postgres

package
v0.0.0-...-592c247 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 29, 2026 License: MIT Imports: 20 Imported by: 0

Documentation

Overview

Package postgres bulk insert helpers (P3-PERF-01a).

These methods implement the Put*Bulk / Append*Bulk additions on the Store interface. Each one builds a chunked multi-row `INSERT ... VALUES (...),(...) ON CONFLICT ...` statement so the control-plane batch writer can flush a full buffer in a single round-trip instead of N individual INSERTs.

pgx.CopyFrom is not used here because the project talks to Postgres through database/sql + pgx/v5/stdlib, not through pgxpool, and CopyFrom requires a native pgx connection. Multi-row INSERT is the next-best option and still delivers an order-of-magnitude speedup over per-row Exec.

Chunking: Postgres allows up to 65535 bind parameters per query. We chunk at 250 rows — the widest row (server_load, 27 columns) uses 250 * 27 = 6750 params, well under the 65535 cap. 250 was picked after the P3-PERF-01b chunk-size sweep: per-row throughput peaks around 100-250 rows and regresses at 500+ because the generated SQL and argument slice both grow super-linearly with chunk size. Every bulk method runs inside a single transaction so partial failure rolls the whole batch back.

Package postgres hosts the PostgreSQL-backed storage.Store implementation. This file owns schema management — it delegates entirely to goose, which discovers versioned .sql migrations from an embedded FS and records applied versions in the goose_db_version table. Historically this package contained a hand-rolled Migrate() with a single big initialSchema string plus a handful of idempotent ALTERs; that approach left no audit trail of which migrations had run (see DF-20 / M-F8 in the security review).

Index

Constants

View Source 
const (
	EnvMaxOpenConns    = "PANVEX_DB_MAX_OPEN_CONNS"
	EnvMaxIdleConns    = "PANVEX_DB_MAX_IDLE_CONNS"
	EnvConnMaxLifetime = "PANVEX_DB_CONN_MAX_LIFETIME"
	EnvConnMaxIdleTime = "PANVEX_DB_CONN_MAX_IDLE_TIME"
)

Env var names for tuning the database/sql connection pool. Defaults below were sized to support ~50 concurrent agents on a single CP replica without hitting `connection pool exhausted`. See docs/REMEDIATION_PLAN.md §0.7.

Variables

View Source 
var (
	// ErrDSNRequired reports a missing PostgreSQL connection string.
	ErrDSNRequired = errors.New("postgres dsn is required")
)

Functions

func Migrate 

func Migrate(db *sql.DB) error

Migrate brings the database schema up to the latest embedded migration. Safe to call repeatedly: goose skips versions already recorded in goose_db_version.

func MigrateContext 

func MigrateContext(ctx context.Context, db *sql.DB) error

MigrateContext is the context-aware variant of Migrate.

func Status 

func Status(ctx context.Context, db *sql.DB) error

Status writes the applied/pending migration list to stdout via goose's default logger. The operator invokes this through the `migrate-schema status` subcommand on the control-plane binary.

Types

type PoolConfig 

type PoolConfig struct {
	MaxOpenConns    int
	MaxIdleConns    int
	ConnMaxLifetime time.Duration
	ConnMaxIdleTime time.Duration
}

PoolConfig captures the four knobs database/sql exposes for connection pool sizing. Zero values are not valid: an unset or empty env var falls back to the package defaults via loadPoolConfigFromEnv.

type Store 

type Store struct {
	// contains filtered or unexported fields
}

Store persists control-plane records in a PostgreSQL database.

Store methods reference s.db via the dbExecutor interface so the same method bodies can run against a *sql.DB (outside Transact) or a *sql.Tx (inside Transact). s.sqlDB is the pool handle used for lifecycle (Ping, Close, BeginTx); it is nil on transaction-bound Stores to prevent accidental escape from the transaction boundary.

func Open 

func Open(dsn string) (*Store, error)

Open opens a PostgreSQL connection, applies the schema, and returns a storage backend.

Open uses context.Background() for migrations and the initial Ping; callers that need cancellation during startup should use OpenContext instead.

func OpenContext 

func OpenContext(ctx context.Context, dsn string) (*Store, error)

OpenContext is the context-aware variant of Open. It threads ctx through schema migration and the initial connectivity check so startup work can be cancelled by the caller.

func (*Store) AggregateClientIPHistory 

func (s *Store) AggregateClientIPHistory(ctx context.Context, clientID string, from time.Time, to time.Time, limit int) ([]storage.ClientIPAggregateRecord, error)

AggregateClientIPHistory pushes the per-IP fold into the database: one row per IP, with MIN(first_seen) / MAX(last_seen) across all agents that reported it. Limit is applied in SQL so a high-cardinality client never streams millions of raw rows back to the control plane. A zero or negative limit disables the cap.

func (*Store) AppendAuditEvent 

func (s *Store) AppendAuditEvent(ctx context.Context, event storage.AuditEventRecord) error

AppendAuditEvent persists one audit row.

R-Q-03: routed through dbsqlc.AppendAuditEvent. The details field flows through the encodeJSON helper so legacy callers keep their untyped `map[string]any` shape — sqlc owns the column-level types for everything else.

func (*Store) AppendDCHealthPoint 

func (s *Store) AppendDCHealthPoint(ctx context.Context, record storage.DCHealthPointRecord) error

func (*Store) AppendDCHealthPointsBulk 

func (s *Store) AppendDCHealthPointsBulk(ctx context.Context, records []storage.DCHealthPointRecord) error

AppendDCHealthPointsBulk inserts a batch of DC-health points. Same ON CONFLICT DO NOTHING semantics as the single-row variant.

func (*Store) AppendMetricSnapshot 

func (s *Store) AppendMetricSnapshot(ctx context.Context, snapshot storage.MetricSnapshotRecord) error

func (*Store) AppendMetricSnapshotsBulk 

func (s *Store) AppendMetricSnapshotsBulk(ctx context.Context, snapshots []storage.MetricSnapshotRecord) error

AppendMetricSnapshotsBulk inserts a batch of metric snapshots. Rows have a synthetic ID primary key so no ON CONFLICT clause is needed — same as the single-row AppendMetricSnapshot.

func (*Store) AppendServerLoadPoint 

func (s *Store) AppendServerLoadPoint(ctx context.Context, record storage.ServerLoadPointRecord) error

func (*Store) AppendServerLoadPointsBulk 

func (s *Store) AppendServerLoadPointsBulk(ctx context.Context, records []storage.ServerLoadPointRecord) error

AppendServerLoadPointsBulk inserts a batch of server-load points. Matches the single-row INSERT ... ON CONFLICT (agent_id, captured_at) DO NOTHING semantics so duplicate (agent,capture) pairs do not error.

func (*Store) AppendTelemetryRuntimeEvents 

func (s *Store) AppendTelemetryRuntimeEvents(ctx context.Context, agentID string, records []storage.TelemetryRuntimeEventRecord) error

func (*Store) Close 

func (s *Store) Close() error

Close releases the database handle owned by the store.

func (*Store) ConsumeEnrollmentToken 

func (s *Store) ConsumeEnrollmentToken(ctx context.Context, value string, consumedAt time.Time) (storage.EnrollmentTokenRecord, error)

func (*Store) CountFleetGroupMembers 

func (s *Store) CountFleetGroupMembers(ctx context.Context, fleetGroupID string) (storage.ReassignCounts, error)

func (*Store) CountUniqueClientIPs 

func (s *Store) CountUniqueClientIPs(ctx context.Context, clientID string) (int, error)

func (*Store) CountUniqueClientIPsForClients 

func (s *Store) CountUniqueClientIPsForClients(ctx context.Context, clientIDs []string) (map[string]int, error)

CountUniqueClientIPsForClients computes the unique-IP count for each client ID in one query so the /api/clients listing avoids the N+1 pattern (Q2.U-P-03).

func (*Store) CreateFleetGroup 

func (s *Store) CreateFleetGroup(ctx context.Context, group storage.FleetGroupRecord) error

func (*Store) CreateFleetGroupIntegration 

func (s *Store) CreateFleetGroupIntegration(ctx context.Context, i storage.FleetGroupIntegrationRecord) error

func (*Store) CreateIntegrationProvider 

func (s *Store) CreateIntegrationProvider(ctx context.Context, p storage.IntegrationProviderRecord) error

func (*Store) DeleteAgent 

func (s *Store) DeleteAgent(ctx context.Context, agentID string) error

func (*Store) DeleteClientAssignments 

func (s *Store) DeleteClientAssignments(ctx context.Context, clientID string) error

func (*Store) DeleteClientUsageByClient 

func (s *Store) DeleteClientUsageByClient(ctx context.Context, clientID string) error

func (*Store) DeleteDiscoveredClient 

func (s *Store) DeleteDiscoveredClient(ctx context.Context, id string) error

func (*Store) DeleteExpiredAgentRevocations 

func (s *Store) DeleteExpiredAgentRevocations(ctx context.Context, before time.Time) (int64, error)

DeleteExpiredAgentRevocations removes entries whose cert has already expired — once the cert can no longer authenticate, the revocation entry is no longer useful and can shrink the table.

func (*Store) DeleteExpiredConsumedTotp 

func (s *Store) DeleteExpiredConsumedTotp(ctx context.Context, before time.Time) error

func (*Store) DeleteExpiredLoginLockouts 

func (s *Store) DeleteExpiredLoginLockouts(ctx context.Context, before time.Time) (int64, error)

func (*Store) DeleteExpiredSessions 

func (s *Store) DeleteExpiredSessions(ctx context.Context, before time.Time) error

func (*Store) DeleteFleetGroup 

func (s *Store) DeleteFleetGroup(ctx context.Context, id string) error

func (*Store) DeleteFleetGroupIntegration 

func (s *Store) DeleteFleetGroupIntegration(ctx context.Context, id string) error

func (*Store) DeleteInstancesByAgent 

func (s *Store) DeleteInstancesByAgent(ctx context.Context, agentID string) error

func (*Store) DeleteIntegrationProvider 

func (s *Store) DeleteIntegrationProvider(ctx context.Context, id string) error

func (*Store) DeleteLoginLockout 

func (s *Store) DeleteLoginLockout(ctx context.Context, username string) error

func (*Store) DeleteSession 

func (s *Store) DeleteSession(ctx context.Context, sessionID string) error

func (*Store) DeleteTelemetryDetailBoost 

func (s *Store) DeleteTelemetryDetailBoost(ctx context.Context, agentID string) error

func (*Store) DeleteUser 

func (s *Store) DeleteUser(ctx context.Context, userID string) error

func (*Store) GetAgentCertSerial 

func (s *Store) GetAgentCertSerial(ctx context.Context, agentID string) (string, error)

GetAgentCertSerial returns the pinned serial for the given agent.

func (*Store) GetAgentCertificateRecoveryGrant 

func (s *Store) GetAgentCertificateRecoveryGrant(ctx context.Context, agentID string) (storage.AgentCertificateRecoveryGrantRecord, error)

func (*Store) GetCPSecret 

func (s *Store) GetCPSecret(ctx context.Context, key string) ([]byte, error)

func (*Store) GetCertificateAuthority 

func (s *Store) GetCertificateAuthority(ctx context.Context) (storage.CertificateAuthorityRecord, error)

func (*Store) GetClientByID 

func (s *Store) GetClientByID(ctx context.Context, clientID string) (storage.ClientRecord, error)

func (*Store) GetDiscoveredClient 

func (s *Store) GetDiscoveredClient(ctx context.Context, id string) (storage.DiscoveredClientRecord, error)

func (*Store) GetDiscoveredClientByAgentAndName 

func (s *Store) GetDiscoveredClientByAgentAndName(ctx context.Context, agentID string, clientName string) (storage.DiscoveredClientRecord, error)

func (*Store) GetEnrollmentToken 

func (s *Store) GetEnrollmentToken(ctx context.Context, value string) (storage.EnrollmentTokenRecord, error)

func (*Store) GetFleetGroup 

func (s *Store) GetFleetGroup(ctx context.Context, id string) (storage.FleetGroupRecord, error)

func (*Store) GetFleetGroupByName 

func (s *Store) GetFleetGroupByName(ctx context.Context, name string) (storage.FleetGroupRecord, error)

func (*Store) GetFleetGroupIntegration 

func (s *Store) GetFleetGroupIntegration(ctx context.Context, id string) (storage.FleetGroupIntegrationRecord, error)

func (*Store) GetIntegrationProvider 

func (s *Store) GetIntegrationProvider(ctx context.Context, id string) (storage.IntegrationProviderRecord, error)

func (*Store) GetJobByIdempotencyKey 

func (s *Store) GetJobByIdempotencyKey(ctx context.Context, idempotencyKey string) (storage.JobRecord, error)

func (*Store) GetLoginLockout 

func (s *Store) GetLoginLockout(ctx context.Context, username string) (storage.LoginLockoutRecord, error)

func (*Store) GetPanelSettings 

func (s *Store) GetPanelSettings(ctx context.Context) (storage.PanelSettingsRecord, error)

func (*Store) GetRetentionSettings 

func (s *Store) GetRetentionSettings(ctx context.Context) (storage.RetentionSettings, error)

func (*Store) GetSession 

func (s *Store) GetSession(ctx context.Context, sessionID string) (storage.SessionRecord, error)

func (*Store) GetTelemetryDiagnosticsCurrent 

func (s *Store) GetTelemetryDiagnosticsCurrent(ctx context.Context, agentID string) (storage.TelemetryDiagnosticsCurrentRecord, error)

func (*Store) GetTelemetryRuntimeCurrent 

func (s *Store) GetTelemetryRuntimeCurrent(ctx context.Context, agentID string) (storage.TelemetryRuntimeCurrentRecord, error)

func (*Store) GetTelemetrySecurityInventoryCurrent 

func (s *Store) GetTelemetrySecurityInventoryCurrent(ctx context.Context, agentID string) (storage.TelemetrySecurityInventoryCurrentRecord, error)

func (*Store) GetUpdateSettings 

func (s *Store) GetUpdateSettings(ctx context.Context) (json.RawMessage, error)

func (*Store) GetUpdateState 

func (s *Store) GetUpdateState(ctx context.Context) (json.RawMessage, error)

func (*Store) GetUserAppearance 

func (s *Store) GetUserAppearance(ctx context.Context, userID string) (storage.UserAppearanceRecord, error)

func (*Store) GetUserByID 

func (s *Store) GetUserByID(ctx context.Context, userID string) (storage.UserRecord, error)

func (*Store) GetUserByUsername 

func (s *Store) GetUserByUsername(ctx context.Context, username string) (storage.UserRecord, error)

func (*Store) ListAgentCertificateRecoveryGrants 

func (s *Store) ListAgentCertificateRecoveryGrants(ctx context.Context) ([]storage.AgentCertificateRecoveryGrantRecord, error)

func (*Store) ListAgentRevocations 

func (s *Store) ListAgentRevocations(ctx context.Context) ([]storage.AgentRevocationRecord, error)

func (*Store) ListAgents 

func (s *Store) ListAgents(ctx context.Context) ([]storage.AgentRecord, error)

ListAgents returns every agent the panel knows about, ordered by last_seen_at + id for stable pagination.

Phase-3 §3.1: this is the first method to consume the sqlc-generated dbsqlc.Queries surface. Conversion from dbsqlc.ListAgentsRow to the storage.AgentRecord shape lives in agentRecordFromRow below; if a future query gets migrated, that helper stays the only place that knows about the SQL → domain mapping.

func (*Store) ListAllJobTargets 

func (s *Store) ListAllJobTargets(ctx context.Context) ([]storage.JobTargetRecord, error)

ListAllJobTargets returns every job_targets row in one round-trip so the service-level restore loop can hydrate Job.Targets without per-job N+1 SELECTs.

func (*Store) ListAuditEvents 

func (s *Store) ListAuditEvents(ctx context.Context, limit int) ([]storage.AuditEventRecord, error)

func (*Store) ListClientAssignments 

func (s *Store) ListClientAssignments(ctx context.Context, clientID string) ([]storage.ClientAssignmentRecord, error)

func (*Store) ListClientDeployments 

func (s *Store) ListClientDeployments(ctx context.Context, clientID string) ([]storage.ClientDeploymentRecord, error)

func (*Store) ListClientIPHistory 

func (s *Store) ListClientIPHistory(ctx context.Context, clientID string, from time.Time, to time.Time) ([]storage.ClientIPHistoryRecord, error)

func (*Store) ListClientUsage 

func (s *Store) ListClientUsage(ctx context.Context) ([]storage.ClientUsageRecord, error)

func (*Store) ListClients 

func (s *Store) ListClients(ctx context.Context) ([]storage.ClientRecord, error)

func (*Store) ListConsumedTotp 

func (s *Store) ListConsumedTotp(ctx context.Context) ([]storage.ConsumedTotpRecord, error)

func (*Store) ListDCHealthPoints 

func (s *Store) ListDCHealthPoints(ctx context.Context, agentID string, from time.Time, to time.Time) ([]storage.DCHealthPointRecord, error)

func (*Store) ListDiscoveredClients 

func (s *Store) ListDiscoveredClients(ctx context.Context) ([]storage.DiscoveredClientRecord, error)

func (*Store) ListDiscoveredClientsByAgent 

func (s *Store) ListDiscoveredClientsByAgent(ctx context.Context, agentID string) ([]storage.DiscoveredClientRecord, error)

func (*Store) ListEnrollmentTokens 

func (s *Store) ListEnrollmentTokens(ctx context.Context) ([]storage.EnrollmentTokenRecord, error)

ListEnrollmentTokens returns every token, ordered by issued_at + value for stable pagination.

R-Q-03: routed through dbsqlc.ListEnrollmentTokens. Conversion from dbsqlc.EnrollmentToken to the storage shape lives in enrollmentTokenFromRow.

func (*Store) ListFleetGroupIntegrations 

func (s *Store) ListFleetGroupIntegrations(ctx context.Context, fleetGroupID string) ([]storage.FleetGroupIntegrationRecord, error)

func (*Store) ListFleetGroups 

func (s *Store) ListFleetGroups(ctx context.Context) ([]storage.FleetGroupRecord, error)

func (*Store) ListInstances 

func (s *Store) ListInstances(ctx context.Context) ([]storage.InstanceRecord, error)

func (*Store) ListIntegrationProviders 

func (s *Store) ListIntegrationProviders(ctx context.Context) ([]storage.IntegrationProviderRecord, error)

func (*Store) ListIntegrationProvidersByKind 

func (s *Store) ListIntegrationProvidersByKind(ctx context.Context, kind string) ([]storage.IntegrationProviderRecord, error)

func (*Store) ListJobTargets 

func (s *Store) ListJobTargets(ctx context.Context, jobID string) ([]storage.JobTargetRecord, error)

ListJobTargets returns every delivery row for one job, ordered by agent_id. Wired through dbsqlc.ListJobTargets.

func (*Store) ListJobs 

func (s *Store) ListJobs(ctx context.Context) ([]storage.JobRecord, error)

ListJobs returns every job ordered by created_at + id for stable pagination. Phase-3 §3.1 (continued): wired through dbsqlc.ListJobs; the SQL definition in db/queries/jobs.sql is the single source of truth for column set + ORDER BY.

func (*Store) ListLoginLockouts 

func (s *Store) ListLoginLockouts(ctx context.Context) ([]storage.LoginLockoutRecord, error)

func (*Store) ListMetricSnapshots 

func (s *Store) ListMetricSnapshots(ctx context.Context) ([]storage.MetricSnapshotRecord, error)

func (*Store) ListServerLoadHourly 

func (s *Store) ListServerLoadHourly(ctx context.Context, agentID string, from time.Time, to time.Time) ([]storage.ServerLoadHourlyRecord, error)

func (*Store) ListServerLoadPoints 

func (s *Store) ListServerLoadPoints(ctx context.Context, agentID string, from time.Time, to time.Time) ([]storage.ServerLoadPointRecord, error)

func (*Store) ListServerLoadPointsForAgents 

func (s *Store) ListServerLoadPointsForAgents(ctx context.Context, agentIDs []string, from time.Time, to time.Time) (map[string][]storage.ServerLoadPointRecord, error)

ListServerLoadPointsForAgents returns load points for a batch of agents (Q2.U-P-01). Each agent's slice is sorted by captured_at ascending; missing agents are absent from the map. Chunked so the IN-list never approaches the Postgres 65535-parameter ceiling.

func (*Store) ListSessions 

func (s *Store) ListSessions(ctx context.Context) ([]storage.SessionRecord, error)

func (*Store) ListTelemetryDetailBoosts 

func (s *Store) ListTelemetryDetailBoosts(ctx context.Context) ([]storage.TelemetryDetailBoostRecord, error)

func (*Store) ListTelemetryRuntimeCurrent 

func (s *Store) ListTelemetryRuntimeCurrent(ctx context.Context) ([]storage.TelemetryRuntimeCurrentRecord, error)

func (*Store) ListTelemetryRuntimeDCs 

func (s *Store) ListTelemetryRuntimeDCs(ctx context.Context, agentID string) ([]storage.TelemetryRuntimeDCRecord, error)

func (*Store) ListTelemetryRuntimeEvents 

func (s *Store) ListTelemetryRuntimeEvents(ctx context.Context, agentID string, limit int) ([]storage.TelemetryRuntimeEventRecord, error)

func (*Store) ListTelemetryRuntimeUpstreams 

func (s *Store) ListTelemetryRuntimeUpstreams(ctx context.Context, agentID string) ([]storage.TelemetryRuntimeUpstreamRecord, error)

func (*Store) ListUserAppearances 

func (s *Store) ListUserAppearances(ctx context.Context) ([]storage.UserAppearanceRecord, error)

func (*Store) ListUserFleetGroupScopes 

func (s *Store) ListUserFleetGroupScopes(ctx context.Context, userID string) ([]string, error)

ListUserFleetGroupScopes returns every fleet_group_id the user is scoped to. An empty slice means "global".

func (*Store) ListUsers 

func (s *Store) ListUsers(ctx context.Context) ([]storage.UserRecord, error)

func (*Store) Ping 

func (s *Store) Ping(ctx context.Context) error

Ping verifies that the database connection is alive.

func (*Store) PoolStats 

func (s *Store) PoolStats() sql.DBStats

PoolStats returns the current sql.DBStats for this store, or the zero value when the store is tx-bound (no pool of its own). Used by the metrics publisher to expose panvex_db_pool_* gauges.

func (*Store) PruneAuditEvents 

func (s *Store) PruneAuditEvents(ctx context.Context, before time.Time) (int64, error)

PruneAuditEvents deletes audit_events rows with created_at strictly before the cutoff and returns the RowsAffected count (P2-REL-04 / finding M-R2). Relies on idx_audit_events_created_at (added in P2-DB-02) for efficiency.

R-Q-03: routed through dbsqlc.PruneAuditEvents.

func (*Store) PruneClientIPHistory 

func (s *Store) PruneClientIPHistory(ctx context.Context, olderThan time.Time) (int64, error)

func (*Store) PruneDCHealthPoints 

func (s *Store) PruneDCHealthPoints(ctx context.Context, olderThan time.Time) (int64, error)

func (*Store) PruneMetricSnapshots 

func (s *Store) PruneMetricSnapshots(ctx context.Context, before time.Time) (int64, error)

PruneMetricSnapshots deletes metric_snapshots rows with captured_at strictly before the cutoff and returns the RowsAffected count (P2-REL-05). Relies on idx_metric_snapshots_captured_at (added in P2-DB-02) for efficiency.

func (*Store) PruneServerLoadHourly 

func (s *Store) PruneServerLoadHourly(ctx context.Context, olderThan time.Time) (int64, error)

func (*Store) PruneServerLoadPoints 

func (s *Store) PruneServerLoadPoints(ctx context.Context, olderThan time.Time) (int64, error)

func (*Store) PruneTelemetryRuntimeEvents 

func (s *Store) PruneTelemetryRuntimeEvents(ctx context.Context, olderThan time.Time) (int64, error)

func (*Store) PruneTerminalJobs 

func (s *Store) PruneTerminalJobs(ctx context.Context, before time.Time) (int64, error)

PruneTerminalJobs deletes jobs in a finished status whose created_at predates the cutoff (Q2.U-P-02). job_targets is cleaned up via ON DELETE CASCADE in the schema.

func (*Store) PutAgent 

func (s *Store) PutAgent(ctx context.Context, agent storage.AgentRecord) error

PutAgent upserts one agent row.

Phase-3 §3.1 (continued): now goes through dbsqlc.UpsertAgent. agentRecordToUpsertParams below is the domain-DTO → SQL-row bridge — future PutAgent callers gain compile-time type safety on every column from the sqlc-generated UpsertAgentParams.

func (*Store) PutAgentCertificateRecoveryGrant 

func (s *Store) PutAgentCertificateRecoveryGrant(ctx context.Context, grant storage.AgentCertificateRecoveryGrantRecord) error

func (*Store) PutAgentRevocation 

func (s *Store) PutAgentRevocation(ctx context.Context, r storage.AgentRevocationRecord) error

PutAgentRevocation upserts a revocation so repeated deregistrations are idempotent and cert_expires_at is kept fresh if the caller knows a newer cert existed.

func (*Store) PutAgentsBulk 

func (s *Store) PutAgentsBulk(ctx context.Context, agents []storage.AgentRecord) error

PutAgentsBulk upserts a batch of agents in a single transaction using chunked multi-row INSERT. See Store.PutAgentsBulk in storage/store.go for the full contract.

func (*Store) PutCPSecret 

func (s *Store) PutCPSecret(ctx context.Context, key string, value []byte) error

func (*Store) PutCertificateAuthority 

func (s *Store) PutCertificateAuthority(ctx context.Context, authority storage.CertificateAuthorityRecord) error

func (*Store) PutClient 

func (s *Store) PutClient(ctx context.Context, client storage.ClientRecord) error

func (*Store) PutClientAssignment 

func (s *Store) PutClientAssignment(ctx context.Context, assignment storage.ClientAssignmentRecord) error

func (*Store) PutClientDeployment 

func (s *Store) PutClientDeployment(ctx context.Context, deployment storage.ClientDeploymentRecord) error

func (*Store) PutDiscoveredClient 

func (s *Store) PutDiscoveredClient(ctx context.Context, record storage.DiscoveredClientRecord) error

func (*Store) PutEnrollmentToken 

func (s *Store) PutEnrollmentToken(ctx context.Context, token storage.EnrollmentTokenRecord) error

PutEnrollmentToken upserts one enrollment_tokens row.

R-Q-03: routed through dbsqlc.UpsertEnrollmentToken so the postgres path gains compile-time type safety on every column. value_hash is left at its ” default by the SQL — when a caller needs to write the hash, the params struct can be widened in one place.

func (*Store) PutFleetGroup 

func (s *Store) PutFleetGroup(ctx context.Context, group storage.FleetGroupRecord) error

func (*Store) PutInstance 

func (s *Store) PutInstance(ctx context.Context, instance storage.InstanceRecord) error

func (*Store) PutInstancesBulk 

func (s *Store) PutInstancesBulk(ctx context.Context, instances []storage.InstanceRecord) error

PutInstancesBulk upserts a batch of Telemt instances. See Store.PutInstancesBulk.

func (*Store) PutJob 

func (s *Store) PutJob(ctx context.Context, job storage.JobRecord) error

func (*Store) PutJobTarget 

func (s *Store) PutJobTarget(ctx context.Context, target storage.JobTargetRecord) error

func (*Store) PutPanelSettings 

func (s *Store) PutPanelSettings(ctx context.Context, settings storage.PanelSettingsRecord) error

func (*Store) PutRetentionSettings 

func (s *Store) PutRetentionSettings(ctx context.Context, settings storage.RetentionSettings) error

func (*Store) PutSession 

func (s *Store) PutSession(ctx context.Context, session storage.SessionRecord) error

func (*Store) PutTelemetryDetailBoost 

func (s *Store) PutTelemetryDetailBoost(ctx context.Context, record storage.TelemetryDetailBoostRecord) error

func (*Store) PutTelemetryDiagnosticsCurrent 

func (s *Store) PutTelemetryDiagnosticsCurrent(ctx context.Context, record storage.TelemetryDiagnosticsCurrentRecord) error

func (*Store) PutTelemetryRuntimeCurrent 

func (s *Store) PutTelemetryRuntimeCurrent(ctx context.Context, record storage.TelemetryRuntimeCurrentRecord) error

func (*Store) PutTelemetrySecurityInventoryCurrent 

func (s *Store) PutTelemetrySecurityInventoryCurrent(ctx context.Context, record storage.TelemetrySecurityInventoryCurrentRecord) error

func (*Store) PutUpdateSettings 

func (s *Store) PutUpdateSettings(ctx context.Context, data json.RawMessage) error

func (*Store) PutUpdateState 

func (s *Store) PutUpdateState(ctx context.Context, data json.RawMessage) error

func (*Store) PutUser 

func (s *Store) PutUser(ctx context.Context, user storage.UserRecord) error

PutUser upserts one users row.

R-Q-03: routed through dbsqlc.UpsertUser. The created_at column is no longer touched by the upsert path so an UPDATE keeps the original timestamp — this matches the prior behaviour where ON CONFLICT set created_at to EXCLUDED.created_at and callers passed the same value they originally inserted; the column is stable across upserts so dropping it from the SET keeps the existing semantic for every observed callsite.

func (*Store) PutUserAppearance 

func (s *Store) PutUserAppearance(ctx context.Context, appearance storage.UserAppearanceRecord) error

func (*Store) ReassignFleetGroupMembers 

func (s *Store) ReassignFleetGroupMembers(ctx context.Context, fromID, toID string) (storage.ReassignCounts, error)

ReassignFleetGroupMembers is NOT atomic on its own — callers must wrap the full delete flow in Store.Transact. See fleet.Service.Delete.

func (*Store) ReplaceTelemetryRuntimeDCs 

func (s *Store) ReplaceTelemetryRuntimeDCs(ctx context.Context, agentID string, records []storage.TelemetryRuntimeDCRecord) error

func (*Store) ReplaceTelemetryRuntimeUpstreams 

func (s *Store) ReplaceTelemetryRuntimeUpstreams(ctx context.Context, agentID string, records []storage.TelemetryRuntimeUpstreamRecord) error

func (*Store) RevokeAgentCertificateRecoveryGrant 

func (s *Store) RevokeAgentCertificateRecoveryGrant(ctx context.Context, agentID string, revokedAt time.Time) (storage.AgentCertificateRecoveryGrantRecord, error)

func (*Store) RevokeEnrollmentToken 

func (s *Store) RevokeEnrollmentToken(ctx context.Context, value string, revokedAt time.Time) (storage.EnrollmentTokenRecord, error)

func (*Store) RollupServerLoadHourly 

func (s *Store) RollupServerLoadHourly(ctx context.Context, bucketHour time.Time) error

func (*Store) SetUserFleetGroupScopes 

func (s *Store) SetUserFleetGroupScopes(ctx context.Context, userID string, fleetGroupIDs []string, grantedBy string, grantedAt time.Time) error

SetUserFleetGroupScopes replaces the user's scope set with the supplied list. Wrapped in a single transaction so a partially applied update cannot leave the operator stuck halfway between scopes.

func (*Store) TouchSession 

func (s *Store) TouchSession(ctx context.Context, sessionID string, lastSeenAt time.Time) error

TouchSession updates only last_seen_at so the sliding idle timeout survives restart (Q2.U-S-12).

func (*Store) Transact 

func (s *Store) Transact(ctx context.Context, fn storage.TxFn) error

Transact runs fn inside a single database transaction with read-committed isolation. On serialization failures it retries up to maxTransactRetries times. See storage.Store.Transact for the full contract.

func (*Store) UpdateAgentCertSerial 

func (s *Store) UpdateAgentCertSerial(ctx context.Context, agentID string, serial string) error

UpdateAgentCertSerial pins the latest issued client cert serial (Q4.U-S-04). Called after each successful issuance.

func (*Store) UpdateAgentFleetGroup 

func (s *Store) UpdateAgentFleetGroup(ctx context.Context, agentID, fleetGroupID string) error

func (*Store) UpdateAgentNodeName 

func (s *Store) UpdateAgentNodeName(ctx context.Context, agentID string, nodeName string) error

func (*Store) UpdateDiscoveredClientStatus 

func (s *Store) UpdateDiscoveredClientStatus(ctx context.Context, id string, status string, updatedAt time.Time) error

func (*Store) UpdateDiscoveredClientStatusBulk 

func (s *Store) UpdateDiscoveredClientStatusBulk(ctx context.Context, ids []string, status string, updatedAt time.Time) error

UpdateDiscoveredClientStatusBulk flips the status for every ID in one statement (Q2.U-P-10). The duplicate-secret adoption flow uses it so the work stays O(1) round-trips regardless of duplicate count.

func (*Store) UpdateFleetGroup 

func (s *Store) UpdateFleetGroup(ctx context.Context, group storage.FleetGroupRecord) error

UpdateFleetGroup mutates editable fields only; `name` is the immutable slug and is not in the SET list.

func (*Store) UpdateFleetGroupIntegration 

func (s *Store) UpdateFleetGroupIntegration(ctx context.Context, i storage.FleetGroupIntegrationRecord) error

func (*Store) UpdateIntegrationProvider 

func (s *Store) UpdateIntegrationProvider(ctx context.Context, p storage.IntegrationProviderRecord) error

func (*Store) UpsertClientIPHistory 

func (s *Store) UpsertClientIPHistory(ctx context.Context, record storage.ClientIPHistoryRecord) error

func (*Store) UpsertClientIPHistoryBulk 

func (s *Store) UpsertClientIPHistoryBulk(ctx context.Context, records []storage.ClientIPHistoryRecord) error

UpsertClientIPHistoryBulk upserts a batch of client-ip history rows. Same ON CONFLICT (agent_id, client_id, ip_address) DO UPDATE SET last_seen as the single-row variant; when the same (agent, client, ip) key appears twice in one batch, the last row's last_seen wins.

func (*Store) UpsertClientUsage 

func (s *Store) UpsertClientUsage(ctx context.Context, r storage.ClientUsageRecord) error

func (*Store) UpsertConsumedTotp 

func (s *Store) UpsertConsumedTotp(ctx context.Context, record storage.ConsumedTotpRecord) error

func (*Store) UpsertLoginLockout 

func (s *Store) UpsertLoginLockout(ctx context.Context, record storage.LoginLockoutRecord) error

func (*Store) UseAgentCertificateRecoveryGrant 

func (s *Store) UseAgentCertificateRecoveryGrant(ctx context.Context, agentID string, usedAt time.Time) (storage.AgentCertificateRecoveryGrantRecord, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.