mirror of
https://github.com/bitwarden/server.git
synced 2025-06-30 15:42:48 -05:00
[SM-394] Secrets Manager (#2164)
Long lived feature branch for Secrets Manager Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> Co-authored-by: cd-bitwarden <106776772+cd-bitwarden@users.noreply.github.com> Co-authored-by: CarleyDiaz-Bitwarden <103955722+CarleyDiaz-Bitwarden@users.noreply.github.com> Co-authored-by: Thomas Avery <tavery@bitwarden.com> Co-authored-by: Colton Hurst <colton@coltonhurst.com>
This commit is contained in:
Oscar Hinton
@ -16,9 +16,83 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
{
|
||||
#pragma warning disable 612, 618
|
||||
modelBuilder
|
||||
.HasAnnotation("ProductVersion", "6.0.4")
|
||||
.HasAnnotation("ProductVersion", "6.0.12")
|
||||
.HasAnnotation("Relational:MaxIdentifierLength", 64);
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.AccessPolicy", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<DateTime>("CreationDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("Discriminator")
|
||||
.IsRequired()
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.Property<bool>("Read")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
b.Property<DateTime>("RevisionDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<bool>("Write")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
b.HasKey("Id")
|
||||
.HasAnnotation("SqlServer:Clustered", true);
|
||||
|
||||
b.ToTable("AccessPolicy", (string)null);
|
||||
|
||||
b.HasDiscriminator<string>("Discriminator").HasValue("AccessPolicy");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.ApiKey", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<string>("ClientSecret")
|
||||
.HasMaxLength(30)
|
||||
.HasColumnType("varchar(30)");
|
||||
|
||||
b.Property<DateTime>("CreationDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("EncryptedPayload")
|
||||
.HasMaxLength(4000)
|
||||
.HasColumnType("varchar(4000)");
|
||||
|
||||
b.Property<DateTime?>("ExpireAt")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("Key")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.Property<string>("Name")
|
||||
.HasMaxLength(200)
|
||||
.HasColumnType("varchar(200)");
|
||||
|
||||
b.Property<DateTime>("RevisionDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("Scope")
|
||||
.HasMaxLength(4000)
|
||||
.HasColumnType("varchar(4000)");
|
||||
|
||||
b.Property<Guid?>("ServiceAccountId")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.HasKey("Id")
|
||||
.HasAnnotation("SqlServer:Clustered", true);
|
||||
|
||||
b.HasIndex("ServiceAccountId")
|
||||
.HasAnnotation("SqlServer:Clustered", false);
|
||||
|
||||
b.ToTable("ApiKey", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.AuthRequest", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
@ -646,6 +720,9 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.Property<bool>("UseScim")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
b.Property<bool>("UseSecretsManager")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
b.Property<bool>("UseSso")
|
||||
.HasColumnType("tinyint(1)");
|
||||
|
||||
@ -834,6 +911,38 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.ToTable("Policy", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Project", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<DateTime>("CreationDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<DateTime?>("DeletedDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("Name")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.Property<Guid>("OrganizationId")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<DateTime>("RevisionDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.HasKey("Id")
|
||||
.HasAnnotation("SqlServer:Clustered", true);
|
||||
|
||||
b.HasIndex("DeletedDate")
|
||||
.HasAnnotation("SqlServer:Clustered", false);
|
||||
|
||||
b.HasIndex("OrganizationId")
|
||||
.HasAnnotation("SqlServer:Clustered", false);
|
||||
|
||||
b.ToTable("Project", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Provider", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
@ -956,6 +1065,44 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.ToTable("ProviderUser", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Secret", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<DateTime>("CreationDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<DateTime?>("DeletedDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("Key")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.Property<string>("Note")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.Property<Guid>("OrganizationId")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<DateTime>("RevisionDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("Value")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.HasKey("Id")
|
||||
.HasAnnotation("SqlServer:Clustered", true);
|
||||
|
||||
b.HasIndex("DeletedDate")
|
||||
.HasAnnotation("SqlServer:Clustered", false);
|
||||
|
||||
b.HasIndex("OrganizationId")
|
||||
.HasAnnotation("SqlServer:Clustered", false);
|
||||
|
||||
b.ToTable("Secret", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Send", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
@ -1013,6 +1160,32 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.ToTable("Send", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.ServiceAccount", b =>
|
||||
{
|
||||
b.Property<Guid>("Id")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<DateTime>("CreationDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.Property<string>("Name")
|
||||
.HasColumnType("longtext");
|
||||
|
||||
b.Property<Guid>("OrganizationId")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<DateTime>("RevisionDate")
|
||||
.HasColumnType("datetime(6)");
|
||||
|
||||
b.HasKey("Id")
|
||||
.HasAnnotation("SqlServer:Clustered", true);
|
||||
|
||||
b.HasIndex("OrganizationId")
|
||||
.HasAnnotation("SqlServer:Clustered", false);
|
||||
|
||||
b.ToTable("ServiceAccount", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.SsoConfig", b =>
|
||||
{
|
||||
b.Property<long>("Id")
|
||||
@ -1280,6 +1453,134 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.ToTable("User", (string)null);
|
||||
});
|
||||
|
||||
modelBuilder.Entity("ProjectSecret", b =>
|
||||
{
|
||||
b.Property<Guid>("ProjectsId")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.Property<Guid>("SecretsId")
|
||||
.HasColumnType("char(36)");
|
||||
|
||||
b.HasKey("ProjectsId", "SecretsId");
|
||||
|
||||
b.HasIndex("SecretsId");
|
||||
|
||||
b.ToTable("ProjectSecret");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.GroupProjectAccessPolicy", b =>
|
||||
{
|
||||
b.HasBaseType("Bit.Infrastructure.EntityFramework.Models.AccessPolicy");
|
||||
|
||||
b.Property<Guid?>("GrantedProjectId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("GrantedProjectId");
|
||||
|
||||
b.Property<Guid?>("GroupId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("GroupId");
|
||||
|
||||
b.HasIndex("GrantedProjectId");
|
||||
|
||||
b.HasIndex("GroupId");
|
||||
|
||||
b.HasDiscriminator().HasValue("group_project");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.GroupServiceAccountAccessPolicy", b =>
|
||||
{
|
||||
b.HasBaseType("Bit.Infrastructure.EntityFramework.Models.AccessPolicy");
|
||||
|
||||
b.Property<Guid?>("GrantedServiceAccountId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("GrantedServiceAccountId");
|
||||
|
||||
b.Property<Guid?>("GroupId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("GroupId");
|
||||
|
||||
b.HasIndex("GrantedServiceAccountId");
|
||||
|
||||
b.HasIndex("GroupId");
|
||||
|
||||
b.HasDiscriminator().HasValue("group_service_account");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.ServiceAccountProjectAccessPolicy", b =>
|
||||
{
|
||||
b.HasBaseType("Bit.Infrastructure.EntityFramework.Models.AccessPolicy");
|
||||
|
||||
b.Property<Guid?>("GrantedProjectId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("GrantedProjectId");
|
||||
|
||||
b.Property<Guid?>("ServiceAccountId")
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("ServiceAccountId");
|
||||
|
||||
b.HasIndex("GrantedProjectId");
|
||||
|
||||
b.HasIndex("ServiceAccountId");
|
||||
|
||||
b.HasDiscriminator().HasValue("service_account_project");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.UserProjectAccessPolicy", b =>
|
||||
{
|
||||
b.HasBaseType("Bit.Infrastructure.EntityFramework.Models.AccessPolicy");
|
||||
|
||||
b.Property<Guid?>("GrantedProjectId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("GrantedProjectId");
|
||||
|
||||
b.Property<Guid?>("OrganizationUserId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("OrganizationUserId");
|
||||
|
||||
b.HasIndex("GrantedProjectId");
|
||||
|
||||
b.HasIndex("OrganizationUserId");
|
||||
|
||||
b.HasDiscriminator().HasValue("user_project");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.UserServiceAccountAccessPolicy", b =>
|
||||
{
|
||||
b.HasBaseType("Bit.Infrastructure.EntityFramework.Models.AccessPolicy");
|
||||
|
||||
b.Property<Guid?>("GrantedServiceAccountId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("GrantedServiceAccountId");
|
||||
|
||||
b.Property<Guid?>("OrganizationUserId")
|
||||
.ValueGeneratedOnUpdateSometimes()
|
||||
.HasColumnType("char(36)")
|
||||
.HasColumnName("OrganizationUserId");
|
||||
|
||||
b.HasIndex("GrantedServiceAccountId");
|
||||
|
||||
b.HasIndex("OrganizationUserId");
|
||||
|
||||
b.HasDiscriminator().HasValue("user_service_account");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.ApiKey", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.ServiceAccount", "ServiceAccount")
|
||||
.WithMany()
|
||||
.HasForeignKey("ServiceAccountId");
|
||||
|
||||
b.Navigation("ServiceAccount");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.AuthRequest", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Device", "ResponseDevice")
|
||||
@ -1522,6 +1823,17 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.Navigation("Organization");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Project", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Organization", "Organization")
|
||||
.WithMany()
|
||||
.HasForeignKey("OrganizationId")
|
||||
.OnDelete(DeleteBehavior.Cascade)
|
||||
.IsRequired();
|
||||
|
||||
b.Navigation("Organization");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.ProviderOrganization", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Organization", "Organization")
|
||||
@ -1558,6 +1870,17 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.Navigation("User");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Secret", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Organization", "Organization")
|
||||
.WithMany()
|
||||
.HasForeignKey("OrganizationId")
|
||||
.OnDelete(DeleteBehavior.Cascade)
|
||||
.IsRequired();
|
||||
|
||||
b.Navigation("Organization");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Send", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Organization", "Organization")
|
||||
@ -1573,6 +1896,17 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.Navigation("User");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.ServiceAccount", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Organization", "Organization")
|
||||
.WithMany()
|
||||
.HasForeignKey("OrganizationId")
|
||||
.OnDelete(DeleteBehavior.Cascade)
|
||||
.IsRequired();
|
||||
|
||||
b.Navigation("Organization");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.SsoConfig", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Organization", "Organization")
|
||||
@ -1616,6 +1950,96 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.Navigation("User");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("ProjectSecret", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Project", null)
|
||||
.WithMany()
|
||||
.HasForeignKey("ProjectsId")
|
||||
.OnDelete(DeleteBehavior.Cascade)
|
||||
.IsRequired();
|
||||
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Secret", null)
|
||||
.WithMany()
|
||||
.HasForeignKey("SecretsId")
|
||||
.OnDelete(DeleteBehavior.Cascade)
|
||||
.IsRequired();
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.GroupProjectAccessPolicy", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Project", "GrantedProject")
|
||||
.WithMany("GroupAccessPolicies")
|
||||
.HasForeignKey("GrantedProjectId");
|
||||
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Group", "Group")
|
||||
.WithMany()
|
||||
.HasForeignKey("GroupId");
|
||||
|
||||
b.Navigation("GrantedProject");
|
||||
|
||||
b.Navigation("Group");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.GroupServiceAccountAccessPolicy", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.ServiceAccount", "GrantedServiceAccount")
|
||||
.WithMany()
|
||||
.HasForeignKey("GrantedServiceAccountId");
|
||||
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Group", "Group")
|
||||
.WithMany()
|
||||
.HasForeignKey("GroupId");
|
||||
|
||||
b.Navigation("GrantedServiceAccount");
|
||||
|
||||
b.Navigation("Group");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.ServiceAccountProjectAccessPolicy", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Project", "GrantedProject")
|
||||
.WithMany("ServiceAccountAccessPolicies")
|
||||
.HasForeignKey("GrantedProjectId");
|
||||
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.ServiceAccount", "ServiceAccount")
|
||||
.WithMany()
|
||||
.HasForeignKey("ServiceAccountId");
|
||||
|
||||
b.Navigation("GrantedProject");
|
||||
|
||||
b.Navigation("ServiceAccount");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.UserProjectAccessPolicy", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.Project", "GrantedProject")
|
||||
.WithMany("UserAccessPolicies")
|
||||
.HasForeignKey("GrantedProjectId");
|
||||
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.OrganizationUser", "OrganizationUser")
|
||||
.WithMany()
|
||||
.HasForeignKey("OrganizationUserId");
|
||||
|
||||
b.Navigation("GrantedProject");
|
||||
|
||||
b.Navigation("OrganizationUser");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.UserServiceAccountAccessPolicy", b =>
|
||||
{
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.ServiceAccount", "GrantedServiceAccount")
|
||||
.WithMany()
|
||||
.HasForeignKey("GrantedServiceAccountId");
|
||||
|
||||
b.HasOne("Bit.Infrastructure.EntityFramework.Models.OrganizationUser", "OrganizationUser")
|
||||
.WithMany()
|
||||
.HasForeignKey("OrganizationUserId");
|
||||
|
||||
b.Navigation("GrantedServiceAccount");
|
||||
|
||||
b.Navigation("OrganizationUser");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Cipher", b =>
|
||||
{
|
||||
b.Navigation("CollectionCiphers");
|
||||
@ -1661,6 +2085,15 @@ namespace Bit.MySqlMigrations.Migrations
|
||||
b.Navigation("CollectionUsers");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.Project", b =>
|
||||
{
|
||||
b.Navigation("GroupAccessPolicies");
|
||||
|
||||
b.Navigation("ServiceAccountAccessPolicies");
|
||||
|
||||
b.Navigation("UserAccessPolicies");
|
||||
});
|
||||
|
||||
modelBuilder.Entity("Bit.Infrastructure.EntityFramework.Models.User", b =>
|
||||
{
|
||||
b.Navigation("Ciphers");
|
||||
|
||||
Reference in New Issue
Block a user