db

package
v1.3.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 24, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Overview

package db provides the data access layer for Keymaster. It abstracts the underlying database (e.g., SQLite, PostgreSQL) behind a consistent interface, allowing the rest of the application to interact with the database in a uniform way.

package db provides the data access layer for Keymaster. This file contains the MySQL implementation of the database store. Note: This implementation is considered experimental.

package db provides the data access layer for Keymaster. This file contains the PostgreSQL implementation of the database store. Note: This implementation is considered experimental.

package db provides the data access layer for Keymaster. This file contains the SQLite implementation of the database store.

Index

Constants

This section is empty.

Variables

View Source 
var (

	// ErrDuplicate is returned when a unique constraint is violated.
	ErrDuplicate = errors.New("duplicate entry")
)

Functions

func AddAccount 

func AddAccount(username, hostname, label, tags string) error

AddAccount adds a new account to the database.

func AddKnownHostKey 

func AddKnownHostKey(hostname, key string) error

AddKnownHostKey adds a new trusted host key to the database.

func AddPublicKey 

func AddPublicKey(algorithm, keyData, comment string, isGlobal bool) error

AddPublicKey adds a new public key to the database.

func AddPublicKeyAndGetModel 

func AddPublicKeyAndGetModel(algorithm, keyData, comment string, isGlobal bool) (*model.PublicKey, error)

AddPublicKeyAndGetModel adds a public key to the database if it doesn't already exist (based on the comment) and returns the full key model. If a key with the same comment already exists, it returns (nil, nil) to indicate a duplicate without an error.

func AssignKeyToAccount 

func AssignKeyToAccount(keyID, accountID int) error

AssignKeyToAccount creates an association between a key and an account.

func CreateSystemKey 

func CreateSystemKey(publicKey, privateKey string) (int, error)

CreateSystemKey adds a new system key to the database. It determines the correct serial automatically.

func DeleteAccount 

func DeleteAccount(id int) error

DeleteAccount removes an account from the database by its ID.

func DeletePublicKey 

func DeletePublicKey(id int) error

DeletePublicKey removes a public key and all its associations. The ON DELETE CASCADE constraint handles the associations in account_keys.

func GetAccountsForKey 

func GetAccountsForKey(keyID int) ([]model.Account, error)

GetAccountsForKey retrieves all accounts that have a specific public key assigned.

func GetActiveSystemKey 

func GetActiveSystemKey() (*model.SystemKey, error)

GetActiveSystemKey retrieves the currently active system key for deployments.

func GetAllAccounts 

func GetAllAccounts() ([]model.Account, error)

GetAllAccounts retrieves all accounts from the database.

func GetAllActiveAccounts 

func GetAllActiveAccounts() ([]model.Account, error)

GetAllActiveAccounts retrieves all active accounts from the database.

func GetAllAuditLogEntries 

func GetAllAuditLogEntries() ([]model.AuditLogEntry, error)

GetAllAuditLogEntries retrieves all entries from the audit log, most recent first.

func GetAllPublicKeys 

func GetAllPublicKeys() ([]model.PublicKey, error)

GetAllPublicKeys retrieves all public keys from the database.

func GetGlobalPublicKeys 

func GetGlobalPublicKeys() ([]model.PublicKey, error)

GetGlobalPublicKeys retrieves all keys marked as global.

func GetKeysForAccount 

func GetKeysForAccount(accountID int) ([]model.PublicKey, error)

GetKeysForAccount retrieves all public keys assigned to a specific account.

func GetKnownHostKey 

func GetKnownHostKey(hostname string) (string, error)

GetKnownHostKey retrieves the trusted public key for a given hostname.

func GetPublicKeyByComment 

func GetPublicKeyByComment(comment string) (*model.PublicKey, error)

GetPublicKeyByComment retrieves a single public key by its unique comment.

func GetSystemKeyBySerial 

func GetSystemKeyBySerial(serial int) (*model.SystemKey, error)

GetSystemKeyBySerial retrieves a system key by its serial number.

func HasSystemKeys 

func HasSystemKeys() (bool, error)

HasSystemKeys checks if any system keys exist in the database.

func InitDB 

func InitDB(dbType, dsn string) error

InitDB initializes the database connection based on the provided type and DSN. It sets the global `store` variable to the appropriate database implementation and runs any pending database migrations.

func LogAction 

func LogAction(action string, details string) error

LogAction records an audit trail event.

func RotateSystemKey 

func RotateSystemKey(publicKey, privateKey string) (int, error)

RotateSystemKey deactivates all current system keys and adds a new one as active. This should be performed within a transaction to ensure atomicity.

func ToggleAccountStatus 

func ToggleAccountStatus(id int) error

ToggleAccountStatus flips the active status of an account.

func TogglePublicKeyGlobal 

func TogglePublicKeyGlobal(id int) error

TogglePublicKeyGlobal flips the 'is_global' status of a public key.

func UnassignKeyFromAccount 

func UnassignKeyFromAccount(keyID, accountID int) error

UnassignKeyFromAccount removes an association between a key and an account.

func UpdateAccountLabel 

func UpdateAccountLabel(id int, label string) error

UpdateAccountLabel updates the label for a given account.

func UpdateAccountSerial 

func UpdateAccountSerial(id, serial int) error

UpdateAccountSerial sets the system key serial for a given account ID. This is typically called after a successful deployment.

func UpdateAccountTags 

func UpdateAccountTags(id int, tags string) error

UpdateAccountTags updates the tags for a given account.

Types

type MySQLStore 

type MySQLStore struct {
	// contains filtered or unexported fields
}

MySQLStore is the MySQL implementation of the Store interface.

func NewMySQLStore 

func NewMySQLStore(dataSourceName string) (*MySQLStore, error)

NewMySQLStore initializes the database connection and creates tables if they don't exist.

func (*MySQLStore) AddAccount 

func (s *MySQLStore) AddAccount(username, hostname, label, tags string) error

func (*MySQLStore) AddKnownHostKey 

func (s *MySQLStore) AddKnownHostKey(hostname, key string) error

func (*MySQLStore) AddPublicKey 

func (s *MySQLStore) AddPublicKey(algorithm, keyData, comment string, isGlobal bool) error

func (*MySQLStore) AddPublicKeyAndGetModel 

func (s *MySQLStore) AddPublicKeyAndGetModel(algorithm, keyData, comment string, isGlobal bool) (*model.PublicKey, error)

func (*MySQLStore) AssignKeyToAccount 

func (s *MySQLStore) AssignKeyToAccount(keyID, accountID int) error

func (*MySQLStore) CreateSystemKey 

func (s *MySQLStore) CreateSystemKey(publicKey, privateKey string) (int, error)

func (*MySQLStore) DeleteAccount 

func (s *MySQLStore) DeleteAccount(id int) error

func (*MySQLStore) DeletePublicKey 

func (s *MySQLStore) DeletePublicKey(id int) error

func (*MySQLStore) GetAccountsForKey 

func (s *MySQLStore) GetAccountsForKey(keyID int) ([]model.Account, error)

func (*MySQLStore) GetActiveSystemKey 

func (s *MySQLStore) GetActiveSystemKey() (*model.SystemKey, error)

func (*MySQLStore) GetAllAccounts 

func (s *MySQLStore) GetAllAccounts() ([]model.Account, error)

func (*MySQLStore) GetAllActiveAccounts 

func (s *MySQLStore) GetAllActiveAccounts() ([]model.Account, error)

func (*MySQLStore) GetAllAuditLogEntries 

func (s *MySQLStore) GetAllAuditLogEntries() ([]model.AuditLogEntry, error)

func (*MySQLStore) GetAllPublicKeys 

func (s *MySQLStore) GetAllPublicKeys() ([]model.PublicKey, error)

func (*MySQLStore) GetGlobalPublicKeys 

func (s *MySQLStore) GetGlobalPublicKeys() ([]model.PublicKey, error)

func (*MySQLStore) GetKeysForAccount 

func (s *MySQLStore) GetKeysForAccount(accountID int) ([]model.PublicKey, error)

func (*MySQLStore) GetKnownHostKey 

func (s *MySQLStore) GetKnownHostKey(hostname string) (string, error)

func (*MySQLStore) GetPublicKeyByComment 

func (s *MySQLStore) GetPublicKeyByComment(comment string) (*model.PublicKey, error)

func (*MySQLStore) GetSystemKeyBySerial 

func (s *MySQLStore) GetSystemKeyBySerial(serial int) (*model.SystemKey, error)

func (*MySQLStore) HasSystemKeys 

func (s *MySQLStore) HasSystemKeys() (bool, error)

func (*MySQLStore) LogAction 

func (s *MySQLStore) LogAction(action string, details string) error

func (*MySQLStore) RotateSystemKey 

func (s *MySQLStore) RotateSystemKey(publicKey, privateKey string) (int, error)

func (*MySQLStore) ToggleAccountStatus 

func (s *MySQLStore) ToggleAccountStatus(id int) error

func (*MySQLStore) TogglePublicKeyGlobal 

func (s *MySQLStore) TogglePublicKeyGlobal(id int) error

func (*MySQLStore) UnassignKeyFromAccount 

func (s *MySQLStore) UnassignKeyFromAccount(keyID, accountID int) error

func (*MySQLStore) UpdateAccountLabel 

func (s *MySQLStore) UpdateAccountLabel(id int, label string) error

func (*MySQLStore) UpdateAccountSerial 

func (s *MySQLStore) UpdateAccountSerial(id, serial int) error

func (*MySQLStore) UpdateAccountTags 

func (s *MySQLStore) UpdateAccountTags(id int, tags string) error

type PostgresStore 

type PostgresStore struct {
	// contains filtered or unexported fields
}

PostgresStore is the PostgreSQL implementation of the Store interface.

func NewPostgresStore 

func NewPostgresStore(dataSourceName string) (*PostgresStore, error)

NewPostgresStore initializes the database connection and creates tables if they don't exist.

func (*PostgresStore) AddAccount 

func (s *PostgresStore) AddAccount(username, hostname, label, tags string) error

func (*PostgresStore) AddKnownHostKey 

func (s *PostgresStore) AddKnownHostKey(hostname, key string) error

func (*PostgresStore) AddPublicKey 

func (s *PostgresStore) AddPublicKey(algorithm, keyData, comment string, isGlobal bool) error

func (*PostgresStore) AddPublicKeyAndGetModel 

func (s *PostgresStore) AddPublicKeyAndGetModel(algorithm, keyData, comment string, isGlobal bool) (*model.PublicKey, error)

func (*PostgresStore) AssignKeyToAccount 

func (s *PostgresStore) AssignKeyToAccount(keyID, accountID int) error

func (*PostgresStore) CreateSystemKey 

func (s *PostgresStore) CreateSystemKey(publicKey, privateKey string) (int, error)

func (*PostgresStore) DeleteAccount 

func (s *PostgresStore) DeleteAccount(id int) error

func (*PostgresStore) DeletePublicKey 

func (s *PostgresStore) DeletePublicKey(id int) error

func (*PostgresStore) GetAccountsForKey 

func (s *PostgresStore) GetAccountsForKey(keyID int) ([]model.Account, error)

func (*PostgresStore) GetActiveSystemKey 

func (s *PostgresStore) GetActiveSystemKey() (*model.SystemKey, error)

func (*PostgresStore) GetAllAccounts 

func (s *PostgresStore) GetAllAccounts() ([]model.Account, error)

func (*PostgresStore) GetAllActiveAccounts 

func (s *PostgresStore) GetAllActiveAccounts() ([]model.Account, error)

func (*PostgresStore) GetAllAuditLogEntries 

func (s *PostgresStore) GetAllAuditLogEntries() ([]model.AuditLogEntry, error)

func (*PostgresStore) GetAllPublicKeys 

func (s *PostgresStore) GetAllPublicKeys() ([]model.PublicKey, error)

func (*PostgresStore) GetGlobalPublicKeys 

func (s *PostgresStore) GetGlobalPublicKeys() ([]model.PublicKey, error)

func (*PostgresStore) GetKeysForAccount 

func (s *PostgresStore) GetKeysForAccount(accountID int) ([]model.PublicKey, error)

func (*PostgresStore) GetKnownHostKey 

func (s *PostgresStore) GetKnownHostKey(hostname string) (string, error)

func (*PostgresStore) GetPublicKeyByComment 

func (s *PostgresStore) GetPublicKeyByComment(comment string) (*model.PublicKey, error)

func (*PostgresStore) GetSystemKeyBySerial 

func (s *PostgresStore) GetSystemKeyBySerial(serial int) (*model.SystemKey, error)

func (*PostgresStore) HasSystemKeys 

func (s *PostgresStore) HasSystemKeys() (bool, error)

func (*PostgresStore) LogAction 

func (s *PostgresStore) LogAction(action string, details string) error

func (*PostgresStore) RotateSystemKey 

func (s *PostgresStore) RotateSystemKey(publicKey, privateKey string) (int, error)

func (*PostgresStore) ToggleAccountStatus 

func (s *PostgresStore) ToggleAccountStatus(id int) error

func (*PostgresStore) TogglePublicKeyGlobal 

func (s *PostgresStore) TogglePublicKeyGlobal(id int) error

func (*PostgresStore) UnassignKeyFromAccount 

func (s *PostgresStore) UnassignKeyFromAccount(keyID, accountID int) error

func (*PostgresStore) UpdateAccountLabel 

func (s *PostgresStore) UpdateAccountLabel(id int, label string) error

func (*PostgresStore) UpdateAccountSerial 

func (s *PostgresStore) UpdateAccountSerial(id, serial int) error

func (*PostgresStore) UpdateAccountTags 

func (s *PostgresStore) UpdateAccountTags(id int, tags string) error

type SqliteStore 

type SqliteStore struct {
	// contains filtered or unexported fields
}

SqliteStore is the SQLite implementation of the Store interface.

func NewSqliteStore 

func NewSqliteStore(dataSourceName string) (*SqliteStore, error)

NewSqliteStore initializes the database connection and creates tables if they don't exist.

func (*SqliteStore) AddAccount 

func (s *SqliteStore) AddAccount(username, hostname, label, tags string) error

AddAccount adds a new account to the database.

func (*SqliteStore) AddKnownHostKey 

func (s *SqliteStore) AddKnownHostKey(hostname, key string) error

AddKnownHostKey adds a new trusted host key to the database.

func (*SqliteStore) AddPublicKey 

func (s *SqliteStore) AddPublicKey(algorithm, keyData, comment string, isGlobal bool) error

AddPublicKey adds a new public key to the database.

func (*SqliteStore) AddPublicKeyAndGetModel 

func (s *SqliteStore) AddPublicKeyAndGetModel(algorithm, keyData, comment string, isGlobal bool) (*model.PublicKey, error)

AddPublicKeyAndGetModel adds a public key to the database if it doesn't already exist (based on the comment) and returns the full key model. It returns (nil, nil) if the key is a duplicate.

func (*SqliteStore) AssignKeyToAccount 

func (s *SqliteStore) AssignKeyToAccount(keyID, accountID int) error

AssignKeyToAccount creates an association between a key and an account.

func (*SqliteStore) CreateSystemKey 

func (s *SqliteStore) CreateSystemKey(publicKey, privateKey string) (int, error)

CreateSystemKey adds a new system key to the database. It determines the correct serial automatically.

func (*SqliteStore) DeleteAccount 

func (s *SqliteStore) DeleteAccount(id int) error

DeleteAccount removes an account from the database by its ID.

func (*SqliteStore) DeletePublicKey 

func (s *SqliteStore) DeletePublicKey(id int) error

DeletePublicKey removes a public key and all its associations. The ON DELETE CASCADE constraint handles the associations in account_keys.

func (*SqliteStore) GetAccountsForKey 

func (s *SqliteStore) GetAccountsForKey(keyID int) ([]model.Account, error)

GetAccountsForKey retrieves all accounts that have a specific public key assigned.

func (*SqliteStore) GetActiveSystemKey 

func (s *SqliteStore) GetActiveSystemKey() (*model.SystemKey, error)

GetActiveSystemKey retrieves the currently active system key for deployments.

func (*SqliteStore) GetAllAccounts 

func (s *SqliteStore) GetAllAccounts() ([]model.Account, error)

GetAllAccounts retrieves all accounts from the database.

func (*SqliteStore) GetAllActiveAccounts 

func (s *SqliteStore) GetAllActiveAccounts() ([]model.Account, error)

GetAllActiveAccounts retrieves all active accounts from the database.

func (*SqliteStore) GetAllAuditLogEntries 

func (s *SqliteStore) GetAllAuditLogEntries() ([]model.AuditLogEntry, error)

GetAllAuditLogEntries retrieves all entries from the audit log, most recent first.

func (*SqliteStore) GetAllPublicKeys 

func (s *SqliteStore) GetAllPublicKeys() ([]model.PublicKey, error)

GetAllPublicKeys retrieves all public keys from the database.

func (*SqliteStore) GetGlobalPublicKeys 

func (s *SqliteStore) GetGlobalPublicKeys() ([]model.PublicKey, error)

GetGlobalPublicKeys retrieves all keys marked as global.

func (*SqliteStore) GetKeysForAccount 

func (s *SqliteStore) GetKeysForAccount(accountID int) ([]model.PublicKey, error)

GetKeysForAccount retrieves all public keys assigned to a specific account.

func (*SqliteStore) GetKnownHostKey 

func (s *SqliteStore) GetKnownHostKey(hostname string) (string, error)

GetKnownHostKey retrieves the trusted public key for a given hostname.

func (*SqliteStore) GetPublicKeyByComment 

func (s *SqliteStore) GetPublicKeyByComment(comment string) (*model.PublicKey, error)

GetPublicKeyByComment retrieves a single public key by its unique comment.

func (*SqliteStore) GetSystemKeyBySerial 

func (s *SqliteStore) GetSystemKeyBySerial(serial int) (*model.SystemKey, error)

GetSystemKeyBySerial retrieves a system key by its serial number.

func (*SqliteStore) HasSystemKeys 

func (s *SqliteStore) HasSystemKeys() (bool, error)

HasSystemKeys checks if any system keys exist in the database.

func (*SqliteStore) LogAction 

func (s *SqliteStore) LogAction(action string, details string) error

LogAction records an audit trail event.

func (*SqliteStore) RotateSystemKey 

func (s *SqliteStore) RotateSystemKey(publicKey, privateKey string) (int, error)

RotateSystemKey deactivates all current system keys and adds a new one as active. This should be performed within a transaction to ensure atomicity.

func (*SqliteStore) ToggleAccountStatus 

func (s *SqliteStore) ToggleAccountStatus(id int) error

ToggleAccountStatus flips the active status of an account.

func (*SqliteStore) TogglePublicKeyGlobal 

func (s *SqliteStore) TogglePublicKeyGlobal(id int) error

TogglePublicKeyGlobal flips the 'is_global' status of a public key.

func (*SqliteStore) UnassignKeyFromAccount 

func (s *SqliteStore) UnassignKeyFromAccount(keyID, accountID int) error

UnassignKeyFromAccount removes an association between a key and an account.

func (*SqliteStore) UpdateAccountLabel 

func (s *SqliteStore) UpdateAccountLabel(id int, label string) error

UpdateAccountLabel updates the label for a given account.

func (*SqliteStore) UpdateAccountSerial 

func (s *SqliteStore) UpdateAccountSerial(id, serial int) error

UpdateAccountSerial sets the serial for a given account ID to a specific value.

func (*SqliteStore) UpdateAccountTags 

func (s *SqliteStore) UpdateAccountTags(id int, tags string) error

UpdateAccountTags updates the tags for a given account.

type Store 

type Store interface {
	// Account methods
	GetAllAccounts() ([]model.Account, error)
	AddAccount(username, hostname, label, tags string) error
	DeleteAccount(id int) error
	UpdateAccountSerial(id, serial int) error
	ToggleAccountStatus(id int) error
	UpdateAccountLabel(id int, label string) error
	UpdateAccountTags(id int, tags string) error
	GetAllActiveAccounts() ([]model.Account, error)

	// Public Key methods
	AddPublicKey(algorithm, keyData, comment string, isGlobal bool) error
	GetAllPublicKeys() ([]model.PublicKey, error)
	GetPublicKeyByComment(comment string) (*model.PublicKey, error)
	AddPublicKeyAndGetModel(algorithm, keyData, comment string, isGlobal bool) (*model.PublicKey, error)
	TogglePublicKeyGlobal(id int) error
	GetGlobalPublicKeys() ([]model.PublicKey, error)
	DeletePublicKey(id int) error

	// Host Key methods
	GetKnownHostKey(hostname string) (string, error)
	AddKnownHostKey(hostname, key string) error

	// System Key methods
	CreateSystemKey(publicKey, privateKey string) (int, error)
	RotateSystemKey(publicKey, privateKey string) (int, error)
	GetActiveSystemKey() (*model.SystemKey, error)
	GetSystemKeyBySerial(serial int) (*model.SystemKey, error)
	HasSystemKeys() (bool, error)

	// Assignment methods
	AssignKeyToAccount(keyID, accountID int) error
	UnassignKeyFromAccount(keyID, accountID int) error
	GetKeysForAccount(accountID int) ([]model.PublicKey, error)
	GetAccountsForKey(keyID int) ([]model.Account, error)

	// Audit Log methods
	GetAllAuditLogEntries() ([]model.AuditLogEntry, error)
	LogAction(action string, details string) error
}

Store defines the interface for all database operations in Keymaster. This allows for multiple database backends to be implemented.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.