1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
package database
import (
"database/sql"
"errors"
"fmt"
"slices"
"time"
"git.adyxax.org/adyxax/tfstated/pkg/model"
)
// returns true in case of successful deletion
func (db *DB) DeleteState(path string) (bool, error) {
result, err := db.Exec(`DELETE FROM states WHERE path = ?;`, path)
if err != nil {
return false, err
}
n, err := result.RowsAffected()
if err != nil {
return false, err
}
return n == 1, nil
}
func (db *DB) GetState(path string) ([]byte, error) {
var encryptedData []byte
err := db.QueryRow(
`SELECT versions.data
FROM versions
JOIN states ON states.id = versions.state_id
WHERE states.path = ?
ORDER BY versions.id DESC
LIMIT 1;`,
path).Scan(&encryptedData)
if err != nil {
if errors.Is(err, sql.ErrNoRows) {
return []byte{}, nil
}
return nil, err
}
if encryptedData == nil {
return []byte{}, nil
}
return db.dataEncryptionKey.DecryptAES256(encryptedData)
}
func (db *DB) LoadStatesByPath() ([]model.State, error) {
rows, err := db.Query(
`SELECT created, id, lock, path, updated FROM states;`)
if err != nil {
return nil, fmt.Errorf("failed to load states from database: %w", err)
}
defer rows.Close()
states := make([]model.State, 0)
for rows.Next() {
var state model.State
var (
created int64
updated int64
)
err = rows.Scan(&created, &state.Id, &state.Lock, &state.Path, &updated)
if err != nil {
return nil, fmt.Errorf("failed to load states from row: %w", err)
}
state.Created = time.Unix(created, 0)
state.Updated = time.Unix(updated, 0)
states = append(states, state)
}
if err := rows.Err(); err != nil {
return nil, fmt.Errorf("failed to load states from rows: %w", err)
}
return states, nil
}
// returns true in case of id mismatch
func (db *DB) SetState(path string, accountID int, data []byte, lockID string) (bool, error) {
encryptedData, err := db.dataEncryptionKey.EncryptAES256(data)
if err != nil {
return false, fmt.Errorf("failed to encrypt state data: %w", err)
}
ret := false
return ret, db.WithTransaction(func(tx *sql.Tx) error {
var (
stateID int64
lockData []byte
)
if err = tx.QueryRowContext(db.ctx, `SELECT id, lock->>'ID' FROM states WHERE path = ?;`, path).Scan(&stateID, &lockData); err != nil {
if errors.Is(err, sql.ErrNoRows) {
var result sql.Result
result, err = tx.ExecContext(db.ctx, `INSERT INTO states(path) VALUES (?)`, path)
if err != nil {
return fmt.Errorf("failed to insert new state: %w", err)
}
stateID, err = result.LastInsertId()
if err != nil {
return fmt.Errorf("failed to get last insert id for new state: %w", err)
}
} else {
return err
}
}
if lockID != "" && slices.Compare([]byte(lockID), lockData) != 0 {
err = fmt.Errorf("failed to update state, lock ID does not match")
ret = true
return err
}
_, err = tx.ExecContext(db.ctx,
`INSERT INTO versions(account_id, state_id, data, lock)
SELECT :accountID, :stateID, :data, lock
FROM states
WHERE states.id = :stateID;`,
sql.Named("accountID", accountID),
sql.Named("stateID", stateID),
sql.Named("data", encryptedData))
if err != nil {
return fmt.Errorf("failed to insert new state version: %w", err)
}
_, err = tx.ExecContext(db.ctx,
`UPDATE states SET updated = ? WHERE id = ?;`,
time.Now().UTC().Unix(),
stateID)
if err != nil {
return fmt.Errorf("failed to touch updated for state: %w", err)
}
_, err = tx.ExecContext(db.ctx,
`DELETE FROM versions
WHERE state_id = (SELECT id
FROM states
WHERE path = :path)
AND id < (SELECT MIN(id)
FROM(SELECT versions.id
FROM versions
JOIN states ON states.id = versions.state_id
WHERE states.path = :path
ORDER BY versions.id DESC
LIMIT :limit));`,
sql.Named("limit", db.versionsHistoryLimit),
sql.Named("path", path),
)
return err
})
}
|
