jordan/rdev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a8c8a0a14d
rdev/internal/db/migrations/009_credentials.sql
jordan 39df51defd feat: Add multi-provider code agent interface with Claude Code and OpenCode adapters 
Implements weeks 1-4 of the multi-provider architecture:

Week 1 - Foundation:
- Add domain models (AgentProvider, AgentRequest, AgentEvent, AgentResult)
- Define CodeAgent port interface with Execute, Cancel, Capabilities
- Create thread-safe provider registry with first-registered default

Week 2 - Claude Code Adapter:
- Extract kubectl exec logic into CodeAgent implementation
- Parse stream-json output format (init, message, tool_use, result)
- Support session continuation via --resume flag

Week 3 - OpenCode Adapter:
- HTTP/SSE client for opencode serve API
- Session management (create, send message, abort)
- Event streaming with documented buffer rationale

Week 4 - Quality & Polish:
- Fix race condition in OpenCode Cancel method
- Add AgentRequest.Validate() with ErrPromptRequired, ErrInvalidTimeout
- Document DefaultAvailabilityTimeout constants
- Add HTTP error context for debugging

Also includes:
- Work queue system with PostgreSQL adapter
- Credential store for infrastructure secrets
- Project templates with Woodpecker CI integration
- Comprehensive test coverage

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-27 09:25:51 -07:00

44 lines
1.6 KiB
PL/PgSQL
Raw Blame History

-- Credentials table for storing infrastructure secrets.
-- Values are encrypted using pgcrypto with a server-side key.
-- This allows rdev-api to manage its own configuration without K8s secrets.
-- Enable pgcrypto extension for encryption
CREATE EXTENSION IF NOT EXISTS pgcrypto;
-- Credentials table
CREATE TABLE IF NOT EXISTS credentials (
key VARCHAR(255) PRIMARY KEY,
value BYTEA NOT NULL, -- Encrypted value
description TEXT,
category VARCHAR(50),
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by VARCHAR(255)
);
-- Index for category lookups
CREATE INDEX IF NOT EXISTS idx_credentials_category ON credentials(category);
-- Update trigger for updated_at
CREATE OR REPLACE FUNCTION update_credentials_updated_at()
RETURNS TRIGGER AS $$
BEGIN
NEW.updated_at = NOW();
RETURN NEW;
END;
$$ LANGUAGE plpgsql;
DROP TRIGGER IF EXISTS credentials_updated_at ON credentials;
CREATE TRIGGER credentials_updated_at
BEFORE UPDATE ON credentials
FOR EACH ROW
EXECUTE FUNCTION update_credentials_updated_at();
-- Comments
COMMENT ON TABLE credentials IS 'Encrypted storage for infrastructure credentials';
COMMENT ON COLUMN credentials.key IS 'Unique credential identifier (e.g., GITEA_TOKEN)';
COMMENT ON COLUMN credentials.value IS 'Encrypted credential value using pgcrypto';
COMMENT ON COLUMN credentials.description IS 'Human-readable description of the credential';
COMMENT ON COLUMN credentials.category IS 'Grouping category (gitea, cloudflare, woodpecker, etc.)';
COMMENT ON COLUMN credentials.updated_by IS 'Who last modified this credential';
Reference in New Issue View Git Blame Copy Permalink