up

src/Scheduler/__Libraries/StellaOps.Scheduler.Storage.Postgres/Migrations/001_initial_schema.sql

@@ -170,3 +170,192 @@ $$ LANGUAGE plpgsql;
 CREATE TRIGGER trg_triggers_updated_at
     BEFORE UPDATE ON scheduler.triggers
     FOR EACH ROW EXECUTE FUNCTION scheduler.update_updated_at();
+
+-- Schedules table (control-plane schedules)
+CREATE TABLE IF NOT EXISTS scheduler.schedules (
+    id TEXT PRIMARY KEY,
+    tenant_id TEXT NOT NULL,
+    name TEXT NOT NULL,
+    description TEXT,
+    enabled BOOLEAN NOT NULL DEFAULT TRUE,
+    cron_expression TEXT,
+    timezone TEXT NOT NULL DEFAULT 'UTC',
+    mode TEXT NOT NULL CHECK (mode IN ('analysisonly', 'contentrefresh')),
+    selection JSONB NOT NULL DEFAULT '{}',
+    only_if JSONB NOT NULL DEFAULT '{}',
+    notify JSONB NOT NULL DEFAULT '{}',
+    limits JSONB NOT NULL DEFAULT '{}',
+    subscribers TEXT[] NOT NULL DEFAULT '{}',
+    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    created_by TEXT NOT NULL,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    updated_by TEXT NOT NULL,
+    deleted_at TIMESTAMPTZ,
+    deleted_by TEXT
+);
+
+CREATE INDEX IF NOT EXISTS idx_schedules_tenant ON scheduler.schedules(tenant_id) WHERE deleted_at IS NULL;
+CREATE INDEX IF NOT EXISTS idx_schedules_enabled ON scheduler.schedules(tenant_id, enabled) WHERE deleted_at IS NULL;
+CREATE UNIQUE INDEX IF NOT EXISTS uq_schedules_tenant_name_active ON scheduler.schedules(tenant_id, name) WHERE deleted_at IS NULL;
+
+-- Runs table (execution records)
+CREATE TABLE IF NOT EXISTS scheduler.runs (
+    id TEXT PRIMARY KEY,
+    tenant_id TEXT NOT NULL,
+    schedule_id TEXT REFERENCES scheduler.schedules(id),
+    state TEXT NOT NULL CHECK (state IN ('planning','queued','running','completed','error','cancelled')),
+    trigger TEXT NOT NULL,
+    stats JSONB NOT NULL DEFAULT '{}',
+    deltas JSONB NOT NULL DEFAULT '[]',
+    reason JSONB NOT NULL DEFAULT '{}',
+    retry_of TEXT REFERENCES scheduler.runs(id),
+    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    started_at TIMESTAMPTZ,
+    finished_at TIMESTAMPTZ,
+    error TEXT,
+    created_by TEXT,
+    updated_at TIMESTAMPTZ,
+    metadata JSONB NOT NULL DEFAULT '{}'
+);
+
+CREATE INDEX IF NOT EXISTS idx_runs_tenant_state ON scheduler.runs(tenant_id, state);
+CREATE INDEX IF NOT EXISTS idx_runs_schedule ON scheduler.runs(schedule_id);
+CREATE INDEX IF NOT EXISTS idx_runs_created ON scheduler.runs(created_at DESC);
+
+-- Graph jobs table
+CREATE TABLE IF NOT EXISTS scheduler.graph_jobs (
+    id TEXT PRIMARY KEY,
+    tenant_id TEXT NOT NULL,
+    sbom_id TEXT NOT NULL,
+    sbom_version_id TEXT,
+    sbom_digest TEXT NOT NULL,
+    graph_snapshot_id TEXT,
+    status TEXT NOT NULL CHECK (status IN ('pending','queued','running','completed','failed','cancelled')),
+    trigger TEXT NOT NULL CHECK (trigger IN ('sbom-version','backfill','manual')),
+    priority INT NOT NULL DEFAULT 100,
+    attempts INT NOT NULL DEFAULT 0,
+    max_attempts INT NOT NULL DEFAULT 3,
+    cartographer_job_id TEXT,
+    correlation_id TEXT,
+    metadata JSONB NOT NULL DEFAULT '{}',
+    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    started_at TIMESTAMPTZ,
+    completed_at TIMESTAMPTZ,
+    error TEXT,
+    error_details JSONB
+);
+
+CREATE INDEX IF NOT EXISTS idx_graph_jobs_tenant_status ON scheduler.graph_jobs(tenant_id, status);
+CREATE INDEX IF NOT EXISTS idx_graph_jobs_sbom ON scheduler.graph_jobs(sbom_digest);
+
+-- Policy run jobs table
+CREATE TABLE IF NOT EXISTS scheduler.policy_jobs (
+    id TEXT PRIMARY KEY,
+    tenant_id TEXT NOT NULL,
+    policy_pack_id TEXT NOT NULL,
+    policy_version INT,
+    target_type TEXT NOT NULL,
+    target_id TEXT NOT NULL,
+    status TEXT NOT NULL CHECK (status IN ('pending','queued','running','completed','failed','cancelled')),
+    priority INT NOT NULL DEFAULT 100,
+    run_id TEXT,
+    requested_by TEXT,
+    mode TEXT,
+    metadata JSONB NOT NULL DEFAULT '{}',
+    inputs JSONB NOT NULL DEFAULT '{}',
+    attempt_count INT NOT NULL DEFAULT 0,
+    max_attempts INT NOT NULL DEFAULT 3,
+    queued_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    available_at TIMESTAMPTZ,
+    submitted_at TIMESTAMPTZ,
+    started_at TIMESTAMPTZ,
+    completed_at TIMESTAMPTZ,
+    cancellation_requested BOOLEAN NOT NULL DEFAULT FALSE,
+    cancellation_reason TEXT,
+    cancelled_at TIMESTAMPTZ,
+    last_attempt_at TIMESTAMPTZ,
+    last_error TEXT,
+    lease_owner TEXT,
+    lease_expires_at TIMESTAMPTZ,
+    correlation_id TEXT
+);
+
+CREATE INDEX IF NOT EXISTS idx_policy_jobs_tenant_status ON scheduler.policy_jobs(tenant_id, status);
+CREATE INDEX IF NOT EXISTS idx_policy_jobs_run ON scheduler.policy_jobs(run_id);
+
+-- Impact snapshots table
+CREATE TABLE IF NOT EXISTS scheduler.impact_snapshots (
+    id TEXT PRIMARY KEY,
+    tenant_id TEXT NOT NULL,
+    run_id TEXT NOT NULL REFERENCES scheduler.runs(id) ON DELETE CASCADE,
+    image_digest TEXT NOT NULL,
+    image_reference TEXT,
+    new_findings INT NOT NULL DEFAULT 0,
+    new_criticals INT NOT NULL DEFAULT 0,
+    new_high INT NOT NULL DEFAULT 0,
+    new_medium INT NOT NULL DEFAULT 0,
+    new_low INT NOT NULL DEFAULT 0,
+    total_findings INT NOT NULL DEFAULT 0,
+    kev_hits TEXT[] NOT NULL DEFAULT '{}',
+    top_findings JSONB NOT NULL DEFAULT '[]',
+    report_url TEXT,
+    attestation JSONB NOT NULL DEFAULT '{}',
+    detected_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+CREATE INDEX IF NOT EXISTS idx_impact_snapshots_run ON scheduler.impact_snapshots(run_id);
+CREATE INDEX IF NOT EXISTS idx_impact_snapshots_tenant ON scheduler.impact_snapshots(tenant_id, detected_at DESC);
+
+-- Execution logs table
+CREATE TABLE IF NOT EXISTS scheduler.execution_logs (
+    id BIGSERIAL PRIMARY KEY,
+    run_id TEXT NOT NULL REFERENCES scheduler.runs(id) ON DELETE CASCADE,
+    logged_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    level TEXT NOT NULL,
+    message TEXT NOT NULL,
+    logger TEXT,
+    data JSONB NOT NULL DEFAULT '{}'
+);
+
+CREATE INDEX IF NOT EXISTS idx_execution_logs_run ON scheduler.execution_logs(run_id);
+
+-- Run summaries table
+CREATE TABLE IF NOT EXISTS scheduler.run_summaries (
+    id TEXT PRIMARY KEY,
+    tenant_id TEXT NOT NULL,
+    schedule_id TEXT REFERENCES scheduler.schedules(id),
+    period_start TIMESTAMPTZ NOT NULL,
+    period_end TIMESTAMPTZ NOT NULL,
+    total_runs INT NOT NULL DEFAULT 0,
+    successful_runs INT NOT NULL DEFAULT 0,
+    failed_runs INT NOT NULL DEFAULT 0,
+    cancelled_runs INT NOT NULL DEFAULT 0,
+    avg_duration_seconds NUMERIC(10,2),
+    max_duration_seconds INT,
+    min_duration_seconds INT,
+    total_findings_detected INT NOT NULL DEFAULT 0,
+    new_criticals INT NOT NULL DEFAULT 0,
+    computed_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    UNIQUE (tenant_id, schedule_id, period_start)
+);
+
+CREATE INDEX IF NOT EXISTS idx_run_summaries_tenant ON scheduler.run_summaries(tenant_id, period_start DESC);
+
+-- Audit table
+CREATE TABLE IF NOT EXISTS scheduler.audit (
+    id TEXT PRIMARY KEY,
+    tenant_id TEXT NOT NULL,
+    action TEXT NOT NULL,
+    entity_type TEXT NOT NULL,
+    entity_id TEXT NOT NULL,
+    actor TEXT,
+    actor_type TEXT,
+    old_value JSONB,
+    new_value JSONB,
+    details JSONB NOT NULL DEFAULT '{}',
+    ip_address INET,
+    occurred_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+CREATE INDEX IF NOT EXISTS idx_audit_tenant_time ON scheduler.audit(tenant_id, occurred_at DESC);
+CREATE INDEX IF NOT EXISTS idx_audit_entity ON scheduler.audit(entity_type, entity_id);