GTEdgeAI/gt-ai-os-community
3
0
Fork 0
Code Issues Packages Releases Wiki Activity
Files
8b0c2b55954ccabd967e6cfaabe95902261401e3
gt-ai-os-community/scripts/migrations/011_add_system_management_tables.sql
HackWeasel b9dfb86260 GT AI OS Community Edition v2.0.33 
Security hardening release addressing CodeQL and Dependabot alerts:

- Fix stack trace exposure in error responses
- Add SSRF protection with DNS resolution checking
- Implement proper URL hostname validation (replaces substring matching)
- Add centralized path sanitization to prevent path traversal
- Fix ReDoS vulnerability in email validation regex
- Improve HTML sanitization in validation utilities
- Fix capability wildcard matching in auth utilities
- Update glob dependency to address CVE
- Add CodeQL suppression comments for verified false positives

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 17:04:45 -05:00

71 lines
2.8 KiB
SQL
Raw Blame History

-- Migration 011: Add system management tables for version tracking, updates, and backups
-- Idempotent: Uses CREATE TABLE IF NOT EXISTS and exception handling for enums
-- Create enum types (safe to recreate)
DO $$ BEGIN
CREATE TYPE updatestatus AS ENUM ('pending', 'in_progress', 'completed', 'failed', 'rolled_back');
EXCEPTION WHEN duplicate_object THEN NULL;
END $$;
DO $$ BEGIN
CREATE TYPE backuptype AS ENUM ('manual', 'pre_update', 'scheduled');
EXCEPTION WHEN duplicate_object THEN NULL;
END $$;
-- System versions table - tracks installed system versions
CREATE TABLE IF NOT EXISTS system_versions (
id SERIAL PRIMARY KEY,
uuid VARCHAR(36) NOT NULL UNIQUE DEFAULT gen_random_uuid()::text,
version VARCHAR(50) NOT NULL,
installed_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
installed_by VARCHAR(255),
is_current BOOLEAN NOT NULL DEFAULT true,
release_notes TEXT,
git_commit VARCHAR(40)
);
CREATE INDEX IF NOT EXISTS ix_system_versions_id ON system_versions(id);
CREATE INDEX IF NOT EXISTS ix_system_versions_version ON system_versions(version);
-- Update jobs table - tracks update execution
CREATE TABLE IF NOT EXISTS update_jobs (
id SERIAL PRIMARY KEY,
uuid VARCHAR(36) NOT NULL UNIQUE DEFAULT gen_random_uuid()::text,
target_version VARCHAR(50) NOT NULL,
status updatestatus NOT NULL DEFAULT 'pending',
started_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
completed_at TIMESTAMP WITH TIME ZONE,
current_stage VARCHAR(100),
logs JSONB NOT NULL DEFAULT '[]'::jsonb,
error_message TEXT,
backup_id INTEGER,
started_by VARCHAR(255),
rollback_reason TEXT
);
CREATE INDEX IF NOT EXISTS ix_update_jobs_id ON update_jobs(id);
CREATE INDEX IF NOT EXISTS ix_update_jobs_uuid ON update_jobs(uuid);
CREATE INDEX IF NOT EXISTS ix_update_jobs_status ON update_jobs(status);
-- Backup records table - tracks system backups
CREATE TABLE IF NOT EXISTS backup_records (
id SERIAL PRIMARY KEY,
uuid VARCHAR(36) NOT NULL UNIQUE DEFAULT gen_random_uuid()::text,
backup_type backuptype NOT NULL,
created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
size_bytes BIGINT,
location VARCHAR(500) NOT NULL,
version VARCHAR(50),
components JSONB NOT NULL DEFAULT '{}'::jsonb,
checksum VARCHAR(64),
created_by VARCHAR(255),
description TEXT,
is_valid BOOLEAN NOT NULL DEFAULT true,
expires_at TIMESTAMP WITH TIME ZONE
);
CREATE INDEX IF NOT EXISTS ix_backup_records_id ON backup_records(id);
CREATE INDEX IF NOT EXISTS ix_backup_records_uuid ON backup_records(uuid);
-- Seed initial version (idempotent - only inserts if no current version exists)
INSERT INTO system_versions (uuid, version, installed_by, is_current)
SELECT 'initial-version-uuid', 'v2.0.31', 'system', true
WHERE NOT EXISTS (SELECT 1 FROM system_versions WHERE is_current = true);
View Git Blame Copy Permalink