metacrypt/internal/db/migrate.go

package db

import (
	"database/sql"

	mcdsldb "git.wntrmute.dev/kyle/mcdsl/db"
)

// Migrations is the ordered list of metacrypt schema migrations.
var Migrations = []mcdsldb.Migration{
	{
		Version: 1,
		Name:    "initial schema",
		SQL: `CREATE TABLE IF NOT EXISTS seal_config (
		id INTEGER PRIMARY KEY CHECK (id = 1),
		encrypted_mek BLOB NOT NULL,
		kdf_salt BLOB NOT NULL,
		argon2_time INTEGER NOT NULL,
		argon2_memory INTEGER NOT NULL,
		argon2_threads INTEGER NOT NULL,
		initialized_at DATETIME NOT NULL DEFAULT (datetime('now'))
	);

	CREATE TABLE IF NOT EXISTS barrier_entries (
		path TEXT PRIMARY KEY,
		value BLOB NOT NULL,
		created_at DATETIME NOT NULL DEFAULT (datetime('now')),
		updated_at DATETIME NOT NULL DEFAULT (datetime('now'))
	);`,
	},
	{
		Version: 2,
		Name:    "barrier key registry",
		SQL: `CREATE TABLE IF NOT EXISTS barrier_keys (
		key_id       TEXT PRIMARY KEY,
		version      INTEGER NOT NULL DEFAULT 1,
		encrypted_dek BLOB NOT NULL,
		created_at   DATETIME NOT NULL DEFAULT (datetime('now')),
		rotated_at   DATETIME NOT NULL DEFAULT (datetime('now'))
	);`,
	},
}

// Migrate applies all pending migrations.
func Migrate(database *sql.DB) error {
	return mcdsldb.Migrate(database, Migrations)
}