`ee55fd7`

sqlc: GetUserGPGKeyForVerification + ListAllActiveReposWithOwner + GetRepoForBackfill

Authored by mfwolffe <wolffemf@dukes.jmu.edu> yesterday

SHA: ee55fd793e887390089ef1a293c0525c409fc64a
Parents: 12b7ca3
Tree: a41ecdf

6 changed files

Status	File	+
M	`internal/repos/queries/repos.sql`	31
M	`internal/repos/sqlc/querier.go`	10
M	`internal/repos/sqlc/repos.sql.go`	84
M	`internal/users/queries/user_gpg_keys.sql`	14
M	`internal/users/sqlc/querier.go`	7
M	`internal/users/sqlc/user_gpg_keys.sql.go`	41

internal/repos/queries/repos.sqlmodified

  WHERE r.deleted_at IS NULL
  ORDER BY r.id;
 +-- name: ListAllActiveReposWithOwner :many
 +-- Used by the GPG verification backfill (S51) to enumerate every
 +-- active repo system-wide. Unlike ListAllRepoFullNames this query
 +-- handles BOTH user-owned and org-owned repos via a COALESCE between
 +-- users.username and orgs.slug; the owner string is whatever
 +-- RepoFS.RepoPath expects.
 +SELECT
 +    r.id,
 +    r.name,
 +    r.default_branch,
 +    COALESCE(u.username, o.slug) AS owner
 +FROM repos r
 +LEFT JOIN users u ON u.id = r.owner_user_id
 +LEFT JOIN orgs  o ON o.id = r.owner_org_id
 +WHERE r.deleted_at IS NULL
 +ORDER BY r.id;
++
 +-- name: GetRepoForBackfill :one
 +-- Lookup the per-repo backfill metadata. Mirrors the row shape of
 +-- ListAllActiveReposWithOwner so the per-repo job handler can run
 +-- the same code path the bulk handler uses.
 +SELECT
 +    r.id,
 +    r.name,
 +    r.default_branch,
 +    COALESCE(u.username, o.slug) AS owner
 +FROM repos r
 +LEFT JOIN users u ON u.id = r.owner_user_id
 +LEFT JOIN orgs  o ON o.id = r.owner_org_id
 +WHERE r.id = $1 AND r.deleted_at IS NULL;
++
  -- ─── S27 forks ─────────────────────────────────────────────────────
  -- name: CreateForkRepo :one

internal/repos/sqlc/querier.gomodified

  	// O(1) cost the user-side path enjoys.
  	GetRepoByOwnerOrgAndName(ctx context.Context, db DBTX, arg GetRepoByOwnerOrgAndNameParams) (Repo, error)
  	GetRepoByOwnerUserAndName(ctx context.Context, db DBTX, arg GetRepoByOwnerUserAndNameParams) (Repo, error)
 +	// Lookup the per-repo backfill metadata. Mirrors the row shape of
 +	// ListAllActiveReposWithOwner so the per-repo job handler can run
 +	// the same code path the bulk handler uses.
 +	GetRepoForBackfill(ctx context.Context, db DBTX, id int64) (GetRepoForBackfillRow, error)
  	// Returns the owner slug for a repo. Used by size-recalc, indexing, and
  	// other jobs that need the bare-repo on-disk path. Org-owned repos use the
  	// org slug in the same path position as user-owned repos.
  	// SoftDeleteSubkeysForGPGKey so the cache and the keyring stay in
  	// sync. The next read of an invalidated row triggers a re-verify.
  	InvalidateVerificationsForSubkey(ctx context.Context, db DBTX, signerSubkeyID pgtype.Int8) error
 +	// Used by the GPG verification backfill (S51) to enumerate every
 +	// active repo system-wide. Unlike ListAllRepoFullNames this query
 +	// handles BOTH user-owned and org-owned repos via a COALESCE between
 +	// users.username and orgs.slug; the owner string is whatever
 +	// RepoFS.RepoPath expects.
 +	ListAllActiveReposWithOwner(ctx context.Context, db DBTX) ([]ListAllActiveReposWithOwnerRow, error)
  	// Used by `shithubd hooks reinstall --all` to enumerate every active
  	// bare repo on disk and re-link its hooks.
  	ListAllRepoFullNames(ctx context.Context, db DBTX) ([]ListAllRepoFullNamesRow, error)

internal/repos/sqlc/repos.sql.gomodified

  	return i, err
+ }
 +const getRepoForBackfill = `-- name: GetRepoForBackfill :one
 +SELECT
 +    r.id,
 +    r.name,
 +    r.default_branch,
 +    COALESCE(u.username, o.slug) AS owner
 +FROM repos r
 +LEFT JOIN users u ON u.id = r.owner_user_id
 +LEFT JOIN orgs  o ON o.id = r.owner_org_id
 +WHERE r.id = $1 AND r.deleted_at IS NULL
 +`
++
 +type GetRepoForBackfillRow struct {
 +	ID            int64
 +	Name          string
 +	DefaultBranch string
 +	Owner         string
 +}
++
 +// Lookup the per-repo backfill metadata. Mirrors the row shape of
 +// ListAllActiveReposWithOwner so the per-repo job handler can run
 +// the same code path the bulk handler uses.
 +func (q *Queries) GetRepoForBackfill(ctx context.Context, db DBTX, id int64) (GetRepoForBackfillRow, error) {
 +	row := db.QueryRow(ctx, getRepoForBackfill, id)
 +	var i GetRepoForBackfillRow
 +	err := row.Scan(
 +		&i.ID,
 +		&i.Name,
 +		&i.DefaultBranch,
 +		&i.Owner,
 +	)
 +	return i, err
 +}
++
  const getRepoOwnerUsernameByID = `-- name: GetRepoOwnerUsernameByID :one
  SELECT COALESCE(u.username::varchar, o.slug::varchar) AS owner_username, r.name AS repo_name
  FROM repos r
  	return err
+ }
 +const listAllActiveReposWithOwner = `-- name: ListAllActiveReposWithOwner :many
 +SELECT
 +    r.id,
 +    r.name,
 +    r.default_branch,
 +    COALESCE(u.username, o.slug) AS owner
 +FROM repos r
 +LEFT JOIN users u ON u.id = r.owner_user_id
 +LEFT JOIN orgs  o ON o.id = r.owner_org_id
 +WHERE r.deleted_at IS NULL
 +ORDER BY r.id
 +`
++
 +type ListAllActiveReposWithOwnerRow struct {
 +	ID            int64
 +	Name          string
 +	DefaultBranch string
 +	Owner         string
 +}
++
 +// Used by the GPG verification backfill (S51) to enumerate every
 +// active repo system-wide. Unlike ListAllRepoFullNames this query
 +// handles BOTH user-owned and org-owned repos via a COALESCE between
 +// users.username and orgs.slug; the owner string is whatever
 +// RepoFS.RepoPath expects.
 +func (q *Queries) ListAllActiveReposWithOwner(ctx context.Context, db DBTX) ([]ListAllActiveReposWithOwnerRow, error) {
 +	rows, err := db.Query(ctx, listAllActiveReposWithOwner)
 +	if err != nil {
 +		return nil, err
 +	}
 +	defer rows.Close()
 +	items := []ListAllActiveReposWithOwnerRow{}
 +	for rows.Next() {
 +		var i ListAllActiveReposWithOwnerRow
 +		if err := rows.Scan(
 +			&i.ID,
 +			&i.Name,
 +			&i.DefaultBranch,
 +			&i.Owner,
 +		); err != nil {
 +			return nil, err
 +		}
 +		items = append(items, i)
 +	}
 +	if err := rows.Err(); err != nil {
 +		return nil, err
 +	}
 +	return items, nil
 +}
++
  const listAllRepoFullNames = `-- name: ListAllRepoFullNames :many
  SELECT
      r.id,

internal/users/queries/user_gpg_keys.sqlmodified

  FROM user_gpg_keys
  WHERE id = $1 AND user_id = $2;
 +-- name: GetUserGPGKeyForVerification :one
 +-- Non-user-scoped lookup used by the verification path. Unlike
 +-- GetUserGPGKey this query does NOT filter on user_id — the caller
 +-- already validated the subkey resolution and needs the parent
 +-- record's user_id to drive the email cross-check. Includes revoked
 +-- rows so historical commit verifications can still resolve their
 +-- signer attribution.
 +SELECT id, user_id, name, fingerprint, key_id, armored,
 +       can_sign, can_encrypt_comms, can_encrypt_storage, can_certify, can_authenticate,
 +       uids, subkeys, primary_algo,
 +       created_at, last_used_at, revoked_at, expires_at
 +FROM user_gpg_keys
 +WHERE id = $1;
++
  -- name: GetUserGPGKeyByFingerprint :one
  -- Uniqueness probe used by the add path to surface a friendly
  -- "this key is already registered" error before the unique index

internal/users/sqlc/querier.gomodified

  	// violation. Returns any row matching the fingerprint regardless of
  	// which user owns it (global uniqueness is the contract).
  	GetUserGPGKeyByFingerprint(ctx context.Context, db DBTX, fingerprint string) (UserGpgKey, error)
 +	// Non-user-scoped lookup used by the verification path. Unlike
 +	// GetUserGPGKey this query does NOT filter on user_id — the caller
 +	// already validated the subkey resolution and needs the parent
 +	// record's user_id to drive the email cross-check. Includes revoked
 +	// rows so historical commit verifications can still resolve their
 +	// signer attribution.
 +	GetUserGPGKeyForVerification(ctx context.Context, db DBTX, id int64) (UserGpgKey, error)
  	// Hot path for commit/tag signature verification. The signature
  	// packet carries the signing subkey's fingerprint; this query
  	// resolves it back to the primary key (and via FK to the user).

internal/users/sqlc/user_gpg_keys.sql.gomodified

  	return i, err
+ }
 +const getUserGPGKeyForVerification = `-- name: GetUserGPGKeyForVerification :one
 +SELECT id, user_id, name, fingerprint, key_id, armored,
 +       can_sign, can_encrypt_comms, can_encrypt_storage, can_certify, can_authenticate,
 +       uids, subkeys, primary_algo,
 +       created_at, last_used_at, revoked_at, expires_at
 +FROM user_gpg_keys
 +WHERE id = $1
 +`
++
 +// Non-user-scoped lookup used by the verification path. Unlike
 +// GetUserGPGKey this query does NOT filter on user_id — the caller
 +// already validated the subkey resolution and needs the parent
 +// record's user_id to drive the email cross-check. Includes revoked
 +// rows so historical commit verifications can still resolve their
 +// signer attribution.
 +func (q *Queries) GetUserGPGKeyForVerification(ctx context.Context, db DBTX, id int64) (UserGpgKey, error) {
 +	row := db.QueryRow(ctx, getUserGPGKeyForVerification, id)
 +	var i UserGpgKey
 +	err := row.Scan(
 +		&i.ID,
 +		&i.UserID,
 +		&i.Name,
 +		&i.Fingerprint,
 +		&i.KeyID,
 +		&i.Armored,
 +		&i.CanSign,
 +		&i.CanEncryptComms,
 +		&i.CanEncryptStorage,
 +		&i.CanCertify,
 +		&i.CanAuthenticate,
 +		&i.Uids,
 +		&i.Subkeys,
 +		&i.PrimaryAlgo,
 +		&i.CreatedAt,
 +		&i.LastUsedAt,
 +		&i.RevokedAt,
 +		&i.ExpiresAt,
 +	)
 +	return i, err
 +}
++
  const insertUserGPGKey = `-- name: InsertUserGPGKey :one
  INSERT INTO user_gpg_keys (