- package/dist/function-registry/context.js.map +1 -1
- package/dist/function-registry/contracts.d.ts +6 -0
- package/dist/function-registry/contracts.js +715 -35
- package/dist/function-registry/contracts.js.map +1 -1
- package/dist/function-registry/coordination.d.ts +12 -0
- package/dist/function-registry/coordination.js +715 -35
- package/dist/function-registry/coordination.js.map +1 -1
- package/dist/function-registry/edges.d.ts +165 -0
- package/dist/function-registry/edges.js +923 -67
- package/dist/function-registry/edges.js.map +1 -1
- package/dist/function-registry/evidence.d.ts +44 -33
- package/dist/function-registry/evidence.js +769 -47
- package/dist/function-registry/evidence.js.map +1 -1
- package/dist/function-registry/graph.d.ts +149 -53
- package/dist/function-registry/graph.js +831 -42
- package/dist/function-registry/graph.js.map +1 -1
- package/dist/function-registry/helpers.d.ts +6 -3
- package/dist/function-registry/helpers.js +716 -36
- package/dist/function-registry/helpers.js.map +1 -1
- package/dist/function-registry/identity.d.ts +6 -0
- package/dist/function-registry/identity.js +715 -35
- package/dist/function-registry/identity.js.map +1 -1
- package/dist/function-registry/index.d.ts +5 -3
- package/dist/function-registry/index.js +722 -39
- package/dist/function-registry/index.js.map +1 -1
- package/dist/function-registry/judgments.d.ts +14 -9
- package/dist/function-registry/judgments.js +727 -38
- package/dist/function-registry/judgments.js.map +1 -1
- package/dist/function-registry/legacy.d.ts +4 -0
- package/dist/function-registry/legacy.js +715 -35
- package/dist/function-registry/legacy.js.map +1 -1
- package/dist/function-registry/lenses.d.ts +24 -17
- package/dist/function-registry/lenses.js +738 -38
- package/dist/function-registry/lenses.js.map +1 -1
- package/dist/function-registry/manifest.d.ts +6 -6
- package/dist/function-registry/manifest.js +18 -2
- package/dist/function-registry/manifest.js.map +1 -1
- package/dist/function-registry/nodes.d.ts +412 -0
- package/dist/function-registry/nodes.js +5303 -0
- package/dist/function-registry/nodes.js.map +1 -0
- package/dist/function-registry/ontologies.d.ts +59 -45
- package/dist/function-registry/ontologies.js +733 -41
- package/dist/function-registry/ontologies.js.map +1 -1
- package/dist/function-registry/pipeline.d.ts +19 -13
- package/dist/function-registry/pipeline.js +724 -38
- package/dist/function-registry/pipeline.js.map +1 -1
- package/dist/function-registry/questions.d.ts +64 -49
- package/dist/function-registry/questions.js +812 -43
- package/dist/function-registry/questions.js.map +1 -1
- package/dist/function-registry/tasks.d.ts +24 -17
- package/dist/function-registry/tasks.js +776 -44
- package/dist/function-registry/tasks.js.map +1 -1
- package/dist/function-registry/topics.d.ts +109 -21
- package/dist/function-registry/topics.js +797 -39
- package/dist/function-registry/topics.js.map +1 -1
- package/dist/function-registry/types.d.ts +6 -2
- package/dist/function-registry/worktrees.d.ts +94 -41
- package/dist/function-registry/worktrees.js +854 -47
- package/dist/function-registry/worktrees.js.map +1 -1
- package/dist/function-registry-input-audit.d.ts +13 -0
- package/dist/function-registry-input-audit.js +166 -0
- package/dist/function-registry-input-audit.js.map +1 -0
- package/dist/gateway.contract.d.ts +5 -0
- package/dist/gateway.contract.js.map +1 -1
- package/dist/generated/convexSchemas.d.ts +3 -3
- package/dist/generated/convexSchemas.js +38 -18
- package/dist/generated/convexSchemas.js.map +1 -1
- package/dist/generated/infisicalRuntimeEnv.d.ts +70 -0
- package/dist/generated/infisicalRuntimeEnv.js +26572 -0
- package/dist/generated/infisicalRuntimeEnv.js.map +1 -0
- package/dist/generated/lucernGatewayEnv.d.ts +17 -0
- package/dist/generated/lucernGatewayEnv.js +38 -0
- package/dist/generated/lucernGatewayEnv.js.map +1 -0
- package/dist/generated/lucernWebPublicEnv.d.ts +26 -0
- package/dist/generated/lucernWebPublicEnv.js +32 -0
- package/dist/generated/lucernWebPublicEnv.js.map +1 -0
- package/dist/generated/lucernWebServerEnv.d.ts +33 -0
- package/dist/generated/lucernWebServerEnv.js +51 -0
- package/dist/generated/lucernWebServerEnv.js.map +1 -0
- package/dist/generated/schema-manifest.json +1199 -138
- package/dist/generated/tableOwnership.d.ts +47 -27
- package/dist/generated/tableOwnership.js +66 -26
- package/dist/generated/tableOwnership.js.map +1 -1
- package/dist/generated/tier-expectations.json +62 -8
- package/dist/graph-intelligence.contract.d.ts +506 -0
- package/dist/graph-intelligence.contract.js +595 -0
- package/dist/graph-intelligence.contract.js.map +1 -0
- package/dist/graph-types/index.d.ts +5 -1
- package/dist/graph-types/index.js +15 -4
- package/dist/graph-types/index.js.map +1 -1
- package/dist/index-CM1Pl_vI.d.ts +28 -0
- package/dist/index.d.ts +29 -414
- package/dist/index.js +34791 -1088
- package/dist/index.js.map +1 -1
- package/dist/infisical-runtime.contract.d.ts +1768 -0
- package/dist/infisical-runtime.contract.js +3093 -0
- package/dist/infisical-runtime.contract.js.map +1 -0
- package/dist/lens-filter.contract.js +4 -3
- package/dist/lens-filter.contract.js.map +1 -1
- package/dist/lens-workflow.contract.js +4 -3
- package/dist/lens-workflow.contract.js.map +1 -1
- package/dist/manifests/edge-policy-manifest.d.ts +2 -0
- package/dist/manifests/edge-policy-manifest.data.d.ts +13 -0
- package/dist/manifests/edge-policy-manifest.data.js +26 -0
- package/dist/manifests/edge-policy-manifest.data.js.map +1 -0
- package/dist/manifests/edge-policy-manifest.js +92 -0
- package/dist/manifests/edge-policy-manifest.js.map +1 -0
- package/dist/manifests/infisical-runtime-manifest.d.ts +1672 -0
- package/dist/manifests/infisical-runtime-manifest.js +2948 -0
- package/dist/manifests/infisical-runtime-manifest.js.map +1 -0
- package/dist/manifests/invariant-manifest.d.ts +65 -0
- package/dist/manifests/invariant-manifest.js +18 -0
- package/dist/manifests/invariant-manifest.js.map +1 -0
- package/dist/manifests/invariants/ast-utils.d.ts +14 -0
- package/dist/manifests/invariants/ast-utils.js +54 -0
- package/dist/manifests/invariants/ast-utils.js.map +1 -0
- package/dist/manifests/invariants/index.d.ts +15 -0
- package/dist/manifests/invariants/index.js +183 -0
- package/dist/manifests/invariants/index.js.map +1 -0
- package/dist/manifests/invariants/inv-1-beliefs-append-only.d.ts +12 -0
- package/dist/manifests/invariants/inv-1-beliefs-append-only.js +94 -0
- package/dist/manifests/invariants/inv-1-beliefs-append-only.js.map +1 -0
- package/dist/manifests/invariants/inv-14-no-silent-transitions.d.ts +12 -0
- package/dist/manifests/invariants/inv-14-no-silent-transitions.js +99 -0
- package/dist/manifests/invariants/inv-14-no-silent-transitions.js.map +1 -0
- package/dist/manifests/invariants/manifest-1-projections-declare-audit.d.ts +12 -0
- package/dist/manifests/invariants/manifest-1-projections-declare-audit.js +42 -0
- package/dist/manifests/invariants/manifest-1-projections-declare-audit.js.map +1 -0
- package/dist/manifests/tenant-client-manifest.d.ts +322 -0
- package/dist/manifests/tenant-client-manifest.js +432 -0
- package/dist/manifests/tenant-client-manifest.js.map +1 -0
- package/dist/mcp-gateway-boundary.contract.d.ts +201 -0
- package/dist/mcp-gateway-boundary.contract.js +45 -0
- package/dist/mcp-gateway-boundary.contract.js.map +1 -0
- package/dist/projections/check-convex-args-shape.d.ts +3 -0
- package/dist/projections/check-convex-args-shape.js +403 -0
- package/dist/projections/check-convex-args-shape.js.map +1 -0
- package/dist/projections/create-evidence.projection.d.ts +176 -0
- package/dist/projections/create-evidence.projection.js +130 -0
- package/dist/projections/create-evidence.projection.js.map +1 -0
- package/dist/projections/index.d.ts +102 -0
- package/dist/projections/index.js +352 -0
- package/dist/projections/index.js.map +1 -0
- package/dist/projections/list-beliefs.projection.d.ts +36 -0
- package/dist/projections/list-beliefs.projection.js +54 -0
- package/dist/projections/list-beliefs.projection.js.map +1 -0
- package/dist/projections/list-tasks.projection.d.ts +44 -0
- package/dist/projections/list-tasks.projection.js +57 -0
- package/dist/projections/list-tasks.projection.js.map +1 -0
- package/dist/projections/modulate-confidence.projection.d.ts +219 -0
- package/dist/projections/modulate-confidence.projection.js +148 -0
- package/dist/projections/modulate-confidence.projection.js.map +1 -0
- package/dist/projections/projection-dsl.d.ts +11 -0
- package/dist/projections/projection-dsl.js +8 -0
- package/dist/projections/projection-dsl.js.map +1 -0
- package/dist/proof-attestation.json +45 -0
- package/dist/schema-helpers/enumValidation.js +2 -5
- package/dist/schema-helpers/enumValidation.js.map +1 -1
- package/dist/schema-helpers/spine/nodes/decision.js +2 -1
- package/dist/schema-helpers/spine/nodes/decision.js.map +1 -1
- package/dist/schema-helpers/spine/tables/epistemicNodes.js +27 -27
- package/dist/schema-helpers/spine/tables/epistemicNodes.js.map +1 -1
- package/dist/schemas/component-table-manifest.d.ts +6 -6
- package/dist/schemas/component-table-manifest.js +2 -2
- package/dist/schemas/component-table-manifest.js.map +1 -1
- package/dist/schemas/enums.d.ts +5 -2
- package/dist/schemas/enums.js +5 -2
- package/dist/schemas/enums.js.map +1 -1
- package/dist/schemas/index.d.ts +3 -3
- package/dist/schemas/index.js +1129 -139
- package/dist/schemas/index.js.map +1 -1
- package/dist/schemas/manifest.d.ts +2979 -949
- package/dist/schemas/manifest.js +1127 -137
- package/dist/schemas/manifest.js.map +1 -1
- package/dist/schemas/sl-opinion.d.ts +4 -4
- package/dist/schemas/tables/controlPlane/accessControl.d.ts +260 -0
- package/dist/schemas/tables/controlPlane/accessControl.js +653 -0
- package/dist/schemas/tables/controlPlane/accessControl.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/agent.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/agent.js +3 -3
- package/dist/schemas/tables/controlPlane/agent.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/epistemic.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/epistemic.js +3 -3
- package/dist/schemas/tables/controlPlane/epistemic.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/model.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/model.js +6 -6
- package/dist/schemas/tables/controlPlane/model.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/platform.d.ts +11 -11
- package/dist/schemas/tables/{identity → controlPlane}/platform.js +18 -18
- package/dist/schemas/tables/controlPlane/platform.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/project.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/project.js +3 -3
- package/dist/schemas/tables/controlPlane/project.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/user.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/user.js +3 -3
- package/dist/schemas/tables/controlPlane/user.js.map +1 -0
- package/dist/schemas/tables/kernel/config.d.ts +1 -1
- package/dist/schemas/tables/kernel/config.js.map +1 -1
- package/dist/schemas/tables/kernel/coordination.d.ts +1 -1
- package/dist/schemas/tables/kernel/coordination.js.map +1 -1
- package/dist/schemas/tables/kernel/decision.d.ts +1 -1
- package/dist/schemas/tables/kernel/decision.js.map +1 -1
- package/dist/schemas/tables/kernel/embedding.d.ts +1 -1
- package/dist/schemas/tables/kernel/embedding.js.map +1 -1
- package/dist/schemas/tables/kernel/epistemic.d.ts +7 -7
- package/dist/schemas/tables/kernel/epistemic.js.map +1 -1
- package/dist/schemas/tables/kernel/idempotency.d.ts +1 -1
- package/dist/schemas/tables/kernel/idempotency.js.map +1 -1
- package/dist/schemas/tables/kernel/infra.d.ts +5 -5
- package/dist/schemas/tables/kernel/infra.js.map +1 -1
- package/dist/schemas/tables/kernel/intelligence.d.ts +11 -11
- package/dist/schemas/tables/kernel/intelligence.js.map +1 -1
- package/dist/schemas/tables/kernel/lens.d.ts +5 -5
- package/dist/schemas/tables/kernel/lens.js.map +1 -1
- package/dist/schemas/tables/kernel/ontology.d.ts +1 -1
- package/dist/schemas/tables/kernel/ontology.js.map +1 -1
- package/dist/schemas/tables/kernel/platform.d.ts +13 -13
- package/dist/schemas/tables/kernel/platform.js.map +1 -1
- package/dist/schemas/tables/kernel/spine.d.ts +5 -4
- package/dist/schemas/tables/kernel/spine.js +6 -2
- package/dist/schemas/tables/kernel/spine.js.map +1 -1
- package/dist/schemas/tables/kernel/task.d.ts +43 -43
- package/dist/schemas/tables/kernel/task.js.map +1 -1
- package/dist/schemas/tables/kernel/topic.d.ts +1 -1
- package/dist/schemas/tables/kernel/topic.js +5 -1
- package/dist/schemas/tables/kernel/topic.js.map +1 -1
- package/dist/schemas/tables/kernel/workflow.d.ts +1 -1
- package/dist/schemas/tables/kernel/workflow.js.map +1 -1
- package/dist/schemas/tables/kernel/worktree.d.ts +55 -55
- package/dist/schemas/tables/kernel/worktree.js.map +1 -1
- package/dist/schemas/tables/mc/identity.d.ts +44 -4
- package/dist/schemas/tables/mc/identity.js +66 -1
- package/dist/schemas/tables/mc/identity.js.map +1 -1
- package/dist/schemas/tables/mc/methodology.d.ts +1 -1
- package/dist/schemas/tables/mc/methodology.js.map +1 -1
- package/dist/schemas/tables/mc/pack.d.ts +21 -21
- package/dist/schemas/tables/mc/pack.js.map +1 -1
- package/dist/schemas/tables/mc/policy.d.ts +2 -2
- package/dist/schemas/tables/mc/policy.js +1 -1
- package/dist/schemas/tables/mc/policy.js.map +1 -1
- package/dist/schemas/tables/mc/registry.d.ts +5 -5
- package/dist/schemas/tables/mc/registry.js.map +1 -1
- package/dist/schemas/tables/mc/runtime.d.ts +109 -3
- package/dist/schemas/tables/mc/runtime.js +330 -104
- package/dist/schemas/tables/mc/runtime.js.map +1 -1
- package/dist/schemas/tables/mc/tenant.d.ts +3 -2
- package/dist/schemas/tables/mc/tenant.js +2 -1
- package/dist/schemas/tables/mc/tenant.js.map +1 -1
- package/dist/schemas/tables/mc/workspace.d.ts +28 -5
- package/dist/schemas/tables/mc/workspace.js +36 -2
- package/dist/schemas/tables/mc/workspace.js.map +1 -1
- package/dist/sdk-methods.contract.d.ts +2 -2
- package/dist/{sdk-tools.contract-S4ia0TTo.d.ts → sdk-tools.contract-BNklQDfB.d.ts} +2 -2
- package/dist/sdk-tools.contract.d.ts +2 -2
- package/dist/sdk-tools.contract.js +672 -24
- package/dist/sdk-tools.contract.js.map +1 -1
- package/dist/tenant-bootstrap-seed.contract.d.ts +1269 -0
- package/dist/tenant-bootstrap-seed.contract.js +751 -0
- package/dist/tenant-bootstrap-seed.contract.js.map +1 -0
- package/dist/tenant-bootstrap-seed.defaults.d.ts +16 -0
- package/dist/tenant-bootstrap-seed.defaults.js +303 -0
- package/dist/tenant-bootstrap-seed.defaults.js.map +1 -0
- package/dist/tenant-client.contract.d.ts +349 -0
- package/dist/tenant-client.contract.js +488 -0
- package/dist/tenant-client.contract.js.map +1 -0
- package/dist/{tool-contracts-C92-9ueT.d.ts → tool-contracts-BevD9Ho2.d.ts} +36 -2
- package/dist/tool-contracts.d.ts +1 -1
- package/dist/tool-contracts.js +673 -25
- package/dist/tool-contracts.js.map +1 -1
- package/package.json +30 -1
- package/dist/index-CV-0_VWJ.d.ts +0 -25
- package/dist/schemas/tables/identity/agent.js.map +0 -1
- package/dist/schemas/tables/identity/epistemic.js.map +0 -1
- package/dist/schemas/tables/identity/model.js.map +0 -1
- package/dist/schemas/tables/identity/platform.js.map +0 -1
- package/dist/schemas/tables/identity/project.js.map +0 -1
- package/dist/schemas/tables/identity/user.js.map +0 -1
package/dist/schemas/index.js
CHANGED
|
@@ -2,7 +2,10 @@ import { z } from 'zod';
|
|
|
2
2
|
|
|
3
3
|
// src/schemas/enums.ts
|
|
4
4
|
var NODE_TYPE = z.enum(["decision", "belief", "question", "theme", "deal", "topic", "claim", "evidence", "synthesis", "answer", "atomic_fact", "excerpt", "source", "company", "person", "investor", "function", "value_chain"]);
|
|
5
|
-
var
|
|
5
|
+
var EDGE_TYPE_VALUES = ["supports", "informs", "depends_on", "derived_from", "contains", "tests", "supersedes", "responds_to", "belongs_to", "relates_to_thesis", "works_at", "invested_in", "competes_with", "participates_in", "founded_by", "evaluates", "performs", "function_in", "impacts", "raised_from", "mentioned_in", "perspective_on", "plays_theme", "answers", "explores", "qualifies", "based_on", "based_on_belief", "based_on_question", "blocked_by_contradiction", "informed_by_theme", "same_as", "reinforces", "parent_of", "child_of", "falsified_by", "exclusive_with", "collapses_if", "cascade_from", "counterfactual_of", "cascade_to", "mutually_exclusive", "correlates_with", "amplifies", "precondition_for", "in_tension_with", "strengthened_by", "weakened_by", "alternative_to", "subsumes", "validated_by", "required_for", "blocks", "prerequisite_for", "parallel_to", "corroborates", "extends", "same_source_as", "same_theme_as", "assumes", "would_predict", "analogous_to", "independent_of", "implements", "violates", "co_changes_with", "migrating_from", "migrating_to", "scoped_by", "about_entity", "entity_referenced_in", "contradicts", "cites", "summarizes", "related_to", "partially_answers", "refines", "branches_from"];
|
|
6
|
+
var STORAGE_EDGE_TYPE_VALUES = [...EDGE_TYPE_VALUES, "extracted_from"];
|
|
7
|
+
var EDGE_TYPE = z.enum(EDGE_TYPE_VALUES);
|
|
8
|
+
var STORAGE_EDGE_TYPE = z.enum(STORAGE_EDGE_TYPE_VALUES);
|
|
6
9
|
var TOPIC_STATUS = z.enum(["active", "archived", "watching"]);
|
|
7
10
|
var TOPIC_VISIBILITY = z.enum(["private", "team", "firm", "external", "public"]);
|
|
8
11
|
|
|
@@ -207,7 +210,7 @@ var toolRegistryEntries = defineTable({
|
|
|
207
210
|
});
|
|
208
211
|
var agents = defineTable({
|
|
209
212
|
name: "agents",
|
|
210
|
-
component: "
|
|
213
|
+
component: "control-plane",
|
|
211
214
|
category: "agent",
|
|
212
215
|
shape: z.object({
|
|
213
216
|
"slug": z.string(),
|
|
@@ -238,6 +241,7 @@ var apiKeys = defineTable({
|
|
|
238
241
|
category: "tenant",
|
|
239
242
|
shape: z.object({
|
|
240
243
|
"tenantId": idOf("tenants"),
|
|
244
|
+
"workspaceId": idOf("workspaces").optional(),
|
|
241
245
|
"keyPrefix": z.enum(["luc", "stk"]),
|
|
242
246
|
"keyHash": z.string(),
|
|
243
247
|
"keyHint": z.string(),
|
|
@@ -265,7 +269,7 @@ var auditLog = defineTable({
|
|
|
265
269
|
shape: z.object({
|
|
266
270
|
"tenantId": idOf("tenants").optional(),
|
|
267
271
|
"apiKeyId": idOf("apiKeys").optional(),
|
|
268
|
-
"action": z.enum(["key_created", "key_revoked", "key_expired", "key_used", "tenant_secret_created", "tenant_secret_rotated", "tenant_secret_revoked", "tenant_slot_binding_upserted", "tenant_slot_binding_revoked", "proxy_token_minted", "proxy_request_recorded", "tenant_created", "tenant_updated", "tenant_suspended", "tenant_archived", "tenant_reactivated", "principal_created", "principal_updated", "principal_suspended", "membership_created", "membership_updated", "membership_revoked", "group_created", "group_updated", "group_deleted", "group_member_added", "group_member_removed", "workspace_created", "workspace_updated", "workspace_archived", "workspace_deployment_set", "workspace_deployment_removed", "service_key_created", "service_key_rotated", "service_key_revoked", "service_key_used", "service_key_auth_failed", "session_created", "session_validated", "session_revoked", "session_cascade_revoked", "session_expired", "sandbox_created", "sandbox_secret_injected", "sandbox_execution_started", "sandbox_execution_completed", "sandbox_limit_violated", "policy_created", "policy_updated", "policy_enforced", "policy_archived", "agent_registered", "agent_updated", "tool_registered", "tool_updated", "pack_entitled", "pack_installed", "pack_enabled", "pack_disabled", "pack_entitlement_revoked", "pack_upgraded", "pack_upgrade_committed", "pack_upgrade_rolled_back", "pack_group_assigned", "pack_group_unassigned", "methodology_pack_created", "methodology_pack_updated", "methodology_pack_assigned", "methodology_pack_removed", "pack_assigned_to_group", "pack_revoked_from_group", "pack_ontology_materialized", "pack_ontology_topic_bound", "cutover_flag_set", "cutover_flag_cleared"]),
|
|
272
|
+
"action": z.enum(["key_created", "key_revoked", "key_expired", "key_used", "tenant_secret_created", "tenant_secret_rotated", "tenant_secret_revoked", "tenant_slot_binding_upserted", "tenant_slot_binding_revoked", "proxy_token_minted", "proxy_token_lease_issued", "proxy_token_lease_renewed", "proxy_token_lease_revoked", "proxy_request_recorded", "tenant_created", "tenant_updated", "tenant_suspended", "tenant_archived", "tenant_reactivated", "principal_created", "principal_updated", "principal_suspended", "principal_identity_alias_upserted", "principal_identity_alias_revoked", "membership_created", "membership_updated", "membership_revoked", "group_created", "group_updated", "group_deleted", "group_member_added", "group_member_removed", "workspace_created", "workspace_updated", "workspace_archived", "workspace_deployment_set", "workspace_deployment_removed", "deployment_host_registered", "deployment_host_revoked", "service_key_created", "service_key_rotated", "service_key_revoked", "service_key_used", "service_key_auth_failed", "session_created", "session_validated", "session_revoked", "session_cascade_revoked", "session_expired", "sandbox_created", "sandbox_secret_injected", "sandbox_execution_started", "sandbox_execution_completed", "sandbox_limit_violated", "policy_created", "policy_updated", "policy_enforced", "policy_archived", "permit_sync_enqueued", "permit_sync_succeeded", "permit_sync_failed", "permit_sync_skipped", "agent_registered", "agent_updated", "tool_registered", "tool_updated", "pack_entitled", "pack_installed", "pack_enabled", "pack_disabled", "pack_entitlement_revoked", "pack_upgraded", "pack_upgrade_committed", "pack_upgrade_rolled_back", "pack_group_assigned", "pack_group_unassigned", "methodology_pack_created", "methodology_pack_updated", "methodology_pack_assigned", "methodology_pack_removed", "pack_assigned_to_group", "pack_revoked_from_group", "pack_ontology_materialized", "pack_ontology_topic_bound", "cutover_flag_set", "cutover_flag_cleared"]),
|
|
269
273
|
"actorClerkId": z.string(),
|
|
270
274
|
"details": z.any().optional(),
|
|
271
275
|
"createdAt": z.number()
|
|
@@ -1144,29 +1148,37 @@ var compatibilityShims = defineTable({
|
|
|
1144
1148
|
component: "mc",
|
|
1145
1149
|
category: "runtime",
|
|
1146
1150
|
shape: z.object({
|
|
1147
|
-
|
|
1148
|
-
|
|
1149
|
-
|
|
1150
|
-
|
|
1151
|
-
|
|
1152
|
-
|
|
1153
|
-
|
|
1154
|
-
|
|
1155
|
-
|
|
1156
|
-
|
|
1157
|
-
|
|
1158
|
-
|
|
1159
|
-
|
|
1151
|
+
shimId: z.string(),
|
|
1152
|
+
gateId: z.string(),
|
|
1153
|
+
removalDate: z.string(),
|
|
1154
|
+
removalPriority: z.enum(["P1", "P2", "P3"]),
|
|
1155
|
+
description: z.string(),
|
|
1156
|
+
owner: z.string(),
|
|
1157
|
+
createdAt: z.string(),
|
|
1158
|
+
status: z.enum(["active", "overdue", "removed"]),
|
|
1159
|
+
bridgeType: z.enum(["tool", "agent"]),
|
|
1160
|
+
bridgeTarget: z.object({
|
|
1161
|
+
type: z.enum(["tool", "agent"]),
|
|
1162
|
+
legacyPath: z.string(),
|
|
1163
|
+
harnessPath: z.string()
|
|
1160
1164
|
}),
|
|
1161
|
-
|
|
1162
|
-
|
|
1163
|
-
|
|
1164
|
-
|
|
1165
|
+
shimBehavior: z.enum([
|
|
1166
|
+
"passthrough_with_logging",
|
|
1167
|
+
"adapter",
|
|
1168
|
+
"feature_flag_gate"
|
|
1169
|
+
]),
|
|
1170
|
+
producesLedgerEntries: z.boolean(),
|
|
1171
|
+
lastAuditedAt: z.number(),
|
|
1172
|
+
metadata: z.record(z.any()).optional()
|
|
1165
1173
|
}),
|
|
1166
1174
|
indices: [
|
|
1167
1175
|
{ kind: "index", name: "by_shimId", columns: ["shimId"] },
|
|
1168
1176
|
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
1169
|
-
{
|
|
1177
|
+
{
|
|
1178
|
+
kind: "index",
|
|
1179
|
+
name: "by_bridgeType_status",
|
|
1180
|
+
columns: ["bridgeType", "status"]
|
|
1181
|
+
}
|
|
1170
1182
|
]
|
|
1171
1183
|
});
|
|
1172
1184
|
var cutoverFlags = defineTable({
|
|
@@ -1174,12 +1186,23 @@ var cutoverFlags = defineTable({
|
|
|
1174
1186
|
component: "mc",
|
|
1175
1187
|
category: "runtime",
|
|
1176
1188
|
shape: z.object({
|
|
1177
|
-
|
|
1178
|
-
|
|
1179
|
-
|
|
1180
|
-
|
|
1181
|
-
|
|
1182
|
-
|
|
1189
|
+
domain: z.enum([
|
|
1190
|
+
"graph",
|
|
1191
|
+
"schema",
|
|
1192
|
+
"identity",
|
|
1193
|
+
"policy",
|
|
1194
|
+
"audit",
|
|
1195
|
+
"admin",
|
|
1196
|
+
"agent",
|
|
1197
|
+
"tool",
|
|
1198
|
+
"prompt",
|
|
1199
|
+
"intelligence"
|
|
1200
|
+
]),
|
|
1201
|
+
state: z.enum(["legacy", "cutover", "disabled"]),
|
|
1202
|
+
metadata: z.record(z.any()).optional(),
|
|
1203
|
+
updatedBy: z.string(),
|
|
1204
|
+
createdAt: z.number(),
|
|
1205
|
+
updatedAt: z.number()
|
|
1183
1206
|
}),
|
|
1184
1207
|
indices: [
|
|
1185
1208
|
{ kind: "index", name: "by_domain", columns: ["domain"] },
|
|
@@ -1191,57 +1214,193 @@ var tenantDeploymentCredentials = defineTable({
|
|
|
1191
1214
|
component: "mc",
|
|
1192
1215
|
category: "runtime",
|
|
1193
1216
|
shape: z.object({
|
|
1194
|
-
|
|
1195
|
-
|
|
1196
|
-
|
|
1197
|
-
|
|
1198
|
-
|
|
1199
|
-
|
|
1200
|
-
|
|
1201
|
-
|
|
1202
|
-
|
|
1203
|
-
|
|
1204
|
-
|
|
1205
|
-
|
|
1206
|
-
|
|
1207
|
-
|
|
1208
|
-
|
|
1209
|
-
|
|
1210
|
-
|
|
1217
|
+
credentialRef: z.string(),
|
|
1218
|
+
tenantId: idOf("tenants"),
|
|
1219
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1220
|
+
target: z.enum(["kernelDeployment", "appDeployment"]),
|
|
1221
|
+
environment: z.enum(["dev", "staging", "prod"]),
|
|
1222
|
+
encryptedDeployKey: z.string(),
|
|
1223
|
+
encryptionVersion: z.string(),
|
|
1224
|
+
keyFingerprint: z.string(),
|
|
1225
|
+
keyHint: z.string(),
|
|
1226
|
+
status: z.enum(["active", "revoked"]),
|
|
1227
|
+
rotatedFromCredentialRef: z.string().optional(),
|
|
1228
|
+
revokedAt: z.number().optional(),
|
|
1229
|
+
revokedBy: z.string().optional(),
|
|
1230
|
+
lastUsedAt: z.number().optional(),
|
|
1231
|
+
metadata: z.record(z.any()).optional(),
|
|
1232
|
+
createdBy: z.string(),
|
|
1233
|
+
createdAt: z.number(),
|
|
1234
|
+
updatedAt: z.number()
|
|
1211
1235
|
}),
|
|
1212
1236
|
indices: [
|
|
1213
1237
|
{ kind: "index", name: "by_credentialRef", columns: ["credentialRef"] },
|
|
1214
1238
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
1215
|
-
{ kind: "index", name: "
|
|
1216
|
-
{
|
|
1217
|
-
|
|
1239
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
1240
|
+
{
|
|
1241
|
+
kind: "index",
|
|
1242
|
+
name: "by_tenant_target",
|
|
1243
|
+
columns: ["tenantId", "target"]
|
|
1244
|
+
},
|
|
1245
|
+
{
|
|
1246
|
+
kind: "index",
|
|
1247
|
+
name: "by_tenant_target_environment",
|
|
1248
|
+
columns: ["tenantId", "target", "environment"]
|
|
1249
|
+
},
|
|
1250
|
+
{
|
|
1251
|
+
kind: "index",
|
|
1252
|
+
name: "by_tenant_target_environment_status",
|
|
1253
|
+
columns: ["tenantId", "target", "environment", "status"]
|
|
1254
|
+
},
|
|
1255
|
+
{
|
|
1256
|
+
kind: "index",
|
|
1257
|
+
name: "by_tenant_workspace_target_environment_status",
|
|
1258
|
+
columns: ["tenantId", "workspaceId", "target", "environment", "status"]
|
|
1259
|
+
},
|
|
1218
1260
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1219
1261
|
]
|
|
1220
1262
|
});
|
|
1263
|
+
var permitSyncStates = defineTable({
|
|
1264
|
+
name: "permitSyncStates",
|
|
1265
|
+
component: "mc",
|
|
1266
|
+
category: "runtime",
|
|
1267
|
+
shape: z.object({
|
|
1268
|
+
syncKey: z.string(),
|
|
1269
|
+
objectType: z.enum([
|
|
1270
|
+
"resource",
|
|
1271
|
+
"role",
|
|
1272
|
+
"resource_role",
|
|
1273
|
+
"resource_relation",
|
|
1274
|
+
"tenant",
|
|
1275
|
+
"workspace",
|
|
1276
|
+
"principal",
|
|
1277
|
+
"membership",
|
|
1278
|
+
"group",
|
|
1279
|
+
"resource_instance",
|
|
1280
|
+
"relationship_tuple",
|
|
1281
|
+
"role_assignment"
|
|
1282
|
+
]),
|
|
1283
|
+
objectId: z.string(),
|
|
1284
|
+
tenantId: idOf("tenants").optional(),
|
|
1285
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1286
|
+
principalId: z.string().optional(),
|
|
1287
|
+
permitTenantKey: z.string().optional(),
|
|
1288
|
+
permitResourceType: z.string().optional(),
|
|
1289
|
+
permitResourceKey: z.string().optional(),
|
|
1290
|
+
desiredPayload: z.record(z.any()),
|
|
1291
|
+
lastAppliedPayloadHash: z.string().optional(),
|
|
1292
|
+
status: z.enum(["pending", "synced", "error", "skipped"]),
|
|
1293
|
+
attemptCount: z.number(),
|
|
1294
|
+
lastError: z.string().optional(),
|
|
1295
|
+
nextAttemptAt: z.number().optional(),
|
|
1296
|
+
lastSyncedAt: z.number().optional(),
|
|
1297
|
+
createdBy: z.string(),
|
|
1298
|
+
updatedBy: z.string().optional(),
|
|
1299
|
+
createdAt: z.number(),
|
|
1300
|
+
updatedAt: z.number()
|
|
1301
|
+
}),
|
|
1302
|
+
indices: [
|
|
1303
|
+
{ kind: "index", name: "by_syncKey", columns: ["syncKey"] },
|
|
1304
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
1305
|
+
{
|
|
1306
|
+
kind: "index",
|
|
1307
|
+
name: "by_tenant_status",
|
|
1308
|
+
columns: ["tenantId", "status"]
|
|
1309
|
+
},
|
|
1310
|
+
{
|
|
1311
|
+
kind: "index",
|
|
1312
|
+
name: "by_workspace_status",
|
|
1313
|
+
columns: ["workspaceId", "status"]
|
|
1314
|
+
},
|
|
1315
|
+
{
|
|
1316
|
+
kind: "index",
|
|
1317
|
+
name: "by_principal_status",
|
|
1318
|
+
columns: ["principalId", "status"]
|
|
1319
|
+
}
|
|
1320
|
+
]
|
|
1321
|
+
});
|
|
1322
|
+
var secretSyncDriftReports = defineTable({
|
|
1323
|
+
name: "secretSyncDriftReports",
|
|
1324
|
+
component: "mc",
|
|
1325
|
+
category: "runtime",
|
|
1326
|
+
shape: z.object({
|
|
1327
|
+
reportId: z.string(),
|
|
1328
|
+
source: z.enum(["infisical_manifest", "manual", "ci"]),
|
|
1329
|
+
generatedAt: z.number(),
|
|
1330
|
+
recordedAt: z.number(),
|
|
1331
|
+
recordedBy: z.string(),
|
|
1332
|
+
status: z.enum([
|
|
1333
|
+
"in_sync",
|
|
1334
|
+
"drift",
|
|
1335
|
+
"exception",
|
|
1336
|
+
"blocked",
|
|
1337
|
+
"not_observed"
|
|
1338
|
+
]),
|
|
1339
|
+
reportHash: z.string(),
|
|
1340
|
+
manifestHash: z.string().optional(),
|
|
1341
|
+
dryRunReceiptId: z.string().optional(),
|
|
1342
|
+
appliedReceiptId: z.string().optional(),
|
|
1343
|
+
summary: z.object({
|
|
1344
|
+
totalPipelines: z.number(),
|
|
1345
|
+
inSync: z.number(),
|
|
1346
|
+
drift: z.number(),
|
|
1347
|
+
exception: z.number(),
|
|
1348
|
+
blocked: z.number(),
|
|
1349
|
+
notObserved: z.number(),
|
|
1350
|
+
missingKeys: z.number(),
|
|
1351
|
+
valueDriftKeys: z.number(),
|
|
1352
|
+
extraKeys: z.number(),
|
|
1353
|
+
deniedConvexLeakage: z.number(),
|
|
1354
|
+
approvedExceptions: z.number()
|
|
1355
|
+
}),
|
|
1356
|
+
redactedReport: z.record(z.any()),
|
|
1357
|
+
metadata: z.record(z.any()).optional()
|
|
1358
|
+
}),
|
|
1359
|
+
indices: [
|
|
1360
|
+
{ kind: "index", name: "by_reportId", columns: ["reportId"] },
|
|
1361
|
+
{ kind: "index", name: "by_reportHash", columns: ["reportHash"] },
|
|
1362
|
+
{ kind: "index", name: "by_generatedAt", columns: ["generatedAt"] },
|
|
1363
|
+
{
|
|
1364
|
+
kind: "index",
|
|
1365
|
+
name: "by_status_generatedAt",
|
|
1366
|
+
columns: ["status", "generatedAt"]
|
|
1367
|
+
}
|
|
1368
|
+
]
|
|
1369
|
+
});
|
|
1221
1370
|
var controlPlaneTenantModelSlotBindings = defineTable({
|
|
1222
1371
|
name: "controlPlaneTenantModelSlotBindings",
|
|
1223
1372
|
component: "mc",
|
|
1224
1373
|
category: "runtime",
|
|
1225
1374
|
shape: z.object({
|
|
1226
|
-
|
|
1227
|
-
|
|
1228
|
-
"
|
|
1229
|
-
|
|
1230
|
-
|
|
1231
|
-
|
|
1232
|
-
|
|
1233
|
-
|
|
1234
|
-
|
|
1235
|
-
|
|
1236
|
-
|
|
1237
|
-
|
|
1238
|
-
|
|
1375
|
+
bindingId: z.string(),
|
|
1376
|
+
tenantId: idOf("tenants"),
|
|
1377
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1378
|
+
environment: z.enum(["dev", "staging", "prod"]).optional(),
|
|
1379
|
+
providerId: z.string(),
|
|
1380
|
+
modelSlotId: z.string(),
|
|
1381
|
+
secretRef: z.string(),
|
|
1382
|
+
status: z.enum(["active", "revoked"]),
|
|
1383
|
+
passThroughOnly: z.boolean(),
|
|
1384
|
+
revokedAt: z.number().optional(),
|
|
1385
|
+
revokedBy: z.string().optional(),
|
|
1386
|
+
metadata: z.record(z.any()).optional(),
|
|
1387
|
+
createdBy: z.string(),
|
|
1388
|
+
createdAt: z.number(),
|
|
1389
|
+
updatedAt: z.number()
|
|
1239
1390
|
}),
|
|
1240
1391
|
indices: [
|
|
1241
1392
|
{ kind: "index", name: "by_bindingId", columns: ["bindingId"] },
|
|
1242
1393
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
1243
|
-
{
|
|
1244
|
-
|
|
1394
|
+
{
|
|
1395
|
+
kind: "index",
|
|
1396
|
+
name: "by_tenant_slot",
|
|
1397
|
+
columns: ["tenantId", "modelSlotId"]
|
|
1398
|
+
},
|
|
1399
|
+
{
|
|
1400
|
+
kind: "index",
|
|
1401
|
+
name: "by_tenant_provider_slot",
|
|
1402
|
+
columns: ["tenantId", "providerId", "modelSlotId"]
|
|
1403
|
+
},
|
|
1245
1404
|
{ kind: "index", name: "by_secretRef", columns: ["secretRef"] },
|
|
1246
1405
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1247
1406
|
]
|
|
@@ -1251,29 +1410,42 @@ var controlPlaneTenantProviderSecrets = defineTable({
|
|
|
1251
1410
|
component: "mc",
|
|
1252
1411
|
category: "runtime",
|
|
1253
1412
|
shape: z.object({
|
|
1254
|
-
|
|
1255
|
-
|
|
1256
|
-
"
|
|
1257
|
-
|
|
1258
|
-
|
|
1259
|
-
|
|
1260
|
-
|
|
1261
|
-
|
|
1262
|
-
|
|
1263
|
-
|
|
1264
|
-
|
|
1265
|
-
|
|
1266
|
-
|
|
1267
|
-
|
|
1268
|
-
|
|
1269
|
-
|
|
1270
|
-
|
|
1413
|
+
secretRef: z.string(),
|
|
1414
|
+
tenantId: idOf("tenants"),
|
|
1415
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1416
|
+
environment: z.enum(["dev", "staging", "prod"]).optional(),
|
|
1417
|
+
providerId: z.string(),
|
|
1418
|
+
label: z.string().optional(),
|
|
1419
|
+
encryptedSecret: z.string().optional(),
|
|
1420
|
+
infisicalPath: z.string().optional(),
|
|
1421
|
+
infisicalSecretKey: z.string().optional(),
|
|
1422
|
+
infisicalProjectId: z.string().optional(),
|
|
1423
|
+
encryptionVersion: z.string(),
|
|
1424
|
+
secretFingerprint: z.string(),
|
|
1425
|
+
keyHint: z.string(),
|
|
1426
|
+
status: z.enum(["active", "revoked"]),
|
|
1427
|
+
rotatedFromSecretRef: z.string().optional(),
|
|
1428
|
+
revokedAt: z.number().optional(),
|
|
1429
|
+
revokedBy: z.string().optional(),
|
|
1430
|
+
lastUsedAt: z.number().optional(),
|
|
1431
|
+
metadata: z.record(z.any()).optional(),
|
|
1432
|
+
createdBy: z.string(),
|
|
1433
|
+
createdAt: z.number(),
|
|
1434
|
+
updatedAt: z.number()
|
|
1271
1435
|
}),
|
|
1272
1436
|
indices: [
|
|
1273
1437
|
{ kind: "index", name: "by_secretRef", columns: ["secretRef"] },
|
|
1274
1438
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
1275
|
-
{
|
|
1276
|
-
|
|
1439
|
+
{
|
|
1440
|
+
kind: "index",
|
|
1441
|
+
name: "by_tenant_provider",
|
|
1442
|
+
columns: ["tenantId", "providerId"]
|
|
1443
|
+
},
|
|
1444
|
+
{
|
|
1445
|
+
kind: "index",
|
|
1446
|
+
name: "by_tenant_provider_status",
|
|
1447
|
+
columns: ["tenantId", "providerId", "status"]
|
|
1448
|
+
},
|
|
1277
1449
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1278
1450
|
]
|
|
1279
1451
|
});
|
|
@@ -1282,35 +1454,93 @@ var controlPlaneTenantProxyGatewayUsage = defineTable({
|
|
|
1282
1454
|
component: "mc",
|
|
1283
1455
|
category: "runtime",
|
|
1284
1456
|
shape: z.object({
|
|
1285
|
-
|
|
1286
|
-
|
|
1287
|
-
|
|
1288
|
-
|
|
1289
|
-
|
|
1290
|
-
|
|
1291
|
-
|
|
1292
|
-
|
|
1293
|
-
|
|
1294
|
-
|
|
1295
|
-
|
|
1296
|
-
|
|
1297
|
-
|
|
1298
|
-
|
|
1299
|
-
|
|
1300
|
-
|
|
1301
|
-
|
|
1302
|
-
|
|
1303
|
-
|
|
1304
|
-
|
|
1305
|
-
|
|
1306
|
-
|
|
1457
|
+
usageId: z.string(),
|
|
1458
|
+
tenantId: idOf("tenants"),
|
|
1459
|
+
providerId: z.string(),
|
|
1460
|
+
modelSlotId: z.string(),
|
|
1461
|
+
secretRef: z.string(),
|
|
1462
|
+
proxyTokenId: z.string(),
|
|
1463
|
+
sessionId: z.string(),
|
|
1464
|
+
principalId: z.string(),
|
|
1465
|
+
workspaceId: z.string().optional(),
|
|
1466
|
+
modelId: z.string().optional(),
|
|
1467
|
+
requestPath: z.string(),
|
|
1468
|
+
status: z.enum(["success", "error"]),
|
|
1469
|
+
responseStatus: z.number().optional(),
|
|
1470
|
+
inputTokens: z.number().optional(),
|
|
1471
|
+
outputTokens: z.number().optional(),
|
|
1472
|
+
tokenCount: z.number().optional(),
|
|
1473
|
+
latencyMs: z.number(),
|
|
1474
|
+
estimatedCostUsd: z.number().optional(),
|
|
1475
|
+
failureCode: z.string().optional(),
|
|
1476
|
+
metadata: z.record(z.any()).optional(),
|
|
1477
|
+
createdAt: z.number(),
|
|
1478
|
+
updatedAt: z.number()
|
|
1307
1479
|
}),
|
|
1308
1480
|
indices: [
|
|
1309
1481
|
{ kind: "index", name: "by_usageId", columns: ["usageId"] },
|
|
1310
1482
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId", "createdAt"] },
|
|
1311
|
-
{
|
|
1312
|
-
|
|
1313
|
-
|
|
1483
|
+
{
|
|
1484
|
+
kind: "index",
|
|
1485
|
+
name: "by_tenant_provider",
|
|
1486
|
+
columns: ["tenantId", "providerId", "createdAt"]
|
|
1487
|
+
},
|
|
1488
|
+
{
|
|
1489
|
+
kind: "index",
|
|
1490
|
+
name: "by_proxyTokenId",
|
|
1491
|
+
columns: ["proxyTokenId", "createdAt"]
|
|
1492
|
+
},
|
|
1493
|
+
{
|
|
1494
|
+
kind: "index",
|
|
1495
|
+
name: "by_sessionId",
|
|
1496
|
+
columns: ["sessionId", "createdAt"]
|
|
1497
|
+
}
|
|
1498
|
+
]
|
|
1499
|
+
});
|
|
1500
|
+
var controlPlaneTenantProxyTokenLeases = defineTable({
|
|
1501
|
+
name: "controlPlaneTenantProxyTokenLeases",
|
|
1502
|
+
component: "mc",
|
|
1503
|
+
category: "runtime",
|
|
1504
|
+
shape: z.object({
|
|
1505
|
+
leaseId: z.string(),
|
|
1506
|
+
proxyTokenId: z.string(),
|
|
1507
|
+
tenantId: idOf("tenants"),
|
|
1508
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1509
|
+
environment: z.enum(["dev", "staging", "prod"]),
|
|
1510
|
+
providerId: z.string(),
|
|
1511
|
+
modelSlotId: z.string(),
|
|
1512
|
+
bindingId: z.string(),
|
|
1513
|
+
secretRef: z.string(),
|
|
1514
|
+
sessionId: z.string(),
|
|
1515
|
+
principalId: z.string(),
|
|
1516
|
+
agentSessionId: z.string().optional(),
|
|
1517
|
+
status: z.enum(["active", "revoked"]),
|
|
1518
|
+
expiresAt: z.number(),
|
|
1519
|
+
renewedAt: z.number().optional(),
|
|
1520
|
+
revokedAt: z.number().optional(),
|
|
1521
|
+
revokedBy: z.string().optional(),
|
|
1522
|
+
revokeReason: z.string().optional(),
|
|
1523
|
+
permitDecisionLogId: idOf("policyDecisionLogs").optional(),
|
|
1524
|
+
permitTraceId: z.string().optional(),
|
|
1525
|
+
metadata: z.record(z.any()).optional(),
|
|
1526
|
+
createdAt: z.number(),
|
|
1527
|
+
updatedAt: z.number()
|
|
1528
|
+
}),
|
|
1529
|
+
indices: [
|
|
1530
|
+
{ kind: "index", name: "by_leaseId", columns: ["leaseId"] },
|
|
1531
|
+
{ kind: "index", name: "by_proxyTokenId", columns: ["proxyTokenId"] },
|
|
1532
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId", "createdAt"] },
|
|
1533
|
+
{ kind: "index", name: "by_sessionId", columns: ["sessionId", "createdAt"] },
|
|
1534
|
+
{
|
|
1535
|
+
kind: "index",
|
|
1536
|
+
name: "by_principalId",
|
|
1537
|
+
columns: ["principalId", "createdAt"]
|
|
1538
|
+
},
|
|
1539
|
+
{
|
|
1540
|
+
kind: "index",
|
|
1541
|
+
name: "by_status_expiresAt",
|
|
1542
|
+
columns: ["status", "expiresAt"]
|
|
1543
|
+
}
|
|
1314
1544
|
]
|
|
1315
1545
|
});
|
|
1316
1546
|
var crossProjectConnections = defineTable({
|
|
@@ -1505,7 +1735,7 @@ var epistemicEdges = defineTable({
|
|
|
1505
1735
|
"toNodeId": z.string().optional(),
|
|
1506
1736
|
"sourceGlobalId": z.string().optional(),
|
|
1507
1737
|
"targetGlobalId": z.string().optional(),
|
|
1508
|
-
"edgeType":
|
|
1738
|
+
"edgeType": STORAGE_EDGE_TYPE,
|
|
1509
1739
|
"edgeTier": z.string().optional(),
|
|
1510
1740
|
"domainNamespace": z.string().optional(),
|
|
1511
1741
|
"constraint": z.string().optional(),
|
|
@@ -1643,6 +1873,7 @@ var epistemicNodes = defineTable({
|
|
|
1643
1873
|
"questionType": z.enum(["validation", "falsification", "assumption_probe", "prediction_test", "counterfactual", "discovery", "clarification", "comparison", "causal", "mechanism", "general"]).optional(),
|
|
1644
1874
|
"questionPriority": z.enum(["critical", "high", "medium", "low"]).optional(),
|
|
1645
1875
|
"answerQuality": z.enum(["definitive", "strong", "moderate", "weak", "speculative", "unanswered"]).optional(),
|
|
1876
|
+
"themeStatus": z.enum(["emerging", "active", "mature", "declining", "archived"]).optional(),
|
|
1646
1877
|
"themeConviction": z.enum(["high", "medium", "low", "negative"]).optional(),
|
|
1647
1878
|
"decisionType": z.enum(["invest", "pass", "follow_on", "exit", "deep_dive", "monitor", "deprioritize", "thesis_adopt", "thesis_revise", "thesis_abandon"]).optional(),
|
|
1648
1879
|
"decisionOutcome": z.enum(["pending", "successful", "unsuccessful", "mixed", "unknown"]).optional(),
|
|
@@ -1793,6 +2024,7 @@ var memberships = defineTable({
|
|
|
1793
2024
|
indices: [
|
|
1794
2025
|
{ kind: "index", name: "by_principalId", columns: ["principalId"] },
|
|
1795
2026
|
{ kind: "index", name: "by_principal_tenant", columns: ["principalId", "tenantId"] },
|
|
2027
|
+
{ kind: "index", name: "by_principal_tenant_workspace", columns: ["principalId", "tenantId", "workspaceId"] },
|
|
1796
2028
|
{ kind: "index", name: "by_workspace_principal", columns: ["workspaceId", "principalId"] },
|
|
1797
2029
|
{ kind: "index", name: "by_tenant_role", columns: ["tenantId", "role"] },
|
|
1798
2030
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
@@ -1824,6 +2056,36 @@ var principals = defineTable({
|
|
|
1824
2056
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1825
2057
|
]
|
|
1826
2058
|
});
|
|
2059
|
+
var principalIdentityAliases = defineTable({
|
|
2060
|
+
name: "principalIdentityAliases",
|
|
2061
|
+
component: "mc",
|
|
2062
|
+
category: "identity",
|
|
2063
|
+
shape: z.object({
|
|
2064
|
+
"principalId": z.string(),
|
|
2065
|
+
"principalRefId": idOf("principals").optional(),
|
|
2066
|
+
"provider": z.string(),
|
|
2067
|
+
"providerProjectId": z.string().optional(),
|
|
2068
|
+
"externalSubjectId": z.string(),
|
|
2069
|
+
"tenantId": idOf("tenants").optional(),
|
|
2070
|
+
"workspaceId": idOf("workspaces").optional(),
|
|
2071
|
+
"email": z.string().optional(),
|
|
2072
|
+
"status": z.enum(["active", "revoked"]),
|
|
2073
|
+
"metadata": z.record(z.any()).optional(),
|
|
2074
|
+
"createdBy": z.string(),
|
|
2075
|
+
"revokedAt": z.number().optional(),
|
|
2076
|
+
"revokedBy": z.string().optional(),
|
|
2077
|
+
"createdAt": z.number(),
|
|
2078
|
+
"updatedAt": z.number()
|
|
2079
|
+
}),
|
|
2080
|
+
indices: [
|
|
2081
|
+
{ kind: "index", name: "by_provider_subject", columns: ["provider", "externalSubjectId"] },
|
|
2082
|
+
{ kind: "index", name: "by_provider_project_subject", columns: ["provider", "providerProjectId", "externalSubjectId"] },
|
|
2083
|
+
{ kind: "index", name: "by_principalId", columns: ["principalId"] },
|
|
2084
|
+
{ kind: "index", name: "by_principal_status", columns: ["principalId", "status"] },
|
|
2085
|
+
{ kind: "index", name: "by_tenant_provider_subject", columns: ["tenantId", "provider", "externalSubjectId"] },
|
|
2086
|
+
{ kind: "index", name: "by_workspace_provider_subject", columns: ["workspaceId", "provider", "externalSubjectId"] }
|
|
2087
|
+
]
|
|
2088
|
+
});
|
|
1827
2089
|
var rateLimitWindows = defineTable({
|
|
1828
2090
|
name: "rateLimitWindows",
|
|
1829
2091
|
component: "mc",
|
|
@@ -1848,6 +2110,40 @@ var rateLimitWindows = defineTable({
|
|
|
1848
2110
|
{ kind: "index", name: "by_tier_window_end", columns: ["tier", "windowEndMs"] }
|
|
1849
2111
|
]
|
|
1850
2112
|
});
|
|
2113
|
+
var oauthDeviceCodes = defineTable({
|
|
2114
|
+
name: "oauthDeviceCodes",
|
|
2115
|
+
component: "mc",
|
|
2116
|
+
category: "identity",
|
|
2117
|
+
shape: z.object({
|
|
2118
|
+
"deviceCodeHash": z.string(),
|
|
2119
|
+
"userCode": z.string(),
|
|
2120
|
+
"clientId": z.string(),
|
|
2121
|
+
"scope": z.string(),
|
|
2122
|
+
"status": z.enum(["pending", "approved", "denied", "expired", "consumed"]),
|
|
2123
|
+
"expiresAt": z.number(),
|
|
2124
|
+
"intervalSeconds": z.number(),
|
|
2125
|
+
"lastPolledAt": z.number().optional(),
|
|
2126
|
+
"slowDownCount": z.number().optional(),
|
|
2127
|
+
"clerkUserId": z.string().optional(),
|
|
2128
|
+
"tenantId": idOf("tenants").optional(),
|
|
2129
|
+
"workspaceId": z.string().optional(),
|
|
2130
|
+
"principalId": z.string().optional(),
|
|
2131
|
+
"role": z.string().optional(),
|
|
2132
|
+
"scopes": z.array(z.string()).optional(),
|
|
2133
|
+
"sessionId": z.string().optional(),
|
|
2134
|
+
"approvedAt": z.number().optional(),
|
|
2135
|
+
"deniedAt": z.number().optional(),
|
|
2136
|
+
"consumedAt": z.number().optional(),
|
|
2137
|
+
"createdAt": z.number(),
|
|
2138
|
+
"updatedAt": z.number()
|
|
2139
|
+
}),
|
|
2140
|
+
indices: [
|
|
2141
|
+
{ kind: "index", name: "by_deviceCodeHash", columns: ["deviceCodeHash"] },
|
|
2142
|
+
{ kind: "index", name: "by_userCode", columns: ["userCode"] },
|
|
2143
|
+
{ kind: "index", name: "by_status_expiresAt", columns: ["status", "expiresAt"] },
|
|
2144
|
+
{ kind: "index", name: "by_sessionId", columns: ["sessionId"] }
|
|
2145
|
+
]
|
|
2146
|
+
});
|
|
1851
2147
|
var servicePrincipalKeys = defineTable({
|
|
1852
2148
|
name: "servicePrincipalKeys",
|
|
1853
2149
|
component: "mc",
|
|
@@ -2379,7 +2675,7 @@ var lensTopicBindings = defineTable({
|
|
|
2379
2675
|
});
|
|
2380
2676
|
var mcpWritePolicy = defineTable({
|
|
2381
2677
|
name: "mcpWritePolicy",
|
|
2382
|
-
component: "
|
|
2678
|
+
component: "control-plane",
|
|
2383
2679
|
category: "platform",
|
|
2384
2680
|
shape: z.object({
|
|
2385
2681
|
"topicId": z.string().optional(),
|
|
@@ -2402,7 +2698,7 @@ var mcpWritePolicy = defineTable({
|
|
|
2402
2698
|
});
|
|
2403
2699
|
var platformAudienceGrants = defineTable({
|
|
2404
2700
|
name: "platformAudienceGrants",
|
|
2405
|
-
component: "
|
|
2701
|
+
component: "control-plane",
|
|
2406
2702
|
category: "platform",
|
|
2407
2703
|
shape: z.object({
|
|
2408
2704
|
"tenantId": z.string(),
|
|
@@ -2428,7 +2724,7 @@ var platformAudienceGrants = defineTable({
|
|
|
2428
2724
|
});
|
|
2429
2725
|
var platformAudiences = defineTable({
|
|
2430
2726
|
name: "platformAudiences",
|
|
2431
|
-
component: "
|
|
2727
|
+
component: "control-plane",
|
|
2432
2728
|
category: "platform",
|
|
2433
2729
|
shape: z.object({
|
|
2434
2730
|
"tenantId": z.string(),
|
|
@@ -2453,7 +2749,7 @@ var platformAudiences = defineTable({
|
|
|
2453
2749
|
});
|
|
2454
2750
|
var platformPolicyDecisionLogs = defineTable({
|
|
2455
2751
|
name: "platformPolicyDecisionLogs",
|
|
2456
|
-
component: "
|
|
2752
|
+
component: "control-plane",
|
|
2457
2753
|
category: "platform",
|
|
2458
2754
|
shape: z.object({
|
|
2459
2755
|
"principalId": z.string(),
|
|
@@ -2489,7 +2785,7 @@ var platformPolicyDecisionLogs = defineTable({
|
|
|
2489
2785
|
});
|
|
2490
2786
|
var tenantApiKeys = defineTable({
|
|
2491
2787
|
name: "tenantApiKeys",
|
|
2492
|
-
component: "
|
|
2788
|
+
component: "control-plane",
|
|
2493
2789
|
category: "platform",
|
|
2494
2790
|
shape: z.object({
|
|
2495
2791
|
"tenantId": z.string(),
|
|
@@ -2516,7 +2812,7 @@ var tenantApiKeys = defineTable({
|
|
|
2516
2812
|
});
|
|
2517
2813
|
var tenantConfig = defineTable({
|
|
2518
2814
|
name: "tenantConfig",
|
|
2519
|
-
component: "
|
|
2815
|
+
component: "control-plane",
|
|
2520
2816
|
category: "platform",
|
|
2521
2817
|
shape: z.object({
|
|
2522
2818
|
"tenantId": z.string(),
|
|
@@ -2535,7 +2831,7 @@ var tenantConfig = defineTable({
|
|
|
2535
2831
|
});
|
|
2536
2832
|
var tenantIntegrations = defineTable({
|
|
2537
2833
|
name: "tenantIntegrations",
|
|
2538
|
-
component: "
|
|
2834
|
+
component: "control-plane",
|
|
2539
2835
|
category: "platform",
|
|
2540
2836
|
shape: z.object({
|
|
2541
2837
|
"tenantId": z.string(),
|
|
@@ -2590,7 +2886,7 @@ var tenantIntegrations = defineTable({
|
|
|
2590
2886
|
});
|
|
2591
2887
|
var tenantModelSlotBindings = defineTable({
|
|
2592
2888
|
name: "tenantModelSlotBindings",
|
|
2593
|
-
component: "
|
|
2889
|
+
component: "control-plane",
|
|
2594
2890
|
category: "platform",
|
|
2595
2891
|
shape: z.object({
|
|
2596
2892
|
"bindingId": z.string(),
|
|
@@ -2618,7 +2914,7 @@ var tenantModelSlotBindings = defineTable({
|
|
|
2618
2914
|
});
|
|
2619
2915
|
var tenantPolicies = defineTable({
|
|
2620
2916
|
name: "tenantPolicies",
|
|
2621
|
-
component: "
|
|
2917
|
+
component: "control-plane",
|
|
2622
2918
|
category: "platform",
|
|
2623
2919
|
shape: z.object({
|
|
2624
2920
|
"tenantId": z.string(),
|
|
@@ -2643,7 +2939,7 @@ var tenantPolicies = defineTable({
|
|
|
2643
2939
|
});
|
|
2644
2940
|
var tenantProviderSecrets = defineTable({
|
|
2645
2941
|
name: "tenantProviderSecrets",
|
|
2646
|
-
component: "
|
|
2942
|
+
component: "control-plane",
|
|
2647
2943
|
category: "platform",
|
|
2648
2944
|
shape: z.object({
|
|
2649
2945
|
"secretRef": z.string(),
|
|
@@ -2674,7 +2970,7 @@ var tenantProviderSecrets = defineTable({
|
|
|
2674
2970
|
});
|
|
2675
2971
|
var tenantProxyGatewayUsage = defineTable({
|
|
2676
2972
|
name: "tenantProxyGatewayUsage",
|
|
2677
|
-
component: "
|
|
2973
|
+
component: "control-plane",
|
|
2678
2974
|
category: "platform",
|
|
2679
2975
|
shape: z.object({
|
|
2680
2976
|
"usageId": z.string(),
|
|
@@ -2709,7 +3005,7 @@ var tenantProxyGatewayUsage = defineTable({
|
|
|
2709
3005
|
});
|
|
2710
3006
|
var tenantProxyTokenMints = defineTable({
|
|
2711
3007
|
name: "tenantProxyTokenMints",
|
|
2712
|
-
component: "
|
|
3008
|
+
component: "control-plane",
|
|
2713
3009
|
category: "platform",
|
|
2714
3010
|
shape: z.object({
|
|
2715
3011
|
"proxyTokenId": z.string(),
|
|
@@ -2732,7 +3028,7 @@ var tenantProxyTokenMints = defineTable({
|
|
|
2732
3028
|
});
|
|
2733
3029
|
var tenantSandboxAuditEvents = defineTable({
|
|
2734
3030
|
name: "tenantSandboxAuditEvents",
|
|
2735
|
-
component: "
|
|
3031
|
+
component: "control-plane",
|
|
2736
3032
|
category: "platform",
|
|
2737
3033
|
shape: z.object({
|
|
2738
3034
|
"eventId": z.string(),
|
|
@@ -2766,7 +3062,7 @@ var tenantSandboxAuditEvents = defineTable({
|
|
|
2766
3062
|
});
|
|
2767
3063
|
var tenantSecrets = defineTable({
|
|
2768
3064
|
name: "tenantSecrets",
|
|
2769
|
-
component: "
|
|
3065
|
+
component: "control-plane",
|
|
2770
3066
|
category: "platform",
|
|
2771
3067
|
shape: z.object({
|
|
2772
3068
|
"tenantId": z.string(),
|
|
@@ -2788,7 +3084,7 @@ var tenantSecrets = defineTable({
|
|
|
2788
3084
|
});
|
|
2789
3085
|
var toolAcls = defineTable({
|
|
2790
3086
|
name: "toolAcls",
|
|
2791
|
-
component: "
|
|
3087
|
+
component: "control-plane",
|
|
2792
3088
|
category: "platform",
|
|
2793
3089
|
shape: z.object({
|
|
2794
3090
|
"role": z.enum(["platform_admin", "tenant_admin", "workspace_admin", "editor", "viewer", "auditor", "service_agent"]),
|
|
@@ -2803,7 +3099,7 @@ var toolAcls = defineTable({
|
|
|
2803
3099
|
});
|
|
2804
3100
|
var toolRegistry = defineTable({
|
|
2805
3101
|
name: "toolRegistry",
|
|
2806
|
-
component: "
|
|
3102
|
+
component: "control-plane",
|
|
2807
3103
|
category: "platform",
|
|
2808
3104
|
shape: z.object({
|
|
2809
3105
|
"toolName": z.string(),
|
|
@@ -2884,7 +3180,7 @@ var tenantMethodologyAssignments = defineTable({
|
|
|
2884
3180
|
});
|
|
2885
3181
|
var modelCallLogs = defineTable({
|
|
2886
3182
|
name: "modelCallLogs",
|
|
2887
|
-
component: "
|
|
3183
|
+
component: "control-plane",
|
|
2888
3184
|
category: "model",
|
|
2889
3185
|
shape: z.object({
|
|
2890
3186
|
"slot": z.string(),
|
|
@@ -2910,7 +3206,7 @@ var modelCallLogs = defineTable({
|
|
|
2910
3206
|
});
|
|
2911
3207
|
var modelFunctionSlots = defineTable({
|
|
2912
3208
|
name: "modelFunctionSlots",
|
|
2913
|
-
component: "
|
|
3209
|
+
component: "control-plane",
|
|
2914
3210
|
category: "model",
|
|
2915
3211
|
shape: z.object({
|
|
2916
3212
|
"slot": z.string(),
|
|
@@ -2935,7 +3231,7 @@ var modelFunctionSlots = defineTable({
|
|
|
2935
3231
|
});
|
|
2936
3232
|
var modelRegistry = defineTable({
|
|
2937
3233
|
name: "modelRegistry",
|
|
2938
|
-
component: "
|
|
3234
|
+
component: "control-plane",
|
|
2939
3235
|
category: "model",
|
|
2940
3236
|
shape: z.object({
|
|
2941
3237
|
"key": z.string(),
|
|
@@ -2962,7 +3258,7 @@ var modelRegistry = defineTable({
|
|
|
2962
3258
|
});
|
|
2963
3259
|
var modelSlotConfigs = defineTable({
|
|
2964
3260
|
name: "modelSlotConfigs",
|
|
2965
|
-
component: "
|
|
3261
|
+
component: "control-plane",
|
|
2966
3262
|
category: "model",
|
|
2967
3263
|
shape: z.object({
|
|
2968
3264
|
"slot": z.string(),
|
|
@@ -3349,7 +3645,7 @@ var policyDecisionLogs = defineTable({
|
|
|
3349
3645
|
"workspaceId": idOf("workspaces").optional(),
|
|
3350
3646
|
"resourceType": z.string(),
|
|
3351
3647
|
"resourceId": z.string(),
|
|
3352
|
-
"action": z.enum(["read", "summarize", "export", "mutate", "admin", "comment", "escalate", "resolve", "vote"]),
|
|
3648
|
+
"action": z.enum(["read", "summarize", "export", "mutate", "admin", "comment", "escalate", "resolve", "vote", "route", "invoke", "manage", "deploy", "promote", "rollback", "audit", "read_ref", "fetch_value", "rotate", "administer", "mint", "delegate", "revoke"]),
|
|
3353
3649
|
"decision": z.enum(["allow", "deny"]),
|
|
3354
3650
|
"reasonCode": z.string(),
|
|
3355
3651
|
"policyVersion": z.string(),
|
|
@@ -3411,7 +3707,7 @@ var controlPlaneToolAcls = defineTable({
|
|
|
3411
3707
|
});
|
|
3412
3708
|
var projectGrants = defineTable({
|
|
3413
3709
|
name: "projectGrants",
|
|
3414
|
-
component: "
|
|
3710
|
+
component: "control-plane",
|
|
3415
3711
|
category: "project",
|
|
3416
3712
|
shape: z.object({
|
|
3417
3713
|
"projectId": z.string().optional(),
|
|
@@ -3443,9 +3739,648 @@ var projectGrants = defineTable({
|
|
|
3443
3739
|
{ kind: "index", name: "by_topic_cluster_status", columns: ["topicId", "beliefClusterId", "status"] }
|
|
3444
3740
|
]
|
|
3445
3741
|
});
|
|
3742
|
+
var permitActorType = z.enum([
|
|
3743
|
+
"human",
|
|
3744
|
+
"agent",
|
|
3745
|
+
"service_principal",
|
|
3746
|
+
"external_stakeholder",
|
|
3747
|
+
"system"
|
|
3748
|
+
]);
|
|
3749
|
+
var permitMembershipStatus = z.enum([
|
|
3750
|
+
"active",
|
|
3751
|
+
"invited",
|
|
3752
|
+
"revoked",
|
|
3753
|
+
"suspended",
|
|
3754
|
+
"disabled"
|
|
3755
|
+
]);
|
|
3756
|
+
var permitDecision = z.enum(["allow", "deny"]);
|
|
3757
|
+
var permitAccessReviewStatus = z.enum([
|
|
3758
|
+
"open",
|
|
3759
|
+
"in_progress",
|
|
3760
|
+
"approved",
|
|
3761
|
+
"denied",
|
|
3762
|
+
"expired",
|
|
3763
|
+
"cancelled"
|
|
3764
|
+
]);
|
|
3765
|
+
var permitReviewScope = z.enum([
|
|
3766
|
+
"tenant",
|
|
3767
|
+
"workspace",
|
|
3768
|
+
"resource_instance",
|
|
3769
|
+
"group",
|
|
3770
|
+
"principal",
|
|
3771
|
+
"api_key",
|
|
3772
|
+
"admin_action"
|
|
3773
|
+
]);
|
|
3774
|
+
var permitRecordStatus = z.enum([
|
|
3775
|
+
"queued",
|
|
3776
|
+
"inflight",
|
|
3777
|
+
"completed",
|
|
3778
|
+
"failed",
|
|
3779
|
+
"skipped",
|
|
3780
|
+
"stale"
|
|
3781
|
+
]);
|
|
3782
|
+
var permitObjectType = z.enum([
|
|
3783
|
+
"resource",
|
|
3784
|
+
"role",
|
|
3785
|
+
"resource_role",
|
|
3786
|
+
"resource_relation",
|
|
3787
|
+
"tenant",
|
|
3788
|
+
"workspace",
|
|
3789
|
+
"principal",
|
|
3790
|
+
"membership",
|
|
3791
|
+
"group",
|
|
3792
|
+
"resource_instance",
|
|
3793
|
+
"relationship_tuple",
|
|
3794
|
+
"role_assignment"
|
|
3795
|
+
]);
|
|
3796
|
+
var permitOutboxOperation = z.enum([
|
|
3797
|
+
"upsert",
|
|
3798
|
+
"delete",
|
|
3799
|
+
"sync",
|
|
3800
|
+
"resync",
|
|
3801
|
+
"delete_sync",
|
|
3802
|
+
"noop"
|
|
3803
|
+
]);
|
|
3804
|
+
var permitPolicyBundleStatus = z.enum([
|
|
3805
|
+
"draft",
|
|
3806
|
+
"validated",
|
|
3807
|
+
"enforced",
|
|
3808
|
+
"archived"
|
|
3809
|
+
]);
|
|
3810
|
+
var permitSyncStatus = z.enum([
|
|
3811
|
+
"pending",
|
|
3812
|
+
"synced",
|
|
3813
|
+
"error",
|
|
3814
|
+
"skipped"
|
|
3815
|
+
]);
|
|
3816
|
+
var permitAccessReviewSubjectType = z.enum([
|
|
3817
|
+
"principal",
|
|
3818
|
+
"group",
|
|
3819
|
+
"role_assignment",
|
|
3820
|
+
"resource_instance"
|
|
3821
|
+
]);
|
|
3822
|
+
var permitAttributeType = z.enum([
|
|
3823
|
+
"string",
|
|
3824
|
+
"number",
|
|
3825
|
+
"bool",
|
|
3826
|
+
"json",
|
|
3827
|
+
"time"
|
|
3828
|
+
]);
|
|
3829
|
+
var permitAttributeOperator = z.enum([
|
|
3830
|
+
"eq",
|
|
3831
|
+
"neq",
|
|
3832
|
+
"in",
|
|
3833
|
+
"not_in",
|
|
3834
|
+
"gt",
|
|
3835
|
+
"gte",
|
|
3836
|
+
"lt",
|
|
3837
|
+
"lte",
|
|
3838
|
+
"contains",
|
|
3839
|
+
"not_contains",
|
|
3840
|
+
"matches"
|
|
3841
|
+
]);
|
|
3842
|
+
var permitRoleBindingTarget = z.enum([
|
|
3843
|
+
"principal",
|
|
3844
|
+
"group"
|
|
3845
|
+
]);
|
|
3846
|
+
var permitPrincipals = defineTable({
|
|
3847
|
+
name: "permitPrincipals",
|
|
3848
|
+
component: "control-plane",
|
|
3849
|
+
category: "access-control",
|
|
3850
|
+
shape: z.object({
|
|
3851
|
+
principalId: z.string(),
|
|
3852
|
+
tenantId: z.string(),
|
|
3853
|
+
workspaceId: z.optional(z.string()),
|
|
3854
|
+
principalType: permitActorType,
|
|
3855
|
+
status: permitMembershipStatus,
|
|
3856
|
+
displayName: z.string().optional(),
|
|
3857
|
+
metadata: z.record(z.any()).optional(),
|
|
3858
|
+
createdBy: z.string(),
|
|
3859
|
+
createdAt: z.number(),
|
|
3860
|
+
updatedAt: z.number(),
|
|
3861
|
+
updatedBy: z.string().optional(),
|
|
3862
|
+
lastSeenAt: z.number().optional()
|
|
3863
|
+
}),
|
|
3864
|
+
indices: [
|
|
3865
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
3866
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
3867
|
+
{ kind: "index", name: "by_tenant_principalId", columns: ["tenantId", "principalId"] },
|
|
3868
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
|
|
3869
|
+
{
|
|
3870
|
+
kind: "index",
|
|
3871
|
+
name: "by_tenant_principalType_status",
|
|
3872
|
+
columns: ["tenantId", "principalType", "status"]
|
|
3873
|
+
}
|
|
3874
|
+
]
|
|
3875
|
+
});
|
|
3876
|
+
var permitPrincipalAliases = defineTable({
|
|
3877
|
+
name: "permitPrincipalAliases",
|
|
3878
|
+
component: "control-plane",
|
|
3879
|
+
category: "access-control",
|
|
3880
|
+
shape: z.object({
|
|
3881
|
+
principalId: z.string(),
|
|
3882
|
+
tenantId: z.string(),
|
|
3883
|
+
workspaceId: z.optional(z.string()),
|
|
3884
|
+
provider: z.string(),
|
|
3885
|
+
providerSubjectId: z.string(),
|
|
3886
|
+
providerProjectId: z.string().optional(),
|
|
3887
|
+
alias: z.string(),
|
|
3888
|
+
aliasKind: z.string(),
|
|
3889
|
+
status: permitMembershipStatus,
|
|
3890
|
+
metadata: z.record(z.any()).optional(),
|
|
3891
|
+
createdBy: z.string(),
|
|
3892
|
+
createdAt: z.number(),
|
|
3893
|
+
updatedAt: z.number(),
|
|
3894
|
+
revokedBy: z.string().optional(),
|
|
3895
|
+
revokedAt: z.number().optional(),
|
|
3896
|
+
updatedBy: z.string().optional()
|
|
3897
|
+
}),
|
|
3898
|
+
indices: [
|
|
3899
|
+
{ kind: "index", name: "by_principalId", columns: ["principalId"] },
|
|
3900
|
+
{ kind: "index", name: "by_tenant_provider_subject", columns: ["tenantId", "provider", "providerSubjectId"] },
|
|
3901
|
+
{
|
|
3902
|
+
kind: "index",
|
|
3903
|
+
name: "by_tenant_provider_alias",
|
|
3904
|
+
columns: ["tenantId", "provider", "alias"]
|
|
3905
|
+
},
|
|
3906
|
+
{ kind: "index", name: "by_tenant_alias", columns: ["tenantId", "alias"] },
|
|
3907
|
+
{
|
|
3908
|
+
kind: "index",
|
|
3909
|
+
name: "by_tenant_provider_status",
|
|
3910
|
+
columns: ["tenantId", "provider", "status"]
|
|
3911
|
+
}
|
|
3912
|
+
]
|
|
3913
|
+
});
|
|
3914
|
+
var permitGroups = defineTable({
|
|
3915
|
+
name: "permitGroups",
|
|
3916
|
+
component: "control-plane",
|
|
3917
|
+
category: "access-control",
|
|
3918
|
+
shape: z.object({
|
|
3919
|
+
tenantId: z.string(),
|
|
3920
|
+
workspaceId: z.optional(z.string()),
|
|
3921
|
+
groupId: z.string(),
|
|
3922
|
+
groupKey: z.string(),
|
|
3923
|
+
groupName: z.string(),
|
|
3924
|
+
groupType: z.enum(["tenant", "workspace", "external", "system", "dynamic"]),
|
|
3925
|
+
status: permitMembershipStatus,
|
|
3926
|
+
description: z.string().optional(),
|
|
3927
|
+
metadata: z.record(z.any()).optional(),
|
|
3928
|
+
createdBy: z.string(),
|
|
3929
|
+
createdAt: z.number(),
|
|
3930
|
+
updatedAt: z.number(),
|
|
3931
|
+
updatedBy: z.string().optional()
|
|
3932
|
+
}),
|
|
3933
|
+
indices: [
|
|
3934
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
3935
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
3936
|
+
{ kind: "index", name: "by_tenant_groupId", columns: ["tenantId", "groupId"] },
|
|
3937
|
+
{ kind: "index", name: "by_tenant_groupKey", columns: ["tenantId", "groupKey"] },
|
|
3938
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
|
|
3939
|
+
]
|
|
3940
|
+
});
|
|
3941
|
+
var permitGroupMemberships = defineTable({
|
|
3942
|
+
name: "permitGroupMemberships",
|
|
3943
|
+
component: "control-plane",
|
|
3944
|
+
category: "access-control",
|
|
3945
|
+
shape: z.object({
|
|
3946
|
+
tenantId: z.string(),
|
|
3947
|
+
workspaceId: z.optional(z.string()),
|
|
3948
|
+
groupId: z.string(),
|
|
3949
|
+
memberType: z.enum(["principal", "group"]),
|
|
3950
|
+
memberId: z.string(),
|
|
3951
|
+
principalId: z.string().optional(),
|
|
3952
|
+
childGroupId: z.string().optional(),
|
|
3953
|
+
status: permitMembershipStatus,
|
|
3954
|
+
addedBy: z.string().optional(),
|
|
3955
|
+
revokedBy: z.string().optional(),
|
|
3956
|
+
expiresAt: z.number().optional(),
|
|
3957
|
+
revocationReason: z.string().optional(),
|
|
3958
|
+
metadata: z.record(z.any()).optional(),
|
|
3959
|
+
createdAt: z.number(),
|
|
3960
|
+
updatedAt: z.number(),
|
|
3961
|
+
updatedBy: z.string().optional()
|
|
3962
|
+
}),
|
|
3963
|
+
indices: [
|
|
3964
|
+
{ kind: "index", name: "by_tenant_principal", columns: ["tenantId", "principalId"] },
|
|
3965
|
+
{ kind: "index", name: "by_tenant_member", columns: ["tenantId", "memberType", "memberId"] },
|
|
3966
|
+
{
|
|
3967
|
+
kind: "index",
|
|
3968
|
+
name: "by_tenant_member_group",
|
|
3969
|
+
columns: ["tenantId", "memberType", "memberId", "groupId"]
|
|
3970
|
+
},
|
|
3971
|
+
{ kind: "index", name: "by_tenant_group", columns: ["tenantId", "groupId"] },
|
|
3972
|
+
{ kind: "index", name: "by_member_group", columns: ["memberType", "memberId", "groupId"] },
|
|
3973
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
|
|
3974
|
+
{
|
|
3975
|
+
kind: "index",
|
|
3976
|
+
name: "by_workspace_principal",
|
|
3977
|
+
columns: ["workspaceId", "principalId"]
|
|
3978
|
+
}
|
|
3979
|
+
]
|
|
3980
|
+
});
|
|
3981
|
+
var permitResourceInstances = defineTable({
|
|
3982
|
+
name: "permitResourceInstances",
|
|
3983
|
+
component: "control-plane",
|
|
3984
|
+
category: "access-control",
|
|
3985
|
+
shape: z.object({
|
|
3986
|
+
tenantId: z.string(),
|
|
3987
|
+
workspaceId: z.optional(z.string()),
|
|
3988
|
+
resourceType: z.string(),
|
|
3989
|
+
resourceKey: z.string(),
|
|
3990
|
+
resourceId: z.string(),
|
|
3991
|
+
status: z.enum(["active", "deleted", "archived"]),
|
|
3992
|
+
attributes: z.record(z.any()).optional(),
|
|
3993
|
+
ownerPrincipalId: z.string().optional(),
|
|
3994
|
+
metadata: z.record(z.any()).optional(),
|
|
3995
|
+
createdBy: z.string(),
|
|
3996
|
+
updatedBy: z.string().optional(),
|
|
3997
|
+
createdAt: z.number(),
|
|
3998
|
+
updatedAt: z.number()
|
|
3999
|
+
}),
|
|
4000
|
+
indices: [
|
|
4001
|
+
{
|
|
4002
|
+
kind: "index",
|
|
4003
|
+
name: "by_tenant_resource_type",
|
|
4004
|
+
columns: ["tenantId", "resourceType"]
|
|
4005
|
+
},
|
|
4006
|
+
{
|
|
4007
|
+
kind: "index",
|
|
4008
|
+
name: "by_tenant_resource_key",
|
|
4009
|
+
columns: ["tenantId", "resourceType", "resourceKey"]
|
|
4010
|
+
},
|
|
4011
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
4012
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4013
|
+
{
|
|
4014
|
+
kind: "index",
|
|
4015
|
+
name: "by_tenant_status",
|
|
4016
|
+
columns: ["tenantId", "status"]
|
|
4017
|
+
},
|
|
4018
|
+
{
|
|
4019
|
+
kind: "index",
|
|
4020
|
+
name: "by_ownerPrincipalId",
|
|
4021
|
+
columns: ["ownerPrincipalId"]
|
|
4022
|
+
}
|
|
4023
|
+
]
|
|
4024
|
+
});
|
|
4025
|
+
var permitRoleAssignments = defineTable({
|
|
4026
|
+
name: "permitRoleAssignments",
|
|
4027
|
+
component: "control-plane",
|
|
4028
|
+
category: "access-control",
|
|
4029
|
+
shape: z.object({
|
|
4030
|
+
tenantId: z.string(),
|
|
4031
|
+
workspaceId: z.optional(z.string()),
|
|
4032
|
+
role: z.string(),
|
|
4033
|
+
targetType: permitRoleBindingTarget,
|
|
4034
|
+
targetId: z.string(),
|
|
4035
|
+
resourceType: z.string(),
|
|
4036
|
+
resourceKey: z.string(),
|
|
4037
|
+
resourceInstanceId: z.string().optional(),
|
|
4038
|
+
status: permitMembershipStatus,
|
|
4039
|
+
expiresAt: z.number().optional(),
|
|
4040
|
+
attributes: z.record(z.any()).optional(),
|
|
4041
|
+
grantedBy: z.string().optional(),
|
|
4042
|
+
updatedBy: z.string().optional(),
|
|
4043
|
+
revokedBy: z.string().optional(),
|
|
4044
|
+
createdAt: z.number(),
|
|
4045
|
+
updatedAt: z.number()
|
|
4046
|
+
}),
|
|
4047
|
+
indices: [
|
|
4048
|
+
{
|
|
4049
|
+
kind: "index",
|
|
4050
|
+
name: "by_tenant_target",
|
|
4051
|
+
columns: ["tenantId", "targetType", "targetId"]
|
|
4052
|
+
},
|
|
4053
|
+
{
|
|
4054
|
+
kind: "index",
|
|
4055
|
+
name: "by_tenant_resource",
|
|
4056
|
+
columns: ["tenantId", "resourceType", "resourceKey"]
|
|
4057
|
+
},
|
|
4058
|
+
{
|
|
4059
|
+
kind: "index",
|
|
4060
|
+
name: "by_tenant_role",
|
|
4061
|
+
columns: ["tenantId", "role", "status"]
|
|
4062
|
+
},
|
|
4063
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4064
|
+
{
|
|
4065
|
+
kind: "index",
|
|
4066
|
+
name: "by_workspace_resource",
|
|
4067
|
+
columns: ["workspaceId", "resourceType", "resourceKey"]
|
|
4068
|
+
}
|
|
4069
|
+
]
|
|
4070
|
+
});
|
|
4071
|
+
var permitRelationshipTuples = defineTable({
|
|
4072
|
+
name: "permitRelationshipTuples",
|
|
4073
|
+
component: "control-plane",
|
|
4074
|
+
category: "access-control",
|
|
4075
|
+
shape: z.object({
|
|
4076
|
+
tenantId: z.string(),
|
|
4077
|
+
workspaceId: z.optional(z.string()),
|
|
4078
|
+
relation: z.string(),
|
|
4079
|
+
subject: z.string(),
|
|
4080
|
+
object: z.string(),
|
|
4081
|
+
resourceType: z.string().optional(),
|
|
4082
|
+
resourceKey: z.string().optional(),
|
|
4083
|
+
status: permitRecordStatus,
|
|
4084
|
+
attributes: z.record(z.any()).optional(),
|
|
4085
|
+
createdBy: z.string(),
|
|
4086
|
+
createdAt: z.number(),
|
|
4087
|
+
updatedAt: z.number(),
|
|
4088
|
+
lastSeenAt: z.number().optional(),
|
|
4089
|
+
updatedBy: z.string().optional()
|
|
4090
|
+
}),
|
|
4091
|
+
indices: [
|
|
4092
|
+
{ kind: "index", name: "by_tenant_subject", columns: ["tenantId", "subject"] },
|
|
4093
|
+
{ kind: "index", name: "by_tenant_object", columns: ["tenantId", "object"] },
|
|
4094
|
+
{ kind: "index", name: "by_tenant_relation", columns: ["tenantId", "relation"] },
|
|
4095
|
+
{
|
|
4096
|
+
kind: "index",
|
|
4097
|
+
name: "by_tenant_relation_subject",
|
|
4098
|
+
columns: ["tenantId", "relation", "subject"]
|
|
4099
|
+
},
|
|
4100
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
|
|
4101
|
+
]
|
|
4102
|
+
});
|
|
4103
|
+
var permitAttributeBindings = defineTable({
|
|
4104
|
+
name: "permitAttributeBindings",
|
|
4105
|
+
component: "control-plane",
|
|
4106
|
+
category: "access-control",
|
|
4107
|
+
shape: z.object({
|
|
4108
|
+
tenantId: z.string(),
|
|
4109
|
+
workspaceId: z.optional(z.string()),
|
|
4110
|
+
targetType: permitRoleBindingTarget,
|
|
4111
|
+
targetId: z.string(),
|
|
4112
|
+
attributeName: z.string(),
|
|
4113
|
+
attributeType: permitAttributeType,
|
|
4114
|
+
attributeOperator: permitAttributeOperator,
|
|
4115
|
+
attributeValue: z.any(),
|
|
4116
|
+
status: permitRecordStatus,
|
|
4117
|
+
source: z.string().optional(),
|
|
4118
|
+
sourceRef: z.string().optional(),
|
|
4119
|
+
metadata: z.record(z.any()).optional(),
|
|
4120
|
+
createdAt: z.number(),
|
|
4121
|
+
updatedAt: z.number(),
|
|
4122
|
+
createdBy: z.string(),
|
|
4123
|
+
updatedBy: z.string().optional(),
|
|
4124
|
+
expiresAt: z.number().optional()
|
|
4125
|
+
}),
|
|
4126
|
+
indices: [
|
|
4127
|
+
{
|
|
4128
|
+
kind: "index",
|
|
4129
|
+
name: "by_tenant_target",
|
|
4130
|
+
columns: ["tenantId", "targetType", "targetId"]
|
|
4131
|
+
},
|
|
4132
|
+
{
|
|
4133
|
+
kind: "index",
|
|
4134
|
+
name: "by_tenant_target_attribute",
|
|
4135
|
+
columns: ["tenantId", "targetType", "targetId", "attributeName"]
|
|
4136
|
+
},
|
|
4137
|
+
{
|
|
4138
|
+
kind: "index",
|
|
4139
|
+
name: "by_tenant_name",
|
|
4140
|
+
columns: ["tenantId", "attributeName"]
|
|
4141
|
+
},
|
|
4142
|
+
{
|
|
4143
|
+
kind: "index",
|
|
4144
|
+
name: "by_tenant_status",
|
|
4145
|
+
columns: ["tenantId", "status"]
|
|
4146
|
+
}
|
|
4147
|
+
]
|
|
4148
|
+
});
|
|
4149
|
+
var permitPolicyBundles = defineTable({
|
|
4150
|
+
name: "permitPolicyBundles",
|
|
4151
|
+
component: "control-plane",
|
|
4152
|
+
category: "access-control",
|
|
4153
|
+
shape: z.object({
|
|
4154
|
+
tenantId: z.string(),
|
|
4155
|
+
workspaceId: z.optional(z.string()),
|
|
4156
|
+
bundleKey: z.string(),
|
|
4157
|
+
version: z.number(),
|
|
4158
|
+
status: permitPolicyBundleStatus,
|
|
4159
|
+
policyHash: z.string().optional(),
|
|
4160
|
+
policyPayload: z.record(z.any()),
|
|
4161
|
+
metadata: z.record(z.any()).optional(),
|
|
4162
|
+
createdBy: z.string(),
|
|
4163
|
+
reviewedBy: z.string().optional(),
|
|
4164
|
+
createdAt: z.number(),
|
|
4165
|
+
updatedAt: z.number(),
|
|
4166
|
+
retiredAt: z.number().optional()
|
|
4167
|
+
}),
|
|
4168
|
+
indices: [
|
|
4169
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
4170
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
4171
|
+
{
|
|
4172
|
+
kind: "index",
|
|
4173
|
+
name: "by_tenant_bundleKey",
|
|
4174
|
+
columns: ["tenantId", "bundleKey"]
|
|
4175
|
+
},
|
|
4176
|
+
{
|
|
4177
|
+
kind: "index",
|
|
4178
|
+
name: "by_tenant_bundle_version",
|
|
4179
|
+
columns: ["tenantId", "bundleKey", "version"]
|
|
4180
|
+
},
|
|
4181
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
|
|
4182
|
+
]
|
|
4183
|
+
});
|
|
4184
|
+
var permitProjectionOutbox = defineTable({
|
|
4185
|
+
name: "permitProjectionOutbox",
|
|
4186
|
+
component: "control-plane",
|
|
4187
|
+
category: "access-control",
|
|
4188
|
+
shape: z.object({
|
|
4189
|
+
syncKey: z.string(),
|
|
4190
|
+
objectType: permitObjectType,
|
|
4191
|
+
objectId: z.string(),
|
|
4192
|
+
operation: permitOutboxOperation,
|
|
4193
|
+
payload: z.record(z.any()),
|
|
4194
|
+
status: permitRecordStatus,
|
|
4195
|
+
attemptCount: z.number(),
|
|
4196
|
+
nextAttemptAt: z.number().optional(),
|
|
4197
|
+
lastError: z.string().optional(),
|
|
4198
|
+
tenantId: z.string().optional(),
|
|
4199
|
+
workspaceId: z.optional(z.string()),
|
|
4200
|
+
principalId: z.string().optional(),
|
|
4201
|
+
permitTenantKey: z.string().optional(),
|
|
4202
|
+
permitResourceType: z.string().optional(),
|
|
4203
|
+
permitResourceKey: z.string().optional(),
|
|
4204
|
+
createdAt: z.number(),
|
|
4205
|
+
updatedAt: z.number(),
|
|
4206
|
+
lastHandledAt: z.number().optional()
|
|
4207
|
+
}),
|
|
4208
|
+
indices: [
|
|
4209
|
+
{ kind: "index", name: "by_syncKey", columns: ["syncKey"] },
|
|
4210
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4211
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
4212
|
+
{
|
|
4213
|
+
kind: "index",
|
|
4214
|
+
name: "by_tenant_status",
|
|
4215
|
+
columns: ["tenantId", "status"]
|
|
4216
|
+
},
|
|
4217
|
+
{
|
|
4218
|
+
kind: "index",
|
|
4219
|
+
name: "by_objectType",
|
|
4220
|
+
columns: ["objectType", "status"]
|
|
4221
|
+
}
|
|
4222
|
+
]
|
|
4223
|
+
});
|
|
4224
|
+
var tenantPermitSyncStates = defineTable({
|
|
4225
|
+
name: "tenantPermitSyncStates",
|
|
4226
|
+
component: "control-plane",
|
|
4227
|
+
category: "access-control",
|
|
4228
|
+
shape: z.object({
|
|
4229
|
+
syncKey: z.string(),
|
|
4230
|
+
objectType: permitObjectType,
|
|
4231
|
+
objectId: z.string(),
|
|
4232
|
+
tenantId: z.string().optional(),
|
|
4233
|
+
workspaceId: z.string().optional(),
|
|
4234
|
+
principalId: z.string().optional(),
|
|
4235
|
+
permitTenantKey: z.string().optional(),
|
|
4236
|
+
permitResourceType: z.string().optional(),
|
|
4237
|
+
permitResourceKey: z.string().optional(),
|
|
4238
|
+
desiredPayload: z.record(z.any()),
|
|
4239
|
+
lastAppliedPayloadHash: z.string().optional(),
|
|
4240
|
+
status: permitSyncStatus,
|
|
4241
|
+
attemptCount: z.number(),
|
|
4242
|
+
lastError: z.string().optional(),
|
|
4243
|
+
nextAttemptAt: z.number().optional(),
|
|
4244
|
+
lastSyncedAt: z.number().optional(),
|
|
4245
|
+
createdBy: z.string(),
|
|
4246
|
+
updatedBy: z.string().optional(),
|
|
4247
|
+
createdAt: z.number(),
|
|
4248
|
+
updatedAt: z.number()
|
|
4249
|
+
}),
|
|
4250
|
+
indices: [
|
|
4251
|
+
{ kind: "index", name: "by_syncKey", columns: ["syncKey"] },
|
|
4252
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4253
|
+
{
|
|
4254
|
+
kind: "index",
|
|
4255
|
+
name: "by_tenant_status",
|
|
4256
|
+
columns: ["tenantId", "status"]
|
|
4257
|
+
},
|
|
4258
|
+
{
|
|
4259
|
+
kind: "index",
|
|
4260
|
+
name: "by_workspace_status",
|
|
4261
|
+
columns: ["workspaceId", "status"]
|
|
4262
|
+
},
|
|
4263
|
+
{
|
|
4264
|
+
kind: "index",
|
|
4265
|
+
name: "by_principal_status",
|
|
4266
|
+
columns: ["principalId", "status"]
|
|
4267
|
+
}
|
|
4268
|
+
]
|
|
4269
|
+
});
|
|
4270
|
+
var permitPolicyDecisionReceipts = defineTable({
|
|
4271
|
+
name: "permitPolicyDecisionReceipts",
|
|
4272
|
+
component: "control-plane",
|
|
4273
|
+
category: "access-control",
|
|
4274
|
+
shape: z.object({
|
|
4275
|
+
tenantId: z.string().optional(),
|
|
4276
|
+
workspaceId: z.string().optional(),
|
|
4277
|
+
principalId: z.string(),
|
|
4278
|
+
subjectType: permitAccessReviewSubjectType.optional(),
|
|
4279
|
+
subjectId: z.string().optional(),
|
|
4280
|
+
resourceType: z.string(),
|
|
4281
|
+
resourceId: z.string(),
|
|
4282
|
+
action: z.string(),
|
|
4283
|
+
decision: permitDecision,
|
|
4284
|
+
reasonCode: z.string(),
|
|
4285
|
+
policyBundleId: z.string().optional(),
|
|
4286
|
+
policyVersion: z.string(),
|
|
4287
|
+
traceId: z.string().optional(),
|
|
4288
|
+
requestId: z.string().optional(),
|
|
4289
|
+
audienceMode: z.string().optional(),
|
|
4290
|
+
audienceKey: z.string().optional(),
|
|
4291
|
+
audienceClass: z.enum(["internal", "restricted_external", "public"]).optional(),
|
|
4292
|
+
metadata: z.record(z.any()).optional(),
|
|
4293
|
+
createdAt: z.number(),
|
|
4294
|
+
expiresAt: z.number().optional(),
|
|
4295
|
+
createdBy: z.string().optional()
|
|
4296
|
+
}),
|
|
4297
|
+
indices: [
|
|
4298
|
+
{ kind: "index", name: "by_principal_createdAt", columns: ["principalId", "createdAt"] },
|
|
4299
|
+
{ kind: "index", name: "by_tenant_createdAt", columns: ["tenantId", "createdAt"] },
|
|
4300
|
+
{ kind: "index", name: "by_resource", columns: ["resourceType", "resourceId"] },
|
|
4301
|
+
{ kind: "index", name: "by_decision_createdAt", columns: ["decision", "createdAt"] },
|
|
4302
|
+
{ kind: "index", name: "by_traceId", columns: ["traceId"] },
|
|
4303
|
+
{ kind: "index", name: "by_action", columns: ["action"] }
|
|
4304
|
+
]
|
|
4305
|
+
});
|
|
4306
|
+
var permitAccessReviews = defineTable({
|
|
4307
|
+
name: "permitAccessReviews",
|
|
4308
|
+
component: "control-plane",
|
|
4309
|
+
category: "access-control",
|
|
4310
|
+
shape: z.object({
|
|
4311
|
+
tenantId: z.string(),
|
|
4312
|
+
workspaceId: z.optional(z.string()),
|
|
4313
|
+
reviewKey: z.string(),
|
|
4314
|
+
scope: permitReviewScope,
|
|
4315
|
+
status: permitAccessReviewStatus,
|
|
4316
|
+
subjectType: permitAccessReviewSubjectType,
|
|
4317
|
+
subjectId: z.string(),
|
|
4318
|
+
resourceType: z.string().optional(),
|
|
4319
|
+
resourceKey: z.string().optional(),
|
|
4320
|
+
outcome: z.enum(["allow", "deny"]).optional(),
|
|
4321
|
+
requestedBy: z.string(),
|
|
4322
|
+
reviewedBy: z.string().optional(),
|
|
4323
|
+
requestedAt: z.number(),
|
|
4324
|
+
reviewedAt: z.number().optional(),
|
|
4325
|
+
dueAt: z.number().optional(),
|
|
4326
|
+
justification: z.string().optional(),
|
|
4327
|
+
rationale: z.string().optional(),
|
|
4328
|
+
policyBundleId: z.string().optional(),
|
|
4329
|
+
metadata: z.record(z.any()).optional(),
|
|
4330
|
+
createdAt: z.number(),
|
|
4331
|
+
updatedAt: z.number()
|
|
4332
|
+
}),
|
|
4333
|
+
indices: [
|
|
4334
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
|
|
4335
|
+
{ kind: "index", name: "by_tenant_reviewKey", columns: ["tenantId", "reviewKey"] },
|
|
4336
|
+
{ kind: "index", name: "by_subject", columns: ["subjectType", "subjectId"] },
|
|
4337
|
+
{
|
|
4338
|
+
kind: "index",
|
|
4339
|
+
name: "by_tenant_subject",
|
|
4340
|
+
columns: ["tenantId", "subjectType", "subjectId"]
|
|
4341
|
+
},
|
|
4342
|
+
{ kind: "index", name: "by_outcome", columns: ["outcome"] },
|
|
4343
|
+
{
|
|
4344
|
+
kind: "index",
|
|
4345
|
+
name: "by_workspace_status",
|
|
4346
|
+
columns: ["workspaceId", "status"]
|
|
4347
|
+
}
|
|
4348
|
+
]
|
|
4349
|
+
});
|
|
4350
|
+
var permitAccessReviewItems = defineTable({
|
|
4351
|
+
name: "permitAccessReviewItems",
|
|
4352
|
+
component: "control-plane",
|
|
4353
|
+
category: "access-control",
|
|
4354
|
+
shape: z.object({
|
|
4355
|
+
reviewKey: z.string(),
|
|
4356
|
+
itemKey: z.string(),
|
|
4357
|
+
tenantId: z.string(),
|
|
4358
|
+
workspaceId: z.string().optional(),
|
|
4359
|
+
subjectType: permitAccessReviewSubjectType,
|
|
4360
|
+
subjectId: z.string(),
|
|
4361
|
+
resourceType: z.string().optional(),
|
|
4362
|
+
resourceKey: z.string().optional(),
|
|
4363
|
+
role: z.string().optional(),
|
|
4364
|
+
relation: z.string().optional(),
|
|
4365
|
+
status: z.enum(["open", "approved", "revoked", "changed", "deferred"]),
|
|
4366
|
+
reviewerId: z.string().optional(),
|
|
4367
|
+
decisionAt: z.number().optional(),
|
|
4368
|
+
rationale: z.string().optional(),
|
|
4369
|
+
metadata: z.record(z.any()).optional(),
|
|
4370
|
+
createdAt: z.number(),
|
|
4371
|
+
updatedAt: z.number()
|
|
4372
|
+
}),
|
|
4373
|
+
indices: [
|
|
4374
|
+
{ kind: "index", name: "by_reviewKey", columns: ["reviewKey"] },
|
|
4375
|
+
{ kind: "index", name: "by_tenant_reviewKey", columns: ["tenantId", "reviewKey"] },
|
|
4376
|
+
{ kind: "index", name: "by_tenant_itemKey", columns: ["tenantId", "itemKey"] },
|
|
4377
|
+
{ kind: "index", name: "by_subject", columns: ["subjectType", "subjectId"] },
|
|
4378
|
+
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
4379
|
+
]
|
|
4380
|
+
});
|
|
3446
4381
|
var reasoningPermissions = defineTable({
|
|
3447
4382
|
name: "reasoningPermissions",
|
|
3448
|
-
component: "
|
|
4383
|
+
component: "control-plane",
|
|
3449
4384
|
category: "epistemic",
|
|
3450
4385
|
shape: z.object({
|
|
3451
4386
|
"topicId": z.string().optional(),
|
|
@@ -3680,6 +4615,7 @@ var topics = defineTable({
|
|
|
3680
4615
|
"updatedAt": z.number()
|
|
3681
4616
|
}),
|
|
3682
4617
|
indices: [
|
|
4618
|
+
{ kind: "index", name: "by_globalId", columns: ["globalId"] },
|
|
3683
4619
|
{ kind: "index", name: "by_parent", columns: ["parentTopicId"] },
|
|
3684
4620
|
{ kind: "index", name: "by_type", columns: ["type"] },
|
|
3685
4621
|
{ kind: "index", name: "by_graph_scope_project", columns: ["graphScopeProjectId"] },
|
|
@@ -3691,7 +4627,7 @@ var topics = defineTable({
|
|
|
3691
4627
|
});
|
|
3692
4628
|
var users = defineTable({
|
|
3693
4629
|
name: "users",
|
|
3694
|
-
component: "
|
|
4630
|
+
component: "control-plane",
|
|
3695
4631
|
category: "user",
|
|
3696
4632
|
shape: z.object({
|
|
3697
4633
|
"clerkId": z.string(),
|
|
@@ -3804,7 +4740,8 @@ var workspaces = defineTable({
|
|
|
3804
4740
|
"defaultProjectVisibility": z.enum(["private", "team", "firm", "external", "public"]).optional(),
|
|
3805
4741
|
"deployments": z.record(z.object({
|
|
3806
4742
|
"url": z.string(),
|
|
3807
|
-
"
|
|
4743
|
+
"target": z.enum(["kernelDeployment", "appDeployment"]).optional(),
|
|
4744
|
+
"credentialRef": z.string().optional()
|
|
3808
4745
|
})).optional(),
|
|
3809
4746
|
"metadata": z.record(z.any()).optional(),
|
|
3810
4747
|
"createdBy": z.string().optional(),
|
|
@@ -3818,6 +4755,39 @@ var workspaces = defineTable({
|
|
|
3818
4755
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
3819
4756
|
]
|
|
3820
4757
|
});
|
|
4758
|
+
var deploymentHosts = defineTable({
|
|
4759
|
+
name: "deploymentHosts",
|
|
4760
|
+
component: "mc",
|
|
4761
|
+
category: "workspace",
|
|
4762
|
+
shape: z.object({
|
|
4763
|
+
"host": z.string(),
|
|
4764
|
+
"tenantId": idOf("tenants"),
|
|
4765
|
+
"workspaceId": idOf("workspaces"),
|
|
4766
|
+
"environment": z.enum(["dev", "staging", "prod"]),
|
|
4767
|
+
"target": z.enum(["kernelDeployment", "appDeployment"]),
|
|
4768
|
+
"deploymentUrl": z.string().optional(),
|
|
4769
|
+
"deploymentName": z.string().optional(),
|
|
4770
|
+
"vercelProjectName": z.string().optional(),
|
|
4771
|
+
"vercelProjectId": z.string().optional(),
|
|
4772
|
+
"vercelEnvironment": z.enum(["development", "preview", "staging", "production"]).optional(),
|
|
4773
|
+
"source": z.enum(["vercel_preview", "vercel_production", "vercel_custom_environment", "custom_domain", "manual"]),
|
|
4774
|
+
"status": z.enum(["active", "revoked"]),
|
|
4775
|
+
"metadata": z.record(z.any()).optional(),
|
|
4776
|
+
"createdBy": z.string(),
|
|
4777
|
+
"createdAt": z.number(),
|
|
4778
|
+
"updatedAt": z.number(),
|
|
4779
|
+
"revokedAt": z.number().optional(),
|
|
4780
|
+
"revokedBy": z.string().optional()
|
|
4781
|
+
}),
|
|
4782
|
+
indices: [
|
|
4783
|
+
{ kind: "index", name: "by_host", columns: ["host"] },
|
|
4784
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
4785
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
4786
|
+
{ kind: "index", name: "by_tenant_workspace_environment", columns: ["tenantId", "workspaceId", "environment"] },
|
|
4787
|
+
{ kind: "index", name: "by_workspace_status", columns: ["workspaceId", "status"] },
|
|
4788
|
+
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
4789
|
+
]
|
|
4790
|
+
});
|
|
3821
4791
|
var worktreeBeliefCluster = defineTable({
|
|
3822
4792
|
name: "worktreeBeliefCluster",
|
|
3823
4793
|
component: "kernel",
|
|
@@ -4182,9 +5152,23 @@ var KERNEL_TABLE_CONTRACTS = [
|
|
|
4182
5152
|
worktreeBeliefCluster,
|
|
4183
5153
|
worktrees
|
|
4184
5154
|
];
|
|
4185
|
-
var
|
|
5155
|
+
var CONTROL_PLANE_TABLE_CONTRACTS = [
|
|
4186
5156
|
agents,
|
|
4187
5157
|
reasoningPermissions,
|
|
5158
|
+
permitAccessReviewItems,
|
|
5159
|
+
permitAccessReviews,
|
|
5160
|
+
permitAttributeBindings,
|
|
5161
|
+
permitGroups,
|
|
5162
|
+
permitGroupMemberships,
|
|
5163
|
+
permitPolicyBundles,
|
|
5164
|
+
permitPolicyDecisionReceipts,
|
|
5165
|
+
permitPrincipalAliases,
|
|
5166
|
+
permitPrincipals,
|
|
5167
|
+
permitProjectionOutbox,
|
|
5168
|
+
permitRelationshipTuples,
|
|
5169
|
+
permitResourceInstances,
|
|
5170
|
+
permitRoleAssignments,
|
|
5171
|
+
tenantPermitSyncStates,
|
|
4188
5172
|
modelCallLogs,
|
|
4189
5173
|
modelFunctionSlots,
|
|
4190
5174
|
modelRegistry,
|
|
@@ -4212,7 +5196,9 @@ var MC_TABLE_CONTRACTS = [
|
|
|
4212
5196
|
groupMemberships,
|
|
4213
5197
|
groups,
|
|
4214
5198
|
memberships,
|
|
5199
|
+
oauthDeviceCodes,
|
|
4215
5200
|
principals,
|
|
5201
|
+
principalIdentityAliases,
|
|
4216
5202
|
rateLimitWindows,
|
|
4217
5203
|
servicePrincipalKeys,
|
|
4218
5204
|
userSessions,
|
|
@@ -4228,29 +5214,33 @@ var MC_TABLE_CONTRACTS = [
|
|
|
4228
5214
|
policyDecisionLogs,
|
|
4229
5215
|
policySimulations,
|
|
4230
5216
|
controlPlaneToolAcls,
|
|
5217
|
+
permitSyncStates,
|
|
4231
5218
|
agentRegistryEntries,
|
|
4232
5219
|
toolCatalog,
|
|
4233
5220
|
toolRegistryEntries,
|
|
4234
5221
|
compatibilityShims,
|
|
4235
5222
|
cutoverFlags,
|
|
4236
5223
|
tenantDeploymentCredentials,
|
|
5224
|
+
secretSyncDriftReports,
|
|
4237
5225
|
controlPlaneTenantModelSlotBindings,
|
|
4238
5226
|
controlPlaneTenantProviderSecrets,
|
|
4239
5227
|
controlPlaneTenantProxyGatewayUsage,
|
|
5228
|
+
controlPlaneTenantProxyTokenLeases,
|
|
4240
5229
|
apiKeys,
|
|
4241
5230
|
auditLog,
|
|
4242
5231
|
tenants,
|
|
4243
|
-
workspaces
|
|
5232
|
+
workspaces,
|
|
5233
|
+
deploymentHosts
|
|
4244
5234
|
];
|
|
4245
5235
|
var TABLE_CONTRACTS_BY_COMPONENT = {
|
|
4246
5236
|
kernel: KERNEL_TABLE_CONTRACTS,
|
|
4247
|
-
|
|
5237
|
+
"control-plane": CONTROL_PLANE_TABLE_CONTRACTS,
|
|
4248
5238
|
mc: MC_TABLE_CONTRACTS,
|
|
4249
5239
|
"developer-pack": []
|
|
4250
5240
|
};
|
|
4251
5241
|
var ALL_TABLE_CONTRACTS = [
|
|
4252
5242
|
...KERNEL_TABLE_CONTRACTS,
|
|
4253
|
-
...
|
|
5243
|
+
...CONTROL_PLANE_TABLE_CONTRACTS,
|
|
4254
5244
|
...MC_TABLE_CONTRACTS
|
|
4255
5245
|
];
|
|
4256
5246
|
function listTableContractsByName(name) {
|
|
@@ -4263,8 +5253,8 @@ function getTableContract(name, component) {
|
|
|
4263
5253
|
}
|
|
4264
5254
|
var ComponentTableManifestSchema = z.object({
|
|
4265
5255
|
manifestVersion: z.string(),
|
|
4266
|
-
componentName: z.enum(["kernel", "
|
|
4267
|
-
tier: z.enum(["K", "
|
|
5256
|
+
componentName: z.enum(["kernel", "control-plane"]),
|
|
5257
|
+
tier: z.enum(["K", "CP"]),
|
|
4268
5258
|
packageVersion: z.string(),
|
|
4269
5259
|
tables: z.array(
|
|
4270
5260
|
z.object({
|
|
@@ -4293,6 +5283,6 @@ var SLOpinionInputSchema = z.object({
|
|
|
4293
5283
|
}
|
|
4294
5284
|
);
|
|
4295
5285
|
|
|
4296
|
-
export { ALL_TABLE_CONTRACTS, ComponentTableManifestSchema, EDGE_TYPE,
|
|
5286
|
+
export { ALL_TABLE_CONTRACTS, CONTROL_PLANE_TABLE_CONTRACTS, ComponentTableManifestSchema, EDGE_TYPE, EDGE_TYPE_VALUES, KERNEL_TABLE_CONTRACTS, MC_TABLE_CONTRACTS, NODE_TYPE, SLOpinionInputSchema, STORAGE_EDGE_TYPE, STORAGE_EDGE_TYPE_VALUES, TABLE_CONTRACTS_BY_COMPONENT, TOPIC_STATUS, TOPIC_VISIBILITY, getTableContract, listTableContractsByName };
|
|
4297
5287
|
//# sourceMappingURL=index.js.map
|
|
4298
5288
|
//# sourceMappingURL=index.js.map
|