@lucern/contracts 0.3.0-alpha.8 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/dist/api-enums.contract.d.ts +5 -3
- package/dist/api-enums.contract.js +14 -12
- package/dist/api-enums.contract.js.map +1 -1
- package/dist/auth-context.contract.js +14 -2
- package/dist/auth-context.contract.js.map +1 -1
- package/dist/auth-session.contract.js +14 -2
- package/dist/auth-session.contract.js.map +1 -1
- package/dist/auth.contract.d.ts +1 -1
- package/dist/auth.contract.js +14 -2
- package/dist/auth.contract.js.map +1 -1
- package/dist/component-boundary.contract.d.ts +1 -1
- package/dist/component-boundary.contract.js +46 -26
- package/dist/component-boundary.contract.js.map +1 -1
- package/dist/component-host-boundary.contract.d.ts +10 -5
- package/dist/component-host-boundary.contract.js +10 -4
- package/dist/component-host-boundary.contract.js.map +1 -1
- package/dist/{defineTable-CBQ03FXl.d.ts → defineTable-t1wr5wgn.d.ts} +1 -1
- package/dist/{dsl-djCRfuWC.d.ts → dsl-DVPthQGY.d.ts} +1 -1
- package/dist/dsl.d.ts +2 -2
- package/dist/dsl.js.map +1 -1
- package/dist/edge-policy-manifest-Dw5IhT1L.d.ts +133 -0
- package/dist/function-registry/beliefs.d.ts +23 -10
- package/dist/function-registry/beliefs.js +467 -36
- package/dist/function-registry/beliefs.js.map +1 -1
- package/dist/function-registry/coding.d.ts +15 -6
- package/dist/function-registry/coding.js +531 -22
- package/dist/function-registry/coding.js.map +1 -1
- package/dist/function-registry/context.d.ts +9 -3
- package/dist/function-registry/context.js +464 -21
- package/dist/function-registry/context.js.map +1 -1
- package/dist/function-registry/contracts.d.ts +9 -3
- package/dist/function-registry/contracts.js +464 -21
- package/dist/function-registry/contracts.js.map +1 -1
- package/dist/function-registry/coordination.d.ts +21 -9
- package/dist/function-registry/coordination.js +464 -21
- package/dist/function-registry/coordination.js.map +1 -1
- package/dist/function-registry/edges.d.ts +167 -2
- package/dist/function-registry/edges.js +661 -52
- package/dist/function-registry/edges.js.map +1 -1
- package/dist/function-registry/evidence.d.ts +19 -8
- package/dist/function-registry/evidence.js +473 -40
- package/dist/function-registry/evidence.js.map +1 -1
- package/dist/function-registry/graph.d.ts +33 -15
- package/dist/function-registry/graph.js +464 -21
- package/dist/function-registry/graph.js.map +1 -1
- package/dist/function-registry/helpers.d.ts +6 -3
- package/dist/function-registry/helpers.js +465 -22
- package/dist/function-registry/helpers.js.map +1 -1
- package/dist/function-registry/identity.d.ts +62 -16
- package/dist/function-registry/identity.js +487 -27
- package/dist/function-registry/identity.js.map +1 -1
- package/dist/function-registry/index.d.ts +4 -2
- package/dist/function-registry/index.js +468 -22
- package/dist/function-registry/index.js.map +1 -1
- package/dist/function-registry/judgments.d.ts +7 -2
- package/dist/function-registry/judgments.js +464 -21
- package/dist/function-registry/judgments.js.map +1 -1
- package/dist/function-registry/legacy.d.ts +5 -1
- package/dist/function-registry/legacy.js +464 -21
- package/dist/function-registry/legacy.js.map +1 -1
- package/dist/function-registry/lenses.d.ts +11 -4
- package/dist/function-registry/lenses.js +464 -21
- package/dist/function-registry/lenses.js.map +1 -1
- package/dist/function-registry/manifest.d.ts +4 -4
- package/dist/function-registry/manifest.js +16 -1
- package/dist/function-registry/manifest.js.map +1 -1
- package/dist/function-registry/nodes.d.ts +412 -0
- package/dist/function-registry/nodes.js +5354 -0
- package/dist/function-registry/nodes.js.map +1 -0
- package/dist/function-registry/ontologies.d.ts +25 -11
- package/dist/function-registry/ontologies.js +464 -21
- package/dist/function-registry/ontologies.js.map +1 -1
- package/dist/function-registry/pipeline.d.ts +9 -3
- package/dist/function-registry/pipeline.js +464 -21
- package/dist/function-registry/pipeline.js.map +1 -1
- package/dist/function-registry/questions.d.ts +27 -12
- package/dist/function-registry/questions.js +466 -26
- package/dist/function-registry/questions.js.map +1 -1
- package/dist/function-registry/tasks.d.ts +11 -4
- package/dist/function-registry/tasks.js +497 -30
- package/dist/function-registry/tasks.js.map +1 -1
- package/dist/function-registry/topics.d.ts +93 -5
- package/dist/function-registry/topics.js +534 -24
- package/dist/function-registry/topics.js.map +1 -1
- package/dist/function-registry/types.d.ts +7 -3
- package/dist/function-registry/worktrees.d.ts +25 -11
- package/dist/function-registry/worktrees.js +480 -21
- package/dist/function-registry/worktrees.js.map +1 -1
- package/dist/gateway.contract.d.ts +4 -0
- package/dist/gateway.contract.js.map +1 -1
- package/dist/generated/convexSchemas.d.ts +3 -3
- package/dist/generated/convexSchemas.js +37 -17
- package/dist/generated/convexSchemas.js.map +1 -1
- package/dist/generated/infisicalRuntimeEnv.d.ts +70 -0
- package/dist/generated/infisicalRuntimeEnv.js +27585 -0
- package/dist/generated/infisicalRuntimeEnv.js.map +1 -0
- package/dist/generated/lucernGatewayEnv.d.ts +17 -0
- package/dist/generated/lucernGatewayEnv.js +38 -0
- package/dist/generated/lucernGatewayEnv.js.map +1 -0
- package/dist/generated/lucernWebPublicEnv.d.ts +26 -0
- package/dist/generated/lucernWebPublicEnv.js +32 -0
- package/dist/generated/lucernWebPublicEnv.js.map +1 -0
- package/dist/generated/lucernWebServerEnv.d.ts +33 -0
- package/dist/generated/lucernWebServerEnv.js +51 -0
- package/dist/generated/lucernWebServerEnv.js.map +1 -0
- package/dist/generated/schema-manifest.json +1221 -114
- package/dist/generated/tableOwnership.d.ts +48 -28
- package/dist/generated/tableOwnership.js +66 -26
- package/dist/generated/tableOwnership.js.map +1 -1
- package/dist/generated/tier-expectations.json +64 -9
- package/dist/{index-O09U2xHk.d.ts → index-CM1Pl_vI.d.ts} +3 -3
- package/dist/index.d.ts +12 -7
- package/dist/index.js +32892 -459
- package/dist/index.js.map +1 -1
- package/dist/infisical-runtime.contract.d.ts +1763 -6
- package/dist/infisical-runtime.contract.js +2994 -15
- package/dist/infisical-runtime.contract.js.map +1 -1
- package/dist/manifests/edge-policy-manifest.d.ts +1 -1
- package/dist/manifests/edge-policy-manifest.data.d.ts +6 -20
- package/dist/manifests/edge-policy-manifest.data.js +18 -26
- package/dist/manifests/edge-policy-manifest.data.js.map +1 -1
- package/dist/manifests/edge-policy-manifest.js +31 -4
- package/dist/manifests/edge-policy-manifest.js.map +1 -1
- package/dist/manifests/infisical-runtime-manifest.d.ts +1689 -6
- package/dist/manifests/infisical-runtime-manifest.js +2847 -12
- package/dist/manifests/infisical-runtime-manifest.js.map +1 -1
- package/dist/manifests/tenant-client-manifest.d.ts +19 -14
- package/dist/manifests/tenant-client-manifest.js +29 -12
- package/dist/manifests/tenant-client-manifest.js.map +1 -1
- package/dist/mcp-gateway-boundary.contract.d.ts +23 -3
- package/dist/mcp-gateway-boundary.contract.js +2 -0
- package/dist/mcp-gateway-boundary.contract.js.map +1 -1
- package/dist/permit-principal-projection.contract.d.ts +74 -0
- package/dist/permit-principal-projection.contract.js +167 -0
- package/dist/permit-principal-projection.contract.js.map +1 -0
- package/dist/projections/check-convex-args-shape.js +10 -6
- package/dist/projections/check-convex-args-shape.js.map +1 -1
- package/dist/projections/create-evidence.projection.d.ts +6 -6
- package/dist/projections/create-evidence.projection.js +2 -3
- package/dist/projections/create-evidence.projection.js.map +1 -1
- package/dist/projections/index.d.ts +3 -3
- package/dist/projections/index.js +10 -6
- package/dist/projections/index.js.map +1 -1
- package/dist/projections/list-tasks.projection.d.ts +20 -8
- package/dist/projections/list-tasks.projection.js +8 -3
- package/dist/projections/list-tasks.projection.js.map +1 -1
- package/dist/proof-attestation.json +45 -0
- package/dist/schemas/component-table-manifest.d.ts +6 -6
- package/dist/schemas/component-table-manifest.js +2 -2
- package/dist/schemas/component-table-manifest.js.map +1 -1
- package/dist/schemas/index.d.ts +2 -2
- package/dist/schemas/index.js +1123 -137
- package/dist/schemas/index.js.map +1 -1
- package/dist/schemas/manifest.d.ts +2102 -132
- package/dist/schemas/manifest.js +1121 -135
- package/dist/schemas/manifest.js.map +1 -1
- package/dist/schemas/tables/controlPlane/accessControl.d.ts +260 -0
- package/dist/schemas/tables/controlPlane/accessControl.js +658 -0
- package/dist/schemas/tables/controlPlane/accessControl.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/agent.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/agent.js +3 -3
- package/dist/schemas/tables/controlPlane/agent.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/epistemic.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/epistemic.js +3 -3
- package/dist/schemas/tables/controlPlane/epistemic.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/model.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/model.js +6 -6
- package/dist/schemas/tables/controlPlane/model.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/platform.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/platform.js +18 -18
- package/dist/schemas/tables/controlPlane/platform.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/project.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/project.js +3 -3
- package/dist/schemas/tables/controlPlane/project.js.map +1 -0
- package/dist/schemas/tables/{identity → controlPlane}/user.d.ts +1 -1
- package/dist/schemas/tables/{identity → controlPlane}/user.js +3 -3
- package/dist/schemas/tables/controlPlane/user.js.map +1 -0
- package/dist/schemas/tables/kernel/config.d.ts +1 -1
- package/dist/schemas/tables/kernel/config.js.map +1 -1
- package/dist/schemas/tables/kernel/coordination.d.ts +1 -1
- package/dist/schemas/tables/kernel/coordination.js.map +1 -1
- package/dist/schemas/tables/kernel/decision.d.ts +1 -1
- package/dist/schemas/tables/kernel/decision.js.map +1 -1
- package/dist/schemas/tables/kernel/embedding.d.ts +1 -1
- package/dist/schemas/tables/kernel/embedding.js.map +1 -1
- package/dist/schemas/tables/kernel/epistemic.d.ts +1 -1
- package/dist/schemas/tables/kernel/epistemic.js.map +1 -1
- package/dist/schemas/tables/kernel/events.d.ts +21 -0
- package/dist/schemas/tables/kernel/events.js +43 -0
- package/dist/schemas/tables/kernel/events.js.map +1 -0
- package/dist/schemas/tables/kernel/idempotency.d.ts +1 -1
- package/dist/schemas/tables/kernel/idempotency.js.map +1 -1
- package/dist/schemas/tables/kernel/infra.d.ts +1 -1
- package/dist/schemas/tables/kernel/infra.js.map +1 -1
- package/dist/schemas/tables/kernel/intelligence.d.ts +1 -1
- package/dist/schemas/tables/kernel/intelligence.js.map +1 -1
- package/dist/schemas/tables/kernel/lens.d.ts +1 -1
- package/dist/schemas/tables/kernel/lens.js.map +1 -1
- package/dist/schemas/tables/kernel/ontology.d.ts +1 -1
- package/dist/schemas/tables/kernel/ontology.js.map +1 -1
- package/dist/schemas/tables/kernel/platform.d.ts +1 -1
- package/dist/schemas/tables/kernel/platform.js.map +1 -1
- package/dist/schemas/tables/kernel/spine.d.ts +2 -1
- package/dist/schemas/tables/kernel/spine.js +1 -0
- package/dist/schemas/tables/kernel/spine.js.map +1 -1
- package/dist/schemas/tables/kernel/task.d.ts +1 -1
- package/dist/schemas/tables/kernel/task.js.map +1 -1
- package/dist/schemas/tables/kernel/topic.d.ts +1 -1
- package/dist/schemas/tables/kernel/topic.js +1 -0
- package/dist/schemas/tables/kernel/topic.js.map +1 -1
- package/dist/schemas/tables/kernel/workflow.d.ts +1 -1
- package/dist/schemas/tables/kernel/workflow.js.map +1 -1
- package/dist/schemas/tables/kernel/worktree.d.ts +17 -17
- package/dist/schemas/tables/kernel/worktree.js.map +1 -1
- package/dist/schemas/tables/mc/identity.d.ts +19 -2
- package/dist/schemas/tables/mc/identity.js +32 -1
- package/dist/schemas/tables/mc/identity.js.map +1 -1
- package/dist/schemas/tables/mc/methodology.d.ts +1 -1
- package/dist/schemas/tables/mc/methodology.js.map +1 -1
- package/dist/schemas/tables/mc/pack.d.ts +1 -1
- package/dist/schemas/tables/mc/pack.js.map +1 -1
- package/dist/schemas/tables/mc/policy.d.ts +2 -2
- package/dist/schemas/tables/mc/policy.js +1 -1
- package/dist/schemas/tables/mc/policy.js.map +1 -1
- package/dist/schemas/tables/mc/registry.d.ts +1 -1
- package/dist/schemas/tables/mc/registry.js.map +1 -1
- package/dist/schemas/tables/mc/runtime.d.ts +109 -3
- package/dist/schemas/tables/mc/runtime.js +330 -104
- package/dist/schemas/tables/mc/runtime.js.map +1 -1
- package/dist/schemas/tables/mc/tenant.d.ts +4 -2
- package/dist/schemas/tables/mc/tenant.js +3 -1
- package/dist/schemas/tables/mc/tenant.js.map +1 -1
- package/dist/schemas/tables/mc/workspace.d.ts +22 -5
- package/dist/schemas/tables/mc/workspace.js +34 -2
- package/dist/schemas/tables/mc/workspace.js.map +1 -1
- package/dist/{sdk-tools.contract-Ci8bkoai.d.ts → sdk-tools.contract-CKmSsrZ2.d.ts} +1 -1
- package/dist/sdk-tools.contract.d.ts +2 -2
- package/dist/sdk-tools.contract.js +417 -13
- package/dist/sdk-tools.contract.js.map +1 -1
- package/dist/tenant-bootstrap-seed.contract.d.ts +244 -56
- package/dist/tenant-bootstrap-seed.contract.js +139 -28
- package/dist/tenant-bootstrap-seed.contract.js.map +1 -1
- package/dist/tenant-bootstrap-seed.defaults.d.ts +2 -2
- package/dist/tenant-bootstrap-seed.defaults.js +31 -13
- package/dist/tenant-bootstrap-seed.defaults.js.map +1 -1
- package/dist/tenant-client.contract.d.ts +20 -15
- package/dist/tenant-client.contract.js +29 -12
- package/dist/tenant-client.contract.js.map +1 -1
- package/dist/{tool-contracts-B4iWhejG.d.ts → tool-contracts-C_xvM9q2.d.ts} +32 -2
- package/dist/tool-contracts.d.ts +1 -1
- package/dist/tool-contracts.js +418 -14
- package/dist/tool-contracts.js.map +1 -1
- package/package.json +22 -1
- package/dist/edge-policy-manifest-Byv6cQPP.d.ts +0 -132
- package/dist/schemas/tables/identity/agent.js.map +0 -1
- package/dist/schemas/tables/identity/epistemic.js.map +0 -1
- package/dist/schemas/tables/identity/model.js.map +0 -1
- package/dist/schemas/tables/identity/platform.js.map +0 -1
- package/dist/schemas/tables/identity/project.js.map +0 -1
- package/dist/schemas/tables/identity/user.js.map +0 -1
package/dist/schemas/index.js
CHANGED
|
@@ -210,7 +210,7 @@ var toolRegistryEntries = defineTable({
|
|
|
210
210
|
});
|
|
211
211
|
var agents = defineTable({
|
|
212
212
|
name: "agents",
|
|
213
|
-
component: "
|
|
213
|
+
component: "control-plane",
|
|
214
214
|
category: "agent",
|
|
215
215
|
shape: z.object({
|
|
216
216
|
"slug": z.string(),
|
|
@@ -241,6 +241,8 @@ var apiKeys = defineTable({
|
|
|
241
241
|
category: "tenant",
|
|
242
242
|
shape: z.object({
|
|
243
243
|
"tenantId": idOf("tenants"),
|
|
244
|
+
"workspaceId": idOf("workspaces").optional(),
|
|
245
|
+
"environment": z.enum(["dev", "staging", "prod"]).optional(),
|
|
244
246
|
"keyPrefix": z.enum(["luc", "stk"]),
|
|
245
247
|
"keyHash": z.string(),
|
|
246
248
|
"keyHint": z.string(),
|
|
@@ -268,7 +270,7 @@ var auditLog = defineTable({
|
|
|
268
270
|
shape: z.object({
|
|
269
271
|
"tenantId": idOf("tenants").optional(),
|
|
270
272
|
"apiKeyId": idOf("apiKeys").optional(),
|
|
271
|
-
"action": z.enum(["key_created", "key_revoked", "key_expired", "key_used", "tenant_secret_created", "tenant_secret_rotated", "tenant_secret_revoked", "tenant_slot_binding_upserted", "tenant_slot_binding_revoked", "proxy_token_minted", "proxy_request_recorded", "tenant_created", "tenant_updated", "tenant_suspended", "tenant_archived", "tenant_reactivated", "principal_created", "principal_updated", "principal_suspended", "membership_created", "membership_updated", "membership_revoked", "group_created", "group_updated", "group_deleted", "group_member_added", "group_member_removed", "workspace_created", "workspace_updated", "workspace_archived", "workspace_deployment_set", "workspace_deployment_removed", "service_key_created", "service_key_rotated", "service_key_revoked", "service_key_used", "service_key_auth_failed", "session_created", "session_validated", "session_revoked", "session_cascade_revoked", "session_expired", "sandbox_created", "sandbox_secret_injected", "sandbox_execution_started", "sandbox_execution_completed", "sandbox_limit_violated", "policy_created", "policy_updated", "policy_enforced", "policy_archived", "agent_registered", "agent_updated", "tool_registered", "tool_updated", "pack_entitled", "pack_installed", "pack_enabled", "pack_disabled", "pack_entitlement_revoked", "pack_upgraded", "pack_upgrade_committed", "pack_upgrade_rolled_back", "pack_group_assigned", "pack_group_unassigned", "methodology_pack_created", "methodology_pack_updated", "methodology_pack_assigned", "methodology_pack_removed", "pack_assigned_to_group", "pack_revoked_from_group", "pack_ontology_materialized", "pack_ontology_topic_bound", "cutover_flag_set", "cutover_flag_cleared"]),
|
|
273
|
+
"action": z.enum(["key_created", "key_revoked", "key_expired", "key_used", "tenant_secret_created", "tenant_secret_rotated", "tenant_secret_revoked", "tenant_slot_binding_upserted", "tenant_slot_binding_revoked", "proxy_token_minted", "proxy_token_lease_issued", "proxy_token_lease_renewed", "proxy_token_lease_revoked", "proxy_request_recorded", "tenant_created", "tenant_updated", "tenant_suspended", "tenant_archived", "tenant_reactivated", "tenant_clerk_organization_linked", "tenant_canonical_identity_repaired", "principal_created", "principal_updated", "principal_suspended", "principal_identity_alias_upserted", "principal_identity_alias_revoked", "membership_created", "membership_updated", "membership_revoked", "group_created", "group_updated", "group_deleted", "group_member_added", "group_member_removed", "workspace_created", "workspace_updated", "workspace_archived", "workspace_deployment_set", "workspace_deployment_removed", "deployment_host_registered", "deployment_host_revoked", "service_key_created", "service_key_rotated", "service_key_revoked", "service_key_used", "service_key_auth_failed", "session_created", "session_validated", "session_revoked", "session_cascade_revoked", "session_expired", "sandbox_created", "sandbox_secret_injected", "sandbox_execution_started", "sandbox_execution_completed", "sandbox_limit_violated", "policy_created", "policy_updated", "policy_enforced", "policy_archived", "permit_sync_enqueued", "permit_sync_succeeded", "permit_sync_failed", "permit_sync_skipped", "agent_registered", "agent_updated", "tool_registered", "tool_updated", "pack_entitled", "pack_installed", "pack_enabled", "pack_disabled", "pack_entitlement_revoked", "pack_upgraded", "pack_upgrade_committed", "pack_upgrade_rolled_back", "pack_group_assigned", "pack_group_unassigned", "methodology_pack_created", "methodology_pack_updated", "methodology_pack_assigned", "methodology_pack_removed", "pack_assigned_to_group", "pack_revoked_from_group", "pack_ontology_materialized", "pack_ontology_topic_bound", "cutover_flag_set", "cutover_flag_cleared"]),
|
|
272
274
|
"actorClerkId": z.string(),
|
|
273
275
|
"details": z.any().optional(),
|
|
274
276
|
"createdAt": z.number()
|
|
@@ -492,6 +494,35 @@ var systemLogs = defineTable({
|
|
|
492
494
|
{ kind: "index", name: "by_source", columns: ["source"] }
|
|
493
495
|
]
|
|
494
496
|
});
|
|
497
|
+
var domainEvents = defineTable({
|
|
498
|
+
name: "domainEvents",
|
|
499
|
+
component: "kernel",
|
|
500
|
+
category: "events",
|
|
501
|
+
shape: z.object({
|
|
502
|
+
"eventId": z.string(),
|
|
503
|
+
"type": z.string(),
|
|
504
|
+
"version": z.string(),
|
|
505
|
+
"timestamp": z.number(),
|
|
506
|
+
"tenantId": z.string().optional(),
|
|
507
|
+
"workspaceId": z.string().optional(),
|
|
508
|
+
"topicId": z.string(),
|
|
509
|
+
"resourceId": z.string(),
|
|
510
|
+
"resourceType": z.string(),
|
|
511
|
+
"actorId": z.string(),
|
|
512
|
+
"actorType": z.enum(["human", "agent", "service"]),
|
|
513
|
+
"data": z.record(z.any()),
|
|
514
|
+
"correlationId": z.string().optional(),
|
|
515
|
+
"expiresAt": z.number()
|
|
516
|
+
}),
|
|
517
|
+
indices: [
|
|
518
|
+
{ kind: "index", name: "by_eventId", columns: ["eventId"] },
|
|
519
|
+
{ kind: "index", name: "by_topic_timestamp", columns: ["topicId", "timestamp"] },
|
|
520
|
+
{ kind: "index", name: "by_tenant_workspace_timestamp", columns: ["tenantId", "workspaceId", "timestamp"] },
|
|
521
|
+
{ kind: "index", name: "by_type_timestamp", columns: ["type", "timestamp"] },
|
|
522
|
+
{ kind: "index", name: "by_resource", columns: ["resourceType", "resourceId", "timestamp"] },
|
|
523
|
+
{ kind: "index", name: "by_expiresAt", columns: ["expiresAt"] }
|
|
524
|
+
]
|
|
525
|
+
});
|
|
495
526
|
var beliefConfidence = defineTable({
|
|
496
527
|
name: "beliefConfidence",
|
|
497
528
|
component: "kernel",
|
|
@@ -1147,29 +1178,37 @@ var compatibilityShims = defineTable({
|
|
|
1147
1178
|
component: "mc",
|
|
1148
1179
|
category: "runtime",
|
|
1149
1180
|
shape: z.object({
|
|
1150
|
-
|
|
1151
|
-
|
|
1152
|
-
|
|
1153
|
-
|
|
1154
|
-
|
|
1155
|
-
|
|
1156
|
-
|
|
1157
|
-
|
|
1158
|
-
|
|
1159
|
-
|
|
1160
|
-
|
|
1161
|
-
|
|
1162
|
-
|
|
1181
|
+
shimId: z.string(),
|
|
1182
|
+
gateId: z.string(),
|
|
1183
|
+
removalDate: z.string(),
|
|
1184
|
+
removalPriority: z.enum(["P1", "P2", "P3"]),
|
|
1185
|
+
description: z.string(),
|
|
1186
|
+
owner: z.string(),
|
|
1187
|
+
createdAt: z.string(),
|
|
1188
|
+
status: z.enum(["active", "overdue", "removed"]),
|
|
1189
|
+
bridgeType: z.enum(["tool", "agent"]),
|
|
1190
|
+
bridgeTarget: z.object({
|
|
1191
|
+
type: z.enum(["tool", "agent"]),
|
|
1192
|
+
legacyPath: z.string(),
|
|
1193
|
+
harnessPath: z.string()
|
|
1163
1194
|
}),
|
|
1164
|
-
|
|
1165
|
-
|
|
1166
|
-
|
|
1167
|
-
|
|
1195
|
+
shimBehavior: z.enum([
|
|
1196
|
+
"passthrough_with_logging",
|
|
1197
|
+
"adapter",
|
|
1198
|
+
"feature_flag_gate"
|
|
1199
|
+
]),
|
|
1200
|
+
producesLedgerEntries: z.boolean(),
|
|
1201
|
+
lastAuditedAt: z.number(),
|
|
1202
|
+
metadata: z.record(z.any()).optional()
|
|
1168
1203
|
}),
|
|
1169
1204
|
indices: [
|
|
1170
1205
|
{ kind: "index", name: "by_shimId", columns: ["shimId"] },
|
|
1171
1206
|
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
1172
|
-
{
|
|
1207
|
+
{
|
|
1208
|
+
kind: "index",
|
|
1209
|
+
name: "by_bridgeType_status",
|
|
1210
|
+
columns: ["bridgeType", "status"]
|
|
1211
|
+
}
|
|
1173
1212
|
]
|
|
1174
1213
|
});
|
|
1175
1214
|
var cutoverFlags = defineTable({
|
|
@@ -1177,12 +1216,23 @@ var cutoverFlags = defineTable({
|
|
|
1177
1216
|
component: "mc",
|
|
1178
1217
|
category: "runtime",
|
|
1179
1218
|
shape: z.object({
|
|
1180
|
-
|
|
1181
|
-
|
|
1182
|
-
|
|
1183
|
-
|
|
1184
|
-
|
|
1185
|
-
|
|
1219
|
+
domain: z.enum([
|
|
1220
|
+
"graph",
|
|
1221
|
+
"schema",
|
|
1222
|
+
"identity",
|
|
1223
|
+
"policy",
|
|
1224
|
+
"audit",
|
|
1225
|
+
"admin",
|
|
1226
|
+
"agent",
|
|
1227
|
+
"tool",
|
|
1228
|
+
"prompt",
|
|
1229
|
+
"intelligence"
|
|
1230
|
+
]),
|
|
1231
|
+
state: z.enum(["legacy", "cutover", "disabled"]),
|
|
1232
|
+
metadata: z.record(z.any()).optional(),
|
|
1233
|
+
updatedBy: z.string(),
|
|
1234
|
+
createdAt: z.number(),
|
|
1235
|
+
updatedAt: z.number()
|
|
1186
1236
|
}),
|
|
1187
1237
|
indices: [
|
|
1188
1238
|
{ kind: "index", name: "by_domain", columns: ["domain"] },
|
|
@@ -1194,57 +1244,193 @@ var tenantDeploymentCredentials = defineTable({
|
|
|
1194
1244
|
component: "mc",
|
|
1195
1245
|
category: "runtime",
|
|
1196
1246
|
shape: z.object({
|
|
1197
|
-
|
|
1198
|
-
|
|
1199
|
-
|
|
1200
|
-
|
|
1201
|
-
|
|
1202
|
-
|
|
1203
|
-
|
|
1204
|
-
|
|
1205
|
-
|
|
1206
|
-
|
|
1207
|
-
|
|
1208
|
-
|
|
1209
|
-
|
|
1210
|
-
|
|
1211
|
-
|
|
1212
|
-
|
|
1213
|
-
|
|
1247
|
+
credentialRef: z.string(),
|
|
1248
|
+
tenantId: idOf("tenants"),
|
|
1249
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1250
|
+
target: z.enum(["kernelDeployment", "appDeployment"]),
|
|
1251
|
+
environment: z.enum(["dev", "staging", "prod"]),
|
|
1252
|
+
encryptedDeployKey: z.string(),
|
|
1253
|
+
encryptionVersion: z.string(),
|
|
1254
|
+
keyFingerprint: z.string(),
|
|
1255
|
+
keyHint: z.string(),
|
|
1256
|
+
status: z.enum(["active", "revoked"]),
|
|
1257
|
+
rotatedFromCredentialRef: z.string().optional(),
|
|
1258
|
+
revokedAt: z.number().optional(),
|
|
1259
|
+
revokedBy: z.string().optional(),
|
|
1260
|
+
lastUsedAt: z.number().optional(),
|
|
1261
|
+
metadata: z.record(z.any()).optional(),
|
|
1262
|
+
createdBy: z.string(),
|
|
1263
|
+
createdAt: z.number(),
|
|
1264
|
+
updatedAt: z.number()
|
|
1214
1265
|
}),
|
|
1215
1266
|
indices: [
|
|
1216
1267
|
{ kind: "index", name: "by_credentialRef", columns: ["credentialRef"] },
|
|
1217
1268
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
1218
|
-
{ kind: "index", name: "
|
|
1219
|
-
{
|
|
1220
|
-
|
|
1269
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
1270
|
+
{
|
|
1271
|
+
kind: "index",
|
|
1272
|
+
name: "by_tenant_target",
|
|
1273
|
+
columns: ["tenantId", "target"]
|
|
1274
|
+
},
|
|
1275
|
+
{
|
|
1276
|
+
kind: "index",
|
|
1277
|
+
name: "by_tenant_target_environment",
|
|
1278
|
+
columns: ["tenantId", "target", "environment"]
|
|
1279
|
+
},
|
|
1280
|
+
{
|
|
1281
|
+
kind: "index",
|
|
1282
|
+
name: "by_tenant_target_environment_status",
|
|
1283
|
+
columns: ["tenantId", "target", "environment", "status"]
|
|
1284
|
+
},
|
|
1285
|
+
{
|
|
1286
|
+
kind: "index",
|
|
1287
|
+
name: "by_tenant_workspace_target_environment_status",
|
|
1288
|
+
columns: ["tenantId", "workspaceId", "target", "environment", "status"]
|
|
1289
|
+
},
|
|
1221
1290
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1222
1291
|
]
|
|
1223
1292
|
});
|
|
1293
|
+
var permitSyncStates = defineTable({
|
|
1294
|
+
name: "permitSyncStates",
|
|
1295
|
+
component: "mc",
|
|
1296
|
+
category: "runtime",
|
|
1297
|
+
shape: z.object({
|
|
1298
|
+
syncKey: z.string(),
|
|
1299
|
+
objectType: z.enum([
|
|
1300
|
+
"resource",
|
|
1301
|
+
"role",
|
|
1302
|
+
"resource_role",
|
|
1303
|
+
"resource_relation",
|
|
1304
|
+
"tenant",
|
|
1305
|
+
"workspace",
|
|
1306
|
+
"principal",
|
|
1307
|
+
"membership",
|
|
1308
|
+
"group",
|
|
1309
|
+
"resource_instance",
|
|
1310
|
+
"relationship_tuple",
|
|
1311
|
+
"role_assignment"
|
|
1312
|
+
]),
|
|
1313
|
+
objectId: z.string(),
|
|
1314
|
+
tenantId: idOf("tenants").optional(),
|
|
1315
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1316
|
+
principalId: z.string().optional(),
|
|
1317
|
+
permitTenantKey: z.string().optional(),
|
|
1318
|
+
permitResourceType: z.string().optional(),
|
|
1319
|
+
permitResourceKey: z.string().optional(),
|
|
1320
|
+
desiredPayload: z.record(z.any()),
|
|
1321
|
+
lastAppliedPayloadHash: z.string().optional(),
|
|
1322
|
+
status: z.enum(["pending", "synced", "error", "skipped"]),
|
|
1323
|
+
attemptCount: z.number(),
|
|
1324
|
+
lastError: z.string().optional(),
|
|
1325
|
+
nextAttemptAt: z.number().optional(),
|
|
1326
|
+
lastSyncedAt: z.number().optional(),
|
|
1327
|
+
createdBy: z.string(),
|
|
1328
|
+
updatedBy: z.string().optional(),
|
|
1329
|
+
createdAt: z.number(),
|
|
1330
|
+
updatedAt: z.number()
|
|
1331
|
+
}),
|
|
1332
|
+
indices: [
|
|
1333
|
+
{ kind: "index", name: "by_syncKey", columns: ["syncKey"] },
|
|
1334
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
1335
|
+
{
|
|
1336
|
+
kind: "index",
|
|
1337
|
+
name: "by_tenant_status",
|
|
1338
|
+
columns: ["tenantId", "status"]
|
|
1339
|
+
},
|
|
1340
|
+
{
|
|
1341
|
+
kind: "index",
|
|
1342
|
+
name: "by_workspace_status",
|
|
1343
|
+
columns: ["workspaceId", "status"]
|
|
1344
|
+
},
|
|
1345
|
+
{
|
|
1346
|
+
kind: "index",
|
|
1347
|
+
name: "by_principal_status",
|
|
1348
|
+
columns: ["principalId", "status"]
|
|
1349
|
+
}
|
|
1350
|
+
]
|
|
1351
|
+
});
|
|
1352
|
+
var secretSyncDriftReports = defineTable({
|
|
1353
|
+
name: "secretSyncDriftReports",
|
|
1354
|
+
component: "mc",
|
|
1355
|
+
category: "runtime",
|
|
1356
|
+
shape: z.object({
|
|
1357
|
+
reportId: z.string(),
|
|
1358
|
+
source: z.enum(["infisical_manifest", "manual", "ci"]),
|
|
1359
|
+
generatedAt: z.number(),
|
|
1360
|
+
recordedAt: z.number(),
|
|
1361
|
+
recordedBy: z.string(),
|
|
1362
|
+
status: z.enum([
|
|
1363
|
+
"in_sync",
|
|
1364
|
+
"drift",
|
|
1365
|
+
"exception",
|
|
1366
|
+
"blocked",
|
|
1367
|
+
"not_observed"
|
|
1368
|
+
]),
|
|
1369
|
+
reportHash: z.string(),
|
|
1370
|
+
manifestHash: z.string().optional(),
|
|
1371
|
+
dryRunReceiptId: z.string().optional(),
|
|
1372
|
+
appliedReceiptId: z.string().optional(),
|
|
1373
|
+
summary: z.object({
|
|
1374
|
+
totalPipelines: z.number(),
|
|
1375
|
+
inSync: z.number(),
|
|
1376
|
+
drift: z.number(),
|
|
1377
|
+
exception: z.number(),
|
|
1378
|
+
blocked: z.number(),
|
|
1379
|
+
notObserved: z.number(),
|
|
1380
|
+
missingKeys: z.number(),
|
|
1381
|
+
valueDriftKeys: z.number(),
|
|
1382
|
+
extraKeys: z.number(),
|
|
1383
|
+
deniedConvexLeakage: z.number(),
|
|
1384
|
+
approvedExceptions: z.number()
|
|
1385
|
+
}),
|
|
1386
|
+
redactedReport: z.record(z.any()),
|
|
1387
|
+
metadata: z.record(z.any()).optional()
|
|
1388
|
+
}),
|
|
1389
|
+
indices: [
|
|
1390
|
+
{ kind: "index", name: "by_reportId", columns: ["reportId"] },
|
|
1391
|
+
{ kind: "index", name: "by_reportHash", columns: ["reportHash"] },
|
|
1392
|
+
{ kind: "index", name: "by_generatedAt", columns: ["generatedAt"] },
|
|
1393
|
+
{
|
|
1394
|
+
kind: "index",
|
|
1395
|
+
name: "by_status_generatedAt",
|
|
1396
|
+
columns: ["status", "generatedAt"]
|
|
1397
|
+
}
|
|
1398
|
+
]
|
|
1399
|
+
});
|
|
1224
1400
|
var controlPlaneTenantModelSlotBindings = defineTable({
|
|
1225
1401
|
name: "controlPlaneTenantModelSlotBindings",
|
|
1226
1402
|
component: "mc",
|
|
1227
1403
|
category: "runtime",
|
|
1228
1404
|
shape: z.object({
|
|
1229
|
-
|
|
1230
|
-
|
|
1231
|
-
"
|
|
1232
|
-
|
|
1233
|
-
|
|
1234
|
-
|
|
1235
|
-
|
|
1236
|
-
|
|
1237
|
-
|
|
1238
|
-
|
|
1239
|
-
|
|
1240
|
-
|
|
1241
|
-
|
|
1405
|
+
bindingId: z.string(),
|
|
1406
|
+
tenantId: idOf("tenants"),
|
|
1407
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1408
|
+
environment: z.enum(["dev", "staging", "prod"]).optional(),
|
|
1409
|
+
providerId: z.string(),
|
|
1410
|
+
modelSlotId: z.string(),
|
|
1411
|
+
secretRef: z.string(),
|
|
1412
|
+
status: z.enum(["active", "revoked"]),
|
|
1413
|
+
passThroughOnly: z.boolean(),
|
|
1414
|
+
revokedAt: z.number().optional(),
|
|
1415
|
+
revokedBy: z.string().optional(),
|
|
1416
|
+
metadata: z.record(z.any()).optional(),
|
|
1417
|
+
createdBy: z.string(),
|
|
1418
|
+
createdAt: z.number(),
|
|
1419
|
+
updatedAt: z.number()
|
|
1242
1420
|
}),
|
|
1243
1421
|
indices: [
|
|
1244
1422
|
{ kind: "index", name: "by_bindingId", columns: ["bindingId"] },
|
|
1245
1423
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
1246
|
-
{
|
|
1247
|
-
|
|
1424
|
+
{
|
|
1425
|
+
kind: "index",
|
|
1426
|
+
name: "by_tenant_slot",
|
|
1427
|
+
columns: ["tenantId", "modelSlotId"]
|
|
1428
|
+
},
|
|
1429
|
+
{
|
|
1430
|
+
kind: "index",
|
|
1431
|
+
name: "by_tenant_provider_slot",
|
|
1432
|
+
columns: ["tenantId", "providerId", "modelSlotId"]
|
|
1433
|
+
},
|
|
1248
1434
|
{ kind: "index", name: "by_secretRef", columns: ["secretRef"] },
|
|
1249
1435
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1250
1436
|
]
|
|
@@ -1254,29 +1440,42 @@ var controlPlaneTenantProviderSecrets = defineTable({
|
|
|
1254
1440
|
component: "mc",
|
|
1255
1441
|
category: "runtime",
|
|
1256
1442
|
shape: z.object({
|
|
1257
|
-
|
|
1258
|
-
|
|
1259
|
-
"
|
|
1260
|
-
|
|
1261
|
-
|
|
1262
|
-
|
|
1263
|
-
|
|
1264
|
-
|
|
1265
|
-
|
|
1266
|
-
|
|
1267
|
-
|
|
1268
|
-
|
|
1269
|
-
|
|
1270
|
-
|
|
1271
|
-
|
|
1272
|
-
|
|
1273
|
-
|
|
1443
|
+
secretRef: z.string(),
|
|
1444
|
+
tenantId: idOf("tenants"),
|
|
1445
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1446
|
+
environment: z.enum(["dev", "staging", "prod"]).optional(),
|
|
1447
|
+
providerId: z.string(),
|
|
1448
|
+
label: z.string().optional(),
|
|
1449
|
+
encryptedSecret: z.string().optional(),
|
|
1450
|
+
infisicalPath: z.string().optional(),
|
|
1451
|
+
infisicalSecretKey: z.string().optional(),
|
|
1452
|
+
infisicalProjectId: z.string().optional(),
|
|
1453
|
+
encryptionVersion: z.string(),
|
|
1454
|
+
secretFingerprint: z.string(),
|
|
1455
|
+
keyHint: z.string(),
|
|
1456
|
+
status: z.enum(["active", "revoked"]),
|
|
1457
|
+
rotatedFromSecretRef: z.string().optional(),
|
|
1458
|
+
revokedAt: z.number().optional(),
|
|
1459
|
+
revokedBy: z.string().optional(),
|
|
1460
|
+
lastUsedAt: z.number().optional(),
|
|
1461
|
+
metadata: z.record(z.any()).optional(),
|
|
1462
|
+
createdBy: z.string(),
|
|
1463
|
+
createdAt: z.number(),
|
|
1464
|
+
updatedAt: z.number()
|
|
1274
1465
|
}),
|
|
1275
1466
|
indices: [
|
|
1276
1467
|
{ kind: "index", name: "by_secretRef", columns: ["secretRef"] },
|
|
1277
1468
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
1278
|
-
{
|
|
1279
|
-
|
|
1469
|
+
{
|
|
1470
|
+
kind: "index",
|
|
1471
|
+
name: "by_tenant_provider",
|
|
1472
|
+
columns: ["tenantId", "providerId"]
|
|
1473
|
+
},
|
|
1474
|
+
{
|
|
1475
|
+
kind: "index",
|
|
1476
|
+
name: "by_tenant_provider_status",
|
|
1477
|
+
columns: ["tenantId", "providerId", "status"]
|
|
1478
|
+
},
|
|
1280
1479
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1281
1480
|
]
|
|
1282
1481
|
});
|
|
@@ -1285,35 +1484,93 @@ var controlPlaneTenantProxyGatewayUsage = defineTable({
|
|
|
1285
1484
|
component: "mc",
|
|
1286
1485
|
category: "runtime",
|
|
1287
1486
|
shape: z.object({
|
|
1288
|
-
|
|
1289
|
-
|
|
1290
|
-
|
|
1291
|
-
|
|
1292
|
-
|
|
1293
|
-
|
|
1294
|
-
|
|
1295
|
-
|
|
1296
|
-
|
|
1297
|
-
|
|
1298
|
-
|
|
1299
|
-
|
|
1300
|
-
|
|
1301
|
-
|
|
1302
|
-
|
|
1303
|
-
|
|
1304
|
-
|
|
1305
|
-
|
|
1306
|
-
|
|
1307
|
-
|
|
1308
|
-
|
|
1309
|
-
|
|
1487
|
+
usageId: z.string(),
|
|
1488
|
+
tenantId: idOf("tenants"),
|
|
1489
|
+
providerId: z.string(),
|
|
1490
|
+
modelSlotId: z.string(),
|
|
1491
|
+
secretRef: z.string(),
|
|
1492
|
+
proxyTokenId: z.string(),
|
|
1493
|
+
sessionId: z.string(),
|
|
1494
|
+
principalId: z.string(),
|
|
1495
|
+
workspaceId: z.string().optional(),
|
|
1496
|
+
modelId: z.string().optional(),
|
|
1497
|
+
requestPath: z.string(),
|
|
1498
|
+
status: z.enum(["success", "error"]),
|
|
1499
|
+
responseStatus: z.number().optional(),
|
|
1500
|
+
inputTokens: z.number().optional(),
|
|
1501
|
+
outputTokens: z.number().optional(),
|
|
1502
|
+
tokenCount: z.number().optional(),
|
|
1503
|
+
latencyMs: z.number(),
|
|
1504
|
+
estimatedCostUsd: z.number().optional(),
|
|
1505
|
+
failureCode: z.string().optional(),
|
|
1506
|
+
metadata: z.record(z.any()).optional(),
|
|
1507
|
+
createdAt: z.number(),
|
|
1508
|
+
updatedAt: z.number()
|
|
1310
1509
|
}),
|
|
1311
1510
|
indices: [
|
|
1312
1511
|
{ kind: "index", name: "by_usageId", columns: ["usageId"] },
|
|
1313
1512
|
{ kind: "index", name: "by_tenantId", columns: ["tenantId", "createdAt"] },
|
|
1314
|
-
{
|
|
1315
|
-
|
|
1316
|
-
|
|
1513
|
+
{
|
|
1514
|
+
kind: "index",
|
|
1515
|
+
name: "by_tenant_provider",
|
|
1516
|
+
columns: ["tenantId", "providerId", "createdAt"]
|
|
1517
|
+
},
|
|
1518
|
+
{
|
|
1519
|
+
kind: "index",
|
|
1520
|
+
name: "by_proxyTokenId",
|
|
1521
|
+
columns: ["proxyTokenId", "createdAt"]
|
|
1522
|
+
},
|
|
1523
|
+
{
|
|
1524
|
+
kind: "index",
|
|
1525
|
+
name: "by_sessionId",
|
|
1526
|
+
columns: ["sessionId", "createdAt"]
|
|
1527
|
+
}
|
|
1528
|
+
]
|
|
1529
|
+
});
|
|
1530
|
+
var controlPlaneTenantProxyTokenLeases = defineTable({
|
|
1531
|
+
name: "controlPlaneTenantProxyTokenLeases",
|
|
1532
|
+
component: "mc",
|
|
1533
|
+
category: "runtime",
|
|
1534
|
+
shape: z.object({
|
|
1535
|
+
leaseId: z.string(),
|
|
1536
|
+
proxyTokenId: z.string(),
|
|
1537
|
+
tenantId: idOf("tenants"),
|
|
1538
|
+
workspaceId: idOf("workspaces").optional(),
|
|
1539
|
+
environment: z.enum(["dev", "staging", "prod"]),
|
|
1540
|
+
providerId: z.string(),
|
|
1541
|
+
modelSlotId: z.string(),
|
|
1542
|
+
bindingId: z.string(),
|
|
1543
|
+
secretRef: z.string(),
|
|
1544
|
+
sessionId: z.string(),
|
|
1545
|
+
principalId: z.string(),
|
|
1546
|
+
agentSessionId: z.string().optional(),
|
|
1547
|
+
status: z.enum(["active", "revoked"]),
|
|
1548
|
+
expiresAt: z.number(),
|
|
1549
|
+
renewedAt: z.number().optional(),
|
|
1550
|
+
revokedAt: z.number().optional(),
|
|
1551
|
+
revokedBy: z.string().optional(),
|
|
1552
|
+
revokeReason: z.string().optional(),
|
|
1553
|
+
permitDecisionLogId: idOf("policyDecisionLogs").optional(),
|
|
1554
|
+
permitTraceId: z.string().optional(),
|
|
1555
|
+
metadata: z.record(z.any()).optional(),
|
|
1556
|
+
createdAt: z.number(),
|
|
1557
|
+
updatedAt: z.number()
|
|
1558
|
+
}),
|
|
1559
|
+
indices: [
|
|
1560
|
+
{ kind: "index", name: "by_leaseId", columns: ["leaseId"] },
|
|
1561
|
+
{ kind: "index", name: "by_proxyTokenId", columns: ["proxyTokenId"] },
|
|
1562
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId", "createdAt"] },
|
|
1563
|
+
{ kind: "index", name: "by_sessionId", columns: ["sessionId", "createdAt"] },
|
|
1564
|
+
{
|
|
1565
|
+
kind: "index",
|
|
1566
|
+
name: "by_principalId",
|
|
1567
|
+
columns: ["principalId", "createdAt"]
|
|
1568
|
+
},
|
|
1569
|
+
{
|
|
1570
|
+
kind: "index",
|
|
1571
|
+
name: "by_status_expiresAt",
|
|
1572
|
+
columns: ["status", "expiresAt"]
|
|
1573
|
+
}
|
|
1317
1574
|
]
|
|
1318
1575
|
});
|
|
1319
1576
|
var crossProjectConnections = defineTable({
|
|
@@ -1646,6 +1903,7 @@ var epistemicNodes = defineTable({
|
|
|
1646
1903
|
"questionType": z.enum(["validation", "falsification", "assumption_probe", "prediction_test", "counterfactual", "discovery", "clarification", "comparison", "causal", "mechanism", "general"]).optional(),
|
|
1647
1904
|
"questionPriority": z.enum(["critical", "high", "medium", "low"]).optional(),
|
|
1648
1905
|
"answerQuality": z.enum(["definitive", "strong", "moderate", "weak", "speculative", "unanswered"]).optional(),
|
|
1906
|
+
"themeStatus": z.enum(["emerging", "active", "mature", "declining", "archived"]).optional(),
|
|
1649
1907
|
"themeConviction": z.enum(["high", "medium", "low", "negative"]).optional(),
|
|
1650
1908
|
"decisionType": z.enum(["invest", "pass", "follow_on", "exit", "deep_dive", "monitor", "deprioritize", "thesis_adopt", "thesis_revise", "thesis_abandon"]).optional(),
|
|
1651
1909
|
"decisionOutcome": z.enum(["pending", "successful", "unsuccessful", "mixed", "unknown"]).optional(),
|
|
@@ -1796,6 +2054,7 @@ var memberships = defineTable({
|
|
|
1796
2054
|
indices: [
|
|
1797
2055
|
{ kind: "index", name: "by_principalId", columns: ["principalId"] },
|
|
1798
2056
|
{ kind: "index", name: "by_principal_tenant", columns: ["principalId", "tenantId"] },
|
|
2057
|
+
{ kind: "index", name: "by_principal_tenant_workspace", columns: ["principalId", "tenantId", "workspaceId"] },
|
|
1799
2058
|
{ kind: "index", name: "by_workspace_principal", columns: ["workspaceId", "principalId"] },
|
|
1800
2059
|
{ kind: "index", name: "by_tenant_role", columns: ["tenantId", "role"] },
|
|
1801
2060
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
@@ -1827,6 +2086,36 @@ var principals = defineTable({
|
|
|
1827
2086
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
1828
2087
|
]
|
|
1829
2088
|
});
|
|
2089
|
+
var principalIdentityAliases = defineTable({
|
|
2090
|
+
name: "principalIdentityAliases",
|
|
2091
|
+
component: "mc",
|
|
2092
|
+
category: "identity",
|
|
2093
|
+
shape: z.object({
|
|
2094
|
+
"principalId": z.string(),
|
|
2095
|
+
"principalRefId": idOf("principals").optional(),
|
|
2096
|
+
"provider": z.string(),
|
|
2097
|
+
"providerProjectId": z.string().optional(),
|
|
2098
|
+
"externalSubjectId": z.string(),
|
|
2099
|
+
"tenantId": idOf("tenants").optional(),
|
|
2100
|
+
"workspaceId": idOf("workspaces").optional(),
|
|
2101
|
+
"email": z.string().optional(),
|
|
2102
|
+
"status": z.enum(["active", "revoked"]),
|
|
2103
|
+
"metadata": z.record(z.any()).optional(),
|
|
2104
|
+
"createdBy": z.string(),
|
|
2105
|
+
"revokedAt": z.number().optional(),
|
|
2106
|
+
"revokedBy": z.string().optional(),
|
|
2107
|
+
"createdAt": z.number(),
|
|
2108
|
+
"updatedAt": z.number()
|
|
2109
|
+
}),
|
|
2110
|
+
indices: [
|
|
2111
|
+
{ kind: "index", name: "by_provider_subject", columns: ["provider", "externalSubjectId"] },
|
|
2112
|
+
{ kind: "index", name: "by_provider_project_subject", columns: ["provider", "providerProjectId", "externalSubjectId"] },
|
|
2113
|
+
{ kind: "index", name: "by_principalId", columns: ["principalId"] },
|
|
2114
|
+
{ kind: "index", name: "by_principal_status", columns: ["principalId", "status"] },
|
|
2115
|
+
{ kind: "index", name: "by_tenant_provider_subject", columns: ["tenantId", "provider", "externalSubjectId"] },
|
|
2116
|
+
{ kind: "index", name: "by_workspace_provider_subject", columns: ["workspaceId", "provider", "externalSubjectId"] }
|
|
2117
|
+
]
|
|
2118
|
+
});
|
|
1830
2119
|
var rateLimitWindows = defineTable({
|
|
1831
2120
|
name: "rateLimitWindows",
|
|
1832
2121
|
component: "mc",
|
|
@@ -2416,7 +2705,7 @@ var lensTopicBindings = defineTable({
|
|
|
2416
2705
|
});
|
|
2417
2706
|
var mcpWritePolicy = defineTable({
|
|
2418
2707
|
name: "mcpWritePolicy",
|
|
2419
|
-
component: "
|
|
2708
|
+
component: "control-plane",
|
|
2420
2709
|
category: "platform",
|
|
2421
2710
|
shape: z.object({
|
|
2422
2711
|
"topicId": z.string().optional(),
|
|
@@ -2439,7 +2728,7 @@ var mcpWritePolicy = defineTable({
|
|
|
2439
2728
|
});
|
|
2440
2729
|
var platformAudienceGrants = defineTable({
|
|
2441
2730
|
name: "platformAudienceGrants",
|
|
2442
|
-
component: "
|
|
2731
|
+
component: "control-plane",
|
|
2443
2732
|
category: "platform",
|
|
2444
2733
|
shape: z.object({
|
|
2445
2734
|
"tenantId": z.string(),
|
|
@@ -2465,7 +2754,7 @@ var platformAudienceGrants = defineTable({
|
|
|
2465
2754
|
});
|
|
2466
2755
|
var platformAudiences = defineTable({
|
|
2467
2756
|
name: "platformAudiences",
|
|
2468
|
-
component: "
|
|
2757
|
+
component: "control-plane",
|
|
2469
2758
|
category: "platform",
|
|
2470
2759
|
shape: z.object({
|
|
2471
2760
|
"tenantId": z.string(),
|
|
@@ -2490,7 +2779,7 @@ var platformAudiences = defineTable({
|
|
|
2490
2779
|
});
|
|
2491
2780
|
var platformPolicyDecisionLogs = defineTable({
|
|
2492
2781
|
name: "platformPolicyDecisionLogs",
|
|
2493
|
-
component: "
|
|
2782
|
+
component: "control-plane",
|
|
2494
2783
|
category: "platform",
|
|
2495
2784
|
shape: z.object({
|
|
2496
2785
|
"principalId": z.string(),
|
|
@@ -2526,7 +2815,7 @@ var platformPolicyDecisionLogs = defineTable({
|
|
|
2526
2815
|
});
|
|
2527
2816
|
var tenantApiKeys = defineTable({
|
|
2528
2817
|
name: "tenantApiKeys",
|
|
2529
|
-
component: "
|
|
2818
|
+
component: "control-plane",
|
|
2530
2819
|
category: "platform",
|
|
2531
2820
|
shape: z.object({
|
|
2532
2821
|
"tenantId": z.string(),
|
|
@@ -2553,7 +2842,7 @@ var tenantApiKeys = defineTable({
|
|
|
2553
2842
|
});
|
|
2554
2843
|
var tenantConfig = defineTable({
|
|
2555
2844
|
name: "tenantConfig",
|
|
2556
|
-
component: "
|
|
2845
|
+
component: "control-plane",
|
|
2557
2846
|
category: "platform",
|
|
2558
2847
|
shape: z.object({
|
|
2559
2848
|
"tenantId": z.string(),
|
|
@@ -2572,7 +2861,7 @@ var tenantConfig = defineTable({
|
|
|
2572
2861
|
});
|
|
2573
2862
|
var tenantIntegrations = defineTable({
|
|
2574
2863
|
name: "tenantIntegrations",
|
|
2575
|
-
component: "
|
|
2864
|
+
component: "control-plane",
|
|
2576
2865
|
category: "platform",
|
|
2577
2866
|
shape: z.object({
|
|
2578
2867
|
"tenantId": z.string(),
|
|
@@ -2627,7 +2916,7 @@ var tenantIntegrations = defineTable({
|
|
|
2627
2916
|
});
|
|
2628
2917
|
var tenantModelSlotBindings = defineTable({
|
|
2629
2918
|
name: "tenantModelSlotBindings",
|
|
2630
|
-
component: "
|
|
2919
|
+
component: "control-plane",
|
|
2631
2920
|
category: "platform",
|
|
2632
2921
|
shape: z.object({
|
|
2633
2922
|
"bindingId": z.string(),
|
|
@@ -2655,7 +2944,7 @@ var tenantModelSlotBindings = defineTable({
|
|
|
2655
2944
|
});
|
|
2656
2945
|
var tenantPolicies = defineTable({
|
|
2657
2946
|
name: "tenantPolicies",
|
|
2658
|
-
component: "
|
|
2947
|
+
component: "control-plane",
|
|
2659
2948
|
category: "platform",
|
|
2660
2949
|
shape: z.object({
|
|
2661
2950
|
"tenantId": z.string(),
|
|
@@ -2680,7 +2969,7 @@ var tenantPolicies = defineTable({
|
|
|
2680
2969
|
});
|
|
2681
2970
|
var tenantProviderSecrets = defineTable({
|
|
2682
2971
|
name: "tenantProviderSecrets",
|
|
2683
|
-
component: "
|
|
2972
|
+
component: "control-plane",
|
|
2684
2973
|
category: "platform",
|
|
2685
2974
|
shape: z.object({
|
|
2686
2975
|
"secretRef": z.string(),
|
|
@@ -2711,7 +3000,7 @@ var tenantProviderSecrets = defineTable({
|
|
|
2711
3000
|
});
|
|
2712
3001
|
var tenantProxyGatewayUsage = defineTable({
|
|
2713
3002
|
name: "tenantProxyGatewayUsage",
|
|
2714
|
-
component: "
|
|
3003
|
+
component: "control-plane",
|
|
2715
3004
|
category: "platform",
|
|
2716
3005
|
shape: z.object({
|
|
2717
3006
|
"usageId": z.string(),
|
|
@@ -2746,7 +3035,7 @@ var tenantProxyGatewayUsage = defineTable({
|
|
|
2746
3035
|
});
|
|
2747
3036
|
var tenantProxyTokenMints = defineTable({
|
|
2748
3037
|
name: "tenantProxyTokenMints",
|
|
2749
|
-
component: "
|
|
3038
|
+
component: "control-plane",
|
|
2750
3039
|
category: "platform",
|
|
2751
3040
|
shape: z.object({
|
|
2752
3041
|
"proxyTokenId": z.string(),
|
|
@@ -2769,7 +3058,7 @@ var tenantProxyTokenMints = defineTable({
|
|
|
2769
3058
|
});
|
|
2770
3059
|
var tenantSandboxAuditEvents = defineTable({
|
|
2771
3060
|
name: "tenantSandboxAuditEvents",
|
|
2772
|
-
component: "
|
|
3061
|
+
component: "control-plane",
|
|
2773
3062
|
category: "platform",
|
|
2774
3063
|
shape: z.object({
|
|
2775
3064
|
"eventId": z.string(),
|
|
@@ -2803,7 +3092,7 @@ var tenantSandboxAuditEvents = defineTable({
|
|
|
2803
3092
|
});
|
|
2804
3093
|
var tenantSecrets = defineTable({
|
|
2805
3094
|
name: "tenantSecrets",
|
|
2806
|
-
component: "
|
|
3095
|
+
component: "control-plane",
|
|
2807
3096
|
category: "platform",
|
|
2808
3097
|
shape: z.object({
|
|
2809
3098
|
"tenantId": z.string(),
|
|
@@ -2825,7 +3114,7 @@ var tenantSecrets = defineTable({
|
|
|
2825
3114
|
});
|
|
2826
3115
|
var toolAcls = defineTable({
|
|
2827
3116
|
name: "toolAcls",
|
|
2828
|
-
component: "
|
|
3117
|
+
component: "control-plane",
|
|
2829
3118
|
category: "platform",
|
|
2830
3119
|
shape: z.object({
|
|
2831
3120
|
"role": z.enum(["platform_admin", "tenant_admin", "workspace_admin", "editor", "viewer", "auditor", "service_agent"]),
|
|
@@ -2840,7 +3129,7 @@ var toolAcls = defineTable({
|
|
|
2840
3129
|
});
|
|
2841
3130
|
var toolRegistry = defineTable({
|
|
2842
3131
|
name: "toolRegistry",
|
|
2843
|
-
component: "
|
|
3132
|
+
component: "control-plane",
|
|
2844
3133
|
category: "platform",
|
|
2845
3134
|
shape: z.object({
|
|
2846
3135
|
"toolName": z.string(),
|
|
@@ -2921,7 +3210,7 @@ var tenantMethodologyAssignments = defineTable({
|
|
|
2921
3210
|
});
|
|
2922
3211
|
var modelCallLogs = defineTable({
|
|
2923
3212
|
name: "modelCallLogs",
|
|
2924
|
-
component: "
|
|
3213
|
+
component: "control-plane",
|
|
2925
3214
|
category: "model",
|
|
2926
3215
|
shape: z.object({
|
|
2927
3216
|
"slot": z.string(),
|
|
@@ -2947,7 +3236,7 @@ var modelCallLogs = defineTable({
|
|
|
2947
3236
|
});
|
|
2948
3237
|
var modelFunctionSlots = defineTable({
|
|
2949
3238
|
name: "modelFunctionSlots",
|
|
2950
|
-
component: "
|
|
3239
|
+
component: "control-plane",
|
|
2951
3240
|
category: "model",
|
|
2952
3241
|
shape: z.object({
|
|
2953
3242
|
"slot": z.string(),
|
|
@@ -2972,7 +3261,7 @@ var modelFunctionSlots = defineTable({
|
|
|
2972
3261
|
});
|
|
2973
3262
|
var modelRegistry = defineTable({
|
|
2974
3263
|
name: "modelRegistry",
|
|
2975
|
-
component: "
|
|
3264
|
+
component: "control-plane",
|
|
2976
3265
|
category: "model",
|
|
2977
3266
|
shape: z.object({
|
|
2978
3267
|
"key": z.string(),
|
|
@@ -2999,7 +3288,7 @@ var modelRegistry = defineTable({
|
|
|
2999
3288
|
});
|
|
3000
3289
|
var modelSlotConfigs = defineTable({
|
|
3001
3290
|
name: "modelSlotConfigs",
|
|
3002
|
-
component: "
|
|
3291
|
+
component: "control-plane",
|
|
3003
3292
|
category: "model",
|
|
3004
3293
|
shape: z.object({
|
|
3005
3294
|
"slot": z.string(),
|
|
@@ -3386,7 +3675,7 @@ var policyDecisionLogs = defineTable({
|
|
|
3386
3675
|
"workspaceId": idOf("workspaces").optional(),
|
|
3387
3676
|
"resourceType": z.string(),
|
|
3388
3677
|
"resourceId": z.string(),
|
|
3389
|
-
"action": z.enum(["read", "summarize", "export", "mutate", "admin", "comment", "escalate", "resolve", "vote"]),
|
|
3678
|
+
"action": z.enum(["read", "summarize", "export", "mutate", "admin", "comment", "escalate", "resolve", "vote", "route", "invoke", "manage", "deploy", "promote", "rollback", "audit", "read_ref", "fetch_value", "rotate", "administer", "mint", "delegate", "revoke"]),
|
|
3390
3679
|
"decision": z.enum(["allow", "deny"]),
|
|
3391
3680
|
"reasonCode": z.string(),
|
|
3392
3681
|
"policyVersion": z.string(),
|
|
@@ -3448,7 +3737,7 @@ var controlPlaneToolAcls = defineTable({
|
|
|
3448
3737
|
});
|
|
3449
3738
|
var projectGrants = defineTable({
|
|
3450
3739
|
name: "projectGrants",
|
|
3451
|
-
component: "
|
|
3740
|
+
component: "control-plane",
|
|
3452
3741
|
category: "project",
|
|
3453
3742
|
shape: z.object({
|
|
3454
3743
|
"projectId": z.string().optional(),
|
|
@@ -3480,9 +3769,653 @@ var projectGrants = defineTable({
|
|
|
3480
3769
|
{ kind: "index", name: "by_topic_cluster_status", columns: ["topicId", "beliefClusterId", "status"] }
|
|
3481
3770
|
]
|
|
3482
3771
|
});
|
|
3772
|
+
var permitActorType = z.enum([
|
|
3773
|
+
"human",
|
|
3774
|
+
"agent",
|
|
3775
|
+
"service_principal",
|
|
3776
|
+
"external_stakeholder",
|
|
3777
|
+
"system"
|
|
3778
|
+
]);
|
|
3779
|
+
var permitMembershipStatus = z.enum([
|
|
3780
|
+
"active",
|
|
3781
|
+
"invited",
|
|
3782
|
+
"revoked",
|
|
3783
|
+
"suspended",
|
|
3784
|
+
"disabled"
|
|
3785
|
+
]);
|
|
3786
|
+
var permitDecision = z.enum(["allow", "deny"]);
|
|
3787
|
+
var permitAccessReviewStatus = z.enum([
|
|
3788
|
+
"open",
|
|
3789
|
+
"in_progress",
|
|
3790
|
+
"approved",
|
|
3791
|
+
"denied",
|
|
3792
|
+
"expired",
|
|
3793
|
+
"cancelled"
|
|
3794
|
+
]);
|
|
3795
|
+
var permitReviewScope = z.enum([
|
|
3796
|
+
"tenant",
|
|
3797
|
+
"workspace",
|
|
3798
|
+
"resource_instance",
|
|
3799
|
+
"group",
|
|
3800
|
+
"principal",
|
|
3801
|
+
"api_key",
|
|
3802
|
+
"admin_action"
|
|
3803
|
+
]);
|
|
3804
|
+
var permitRecordStatus = z.enum([
|
|
3805
|
+
"queued",
|
|
3806
|
+
"inflight",
|
|
3807
|
+
"completed",
|
|
3808
|
+
"failed",
|
|
3809
|
+
"skipped",
|
|
3810
|
+
"stale"
|
|
3811
|
+
]);
|
|
3812
|
+
var permitObjectType = z.enum([
|
|
3813
|
+
"resource",
|
|
3814
|
+
"role",
|
|
3815
|
+
"resource_role",
|
|
3816
|
+
"resource_relation",
|
|
3817
|
+
"tenant",
|
|
3818
|
+
"workspace",
|
|
3819
|
+
"principal",
|
|
3820
|
+
"membership",
|
|
3821
|
+
"group",
|
|
3822
|
+
"resource_instance",
|
|
3823
|
+
"relationship_tuple",
|
|
3824
|
+
"role_assignment",
|
|
3825
|
+
"attribute_binding",
|
|
3826
|
+
"policy_bundle"
|
|
3827
|
+
]);
|
|
3828
|
+
var permitOutboxOperation = z.enum([
|
|
3829
|
+
"upsert",
|
|
3830
|
+
"delete",
|
|
3831
|
+
"sync",
|
|
3832
|
+
"resync",
|
|
3833
|
+
"delete_sync",
|
|
3834
|
+
"noop"
|
|
3835
|
+
]);
|
|
3836
|
+
var permitPolicyBundleStatus = z.enum([
|
|
3837
|
+
"draft",
|
|
3838
|
+
"validated",
|
|
3839
|
+
"enforced",
|
|
3840
|
+
"archived"
|
|
3841
|
+
]);
|
|
3842
|
+
var permitSyncStatus = z.enum([
|
|
3843
|
+
"pending",
|
|
3844
|
+
"synced",
|
|
3845
|
+
"error",
|
|
3846
|
+
"skipped"
|
|
3847
|
+
]);
|
|
3848
|
+
var permitAccessReviewSubjectType = z.enum([
|
|
3849
|
+
"principal",
|
|
3850
|
+
"group",
|
|
3851
|
+
"role_assignment",
|
|
3852
|
+
"resource_instance"
|
|
3853
|
+
]);
|
|
3854
|
+
var permitAttributeType = z.enum([
|
|
3855
|
+
"string",
|
|
3856
|
+
"number",
|
|
3857
|
+
"bool",
|
|
3858
|
+
"json",
|
|
3859
|
+
"time"
|
|
3860
|
+
]);
|
|
3861
|
+
var permitAttributeOperator = z.enum([
|
|
3862
|
+
"eq",
|
|
3863
|
+
"neq",
|
|
3864
|
+
"in",
|
|
3865
|
+
"not_in",
|
|
3866
|
+
"gt",
|
|
3867
|
+
"gte",
|
|
3868
|
+
"lt",
|
|
3869
|
+
"lte",
|
|
3870
|
+
"contains",
|
|
3871
|
+
"not_contains",
|
|
3872
|
+
"matches"
|
|
3873
|
+
]);
|
|
3874
|
+
var permitRoleBindingTarget = z.enum([
|
|
3875
|
+
"principal",
|
|
3876
|
+
"group"
|
|
3877
|
+
]);
|
|
3878
|
+
var permitPrincipals = defineTable({
|
|
3879
|
+
name: "permitPrincipals",
|
|
3880
|
+
component: "control-plane",
|
|
3881
|
+
category: "access-control",
|
|
3882
|
+
shape: z.object({
|
|
3883
|
+
principalId: z.string(),
|
|
3884
|
+
tenantId: z.string(),
|
|
3885
|
+
workspaceId: z.optional(z.string()),
|
|
3886
|
+
principalType: permitActorType,
|
|
3887
|
+
status: permitMembershipStatus,
|
|
3888
|
+
displayName: z.string().optional(),
|
|
3889
|
+
metadata: z.record(z.any()).optional(),
|
|
3890
|
+
createdBy: z.string(),
|
|
3891
|
+
createdAt: z.number(),
|
|
3892
|
+
updatedAt: z.number(),
|
|
3893
|
+
updatedBy: z.string().optional(),
|
|
3894
|
+
lastSeenAt: z.number().optional()
|
|
3895
|
+
}),
|
|
3896
|
+
indices: [
|
|
3897
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
3898
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
3899
|
+
{ kind: "index", name: "by_tenant_principalId", columns: ["tenantId", "principalId"] },
|
|
3900
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
|
|
3901
|
+
{
|
|
3902
|
+
kind: "index",
|
|
3903
|
+
name: "by_tenant_principalType_status",
|
|
3904
|
+
columns: ["tenantId", "principalType", "status"]
|
|
3905
|
+
}
|
|
3906
|
+
]
|
|
3907
|
+
});
|
|
3908
|
+
var permitPrincipalAliases = defineTable({
|
|
3909
|
+
name: "permitPrincipalAliases",
|
|
3910
|
+
component: "control-plane",
|
|
3911
|
+
category: "access-control",
|
|
3912
|
+
shape: z.object({
|
|
3913
|
+
principalId: z.string(),
|
|
3914
|
+
tenantId: z.string(),
|
|
3915
|
+
workspaceId: z.optional(z.string()),
|
|
3916
|
+
provider: z.string(),
|
|
3917
|
+
providerSubjectId: z.string(),
|
|
3918
|
+
providerProjectId: z.string().optional(),
|
|
3919
|
+
alias: z.string(),
|
|
3920
|
+
aliasKind: z.string(),
|
|
3921
|
+
status: permitMembershipStatus,
|
|
3922
|
+
metadata: z.record(z.any()).optional(),
|
|
3923
|
+
createdBy: z.string(),
|
|
3924
|
+
createdAt: z.number(),
|
|
3925
|
+
updatedAt: z.number(),
|
|
3926
|
+
revokedBy: z.string().optional(),
|
|
3927
|
+
revokedAt: z.number().optional(),
|
|
3928
|
+
updatedBy: z.string().optional()
|
|
3929
|
+
}),
|
|
3930
|
+
indices: [
|
|
3931
|
+
{ kind: "index", name: "by_principalId", columns: ["principalId"] },
|
|
3932
|
+
{ kind: "index", name: "by_provider_subject", columns: ["provider", "providerSubjectId"] },
|
|
3933
|
+
{ kind: "index", name: "by_provider_project_subject", columns: ["provider", "providerProjectId", "providerSubjectId"] },
|
|
3934
|
+
{ kind: "index", name: "by_tenant_provider_subject", columns: ["tenantId", "provider", "providerSubjectId"] },
|
|
3935
|
+
{ kind: "index", name: "by_tenant_provider_project_subject", columns: ["tenantId", "provider", "providerProjectId", "providerSubjectId"] },
|
|
3936
|
+
{
|
|
3937
|
+
kind: "index",
|
|
3938
|
+
name: "by_tenant_provider_alias",
|
|
3939
|
+
columns: ["tenantId", "provider", "alias"]
|
|
3940
|
+
},
|
|
3941
|
+
{ kind: "index", name: "by_tenant_alias", columns: ["tenantId", "alias"] },
|
|
3942
|
+
{
|
|
3943
|
+
kind: "index",
|
|
3944
|
+
name: "by_tenant_provider_status",
|
|
3945
|
+
columns: ["tenantId", "provider", "status"]
|
|
3946
|
+
}
|
|
3947
|
+
]
|
|
3948
|
+
});
|
|
3949
|
+
var permitGroups = defineTable({
|
|
3950
|
+
name: "permitGroups",
|
|
3951
|
+
component: "control-plane",
|
|
3952
|
+
category: "access-control",
|
|
3953
|
+
shape: z.object({
|
|
3954
|
+
tenantId: z.string(),
|
|
3955
|
+
workspaceId: z.optional(z.string()),
|
|
3956
|
+
groupId: z.string(),
|
|
3957
|
+
groupKey: z.string(),
|
|
3958
|
+
groupName: z.string(),
|
|
3959
|
+
groupType: z.enum(["tenant", "workspace", "external", "system", "dynamic"]),
|
|
3960
|
+
status: permitMembershipStatus,
|
|
3961
|
+
description: z.string().optional(),
|
|
3962
|
+
metadata: z.record(z.any()).optional(),
|
|
3963
|
+
createdBy: z.string(),
|
|
3964
|
+
createdAt: z.number(),
|
|
3965
|
+
updatedAt: z.number(),
|
|
3966
|
+
updatedBy: z.string().optional()
|
|
3967
|
+
}),
|
|
3968
|
+
indices: [
|
|
3969
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
3970
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
3971
|
+
{ kind: "index", name: "by_tenant_groupId", columns: ["tenantId", "groupId"] },
|
|
3972
|
+
{ kind: "index", name: "by_tenant_groupKey", columns: ["tenantId", "groupKey"] },
|
|
3973
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
|
|
3974
|
+
]
|
|
3975
|
+
});
|
|
3976
|
+
var permitGroupMemberships = defineTable({
|
|
3977
|
+
name: "permitGroupMemberships",
|
|
3978
|
+
component: "control-plane",
|
|
3979
|
+
category: "access-control",
|
|
3980
|
+
shape: z.object({
|
|
3981
|
+
tenantId: z.string(),
|
|
3982
|
+
workspaceId: z.optional(z.string()),
|
|
3983
|
+
groupId: z.string(),
|
|
3984
|
+
memberType: z.enum(["principal", "group"]),
|
|
3985
|
+
memberId: z.string(),
|
|
3986
|
+
principalId: z.string().optional(),
|
|
3987
|
+
childGroupId: z.string().optional(),
|
|
3988
|
+
status: permitMembershipStatus,
|
|
3989
|
+
addedBy: z.string().optional(),
|
|
3990
|
+
revokedBy: z.string().optional(),
|
|
3991
|
+
expiresAt: z.number().optional(),
|
|
3992
|
+
revocationReason: z.string().optional(),
|
|
3993
|
+
metadata: z.record(z.any()).optional(),
|
|
3994
|
+
createdAt: z.number(),
|
|
3995
|
+
updatedAt: z.number(),
|
|
3996
|
+
updatedBy: z.string().optional()
|
|
3997
|
+
}),
|
|
3998
|
+
indices: [
|
|
3999
|
+
{ kind: "index", name: "by_tenant_principal", columns: ["tenantId", "principalId"] },
|
|
4000
|
+
{ kind: "index", name: "by_tenant_member", columns: ["tenantId", "memberType", "memberId"] },
|
|
4001
|
+
{
|
|
4002
|
+
kind: "index",
|
|
4003
|
+
name: "by_tenant_member_group",
|
|
4004
|
+
columns: ["tenantId", "memberType", "memberId", "groupId"]
|
|
4005
|
+
},
|
|
4006
|
+
{ kind: "index", name: "by_tenant_group", columns: ["tenantId", "groupId"] },
|
|
4007
|
+
{ kind: "index", name: "by_member_group", columns: ["memberType", "memberId", "groupId"] },
|
|
4008
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
|
|
4009
|
+
{
|
|
4010
|
+
kind: "index",
|
|
4011
|
+
name: "by_workspace_principal",
|
|
4012
|
+
columns: ["workspaceId", "principalId"]
|
|
4013
|
+
}
|
|
4014
|
+
]
|
|
4015
|
+
});
|
|
4016
|
+
var permitResourceInstances = defineTable({
|
|
4017
|
+
name: "permitResourceInstances",
|
|
4018
|
+
component: "control-plane",
|
|
4019
|
+
category: "access-control",
|
|
4020
|
+
shape: z.object({
|
|
4021
|
+
tenantId: z.string(),
|
|
4022
|
+
workspaceId: z.optional(z.string()),
|
|
4023
|
+
resourceType: z.string(),
|
|
4024
|
+
resourceKey: z.string(),
|
|
4025
|
+
resourceId: z.string(),
|
|
4026
|
+
status: z.enum(["active", "deleted", "archived"]),
|
|
4027
|
+
attributes: z.record(z.any()).optional(),
|
|
4028
|
+
ownerPrincipalId: z.string().optional(),
|
|
4029
|
+
metadata: z.record(z.any()).optional(),
|
|
4030
|
+
createdBy: z.string(),
|
|
4031
|
+
updatedBy: z.string().optional(),
|
|
4032
|
+
createdAt: z.number(),
|
|
4033
|
+
updatedAt: z.number()
|
|
4034
|
+
}),
|
|
4035
|
+
indices: [
|
|
4036
|
+
{
|
|
4037
|
+
kind: "index",
|
|
4038
|
+
name: "by_tenant_resource_type",
|
|
4039
|
+
columns: ["tenantId", "resourceType"]
|
|
4040
|
+
},
|
|
4041
|
+
{
|
|
4042
|
+
kind: "index",
|
|
4043
|
+
name: "by_tenant_resource_key",
|
|
4044
|
+
columns: ["tenantId", "resourceType", "resourceKey"]
|
|
4045
|
+
},
|
|
4046
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
4047
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4048
|
+
{
|
|
4049
|
+
kind: "index",
|
|
4050
|
+
name: "by_tenant_status",
|
|
4051
|
+
columns: ["tenantId", "status"]
|
|
4052
|
+
},
|
|
4053
|
+
{
|
|
4054
|
+
kind: "index",
|
|
4055
|
+
name: "by_ownerPrincipalId",
|
|
4056
|
+
columns: ["ownerPrincipalId"]
|
|
4057
|
+
}
|
|
4058
|
+
]
|
|
4059
|
+
});
|
|
4060
|
+
var permitRoleAssignments = defineTable({
|
|
4061
|
+
name: "permitRoleAssignments",
|
|
4062
|
+
component: "control-plane",
|
|
4063
|
+
category: "access-control",
|
|
4064
|
+
shape: z.object({
|
|
4065
|
+
tenantId: z.string(),
|
|
4066
|
+
workspaceId: z.optional(z.string()),
|
|
4067
|
+
role: z.string(),
|
|
4068
|
+
targetType: permitRoleBindingTarget,
|
|
4069
|
+
targetId: z.string(),
|
|
4070
|
+
resourceType: z.string(),
|
|
4071
|
+
resourceKey: z.string(),
|
|
4072
|
+
resourceInstanceId: z.string().optional(),
|
|
4073
|
+
status: permitMembershipStatus,
|
|
4074
|
+
expiresAt: z.number().optional(),
|
|
4075
|
+
attributes: z.record(z.any()).optional(),
|
|
4076
|
+
grantedBy: z.string().optional(),
|
|
4077
|
+
updatedBy: z.string().optional(),
|
|
4078
|
+
revokedBy: z.string().optional(),
|
|
4079
|
+
createdAt: z.number(),
|
|
4080
|
+
updatedAt: z.number()
|
|
4081
|
+
}),
|
|
4082
|
+
indices: [
|
|
4083
|
+
{
|
|
4084
|
+
kind: "index",
|
|
4085
|
+
name: "by_tenant_target",
|
|
4086
|
+
columns: ["tenantId", "targetType", "targetId"]
|
|
4087
|
+
},
|
|
4088
|
+
{
|
|
4089
|
+
kind: "index",
|
|
4090
|
+
name: "by_tenant_resource",
|
|
4091
|
+
columns: ["tenantId", "resourceType", "resourceKey"]
|
|
4092
|
+
},
|
|
4093
|
+
{
|
|
4094
|
+
kind: "index",
|
|
4095
|
+
name: "by_tenant_role",
|
|
4096
|
+
columns: ["tenantId", "role", "status"]
|
|
4097
|
+
},
|
|
4098
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4099
|
+
{
|
|
4100
|
+
kind: "index",
|
|
4101
|
+
name: "by_workspace_resource",
|
|
4102
|
+
columns: ["workspaceId", "resourceType", "resourceKey"]
|
|
4103
|
+
}
|
|
4104
|
+
]
|
|
4105
|
+
});
|
|
4106
|
+
var permitRelationshipTuples = defineTable({
|
|
4107
|
+
name: "permitRelationshipTuples",
|
|
4108
|
+
component: "control-plane",
|
|
4109
|
+
category: "access-control",
|
|
4110
|
+
shape: z.object({
|
|
4111
|
+
tenantId: z.string(),
|
|
4112
|
+
workspaceId: z.optional(z.string()),
|
|
4113
|
+
relation: z.string(),
|
|
4114
|
+
subject: z.string(),
|
|
4115
|
+
object: z.string(),
|
|
4116
|
+
resourceType: z.string().optional(),
|
|
4117
|
+
resourceKey: z.string().optional(),
|
|
4118
|
+
status: permitRecordStatus,
|
|
4119
|
+
attributes: z.record(z.any()).optional(),
|
|
4120
|
+
createdBy: z.string(),
|
|
4121
|
+
createdAt: z.number(),
|
|
4122
|
+
updatedAt: z.number(),
|
|
4123
|
+
lastSeenAt: z.number().optional(),
|
|
4124
|
+
updatedBy: z.string().optional()
|
|
4125
|
+
}),
|
|
4126
|
+
indices: [
|
|
4127
|
+
{ kind: "index", name: "by_tenant_subject", columns: ["tenantId", "subject"] },
|
|
4128
|
+
{ kind: "index", name: "by_tenant_object", columns: ["tenantId", "object"] },
|
|
4129
|
+
{ kind: "index", name: "by_tenant_relation", columns: ["tenantId", "relation"] },
|
|
4130
|
+
{
|
|
4131
|
+
kind: "index",
|
|
4132
|
+
name: "by_tenant_relation_subject",
|
|
4133
|
+
columns: ["tenantId", "relation", "subject"]
|
|
4134
|
+
},
|
|
4135
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
|
|
4136
|
+
]
|
|
4137
|
+
});
|
|
4138
|
+
var permitAttributeBindings = defineTable({
|
|
4139
|
+
name: "permitAttributeBindings",
|
|
4140
|
+
component: "control-plane",
|
|
4141
|
+
category: "access-control",
|
|
4142
|
+
shape: z.object({
|
|
4143
|
+
tenantId: z.string(),
|
|
4144
|
+
workspaceId: z.optional(z.string()),
|
|
4145
|
+
targetType: permitRoleBindingTarget,
|
|
4146
|
+
targetId: z.string(),
|
|
4147
|
+
attributeName: z.string(),
|
|
4148
|
+
attributeType: permitAttributeType,
|
|
4149
|
+
attributeOperator: permitAttributeOperator,
|
|
4150
|
+
attributeValue: z.any(),
|
|
4151
|
+
status: permitRecordStatus,
|
|
4152
|
+
source: z.string().optional(),
|
|
4153
|
+
sourceRef: z.string().optional(),
|
|
4154
|
+
metadata: z.record(z.any()).optional(),
|
|
4155
|
+
createdAt: z.number(),
|
|
4156
|
+
updatedAt: z.number(),
|
|
4157
|
+
createdBy: z.string(),
|
|
4158
|
+
updatedBy: z.string().optional(),
|
|
4159
|
+
expiresAt: z.number().optional()
|
|
4160
|
+
}),
|
|
4161
|
+
indices: [
|
|
4162
|
+
{
|
|
4163
|
+
kind: "index",
|
|
4164
|
+
name: "by_tenant_target",
|
|
4165
|
+
columns: ["tenantId", "targetType", "targetId"]
|
|
4166
|
+
},
|
|
4167
|
+
{
|
|
4168
|
+
kind: "index",
|
|
4169
|
+
name: "by_tenant_target_attribute",
|
|
4170
|
+
columns: ["tenantId", "targetType", "targetId", "attributeName"]
|
|
4171
|
+
},
|
|
4172
|
+
{
|
|
4173
|
+
kind: "index",
|
|
4174
|
+
name: "by_tenant_name",
|
|
4175
|
+
columns: ["tenantId", "attributeName"]
|
|
4176
|
+
},
|
|
4177
|
+
{
|
|
4178
|
+
kind: "index",
|
|
4179
|
+
name: "by_tenant_status",
|
|
4180
|
+
columns: ["tenantId", "status"]
|
|
4181
|
+
}
|
|
4182
|
+
]
|
|
4183
|
+
});
|
|
4184
|
+
var permitPolicyBundles = defineTable({
|
|
4185
|
+
name: "permitPolicyBundles",
|
|
4186
|
+
component: "control-plane",
|
|
4187
|
+
category: "access-control",
|
|
4188
|
+
shape: z.object({
|
|
4189
|
+
tenantId: z.string(),
|
|
4190
|
+
workspaceId: z.optional(z.string()),
|
|
4191
|
+
bundleKey: z.string(),
|
|
4192
|
+
version: z.number(),
|
|
4193
|
+
status: permitPolicyBundleStatus,
|
|
4194
|
+
policyHash: z.string().optional(),
|
|
4195
|
+
policyPayload: z.record(z.any()),
|
|
4196
|
+
metadata: z.record(z.any()).optional(),
|
|
4197
|
+
createdBy: z.string(),
|
|
4198
|
+
reviewedBy: z.string().optional(),
|
|
4199
|
+
createdAt: z.number(),
|
|
4200
|
+
updatedAt: z.number(),
|
|
4201
|
+
retiredAt: z.number().optional()
|
|
4202
|
+
}),
|
|
4203
|
+
indices: [
|
|
4204
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
4205
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
4206
|
+
{
|
|
4207
|
+
kind: "index",
|
|
4208
|
+
name: "by_tenant_bundleKey",
|
|
4209
|
+
columns: ["tenantId", "bundleKey"]
|
|
4210
|
+
},
|
|
4211
|
+
{
|
|
4212
|
+
kind: "index",
|
|
4213
|
+
name: "by_tenant_bundle_version",
|
|
4214
|
+
columns: ["tenantId", "bundleKey", "version"]
|
|
4215
|
+
},
|
|
4216
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] }
|
|
4217
|
+
]
|
|
4218
|
+
});
|
|
4219
|
+
var permitProjectionOutbox = defineTable({
|
|
4220
|
+
name: "permitProjectionOutbox",
|
|
4221
|
+
component: "control-plane",
|
|
4222
|
+
category: "access-control",
|
|
4223
|
+
shape: z.object({
|
|
4224
|
+
syncKey: z.string(),
|
|
4225
|
+
objectType: permitObjectType,
|
|
4226
|
+
objectId: z.string(),
|
|
4227
|
+
operation: permitOutboxOperation,
|
|
4228
|
+
payload: z.record(z.any()),
|
|
4229
|
+
status: permitRecordStatus,
|
|
4230
|
+
attemptCount: z.number(),
|
|
4231
|
+
nextAttemptAt: z.number().optional(),
|
|
4232
|
+
lastError: z.string().optional(),
|
|
4233
|
+
tenantId: z.string().optional(),
|
|
4234
|
+
workspaceId: z.optional(z.string()),
|
|
4235
|
+
principalId: z.string().optional(),
|
|
4236
|
+
permitTenantKey: z.string().optional(),
|
|
4237
|
+
permitResourceType: z.string().optional(),
|
|
4238
|
+
permitResourceKey: z.string().optional(),
|
|
4239
|
+
createdAt: z.number(),
|
|
4240
|
+
updatedAt: z.number(),
|
|
4241
|
+
lastHandledAt: z.number().optional()
|
|
4242
|
+
}),
|
|
4243
|
+
indices: [
|
|
4244
|
+
{ kind: "index", name: "by_syncKey", columns: ["syncKey"] },
|
|
4245
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4246
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
4247
|
+
{
|
|
4248
|
+
kind: "index",
|
|
4249
|
+
name: "by_tenant_status",
|
|
4250
|
+
columns: ["tenantId", "status"]
|
|
4251
|
+
},
|
|
4252
|
+
{
|
|
4253
|
+
kind: "index",
|
|
4254
|
+
name: "by_objectType",
|
|
4255
|
+
columns: ["objectType", "status"]
|
|
4256
|
+
}
|
|
4257
|
+
]
|
|
4258
|
+
});
|
|
4259
|
+
var tenantPermitSyncStates = defineTable({
|
|
4260
|
+
name: "tenantPermitSyncStates",
|
|
4261
|
+
component: "control-plane",
|
|
4262
|
+
category: "access-control",
|
|
4263
|
+
shape: z.object({
|
|
4264
|
+
syncKey: z.string(),
|
|
4265
|
+
objectType: permitObjectType,
|
|
4266
|
+
objectId: z.string(),
|
|
4267
|
+
tenantId: z.string().optional(),
|
|
4268
|
+
workspaceId: z.string().optional(),
|
|
4269
|
+
principalId: z.string().optional(),
|
|
4270
|
+
permitTenantKey: z.string().optional(),
|
|
4271
|
+
permitResourceType: z.string().optional(),
|
|
4272
|
+
permitResourceKey: z.string().optional(),
|
|
4273
|
+
desiredPayload: z.record(z.any()),
|
|
4274
|
+
lastAppliedPayloadHash: z.string().optional(),
|
|
4275
|
+
status: permitSyncStatus,
|
|
4276
|
+
attemptCount: z.number(),
|
|
4277
|
+
lastError: z.string().optional(),
|
|
4278
|
+
nextAttemptAt: z.number().optional(),
|
|
4279
|
+
lastSyncedAt: z.number().optional(),
|
|
4280
|
+
createdBy: z.string(),
|
|
4281
|
+
updatedBy: z.string().optional(),
|
|
4282
|
+
createdAt: z.number(),
|
|
4283
|
+
updatedAt: z.number()
|
|
4284
|
+
}),
|
|
4285
|
+
indices: [
|
|
4286
|
+
{ kind: "index", name: "by_syncKey", columns: ["syncKey"] },
|
|
4287
|
+
{ kind: "index", name: "by_status", columns: ["status"] },
|
|
4288
|
+
{
|
|
4289
|
+
kind: "index",
|
|
4290
|
+
name: "by_tenant_status",
|
|
4291
|
+
columns: ["tenantId", "status"]
|
|
4292
|
+
},
|
|
4293
|
+
{
|
|
4294
|
+
kind: "index",
|
|
4295
|
+
name: "by_workspace_status",
|
|
4296
|
+
columns: ["workspaceId", "status"]
|
|
4297
|
+
},
|
|
4298
|
+
{
|
|
4299
|
+
kind: "index",
|
|
4300
|
+
name: "by_principal_status",
|
|
4301
|
+
columns: ["principalId", "status"]
|
|
4302
|
+
}
|
|
4303
|
+
]
|
|
4304
|
+
});
|
|
4305
|
+
var permitPolicyDecisionReceipts = defineTable({
|
|
4306
|
+
name: "permitPolicyDecisionReceipts",
|
|
4307
|
+
component: "control-plane",
|
|
4308
|
+
category: "access-control",
|
|
4309
|
+
shape: z.object({
|
|
4310
|
+
tenantId: z.string().optional(),
|
|
4311
|
+
workspaceId: z.string().optional(),
|
|
4312
|
+
principalId: z.string(),
|
|
4313
|
+
subjectType: permitAccessReviewSubjectType.optional(),
|
|
4314
|
+
subjectId: z.string().optional(),
|
|
4315
|
+
resourceType: z.string(),
|
|
4316
|
+
resourceId: z.string(),
|
|
4317
|
+
action: z.string(),
|
|
4318
|
+
decision: permitDecision,
|
|
4319
|
+
reasonCode: z.string(),
|
|
4320
|
+
policyBundleId: z.string().optional(),
|
|
4321
|
+
policyVersion: z.string(),
|
|
4322
|
+
traceId: z.string().optional(),
|
|
4323
|
+
requestId: z.string().optional(),
|
|
4324
|
+
audienceMode: z.string().optional(),
|
|
4325
|
+
audienceKey: z.string().optional(),
|
|
4326
|
+
audienceClass: z.enum(["internal", "restricted_external", "public"]).optional(),
|
|
4327
|
+
metadata: z.record(z.any()).optional(),
|
|
4328
|
+
createdAt: z.number(),
|
|
4329
|
+
expiresAt: z.number().optional(),
|
|
4330
|
+
createdBy: z.string().optional()
|
|
4331
|
+
}),
|
|
4332
|
+
indices: [
|
|
4333
|
+
{ kind: "index", name: "by_principal_createdAt", columns: ["principalId", "createdAt"] },
|
|
4334
|
+
{ kind: "index", name: "by_tenant_createdAt", columns: ["tenantId", "createdAt"] },
|
|
4335
|
+
{ kind: "index", name: "by_resource", columns: ["resourceType", "resourceId"] },
|
|
4336
|
+
{ kind: "index", name: "by_decision_createdAt", columns: ["decision", "createdAt"] },
|
|
4337
|
+
{ kind: "index", name: "by_traceId", columns: ["traceId"] },
|
|
4338
|
+
{ kind: "index", name: "by_action", columns: ["action"] }
|
|
4339
|
+
]
|
|
4340
|
+
});
|
|
4341
|
+
var permitAccessReviews = defineTable({
|
|
4342
|
+
name: "permitAccessReviews",
|
|
4343
|
+
component: "control-plane",
|
|
4344
|
+
category: "access-control",
|
|
4345
|
+
shape: z.object({
|
|
4346
|
+
tenantId: z.string(),
|
|
4347
|
+
workspaceId: z.optional(z.string()),
|
|
4348
|
+
reviewKey: z.string(),
|
|
4349
|
+
scope: permitReviewScope,
|
|
4350
|
+
status: permitAccessReviewStatus,
|
|
4351
|
+
subjectType: permitAccessReviewSubjectType,
|
|
4352
|
+
subjectId: z.string(),
|
|
4353
|
+
resourceType: z.string().optional(),
|
|
4354
|
+
resourceKey: z.string().optional(),
|
|
4355
|
+
outcome: z.enum(["allow", "deny"]).optional(),
|
|
4356
|
+
requestedBy: z.string(),
|
|
4357
|
+
reviewedBy: z.string().optional(),
|
|
4358
|
+
requestedAt: z.number(),
|
|
4359
|
+
reviewedAt: z.number().optional(),
|
|
4360
|
+
dueAt: z.number().optional(),
|
|
4361
|
+
justification: z.string().optional(),
|
|
4362
|
+
rationale: z.string().optional(),
|
|
4363
|
+
policyBundleId: z.string().optional(),
|
|
4364
|
+
metadata: z.record(z.any()).optional(),
|
|
4365
|
+
createdAt: z.number(),
|
|
4366
|
+
updatedAt: z.number()
|
|
4367
|
+
}),
|
|
4368
|
+
indices: [
|
|
4369
|
+
{ kind: "index", name: "by_tenant_status", columns: ["tenantId", "status"] },
|
|
4370
|
+
{ kind: "index", name: "by_tenant_reviewKey", columns: ["tenantId", "reviewKey"] },
|
|
4371
|
+
{ kind: "index", name: "by_subject", columns: ["subjectType", "subjectId"] },
|
|
4372
|
+
{
|
|
4373
|
+
kind: "index",
|
|
4374
|
+
name: "by_tenant_subject",
|
|
4375
|
+
columns: ["tenantId", "subjectType", "subjectId"]
|
|
4376
|
+
},
|
|
4377
|
+
{ kind: "index", name: "by_outcome", columns: ["outcome"] },
|
|
4378
|
+
{
|
|
4379
|
+
kind: "index",
|
|
4380
|
+
name: "by_workspace_status",
|
|
4381
|
+
columns: ["workspaceId", "status"]
|
|
4382
|
+
}
|
|
4383
|
+
]
|
|
4384
|
+
});
|
|
4385
|
+
var permitAccessReviewItems = defineTable({
|
|
4386
|
+
name: "permitAccessReviewItems",
|
|
4387
|
+
component: "control-plane",
|
|
4388
|
+
category: "access-control",
|
|
4389
|
+
shape: z.object({
|
|
4390
|
+
reviewKey: z.string(),
|
|
4391
|
+
itemKey: z.string(),
|
|
4392
|
+
tenantId: z.string(),
|
|
4393
|
+
workspaceId: z.string().optional(),
|
|
4394
|
+
subjectType: permitAccessReviewSubjectType,
|
|
4395
|
+
subjectId: z.string(),
|
|
4396
|
+
resourceType: z.string().optional(),
|
|
4397
|
+
resourceKey: z.string().optional(),
|
|
4398
|
+
role: z.string().optional(),
|
|
4399
|
+
relation: z.string().optional(),
|
|
4400
|
+
status: z.enum(["open", "approved", "revoked", "changed", "deferred"]),
|
|
4401
|
+
reviewerId: z.string().optional(),
|
|
4402
|
+
decisionAt: z.number().optional(),
|
|
4403
|
+
rationale: z.string().optional(),
|
|
4404
|
+
metadata: z.record(z.any()).optional(),
|
|
4405
|
+
createdAt: z.number(),
|
|
4406
|
+
updatedAt: z.number()
|
|
4407
|
+
}),
|
|
4408
|
+
indices: [
|
|
4409
|
+
{ kind: "index", name: "by_reviewKey", columns: ["reviewKey"] },
|
|
4410
|
+
{ kind: "index", name: "by_tenant_reviewKey", columns: ["tenantId", "reviewKey"] },
|
|
4411
|
+
{ kind: "index", name: "by_tenant_itemKey", columns: ["tenantId", "itemKey"] },
|
|
4412
|
+
{ kind: "index", name: "by_subject", columns: ["subjectType", "subjectId"] },
|
|
4413
|
+
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
4414
|
+
]
|
|
4415
|
+
});
|
|
3483
4416
|
var reasoningPermissions = defineTable({
|
|
3484
4417
|
name: "reasoningPermissions",
|
|
3485
|
-
component: "
|
|
4418
|
+
component: "control-plane",
|
|
3486
4419
|
category: "epistemic",
|
|
3487
4420
|
shape: z.object({
|
|
3488
4421
|
"topicId": z.string().optional(),
|
|
@@ -3717,6 +4650,7 @@ var topics = defineTable({
|
|
|
3717
4650
|
"updatedAt": z.number()
|
|
3718
4651
|
}),
|
|
3719
4652
|
indices: [
|
|
4653
|
+
{ kind: "index", name: "by_globalId", columns: ["globalId"] },
|
|
3720
4654
|
{ kind: "index", name: "by_parent", columns: ["parentTopicId"] },
|
|
3721
4655
|
{ kind: "index", name: "by_type", columns: ["type"] },
|
|
3722
4656
|
{ kind: "index", name: "by_graph_scope_project", columns: ["graphScopeProjectId"] },
|
|
@@ -3728,7 +4662,7 @@ var topics = defineTable({
|
|
|
3728
4662
|
});
|
|
3729
4663
|
var users = defineTable({
|
|
3730
4664
|
name: "users",
|
|
3731
|
-
component: "
|
|
4665
|
+
component: "control-plane",
|
|
3732
4666
|
category: "user",
|
|
3733
4667
|
shape: z.object({
|
|
3734
4668
|
"clerkId": z.string(),
|
|
@@ -3842,7 +4776,6 @@ var workspaces = defineTable({
|
|
|
3842
4776
|
"deployments": z.record(z.object({
|
|
3843
4777
|
"url": z.string(),
|
|
3844
4778
|
"target": z.enum(["kernelDeployment", "appDeployment"]).optional(),
|
|
3845
|
-
"encryptedDeployKey": z.string().optional(),
|
|
3846
4779
|
"credentialRef": z.string().optional()
|
|
3847
4780
|
})).optional(),
|
|
3848
4781
|
"metadata": z.record(z.any()).optional(),
|
|
@@ -3857,6 +4790,39 @@ var workspaces = defineTable({
|
|
|
3857
4790
|
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
3858
4791
|
]
|
|
3859
4792
|
});
|
|
4793
|
+
var deploymentHosts = defineTable({
|
|
4794
|
+
name: "deploymentHosts",
|
|
4795
|
+
component: "mc",
|
|
4796
|
+
category: "workspace",
|
|
4797
|
+
shape: z.object({
|
|
4798
|
+
"host": z.string(),
|
|
4799
|
+
"tenantId": idOf("tenants"),
|
|
4800
|
+
"workspaceId": idOf("workspaces"),
|
|
4801
|
+
"environment": z.enum(["dev", "staging", "prod"]),
|
|
4802
|
+
"target": z.enum(["kernelDeployment", "appDeployment"]),
|
|
4803
|
+
"deploymentUrl": z.string().optional(),
|
|
4804
|
+
"deploymentName": z.string().optional(),
|
|
4805
|
+
"vercelProjectName": z.string().optional(),
|
|
4806
|
+
"vercelProjectId": z.string().optional(),
|
|
4807
|
+
"vercelEnvironment": z.enum(["development", "preview", "staging", "production"]).optional(),
|
|
4808
|
+
"source": z.enum(["vercel_preview", "vercel_production", "vercel_custom_environment", "custom_domain", "manual"]),
|
|
4809
|
+
"status": z.enum(["active", "revoked"]),
|
|
4810
|
+
"metadata": z.record(z.any()).optional(),
|
|
4811
|
+
"createdBy": z.string(),
|
|
4812
|
+
"createdAt": z.number(),
|
|
4813
|
+
"updatedAt": z.number(),
|
|
4814
|
+
"revokedAt": z.number().optional(),
|
|
4815
|
+
"revokedBy": z.string().optional()
|
|
4816
|
+
}),
|
|
4817
|
+
indices: [
|
|
4818
|
+
{ kind: "index", name: "by_host", columns: ["host"] },
|
|
4819
|
+
{ kind: "index", name: "by_tenantId", columns: ["tenantId"] },
|
|
4820
|
+
{ kind: "index", name: "by_workspaceId", columns: ["workspaceId"] },
|
|
4821
|
+
{ kind: "index", name: "by_tenant_workspace_environment", columns: ["tenantId", "workspaceId", "environment"] },
|
|
4822
|
+
{ kind: "index", name: "by_workspace_status", columns: ["workspaceId", "status"] },
|
|
4823
|
+
{ kind: "index", name: "by_status", columns: ["status"] }
|
|
4824
|
+
]
|
|
4825
|
+
});
|
|
3860
4826
|
var worktreeBeliefCluster = defineTable({
|
|
3861
4827
|
name: "worktreeBeliefCluster",
|
|
3862
4828
|
component: "kernel",
|
|
@@ -4175,6 +5141,7 @@ var KERNEL_TABLE_CONTRACTS = [
|
|
|
4175
5141
|
decisionParticipants,
|
|
4176
5142
|
decisionRiskLedger,
|
|
4177
5143
|
decisionSnapshots,
|
|
5144
|
+
domainEvents,
|
|
4178
5145
|
deliberationContributions,
|
|
4179
5146
|
deliberationSessions,
|
|
4180
5147
|
stakeholderGroups,
|
|
@@ -4221,9 +5188,23 @@ var KERNEL_TABLE_CONTRACTS = [
|
|
|
4221
5188
|
worktreeBeliefCluster,
|
|
4222
5189
|
worktrees
|
|
4223
5190
|
];
|
|
4224
|
-
var
|
|
5191
|
+
var CONTROL_PLANE_TABLE_CONTRACTS = [
|
|
4225
5192
|
agents,
|
|
4226
5193
|
reasoningPermissions,
|
|
5194
|
+
permitAccessReviewItems,
|
|
5195
|
+
permitAccessReviews,
|
|
5196
|
+
permitAttributeBindings,
|
|
5197
|
+
permitGroups,
|
|
5198
|
+
permitGroupMemberships,
|
|
5199
|
+
permitPolicyBundles,
|
|
5200
|
+
permitPolicyDecisionReceipts,
|
|
5201
|
+
permitPrincipalAliases,
|
|
5202
|
+
permitPrincipals,
|
|
5203
|
+
permitProjectionOutbox,
|
|
5204
|
+
permitRelationshipTuples,
|
|
5205
|
+
permitResourceInstances,
|
|
5206
|
+
permitRoleAssignments,
|
|
5207
|
+
tenantPermitSyncStates,
|
|
4227
5208
|
modelCallLogs,
|
|
4228
5209
|
modelFunctionSlots,
|
|
4229
5210
|
modelRegistry,
|
|
@@ -4253,6 +5234,7 @@ var MC_TABLE_CONTRACTS = [
|
|
|
4253
5234
|
memberships,
|
|
4254
5235
|
oauthDeviceCodes,
|
|
4255
5236
|
principals,
|
|
5237
|
+
principalIdentityAliases,
|
|
4256
5238
|
rateLimitWindows,
|
|
4257
5239
|
servicePrincipalKeys,
|
|
4258
5240
|
userSessions,
|
|
@@ -4268,29 +5250,33 @@ var MC_TABLE_CONTRACTS = [
|
|
|
4268
5250
|
policyDecisionLogs,
|
|
4269
5251
|
policySimulations,
|
|
4270
5252
|
controlPlaneToolAcls,
|
|
5253
|
+
permitSyncStates,
|
|
4271
5254
|
agentRegistryEntries,
|
|
4272
5255
|
toolCatalog,
|
|
4273
5256
|
toolRegistryEntries,
|
|
4274
5257
|
compatibilityShims,
|
|
4275
5258
|
cutoverFlags,
|
|
4276
5259
|
tenantDeploymentCredentials,
|
|
5260
|
+
secretSyncDriftReports,
|
|
4277
5261
|
controlPlaneTenantModelSlotBindings,
|
|
4278
5262
|
controlPlaneTenantProviderSecrets,
|
|
4279
5263
|
controlPlaneTenantProxyGatewayUsage,
|
|
5264
|
+
controlPlaneTenantProxyTokenLeases,
|
|
4280
5265
|
apiKeys,
|
|
4281
5266
|
auditLog,
|
|
4282
5267
|
tenants,
|
|
4283
|
-
workspaces
|
|
5268
|
+
workspaces,
|
|
5269
|
+
deploymentHosts
|
|
4284
5270
|
];
|
|
4285
5271
|
var TABLE_CONTRACTS_BY_COMPONENT = {
|
|
4286
5272
|
kernel: KERNEL_TABLE_CONTRACTS,
|
|
4287
|
-
|
|
5273
|
+
"control-plane": CONTROL_PLANE_TABLE_CONTRACTS,
|
|
4288
5274
|
mc: MC_TABLE_CONTRACTS,
|
|
4289
5275
|
"developer-pack": []
|
|
4290
5276
|
};
|
|
4291
5277
|
var ALL_TABLE_CONTRACTS = [
|
|
4292
5278
|
...KERNEL_TABLE_CONTRACTS,
|
|
4293
|
-
...
|
|
5279
|
+
...CONTROL_PLANE_TABLE_CONTRACTS,
|
|
4294
5280
|
...MC_TABLE_CONTRACTS
|
|
4295
5281
|
];
|
|
4296
5282
|
function listTableContractsByName(name) {
|
|
@@ -4303,8 +5289,8 @@ function getTableContract(name, component) {
|
|
|
4303
5289
|
}
|
|
4304
5290
|
var ComponentTableManifestSchema = z.object({
|
|
4305
5291
|
manifestVersion: z.string(),
|
|
4306
|
-
componentName: z.enum(["kernel", "
|
|
4307
|
-
tier: z.enum(["K", "
|
|
5292
|
+
componentName: z.enum(["kernel", "control-plane"]),
|
|
5293
|
+
tier: z.enum(["K", "CP"]),
|
|
4308
5294
|
packageVersion: z.string(),
|
|
4309
5295
|
tables: z.array(
|
|
4310
5296
|
z.object({
|
|
@@ -4333,6 +5319,6 @@ var SLOpinionInputSchema = z.object({
|
|
|
4333
5319
|
}
|
|
4334
5320
|
);
|
|
4335
5321
|
|
|
4336
|
-
export { ALL_TABLE_CONTRACTS, ComponentTableManifestSchema, EDGE_TYPE, EDGE_TYPE_VALUES,
|
|
5322
|
+
export { ALL_TABLE_CONTRACTS, CONTROL_PLANE_TABLE_CONTRACTS, ComponentTableManifestSchema, EDGE_TYPE, EDGE_TYPE_VALUES, KERNEL_TABLE_CONTRACTS, MC_TABLE_CONTRACTS, NODE_TYPE, SLOpinionInputSchema, STORAGE_EDGE_TYPE, STORAGE_EDGE_TYPE_VALUES, TABLE_CONTRACTS_BY_COMPONENT, TOPIC_STATUS, TOPIC_VISIBILITY, getTableContract, listTableContractsByName };
|
|
4337
5323
|
//# sourceMappingURL=index.js.map
|
|
4338
5324
|
//# sourceMappingURL=index.js.map
|