db

package
v0.12.14-0...-77b6091 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2026 License: AGPL-3.0 Imports: 21 Imported by: 0

Documentation

Overview

Package db provides a database access layer for MySQL with support for read/write splitting, connection management, and type-safe SQL operations.

The package uses sqlc (https://sqlc.dev/) to generate type-safe Go code from SQL queries, providing compile-time verification of database operations.

Key features:

- Primary/replica configuration with automatic routing of reads and writes - Support for transactions - Type-safe query methods generated from SQL - Bulk insert operations for improved performance - BulkQuerier interface for type-safe bulk operations

Basic usage: 

// Initialize the database with primary and optional read replica
db, err := db.New(db.Config{
    PrimaryDSN:  "mysql://user:pass@primary:3306/dbname?parseTime=true",
    ReadOnlyDSN: "mysql://user:pass@replica:3306/dbname?parseTime=true",
})
if err != nil {
    return fmt.Errorf("database initialization failed: %w", err)
}
defer db.Close()

// Execute a read query using the read replica
workspace, err := db.Query.FindWorkspaceByID(ctx, db.RO(), workspaceID)
if err != nil {
    return fmt.Errorf("failed to find workspace: %w", err)
}

// Execute a write query using the read/write connection
err = db.Query.InsertKey(ctx, db.RW(), insertKeyParams)
if err != nil {
    return fmt.Errorf("failed to insert key: %w", err)
}

// Use bulk operations for efficient batch inserts
err = db.Query.BulkInsertKey(ctx, db.RW(), []db.InsertKeyParams{
    insertKeyParams1,
    insertKeyParams2,
    insertKeyParams3,
})
if err != nil {
    return fmt.Errorf("failed to bulk insert keys: %w", err)
}

// Type-safe bulk operations using the BulkQuerier interface
var bulkQuerier db.BulkQuerier = db.Query
err = bulkQuerier.BulkInsertKey(ctx, db.RW(), keyBatch)
if err != nil {
    return fmt.Errorf("failed to bulk insert via interface: %w", err)
}

This package relies on the standard Go database/sql package and the go-sql-driver/mysql driver for the actual database communication.

Package db provides database transaction utilities for the Unkey platform. It offers transaction lifecycle management with automatic rollback on errors and proper error wrapping for consistent fault handling across services.

The package is shared across all Unkey services including the API service for atomic key operations, admin service for workspace management, and audit service for logging operations.

Index

Constants

View Source 
const (
	// DefaultBackoff is the base duration for exponential backoff in database retries
	DefaultBackoff = 50 * time.Millisecond
	// DefaultAttempts is the maximum number of retry attempts for database operations
	DefaultAttempts = 3
)

Variables

This section is empty.

Functions

func IsConnectionError 

func IsConnectionError(err error) bool

IsConnectionError returns true if the error indicates a connection problem. This includes server gone (2006), server lost (2013), and network errors. These are transient errors that may resolve on retry with a new connection.

func IsDeadlockError 

func IsDeadlockError(err error) bool

IsDeadlockError returns true if the error is a MySQL deadlock error (1213). Deadlocks cause InnoDB to roll back the entire transaction. The entire transaction should be retried.

func IsDuplicateKeyError 

func IsDuplicateKeyError(err error) bool

func IsLockWaitTimeoutError 

func IsLockWaitTimeoutError(err error) bool

IsLockWaitTimeoutError returns true if the error is a MySQL lock wait timeout error (1205). By default, only the current statement is rolled back (not the entire transaction). See: https://dev.mysql.com/doc/refman/8.0/en/innodb-error-handling.html

func IsNotFound 

func IsNotFound(err error) bool

IsNotFound returns true if the error is sql.ErrNoRows. Use this for consistent not-found handling across the codebase.

func IsTooManyConnectionsError 

func IsTooManyConnectionsError(err error) bool

IsTooManyConnectionsError returns true if the error is a MySQL too many connections error (1040). This is a transient error that may resolve when other connections are closed.

func IsTransientError 

func IsTransientError(err error) bool

IsTransientError returns true if the error is a transient MySQL error that should be retried. This includes deadlocks, lock wait timeouts, connection errors, and too many connections.

func New 

func New(config Config) (*database, error)

New creates a new database instance with the provided configuration. It establishes connections to the primary database and optionally to a read-only replica. Returns an error if connections cannot be established or if DSNs are misconfigured.

func ToMySQL 

func ToMySQL(d Database) mysql.MySQL

ToMySQL converts a Database into a [mysql.MySQL] by wrapping the underlying *sql.DB connections as mysql replicas. This is a temporary bridge while callers migrate from pkg/db to pkg/mysql. Remove this alongside mysql.NewReplicaFromDB and mysql.NewFromReplicas once all callers create databases via pkg/mysql.New directly.

func Tx 

func Tx(ctx context.Context, db *Replica, fn func(context.Context, DBTX) error) error

Tx executes fn within a database transaction without returning a result. It is a convenience wrapper around TxWithResult for operations that only need error handling.

Tx begins a transaction on db, executes fn with the transaction context, and commits on success or rolls back on failure. All database errors are wrapped with ServiceUnavailable fault codes.

The ctx parameter provides cancellation and timeout control. The db parameter must be a valid Replica instance. The fn parameter receives the transaction context and a DBTX interface for database operations.

Tx returns nil on successful commit, or an error if any step fails. Error handling follows the same patterns as TxWithResult.

Use Tx for operations that don't need to return values, such as:

  • Deleting records with audit logging
  • Updating configuration settings
  • Batch cleanup operations
  • State changes that only need success/failure indication

Example batch deletion with audit: 

err := db.Tx(ctx, database.RW(), func(ctx context.Context, tx db.DBTX) error {
	// Delete expired keys
	deletedCount, err := db.Query.DeleteExpiredKeys(ctx, tx, time.Now())
	if err != nil {
		return fmt.Errorf("failed to delete expired keys: %w", err)
	}

	// Log the cleanup operation
	err = db.Query.InsertAuditLog(ctx, tx, db.InsertAuditLogParams{
		Action:  "cleanup_expired_keys",
		Details: fmt.Sprintf("deleted %d expired keys", deletedCount),
	})
	if err != nil {
		return fmt.Errorf("failed to log cleanup: %w", err)
	}

	return nil
})
if err != nil {
	return fmt.Errorf("cleanup transaction failed: %w", err)
}

See TxWithResult for detailed transaction behavior and DBTX for available database operations.

func TxRetry 

func TxRetry(ctx context.Context, db *Replica, fn func(context.Context, DBTX) error) error

TxRetry executes a transaction with automatic retry on transient errors like deadlocks. It is a convenience wrapper around TxWithResultRetry for operations that don't return a value.

Usage: 

err := db.TxRetry(ctx, database.RW(), func(ctx context.Context, tx db.DBTX) error {
	// Perform transactional operations
	return nil
})

func TxWithResult 

func TxWithResult[T any](ctx context.Context, db *Replica, fn func(context.Context, DBTX) (T, error)) (T, error)

TxWithResult executes fn within a database transaction and returns the result. It begins a transaction on db, executes fn with the transaction context, and commits on success or rolls back on failure.

The function automatically handles the complete transaction lifecycle: begin, execute, and commit/rollback. All database errors are wrapped with ServiceUnavailable fault codes for consistent error handling.

TxWithResult is generic and preserves type safety for return values. The ctx parameter provides cancellation and timeout control for the entire transaction. The db parameter must be a valid Replica instance, typically from [Database.RW] for write operations.

The fn parameter receives the transaction context and a DBTX interface for database operations. It should perform all required operations and return the result with any error.

TxWithResult returns the function result on successful commit, or an error if any step fails. Transaction begin errors return ServiceUnavailable. Rollback errors during error handling also return ServiceUnavailable, except for sql.ErrTxDone which indicates the transaction was already completed. Commit errors return ServiceUnavailable.

Context cancellation triggers automatic rollback. The function is safe for concurrent use but callers must avoid operations that could deadlock with other concurrent transactions.

Common usage scenarios include:

  • Creating API keys with associated permissions atomically
  • Updating workspace settings with audit trail creation
  • Batch operations that must succeed or fail as a unit
  • Complex queries requiring consistency guarantees

Edge cases and limitations:

  • If fn returns an error, rollback is attempted even if the transaction is already in a failed state, which may produce additional errors
  • Database connection issues during commit may leave the transaction in an undefined state on the server side
  • Context cancellation after fn execution causes rollback instead of commit

Anti-patterns to avoid:

  • Long-running operations within fn that could timeout
  • Nesting calls to TxWithResult (creates nested transactions)
  • Ignoring the returned error from fn
  • Accessing the DBTX parameter outside of the fn callback

Use context.WithTimeout to prevent indefinite blocking. For operations that may conflict, implement retry logic with exponential backoff at the caller level.

Example atomic key creation with permissions: 

result, err := db.TxWithResult(ctx, database.RW(), func(ctx context.Context, tx db.DBTX) (*models.Key, error) {
	key, err := db.Query.InsertKey(ctx, tx, db.InsertKeyParams{
		ID:        keyID,
		KeyAuthID: keyAuthID,
		Hash:      hashedKey,
	})
	if err != nil {
		return nil, fmt.Errorf("failed to insert key: %w", err)
	}

	for _, permissionID := range permissionIDs {
		err = db.Query.InsertKeyPermission(ctx, tx, db.InsertKeyPermissionParams{
			KeyID:        key.ID,
			PermissionID: permissionID,
		})
		if err != nil {
			return nil, fmt.Errorf("failed to add permission: %w", err)
		}
	}

	return &key, nil
})
if err != nil {
	return fmt.Errorf("key creation transaction failed: %w", err)
}

Example with timeout handling: 

ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
defer cancel()

result, err := db.TxWithResult(ctx, database.RW(), func(ctx context.Context, tx db.DBTX) (*SomeResult, error) {
	// Context cancellation is automatically handled
	// Perform database operations...
	return &SomeResult{}, nil
})
if err != nil {
	return fmt.Errorf("transaction failed: %w", err)
}

See Replica.Begin for transaction initiation and DBTX for available operations within transactions. For read-only operations that don't require transactions, use query methods directly on [Database.RO].

func TxWithResultRetry 

func TxWithResultRetry[T any](ctx context.Context, db *Replica, fn func(context.Context, DBTX) (T, error)) (T, error)

TxWithResultRetry executes a transaction with automatic retry on transient errors. It wraps TxWithResult with retry logic, retrying the entire transaction (begin -> fn -> commit) on retryable errors.

This is useful for transactions that may encounter transient errors due to concurrent access patterns or temporary resource constraints. When such errors occur, MySQL rolls back the transaction, so we retry from the beginning.

Configuration:

  • 3 attempts maximum
  • Exponential backoff: 50ms, 100ms, 200ms

Retries on transient errors:

  • Deadlocks (MySQL error 1213)
  • Lock wait timeouts (MySQL error 1205)
  • Connection errors (MySQL errors 2006, 2013, network errors)
  • Too many connections (MySQL error 1040)

Does NOT retry on permanent errors:

  • Not found errors
  • Duplicate key errors (MySQL error 1062)

Usage: 

result, err := db.TxWithResultRetry(ctx, database.RW(), func(ctx context.Context, tx db.DBTX) (*Result, error) {
	// Perform transactional operations
	return &Result{}, nil
})

func UnmarshalNullableJSONTo 

func UnmarshalNullableJSONTo[T any](data any) (T, error)

UnmarshalNullableJSONTo unmarshals JSON data from database columns into Go types. It handles the common pattern where database queries return JSON as []byte that needs to be deserialized into structs, slices, or maps.

The function accepts 'any' type because database drivers return interface{} for JSON columns, even though the underlying value is typically []byte.

Returns:

  • (T, nil) on successful unmarshal
  • (zero, nil) if data is nil or empty []byte (these are valid null/empty states)
  • (zero, error) if type assertion fails or JSON unmarshal fails

Example usage: 

roles, err := UnmarshalNullableJSONTo[[]RoleInfo](row.Roles)
if err != nil {
    logger.Error("failed to unmarshal roles", "error", err)
    return err
}

func WithRetryContext 

func WithRetryContext[T any](ctx context.Context, fn func() (T, error)) (T, error)

WithRetryContext executes a database operation with optimized retry configuration while respecting context cancellation and deadlines. It retries transient errors with exponential backoff but skips non-retryable errors like "not found" or "duplicate key" to avoid unnecessary delays.

Context behavior:

  • Returns immediately if context is already cancelled or deadline exceeded
  • Detects context cancellation during backoff sleep without waiting for full duration
  • Returns context.Canceled or context.DeadlineExceeded on context errors

Configuration:

  • 3 attempts maximum
  • Exponential backoff: 50ms, 100ms, 200ms
  • Skips retries for "not found" and "duplicate key" errors

Usage: 

result, err := db.WithRetryContext(ctx, func() (SomeType, error) {
	return db.Query.SomeOperation(ctx, db.RO(), params)
})

Types

type AcmeChallenge 

type AcmeChallenge struct {
	Pk            uint64                      `db:"pk"`
	DomainID      string                      `db:"domain_id"`
	WorkspaceID   string                      `db:"workspace_id"`
	Token         string                      `db:"token"`
	ChallengeType AcmeChallengesChallengeType `db:"challenge_type"`
	Authorization string                      `db:"authorization"`
	Status        AcmeChallengesStatus        `db:"status"`
	ExpiresAt     int64                       `db:"expires_at"`
	CreatedAt     int64                       `db:"created_at"`
	UpdatedAt     sql.NullInt64               `db:"updated_at"`
}

type AcmeChallengesChallengeType 

type AcmeChallengesChallengeType string
const (
	AcmeChallengesChallengeTypeHTTP01 AcmeChallengesChallengeType = "HTTP-01"
	AcmeChallengesChallengeTypeDNS01  AcmeChallengesChallengeType = "DNS-01"
)

func (*AcmeChallengesChallengeType) Scan 

func (e *AcmeChallengesChallengeType) Scan(src interface{}) error

type AcmeChallengesStatus 

type AcmeChallengesStatus string
const (
	AcmeChallengesStatusWaiting  AcmeChallengesStatus = "waiting"
	AcmeChallengesStatusPending  AcmeChallengesStatus = "pending"
	AcmeChallengesStatusVerified AcmeChallengesStatus = "verified"
	AcmeChallengesStatusFailed   AcmeChallengesStatus = "failed"
)

func (*AcmeChallengesStatus) Scan 

func (e *AcmeChallengesStatus) Scan(src interface{}) error

type AcmeUser 

type AcmeUser struct {
	Pk              uint64         `db:"pk"`
	ID              string         `db:"id"`
	WorkspaceID     string         `db:"workspace_id"`
	EncryptedKey    string         `db:"encrypted_key"`
	RegistrationUri sql.NullString `db:"registration_uri"`
	CreatedAt       int64          `db:"created_at"`
	UpdatedAt       sql.NullInt64  `db:"updated_at"`
}

type Api 

type Api struct {
	Pk               uint64           `db:"pk"`
	ID               string           `db:"id"`
	Name             string           `db:"name"`
	WorkspaceID      string           `db:"workspace_id"`
	IpWhitelist      sql.NullString   `db:"ip_whitelist"`
	AuthType         NullApisAuthType `db:"auth_type"`
	KeyAuthID        sql.NullString   `db:"key_auth_id"`
	CreatedAtM       int64            `db:"created_at_m"`
	UpdatedAtM       sql.NullInt64    `db:"updated_at_m"`
	DeletedAtM       sql.NullInt64    `db:"deleted_at_m"`
	DeleteProtection sql.NullBool     `db:"delete_protection"`
}

type ApisAuthType 

type ApisAuthType string
const (
	ApisAuthTypeKey ApisAuthType = "key"
	ApisAuthTypeJwt ApisAuthType = "jwt"
)

func (*ApisAuthType) Scan 

func (e *ApisAuthType) Scan(src interface{}) error

type App 

type App struct {
	Pk                  uint64         `db:"pk"`
	ID                  string         `db:"id"`
	WorkspaceID         string         `db:"workspace_id"`
	ProjectID           string         `db:"project_id"`
	Name                string         `db:"name"`
	Slug                string         `db:"slug"`
	DefaultBranch       string         `db:"default_branch"`
	CurrentDeploymentID sql.NullString `db:"current_deployment_id"`
	IsRolledBack        bool           `db:"is_rolled_back"`
	DeleteProtection    sql.NullBool   `db:"delete_protection"`
	CreatedAt           int64          `db:"created_at"`
	UpdatedAt           sql.NullInt64  `db:"updated_at"`
}

type AppBuildSetting 

type AppBuildSetting struct {
	Pk            uint64             `db:"pk"`
	WorkspaceID   string             `db:"workspace_id"`
	AppID         string             `db:"app_id"`
	EnvironmentID string             `db:"environment_id"`
	Dockerfile    string             `db:"dockerfile"`
	DockerContext string             `db:"docker_context"`
	WatchPaths    dbtype.StringSlice `db:"watch_paths"`
	AutoDeploy    bool               `db:"auto_deploy"`
	CreatedAt     int64              `db:"created_at"`
	UpdatedAt     sql.NullInt64      `db:"updated_at"`
}

type AppEnvironmentVariable 

type AppEnvironmentVariable struct {
	Pk               uint64                      `db:"pk"`
	ID               string                      `db:"id"`
	WorkspaceID      string                      `db:"workspace_id"`
	AppID            string                      `db:"app_id"`
	EnvironmentID    string                      `db:"environment_id"`
	Key              string                      `db:"key"`
	Value            string                      `db:"value"`
	Type             AppEnvironmentVariablesType `db:"type"`
	Description      sql.NullString              `db:"description"`
	DeleteProtection sql.NullBool                `db:"delete_protection"`
	CreatedAt        int64                       `db:"created_at"`
	UpdatedAt        sql.NullInt64               `db:"updated_at"`
}

type AppEnvironmentVariablesType 

type AppEnvironmentVariablesType string
const (
	AppEnvironmentVariablesTypeRecoverable AppEnvironmentVariablesType = "recoverable"
	AppEnvironmentVariablesTypeWriteonly   AppEnvironmentVariablesType = "writeonly"
)

func (*AppEnvironmentVariablesType) Scan 

func (e *AppEnvironmentVariablesType) Scan(src interface{}) error

type AppRegionalSetting 

type AppRegionalSetting struct {
	Pk                            uint64         `db:"pk"`
	WorkspaceID                   string         `db:"workspace_id"`
	AppID                         string         `db:"app_id"`
	EnvironmentID                 string         `db:"environment_id"`
	RegionID                      string         `db:"region_id"`
	Replicas                      int32          `db:"replicas"`
	HorizontalAutoscalingPolicyID sql.NullString `db:"horizontal_autoscaling_policy_id"`
	CreatedAt                     int64          `db:"created_at"`
	UpdatedAt                     sql.NullInt64  `db:"updated_at"`
}

type AppRuntimeSetting 

type AppRuntimeSetting struct {
	Pk               uint64                             `db:"pk"`
	WorkspaceID      string                             `db:"workspace_id"`
	AppID            string                             `db:"app_id"`
	EnvironmentID    string                             `db:"environment_id"`
	Port             int32                              `db:"port"`
	CpuMillicores    int32                              `db:"cpu_millicores"`
	MemoryMib        int32                              `db:"memory_mib"`
	StorageMib       uint32                             `db:"storage_mib"`
	Command          dbtype.StringSlice                 `db:"command"`
	Healthcheck      dbtype.NullHealthcheck             `db:"healthcheck"`
	ShutdownSignal   AppRuntimeSettingsShutdownSignal   `db:"shutdown_signal"`
	UpstreamProtocol AppRuntimeSettingsUpstreamProtocol `db:"upstream_protocol"`
	SentinelConfig   []byte                             `db:"sentinel_config"`
	OpenapiSpecPath  sql.NullString                     `db:"openapi_spec_path"`
	CreatedAt        int64                              `db:"created_at"`
	UpdatedAt        sql.NullInt64                      `db:"updated_at"`
}

type AppRuntimeSettingsShutdownSignal 

type AppRuntimeSettingsShutdownSignal string
const (
	AppRuntimeSettingsShutdownSignalSIGTERM AppRuntimeSettingsShutdownSignal = "SIGTERM"
	AppRuntimeSettingsShutdownSignalSIGINT  AppRuntimeSettingsShutdownSignal = "SIGINT"
	AppRuntimeSettingsShutdownSignalSIGQUIT AppRuntimeSettingsShutdownSignal = "SIGQUIT"
	AppRuntimeSettingsShutdownSignalSIGKILL AppRuntimeSettingsShutdownSignal = "SIGKILL"
)

func (*AppRuntimeSettingsShutdownSignal) Scan 

func (e *AppRuntimeSettingsShutdownSignal) Scan(src interface{}) error

type AppRuntimeSettingsUpstreamProtocol 

type AppRuntimeSettingsUpstreamProtocol string
const (
	AppRuntimeSettingsUpstreamProtocolHttp1 AppRuntimeSettingsUpstreamProtocol = "http1"
	AppRuntimeSettingsUpstreamProtocolH2c   AppRuntimeSettingsUpstreamProtocol = "h2c"
)

func (*AppRuntimeSettingsUpstreamProtocol) Scan 

func (e *AppRuntimeSettingsUpstreamProtocol) Scan(src interface{}) error

type AuditLog 

type AuditLog struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Bucket      string         `db:"bucket"`
	BucketID    string         `db:"bucket_id"`
	Event       string         `db:"event"`
	Time        int64          `db:"time"`
	Display     string         `db:"display"`
	RemoteIp    sql.NullString `db:"remote_ip"`
	UserAgent   sql.NullString `db:"user_agent"`
	ActorType   string         `db:"actor_type"`
	ActorID     string         `db:"actor_id"`
	ActorName   sql.NullString `db:"actor_name"`
	ActorMeta   []byte         `db:"actor_meta"`
	CreatedAt   int64          `db:"created_at"`
	UpdatedAt   sql.NullInt64  `db:"updated_at"`
}

type AuditLogTarget 

type AuditLogTarget struct {
	Pk          uint64         `db:"pk"`
	WorkspaceID string         `db:"workspace_id"`
	BucketID    string         `db:"bucket_id"`
	Bucket      string         `db:"bucket"`
	AuditLogID  string         `db:"audit_log_id"`
	DisplayName string         `db:"display_name"`
	Type        string         `db:"type"`
	ID          string         `db:"id"`
	Name        sql.NullString `db:"name"`
	Meta        []byte         `db:"meta"`
	CreatedAt   int64          `db:"created_at"`
	UpdatedAt   sql.NullInt64  `db:"updated_at"`
}

type BulkQuerier 

type BulkQuerier interface {
	InsertAcmeChallenges(ctx context.Context, db DBTX, args []InsertAcmeChallengeParams) error
	InsertAcmeUsers(ctx context.Context, db DBTX, args []InsertAcmeUserParams) error
	InsertApis(ctx context.Context, db DBTX, args []InsertApiParams) error
	UpsertAppBuildSettings(ctx context.Context, db DBTX, args []UpsertAppBuildSettingsParams) error
	InsertAppEnvironmentVariables(ctx context.Context, db DBTX, args []InsertAppEnvironmentVariableParams) error
	InsertApps(ctx context.Context, db DBTX, args []InsertAppParams) error
	UpsertAppRegionalSettings(ctx context.Context, db DBTX, args []UpsertAppRegionalSettingsParams) error
	UpsertAppRuntimeSettings(ctx context.Context, db DBTX, args []UpsertAppRuntimeSettingsParams) error
	InsertAuditLogs(ctx context.Context, db DBTX, args []InsertAuditLogParams) error
	InsertAuditLogTargets(ctx context.Context, db DBTX, args []InsertAuditLogTargetParams) error
	InsertCertificates(ctx context.Context, db DBTX, args []InsertCertificateParams) error
	InsertCiliumNetworkPolicies(ctx context.Context, db DBTX, args []InsertCiliumNetworkPolicyParams) error
	InsertClickhouseOutboxes(ctx context.Context, db DBTX, args []InsertClickhouseOutboxParams) error
	InsertClickhouseWorkspaceSettingses(ctx context.Context, db DBTX, args []InsertClickhouseWorkspaceSettingsParams) error
	UpsertRegion(ctx context.Context, db DBTX, args []UpsertRegionParams) error
	UpsertCluster(ctx context.Context, db DBTX, args []UpsertClusterParams) error
	InsertCustomDomains(ctx context.Context, db DBTX, args []InsertCustomDomainParams) error
	UpsertCustomDomain(ctx context.Context, db DBTX, args []UpsertCustomDomainParams) error
	InsertDeploymentChanges(ctx context.Context, db DBTX, args []InsertDeploymentChangeParams) error
	InsertDeployments(ctx context.Context, db DBTX, args []InsertDeploymentParams) error
	InsertDeploymentSteps(ctx context.Context, db DBTX, args []InsertDeploymentStepParams) error
	InsertDeploymentTopologies(ctx context.Context, db DBTX, args []InsertDeploymentTopologyParams) error
	InsertEnvironments(ctx context.Context, db DBTX, args []InsertEnvironmentParams) error
	UpsertEnvironment(ctx context.Context, db DBTX, args []UpsertEnvironmentParams) error
	InsertGithubRepoConnections(ctx context.Context, db DBTX, args []InsertGithubRepoConnectionParams) error
	InsertIdentities(ctx context.Context, db DBTX, args []InsertIdentityParams) error
	InsertIdentityRatelimits(ctx context.Context, db DBTX, args []InsertIdentityRatelimitParams) error
	UpsertIdentity(ctx context.Context, db DBTX, args []UpsertIdentityParams) error
	InsertFrontlineRoutes(ctx context.Context, db DBTX, args []InsertFrontlineRouteParams) error
	UpsertInstance(ctx context.Context, db DBTX, args []UpsertInstanceParams) error
	InsertKeyAuths(ctx context.Context, db DBTX, args []InsertKeyAuthParams) error
	InsertKeyEncryptions(ctx context.Context, db DBTX, args []InsertKeyEncryptionParams) error
	InsertKeys(ctx context.Context, db DBTX, args []InsertKeyParams) error
	InsertKeyRatelimits(ctx context.Context, db DBTX, args []InsertKeyRatelimitParams) error
	InsertKeyMigrations(ctx context.Context, db DBTX, args []InsertKeyMigrationParams) error
	InsertKeyPermissions(ctx context.Context, db DBTX, args []InsertKeyPermissionParams) error
	InsertKeyRoles(ctx context.Context, db DBTX, args []InsertKeyRoleParams) error
	InsertKeySpaces(ctx context.Context, db DBTX, args []InsertKeySpaceParams) error
	UpsertKeySpace(ctx context.Context, db DBTX, args []UpsertKeySpaceParams) error
	UpsertOpenApiSpec(ctx context.Context, db DBTX, args []UpsertOpenApiSpecParams) error
	InsertPermissions(ctx context.Context, db DBTX, args []InsertPermissionParams) error
	UpsertPortalBranding(ctx context.Context, db DBTX, args []UpsertPortalBrandingParams) error
	InsertPortalConfigs(ctx context.Context, db DBTX, args []InsertPortalConfigParams) error
	InsertPortalSessions(ctx context.Context, db DBTX, args []InsertPortalSessionParams) error
	InsertPortalSessionTokens(ctx context.Context, db DBTX, args []InsertPortalSessionTokenParams) error
	InsertProjects(ctx context.Context, db DBTX, args []InsertProjectParams) error
	UpsertQuota(ctx context.Context, db DBTX, args []UpsertQuotaParams) error
	InsertRatelimitNamespaces(ctx context.Context, db DBTX, args []InsertRatelimitNamespaceParams) error
	InsertRatelimitOverrides(ctx context.Context, db DBTX, args []InsertRatelimitOverrideParams) error
	InsertRoles(ctx context.Context, db DBTX, args []InsertRoleParams) error
	InsertRolePermissions(ctx context.Context, db DBTX, args []InsertRolePermissionParams) error
	InsertSentinels(ctx context.Context, db DBTX, args []InsertSentinelParams) error
	InsertWorkspaces(ctx context.Context, db DBTX, args []InsertWorkspaceParams) error
	UpsertWorkspace(ctx context.Context, db DBTX, args []UpsertWorkspaceParams) error
}

BulkQuerier contains bulk insert methods. 

var BulkQuery BulkQuerier = &BulkQueries{}

type BulkQueries 

type BulkQueries struct{}

func (*BulkQueries) InsertAcmeChallenges 

func (q *BulkQueries) InsertAcmeChallenges(ctx context.Context, db DBTX, args []InsertAcmeChallengeParams) error

InsertAcmeChallenges performs bulk insert in a single query

func (*BulkQueries) InsertAcmeUsers 

func (q *BulkQueries) InsertAcmeUsers(ctx context.Context, db DBTX, args []InsertAcmeUserParams) error

InsertAcmeUsers performs bulk insert in a single query

func (*BulkQueries) InsertApis 

func (q *BulkQueries) InsertApis(ctx context.Context, db DBTX, args []InsertApiParams) error

InsertApis performs bulk insert in a single query

func (*BulkQueries) InsertAppEnvironmentVariables 

func (q *BulkQueries) InsertAppEnvironmentVariables(ctx context.Context, db DBTX, args []InsertAppEnvironmentVariableParams) error

InsertAppEnvironmentVariables performs bulk insert in a single query

func (*BulkQueries) InsertApps 

func (q *BulkQueries) InsertApps(ctx context.Context, db DBTX, args []InsertAppParams) error

InsertApps performs bulk insert in a single query

func (*BulkQueries) InsertAuditLogTargets 

func (q *BulkQueries) InsertAuditLogTargets(ctx context.Context, db DBTX, args []InsertAuditLogTargetParams) error

InsertAuditLogTargets performs bulk insert in a single query

func (*BulkQueries) InsertAuditLogs 

func (q *BulkQueries) InsertAuditLogs(ctx context.Context, db DBTX, args []InsertAuditLogParams) error

InsertAuditLogs performs bulk insert in a single query

func (*BulkQueries) InsertCertificates 

func (q *BulkQueries) InsertCertificates(ctx context.Context, db DBTX, args []InsertCertificateParams) error

InsertCertificates performs bulk insert in a single query

func (*BulkQueries) InsertCiliumNetworkPolicies 

func (q *BulkQueries) InsertCiliumNetworkPolicies(ctx context.Context, db DBTX, args []InsertCiliumNetworkPolicyParams) error

InsertCiliumNetworkPolicies performs bulk insert in a single query

func (*BulkQueries) InsertClickhouseOutboxes 

func (q *BulkQueries) InsertClickhouseOutboxes(ctx context.Context, db DBTX, args []InsertClickhouseOutboxParams) error

InsertClickhouseOutboxes performs bulk insert in a single query

func (*BulkQueries) InsertClickhouseWorkspaceSettingses 

func (q *BulkQueries) InsertClickhouseWorkspaceSettingses(ctx context.Context, db DBTX, args []InsertClickhouseWorkspaceSettingsParams) error

InsertClickhouseWorkspaceSettingses performs bulk insert in a single query

func (*BulkQueries) InsertCustomDomains 

func (q *BulkQueries) InsertCustomDomains(ctx context.Context, db DBTX, args []InsertCustomDomainParams) error

InsertCustomDomains performs bulk insert in a single query

func (*BulkQueries) InsertDeploymentChanges 

func (q *BulkQueries) InsertDeploymentChanges(ctx context.Context, db DBTX, args []InsertDeploymentChangeParams) error

InsertDeploymentChanges performs bulk insert in a single query

func (*BulkQueries) InsertDeploymentSteps 

func (q *BulkQueries) InsertDeploymentSteps(ctx context.Context, db DBTX, args []InsertDeploymentStepParams) error

InsertDeploymentSteps performs bulk insert in a single query

func (*BulkQueries) InsertDeploymentTopologies 

func (q *BulkQueries) InsertDeploymentTopologies(ctx context.Context, db DBTX, args []InsertDeploymentTopologyParams) error

InsertDeploymentTopologies performs bulk insert in a single query

func (*BulkQueries) InsertDeployments 

func (q *BulkQueries) InsertDeployments(ctx context.Context, db DBTX, args []InsertDeploymentParams) error

InsertDeployments performs bulk insert in a single query

func (*BulkQueries) InsertEnvironments 

func (q *BulkQueries) InsertEnvironments(ctx context.Context, db DBTX, args []InsertEnvironmentParams) error

InsertEnvironments performs bulk insert in a single query

func (*BulkQueries) InsertFrontlineRoutes 

func (q *BulkQueries) InsertFrontlineRoutes(ctx context.Context, db DBTX, args []InsertFrontlineRouteParams) error

InsertFrontlineRoutes performs bulk insert in a single query

func (*BulkQueries) InsertGithubRepoConnections 

func (q *BulkQueries) InsertGithubRepoConnections(ctx context.Context, db DBTX, args []InsertGithubRepoConnectionParams) error

InsertGithubRepoConnections performs bulk insert in a single query

func (*BulkQueries) InsertIdentities 

func (q *BulkQueries) InsertIdentities(ctx context.Context, db DBTX, args []InsertIdentityParams) error

InsertIdentities performs bulk insert in a single query

func (*BulkQueries) InsertIdentityRatelimits 

func (q *BulkQueries) InsertIdentityRatelimits(ctx context.Context, db DBTX, args []InsertIdentityRatelimitParams) error

InsertIdentityRatelimits performs bulk insert in a single query

func (*BulkQueries) InsertKeyAuths 

func (q *BulkQueries) InsertKeyAuths(ctx context.Context, db DBTX, args []InsertKeyAuthParams) error

InsertKeyAuths performs bulk insert in a single query

func (*BulkQueries) InsertKeyEncryptions 

func (q *BulkQueries) InsertKeyEncryptions(ctx context.Context, db DBTX, args []InsertKeyEncryptionParams) error

InsertKeyEncryptions performs bulk insert in a single query

func (*BulkQueries) InsertKeyMigrations 

func (q *BulkQueries) InsertKeyMigrations(ctx context.Context, db DBTX, args []InsertKeyMigrationParams) error

InsertKeyMigrations performs bulk insert in a single query

func (*BulkQueries) InsertKeyPermissions 

func (q *BulkQueries) InsertKeyPermissions(ctx context.Context, db DBTX, args []InsertKeyPermissionParams) error

InsertKeyPermissions performs bulk insert in a single query

func (*BulkQueries) InsertKeyRatelimits 

func (q *BulkQueries) InsertKeyRatelimits(ctx context.Context, db DBTX, args []InsertKeyRatelimitParams) error

InsertKeyRatelimits performs bulk insert in a single query

func (*BulkQueries) InsertKeyRoles 

func (q *BulkQueries) InsertKeyRoles(ctx context.Context, db DBTX, args []InsertKeyRoleParams) error

InsertKeyRoles performs bulk insert in a single query

func (*BulkQueries) InsertKeySpaces 

func (q *BulkQueries) InsertKeySpaces(ctx context.Context, db DBTX, args []InsertKeySpaceParams) error

InsertKeySpaces performs bulk insert in a single query

func (*BulkQueries) InsertKeys 

func (q *BulkQueries) InsertKeys(ctx context.Context, db DBTX, args []InsertKeyParams) error

InsertKeys performs bulk insert in a single query

func (*BulkQueries) InsertPermissions 

func (q *BulkQueries) InsertPermissions(ctx context.Context, db DBTX, args []InsertPermissionParams) error

InsertPermissions performs bulk insert in a single query

func (*BulkQueries) InsertPortalConfigs 

func (q *BulkQueries) InsertPortalConfigs(ctx context.Context, db DBTX, args []InsertPortalConfigParams) error

InsertPortalConfigs performs bulk insert in a single query

func (*BulkQueries) InsertPortalSessionTokens 

func (q *BulkQueries) InsertPortalSessionTokens(ctx context.Context, db DBTX, args []InsertPortalSessionTokenParams) error

InsertPortalSessionTokens performs bulk insert in a single query

func (*BulkQueries) InsertPortalSessions 

func (q *BulkQueries) InsertPortalSessions(ctx context.Context, db DBTX, args []InsertPortalSessionParams) error

InsertPortalSessions performs bulk insert in a single query

func (*BulkQueries) InsertProjects 

func (q *BulkQueries) InsertProjects(ctx context.Context, db DBTX, args []InsertProjectParams) error

InsertProjects performs bulk insert in a single query

func (*BulkQueries) InsertRatelimitNamespaces 

func (q *BulkQueries) InsertRatelimitNamespaces(ctx context.Context, db DBTX, args []InsertRatelimitNamespaceParams) error

InsertRatelimitNamespaces performs bulk insert in a single query

func (*BulkQueries) InsertRatelimitOverrides 

func (q *BulkQueries) InsertRatelimitOverrides(ctx context.Context, db DBTX, args []InsertRatelimitOverrideParams) error

InsertRatelimitOverrides performs bulk insert in a single query

func (*BulkQueries) InsertRolePermissions 

func (q *BulkQueries) InsertRolePermissions(ctx context.Context, db DBTX, args []InsertRolePermissionParams) error

InsertRolePermissions performs bulk insert in a single query

func (*BulkQueries) InsertRoles 

func (q *BulkQueries) InsertRoles(ctx context.Context, db DBTX, args []InsertRoleParams) error

InsertRoles performs bulk insert in a single query

func (*BulkQueries) InsertSentinels 

func (q *BulkQueries) InsertSentinels(ctx context.Context, db DBTX, args []InsertSentinelParams) error

InsertSentinels performs bulk insert in a single query

func (*BulkQueries) InsertWorkspaces 

func (q *BulkQueries) InsertWorkspaces(ctx context.Context, db DBTX, args []InsertWorkspaceParams) error

InsertWorkspaces performs bulk insert in a single query

func (*BulkQueries) UpsertAppBuildSettings 

func (q *BulkQueries) UpsertAppBuildSettings(ctx context.Context, db DBTX, args []UpsertAppBuildSettingsParams) error

UpsertAppBuildSettings performs bulk insert in a single query

func (*BulkQueries) UpsertAppRegionalSettings 

func (q *BulkQueries) UpsertAppRegionalSettings(ctx context.Context, db DBTX, args []UpsertAppRegionalSettingsParams) error

UpsertAppRegionalSettings performs bulk insert in a single query

func (*BulkQueries) UpsertAppRuntimeSettings 

func (q *BulkQueries) UpsertAppRuntimeSettings(ctx context.Context, db DBTX, args []UpsertAppRuntimeSettingsParams) error

UpsertAppRuntimeSettings performs bulk insert in a single query

func (*BulkQueries) UpsertCluster 

func (q *BulkQueries) UpsertCluster(ctx context.Context, db DBTX, args []UpsertClusterParams) error

UpsertCluster performs bulk insert in a single query

func (*BulkQueries) UpsertCustomDomain 

func (q *BulkQueries) UpsertCustomDomain(ctx context.Context, db DBTX, args []UpsertCustomDomainParams) error

UpsertCustomDomain performs bulk insert in a single query

func (*BulkQueries) UpsertEnvironment 

func (q *BulkQueries) UpsertEnvironment(ctx context.Context, db DBTX, args []UpsertEnvironmentParams) error

UpsertEnvironment performs bulk insert in a single query

func (*BulkQueries) UpsertIdentity 

func (q *BulkQueries) UpsertIdentity(ctx context.Context, db DBTX, args []UpsertIdentityParams) error

UpsertIdentity performs bulk insert in a single query

func (*BulkQueries) UpsertInstance 

func (q *BulkQueries) UpsertInstance(ctx context.Context, db DBTX, args []UpsertInstanceParams) error

UpsertInstance performs bulk insert in a single query

func (*BulkQueries) UpsertKeySpace 

func (q *BulkQueries) UpsertKeySpace(ctx context.Context, db DBTX, args []UpsertKeySpaceParams) error

UpsertKeySpace performs bulk insert in a single query

func (*BulkQueries) UpsertOpenApiSpec 

func (q *BulkQueries) UpsertOpenApiSpec(ctx context.Context, db DBTX, args []UpsertOpenApiSpecParams) error

UpsertOpenApiSpec performs bulk insert in a single query

func (*BulkQueries) UpsertPortalBranding 

func (q *BulkQueries) UpsertPortalBranding(ctx context.Context, db DBTX, args []UpsertPortalBrandingParams) error

UpsertPortalBranding performs bulk insert in a single query

func (*BulkQueries) UpsertQuota 

func (q *BulkQueries) UpsertQuota(ctx context.Context, db DBTX, args []UpsertQuotaParams) error

UpsertQuota performs bulk insert in a single query

func (*BulkQueries) UpsertRegion 

func (q *BulkQueries) UpsertRegion(ctx context.Context, db DBTX, args []UpsertRegionParams) error

UpsertRegion performs bulk insert in a single query

func (*BulkQueries) UpsertWorkspace 

func (q *BulkQueries) UpsertWorkspace(ctx context.Context, db DBTX, args []UpsertWorkspaceParams) error

UpsertWorkspace performs bulk insert in a single query

type Certificate 

type Certificate struct {
	Pk                  uint64        `db:"pk"`
	ID                  string        `db:"id"`
	WorkspaceID         string        `db:"workspace_id"`
	Hostname            string        `db:"hostname"`
	Certificate         string        `db:"certificate"`
	EncryptedPrivateKey string        `db:"encrypted_private_key"`
	CreatedAt           int64         `db:"created_at"`
	UpdatedAt           sql.NullInt64 `db:"updated_at"`
}

type CiliumNetworkPolicy 

type CiliumNetworkPolicy struct {
	Pk            uint64          `db:"pk"`
	ID            string          `db:"id"`
	WorkspaceID   string          `db:"workspace_id"`
	ProjectID     string          `db:"project_id"`
	AppID         string          `db:"app_id"`
	EnvironmentID string          `db:"environment_id"`
	DeploymentID  string          `db:"deployment_id"`
	K8sName       string          `db:"k8s_name"`
	K8sNamespace  string          `db:"k8s_namespace"`
	RegionID      string          `db:"region_id"`
	Policy        json.RawMessage `db:"policy"`
	CreatedAt     int64           `db:"created_at"`
	UpdatedAt     sql.NullInt64   `db:"updated_at"`
}

type ClearAcmeChallengeTokensParams 

type ClearAcmeChallengeTokensParams struct {
	Token         string        `db:"token"`
	Authorization string        `db:"authorization"`
	UpdatedAt     sql.NullInt64 `db:"updated_at"`
	DomainID      string        `db:"domain_id"`
}

type ClickhouseOutbox 

type ClickhouseOutbox struct {
	Pk          uint64          `db:"pk"`
	Version     string          `db:"version"`
	WorkspaceID string          `db:"workspace_id"`
	EventID     string          `db:"event_id"`
	Payload     json.RawMessage `db:"payload"`
	CreatedAt   int64           `db:"created_at"`
	DeletedAt   sql.NullInt64   `db:"deleted_at"`
}

type ClickhouseWorkspaceSetting 

type ClickhouseWorkspaceSetting struct {
	Pk                        uint64        `db:"pk"`
	WorkspaceID               string        `db:"workspace_id"`
	Username                  string        `db:"username"`
	PasswordEncrypted         string        `db:"password_encrypted"`
	QuotaDurationSeconds      int32         `db:"quota_duration_seconds"`
	MaxQueriesPerWindow       int32         `db:"max_queries_per_window"`
	MaxExecutionTimePerWindow int32         `db:"max_execution_time_per_window"`
	MaxQueryExecutionTime     int32         `db:"max_query_execution_time"`
	MaxQueryMemoryBytes       int64         `db:"max_query_memory_bytes"`
	MaxQueryResultRows        int32         `db:"max_query_result_rows"`
	CreatedAt                 int64         `db:"created_at"`
	UpdatedAt                 sql.NullInt64 `db:"updated_at"`
}

type Cluster 

type Cluster struct {
	Pk              uint64 `db:"pk"`
	ID              string `db:"id"`
	RegionID        string `db:"region_id"`
	LastHeartbeatAt uint64 `db:"last_heartbeat_at"`
}

type CompareAndSwapDeploymentStatusParams 

type CompareAndSwapDeploymentStatusParams struct {
	NewStatus      DeploymentsStatus `db:"new_status"`
	UpdatedAt      sql.NullInt64     `db:"updated_at"`
	ID             string            `db:"id"`
	ExpectedStatus DeploymentsStatus `db:"expected_status"`
}

type Config 

type Config struct {
	// The primary DSN for your database. This must support both reads and writes.
	PrimaryDSN string

	// The readonly replica will be used for most read queries.
	// If omitted, the primary is used.
	ReadOnlyDSN string
}

Config defines the parameters needed to establish database connections. It supports separate connections for read and write operations to allow for primary/replica setups.

type CustomDomain 

type CustomDomain struct {
	Pk                    uint64                          `db:"pk"`
	ID                    string                          `db:"id"`
	WorkspaceID           string                          `db:"workspace_id"`
	ProjectID             string                          `db:"project_id"`
	AppID                 string                          `db:"app_id"`
	EnvironmentID         string                          `db:"environment_id"`
	Domain                string                          `db:"domain"`
	ChallengeType         CustomDomainsChallengeType      `db:"challenge_type"`
	VerificationStatus    CustomDomainsVerificationStatus `db:"verification_status"`
	VerificationToken     string                          `db:"verification_token"`
	OwnershipVerified     bool                            `db:"ownership_verified"`
	CnameVerified         bool                            `db:"cname_verified"`
	TargetCname           string                          `db:"target_cname"`
	LastCheckedAt         sql.NullInt64                   `db:"last_checked_at"`
	CheckAttempts         int32                           `db:"check_attempts"`
	VerificationError     sql.NullString                  `db:"verification_error"`
	DomainConnectProvider sql.NullString                  `db:"domain_connect_provider"`
	DomainConnectUrl      sql.NullString                  `db:"domain_connect_url"`
	InvocationID          sql.NullString                  `db:"invocation_id"`
	CreatedAt             int64                           `db:"created_at"`
	UpdatedAt             sql.NullInt64                   `db:"updated_at"`
}

type CustomDomainsChallengeType 

type CustomDomainsChallengeType string
const (
	CustomDomainsChallengeTypeHTTP01 CustomDomainsChallengeType = "HTTP-01"
	CustomDomainsChallengeTypeDNS01  CustomDomainsChallengeType = "DNS-01"
)

func (*CustomDomainsChallengeType) Scan 

func (e *CustomDomainsChallengeType) Scan(src interface{}) error

type CustomDomainsVerificationStatus 

type CustomDomainsVerificationStatus string
const (
	CustomDomainsVerificationStatusPending   CustomDomainsVerificationStatus = "pending"
	CustomDomainsVerificationStatusVerifying CustomDomainsVerificationStatus = "verifying"
	CustomDomainsVerificationStatusVerified  CustomDomainsVerificationStatus = "verified"
	CustomDomainsVerificationStatusFailed    CustomDomainsVerificationStatus = "failed"
)

func (*CustomDomainsVerificationStatus) Scan 

func (e *CustomDomainsVerificationStatus) Scan(src interface{}) error

type DBTX 

type DBTX interface {
	ExecContext(context.Context, string, ...interface{}) (sql.Result, error)
	PrepareContext(context.Context, string) (*sql.Stmt, error)
	QueryContext(context.Context, string, ...interface{}) (*sql.Rows, error)
	QueryRowContext(context.Context, string, ...interface{}) *sql.Row
}

DBTX is an interface that abstracts database operations for both direct connections and transactions. It allows query methods to work with either a database or transaction, making transaction handling more flexible.

This interface is implemented by both sql.DB and sql.Tx, as well as the custom Replica type in this package.

type DBTx 

type DBTx interface {
	DBTX
	Commit() error
	Rollback() error
}

DBTx represents a database transaction with commit and rollback capabilities. It extends DBTX with transaction-specific methods.

func WrapTxWithContext 

func WrapTxWithContext(tx *sql.Tx, mode string, ctx context.Context) DBTx

WrapTxWithContext wraps a standard sql.Tx with our DBTx interface for tracing, using the provided context

type Database 

type Database interface {
	// RW returns the write (primary) replica for write operations
	RW() *Replica

	// RO returns the read replica for read operations
	// If no read replica is configured, it returns the write replica
	RO() *Replica

	// Close properly terminates all database connections
	Close() error
}

Database defines the interface for database operations, providing access to read and write replicas and the ability to close connections.

type DeleteDeploymentInstancesParams 

type DeleteDeploymentInstancesParams struct {
	DeploymentID string `db:"deployment_id"`
	RegionID     string `db:"region_id"`
}

type DeleteDeploymentTopologyByDeploymentRegionParams 

type DeleteDeploymentTopologyByDeploymentRegionParams struct {
	DeploymentID string `db:"deployment_id"`
	RegionID     string `db:"region_id"`
}

type DeleteIdentityParams 

type DeleteIdentityParams struct {
	IdentityID  string `db:"identity_id"`
	WorkspaceID string `db:"workspace_id"`
}

type DeleteInstanceParams 

type DeleteInstanceParams struct {
	K8sName  string `db:"k8s_name"`
	RegionID string `db:"region_id"`
}

type DeleteKeyPermissionByKeyAndPermissionIDParams 

type DeleteKeyPermissionByKeyAndPermissionIDParams struct {
	KeyID        string `db:"key_id"`
	PermissionID string `db:"permission_id"`
}

type DeleteManyKeyPermissionByKeyAndPermissionIDsParams 

type DeleteManyKeyPermissionByKeyAndPermissionIDsParams struct {
	KeyID string   `db:"key_id"`
	Ids   []string `db:"ids"`
}

type DeleteManyKeyRolesByKeyAndRoleIDsParams 

type DeleteManyKeyRolesByKeyAndRoleIDsParams struct {
	KeyID   string   `db:"key_id"`
	RoleIds []string `db:"role_ids"`
}

type DeleteManyKeyRolesByKeyIDParams 

type DeleteManyKeyRolesByKeyIDParams struct {
	KeyID  string `db:"key_id"`
	RoleID string `db:"role_id"`
}

type DeleteOldIdentityByExternalIDParams 

type DeleteOldIdentityByExternalIDParams struct {
	WorkspaceID       string `db:"workspace_id"`
	ExternalID        string `db:"external_id"`
	CurrentIdentityID string `db:"current_identity_id"`
}

type DeleteOldIdentityWithRatelimitsParams 

type DeleteOldIdentityWithRatelimitsParams struct {
	WorkspaceID string `db:"workspace_id"`
	Identity    string `db:"identity"`
}

type DeleteRatelimitNamespaceParams 

type DeleteRatelimitNamespaceParams struct {
	Now sql.NullInt64 `db:"now"`
	ID  string        `db:"id"`
}

type Deployment 

type Deployment struct {
	Pk                            uint64                      `db:"pk"`
	ID                            string                      `db:"id"`
	K8sName                       string                      `db:"k8s_name"`
	WorkspaceID                   string                      `db:"workspace_id"`
	ProjectID                     string                      `db:"project_id"`
	EnvironmentID                 string                      `db:"environment_id"`
	AppID                         string                      `db:"app_id"`
	Image                         sql.NullString              `db:"image"`
	BuildID                       sql.NullString              `db:"build_id"`
	GitCommitSha                  sql.NullString              `db:"git_commit_sha"`
	GitBranch                     sql.NullString              `db:"git_branch"`
	GitCommitMessage              sql.NullString              `db:"git_commit_message"`
	GitCommitAuthorHandle         sql.NullString              `db:"git_commit_author_handle"`
	GitCommitAuthorAvatarUrl      sql.NullString              `db:"git_commit_author_avatar_url"`
	GitCommitTimestamp            sql.NullInt64               `db:"git_commit_timestamp"`
	SentinelConfig                []byte                      `db:"sentinel_config"`
	CpuMillicores                 int32                       `db:"cpu_millicores"`
	MemoryMib                     int32                       `db:"memory_mib"`
	StorageMib                    uint32                      `db:"storage_mib"`
	DesiredState                  DeploymentsDesiredState     `db:"desired_state"`
	EncryptedEnvironmentVariables []byte                      `db:"encrypted_environment_variables"`
	Command                       dbtype.StringSlice          `db:"command"`
	Port                          int32                       `db:"port"`
	ShutdownSignal                DeploymentsShutdownSignal   `db:"shutdown_signal"`
	UpstreamProtocol              DeploymentsUpstreamProtocol `db:"upstream_protocol"`
	Healthcheck                   dbtype.NullHealthcheck      `db:"healthcheck"`
	PrNumber                      sql.NullInt64               `db:"pr_number"`
	ForkRepositoryFullName        sql.NullString              `db:"fork_repository_full_name"`
	GithubDeploymentID            sql.NullInt64               `db:"github_deployment_id"`
	InvocationID                  sql.NullString              `db:"invocation_id"`
	Status                        DeploymentsStatus           `db:"status"`
	CreatedAt                     int64                       `db:"created_at"`
	UpdatedAt                     sql.NullInt64               `db:"updated_at"`
}

type DeploymentChange 

type DeploymentChange struct {
	Pk           uint64                        `db:"pk"`
	ResourceType DeploymentChangesResourceType `db:"resource_type"`
	ResourceID   string                        `db:"resource_id"`
	RegionID     string                        `db:"region_id"`
	CreatedAt    int64                         `db:"created_at"`
}

type DeploymentChangesResourceType 

type DeploymentChangesResourceType string
const (
	DeploymentChangesResourceTypeDeploymentTopology  DeploymentChangesResourceType = "deployment_topology"
	DeploymentChangesResourceTypeSentinel            DeploymentChangesResourceType = "sentinel"
	DeploymentChangesResourceTypeCiliumNetworkPolicy DeploymentChangesResourceType = "cilium_network_policy"
)

func (*DeploymentChangesResourceType) Scan 

func (e *DeploymentChangesResourceType) Scan(src interface{}) error

type DeploymentStep 

type DeploymentStep struct {
	Pk            uint64              `db:"pk"`
	WorkspaceID   string              `db:"workspace_id"`
	ProjectID     string              `db:"project_id"`
	EnvironmentID string              `db:"environment_id"`
	DeploymentID  string              `db:"deployment_id"`
	AppID         string              `db:"app_id"`
	Step          DeploymentStepsStep `db:"step"`
	StartedAt     uint64              `db:"started_at"`
	EndedAt       sql.NullInt64       `db:"ended_at"`
	Error         sql.NullString      `db:"error"`
}

type DeploymentStepsStep 

type DeploymentStepsStep string
const (
	DeploymentStepsStepQueued     DeploymentStepsStep = "queued"
	DeploymentStepsStepStarting   DeploymentStepsStep = "starting"
	DeploymentStepsStepBuilding   DeploymentStepsStep = "building"
	DeploymentStepsStepDeploying  DeploymentStepsStep = "deploying"
	DeploymentStepsStepNetwork    DeploymentStepsStep = "network"
	DeploymentStepsStepFinalizing DeploymentStepsStep = "finalizing"
)

func (*DeploymentStepsStep) Scan 

func (e *DeploymentStepsStep) Scan(src interface{}) error

type DeploymentTopology 

type DeploymentTopology struct {
	Pk                         uint64                          `db:"pk"`
	WorkspaceID                string                          `db:"workspace_id"`
	DeploymentID               string                          `db:"deployment_id"`
	RegionID                   string                          `db:"region_id"`
	AutoscalingReplicasMin     uint32                          `db:"autoscaling_replicas_min"`
	AutoscalingReplicasMax     uint32                          `db:"autoscaling_replicas_max"`
	AutoscalingThresholdCpu    sql.NullInt16                   `db:"autoscaling_threshold_cpu"`
	AutoscalingThresholdMemory sql.NullInt16                   `db:"autoscaling_threshold_memory"`
	DesiredStatus              DeploymentTopologyDesiredStatus `db:"desired_status"`
	CreatedAt                  int64                           `db:"created_at"`
	UpdatedAt                  sql.NullInt64                   `db:"updated_at"`
}

type DeploymentTopologyDesiredStatus 

type DeploymentTopologyDesiredStatus string
const (
	DeploymentTopologyDesiredStatusStopped DeploymentTopologyDesiredStatus = "stopped"
	DeploymentTopologyDesiredStatusRunning DeploymentTopologyDesiredStatus = "running"
)

func (*DeploymentTopologyDesiredStatus) Scan 

func (e *DeploymentTopologyDesiredStatus) Scan(src interface{}) error

type DeploymentsDesiredState 

type DeploymentsDesiredState string
const (
	DeploymentsDesiredStateRunning  DeploymentsDesiredState = "running"
	DeploymentsDesiredStateStandby  DeploymentsDesiredState = "standby"
	DeploymentsDesiredStateArchived DeploymentsDesiredState = "archived"
)

func (*DeploymentsDesiredState) Scan 

func (e *DeploymentsDesiredState) Scan(src interface{}) error

type DeploymentsShutdownSignal 

type DeploymentsShutdownSignal string
const (
	DeploymentsShutdownSignalSIGTERM DeploymentsShutdownSignal = "SIGTERM"
	DeploymentsShutdownSignalSIGINT  DeploymentsShutdownSignal = "SIGINT"
	DeploymentsShutdownSignalSIGQUIT DeploymentsShutdownSignal = "SIGQUIT"
	DeploymentsShutdownSignalSIGKILL DeploymentsShutdownSignal = "SIGKILL"
)

func (*DeploymentsShutdownSignal) Scan 

func (e *DeploymentsShutdownSignal) Scan(src interface{}) error

type DeploymentsStatus 

type DeploymentsStatus string
const (
	DeploymentsStatusPending          DeploymentsStatus = "pending"
	DeploymentsStatusStarting         DeploymentsStatus = "starting"
	DeploymentsStatusBuilding         DeploymentsStatus = "building"
	DeploymentsStatusDeploying        DeploymentsStatus = "deploying"
	DeploymentsStatusNetwork          DeploymentsStatus = "network"
	DeploymentsStatusFinalizing       DeploymentsStatus = "finalizing"
	DeploymentsStatusReady            DeploymentsStatus = "ready"
	DeploymentsStatusFailed           DeploymentsStatus = "failed"
	DeploymentsStatusSkipped          DeploymentsStatus = "skipped"
	DeploymentsStatusAwaitingApproval DeploymentsStatus = "awaiting_approval"
	DeploymentsStatusStopped          DeploymentsStatus = "stopped"
	DeploymentsStatusSuperseded       DeploymentsStatus = "superseded"
	DeploymentsStatusCancelled        DeploymentsStatus = "cancelled"
)

func (*DeploymentsStatus) Scan 

func (e *DeploymentsStatus) Scan(src interface{}) error

type DeploymentsUpstreamProtocol 

type DeploymentsUpstreamProtocol string
const (
	DeploymentsUpstreamProtocolHttp1 DeploymentsUpstreamProtocol = "http1"
	DeploymentsUpstreamProtocolH2c   DeploymentsUpstreamProtocol = "h2c"
)

func (*DeploymentsUpstreamProtocol) Scan 

func (e *DeploymentsUpstreamProtocol) Scan(src interface{}) error

type EncryptedKey 

type EncryptedKey struct {
	Pk              uint64        `db:"pk"`
	WorkspaceID     string        `db:"workspace_id"`
	KeyID           string        `db:"key_id"`
	CreatedAt       int64         `db:"created_at"`
	UpdatedAt       sql.NullInt64 `db:"updated_at"`
	Encrypted       string        `db:"encrypted"`
	EncryptionKeyID string        `db:"encryption_key_id"`
}

type EndActiveDeploymentStepsForDeploymentsParams 

type EndActiveDeploymentStepsForDeploymentsParams struct {
	EndedAt       sql.NullInt64  `db:"ended_at"`
	Error         sql.NullString `db:"error"`
	DeploymentIds []string       `db:"deployment_ids"`
}

type EndActiveDeploymentStepsWithErrorParams 

type EndActiveDeploymentStepsWithErrorParams struct {
	EndedAt      sql.NullInt64  `db:"ended_at"`
	Error        sql.NullString `db:"error"`
	DeploymentID string         `db:"deployment_id"`
}

type EndDeploymentStepParams 

type EndDeploymentStepParams struct {
	EndedAt      sql.NullInt64       `db:"ended_at"`
	Error        sql.NullString      `db:"error"`
	DeploymentID string              `db:"deployment_id"`
	Step         DeploymentStepsStep `db:"step"`
}

type EnvVarInfo 

type EnvVarInfo struct {
	Key   string `json:"key"`
	Value string `json:"value"`
}

type Environment 

type Environment struct {
	Pk               uint64        `db:"pk"`
	ID               string        `db:"id"`
	WorkspaceID      string        `db:"workspace_id"`
	ProjectID        string        `db:"project_id"`
	AppID            string        `db:"app_id"`
	Slug             string        `db:"slug"`
	Description      string        `db:"description"`
	DeleteProtection sql.NullBool  `db:"delete_protection"`
	CreatedAt        int64         `db:"created_at"`
	UpdatedAt        sql.NullInt64 `db:"updated_at"`
}

type ExchangePortalSessionTokenParams 

type ExchangePortalSessionTokenParams struct {
	ExchangedAt sql.NullInt64 `db:"exchanged_at"`
	ID          string        `db:"id"`
	Now         int64         `db:"now"`
}

type FindAcmeChallengeByTokenParams 

type FindAcmeChallengeByTokenParams struct {
	WorkspaceID string `db:"workspace_id"`
	DomainID    string `db:"domain_id"`
	Token       string `db:"token"`
}

type FindAppBuildSettingByAppEnvParams 

type FindAppBuildSettingByAppEnvParams struct {
	AppID         string `db:"app_id"`
	EnvironmentID string `db:"environment_id"`
}

type FindAppByProjectAndSlugParams 

type FindAppByProjectAndSlugParams struct {
	ProjectID string `db:"project_id"`
	Slug      string `db:"slug"`
}

type FindAppByProjectAndSlugRow 

type FindAppByProjectAndSlugRow struct {
	App App `db:"app"`
}

type FindAppByWorkspaceAndSlugsParams 

type FindAppByWorkspaceAndSlugsParams struct {
	WorkspaceID string `db:"workspace_id"`
	ProjectSlug string `db:"project_slug"`
	AppSlug     string `db:"app_slug"`
}

type FindAppByWorkspaceAndSlugsRow 

type FindAppByWorkspaceAndSlugsRow struct {
	Project Project `db:"project"`
	App     App     `db:"app"`
}

type FindAppEnvVarsByAppAndEnvParams 

type FindAppEnvVarsByAppAndEnvParams struct {
	AppID         string `db:"app_id"`
	EnvironmentID string `db:"environment_id"`
}

type FindAppEnvVarsByAppAndEnvRow 

type FindAppEnvVarsByAppAndEnvRow struct {
	Key   string `db:"key"`
	Value string `db:"value"`
}

type FindAppRegionalSettingsByAppAndEnvParams 

type FindAppRegionalSettingsByAppAndEnvParams struct {
	AppID         string `db:"app_id"`
	EnvironmentID string `db:"environment_id"`
}

type FindAppRegionalSettingsByAppAndEnvRow 

type FindAppRegionalSettingsByAppAndEnvRow struct {
	RegionID                   string        `db:"region_id"`
	RegionName                 string        `db:"region_name"`
	Replicas                   int32         `db:"replicas"`
	RegionCanSchedule          bool          `db:"region_can_schedule"`
	AutoscalingReplicasMin     sql.NullInt32 `db:"autoscaling_replicas_min"`
	AutoscalingReplicasMax     sql.NullInt32 `db:"autoscaling_replicas_max"`
	AutoscalingThresholdCpu    sql.NullInt16 `db:"autoscaling_threshold_cpu"`
	AutoscalingThresholdMemory sql.NullInt16 `db:"autoscaling_threshold_memory"`
}

type FindAppRuntimeSettingsByAppAndEnvParams 

type FindAppRuntimeSettingsByAppAndEnvParams struct {
	AppID         string `db:"app_id"`
	EnvironmentID string `db:"environment_id"`
}

type FindAppRuntimeSettingsByAppAndEnvRow 

type FindAppRuntimeSettingsByAppAndEnvRow struct {
	AppRuntimeSetting AppRuntimeSetting `db:"app_runtime_setting"`
}

type FindAppWithSettingsParams 

type FindAppWithSettingsParams struct {
	EnvironmentID string `db:"environment_id"`
	ID            string `db:"id"`
}

type FindAppWithSettingsRow 

type FindAppWithSettingsRow struct {
	App               App               `db:"app"`
	AppBuildSetting   AppBuildSetting   `db:"app_build_setting"`
	AppRuntimeSetting AppRuntimeSetting `db:"app_runtime_setting"`
}

type FindAuditLogTargetByIDRow 

type FindAuditLogTargetByIDRow struct {
	AuditLogTarget AuditLogTarget `db:"audit_log_target"`
	AuditLog       AuditLog       `db:"audit_log"`
}

type FindAuditLogTargetsForBackfillRow 

type FindAuditLogTargetsForBackfillRow struct {
	AuditLogID string         `db:"audit_log_id"`
	Type       string         `db:"type"`
	ID         string         `db:"id"`
	Name       sql.NullString `db:"name"`
	Meta       []byte         `db:"meta"`
}

type FindAuditLogsForBackfillParams 

type FindAuditLogsForBackfillParams struct {
	AfterPk  uint64 `db:"after_pk"`
	CutoffPk uint64 `db:"cutoff_pk"`
	Limit    int32  `db:"limit"`
}

type FindAuditLogsForBackfillRow 

type FindAuditLogsForBackfillRow struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Bucket      string         `db:"bucket"`
	Event       string         `db:"event"`
	Time        int64          `db:"time"`
	Display     string         `db:"display"`
	RemoteIp    sql.NullString `db:"remote_ip"`
	UserAgent   sql.NullString `db:"user_agent"`
	ActorType   string         `db:"actor_type"`
	ActorID     string         `db:"actor_id"`
	ActorName   sql.NullString `db:"actor_name"`
	ActorMeta   []byte         `db:"actor_meta"`
}

type FindCiliumNetworkPolicyByEnvironmentRegionAndNameParams 

type FindCiliumNetworkPolicyByEnvironmentRegionAndNameParams struct {
	EnvironmentID string `db:"environment_id"`
	RegionID      string `db:"region_id"`
	K8sName       string `db:"k8s_name"`
}

type FindCiliumNetworkPolicyByIDAndRegionParams 

type FindCiliumNetworkPolicyByIDAndRegionParams struct {
	RegionID              string `db:"region_id"`
	CiliumNetworkPolicyID string `db:"cilium_network_policy_id"`
}

type FindClickhouseOutboxBatchParams 

type FindClickhouseOutboxBatchParams struct {
	Versions []string `db:"versions"`
	Limit    int32    `db:"limit"`
}

type FindClickhouseOutboxBatchRow 

type FindClickhouseOutboxBatchRow struct {
	Pk          uint64          `db:"pk"`
	Version     string          `db:"version"`
	WorkspaceID string          `db:"workspace_id"`
	EventID     string          `db:"event_id"`
	Payload     json.RawMessage `db:"payload"`
	CreatedAt   int64           `db:"created_at"`
}

type FindClickhouseWorkspaceSettingsByWorkspaceIDRow 

type FindClickhouseWorkspaceSettingsByWorkspaceIDRow struct {
	ClickhouseWorkspaceSetting ClickhouseWorkspaceSetting `db:"clickhouse_workspace_setting"`
	Quotas                     Quotas                     `db:"quotas"`
}

type FindCustomDomainByDomainOrWildcardParams 

type FindCustomDomainByDomainOrWildcardParams struct {
	Domain   string `db:"domain"`
	Domain_2 string `db:"domain_2"`
	Domain_3 string `db:"domain_3"`
}

type FindCustomDomainByWorkspaceAndDomainParams 

type FindCustomDomainByWorkspaceAndDomainParams struct {
	WorkspaceID string `db:"workspace_id"`
	Domain      string `db:"domain"`
}

type FindCustomDomainWithCertByDomainRow 

type FindCustomDomainWithCertByDomainRow struct {
	Pk                    uint64                          `db:"pk"`
	ID                    string                          `db:"id"`
	WorkspaceID           string                          `db:"workspace_id"`
	ProjectID             string                          `db:"project_id"`
	AppID                 string                          `db:"app_id"`
	EnvironmentID         string                          `db:"environment_id"`
	Domain                string                          `db:"domain"`
	ChallengeType         CustomDomainsChallengeType      `db:"challenge_type"`
	VerificationStatus    CustomDomainsVerificationStatus `db:"verification_status"`
	VerificationToken     string                          `db:"verification_token"`
	OwnershipVerified     bool                            `db:"ownership_verified"`
	CnameVerified         bool                            `db:"cname_verified"`
	TargetCname           string                          `db:"target_cname"`
	LastCheckedAt         sql.NullInt64                   `db:"last_checked_at"`
	CheckAttempts         int32                           `db:"check_attempts"`
	VerificationError     sql.NullString                  `db:"verification_error"`
	DomainConnectProvider sql.NullString                  `db:"domain_connect_provider"`
	DomainConnectUrl      sql.NullString                  `db:"domain_connect_url"`
	InvocationID          sql.NullString                  `db:"invocation_id"`
	CreatedAt             int64                           `db:"created_at"`
	UpdatedAt             sql.NullInt64                   `db:"updated_at"`
	CertificateID         sql.NullString                  `db:"certificate_id"`
}

type FindDeploymentTopologyByDeploymentAndRegionParams 

type FindDeploymentTopologyByDeploymentAndRegionParams struct {
	DeploymentID string `db:"deployment_id"`
	RegionID     string `db:"region_id"`
}

type FindDeploymentTopologyByDeploymentAndRegionRow 

type FindDeploymentTopologyByDeploymentAndRegionRow struct {
	DeploymentTopology DeploymentTopology `db:"deployment_topology"`
	Deployment         Deployment         `db:"deployment"`
	K8sNamespace       sql.NullString     `db:"k8s_namespace"`
	EnvironmentSlug    string             `db:"environment_slug"`
	RegionName         string             `db:"region_name"`
	GitRepo            sql.NullString     `db:"git_repo"`
}

type FindDeploymentTopologyMinReplicasRow 

type FindDeploymentTopologyMinReplicasRow struct {
	RegionID               string `db:"region_id"`
	AutoscalingReplicasMin uint32 `db:"autoscaling_replicas_min"`
}

type FindEnvironmentByAppIdAndSlugParams 

type FindEnvironmentByAppIdAndSlugParams struct {
	AppID string `db:"app_id"`
	Slug  string `db:"slug"`
}

type FindEnvironmentByAppIdAndSlugRow 

type FindEnvironmentByAppIdAndSlugRow struct {
	Environment Environment `db:"environment"`
}

type FindEnvironmentByProjectIdAndSlugParams 

type FindEnvironmentByProjectIdAndSlugParams struct {
	WorkspaceID string `db:"workspace_id"`
	ProjectID   string `db:"project_id"`
	Slug        string `db:"slug"`
}

type FindFrontlineRouteByDeploymentIDAndStickyParams 

type FindFrontlineRouteByDeploymentIDAndStickyParams struct {
	DeploymentID string                `db:"deployment_id"`
	Sticky       FrontlineRoutesSticky `db:"sticky"`
}

type FindFrontlineRouteForPromotionParams 

type FindFrontlineRouteForPromotionParams struct {
	EnvironmentID string                  `db:"environment_id"`
	Sticky        []FrontlineRoutesSticky `db:"sticky"`
}

type FindFrontlineRouteForPromotionRow 

type FindFrontlineRouteForPromotionRow struct {
	ID                       string                `db:"id"`
	ProjectID                string                `db:"project_id"`
	EnvironmentID            string                `db:"environment_id"`
	FullyQualifiedDomainName string                `db:"fully_qualified_domain_name"`
	DeploymentID             string                `db:"deployment_id"`
	Sticky                   FrontlineRoutesSticky `db:"sticky"`
	CreatedAt                int64                 `db:"created_at"`
	UpdatedAt                sql.NullInt64         `db:"updated_at"`
}

type FindFrontlineRoutesForRollbackParams 

type FindFrontlineRoutesForRollbackParams struct {
	EnvironmentID string                  `db:"environment_id"`
	Sticky        []FrontlineRoutesSticky `db:"sticky"`
}

type FindFrontlineRoutesForRollbackRow 

type FindFrontlineRoutesForRollbackRow struct {
	ID                       string                `db:"id"`
	ProjectID                string                `db:"project_id"`
	EnvironmentID            string                `db:"environment_id"`
	FullyQualifiedDomainName string                `db:"fully_qualified_domain_name"`
	DeploymentID             string                `db:"deployment_id"`
	Sticky                   FrontlineRoutesSticky `db:"sticky"`
	CreatedAt                int64                 `db:"created_at"`
	UpdatedAt                sql.NullInt64         `db:"updated_at"`
}

type FindGithubRepoConnectionByProjectIdRow 

type FindGithubRepoConnectionByProjectIdRow struct {
	Pk                 uint64        `db:"pk"`
	WorkspaceID        string        `db:"workspace_id"`
	ProjectID          string        `db:"project_id"`
	InstallationID     int64         `db:"installation_id"`
	RepositoryID       int64         `db:"repository_id"`
	RepositoryFullName string        `db:"repository_full_name"`
	CreatedAt          int64         `db:"created_at"`
	UpdatedAt          sql.NullInt64 `db:"updated_at"`
}

type FindIdentitiesByExternalIdParams 

type FindIdentitiesByExternalIdParams struct {
	WorkspaceID string   `db:"workspace_id"`
	ExternalIds []string `db:"externalIds"`
	Deleted     bool     `db:"deleted"`
}

type FindIdentitiesParams 

type FindIdentitiesParams struct {
	WorkspaceID string   `db:"workspace_id"`
	Deleted     bool     `db:"deleted"`
	Identities  []string `db:"identities"`
}

type FindIdentityByExternalIDParams 

type FindIdentityByExternalIDParams struct {
	WorkspaceID string `db:"workspace_id"`
	ExternalID  string `db:"external_id"`
	Deleted     bool   `db:"deleted"`
}

type FindIdentityByIDParams 

type FindIdentityByIDParams struct {
	WorkspaceID string `db:"workspace_id"`
	IdentityID  string `db:"identity_id"`
	Deleted     bool   `db:"deleted"`
}

type FindIdentityParams 

type FindIdentityParams struct {
	Identity    string `db:"identity"`
	WorkspaceID string `db:"workspace_id"`
	Deleted     bool   `db:"deleted"`
}

type FindIdentityRow 

type FindIdentityRow struct {
	Pk          uint64        `db:"pk"`
	ID          string        `db:"id"`
	ExternalID  string        `db:"external_id"`
	WorkspaceID string        `db:"workspace_id"`
	Environment string        `db:"environment"`
	Meta        []byte        `db:"meta"`
	Deleted     bool          `db:"deleted"`
	CreatedAt   int64         `db:"created_at"`
	UpdatedAt   sql.NullInt64 `db:"updated_at"`
	Ratelimits  interface{}   `db:"ratelimits"`
}

type FindInstanceByPodNameParams 

type FindInstanceByPodNameParams struct {
	K8sName  string `db:"k8s_name"`
	RegionID string `db:"region_id"`
}

type FindInstancesByDeploymentIdAndRegionIDParams 

type FindInstancesByDeploymentIdAndRegionIDParams struct {
	DeploymentID string `db:"deployment_id"`
	RegionID     string `db:"region_id"`
}

type FindKeyAuthsByIdsParams 

type FindKeyAuthsByIdsParams struct {
	WorkspaceID string   `db:"workspace_id"`
	ApiIds      []string `db:"api_ids"`
}

type FindKeyAuthsByIdsRow 

type FindKeyAuthsByIdsRow struct {
	KeyAuthID string `db:"key_auth_id"`
	ApiID     string `db:"api_id"`
}

type FindKeyAuthsByKeyAuthIdsParams 

type FindKeyAuthsByKeyAuthIdsParams struct {
	WorkspaceID string   `db:"workspace_id"`
	KeyAuthIds  []string `db:"key_auth_ids"`
}

type FindKeyAuthsByKeyAuthIdsRow 

type FindKeyAuthsByKeyAuthIdsRow struct {
	KeyAuthID string `db:"key_auth_id"`
	ApiID     string `db:"api_id"`
}

type FindKeyMigrationByIDParams 

type FindKeyMigrationByIDParams struct {
	ID          string `db:"id"`
	WorkspaceID string `db:"workspace_id"`
}

type FindKeyMigrationByIDRow 

type FindKeyMigrationByIDRow struct {
	ID          string                 `db:"id"`
	WorkspaceID string                 `db:"workspace_id"`
	Algorithm   KeyMigrationsAlgorithm `db:"algorithm"`
}

type FindKeyRoleByKeyAndRoleIDParams 

type FindKeyRoleByKeyAndRoleIDParams struct {
	KeyID  string `db:"key_id"`
	RoleID string `db:"role_id"`
}

type FindKeysByHashRow 

type FindKeysByHashRow struct {
	ID   string `db:"id"`
	Hash string `db:"hash"`
}

type FindLatestReadyDeploymentByAppAndEnvParams 

type FindLatestReadyDeploymentByAppAndEnvParams struct {
	AppID         string `db:"app_id"`
	EnvironmentID string `db:"environment_id"`
	ExcludeID     string `db:"exclude_id"`
}

type FindLiveApiByIDRow 

type FindLiveApiByIDRow struct {
	Pk               uint64           `db:"pk"`
	ID               string           `db:"id"`
	Name             string           `db:"name"`
	WorkspaceID      string           `db:"workspace_id"`
	IpWhitelist      sql.NullString   `db:"ip_whitelist"`
	AuthType         NullApisAuthType `db:"auth_type"`
	KeyAuthID        sql.NullString   `db:"key_auth_id"`
	CreatedAtM       int64            `db:"created_at_m"`
	UpdatedAtM       sql.NullInt64    `db:"updated_at_m"`
	DeletedAtM       sql.NullInt64    `db:"deleted_at_m"`
	DeleteProtection sql.NullBool     `db:"delete_protection"`
	KeyAuth          KeyAuth          `db:"key_auth"`
}

type FindLiveKeyByHashRow 

type FindLiveKeyByHashRow struct {
	Pk                 uint64         `db:"pk"`
	ID                 string         `db:"id"`
	KeyAuthID          string         `db:"key_auth_id"`
	Hash               string         `db:"hash"`
	Start              string         `db:"start"`
	WorkspaceID        string         `db:"workspace_id"`
	ForWorkspaceID     sql.NullString `db:"for_workspace_id"`
	Name               sql.NullString `db:"name"`
	OwnerID            sql.NullString `db:"owner_id"`
	IdentityID         sql.NullString `db:"identity_id"`
	Meta               sql.NullString `db:"meta"`
	Expires            sql.NullTime   `db:"expires"`
	CreatedAtM         int64          `db:"created_at_m"`
	UpdatedAtM         sql.NullInt64  `db:"updated_at_m"`
	DeletedAtM         sql.NullInt64  `db:"deleted_at_m"`
	RefillDay          sql.NullInt16  `db:"refill_day"`
	RefillAmount       sql.NullInt64  `db:"refill_amount"`
	LastRefillAt       sql.NullTime   `db:"last_refill_at"`
	Enabled            bool           `db:"enabled"`
	RemainingRequests  sql.NullInt64  `db:"remaining_requests"`
	Environment        sql.NullString `db:"environment"`
	LastUsedAt         uint64         `db:"last_used_at"`
	PendingMigrationID sql.NullString `db:"pending_migration_id"`
	Api                Api            `db:"api"`
	KeyAuth            KeyAuth        `db:"key_auth"`
	Workspace          Workspace      `db:"workspace"`
	IdentityTableID    sql.NullString `db:"identity_table_id"`
	IdentityExternalID sql.NullString `db:"identity_external_id"`
	IdentityMeta       []byte         `db:"identity_meta"`
	EncryptedKey       sql.NullString `db:"encrypted_key"`
	EncryptionKeyID    sql.NullString `db:"encryption_key_id"`
	Roles              interface{}    `db:"roles"`
	Permissions        interface{}    `db:"permissions"`
	RolePermissions    interface{}    `db:"role_permissions"`
	Ratelimits         interface{}    `db:"ratelimits"`
}

type FindLiveKeyByIDRow 

type FindLiveKeyByIDRow struct {
	Pk                 uint64         `db:"pk"`
	ID                 string         `db:"id"`
	KeyAuthID          string         `db:"key_auth_id"`
	Hash               string         `db:"hash"`
	Start              string         `db:"start"`
	WorkspaceID        string         `db:"workspace_id"`
	ForWorkspaceID     sql.NullString `db:"for_workspace_id"`
	Name               sql.NullString `db:"name"`
	OwnerID            sql.NullString `db:"owner_id"`
	IdentityID         sql.NullString `db:"identity_id"`
	Meta               sql.NullString `db:"meta"`
	Expires            sql.NullTime   `db:"expires"`
	CreatedAtM         int64          `db:"created_at_m"`
	UpdatedAtM         sql.NullInt64  `db:"updated_at_m"`
	DeletedAtM         sql.NullInt64  `db:"deleted_at_m"`
	RefillDay          sql.NullInt16  `db:"refill_day"`
	RefillAmount       sql.NullInt64  `db:"refill_amount"`
	LastRefillAt       sql.NullTime   `db:"last_refill_at"`
	Enabled            bool           `db:"enabled"`
	RemainingRequests  sql.NullInt64  `db:"remaining_requests"`
	Environment        sql.NullString `db:"environment"`
	LastUsedAt         uint64         `db:"last_used_at"`
	PendingMigrationID sql.NullString `db:"pending_migration_id"`
	Api                Api            `db:"api"`
	KeyAuth            KeyAuth        `db:"key_auth"`
	Workspace          Workspace      `db:"workspace"`
	IdentityTableID    sql.NullString `db:"identity_table_id"`
	IdentityExternalID sql.NullString `db:"identity_external_id"`
	IdentityMeta       []byte         `db:"identity_meta"`
	EncryptedKey       sql.NullString `db:"encrypted_key"`
	EncryptionKeyID    sql.NullString `db:"encryption_key_id"`
	Roles              interface{}    `db:"roles"`
	Permissions        interface{}    `db:"permissions"`
	RolePermissions    interface{}    `db:"role_permissions"`
	Ratelimits         interface{}    `db:"ratelimits"`
}

type FindManyRatelimitNamespacesParams 

type FindManyRatelimitNamespacesParams struct {
	WorkspaceID string   `db:"workspace_id"`
	Namespaces  []string `db:"namespaces"`
}

type FindManyRatelimitNamespacesRow 

type FindManyRatelimitNamespacesRow struct {
	Pk          uint64        `db:"pk"`
	ID          string        `db:"id"`
	WorkspaceID string        `db:"workspace_id"`
	Name        string        `db:"name"`
	CreatedAtM  int64         `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64 `db:"updated_at_m"`
	DeletedAtM  sql.NullInt64 `db:"deleted_at_m"`
	Overrides   interface{}   `db:"overrides"`
}

type FindManyRolesByIdOrNameWithPermsParams 

type FindManyRolesByIdOrNameWithPermsParams struct {
	WorkspaceID string   `db:"workspace_id"`
	Search      []string `db:"search"`
}

type FindManyRolesByIdOrNameWithPermsRow 

type FindManyRolesByIdOrNameWithPermsRow struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Name        string         `db:"name"`
	Description sql.NullString `db:"description"`
	CreatedAtM  int64          `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64  `db:"updated_at_m"`
	Permissions interface{}    `db:"permissions"`
}

type FindManyRolesByNamesWithPermsParams 

type FindManyRolesByNamesWithPermsParams struct {
	WorkspaceID string   `db:"workspace_id"`
	Names       []string `db:"names"`
}

type FindManyRolesByNamesWithPermsRow 

type FindManyRolesByNamesWithPermsRow struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Name        string         `db:"name"`
	Description sql.NullString `db:"description"`
	CreatedAtM  int64          `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64  `db:"updated_at_m"`
	Permissions interface{}    `db:"permissions"`
}

type FindPermissionByIdOrSlugParams 

type FindPermissionByIdOrSlugParams struct {
	WorkspaceID string `db:"workspace_id"`
	Search      string `db:"search"`
}

type FindPermissionByNameAndWorkspaceIDParams 

type FindPermissionByNameAndWorkspaceIDParams struct {
	Name        string `db:"name"`
	WorkspaceID string `db:"workspace_id"`
}

type FindPermissionBySlugAndWorkspaceIDParams 

type FindPermissionBySlugAndWorkspaceIDParams struct {
	Slug        string `db:"slug"`
	WorkspaceID string `db:"workspace_id"`
}

type FindPermissionsBySlugsParams 

type FindPermissionsBySlugsParams struct {
	WorkspaceID string   `db:"workspace_id"`
	Slugs       []string `db:"slugs"`
}

type FindPortalConfigByWorkspaceAndSlugParams 

type FindPortalConfigByWorkspaceAndSlugParams struct {
	WorkspaceID string `db:"workspace_id"`
	Slug        string `db:"slug"`
}

type FindProjectByWorkspaceSlugParams 

type FindProjectByWorkspaceSlugParams struct {
	WorkspaceID string `db:"workspace_id"`
	Slug        string `db:"slug"`
}

type FindProjectByWorkspaceSlugRow 

type FindProjectByWorkspaceSlugRow struct {
	ID               string        `db:"id"`
	WorkspaceID      string        `db:"workspace_id"`
	Name             string        `db:"name"`
	Slug             string        `db:"slug"`
	DeleteProtection sql.NullBool  `db:"delete_protection"`
	CreatedAt        int64         `db:"created_at"`
	UpdatedAt        sql.NullInt64 `db:"updated_at"`
}

type FindRatelimitNamespace 

type FindRatelimitNamespace struct {
	ID                string                                         `db:"id"`
	WorkspaceID       string                                         `db:"workspace_id"`
	Name              string                                         `db:"name"`
	CreatedAtM        int64                                          `db:"created_at_m"`
	UpdatedAtM        sql.NullInt64                                  `db:"updated_at_m"`
	DeletedAtM        sql.NullInt64                                  `db:"deleted_at_m"`
	DirectOverrides   map[string]FindRatelimitNamespaceLimitOverride `db:"direct_overrides"`
	WildcardOverrides []FindRatelimitNamespaceLimitOverride          `db:"wildcard_overrides"`
}

type FindRatelimitNamespaceByNameParams 

type FindRatelimitNamespaceByNameParams struct {
	Name        string `db:"name"`
	WorkspaceID string `db:"workspace_id"`
}

type FindRatelimitNamespaceLimitOverride 

type FindRatelimitNamespaceLimitOverride struct {
	ID         string `json:"id"`
	Identifier string `json:"identifier"`
	Limit      int64  `json:"limit"`
	Duration   int64  `json:"duration"`
}

type FindRatelimitNamespaceParams 

type FindRatelimitNamespaceParams struct {
	WorkspaceID string `db:"workspace_id"`
	Namespace   string `db:"namespace"`
}

type FindRatelimitNamespaceRow 

type FindRatelimitNamespaceRow struct {
	Pk          uint64        `db:"pk"`
	ID          string        `db:"id"`
	WorkspaceID string        `db:"workspace_id"`
	Name        string        `db:"name"`
	CreatedAtM  int64         `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64 `db:"updated_at_m"`
	DeletedAtM  sql.NullInt64 `db:"deleted_at_m"`
	Overrides   interface{}   `db:"overrides"`
}

type FindRatelimitOverrideByIDParams 

type FindRatelimitOverrideByIDParams struct {
	WorkspaceID string `db:"workspace_id"`
	OverrideID  string `db:"override_id"`
}

type FindRatelimitOverrideByIdentifierParams 

type FindRatelimitOverrideByIdentifierParams struct {
	WorkspaceID string `db:"workspace_id"`
	NamespaceID string `db:"namespace_id"`
	Identifier  string `db:"identifier"`
}

type FindRegionByPlatformAndNameParams 

type FindRegionByPlatformAndNameParams struct {
	Platform string `db:"platform"`
	Name     string `db:"name"`
}

type FindRoleByIdOrNameWithPermsParams 

type FindRoleByIdOrNameWithPermsParams struct {
	WorkspaceID string `db:"workspace_id"`
	Search      string `db:"search"`
}

type FindRoleByIdOrNameWithPermsRow 

type FindRoleByIdOrNameWithPermsRow struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Name        string         `db:"name"`
	Description sql.NullString `db:"description"`
	CreatedAtM  int64          `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64  `db:"updated_at_m"`
	Permissions interface{}    `db:"permissions"`
}

type FindRoleByNameAndWorkspaceIDParams 

type FindRoleByNameAndWorkspaceIDParams struct {
	Name        string `db:"name"`
	WorkspaceID string `db:"workspace_id"`
}

type FindRolePermissionByRoleAndPermissionIDParams 

type FindRolePermissionByRoleAndPermissionIDParams struct {
	RoleID       string `db:"role_id"`
	PermissionID string `db:"permission_id"`
}

type FindRolesByNamesParams 

type FindRolesByNamesParams struct {
	WorkspaceID string   `db:"workspace_id"`
	Names       []string `db:"names"`
}

type FindRolesByNamesRow 

type FindRolesByNamesRow struct {
	ID   string `db:"id"`
	Name string `db:"name"`
}

type FindSentinelDeployContextByK8sNameRow 

type FindSentinelDeployContextByK8sNameRow struct {
	ID              string                `db:"id"`
	DeployStatus    SentinelsDeployStatus `db:"deploy_status"`
	DesiredImage    string                `db:"desired_image"`
	RunningImage    string                `db:"running_image"`
	DesiredReplicas int32                 `db:"desired_replicas"`
}

type FindSentinelsByEnvironmentIDRow 

type FindSentinelsByEnvironmentIDRow struct {
	Sentinel Sentinel `db:"sentinel"`
	Region   Region   `db:"region"`
}

type FindValidPortalSessionParams 

type FindValidPortalSessionParams struct {
	ID  string `db:"id"`
	Now int64  `db:"now"`
}

type FindValidPortalSessionTokenParams 

type FindValidPortalSessionTokenParams struct {
	ID  string `db:"id"`
	Now int64  `db:"now"`
}

type FindVerifiedCustomDomainByDomainExcludingWorkspaceParams 

type FindVerifiedCustomDomainByDomainExcludingWorkspaceParams struct {
	Domain      string `db:"domain"`
	WorkspaceID string `db:"workspace_id"`
}

type FlipSentinelDeployStatusIfProgressingParams 

type FlipSentinelDeployStatusIfProgressingParams struct {
	DeployStatus SentinelsDeployStatus `db:"deploy_status"`
	UpdatedAt    sql.NullInt64         `db:"updated_at"`
	ID           string                `db:"id"`
}

type FrontlineRoute 

type FrontlineRoute struct {
	Pk                       uint64                `db:"pk"`
	ID                       string                `db:"id"`
	ProjectID                string                `db:"project_id"`
	AppID                    string                `db:"app_id"`
	DeploymentID             string                `db:"deployment_id"`
	EnvironmentID            string                `db:"environment_id"`
	FullyQualifiedDomainName string                `db:"fully_qualified_domain_name"`
	Sticky                   FrontlineRoutesSticky `db:"sticky"`
	CreatedAt                int64                 `db:"created_at"`
	UpdatedAt                sql.NullInt64         `db:"updated_at"`
}

type FrontlineRoutesSticky 

type FrontlineRoutesSticky string
const (
	FrontlineRoutesStickyNone        FrontlineRoutesSticky = "none"
	FrontlineRoutesStickyBranch      FrontlineRoutesSticky = "branch"
	FrontlineRoutesStickyEnvironment FrontlineRoutesSticky = "environment"
	FrontlineRoutesStickyLive        FrontlineRoutesSticky = "live"
	FrontlineRoutesStickyDeployment  FrontlineRoutesSticky = "deployment"
)

func (*FrontlineRoutesSticky) Scan 

func (e *FrontlineRoutesSticky) Scan(src interface{}) error

type GetKeyAuthByIDRow 

type GetKeyAuthByIDRow struct {
	ID                 string         `db:"id"`
	WorkspaceID        string         `db:"workspace_id"`
	CreatedAtM         int64          `db:"created_at_m"`
	DefaultPrefix      sql.NullString `db:"default_prefix"`
	DefaultBytes       sql.NullInt32  `db:"default_bytes"`
	StoreEncryptedKeys bool           `db:"store_encrypted_keys"`
}

type GetWorkspacesForQuotaCheckByIDsRow 

type GetWorkspacesForQuotaCheckByIDsRow struct {
	ID               string         `db:"id"`
	OrgID            string         `db:"org_id"`
	Name             string         `db:"name"`
	StripeCustomerID sql.NullString `db:"stripe_customer_id"`
	Tier             sql.NullString `db:"tier"`
	Enabled          bool           `db:"enabled"`
	RequestsPerMonth sql.NullInt64  `db:"requests_per_month"`
}

type GithubAppInstallation 

type GithubAppInstallation struct {
	Pk             uint64        `db:"pk"`
	WorkspaceID    string        `db:"workspace_id"`
	InstallationID int64         `db:"installation_id"`
	CreatedAt      int64         `db:"created_at"`
	UpdatedAt      sql.NullInt64 `db:"updated_at"`
}

type GithubRepoConnection 

type GithubRepoConnection struct {
	Pk                 uint64        `db:"pk"`
	WorkspaceID        string        `db:"workspace_id"`
	ProjectID          string        `db:"project_id"`
	AppID              string        `db:"app_id"`
	InstallationID     int64         `db:"installation_id"`
	RepositoryID       int64         `db:"repository_id"`
	RepositoryFullName string        `db:"repository_full_name"`
	CreatedAt          int64         `db:"created_at"`
	UpdatedAt          sql.NullInt64 `db:"updated_at"`
}

type HasNewerActiveDeploymentParams 

type HasNewerActiveDeploymentParams struct {
	AppID         string         `db:"app_id"`
	EnvironmentID string         `db:"environment_id"`
	GitBranch     sql.NullString `db:"git_branch"`
	CreatedAt     int64          `db:"created_at"`
	DeploymentID  string         `db:"deployment_id"`
}

type HorizontalAutoscalingPolicy 

type HorizontalAutoscalingPolicy struct {
	Pk              uint64        `db:"pk"`
	ID              string        `db:"id"`
	WorkspaceID     string        `db:"workspace_id"`
	ReplicasMin     int32         `db:"replicas_min"`
	ReplicasMax     int32         `db:"replicas_max"`
	MemoryThreshold sql.NullInt16 `db:"memory_threshold"`
	CpuThreshold    sql.NullInt16 `db:"cpu_threshold"`
	RpsThreshold    sql.NullInt16 `db:"rps_threshold"`
	CreatedAt       int64         `db:"created_at"`
	UpdatedAt       sql.NullInt64 `db:"updated_at"`
}

type Identity 

type Identity struct {
	Pk          uint64        `db:"pk"`
	ID          string        `db:"id"`
	ExternalID  string        `db:"external_id"`
	WorkspaceID string        `db:"workspace_id"`
	Environment string        `db:"environment"`
	Meta        []byte        `db:"meta"`
	Deleted     bool          `db:"deleted"`
	CreatedAt   int64         `db:"created_at"`
	UpdatedAt   sql.NullInt64 `db:"updated_at"`
}

type InsertAcmeChallengeParams 

type InsertAcmeChallengeParams struct {
	WorkspaceID   string                      `db:"workspace_id"`
	DomainID      string                      `db:"domain_id"`
	Token         string                      `db:"token"`
	Authorization string                      `db:"authorization"`
	Status        AcmeChallengesStatus        `db:"status"`
	ChallengeType AcmeChallengesChallengeType `db:"challenge_type"`
	CreatedAt     int64                       `db:"created_at"`
	UpdatedAt     sql.NullInt64               `db:"updated_at"`
	ExpiresAt     int64                       `db:"expires_at"`
}

type InsertAcmeUserParams 

type InsertAcmeUserParams struct {
	ID           string `db:"id"`
	WorkspaceID  string `db:"workspace_id"`
	EncryptedKey string `db:"encrypted_key"`
	CreatedAt    int64  `db:"created_at"`
}

type InsertApiParams 

type InsertApiParams struct {
	ID          string           `db:"id"`
	Name        string           `db:"name"`
	WorkspaceID string           `db:"workspace_id"`
	AuthType    NullApisAuthType `db:"auth_type"`
	IpWhitelist sql.NullString   `db:"ip_whitelist"`
	KeyAuthID   sql.NullString   `db:"key_auth_id"`
	CreatedAtM  int64            `db:"created_at_m"`
}

type InsertAppEnvironmentVariableParams 

type InsertAppEnvironmentVariableParams struct {
	ID            string `db:"id"`
	WorkspaceID   string `db:"workspace_id"`
	AppID         string `db:"app_id"`
	EnvironmentID string `db:"environment_id"`
	EnvKey        string `db:"env_key"`
	Value         string `db:"value"`
	CreatedAt     int64  `db:"created_at"`
}

type InsertAppParams 

type InsertAppParams struct {
	ID               string        `db:"id"`
	WorkspaceID      string        `db:"workspace_id"`
	ProjectID        string        `db:"project_id"`
	Name             string        `db:"name"`
	Slug             string        `db:"slug"`
	DefaultBranch    string        `db:"default_branch"`
	DeleteProtection sql.NullBool  `db:"delete_protection"`
	CreatedAt        int64         `db:"created_at"`
	UpdatedAt        sql.NullInt64 `db:"updated_at"`
}

type InsertAuditLogParams 

type InsertAuditLogParams struct {
	ID          string          `db:"id"`
	WorkspaceID string          `db:"workspace_id"`
	BucketID    string          `db:"bucket_id"`
	Bucket      string          `db:"bucket"`
	Event       string          `db:"event"`
	Time        int64           `db:"time"`
	Display     string          `db:"display"`
	RemoteIp    sql.NullString  `db:"remote_ip"`
	UserAgent   sql.NullString  `db:"user_agent"`
	ActorType   string          `db:"actor_type"`
	ActorID     string          `db:"actor_id"`
	ActorName   sql.NullString  `db:"actor_name"`
	ActorMeta   json.RawMessage `db:"actor_meta"`
	CreatedAt   int64           `db:"created_at"`
}

type InsertAuditLogTargetParams 

type InsertAuditLogTargetParams struct {
	WorkspaceID string          `db:"workspace_id"`
	BucketID    string          `db:"bucket_id"`
	Bucket      string          `db:"bucket"`
	AuditLogID  string          `db:"audit_log_id"`
	DisplayName string          `db:"display_name"`
	Type        string          `db:"type"`
	ID          string          `db:"id"`
	Name        sql.NullString  `db:"name"`
	Meta        json.RawMessage `db:"meta"`
	CreatedAt   int64           `db:"created_at"`
}

type InsertCertificateParams 

type InsertCertificateParams struct {
	ID                  string        `db:"id"`
	WorkspaceID         string        `db:"workspace_id"`
	Hostname            string        `db:"hostname"`
	Certificate         string        `db:"certificate"`
	EncryptedPrivateKey string        `db:"encrypted_private_key"`
	CreatedAt           int64         `db:"created_at"`
	UpdatedAt           sql.NullInt64 `db:"updated_at"`
}

type InsertCiliumNetworkPolicyParams 

type InsertCiliumNetworkPolicyParams struct {
	ID            string          `db:"id"`
	WorkspaceID   string          `db:"workspace_id"`
	ProjectID     string          `db:"project_id"`
	AppID         string          `db:"app_id"`
	EnvironmentID string          `db:"environment_id"`
	DeploymentID  string          `db:"deployment_id"`
	K8sName       string          `db:"k8s_name"`
	K8sNamespace  string          `db:"k8s_namespace"`
	RegionID      string          `db:"region_id"`
	Policy        json.RawMessage `db:"policy"`
	CreatedAt     int64           `db:"created_at"`
}

type InsertClickhouseOutboxParams 

type InsertClickhouseOutboxParams struct {
	Version     string          `db:"version"`
	WorkspaceID string          `db:"workspace_id"`
	EventID     string          `db:"event_id"`
	Payload     json.RawMessage `db:"payload"`
	CreatedAt   int64           `db:"created_at"`
}

type InsertClickhouseWorkspaceSettingsParams 

type InsertClickhouseWorkspaceSettingsParams struct {
	WorkspaceID               string        `db:"workspace_id"`
	Username                  string        `db:"username"`
	PasswordEncrypted         string        `db:"password_encrypted"`
	QuotaDurationSeconds      int32         `db:"quota_duration_seconds"`
	MaxQueriesPerWindow       int32         `db:"max_queries_per_window"`
	MaxExecutionTimePerWindow int32         `db:"max_execution_time_per_window"`
	MaxQueryExecutionTime     int32         `db:"max_query_execution_time"`
	MaxQueryMemoryBytes       int64         `db:"max_query_memory_bytes"`
	MaxQueryResultRows        int32         `db:"max_query_result_rows"`
	CreatedAt                 int64         `db:"created_at"`
	UpdatedAt                 sql.NullInt64 `db:"updated_at"`
}

type InsertCustomDomainParams 

type InsertCustomDomainParams struct {
	ID                    string                          `db:"id"`
	WorkspaceID           string                          `db:"workspace_id"`
	ProjectID             string                          `db:"project_id"`
	AppID                 string                          `db:"app_id"`
	EnvironmentID         string                          `db:"environment_id"`
	Domain                string                          `db:"domain"`
	ChallengeType         CustomDomainsChallengeType      `db:"challenge_type"`
	VerificationStatus    CustomDomainsVerificationStatus `db:"verification_status"`
	VerificationToken     string                          `db:"verification_token"`
	TargetCname           string                          `db:"target_cname"`
	DomainConnectProvider sql.NullString                  `db:"domain_connect_provider"`
	DomainConnectUrl      sql.NullString                  `db:"domain_connect_url"`
	InvocationID          sql.NullString                  `db:"invocation_id"`
	CreatedAt             int64                           `db:"created_at"`
}

type InsertDeploymentChangeParams 

type InsertDeploymentChangeParams struct {
	ResourceType DeploymentChangesResourceType `db:"resource_type"`
	ResourceID   string                        `db:"resource_id"`
	RegionID     string                        `db:"region_id"`
	CreatedAt    int64                         `db:"created_at"`
}

type InsertDeploymentParams 

type InsertDeploymentParams struct {
	ID                            string                      `db:"id"`
	K8sName                       string                      `db:"k8s_name"`
	WorkspaceID                   string                      `db:"workspace_id"`
	ProjectID                     string                      `db:"project_id"`
	AppID                         string                      `db:"app_id"`
	EnvironmentID                 string                      `db:"environment_id"`
	GitCommitSha                  sql.NullString              `db:"git_commit_sha"`
	GitBranch                     sql.NullString              `db:"git_branch"`
	SentinelConfig                []byte                      `db:"sentinel_config"`
	GitCommitMessage              sql.NullString              `db:"git_commit_message"`
	GitCommitAuthorHandle         sql.NullString              `db:"git_commit_author_handle"`
	GitCommitAuthorAvatarUrl      sql.NullString              `db:"git_commit_author_avatar_url"`
	GitCommitTimestamp            sql.NullInt64               `db:"git_commit_timestamp"`
	EncryptedEnvironmentVariables []byte                      `db:"encrypted_environment_variables"`
	Command                       dbtype.StringSlice          `db:"command"`
	Status                        DeploymentsStatus           `db:"status"`
	CpuMillicores                 int32                       `db:"cpu_millicores"`
	MemoryMib                     int32                       `db:"memory_mib"`
	StorageMib                    uint32                      `db:"storage_mib"`
	Port                          int32                       `db:"port"`
	ShutdownSignal                DeploymentsShutdownSignal   `db:"shutdown_signal"`
	UpstreamProtocol              DeploymentsUpstreamProtocol `db:"upstream_protocol"`
	Healthcheck                   dbtype.NullHealthcheck      `db:"healthcheck"`
	PrNumber                      sql.NullInt64               `db:"pr_number"`
	ForkRepositoryFullName        sql.NullString              `db:"fork_repository_full_name"`
	CreatedAt                     int64                       `db:"created_at"`
	UpdatedAt                     sql.NullInt64               `db:"updated_at"`
}

type InsertDeploymentStepParams 

type InsertDeploymentStepParams struct {
	WorkspaceID   string              `db:"workspace_id"`
	ProjectID     string              `db:"project_id"`
	AppID         string              `db:"app_id"`
	EnvironmentID string              `db:"environment_id"`
	DeploymentID  string              `db:"deployment_id"`
	Step          DeploymentStepsStep `db:"step"`
	StartedAt     uint64              `db:"started_at"`
}

type InsertDeploymentTopologyParams 

type InsertDeploymentTopologyParams struct {
	WorkspaceID                string                          `db:"workspace_id"`
	DeploymentID               string                          `db:"deployment_id"`
	RegionID                   string                          `db:"region_id"`
	AutoscalingReplicasMin     uint32                          `db:"autoscaling_replicas_min"`
	AutoscalingReplicasMax     uint32                          `db:"autoscaling_replicas_max"`
	AutoscalingThresholdCpu    sql.NullInt16                   `db:"autoscaling_threshold_cpu"`
	AutoscalingThresholdMemory sql.NullInt16                   `db:"autoscaling_threshold_memory"`
	DesiredStatus              DeploymentTopologyDesiredStatus `db:"desired_status"`
	CreatedAt                  int64                           `db:"created_at"`
}

type InsertEnvironmentParams 

type InsertEnvironmentParams struct {
	ID          string        `db:"id"`
	WorkspaceID string        `db:"workspace_id"`
	ProjectID   string        `db:"project_id"`
	AppID       string        `db:"app_id"`
	Slug        string        `db:"slug"`
	Description string        `db:"description"`
	CreatedAt   int64         `db:"created_at"`
	UpdatedAt   sql.NullInt64 `db:"updated_at"`
}

type InsertFrontlineRouteParams 

type InsertFrontlineRouteParams struct {
	ID                       string                `db:"id"`
	ProjectID                string                `db:"project_id"`
	AppID                    string                `db:"app_id"`
	DeploymentID             string                `db:"deployment_id"`
	EnvironmentID            string                `db:"environment_id"`
	FullyQualifiedDomainName string                `db:"fully_qualified_domain_name"`
	Sticky                   FrontlineRoutesSticky `db:"sticky"`
	CreatedAt                int64                 `db:"created_at"`
	UpdatedAt                sql.NullInt64         `db:"updated_at"`
}

type InsertGithubRepoConnectionParams 

type InsertGithubRepoConnectionParams struct {
	WorkspaceID        string        `db:"workspace_id"`
	ProjectID          string        `db:"project_id"`
	AppID              string        `db:"app_id"`
	InstallationID     int64         `db:"installation_id"`
	RepositoryID       int64         `db:"repository_id"`
	RepositoryFullName string        `db:"repository_full_name"`
	CreatedAt          int64         `db:"created_at"`
	UpdatedAt          sql.NullInt64 `db:"updated_at"`
}

type InsertIdentityParams 

type InsertIdentityParams struct {
	ID          string          `db:"id"`
	ExternalID  string          `db:"external_id"`
	WorkspaceID string          `db:"workspace_id"`
	Environment string          `db:"environment"`
	CreatedAt   int64           `db:"created_at"`
	Meta        json.RawMessage `db:"meta"`
}

type InsertIdentityRatelimitParams 

type InsertIdentityRatelimitParams struct {
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	IdentityID  sql.NullString `db:"identity_id"`
	Name        string         `db:"name"`
	Limit       uint64         `db:"limit"`
	Duration    uint64         `db:"duration"`
	CreatedAt   int64          `db:"created_at"`
	AutoApply   bool           `db:"auto_apply"`
}

type InsertKeyAuthParams 

type InsertKeyAuthParams struct {
	ID            string         `db:"id"`
	WorkspaceID   string         `db:"workspace_id"`
	CreatedAtM    int64          `db:"created_at_m"`
	DefaultPrefix sql.NullString `db:"default_prefix"`
	DefaultBytes  sql.NullInt32  `db:"default_bytes"`
}

type InsertKeyEncryptionParams 

type InsertKeyEncryptionParams struct {
	WorkspaceID     string `db:"workspace_id"`
	KeyID           string `db:"key_id"`
	Encrypted       string `db:"encrypted"`
	EncryptionKeyID string `db:"encryption_key_id"`
	CreatedAt       int64  `db:"created_at"`
}

type InsertKeyMigrationParams 

type InsertKeyMigrationParams struct {
	ID          string                 `db:"id"`
	WorkspaceID string                 `db:"workspace_id"`
	Algorithm   KeyMigrationsAlgorithm `db:"algorithm"`
}

type InsertKeyParams 

type InsertKeyParams struct {
	ID                 string         `db:"id"`
	KeySpaceID         string         `db:"key_space_id"`
	Hash               string         `db:"hash"`
	Start              string         `db:"start"`
	WorkspaceID        string         `db:"workspace_id"`
	ForWorkspaceID     sql.NullString `db:"for_workspace_id"`
	Name               sql.NullString `db:"name"`
	IdentityID         sql.NullString `db:"identity_id"`
	Meta               sql.NullString `db:"meta"`
	Expires            sql.NullTime   `db:"expires"`
	CreatedAtM         int64          `db:"created_at_m"`
	Enabled            bool           `db:"enabled"`
	RemainingRequests  sql.NullInt64  `db:"remaining_requests"`
	RefillDay          sql.NullInt16  `db:"refill_day"`
	RefillAmount       sql.NullInt64  `db:"refill_amount"`
	PendingMigrationID sql.NullString `db:"pending_migration_id"`
}

type InsertKeyPermissionParams 

type InsertKeyPermissionParams struct {
	KeyID        string        `db:"key_id"`
	PermissionID string        `db:"permission_id"`
	WorkspaceID  string        `db:"workspace_id"`
	CreatedAt    int64         `db:"created_at"`
	UpdatedAt    sql.NullInt64 `db:"updated_at"`
}

type InsertKeyRatelimitParams 

type InsertKeyRatelimitParams struct {
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	KeyID       sql.NullString `db:"key_id"`
	Name        string         `db:"name"`
	Limit       uint64         `db:"limit"`
	Duration    uint64         `db:"duration"`
	AutoApply   bool           `db:"auto_apply"`
	CreatedAt   int64          `db:"created_at"`
	UpdatedAt   sql.NullInt64  `db:"updated_at"`
}

type InsertKeyRoleParams 

type InsertKeyRoleParams struct {
	KeyID       string `db:"key_id"`
	RoleID      string `db:"role_id"`
	WorkspaceID string `db:"workspace_id"`
	CreatedAtM  int64  `db:"created_at_m"`
}

type InsertKeySpaceParams 

type InsertKeySpaceParams struct {
	ID                 string         `db:"id"`
	WorkspaceID        string         `db:"workspace_id"`
	CreatedAtM         int64          `db:"created_at_m"`
	StoreEncryptedKeys bool           `db:"store_encrypted_keys"`
	DefaultPrefix      sql.NullString `db:"default_prefix"`
	DefaultBytes       sql.NullInt32  `db:"default_bytes"`
}

type InsertPermissionParams 

type InsertPermissionParams struct {
	PermissionID string            `db:"permission_id"`
	WorkspaceID  string            `db:"workspace_id"`
	Name         string            `db:"name"`
	Slug         string            `db:"slug"`
	Description  dbtype.NullString `db:"description"`
	CreatedAtM   int64             `db:"created_at_m"`
}

type InsertPortalConfigParams 

type InsertPortalConfigParams struct {
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Slug        string         `db:"slug"`
	AppID       sql.NullString `db:"app_id"`
	KeyAuthID   sql.NullString `db:"key_auth_id"`
	Enabled     bool           `db:"enabled"`
	ReturnUrl   sql.NullString `db:"return_url"`
	CreatedAt   int64          `db:"created_at"`
	UpdatedAt   sql.NullInt64  `db:"updated_at"`
}

type InsertPortalSessionParams 

type InsertPortalSessionParams struct {
	ID             string          `db:"id"`
	WorkspaceID    string          `db:"workspace_id"`
	PortalConfigID string          `db:"portal_config_id"`
	ExternalID     string          `db:"external_id"`
	Permissions    json.RawMessage `db:"permissions"`
	Preview        bool            `db:"preview"`
	ExpiresAt      int64           `db:"expires_at"`
	CreatedAt      int64           `db:"created_at"`
}

type InsertPortalSessionTokenParams 

type InsertPortalSessionTokenParams struct {
	ID             string          `db:"id"`
	WorkspaceID    string          `db:"workspace_id"`
	PortalConfigID string          `db:"portal_config_id"`
	ExternalID     string          `db:"external_id"`
	Permissions    json.RawMessage `db:"permissions"`
	Preview        bool            `db:"preview"`
	ExpiresAt      int64           `db:"expires_at"`
	CreatedAt      int64           `db:"created_at"`
}

type InsertProjectParams 

type InsertProjectParams struct {
	ID               string        `db:"id"`
	WorkspaceID      string        `db:"workspace_id"`
	Name             string        `db:"name"`
	Slug             string        `db:"slug"`
	DeleteProtection sql.NullBool  `db:"delete_protection"`
	CreatedAt        int64         `db:"created_at"`
	UpdatedAt        sql.NullInt64 `db:"updated_at"`
}

type InsertRatelimitNamespaceParams 

type InsertRatelimitNamespaceParams struct {
	ID          string `db:"id"`
	WorkspaceID string `db:"workspace_id"`
	Name        string `db:"name"`
	CreatedAt   int64  `db:"created_at"`
}

type InsertRatelimitOverrideParams 

type InsertRatelimitOverrideParams struct {
	ID          string        `db:"id"`
	WorkspaceID string        `db:"workspace_id"`
	NamespaceID string        `db:"namespace_id"`
	Identifier  string        `db:"identifier"`
	Limit       uint64        `db:"limit"`
	Duration    uint64        `db:"duration"`
	CreatedAt   int64         `db:"created_at"`
	UpdatedAt   sql.NullInt64 `db:"updated_at"`
}

type InsertRoleParams 

type InsertRoleParams struct {
	RoleID      string         `db:"role_id"`
	WorkspaceID string         `db:"workspace_id"`
	Name        string         `db:"name"`
	Description sql.NullString `db:"description"`
	CreatedAt   int64          `db:"created_at"`
}

type InsertRolePermissionParams 

type InsertRolePermissionParams struct {
	RoleID       string `db:"role_id"`
	PermissionID string `db:"permission_id"`
	WorkspaceID  string `db:"workspace_id"`
	CreatedAtM   int64  `db:"created_at_m"`
}

type InsertSentinelParams 

type InsertSentinelParams struct {
	ID              string `db:"id"`
	WorkspaceID     string `db:"workspace_id"`
	EnvironmentID   string `db:"environment_id"`
	ProjectID       string `db:"project_id"`
	K8sAddress      string `db:"k8s_address"`
	K8sName         string `db:"k8s_name"`
	RegionID        string `db:"region_id"`
	Image           string `db:"image"`
	DesiredReplicas int32  `db:"desired_replicas"`
	CpuMillicores   int32  `db:"cpu_millicores"`
	MemoryMib       int32  `db:"memory_mib"`
	CreatedAt       int64  `db:"created_at"`
}

type InsertWorkspaceParams 

type InsertWorkspaceParams struct {
	ID           string         `db:"id"`
	OrgID        string         `db:"org_id"`
	Name         string         `db:"name"`
	Slug         string         `db:"slug"`
	CreatedAt    int64          `db:"created_at"`
	K8sNamespace sql.NullString `db:"k8s_namespace"`
}

type Instance 

type Instance struct {
	Pk              uint64                 `db:"pk"`
	ID              string                 `db:"id"`
	DeploymentID    string                 `db:"deployment_id"`
	WorkspaceID     string                 `db:"workspace_id"`
	ProjectID       string                 `db:"project_id"`
	AppID           string                 `db:"app_id"`
	RegionID        string                 `db:"region_id"`
	K8sName         string                 `db:"k8s_name"`
	Address         string                 `db:"address"`
	CpuMillicores   int32                  `db:"cpu_millicores"`
	MemoryMib       int32                  `db:"memory_mib"`
	StorageMib      uint32                 `db:"storage_mib"`
	Status          InstancesStatus        `db:"status"`
	ContainerStatus dbtype.ContainerStatus `db:"container_status"`
}

type InstancesStatus 

type InstancesStatus string
const (
	InstancesStatusInactive InstancesStatus = "inactive"
	InstancesStatusPending  InstancesStatus = "pending"
	InstancesStatusRunning  InstancesStatus = "running"
	InstancesStatusFailed   InstancesStatus = "failed"
)

func (*InstancesStatus) Scan 

func (e *InstancesStatus) Scan(src interface{}) error

type Key 

type Key struct {
	Pk                 uint64         `db:"pk"`
	ID                 string         `db:"id"`
	KeyAuthID          string         `db:"key_auth_id"`
	Hash               string         `db:"hash"`
	Start              string         `db:"start"`
	WorkspaceID        string         `db:"workspace_id"`
	ForWorkspaceID     sql.NullString `db:"for_workspace_id"`
	Name               sql.NullString `db:"name"`
	OwnerID            sql.NullString `db:"owner_id"`
	IdentityID         sql.NullString `db:"identity_id"`
	Meta               sql.NullString `db:"meta"`
	Expires            sql.NullTime   `db:"expires"`
	CreatedAtM         int64          `db:"created_at_m"`
	UpdatedAtM         sql.NullInt64  `db:"updated_at_m"`
	DeletedAtM         sql.NullInt64  `db:"deleted_at_m"`
	RefillDay          sql.NullInt16  `db:"refill_day"`
	RefillAmount       sql.NullInt64  `db:"refill_amount"`
	LastRefillAt       sql.NullTime   `db:"last_refill_at"`
	Enabled            bool           `db:"enabled"`
	RemainingRequests  sql.NullInt64  `db:"remaining_requests"`
	Environment        sql.NullString `db:"environment"`
	LastUsedAt         uint64         `db:"last_used_at"`
	PendingMigrationID sql.NullString `db:"pending_migration_id"`
}

type KeyAuth 

type KeyAuth struct {
	Pk                 uint64         `db:"pk"`
	ID                 string         `db:"id"`
	WorkspaceID        string         `db:"workspace_id"`
	CreatedAtM         int64          `db:"created_at_m"`
	UpdatedAtM         sql.NullInt64  `db:"updated_at_m"`
	DeletedAtM         sql.NullInt64  `db:"deleted_at_m"`
	StoreEncryptedKeys bool           `db:"store_encrypted_keys"`
	DefaultPrefix      sql.NullString `db:"default_prefix"`
	DefaultBytes       sql.NullInt32  `db:"default_bytes"`
	SizeApprox         int32          `db:"size_approx"`
	SizeLastUpdatedAt  int64          `db:"size_last_updated_at"`
}

type KeyData 

type KeyData struct {
	Key             Key
	Api             Api
	KeyAuth         KeyAuth
	Workspace       Workspace
	Identity        *Identity // Is optional
	EncryptedKey    sql.NullString
	EncryptionKeyID sql.NullString
	Roles           []RoleInfo
	Permissions     []PermissionInfo // Direct permissions attached to the key
	RolePermissions []PermissionInfo // Permissions inherited from roles
	Ratelimits      []RatelimitInfo
}

KeyData represents the complete data for a key including all relationships

func ToKeyData 

func ToKeyData[T KeyRow](row T) *KeyData

ToKeyData converts either query result into KeyData using generics

type KeyMigration 

type KeyMigration struct {
	Pk          uint64                 `db:"pk"`
	ID          string                 `db:"id"`
	WorkspaceID string                 `db:"workspace_id"`
	Algorithm   KeyMigrationsAlgorithm `db:"algorithm"`
}

type KeyMigrationsAlgorithm 

type KeyMigrationsAlgorithm string
const (
	KeyMigrationsAlgorithmSha256                         KeyMigrationsAlgorithm = "sha256"
	KeyMigrationsAlgorithmGithubcomSeamapiPrefixedApiKey KeyMigrationsAlgorithm = "github.com/seamapi/prefixed-api-key"
)

func (*KeyMigrationsAlgorithm) Scan 

func (e *KeyMigrationsAlgorithm) Scan(src interface{}) error

type KeyRow 

type KeyRow interface {
	FindLiveKeyByHashRow | FindLiveKeyByIDRow | ListLiveKeysByKeySpaceIDRow
}

KeyRow constraint for types that can be converted to KeyData

type KeysPermission 

type KeysPermission struct {
	Pk           uint64        `db:"pk"`
	KeyID        string        `db:"key_id"`
	PermissionID string        `db:"permission_id"`
	WorkspaceID  string        `db:"workspace_id"`
	CreatedAtM   int64         `db:"created_at_m"`
	UpdatedAtM   sql.NullInt64 `db:"updated_at_m"`
}

type KeysRole 

type KeysRole struct {
	Pk          uint64        `db:"pk"`
	KeyID       string        `db:"key_id"`
	RoleID      string        `db:"role_id"`
	WorkspaceID string        `db:"workspace_id"`
	CreatedAtM  int64         `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64 `db:"updated_at_m"`
}

type ListAllCiliumNetworkPoliciesByRegionParams 

type ListAllCiliumNetworkPoliciesByRegionParams struct {
	RegionID string `db:"region_id"`
	AfterPk  uint64 `db:"after_pk"`
	Limit    int32  `db:"limit"`
}

type ListAllDeploymentTopologiesByRegionParams 

type ListAllDeploymentTopologiesByRegionParams struct {
	RegionID string `db:"region_id"`
	AfterPk  uint64 `db:"after_pk"`
	Limit    int32  `db:"limit"`
}

type ListAllDeploymentTopologiesByRegionRow 

type ListAllDeploymentTopologiesByRegionRow struct {
	DeploymentTopology DeploymentTopology `db:"deployment_topology"`
	Deployment         Deployment         `db:"deployment"`
	K8sNamespace       sql.NullString     `db:"k8s_namespace"`
	EnvironmentSlug    string             `db:"environment_slug"`
	RegionName         string             `db:"region_name"`
	GitRepo            sql.NullString     `db:"git_repo"`
}

type ListAllSentinelsByRegionParams 

type ListAllSentinelsByRegionParams struct {
	RegionID string `db:"region_id"`
	AfterPk  uint64 `db:"after_pk"`
	Limit    int32  `db:"limit"`
}

type ListAppsByProjectRow 

type ListAppsByProjectRow struct {
	App App `db:"app"`
}

type ListDeploymentChangesByRegionAllParams 

type ListDeploymentChangesByRegionAllParams struct {
	AfterVersion uint64 `db:"after_version"`
	RegionID     string `db:"region_id"`
	Limit        int32  `db:"limit"`
}

type ListDeploymentsByEnvironmentIdAndStatusParams 

type ListDeploymentsByEnvironmentIdAndStatusParams struct {
	EnvironmentID string            `db:"environment_id"`
	Status        DeploymentsStatus `db:"status"`
	CreatedBefore int64             `db:"created_before"`
	UpdatedBefore sql.NullInt64     `db:"updated_before"`
}

type ListDesiredDeploymentTopologyParams 

type ListDesiredDeploymentTopologyParams struct {
	Region           string                  `db:"region"`
	DesiredState     DeploymentsDesiredState `db:"desired_state"`
	PaginationCursor string                  `db:"pagination_cursor"`
	Limit            int32                   `db:"limit"`
}

type ListDesiredDeploymentTopologyRow 

type ListDesiredDeploymentTopologyRow struct {
	DeploymentTopology DeploymentTopology `db:"deployment_topology"`
	Deployment         Deployment         `db:"deployment"`
	K8sNamespace       sql.NullString     `db:"k8s_namespace"`
}

type ListDesiredNetworkPoliciesParams 

type ListDesiredNetworkPoliciesParams struct {
	RegionID         string `db:"region_id"`
	PaginationCursor string `db:"pagination_cursor"`
	Limit            int32  `db:"limit"`
}

type ListDesiredSentinelsParams 

type ListDesiredSentinelsParams struct {
	RegionID         string                `db:"region_id"`
	DesiredState     SentinelsDesiredState `db:"desired_state"`
	PaginationCursor string                `db:"pagination_cursor"`
	Limit            int32                 `db:"limit"`
}

type ListEnvVarsForRepoConnectionsParams 

type ListEnvVarsForRepoConnectionsParams struct {
	InstallationID int64  `db:"installation_id"`
	RepositoryID   int64  `db:"repository_id"`
	IsForkPr       int64  `db:"is_fork_pr"`
	Branch         string `db:"branch"`
}

type ListEnvVarsForRepoConnectionsRow 

type ListEnvVarsForRepoConnectionsRow struct {
	AppID string `db:"app_id"`
	Key   string `db:"key"`
	Value string `db:"value"`
}

type ListExecutableChallengesRow 

type ListExecutableChallengesRow struct {
	WorkspaceID   string                      `db:"workspace_id"`
	ChallengeType AcmeChallengesChallengeType `db:"challenge_type"`
	Domain        string                      `db:"domain"`
}

type ListGithubRepoConnectionsParams 

type ListGithubRepoConnectionsParams struct {
	InstallationID int64 `db:"installation_id"`
	RepositoryID   int64 `db:"repository_id"`
}

type ListIdentitiesParams 

type ListIdentitiesParams struct {
	WorkspaceID string `db:"workspace_id"`
	Deleted     bool   `db:"deleted"`
	IDCursor    string `db:"id_cursor"`
	Limit       int32  `db:"limit"`
}

type ListIdentitiesRow 

type ListIdentitiesRow struct {
	ID          string        `db:"id"`
	ExternalID  string        `db:"external_id"`
	WorkspaceID string        `db:"workspace_id"`
	Environment string        `db:"environment"`
	Meta        []byte        `db:"meta"`
	Deleted     bool          `db:"deleted"`
	CreatedAt   int64         `db:"created_at"`
	UpdatedAt   sql.NullInt64 `db:"updated_at"`
	Ratelimits  interface{}   `db:"ratelimits"`
}

type ListKeysByKeySpaceIDParams 

type ListKeysByKeySpaceIDParams struct {
	KeySpaceID string         `db:"key_space_id"`
	IDCursor   string         `db:"id_cursor"`
	IdentityID sql.NullString `db:"identity_id"`
	Limit      int32          `db:"limit"`
}

type ListKeysByKeySpaceIDRow 

type ListKeysByKeySpaceIDRow struct {
	Key             Key            `db:"key"`
	IdentityID      sql.NullString `db:"identity_id"`
	ExternalID      sql.NullString `db:"external_id"`
	IdentityMeta    []byte         `db:"identity_meta"`
	EncryptedKey    sql.NullString `db:"encrypted_key"`
	EncryptionKeyID sql.NullString `db:"encryption_key_id"`
}

type ListKeysForRefillParams 

type ListKeysForRefillParams struct {
	TodayDay         sql.NullInt16 `db:"today_day"`
	IsLastDayOfMonth interface{}   `db:"is_last_day_of_month"`
	AfterPk          uint64        `db:"after_pk"`
	Limit            int32         `db:"limit"`
}

type ListKeysForRefillRow 

type ListKeysForRefillRow struct {
	Pk                uint64         `db:"pk"`
	ID                string         `db:"id"`
	WorkspaceID       string         `db:"workspace_id"`
	RefillAmount      sql.NullInt64  `db:"refill_amount"`
	RemainingRequests sql.NullInt64  `db:"remaining_requests"`
	Name              sql.NullString `db:"name"`
}

type ListLiveKeysByKeySpaceIDParams 

type ListLiveKeysByKeySpaceIDParams struct {
	KeySpaceID string         `db:"key_space_id"`
	IDCursor   string         `db:"id_cursor"`
	IdentityID sql.NullString `db:"identity_id"`
	Limit      int32          `db:"limit"`
}

type ListLiveKeysByKeySpaceIDRow 

type ListLiveKeysByKeySpaceIDRow struct {
	Pk                 uint64         `db:"pk"`
	ID                 string         `db:"id"`
	KeyAuthID          string         `db:"key_auth_id"`
	Hash               string         `db:"hash"`
	Start              string         `db:"start"`
	WorkspaceID        string         `db:"workspace_id"`
	ForWorkspaceID     sql.NullString `db:"for_workspace_id"`
	Name               sql.NullString `db:"name"`
	OwnerID            sql.NullString `db:"owner_id"`
	IdentityID         sql.NullString `db:"identity_id"`
	Meta               sql.NullString `db:"meta"`
	Expires            sql.NullTime   `db:"expires"`
	CreatedAtM         int64          `db:"created_at_m"`
	UpdatedAtM         sql.NullInt64  `db:"updated_at_m"`
	DeletedAtM         sql.NullInt64  `db:"deleted_at_m"`
	RefillDay          sql.NullInt16  `db:"refill_day"`
	RefillAmount       sql.NullInt64  `db:"refill_amount"`
	LastRefillAt       sql.NullTime   `db:"last_refill_at"`
	Enabled            bool           `db:"enabled"`
	RemainingRequests  sql.NullInt64  `db:"remaining_requests"`
	Environment        sql.NullString `db:"environment"`
	LastUsedAt         uint64         `db:"last_used_at"`
	PendingMigrationID sql.NullString `db:"pending_migration_id"`
	IdentityTableID    sql.NullString `db:"identity_table_id"`
	IdentityExternalID sql.NullString `db:"identity_external_id"`
	IdentityMeta       []byte         `db:"identity_meta"`
	EncryptedKey       sql.NullString `db:"encrypted_key"`
	EncryptionKeyID    sql.NullString `db:"encryption_key_id"`
	Roles              interface{}    `db:"roles"`
	Permissions        interface{}    `db:"permissions"`
	RolePermissions    interface{}    `db:"role_permissions"`
	Ratelimits         interface{}    `db:"ratelimits"`
}

type ListOlderActiveDeploymentsForDedupParams 

type ListOlderActiveDeploymentsForDedupParams struct {
	AppID         string         `db:"app_id"`
	EnvironmentID string         `db:"environment_id"`
	GitBranch     sql.NullString `db:"git_branch"`
	CreatedAt     int64          `db:"created_at"`
	DeploymentID  string         `db:"deployment_id"`
}

type ListOlderActiveDeploymentsForDedupRow 

type ListOlderActiveDeploymentsForDedupRow struct {
	ID           string         `db:"id"`
	InvocationID sql.NullString `db:"invocation_id"`
}

type ListPermissionsByKeyIDParams 

type ListPermissionsByKeyIDParams struct {
	KeyID string `db:"key_id"`
}

type ListPermissionsParams 

type ListPermissionsParams struct {
	WorkspaceID string `db:"workspace_id"`
	IDCursor    string `db:"id_cursor"`
	Limit       int32  `db:"limit"`
}

type ListPreviewEnvironmentsParams 

type ListPreviewEnvironmentsParams struct {
	PaginationCursor uint64 `db:"pagination_cursor"`
	Limit            int32  `db:"limit"`
}

type ListRatelimitOverridesByNamespaceIDParams 

type ListRatelimitOverridesByNamespaceIDParams struct {
	WorkspaceID string `db:"workspace_id"`
	NamespaceID string `db:"namespace_id"`
	CursorID    string `db:"cursor_id"`
	Limit       int32  `db:"limit"`
}

type ListRatelimitsByKeyIDRow 

type ListRatelimitsByKeyIDRow struct {
	ID        string `db:"id"`
	Name      string `db:"name"`
	Limit     uint64 `db:"limit"`
	Duration  uint64 `db:"duration"`
	AutoApply bool   `db:"auto_apply"`
}

type ListRatelimitsByKeyIDsRow 

type ListRatelimitsByKeyIDsRow struct {
	ID        string         `db:"id"`
	KeyID     sql.NullString `db:"key_id"`
	Name      string         `db:"name"`
	Limit     uint64         `db:"limit"`
	Duration  uint64         `db:"duration"`
	AutoApply bool           `db:"auto_apply"`
}

type ListRegionsRow 

type ListRegionsRow struct {
	ID          string `db:"id"`
	Name        string `db:"name"`
	Platform    string `db:"platform"`
	CanSchedule bool   `db:"can_schedule"`
}

type ListRepoConnectionDeployContextsParams 

type ListRepoConnectionDeployContextsParams struct {
	IsForkPr       int64  `db:"is_fork_pr"`
	Branch         string `db:"branch"`
	InstallationID int64  `db:"installation_id"`
	RepositoryID   int64  `db:"repository_id"`
}

type ListRepoConnectionDeployContextsRow 

type ListRepoConnectionDeployContextsRow struct {
	GithubRepoConnection GithubRepoConnection `db:"github_repo_connection"`
	Project              Project              `db:"project"`
	Environment          Environment          `db:"environment"`
	App                  App                  `db:"app"`
	AppBuildSetting      AppBuildSetting      `db:"app_build_setting"`
	AppRuntimeSetting    AppRuntimeSetting    `db:"app_runtime_setting"`
}

type ListRolesByKeyIDRow 

type ListRolesByKeyIDRow struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Name        string         `db:"name"`
	Description sql.NullString `db:"description"`
	CreatedAtM  int64          `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64  `db:"updated_at_m"`
	Permissions interface{}    `db:"permissions"`
}

type ListRolesParams 

type ListRolesParams struct {
	WorkspaceID string `db:"workspace_id"`
	IDCursor    string `db:"id_cursor"`
	Limit       int32  `db:"limit"`
}

type ListRolesRow 

type ListRolesRow struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Name        string         `db:"name"`
	Description sql.NullString `db:"description"`
	CreatedAtM  int64          `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64  `db:"updated_at_m"`
	Permissions interface{}    `db:"permissions"`
}

type ListRunningSentinelIDsAndImagesParams 

type ListRunningSentinelIDsAndImagesParams struct {
	AfterID string `db:"after_id"`
	Limit   int32  `db:"limit"`
}

type ListRunningSentinelIDsAndImagesRow 

type ListRunningSentinelIDsAndImagesRow struct {
	ID       string `db:"id"`
	Image    string `db:"image"`
	RegionID string `db:"region_id"`
}

type ListWorkspacesForQuotaCheckRow 

type ListWorkspacesForQuotaCheckRow struct {
	ID               string         `db:"id"`
	OrgID            string         `db:"org_id"`
	Name             string         `db:"name"`
	StripeCustomerID sql.NullString `db:"stripe_customer_id"`
	Tier             sql.NullString `db:"tier"`
	Enabled          bool           `db:"enabled"`
	RequestsPerMonth sql.NullInt64  `db:"requests_per_month"`
}

type ListWorkspacesRow 

type ListWorkspacesRow struct {
	Workspace Workspace `db:"workspace"`
	Quotas    Quotas    `db:"quotas"`
}

type MarkClickhouseOutboxBatchDeletedParams 

type MarkClickhouseOutboxBatchDeletedParams struct {
	DeletedAt sql.NullInt64 `db:"deleted_at"`
	Pks       []uint64      `db:"pks"`
}

type NullAcmeChallengesChallengeType 

type NullAcmeChallengesChallengeType struct {
	AcmeChallengesChallengeType AcmeChallengesChallengeType
	Valid                       bool // Valid is true if AcmeChallengesChallengeType is not NULL
}

func (*NullAcmeChallengesChallengeType) Scan 

func (ns *NullAcmeChallengesChallengeType) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullAcmeChallengesChallengeType) Value 

func (ns NullAcmeChallengesChallengeType) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullAcmeChallengesStatus 

type NullAcmeChallengesStatus struct {
	AcmeChallengesStatus AcmeChallengesStatus
	Valid                bool // Valid is true if AcmeChallengesStatus is not NULL
}

func (*NullAcmeChallengesStatus) Scan 

func (ns *NullAcmeChallengesStatus) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullAcmeChallengesStatus) Value 

func (ns NullAcmeChallengesStatus) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullApisAuthType 

type NullApisAuthType struct {
	ApisAuthType ApisAuthType
	Valid        bool // Valid is true if ApisAuthType is not NULL
}

func (*NullApisAuthType) Scan 

func (ns *NullApisAuthType) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullApisAuthType) Value 

func (ns NullApisAuthType) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullAppEnvironmentVariablesType 

type NullAppEnvironmentVariablesType struct {
	AppEnvironmentVariablesType AppEnvironmentVariablesType
	Valid                       bool // Valid is true if AppEnvironmentVariablesType is not NULL
}

func (*NullAppEnvironmentVariablesType) Scan 

func (ns *NullAppEnvironmentVariablesType) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullAppEnvironmentVariablesType) Value 

func (ns NullAppEnvironmentVariablesType) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullAppRuntimeSettingsShutdownSignal 

type NullAppRuntimeSettingsShutdownSignal struct {
	AppRuntimeSettingsShutdownSignal AppRuntimeSettingsShutdownSignal
	Valid                            bool // Valid is true if AppRuntimeSettingsShutdownSignal is not NULL
}

func (*NullAppRuntimeSettingsShutdownSignal) Scan 

func (ns *NullAppRuntimeSettingsShutdownSignal) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullAppRuntimeSettingsShutdownSignal) Value 

func (ns NullAppRuntimeSettingsShutdownSignal) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullAppRuntimeSettingsUpstreamProtocol 

type NullAppRuntimeSettingsUpstreamProtocol struct {
	AppRuntimeSettingsUpstreamProtocol AppRuntimeSettingsUpstreamProtocol
	Valid                              bool // Valid is true if AppRuntimeSettingsUpstreamProtocol is not NULL
}

func (*NullAppRuntimeSettingsUpstreamProtocol) Scan 

func (ns *NullAppRuntimeSettingsUpstreamProtocol) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullAppRuntimeSettingsUpstreamProtocol) Value 

func (ns NullAppRuntimeSettingsUpstreamProtocol) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullCustomDomainsChallengeType 

type NullCustomDomainsChallengeType struct {
	CustomDomainsChallengeType CustomDomainsChallengeType
	Valid                      bool // Valid is true if CustomDomainsChallengeType is not NULL
}

func (*NullCustomDomainsChallengeType) Scan 

func (ns *NullCustomDomainsChallengeType) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullCustomDomainsChallengeType) Value 

func (ns NullCustomDomainsChallengeType) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullCustomDomainsVerificationStatus 

type NullCustomDomainsVerificationStatus struct {
	CustomDomainsVerificationStatus CustomDomainsVerificationStatus
	Valid                           bool // Valid is true if CustomDomainsVerificationStatus is not NULL
}

func (*NullCustomDomainsVerificationStatus) Scan 

func (ns *NullCustomDomainsVerificationStatus) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullCustomDomainsVerificationStatus) Value 

func (ns NullCustomDomainsVerificationStatus) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullDeploymentChangesResourceType 

type NullDeploymentChangesResourceType struct {
	DeploymentChangesResourceType DeploymentChangesResourceType
	Valid                         bool // Valid is true if DeploymentChangesResourceType is not NULL
}

func (*NullDeploymentChangesResourceType) Scan 

func (ns *NullDeploymentChangesResourceType) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullDeploymentChangesResourceType) Value 

func (ns NullDeploymentChangesResourceType) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullDeploymentStepsStep 

type NullDeploymentStepsStep struct {
	DeploymentStepsStep DeploymentStepsStep
	Valid               bool // Valid is true if DeploymentStepsStep is not NULL
}

func (*NullDeploymentStepsStep) Scan 

func (ns *NullDeploymentStepsStep) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullDeploymentStepsStep) Value 

func (ns NullDeploymentStepsStep) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullDeploymentTopologyDesiredStatus 

type NullDeploymentTopologyDesiredStatus struct {
	DeploymentTopologyDesiredStatus DeploymentTopologyDesiredStatus
	Valid                           bool // Valid is true if DeploymentTopologyDesiredStatus is not NULL
}

func (*NullDeploymentTopologyDesiredStatus) Scan 

func (ns *NullDeploymentTopologyDesiredStatus) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullDeploymentTopologyDesiredStatus) Value 

func (ns NullDeploymentTopologyDesiredStatus) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullDeploymentsDesiredState 

type NullDeploymentsDesiredState struct {
	DeploymentsDesiredState DeploymentsDesiredState
	Valid                   bool // Valid is true if DeploymentsDesiredState is not NULL
}

func (*NullDeploymentsDesiredState) Scan 

func (ns *NullDeploymentsDesiredState) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullDeploymentsDesiredState) Value 

func (ns NullDeploymentsDesiredState) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullDeploymentsShutdownSignal 

type NullDeploymentsShutdownSignal struct {
	DeploymentsShutdownSignal DeploymentsShutdownSignal
	Valid                     bool // Valid is true if DeploymentsShutdownSignal is not NULL
}

func (*NullDeploymentsShutdownSignal) Scan 

func (ns *NullDeploymentsShutdownSignal) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullDeploymentsShutdownSignal) Value 

func (ns NullDeploymentsShutdownSignal) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullDeploymentsStatus 

type NullDeploymentsStatus struct {
	DeploymentsStatus DeploymentsStatus
	Valid             bool // Valid is true if DeploymentsStatus is not NULL
}

func (*NullDeploymentsStatus) Scan 

func (ns *NullDeploymentsStatus) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullDeploymentsStatus) Value 

func (ns NullDeploymentsStatus) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullDeploymentsUpstreamProtocol 

type NullDeploymentsUpstreamProtocol struct {
	DeploymentsUpstreamProtocol DeploymentsUpstreamProtocol
	Valid                       bool // Valid is true if DeploymentsUpstreamProtocol is not NULL
}

func (*NullDeploymentsUpstreamProtocol) Scan 

func (ns *NullDeploymentsUpstreamProtocol) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullDeploymentsUpstreamProtocol) Value 

func (ns NullDeploymentsUpstreamProtocol) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullFrontlineRoutesSticky 

type NullFrontlineRoutesSticky struct {
	FrontlineRoutesSticky FrontlineRoutesSticky
	Valid                 bool // Valid is true if FrontlineRoutesSticky is not NULL
}

func (*NullFrontlineRoutesSticky) Scan 

func (ns *NullFrontlineRoutesSticky) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullFrontlineRoutesSticky) Value 

func (ns NullFrontlineRoutesSticky) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullInstancesStatus 

type NullInstancesStatus struct {
	InstancesStatus InstancesStatus
	Valid           bool // Valid is true if InstancesStatus is not NULL
}

func (*NullInstancesStatus) Scan 

func (ns *NullInstancesStatus) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullInstancesStatus) Value 

func (ns NullInstancesStatus) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullKeyMigrationsAlgorithm 

type NullKeyMigrationsAlgorithm struct {
	KeyMigrationsAlgorithm KeyMigrationsAlgorithm
	Valid                  bool // Valid is true if KeyMigrationsAlgorithm is not NULL
}

func (*NullKeyMigrationsAlgorithm) Scan 

func (ns *NullKeyMigrationsAlgorithm) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullKeyMigrationsAlgorithm) Value 

func (ns NullKeyMigrationsAlgorithm) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullSentinelsDeployStatus 

type NullSentinelsDeployStatus struct {
	SentinelsDeployStatus SentinelsDeployStatus
	Valid                 bool // Valid is true if SentinelsDeployStatus is not NULL
}

func (*NullSentinelsDeployStatus) Scan 

func (ns *NullSentinelsDeployStatus) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullSentinelsDeployStatus) Value 

func (ns NullSentinelsDeployStatus) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullSentinelsDesiredState 

type NullSentinelsDesiredState struct {
	SentinelsDesiredState SentinelsDesiredState
	Valid                 bool // Valid is true if SentinelsDesiredState is not NULL
}

func (*NullSentinelsDesiredState) Scan 

func (ns *NullSentinelsDesiredState) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullSentinelsDesiredState) Value 

func (ns NullSentinelsDesiredState) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullSentinelsHealth 

type NullSentinelsHealth struct {
	SentinelsHealth SentinelsHealth
	Valid           bool // Valid is true if SentinelsHealth is not NULL
}

func (*NullSentinelsHealth) Scan 

func (ns *NullSentinelsHealth) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullSentinelsHealth) Value 

func (ns NullSentinelsHealth) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullVercelBindingsEnvironment 

type NullVercelBindingsEnvironment struct {
	VercelBindingsEnvironment VercelBindingsEnvironment
	Valid                     bool // Valid is true if VercelBindingsEnvironment is not NULL
}

func (*NullVercelBindingsEnvironment) Scan 

func (ns *NullVercelBindingsEnvironment) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullVercelBindingsEnvironment) Value 

func (ns NullVercelBindingsEnvironment) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullVercelBindingsResourceType 

type NullVercelBindingsResourceType struct {
	VercelBindingsResourceType VercelBindingsResourceType
	Valid                      bool // Valid is true if VercelBindingsResourceType is not NULL
}

func (*NullVercelBindingsResourceType) Scan 

func (ns *NullVercelBindingsResourceType) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullVercelBindingsResourceType) Value 

func (ns NullVercelBindingsResourceType) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type OpenapiSpec 

type OpenapiSpec struct {
	Pk             uint64         `db:"pk"`
	ID             string         `db:"id"`
	WorkspaceID    string         `db:"workspace_id"`
	DeploymentID   sql.NullString `db:"deployment_id"`
	PortalConfigID sql.NullString `db:"portal_config_id"`
	Content        []byte         `db:"content"`
	CreatedAt      int64          `db:"created_at"`
	UpdatedAt      sql.NullInt64  `db:"updated_at"`
}

type Permission 

type Permission struct {
	Pk          uint64            `db:"pk"`
	ID          string            `db:"id"`
	WorkspaceID string            `db:"workspace_id"`
	Name        string            `db:"name"`
	Slug        string            `db:"slug"`
	Description dbtype.NullString `db:"description"`
	CreatedAtM  int64             `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64     `db:"updated_at_m"`
}

type PermissionInfo 

type PermissionInfo struct {
	ID          string            `json:"id"`
	Name        string            `json:"name"`
	Slug        string            `json:"slug"`
	Description dbtype.NullString `json:"description"`
}

type PortalBranding 

type PortalBranding struct {
	Pk             uint64         `db:"pk"`
	PortalConfigID string         `db:"portal_config_id"`
	LogoUrl        sql.NullString `db:"logo_url"`
	PrimaryColor   sql.NullString `db:"primary_color"`
	CreatedAt      int64          `db:"created_at"`
	UpdatedAt      sql.NullInt64  `db:"updated_at"`
}

type PortalConfiguration 

type PortalConfiguration struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Slug        string         `db:"slug"`
	AppID       sql.NullString `db:"app_id"`
	KeyAuthID   sql.NullString `db:"key_auth_id"`
	Enabled     bool           `db:"enabled"`
	ReturnUrl   sql.NullString `db:"return_url"`
	CreatedAt   int64          `db:"created_at"`
	UpdatedAt   sql.NullInt64  `db:"updated_at"`
}

type PortalSession 

type PortalSession struct {
	Pk             uint64          `db:"pk"`
	ID             string          `db:"id"`
	WorkspaceID    string          `db:"workspace_id"`
	PortalConfigID string          `db:"portal_config_id"`
	ExternalID     string          `db:"external_id"`
	Permissions    json.RawMessage `db:"permissions"`
	Preview        bool            `db:"preview"`
	ExpiresAt      int64           `db:"expires_at"`
	CreatedAt      int64           `db:"created_at"`
}

type PortalSessionToken 

type PortalSessionToken struct {
	Pk             uint64          `db:"pk"`
	ID             string          `db:"id"`
	WorkspaceID    string          `db:"workspace_id"`
	PortalConfigID string          `db:"portal_config_id"`
	ExternalID     string          `db:"external_id"`
	Permissions    json.RawMessage `db:"permissions"`
	Preview        bool            `db:"preview"`
	ExchangedAt    sql.NullInt64   `db:"exchanged_at"`
	ExpiresAt      int64           `db:"expires_at"`
	CreatedAt      int64           `db:"created_at"`
}

type Project 

type Project struct {
	Pk               uint64         `db:"pk"`
	ID               string         `db:"id"`
	WorkspaceID      string         `db:"workspace_id"`
	Name             string         `db:"name"`
	Slug             string         `db:"slug"`
	DepotProjectID   sql.NullString `db:"depot_project_id"`
	DeleteProtection sql.NullBool   `db:"delete_protection"`
	CreatedAt        int64          `db:"created_at"`
	UpdatedAt        sql.NullInt64  `db:"updated_at"`
}

type Querier 

type Querier interface {
	//ClearAcmeChallengeTokens
	//
	//  UPDATE acme_challenges
	//  SET token = ?, authorization = ?, updated_at = ?
	//  WHERE domain_id = ?
	ClearAcmeChallengeTokens(ctx context.Context, db DBTX, arg ClearAcmeChallengeTokensParams) error
	//CompareAndSwapDeploymentStatus
	//
	//  UPDATE deployments
	//  SET status = ?, updated_at = ?
	//  WHERE id = ?
	//  AND status = ?
	CompareAndSwapDeploymentStatus(ctx context.Context, db DBTX, arg CompareAndSwapDeploymentStatusParams) (sql.Result, error)
	//CountInstancesByAppId
	//
	//  SELECT COUNT(*) as count
	//  FROM instances i
	//  JOIN deployments d ON i.deployment_id = d.id
	//  WHERE d.app_id = ?
	CountInstancesByAppId(ctx context.Context, db DBTX, appID string) (int64, error)
	//CountSentinelsByAppId
	//
	//  SELECT COUNT(*) as count
	//  FROM sentinels s
	//  JOIN environments e ON s.environment_id = e.id
	//  WHERE e.app_id = ?
	CountSentinelsByAppId(ctx context.Context, db DBTX, appID string) (int64, error)
	//CountSentinelsByProjectId
	//
	//  SELECT COUNT(*) as count FROM sentinels WHERE project_id = ?
	CountSentinelsByProjectId(ctx context.Context, db DBTX, projectID string) (int64, error)
	//DeleteAcmeChallengeByDomainID
	//
	//  DELETE FROM acme_challenges WHERE domain_id = ?
	DeleteAcmeChallengeByDomainID(ctx context.Context, db DBTX, domainID string) error
	//DeleteAllKeyPermissionsByKeyID
	//
	//  DELETE FROM keys_permissions
	//  WHERE key_id = ?
	DeleteAllKeyPermissionsByKeyID(ctx context.Context, db DBTX, keyID string) error
	//DeleteAllKeyRolesByKeyID
	//
	//  DELETE FROM keys_roles
	//  WHERE key_id = ?
	DeleteAllKeyRolesByKeyID(ctx context.Context, db DBTX, keyID string) error
	//DeleteAppBuildSettingsByEnvironmentId
	//
	//  DELETE FROM app_build_settings WHERE environment_id = ?
	DeleteAppBuildSettingsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteAppById
	//
	//  DELETE FROM apps WHERE id = ?
	DeleteAppById(ctx context.Context, db DBTX, id string) error
	//DeleteAppEnvVarsByEnvironmentId
	//
	//  DELETE FROM app_environment_variables WHERE environment_id = ?
	DeleteAppEnvVarsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteAppRegionalSettingsByEnvironmentId
	//
	//  DELETE FROM app_regional_settings WHERE environment_id = ?
	DeleteAppRegionalSettingsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteAppRuntimeSettingsByEnvironmentId
	//
	//  DELETE FROM app_runtime_settings WHERE environment_id = ?
	DeleteAppRuntimeSettingsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteCiliumNetworkPoliciesByEnvironmentId
	//
	//  DELETE FROM cilium_network_policies WHERE environment_id = ?
	DeleteCiliumNetworkPoliciesByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteCustomDomainByID
	//
	//  DELETE FROM custom_domains WHERE id = ?
	DeleteCustomDomainByID(ctx context.Context, db DBTX, id string) error
	//DeleteCustomDomainsByEnvironmentId
	//
	//  DELETE FROM custom_domains WHERE environment_id = ?
	DeleteCustomDomainsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteCustomDomainsByProjectId
	//
	//  DELETE FROM custom_domains WHERE project_id = ?
	DeleteCustomDomainsByProjectId(ctx context.Context, db DBTX, projectID string) error
	// DeleteDeploymentChangesBefore removes old deployment_changes entries for TTL-based cleanup.
	//
	//  DELETE FROM `deployment_changes`
	//  WHERE created_at < ?
	//  LIMIT 10000
	DeleteDeploymentChangesBefore(ctx context.Context, db DBTX, before int64) error
	//DeleteDeploymentInstances
	//
	//  DELETE FROM instances
	//  WHERE deployment_id = ? AND region_id = ?
	DeleteDeploymentInstances(ctx context.Context, db DBTX, arg DeleteDeploymentInstancesParams) error
	//DeleteDeploymentStepsByEnvironmentId
	//
	//  DELETE ds FROM deployment_steps ds
	//  JOIN deployments d ON ds.deployment_id = d.id
	//  WHERE d.environment_id = ?
	DeleteDeploymentStepsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteDeploymentTopologiesByEnvironmentId
	//
	//  DELETE dt FROM deployment_topology dt
	//  JOIN deployments d ON dt.deployment_id = d.id
	//  WHERE d.environment_id = ?
	DeleteDeploymentTopologiesByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteDeploymentTopologyByDeploymentId
	//
	//  DELETE FROM `deployment_topology`
	//  WHERE deployment_id = ?
	DeleteDeploymentTopologyByDeploymentId(ctx context.Context, db DBTX, deploymentID string) error
	//DeleteDeploymentTopologyByDeploymentRegion
	//
	//  DELETE FROM `deployment_topology`
	//  WHERE deployment_id = ?
	//    AND region_id = ?
	DeleteDeploymentTopologyByDeploymentRegion(ctx context.Context, db DBTX, arg DeleteDeploymentTopologyByDeploymentRegionParams) error
	//DeleteDeploymentsByEnvironmentId
	//
	//  DELETE FROM deployments WHERE environment_id = ?
	DeleteDeploymentsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteEnvironmentById
	//
	//  DELETE FROM environments WHERE id = ?
	DeleteEnvironmentById(ctx context.Context, db DBTX, id string) error
	//DeleteFrontlineRouteByFQDN
	//
	//  DELETE FROM frontline_routes WHERE fully_qualified_domain_name = ?
	DeleteFrontlineRouteByFQDN(ctx context.Context, db DBTX, fqdn string) error
	//DeleteFrontlineRoutesByEnvironmentId
	//
	//  DELETE FROM frontline_routes WHERE environment_id = ?
	DeleteFrontlineRoutesByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteFrontlineRoutesByProjectId
	//
	//  DELETE FROM frontline_routes WHERE project_id = ?
	DeleteFrontlineRoutesByProjectId(ctx context.Context, db DBTX, projectID string) error
	//DeleteGithubRepoConnectionsByAppId
	//
	//  DELETE FROM github_repo_connections WHERE app_id = ?
	DeleteGithubRepoConnectionsByAppId(ctx context.Context, db DBTX, appID string) error
	//DeleteGithubRepoConnectionsByProjectId
	//
	//  DELETE FROM github_repo_connections WHERE project_id = ?
	DeleteGithubRepoConnectionsByProjectId(ctx context.Context, db DBTX, projectID string) error
	//DeleteIdentity
	//
	//  DELETE FROM identities
	//  WHERE id = ?
	//    AND workspace_id = ?
	DeleteIdentity(ctx context.Context, db DBTX, arg DeleteIdentityParams) error
	//DeleteInstance
	//
	//  DELETE FROM instances WHERE k8s_name = ? AND region_id = ?
	DeleteInstance(ctx context.Context, db DBTX, arg DeleteInstanceParams) error
	//DeleteKeyByID
	//
	//  DELETE k, kp, kr, rl, ek
	//  FROM `keys` k
	//  LEFT JOIN keys_permissions kp ON k.id = kp.key_id
	//  LEFT JOIN keys_roles kr ON k.id = kr.key_id
	//  LEFT JOIN ratelimits rl ON k.id = rl.key_id
	//  LEFT JOIN encrypted_keys ek ON k.id = ek.key_id
	//  WHERE k.id = ?
	DeleteKeyByID(ctx context.Context, db DBTX, id string) error
	//DeleteKeyPermissionByKeyAndPermissionID
	//
	//  DELETE FROM keys_permissions
	//  WHERE key_id = ? AND permission_id = ?
	DeleteKeyPermissionByKeyAndPermissionID(ctx context.Context, db DBTX, arg DeleteKeyPermissionByKeyAndPermissionIDParams) error
	//DeleteManyKeyPermissionByKeyAndPermissionIDs
	//
	//  DELETE FROM keys_permissions
	//  WHERE key_id = ? AND permission_id IN (/*SLICE:ids*/?)
	DeleteManyKeyPermissionByKeyAndPermissionIDs(ctx context.Context, db DBTX, arg DeleteManyKeyPermissionByKeyAndPermissionIDsParams) error
	//DeleteManyKeyPermissionsByPermissionID
	//
	//  DELETE FROM keys_permissions
	//  WHERE permission_id = ?
	DeleteManyKeyPermissionsByPermissionID(ctx context.Context, db DBTX, permissionID string) error
	//DeleteManyKeyRolesByKeyAndRoleIDs
	//
	//  DELETE FROM keys_roles
	//  WHERE key_id = ? AND role_id IN(/*SLICE:role_ids*/?)
	DeleteManyKeyRolesByKeyAndRoleIDs(ctx context.Context, db DBTX, arg DeleteManyKeyRolesByKeyAndRoleIDsParams) error
	//DeleteManyKeyRolesByKeyID
	//
	//  DELETE FROM keys_roles
	//  WHERE key_id = ? AND role_id = ?
	DeleteManyKeyRolesByKeyID(ctx context.Context, db DBTX, arg DeleteManyKeyRolesByKeyIDParams) error
	//DeleteManyKeyRolesByRoleID
	//
	//  DELETE FROM keys_roles
	//  WHERE role_id = ?
	DeleteManyKeyRolesByRoleID(ctx context.Context, db DBTX, roleID string) error
	//DeleteManyRatelimitsByIDs
	//
	//  DELETE FROM ratelimits WHERE id IN (/*SLICE:ids*/?)
	DeleteManyRatelimitsByIDs(ctx context.Context, db DBTX, ids []string) error
	//DeleteManyRatelimitsByIdentityID
	//
	//  DELETE FROM ratelimits WHERE identity_id = ?
	DeleteManyRatelimitsByIdentityID(ctx context.Context, db DBTX, identityID sql.NullString) error
	//DeleteManyRolePermissionsByPermissionID
	//
	//  DELETE FROM roles_permissions
	//  WHERE permission_id = ?
	DeleteManyRolePermissionsByPermissionID(ctx context.Context, db DBTX, permissionID string) error
	//DeleteManyRolePermissionsByRoleID
	//
	//  DELETE FROM roles_permissions
	//  WHERE role_id = ?
	DeleteManyRolePermissionsByRoleID(ctx context.Context, db DBTX, roleID string) error
	//DeleteOldIdentityByExternalID
	//
	//  DELETE i, rl
	//  FROM identities i
	//  LEFT JOIN ratelimits rl ON rl.identity_id = i.id
	//  WHERE i.workspace_id = ?
	//    AND i.external_id = ?
	//    AND i.id != ?
	//    AND i.deleted = true
	DeleteOldIdentityByExternalID(ctx context.Context, db DBTX, arg DeleteOldIdentityByExternalIDParams) error
	//DeleteOldIdentityWithRatelimits
	//
	//  DELETE i, rl
	//  FROM identities i
	//  LEFT JOIN ratelimits rl ON rl.identity_id = i.id
	//  WHERE i.workspace_id = ?
	//    AND (i.id = ? OR i.external_id = ?)
	//    AND i.deleted = true
	DeleteOldIdentityWithRatelimits(ctx context.Context, db DBTX, arg DeleteOldIdentityWithRatelimitsParams) error
	//DeletePermission
	//
	//  DELETE FROM permissions
	//  WHERE id = ?
	DeletePermission(ctx context.Context, db DBTX, permissionID string) error
	//DeleteProjectById
	//
	//  DELETE FROM projects WHERE id = ?
	DeleteProjectById(ctx context.Context, db DBTX, id string) error
	//DeleteRatelimit
	//
	//  DELETE FROM `ratelimits` WHERE id = ?
	DeleteRatelimit(ctx context.Context, db DBTX, id string) error
	//DeleteRatelimitNamespace
	//
	//  UPDATE `ratelimit_namespaces`
	//  SET deleted_at_m = ?
	//  WHERE id = ?
	DeleteRatelimitNamespace(ctx context.Context, db DBTX, arg DeleteRatelimitNamespaceParams) (sql.Result, error)
	//DeleteRoleByID
	//
	//  DELETE FROM roles
	//  WHERE id = ?
	DeleteRoleByID(ctx context.Context, db DBTX, roleID string) error
	//DeleteSentinelsByEnvironmentId
	//
	//  DELETE FROM sentinels WHERE environment_id = ?
	DeleteSentinelsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error
	//DeleteSentinelsByProjectId
	//
	//  DELETE FROM sentinels WHERE project_id = ?
	DeleteSentinelsByProjectId(ctx context.Context, db DBTX, projectID string) error
	//EndActiveDeploymentStepsForDeployments
	//
	//  UPDATE `deployment_steps`
	//  SET ended_at = ?, error = ?
	//  WHERE deployment_id IN (/*SLICE:deployment_ids*/?) AND ended_at IS NULL
	EndActiveDeploymentStepsForDeployments(ctx context.Context, db DBTX, arg EndActiveDeploymentStepsForDeploymentsParams) error
	//EndActiveDeploymentStepsWithError
	//
	//  UPDATE `deployment_steps`
	//  SET ended_at = ?, error = ?
	//  WHERE deployment_id = ? AND ended_at IS NULL
	EndActiveDeploymentStepsWithError(ctx context.Context, db DBTX, arg EndActiveDeploymentStepsWithErrorParams) error
	//EndDeploymentStep
	//
	//  UPDATE `deployment_steps`
	//  SET ended_at = ?, error = ?
	//  WHERE deployment_id = ? AND step = ? AND ended_at IS NULL
	EndDeploymentStep(ctx context.Context, db DBTX, arg EndDeploymentStepParams) error
	//ExchangePortalSessionToken
	//
	//  UPDATE portal_session_tokens
	//  SET exchanged_at = ?
	//  WHERE id = ?
	//    AND exchanged_at IS NULL
	//    AND expires_at > ?
	ExchangePortalSessionToken(ctx context.Context, db DBTX, arg ExchangePortalSessionTokenParams) (sql.Result, error)
	//FindAcmeChallengeByToken
	//
	//  SELECT pk, domain_id, workspace_id, token, challenge_type, authorization, status, expires_at, created_at, updated_at FROM acme_challenges WHERE workspace_id = ? AND domain_id = ? AND token = ?
	FindAcmeChallengeByToken(ctx context.Context, db DBTX, arg FindAcmeChallengeByTokenParams) (AcmeChallenge, error)
	//FindAcmeUserByWorkspaceID
	//
	//  SELECT pk, id, workspace_id, encrypted_key, registration_uri, created_at, updated_at FROM acme_users WHERE workspace_id = ? LIMIT 1
	FindAcmeUserByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (AcmeUser, error)
	//FindApiByID
	//
	//  SELECT pk, id, name, workspace_id, ip_whitelist, auth_type, key_auth_id, created_at_m, updated_at_m, deleted_at_m, delete_protection FROM apis WHERE id = ?
	FindApiByID(ctx context.Context, db DBTX, id string) (Api, error)
	//FindAppBuildSettingByAppEnv
	//
	//  SELECT pk, workspace_id, app_id, environment_id, dockerfile, docker_context, watch_paths, auto_deploy, created_at, updated_at
	//  FROM `app_build_settings`
	//  WHERE app_id = ?
	//    AND environment_id = ?
	FindAppBuildSettingByAppEnv(ctx context.Context, db DBTX, arg FindAppBuildSettingByAppEnvParams) (AppBuildSetting, error)
	//FindAppById
	//
	//  SELECT pk, id, workspace_id, project_id, name, slug, default_branch, current_deployment_id, is_rolled_back, delete_protection, created_at, updated_at
	//  FROM apps
	//  WHERE id = ?
	FindAppById(ctx context.Context, db DBTX, id string) (App, error)
	//FindAppByProjectAndSlug
	//
	//  SELECT apps.pk, apps.id, apps.workspace_id, apps.project_id, apps.name, apps.slug, apps.default_branch, apps.current_deployment_id, apps.is_rolled_back, apps.delete_protection, apps.created_at, apps.updated_at
	//  FROM apps
	//  WHERE apps.project_id = ?
	//    AND apps.slug = ?
	FindAppByProjectAndSlug(ctx context.Context, db DBTX, arg FindAppByProjectAndSlugParams) (FindAppByProjectAndSlugRow, error)
	//FindAppByWorkspaceAndSlugs
	//
	//  SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.depot_project_id, p.delete_protection, p.created_at, p.updated_at, a.pk, a.id, a.workspace_id, a.project_id, a.name, a.slug, a.default_branch, a.current_deployment_id, a.is_rolled_back, a.delete_protection, a.created_at, a.updated_at
	//  FROM apps a
	//  INNER JOIN projects p ON p.id = a.project_id
	//  WHERE p.workspace_id = ?
	//    AND p.slug = ?
	//    AND a.slug = ?
	FindAppByWorkspaceAndSlugs(ctx context.Context, db DBTX, arg FindAppByWorkspaceAndSlugsParams) (FindAppByWorkspaceAndSlugsRow, error)
	//FindAppEnvVarsByAppAndEnv
	//
	//  SELECT `key`, value
	//  FROM app_environment_variables
	//  WHERE app_id = ?
	//    AND environment_id = ?
	FindAppEnvVarsByAppAndEnv(ctx context.Context, db DBTX, arg FindAppEnvVarsByAppAndEnvParams) ([]FindAppEnvVarsByAppAndEnvRow, error)
	// FindAppRegionalSettingsByAppAndEnv returns per-region deployment settings
	// including the autoscaling policy values (if attached) for snapshotting
	// into deployment_topology at deploy time.
	//
	//  SELECT
	//  	ars.region_id,
	//  	r.name AS region_name,
	//  	ars.replicas,
	//  	r.can_schedule AS region_can_schedule,
	//  	hap.replicas_min AS autoscaling_replicas_min,
	//  	hap.replicas_max AS autoscaling_replicas_max,
	//  	hap.cpu_threshold AS autoscaling_threshold_cpu,
	//  	hap.memory_threshold AS autoscaling_threshold_memory
	//  FROM app_regional_settings ars
	//  JOIN regions r ON r.id = ars.region_id
	//  LEFT JOIN horizontal_autoscaling_policies hap ON hap.id = ars.horizontal_autoscaling_policy_id
	//  WHERE ars.app_id = ?
	//    AND ars.environment_id = ?
	FindAppRegionalSettingsByAppAndEnv(ctx context.Context, db DBTX, arg FindAppRegionalSettingsByAppAndEnvParams) ([]FindAppRegionalSettingsByAppAndEnvRow, error)
	//FindAppRuntimeSettingsByAppAndEnv
	//
	//  SELECT app_runtime_settings.pk, app_runtime_settings.workspace_id, app_runtime_settings.app_id, app_runtime_settings.environment_id, app_runtime_settings.port, app_runtime_settings.cpu_millicores, app_runtime_settings.memory_mib, app_runtime_settings.storage_mib, app_runtime_settings.command, app_runtime_settings.healthcheck, app_runtime_settings.shutdown_signal, app_runtime_settings.upstream_protocol, app_runtime_settings.sentinel_config, app_runtime_settings.openapi_spec_path, app_runtime_settings.created_at, app_runtime_settings.updated_at
	//  FROM app_runtime_settings
	//  WHERE app_id = ?
	//    AND environment_id = ?
	FindAppRuntimeSettingsByAppAndEnv(ctx context.Context, db DBTX, arg FindAppRuntimeSettingsByAppAndEnvParams) (FindAppRuntimeSettingsByAppAndEnvRow, error)
	//FindAppWithSettings
	//
	//  SELECT
	//      a.pk, a.id, a.workspace_id, a.project_id, a.name, a.slug, a.default_branch, a.current_deployment_id, a.is_rolled_back, a.delete_protection, a.created_at, a.updated_at,
	//      abs.pk, abs.workspace_id, abs.app_id, abs.environment_id, abs.dockerfile, abs.docker_context, abs.watch_paths, abs.auto_deploy, abs.created_at, abs.updated_at,
	//      ars.pk, ars.workspace_id, ars.app_id, ars.environment_id, ars.port, ars.cpu_millicores, ars.memory_mib, ars.storage_mib, ars.command, ars.healthcheck, ars.shutdown_signal, ars.upstream_protocol, ars.sentinel_config, ars.openapi_spec_path, ars.created_at, ars.updated_at
	//  FROM apps a
	//  INNER JOIN app_build_settings abs ON abs.app_id = a.id AND abs.environment_id = ?
	//  INNER JOIN app_runtime_settings ars ON ars.app_id = a.id AND ars.environment_id = ?
	//  WHERE a.id = ?
	FindAppWithSettings(ctx context.Context, db DBTX, arg FindAppWithSettingsParams) (FindAppWithSettingsRow, error)
	// FindAuditLogMaxPK returns MAX(pk) of the legacy audit_log table, used
	// by the backfill VO to snapshot the cutoff on first invocation. Returns
	// 0 when the table is empty (COALESCE + CAST keep the call from erroring
	// on NULL aggregation and force sqlc to infer the result as uint64
	// instead of interface{}).
	//
	//  SELECT CAST(COALESCE(MAX(pk), 0) AS UNSIGNED) AS max_pk
	//  FROM audit_log
	FindAuditLogMaxPK(ctx context.Context, db DBTX) (int64, error)
	//FindAuditLogTargetByID
	//
	//  SELECT audit_log_target.pk, audit_log_target.workspace_id, audit_log_target.bucket_id, audit_log_target.bucket, audit_log_target.audit_log_id, audit_log_target.display_name, audit_log_target.type, audit_log_target.id, audit_log_target.name, audit_log_target.meta, audit_log_target.created_at, audit_log_target.updated_at, audit_log.pk, audit_log.id, audit_log.workspace_id, audit_log.bucket, audit_log.bucket_id, audit_log.event, audit_log.time, audit_log.display, audit_log.remote_ip, audit_log.user_agent, audit_log.actor_type, audit_log.actor_id, audit_log.actor_name, audit_log.actor_meta, audit_log.created_at, audit_log.updated_at
	//  FROM audit_log_target
	//  JOIN audit_log ON audit_log.id = audit_log_target.audit_log_id
	//  WHERE audit_log_target.id = ?
	FindAuditLogTargetByID(ctx context.Context, db DBTX, id string) ([]FindAuditLogTargetByIDRow, error)
	// FindAuditLogTargetsForBackfill fetches every target row attached to a set
	// of audit_log_ids in one query. Called by the backfill VO after
	// FindAuditLogsForBackfill so we go from "page of N parents" to "page of N
	// parents with all their targets" in two MySQL reads, never N+1.
	//
	// The unique index on (audit_log_id, id) covers the IN-list lookup. Order
	// by audit_log_id, pk so the VO's grouping pass sees a deterministic
	// per-event target sequence.
	//
	//  SELECT audit_log_id, type, id, name, meta
	//  FROM audit_log_target
	//  WHERE audit_log_id IN (/*SLICE:audit_log_ids*/?)
	//  ORDER BY audit_log_id, pk
	FindAuditLogTargetsForBackfill(ctx context.Context, db DBTX, auditLogIds []string) ([]FindAuditLogTargetsForBackfillRow, error)
	// FindAuditLogsForBackfill returns one cursor page of legacy audit_log
	// rows for the one-shot MySQL -> ClickHouse backfill VO. Ordered by pk so
	// the cursor advances monotonically; on a crash mid-page the VO replays
	// the same range from its persisted last_pk, and CH's
	// non_replicated_deduplication_window collapses the duplicate insert
	// block.
	//
	// The pk <= cutoff bound makes the VO terminate. Rows written after the
	// backfill snapshotted the legacy tail are already shipped via the live
	// drainer, so the backfill skips them. Without this bound the cursor
	// would chase a moving target forever.
	//
	// The primary key on `pk` makes this a forward range scan; no extra index
	// needed. We pull every column the auditlog.Event envelope needs in one
	// read so the VO does not have to re-query per row.
	//
	//  SELECT pk, id, workspace_id, bucket, event, time, display,
	//         remote_ip, user_agent, actor_type, actor_id, actor_name, actor_meta
	//  FROM audit_log
	//  WHERE pk > ?
	//    AND pk <= ?
	//  ORDER BY pk
	//  LIMIT ?
	FindAuditLogsForBackfill(ctx context.Context, db DBTX, arg FindAuditLogsForBackfillParams) ([]FindAuditLogsForBackfillRow, error)
	//FindCertificateByHostname
	//
	//  SELECT pk, id, workspace_id, hostname, certificate, encrypted_private_key, created_at, updated_at FROM certificates WHERE hostname = ?
	FindCertificateByHostname(ctx context.Context, db DBTX, hostname string) (Certificate, error)
	//FindCertificatesByHostnames
	//
	//  SELECT pk, id, workspace_id, hostname, certificate, encrypted_private_key, created_at, updated_at FROM certificates WHERE hostname IN (/*SLICE:hostnames*/?)
	FindCertificatesByHostnames(ctx context.Context, db DBTX, hostnames []string) ([]Certificate, error)
	//FindCiliumNetworkPoliciesByDeploymentID
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at FROM cilium_network_policies WHERE deployment_id = ?
	FindCiliumNetworkPoliciesByDeploymentID(ctx context.Context, db DBTX, deploymentID string) ([]CiliumNetworkPolicy, error)
	//FindCiliumNetworkPoliciesByEnvironmentID
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at FROM cilium_network_policies WHERE environment_id = ?
	FindCiliumNetworkPoliciesByEnvironmentID(ctx context.Context, db DBTX, environmentID string) ([]CiliumNetworkPolicy, error)
	//FindCiliumNetworkPolicyByEnvironmentRegionAndName
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at
	//  FROM `cilium_network_policies`
	//  WHERE environment_id = ? AND region_id = ? AND k8s_name = ?
	//  LIMIT 1
	FindCiliumNetworkPolicyByEnvironmentRegionAndName(ctx context.Context, db DBTX, arg FindCiliumNetworkPolicyByEnvironmentRegionAndNameParams) (CiliumNetworkPolicy, error)
	//FindCiliumNetworkPolicyByIDAndRegion
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at
	//  FROM `cilium_network_policies`
	//  WHERE region_id = ? AND id = ?
	//  LIMIT 1
	FindCiliumNetworkPolicyByIDAndRegion(ctx context.Context, db DBTX, arg FindCiliumNetworkPolicyByIDAndRegionParams) (CiliumNetworkPolicy, error)
	// FindClickhouseOutboxBatch returns the next batch of unprocessed outbox
	// rows for a known set of payload versions. Must be called inside a
	// transaction. FOR UPDATE SKIP LOCKED locks the batch so a second cron tick
	// (if Restate VO serialization ever fails) silently skips them rather than
	// re-processing the same set. The lock is released when the caller commits
	// or rolls back. Ordered by pk so retries see a deterministic row set,
	// which lets CH's block-level deduplication collapse re-inserts after a
	// partial failure.
	//
	// The version filter means a drainer never reads a payload it can't
	// decode. Unknown versions stay in the table until a drainer with the
	// matching handler ships.
	//
	// deleted_at IS NULL skips rows the drainer already shipped. Marked rows
	// stay in the table for re-processing (clear deleted_at to re-queue) and
	// as an ops audit trail; there's no sweep job today.
	//
	//  SELECT pk, version, workspace_id, event_id, payload, created_at
	//  FROM clickhouse_outbox
	//  WHERE version IN (/*SLICE:versions*/?)
	//    AND deleted_at IS NULL
	//  ORDER BY pk
	//  LIMIT ?
	//  FOR UPDATE SKIP LOCKED
	FindClickhouseOutboxBatch(ctx context.Context, db DBTX, arg FindClickhouseOutboxBatchParams) ([]FindClickhouseOutboxBatchRow, error)
	//FindClickhouseWorkspaceSettingsByWorkspaceID
	//
	//  SELECT
	//      c.pk, c.workspace_id, c.username, c.password_encrypted, c.quota_duration_seconds, c.max_queries_per_window, c.max_execution_time_per_window, c.max_query_execution_time, c.max_query_memory_bytes, c.max_query_result_rows, c.created_at, c.updated_at,
	//      q.pk, q.workspace_id, q.requests_per_month, q.logs_retention_days, q.audit_logs_retention_days, q.team, q.ratelimit_api_limit, q.ratelimit_api_duration, q.allocated_cpu_millicores_total, q.allocated_memory_mib_total, q.allocated_storage_mib_total, q.max_cpu_millicores_per_instance, q.max_memory_mib_per_instance, q.max_storage_mib_per_instance, q.max_concurrent_builds
	//  FROM `clickhouse_workspace_settings` c
	//  JOIN `quota` q ON c.workspace_id = q.workspace_id
	//  WHERE c.workspace_id = ?
	FindClickhouseWorkspaceSettingsByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (FindClickhouseWorkspaceSettingsByWorkspaceIDRow, error)
	//FindCustomDomainByDomain
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at
	//  FROM custom_domains
	//  WHERE domain = ?
	FindCustomDomainByDomain(ctx context.Context, db DBTX, domain string) (CustomDomain, error)
	//FindCustomDomainByDomainOrWildcard
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
	//  WHERE domain IN (?, ?)
	//  ORDER BY
	//      CASE WHEN domain = ? THEN 0 ELSE 1 END
	//  LIMIT 1
	FindCustomDomainByDomainOrWildcard(ctx context.Context, db DBTX, arg FindCustomDomainByDomainOrWildcardParams) (CustomDomain, error)
	//FindCustomDomainById
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at
	//  FROM custom_domains
	//  WHERE id = ?
	FindCustomDomainById(ctx context.Context, db DBTX, id string) (CustomDomain, error)
	//FindCustomDomainByWorkspaceAndDomain
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
	//  WHERE workspace_id = ? AND domain = ?
	FindCustomDomainByWorkspaceAndDomain(ctx context.Context, db DBTX, arg FindCustomDomainByWorkspaceAndDomainParams) (CustomDomain, error)
	//FindCustomDomainWithCertByDomain
	//
	//  SELECT
	//      cd.pk, cd.id, cd.workspace_id, cd.project_id, cd.app_id, cd.environment_id, cd.domain, cd.challenge_type, cd.verification_status, cd.verification_token, cd.ownership_verified, cd.cname_verified, cd.target_cname, cd.last_checked_at, cd.check_attempts, cd.verification_error, cd.domain_connect_provider, cd.domain_connect_url, cd.invocation_id, cd.created_at, cd.updated_at,
	//      c.id AS certificate_id
	//  FROM custom_domains cd
	//  LEFT JOIN certificates c ON c.hostname = cd.domain
	//  WHERE cd.domain = ?
	FindCustomDomainWithCertByDomain(ctx context.Context, db DBTX, domain string) (FindCustomDomainWithCertByDomainRow, error)
	//FindDeploymentById
	//
	//  SELECT pk, id, k8s_name, workspace_id, project_id, environment_id, app_id, image, build_id, git_commit_sha, git_branch, git_commit_message, git_commit_author_handle, git_commit_author_avatar_url, git_commit_timestamp, sentinel_config, cpu_millicores, memory_mib, storage_mib, desired_state, encrypted_environment_variables, command, port, shutdown_signal, upstream_protocol, healthcheck, pr_number, fork_repository_full_name, github_deployment_id, invocation_id, status, created_at, updated_at FROM `deployments` WHERE id = ?
	FindDeploymentById(ctx context.Context, db DBTX, id string) (Deployment, error)
	//FindDeploymentByK8sName
	//
	//  SELECT pk, id, k8s_name, workspace_id, project_id, environment_id, app_id, image, build_id, git_commit_sha, git_branch, git_commit_message, git_commit_author_handle, git_commit_author_avatar_url, git_commit_timestamp, sentinel_config, cpu_millicores, memory_mib, storage_mib, desired_state, encrypted_environment_variables, command, port, shutdown_signal, upstream_protocol, healthcheck, pr_number, fork_repository_full_name, github_deployment_id, invocation_id, status, created_at, updated_at FROM `deployments` WHERE k8s_name = ?
	FindDeploymentByK8sName(ctx context.Context, db DBTX, k8sName string) (Deployment, error)
	// Returns all regions where a deployment is configured.
	// Used for fan-out: when a deployment changes, emit state_change to each region.
	//
	//  SELECT r.pk, r.id, r.name, r.platform, r.can_schedule
	//  FROM `deployment_topology` dt
	//  INNER JOIN `regions` r ON dt.region_id = r.id
	//  WHERE dt.deployment_id = ?
	FindDeploymentRegions(ctx context.Context, db DBTX, deploymentID string) ([]Region, error)
	// FindDeploymentTopologyByDeploymentAndRegion returns a single deployment topology with all
	// joined data needed for the Watch stream. Used by the unified WatchDeploymentChanges RPC.
	//
	//  SELECT
	//      dt.pk, dt.workspace_id, dt.deployment_id, dt.region_id, dt.autoscaling_replicas_min, dt.autoscaling_replicas_max, dt.autoscaling_threshold_cpu, dt.autoscaling_threshold_memory, dt.desired_status, dt.created_at, dt.updated_at,
	//      d.pk, d.id, d.k8s_name, d.workspace_id, d.project_id, d.environment_id, d.app_id, d.image, d.build_id, d.git_commit_sha, d.git_branch, d.git_commit_message, d.git_commit_author_handle, d.git_commit_author_avatar_url, d.git_commit_timestamp, d.sentinel_config, d.cpu_millicores, d.memory_mib, d.storage_mib, d.desired_state, d.encrypted_environment_variables, d.command, d.port, d.shutdown_signal, d.upstream_protocol, d.healthcheck, d.pr_number, d.fork_repository_full_name, d.github_deployment_id, d.invocation_id, d.status, d.created_at, d.updated_at,
	//      w.k8s_namespace,
	//      e.slug AS environment_slug,
	//      r.name AS region_name,
	//      grc.repository_full_name AS git_repo
	//  FROM `deployment_topology` dt
	//  INNER JOIN `deployments` d ON dt.deployment_id = d.id
	//  INNER JOIN `workspaces` w ON d.workspace_id = w.id
	//  INNER JOIN `regions` r ON dt.region_id = r.id
	//  INNER JOIN `environments` e ON d.environment_id = e.id
	//  LEFT JOIN `github_repo_connections` grc ON d.app_id = grc.app_id
	//  WHERE dt.deployment_id = ? AND dt.region_id = ?
	//  LIMIT 1
	FindDeploymentTopologyByDeploymentAndRegion(ctx context.Context, db DBTX, arg FindDeploymentTopologyByDeploymentAndRegionParams) (FindDeploymentTopologyByDeploymentAndRegionRow, error)
	// Returns the per-region minimum replica requirement for a deployment.
	// Used by ReportDeploymentStatus to compute whether enough regions are
	// healthy to call DeployService.NotifyInstancesReady.
	//
	//  SELECT region_id, autoscaling_replicas_min
	//  FROM deployment_topology
	//  WHERE deployment_id = ?
	FindDeploymentTopologyMinReplicas(ctx context.Context, db DBTX, deploymentID string) ([]FindDeploymentTopologyMinReplicasRow, error)
	//FindEnvironmentByAppIdAndSlug
	//
	//  SELECT environments.pk, environments.id, environments.workspace_id, environments.project_id, environments.app_id, environments.slug, environments.description, environments.delete_protection, environments.created_at, environments.updated_at FROM environments
	//  WHERE app_id = ? AND slug = ?
	FindEnvironmentByAppIdAndSlug(ctx context.Context, db DBTX, arg FindEnvironmentByAppIdAndSlugParams) (FindEnvironmentByAppIdAndSlugRow, error)
	//FindEnvironmentById
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, slug, description, delete_protection, created_at, updated_at
	//  FROM environments
	//  WHERE id = ?
	FindEnvironmentById(ctx context.Context, db DBTX, id string) (Environment, error)
	//FindEnvironmentByProjectIdAndSlug
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, slug, description, delete_protection, created_at, updated_at
	//  FROM environments
	//  WHERE workspace_id = ?
	//    AND project_id = ?
	//    AND slug = ?
	FindEnvironmentByProjectIdAndSlug(ctx context.Context, db DBTX, arg FindEnvironmentByProjectIdAndSlugParams) (Environment, error)
	//FindFrontlineRouteByDeploymentIDAndSticky
	//
	//  SELECT pk, id, project_id, app_id, deployment_id, environment_id, fully_qualified_domain_name, sticky, created_at, updated_at FROM frontline_routes WHERE deployment_id = ? AND sticky = ?
	FindFrontlineRouteByDeploymentIDAndSticky(ctx context.Context, db DBTX, arg FindFrontlineRouteByDeploymentIDAndStickyParams) (FrontlineRoute, error)
	//FindFrontlineRouteByFQDN
	//
	//  SELECT pk, id, project_id, app_id, deployment_id, environment_id, fully_qualified_domain_name, sticky, created_at, updated_at FROM frontline_routes WHERE fully_qualified_domain_name = ?
	FindFrontlineRouteByFQDN(ctx context.Context, db DBTX, fullyQualifiedDomainName string) (FrontlineRoute, error)
	//FindFrontlineRouteForPromotion
	//
	//  SELECT
	//      id,
	//      project_id,
	//      environment_id,
	//      fully_qualified_domain_name,
	//      deployment_id,
	//      sticky,
	//      created_at,
	//      updated_at
	//  FROM frontline_routes
	//  WHERE
	//    environment_id = ?
	//    AND sticky IN (/*SLICE:sticky*/?)
	//  ORDER BY created_at ASC
	FindFrontlineRouteForPromotion(ctx context.Context, db DBTX, arg FindFrontlineRouteForPromotionParams) ([]FindFrontlineRouteForPromotionRow, error)
	//FindFrontlineRoutesByDeploymentID
	//
	//  SELECT pk, id, project_id, app_id, deployment_id, environment_id, fully_qualified_domain_name, sticky, created_at, updated_at FROM frontline_routes WHERE deployment_id = ?
	FindFrontlineRoutesByDeploymentID(ctx context.Context, db DBTX, deploymentID string) ([]FrontlineRoute, error)
	//FindFrontlineRoutesForRollback
	//
	//  SELECT
	//      id,
	//      project_id,
	//      environment_id,
	//      fully_qualified_domain_name,
	//      deployment_id,
	//      sticky,
	//      created_at,
	//      updated_at
	//  FROM frontline_routes
	//  WHERE
	//    environment_id = ?
	//    AND sticky IN (/*SLICE:sticky*/?)
	//  ORDER BY created_at ASC
	FindFrontlineRoutesForRollback(ctx context.Context, db DBTX, arg FindFrontlineRoutesForRollbackParams) ([]FindFrontlineRoutesForRollbackRow, error)
	//FindGithubRepoConnectionByAppId
	//
	//  SELECT
	//      pk,
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      installation_id,
	//      repository_id,
	//      repository_full_name,
	//      created_at,
	//      updated_at
	//  FROM github_repo_connections
	//  WHERE app_id = ?
	FindGithubRepoConnectionByAppId(ctx context.Context, db DBTX, appID string) (GithubRepoConnection, error)
	//FindGithubRepoConnectionByProjectId
	//
	//  SELECT
	//      pk,
	//      workspace_id,
	//      project_id,
	//      installation_id,
	//      repository_id,
	//      repository_full_name,
	//      created_at,
	//      updated_at
	//  FROM github_repo_connections
	//  WHERE project_id = ?
	FindGithubRepoConnectionByProjectId(ctx context.Context, db DBTX, projectID string) (FindGithubRepoConnectionByProjectIdRow, error)
	//FindIdentities
	//
	//  SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
	//  FROM identities
	//  WHERE workspace_id = ?
	//   AND deleted = ?
	//   AND (external_id IN(/*SLICE:identities*/?) OR id IN (/*SLICE:identities*/?))
	FindIdentities(ctx context.Context, db DBTX, arg FindIdentitiesParams) ([]Identity, error)
	//FindIdentitiesByExternalId
	//
	//  SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
	//  FROM identities
	//  WHERE workspace_id = ? AND external_id IN (/*SLICE:externalIds*/?) AND deleted = ?
	FindIdentitiesByExternalId(ctx context.Context, db DBTX, arg FindIdentitiesByExternalIdParams) ([]Identity, error)
	//FindIdentity
	//
	//  SELECT
	//      i.pk, i.id, i.external_id, i.workspace_id, i.environment, i.meta, i.deleted, i.created_at, i.updated_at,
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', rl.id,
	//                  'name', rl.name,
	//                  'key_id', rl.key_id,
	//                  'identity_id', rl.identity_id,
	//                  'limit', rl.`limit`,
	//                  'duration', rl.duration,
	//                  'auto_apply', rl.auto_apply = 1
	//              )
	//          )
	//          FROM ratelimits rl WHERE rl.identity_id = i.id),
	//          JSON_ARRAY()
	//      ) as ratelimits
	//  FROM identities i
	//  JOIN (
	//      SELECT id1.id FROM identities id1
	//      WHERE id1.id = ?
	//        AND id1.workspace_id = ?
	//        AND id1.deleted = ?
	//      UNION ALL
	//      SELECT id2.id FROM identities id2
	//      WHERE id2.workspace_id = ?
	//        AND id2.external_id = ?
	//        AND id2.deleted = ?
	//  ) AS identity_lookup ON i.id = identity_lookup.id
	//  LIMIT 1
	FindIdentity(ctx context.Context, db DBTX, arg FindIdentityParams) (FindIdentityRow, error)
	//FindIdentityByExternalID
	//
	//  SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
	//  FROM identities
	//  WHERE workspace_id = ?
	//    AND external_id = ?
	//    AND deleted = ?
	FindIdentityByExternalID(ctx context.Context, db DBTX, arg FindIdentityByExternalIDParams) (Identity, error)
	//FindIdentityByID
	//
	//  SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
	//  FROM identities
	//  WHERE workspace_id = ?
	//    AND id = ?
	//    AND deleted = ?
	FindIdentityByID(ctx context.Context, db DBTX, arg FindIdentityByIDParams) (Identity, error)
	//FindInstanceByPodName
	//
	//  SELECT
	//   pk, id, deployment_id, workspace_id, project_id, app_id, region_id, k8s_name, address, cpu_millicores, memory_mib, storage_mib, status, container_status
	//  FROM instances
	//    WHERE k8s_name = ? AND region_id = ?
	FindInstanceByPodName(ctx context.Context, db DBTX, arg FindInstanceByPodNameParams) (Instance, error)
	//FindInstancesByDeploymentId
	//
	//  SELECT
	//   pk, id, deployment_id, workspace_id, project_id, app_id, region_id, k8s_name, address, cpu_millicores, memory_mib, storage_mib, status, container_status
	//  FROM instances
	//  WHERE deployment_id = ?
	FindInstancesByDeploymentId(ctx context.Context, db DBTX, deploymentid string) ([]Instance, error)
	//FindInstancesByDeploymentIdAndRegionID
	//
	//  SELECT
	//   pk, id, deployment_id, workspace_id, project_id, app_id, region_id, k8s_name, address, cpu_millicores, memory_mib, storage_mib, status, container_status
	//  FROM instances
	//  WHERE deployment_id = ? AND region_id = ?
	FindInstancesByDeploymentIdAndRegionID(ctx context.Context, db DBTX, arg FindInstancesByDeploymentIdAndRegionIDParams) ([]Instance, error)
	//FindKeyAuthsByIds
	//
	//  SELECT ka.id as key_auth_id, a.id as api_id
	//  FROM apis a
	//  JOIN key_auth as ka ON ka.id = a.key_auth_id
	//  WHERE a.workspace_id = ?
	//      AND a.id IN (/*SLICE:api_ids*/?)
	//      AND ka.deleted_at_m IS NULL
	//      AND a.deleted_at_m IS NULL
	FindKeyAuthsByIds(ctx context.Context, db DBTX, arg FindKeyAuthsByIdsParams) ([]FindKeyAuthsByIdsRow, error)
	//FindKeyAuthsByKeyAuthIds
	//
	//  SELECT ka.id as key_auth_id, a.id as api_id
	//  FROM key_auth as ka
	//  JOIN apis a ON a.key_auth_id = ka.id
	//  WHERE a.workspace_id = ?
	//      AND ka.id IN (/*SLICE:key_auth_ids*/?)
	//      AND ka.deleted_at_m IS NULL
	//      AND a.deleted_at_m IS NULL
	FindKeyAuthsByKeyAuthIds(ctx context.Context, db DBTX, arg FindKeyAuthsByKeyAuthIdsParams) ([]FindKeyAuthsByKeyAuthIdsRow, error)
	//FindKeyByID
	//
	//  SELECT pk, id, key_auth_id, hash, start, workspace_id, for_workspace_id, name, owner_id, identity_id, meta, expires, created_at_m, updated_at_m, deleted_at_m, refill_day, refill_amount, last_refill_at, enabled, remaining_requests, environment, last_used_at, pending_migration_id FROM `keys` k
	//  WHERE k.id = ?
	FindKeyByID(ctx context.Context, db DBTX, id string) (Key, error)
	//FindKeyCredits
	//
	//  SELECT remaining_requests FROM `keys` k WHERE k.id = ?
	FindKeyCredits(ctx context.Context, db DBTX, id string) (sql.NullInt64, error)
	//FindKeyEncryptionByKeyID
	//
	//  SELECT pk, workspace_id, key_id, created_at, updated_at, encrypted, encryption_key_id FROM encrypted_keys WHERE key_id = ?
	FindKeyEncryptionByKeyID(ctx context.Context, db DBTX, keyID string) (EncryptedKey, error)
	// FindKeyIDByHash returns just the key ID for a given hash. Use this when
	// you only need the ID for a subsequent mutation and do not need the full
	// verification payload with roles, permissions, and rate limits.
	//
	//  SELECT id FROM `keys` WHERE hash = ? AND deleted_at_m IS NULL
	FindKeyIDByHash(ctx context.Context, db DBTX, hash string) (string, error)
	//FindKeyMigrationByID
	//
	//  SELECT
	//      id,
	//      workspace_id,
	//      algorithm
	//  FROM key_migrations
	//  WHERE id = ?
	//  and workspace_id = ?
	FindKeyMigrationByID(ctx context.Context, db DBTX, arg FindKeyMigrationByIDParams) (FindKeyMigrationByIDRow, error)
	//FindKeyRoleByKeyAndRoleID
	//
	//  SELECT pk, key_id, role_id, workspace_id, created_at_m, updated_at_m
	//  FROM keys_roles
	//  WHERE key_id = ?
	//    AND role_id = ?
	FindKeyRoleByKeyAndRoleID(ctx context.Context, db DBTX, arg FindKeyRoleByKeyAndRoleIDParams) ([]KeysRole, error)
	//FindKeySpaceByID
	//
	//  SELECT pk, id, workspace_id, created_at_m, updated_at_m, deleted_at_m, store_encrypted_keys, default_prefix, default_bytes, size_approx, size_last_updated_at FROM `key_auth` WHERE id = ?
	FindKeySpaceByID(ctx context.Context, db DBTX, id string) (KeyAuth, error)
	//FindKeysByHash
	//
	//  SELECT id, hash FROM `keys` WHERE hash IN (/*SLICE:hashes*/?)
	FindKeysByHash(ctx context.Context, db DBTX, hashes []string) ([]FindKeysByHashRow, error)
	//FindLatestReadyDeploymentByAppAndEnv
	//
	//  SELECT id
	//  FROM deployments
	//  WHERE app_id = ?
	//    AND environment_id = ?
	//    AND status = 'ready'
	//    AND id != ?
	//  ORDER BY created_at DESC
	//  LIMIT 1
	FindLatestReadyDeploymentByAppAndEnv(ctx context.Context, db DBTX, arg FindLatestReadyDeploymentByAppAndEnvParams) (string, error)
	//FindLiveApiByID
	//
	//  SELECT apis.pk, apis.id, apis.name, apis.workspace_id, apis.ip_whitelist, apis.auth_type, apis.key_auth_id, apis.created_at_m, apis.updated_at_m, apis.deleted_at_m, apis.delete_protection, ka.pk, ka.id, ka.workspace_id, ka.created_at_m, ka.updated_at_m, ka.deleted_at_m, ka.store_encrypted_keys, ka.default_prefix, ka.default_bytes, ka.size_approx, ka.size_last_updated_at
	//  FROM apis
	//  JOIN key_auth as ka ON ka.id = apis.key_auth_id
	//  WHERE apis.id = ?
	//      AND ka.deleted_at_m IS NULL
	//      AND apis.deleted_at_m IS NULL
	//  LIMIT 1
	FindLiveApiByID(ctx context.Context, db DBTX, id string) (FindLiveApiByIDRow, error)
	//FindLiveKeyByHash
	//
	//  SELECT
	//      k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
	//      a.pk, a.id, a.name, a.workspace_id, a.ip_whitelist, a.auth_type, a.key_auth_id, a.created_at_m, a.updated_at_m, a.deleted_at_m, a.delete_protection,
	//      ka.pk, ka.id, ka.workspace_id, ka.created_at_m, ka.updated_at_m, ka.deleted_at_m, ka.store_encrypted_keys, ka.default_prefix, ka.default_bytes, ka.size_approx, ka.size_last_updated_at,
	//      ws.pk, ws.id, ws.org_id, ws.name, ws.slug, ws.k8s_namespace, ws.tier, ws.stripe_customer_id, ws.stripe_subscription_id, ws.beta_features, ws.subscriptions, ws.enabled, ws.delete_protection, ws.created_at_m, ws.updated_at_m, ws.deleted_at_m,
	//      i.id as identity_table_id,
	//      i.external_id as identity_external_id,
	//      i.meta as identity_meta,
	//      ek.encrypted as encrypted_key,
	//      ek.encryption_key_id as encryption_key_id,
	//
	//      -- Roles with both IDs and names
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', r.id,
	//                  'name', r.name,
	//                  'description', r.description
	//              )
	//          )
	//          FROM keys_roles kr
	//          JOIN roles r ON r.id = kr.role_id
	//          WHERE kr.key_id = k.id),
	//          JSON_ARRAY()
	//      ) as roles,
	//
	//      -- Direct permissions attached to the key
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', p.id,
	//                  'name', p.name,
	//                  'slug', p.slug,
	//                  'description', p.description
	//              )
	//          )
	//          FROM keys_permissions kp
	//          JOIN permissions p ON kp.permission_id = p.id
	//          WHERE kp.key_id = k.id),
	//          JSON_ARRAY()
	//      ) as permissions,
	//
	//      -- Permissions from roles
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', p.id,
	//                  'name', p.name,
	//                  'slug', p.slug,
	//                  'description', p.description
	//              )
	//          )
	//          FROM keys_roles kr
	//          JOIN roles_permissions rp ON kr.role_id = rp.role_id
	//          JOIN permissions p ON rp.permission_id = p.id
	//          WHERE kr.key_id = k.id),
	//          JSON_ARRAY()
	//      ) as role_permissions,
	//
	//      -- Rate limits
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', id,
	//                  'name', name,
	//                  'key_id', key_id,
	//                  'identity_id', identity_id,
	//                  'limit', `limit`,
	//                  'duration', duration,
	//                  'auto_apply', auto_apply = 1
	//              )
	//          )
	//          FROM (
	//              SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
	//              FROM ratelimits rl
	//              WHERE rl.key_id = k.id
	//              UNION ALL
	//              SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
	//              FROM ratelimits rl
	//              WHERE rl.identity_id = i.id
	//          ) AS combined_rl),
	//          JSON_ARRAY()
	//      ) as ratelimits
	//
	//  FROM `keys` k
	//  JOIN apis a ON a.key_auth_id = k.key_auth_id
	//  JOIN key_auth ka ON ka.id = k.key_auth_id
	//  JOIN workspaces ws ON ws.id = k.workspace_id
	//  LEFT JOIN identities i ON k.identity_id = i.id AND i.deleted = false
	//  LEFT JOIN encrypted_keys ek ON ek.key_id = k.id
	//  WHERE k.hash = ?
	//      AND k.deleted_at_m IS NULL
	//      AND a.deleted_at_m IS NULL
	//      AND ka.deleted_at_m IS NULL
	//      AND ws.deleted_at_m IS NULL
	FindLiveKeyByHash(ctx context.Context, db DBTX, hash string) (FindLiveKeyByHashRow, error)
	//FindLiveKeyByID
	//
	//  SELECT
	//      k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
	//      a.pk, a.id, a.name, a.workspace_id, a.ip_whitelist, a.auth_type, a.key_auth_id, a.created_at_m, a.updated_at_m, a.deleted_at_m, a.delete_protection,
	//      ka.pk, ka.id, ka.workspace_id, ka.created_at_m, ka.updated_at_m, ka.deleted_at_m, ka.store_encrypted_keys, ka.default_prefix, ka.default_bytes, ka.size_approx, ka.size_last_updated_at,
	//      ws.pk, ws.id, ws.org_id, ws.name, ws.slug, ws.k8s_namespace, ws.tier, ws.stripe_customer_id, ws.stripe_subscription_id, ws.beta_features, ws.subscriptions, ws.enabled, ws.delete_protection, ws.created_at_m, ws.updated_at_m, ws.deleted_at_m,
	//      i.id as identity_table_id,
	//      i.external_id as identity_external_id,
	//      i.meta as identity_meta,
	//      ek.encrypted as encrypted_key,
	//      ek.encryption_key_id as encryption_key_id,
	//
	//      -- Roles with both IDs and names
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', r.id,
	//                  'name', r.name,
	//                  'description', r.description
	//              )
	//          )
	//          FROM keys_roles kr
	//          JOIN roles r ON r.id = kr.role_id
	//          WHERE kr.key_id = k.id),
	//          JSON_ARRAY()
	//      ) as roles,
	//
	//      -- Direct permissions attached to the key
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', p.id,
	//                  'name', p.name,
	//                  'slug', p.slug,
	//                  'description', p.description
	//              )
	//          )
	//          FROM keys_permissions kp
	//          JOIN permissions p ON kp.permission_id = p.id
	//          WHERE kp.key_id = k.id),
	//          JSON_ARRAY()
	//      ) as permissions,
	//
	//      -- Permissions from roles
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', p.id,
	//                  'name', p.name,
	//                  'slug', p.slug,
	//                  'description', p.description
	//              )
	//          )
	//          FROM keys_roles kr
	//          JOIN roles_permissions rp ON kr.role_id = rp.role_id
	//          JOIN permissions p ON rp.permission_id = p.id
	//          WHERE kr.key_id = k.id),
	//          JSON_ARRAY()
	//      ) as role_permissions,
	//
	//      -- Rate limits
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', rl.id,
	//                  'name', rl.name,
	//                  'key_id', rl.key_id,
	//                  'identity_id', rl.identity_id,
	//                  'limit', rl.`limit`,
	//                  'duration', rl.duration,
	//                  'auto_apply', rl.auto_apply = 1
	//              )
	//          )
	//          FROM ratelimits rl
	//          WHERE rl.key_id = k.id
	//              OR rl.identity_id = i.id),
	//          JSON_ARRAY()
	//      ) as ratelimits
	//
	//  FROM `keys` k
	//  JOIN apis a ON a.key_auth_id = k.key_auth_id
	//  JOIN key_auth ka ON ka.id = k.key_auth_id
	//  JOIN workspaces ws ON ws.id = k.workspace_id
	//  LEFT JOIN identities i ON k.identity_id = i.id AND i.deleted = false
	//  LEFT JOIN encrypted_keys ek ON ek.key_id = k.id
	//  WHERE k.id = ?
	//      AND k.deleted_at_m IS NULL
	//      AND a.deleted_at_m IS NULL
	//      AND ka.deleted_at_m IS NULL
	//      AND ws.deleted_at_m IS NULL
	FindLiveKeyByID(ctx context.Context, db DBTX, id string) (FindLiveKeyByIDRow, error)
	//FindManyRatelimitNamespaces
	//
	//  SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m,
	//         coalesce(
	//                 (select json_arrayagg(
	//                                 json_object(
	//                                         'id', ro.id,
	//                                         'identifier', ro.identifier,
	//                                         'limit', ro.limit,
	//                                         'duration', ro.duration
	//                                 )
	//                         )
	//                  from ratelimit_overrides ro where ro.namespace_id = ns.id AND ro.deleted_at_m IS NULL),
	//                 json_array()
	//         ) as overrides
	//  FROM `ratelimit_namespaces` ns
	//  WHERE ns.workspace_id = ?
	//    AND (ns.id IN (/*SLICE:namespaces*/?) OR ns.name IN (/*SLICE:namespaces*/?))
	FindManyRatelimitNamespaces(ctx context.Context, db DBTX, arg FindManyRatelimitNamespacesParams) ([]FindManyRatelimitNamespacesRow, error)
	//FindManyRolesByIdOrNameWithPerms
	//
	//  SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m, COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              json_object(
	//                  'id', permission.id,
	//                  'name', permission.name,
	//                  'slug', permission.slug,
	//                  'description', permission.description
	//             )
	//          )
	//           FROM (SELECT name, id, slug, description
	//                 FROM roles_permissions rp
	//                          JOIN permissions p ON p.id = rp.permission_id
	//                 WHERE rp.role_id = r.id) as permission),
	//          JSON_ARRAY()
	//  ) as permissions
	//  FROM roles r
	//  WHERE r.workspace_id = ? AND (
	//      r.id IN (/*SLICE:search*/?)
	//      OR r.name IN (/*SLICE:search*/?)
	//  )
	FindManyRolesByIdOrNameWithPerms(ctx context.Context, db DBTX, arg FindManyRolesByIdOrNameWithPermsParams) ([]FindManyRolesByIdOrNameWithPermsRow, error)
	//FindManyRolesByNamesWithPerms
	//
	//  SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m, COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              json_object(
	//                  'id', permission.id,
	//                  'name', permission.name,
	//                  'slug', permission.slug,
	//                  'description', permission.description
	//             )
	//          )
	//           FROM (SELECT name, id, slug, description
	//                 FROM roles_permissions rp
	//                          JOIN permissions p ON p.id = rp.permission_id
	//                 WHERE rp.role_id = r.id) as permission),
	//          JSON_ARRAY()
	//  ) as permissions
	//  FROM roles r
	//  WHERE r.workspace_id = ? AND r.name IN (/*SLICE:names*/?)
	FindManyRolesByNamesWithPerms(ctx context.Context, db DBTX, arg FindManyRolesByNamesWithPermsParams) ([]FindManyRolesByNamesWithPermsRow, error)
	//FindOpenApiSpecByDeploymentID
	//
	//  SELECT pk, id, workspace_id, deployment_id, portal_config_id, content, created_at, updated_at FROM openapi_specs WHERE deployment_id = ?
	FindOpenApiSpecByDeploymentID(ctx context.Context, db DBTX, deploymentID sql.NullString) (OpenapiSpec, error)
	// Finds a permission record by its ID
	// Returns: The permission record if found
	//
	//  SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
	//  FROM permissions
	//  WHERE id = ?
	//  LIMIT 1
	FindPermissionByID(ctx context.Context, db DBTX, permissionID string) (Permission, error)
	//FindPermissionByIdOrSlug
	//
	//  SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
	//  FROM permissions
	//  WHERE workspace_id = ? AND (id = ? OR slug = ?)
	FindPermissionByIdOrSlug(ctx context.Context, db DBTX, arg FindPermissionByIdOrSlugParams) (Permission, error)
	//FindPermissionByNameAndWorkspaceID
	//
	//  SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
	//  FROM permissions
	//  WHERE name = ?
	//  AND workspace_id = ?
	//  LIMIT 1
	FindPermissionByNameAndWorkspaceID(ctx context.Context, db DBTX, arg FindPermissionByNameAndWorkspaceIDParams) (Permission, error)
	//FindPermissionBySlugAndWorkspaceID
	//
	//  SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
	//  FROM permissions
	//  WHERE slug = ?
	//  AND workspace_id = ?
	//  LIMIT 1
	FindPermissionBySlugAndWorkspaceID(ctx context.Context, db DBTX, arg FindPermissionBySlugAndWorkspaceIDParams) (Permission, error)
	//FindPermissionsBySlugs
	//
	//  SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m FROM permissions WHERE workspace_id = ? AND slug IN (/*SLICE:slugs*/?)
	FindPermissionsBySlugs(ctx context.Context, db DBTX, arg FindPermissionsBySlugsParams) ([]Permission, error)
	//FindPortalBrandingByConfigID
	//
	//  SELECT pk, portal_config_id, logo_url, primary_color, created_at, updated_at FROM portal_branding WHERE portal_config_id = ?
	FindPortalBrandingByConfigID(ctx context.Context, db DBTX, portalConfigID string) (PortalBranding, error)
	//FindPortalConfigByWorkspaceAndSlug
	//
	//  SELECT pk, id, workspace_id, slug, app_id, key_auth_id, enabled, return_url, created_at, updated_at FROM portal_configurations
	//  WHERE workspace_id = ? AND slug = ?
	FindPortalConfigByWorkspaceAndSlug(ctx context.Context, db DBTX, arg FindPortalConfigByWorkspaceAndSlugParams) (PortalConfiguration, error)
	//FindProjectById
	//
	//  SELECT pk, id, workspace_id, name, slug, depot_project_id, delete_protection, created_at, updated_at
	//  FROM projects
	//  WHERE id = ?
	FindProjectById(ctx context.Context, db DBTX, id string) (Project, error)
	//FindProjectBySlug
	//
	//  SELECT pk, id, workspace_id, name, slug, depot_project_id, delete_protection, created_at, updated_at
	//  FROM projects
	//  WHERE slug = ?
	//  LIMIT 1
	FindProjectBySlug(ctx context.Context, db DBTX, slug string) (Project, error)
	//FindProjectByWorkspaceSlug
	//
	//  SELECT
	//      id,
	//      workspace_id,
	//      name,
	//      slug,
	//      delete_protection,
	//      created_at,
	//      updated_at
	//  FROM projects
	//  WHERE workspace_id = ? AND slug = ?
	//  LIMIT 1
	FindProjectByWorkspaceSlug(ctx context.Context, db DBTX, arg FindProjectByWorkspaceSlugParams) (FindProjectByWorkspaceSlugRow, error)
	//FindQuotaByWorkspaceID
	//
	//  SELECT pk, workspace_id, requests_per_month, logs_retention_days, audit_logs_retention_days, team, ratelimit_api_limit, ratelimit_api_duration, allocated_cpu_millicores_total, allocated_memory_mib_total, allocated_storage_mib_total, max_cpu_millicores_per_instance, max_memory_mib_per_instance, max_storage_mib_per_instance, max_concurrent_builds
	//  FROM `quota`
	//  WHERE workspace_id = ?
	FindQuotaByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (Quotas, error)
	//FindRatelimitNamespace
	//
	//  SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m,
	//         coalesce(
	//                 (select json_arrayagg(
	//                                 json_object(
	//                                         'id', ro.id,
	//                                         'identifier', ro.identifier,
	//                                         'limit', ro.limit,
	//                                         'duration', ro.duration
	//                                 )
	//                         )
	//                  from ratelimit_overrides ro where ro.namespace_id = ns.id AND ro.deleted_at_m IS NULL),
	//                 json_array()
	//         ) as overrides
	//  FROM `ratelimit_namespaces` ns
	//  WHERE ns.workspace_id = ?
	//  AND (ns.id = ? OR ns.name = ?)
	FindRatelimitNamespace(ctx context.Context, db DBTX, arg FindRatelimitNamespaceParams) (FindRatelimitNamespaceRow, error)
	//FindRatelimitNamespaceByID
	//
	//  SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m FROM `ratelimit_namespaces`
	//  WHERE id = ?
	FindRatelimitNamespaceByID(ctx context.Context, db DBTX, id string) (RatelimitNamespace, error)
	//FindRatelimitNamespaceByName
	//
	//  SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m FROM `ratelimit_namespaces`
	//  WHERE name = ?
	//  AND workspace_id = ?
	FindRatelimitNamespaceByName(ctx context.Context, db DBTX, arg FindRatelimitNamespaceByNameParams) (RatelimitNamespace, error)
	//FindRatelimitOverrideByID
	//
	//  SELECT pk, id, workspace_id, namespace_id, identifier, `limit`, duration, created_at_m, updated_at_m, deleted_at_m FROM ratelimit_overrides
	//  WHERE
	//      workspace_id = ?
	//      AND id = ?
	FindRatelimitOverrideByID(ctx context.Context, db DBTX, arg FindRatelimitOverrideByIDParams) (RatelimitOverride, error)
	//FindRatelimitOverrideByIdentifier
	//
	//  SELECT pk, id, workspace_id, namespace_id, identifier, `limit`, duration, created_at_m, updated_at_m, deleted_at_m FROM ratelimit_overrides
	//  WHERE
	//      workspace_id = ?
	//      AND namespace_id = ?
	//      AND identifier = ?
	FindRatelimitOverrideByIdentifier(ctx context.Context, db DBTX, arg FindRatelimitOverrideByIdentifierParams) (RatelimitOverride, error)
	//FindRegionById
	//
	//  SELECT
	//   pk, id, name, platform, can_schedule
	//  FROM regions
	//  WHERE id = ? LIMIT 1
	FindRegionById(ctx context.Context, db DBTX, regionID string) (Region, error)
	//FindRegionByPlatformAndName
	//
	//  SELECT
	//   pk, id, name, platform, can_schedule
	//  FROM regions
	//  WHERE platform = ? AND name = ? LIMIT 1
	FindRegionByPlatformAndName(ctx context.Context, db DBTX, arg FindRegionByPlatformAndNameParams) (Region, error)
	// Finds a role record by its ID
	// Returns: The role record if found
	//
	//  SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m
	//  FROM roles
	//  WHERE id = ?
	//  LIMIT 1
	FindRoleByID(ctx context.Context, db DBTX, roleID string) (Role, error)
	//FindRoleByIdOrNameWithPerms
	//
	//  SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m, COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              json_object(
	//                  'id', permission.id,
	//                  'name', permission.name,
	//                  'slug', permission.slug,
	//                  'description', permission.description
	//             )
	//          )
	//           FROM (SELECT name, id, slug, description
	//                 FROM roles_permissions rp
	//                          JOIN permissions p ON p.id = rp.permission_id
	//                 WHERE rp.role_id = r.id) as permission),
	//          JSON_ARRAY()
	//  ) as permissions
	//  FROM roles r
	//  WHERE r.workspace_id = ? AND (
	//      r.id = ?
	//      OR r.name = ?
	//  )
	FindRoleByIdOrNameWithPerms(ctx context.Context, db DBTX, arg FindRoleByIdOrNameWithPermsParams) (FindRoleByIdOrNameWithPermsRow, error)
	// Finds a role record by its name within a specific workspace
	// Returns: The role record if found
	//
	//  SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m
	//  FROM roles
	//  WHERE name = ?
	//  AND workspace_id = ?
	//  LIMIT 1
	FindRoleByNameAndWorkspaceID(ctx context.Context, db DBTX, arg FindRoleByNameAndWorkspaceIDParams) (Role, error)
	//FindRolePermissionByRoleAndPermissionID
	//
	//  SELECT pk, role_id, permission_id, workspace_id, created_at_m, updated_at_m
	//  FROM roles_permissions
	//  WHERE role_id = ?
	//    AND permission_id = ?
	FindRolePermissionByRoleAndPermissionID(ctx context.Context, db DBTX, arg FindRolePermissionByRoleAndPermissionIDParams) ([]RolesPermission, error)
	//FindRolesByNames
	//
	//  SELECT id, name FROM roles WHERE workspace_id = ? AND name IN (/*SLICE:names*/?)
	FindRolesByNames(ctx context.Context, db DBTX, arg FindRolesByNamesParams) ([]FindRolesByNamesRow, error)
	//FindSentinelByID
	//
	//  SELECT pk, id, workspace_id, project_id, environment_id, k8s_name, k8s_address, region_id, image, running_image, desired_state, health, desired_replicas, available_replicas, deploy_status, cpu_millicores, memory_mib, created_at, updated_at FROM sentinels s
	//  WHERE id = ? LIMIT 1
	FindSentinelByID(ctx context.Context, db DBTX, id string) (Sentinel, error)
	// Returns the sentinel fields ReportSentinelStatus needs to decide whether
	// a rollout has converged: deploy_status (gates), image comparison, and
	// desired replica count.
	//
	//  SELECT
	//      id,
	//      deploy_status,
	//      image AS desired_image,
	//      running_image,
	//      desired_replicas
	//  FROM sentinels
	//  WHERE k8s_name = ? LIMIT 1
	FindSentinelDeployContextByK8sName(ctx context.Context, db DBTX, k8sName string) (FindSentinelDeployContextByK8sNameRow, error)
	//FindSentinelsByEnvironmentID
	//
	//  SELECT s.pk, s.id, s.workspace_id, s.project_id, s.environment_id, s.k8s_name, s.k8s_address, s.region_id, s.image, s.running_image, s.desired_state, s.health, s.desired_replicas, s.available_replicas, s.deploy_status, s.cpu_millicores, s.memory_mib, s.created_at, s.updated_at, r.pk, r.id, r.name, r.platform, r.can_schedule FROM sentinels s LEFT JOIN regions r ON s.region_id = r.id WHERE s.environment_id = ?
	FindSentinelsByEnvironmentID(ctx context.Context, db DBTX, environmentID string) ([]FindSentinelsByEnvironmentIDRow, error)
	//FindValidPortalSession
	//
	//  SELECT pk, id, workspace_id, portal_config_id, external_id, permissions, preview, expires_at, created_at FROM portal_sessions
	//  WHERE id = ?
	//    AND expires_at > ?
	FindValidPortalSession(ctx context.Context, db DBTX, arg FindValidPortalSessionParams) (PortalSession, error)
	//FindValidPortalSessionToken
	//
	//  SELECT pk, id, workspace_id, portal_config_id, external_id, permissions, preview, exchanged_at, expires_at, created_at FROM portal_session_tokens
	//  WHERE id = ?
	//    AND exchanged_at IS NULL
	//    AND expires_at > ?
	FindValidPortalSessionToken(ctx context.Context, db DBTX, arg FindValidPortalSessionTokenParams) (PortalSessionToken, error)
	//FindVerifiedCustomDomainByAppID
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
	//  WHERE app_id = ? AND verification_status = 'verified'
	//  ORDER BY created_at ASC, id ASC
	//  LIMIT 1
	FindVerifiedCustomDomainByAppID(ctx context.Context, db DBTX, appID string) (CustomDomain, error)
	//FindVerifiedCustomDomainByDomainExcludingWorkspace
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
	//  WHERE domain = ?
	//    AND workspace_id != ?
	//    AND verification_status = 'verified'
	//  LIMIT 1
	FindVerifiedCustomDomainByDomainExcludingWorkspace(ctx context.Context, db DBTX, arg FindVerifiedCustomDomainByDomainExcludingWorkspaceParams) (CustomDomain, error)
	//FindWorkspaceByID
	//
	//  SELECT pk, id, org_id, name, slug, k8s_namespace, tier, stripe_customer_id, stripe_subscription_id, beta_features, subscriptions, enabled, delete_protection, created_at_m, updated_at_m, deleted_at_m FROM `workspaces`
	//  WHERE id = ?
	FindWorkspaceByID(ctx context.Context, db DBTX, id string) (Workspace, error)
	// FlipSentinelDeployStatusIfProgressing flips deploy_status from progressing
	// to the target status, guarding against concurrent writers (e.g. the Deploy
	// worker marking failed on timeout) by only updating rows whose current
	// status is still 'progressing'. Returns the number of rows affected; the
	// caller should treat 0 as "someone else already moved this sentinel out of
	// progressing" and skip follow-up side effects (NotifyReady, etc.).
	//
	//  UPDATE sentinels SET
	//    deploy_status = ?,
	//    updated_at = ?
	//  WHERE id = ?
	//    AND deploy_status = 'progressing'
	FlipSentinelDeployStatusIfProgressing(ctx context.Context, db DBTX, arg FlipSentinelDeployStatusIfProgressingParams) (int64, error)
	// GetDeploymentChangesMaxVersion returns the current maximum version (pk) for a region.
	// Used during full sync to establish the starting version for incremental polling.
	//
	//  SELECT CAST(COALESCE(MAX(pk), 0) AS UNSIGNED) AS max_version
	//  FROM `deployment_changes`
	//  WHERE region_id = ?
	GetDeploymentChangesMaxVersion(ctx context.Context, db DBTX, regionID string) (int64, error)
	//GetKeyAuthByID
	//
	//  SELECT
	//      id,
	//      workspace_id,
	//      created_at_m,
	//      default_prefix,
	//      default_bytes,
	//      store_encrypted_keys
	//  FROM key_auth
	//  WHERE id = ?
	//    AND deleted_at_m IS NULL
	GetKeyAuthByID(ctx context.Context, db DBTX, id string) (GetKeyAuthByIDRow, error)
	//GetWorkspacesForQuotaCheckByIDs
	//
	//  SELECT
	//     w.id,
	//     w.org_id,
	//     w.name,
	//     w.stripe_customer_id,
	//     w.tier,
	//     w.enabled,
	//     q.requests_per_month
	//  FROM `workspaces` w
	//  LEFT JOIN quota q ON w.id = q.workspace_id
	//  WHERE w.id IN (/*SLICE:workspace_ids*/?)
	GetWorkspacesForQuotaCheckByIDs(ctx context.Context, db DBTX, workspaceIds []string) ([]GetWorkspacesForQuotaCheckByIDsRow, error)
	//HardDeleteWorkspace
	//
	//  DELETE FROM `workspaces`
	//  WHERE id = ?
	//  AND delete_protection = false
	HardDeleteWorkspace(ctx context.Context, db DBTX, id string) (sql.Result, error)
	// Check whether a newer deployment exists for the same (app, env, branch) that
	// makes building this one pointless. Matches any non-terminal status including
	// 'ready' — if a newer commit is already deployed there is no reason to build
	// an older one.
	//
	//  SELECT EXISTS (
	//      SELECT 1 FROM deployments
	//      WHERE app_id = ?
	//        AND environment_id = ?
	//        AND git_branch = ?
	//        AND status NOT IN ('failed', 'skipped', 'stopped', 'superseded', 'cancelled')
	//        AND created_at > ?
	//        AND id != ?
	//  ) AS has_newer
	HasNewerActiveDeployment(ctx context.Context, db DBTX, arg HasNewerActiveDeploymentParams) (bool, error)
	//InsertAcmeChallenge
	//
	//  INSERT INTO acme_challenges (
	//      workspace_id,
	//      domain_id,
	//      token,
	//      authorization,
	//      status,
	//      challenge_type,
	//      created_at,
	//      updated_at,
	//      expires_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertAcmeChallenge(ctx context.Context, db DBTX, arg InsertAcmeChallengeParams) error
	//InsertAcmeUser
	//
	//
	//  INSERT INTO acme_users (id, workspace_id, encrypted_key, created_at)
	//  VALUES (?,?,?,?)
	InsertAcmeUser(ctx context.Context, db DBTX, arg InsertAcmeUserParams) error
	//InsertApi
	//
	//  INSERT INTO apis (
	//      id,
	//      name,
	//      workspace_id,
	//      auth_type,
	//      ip_whitelist,
	//      key_auth_id,
	//      created_at_m,
	//      deleted_at_m
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      NULL
	//  )
	InsertApi(ctx context.Context, db DBTX, arg InsertApiParams) error
	//InsertApp
	//
	//  INSERT INTO apps (
	//      id,
	//      workspace_id,
	//      project_id,
	//      name,
	//      slug,
	//      default_branch,
	//      delete_protection,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertApp(ctx context.Context, db DBTX, arg InsertAppParams) error
	//InsertAppEnvironmentVariable
	//
	//  INSERT INTO app_environment_variables (id, workspace_id, app_id, environment_id, `key`, value, created_at)
	//  VALUES (?, ?, ?, ?, ?, ?, ?)
	InsertAppEnvironmentVariable(ctx context.Context, db DBTX, arg InsertAppEnvironmentVariableParams) error
	//InsertAuditLog
	//
	//  INSERT INTO `audit_log` (
	//      id,
	//      workspace_id,
	//      bucket_id,
	//      bucket,
	//      event,
	//      time,
	//      display,
	//      remote_ip,
	//      user_agent,
	//      actor_type,
	//      actor_id,
	//      actor_name,
	//      actor_meta,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      CAST(? AS JSON),
	//      ?
	//  )
	InsertAuditLog(ctx context.Context, db DBTX, arg InsertAuditLogParams) error
	//InsertAuditLogTarget
	//
	//  INSERT INTO `audit_log_target` (
	//      workspace_id,
	//      bucket_id,
	//      bucket,
	//      audit_log_id,
	//      display_name,
	//      type,
	//      id,
	//      name,
	//      meta,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      CAST(? AS JSON),
	//      ?
	//  )
	InsertAuditLogTarget(ctx context.Context, db DBTX, arg InsertAuditLogTargetParams) error
	//InsertCertificate
	//
	//  INSERT INTO certificates (id, workspace_id, hostname, certificate, encrypted_private_key, created_at)
	//  VALUES (?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE
	//  workspace_id = VALUES(workspace_id),
	//  hostname = VALUES(hostname),
	//  certificate = VALUES(certificate),
	//  encrypted_private_key = VALUES(encrypted_private_key),
	//  updated_at = ?
	InsertCertificate(ctx context.Context, db DBTX, arg InsertCertificateParams) error
	//InsertCiliumNetworkPolicy
	//
	//  INSERT INTO cilium_network_policies (
	//      id,
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      environment_id,
	//      deployment_id,
	//      k8s_name,
	//      k8s_namespace,
	//      region_id,
	//      policy,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertCiliumNetworkPolicy(ctx context.Context, db DBTX, arg InsertCiliumNetworkPolicyParams) error
	// InsertClickhouseOutbox enqueues one event for ClickHouse export. Called
	// from the same MySQL transaction as the underlying mutation, so durability
	// is exactly the durability of the mutation: if the mutation commits, the
	// outbox row commits.
	//
	// version namespaces the payload schema (e.g. "audit_log.v1"). The drainer
	// filters by versions it knows, so writing a new version without a matching
	// drainer leaves rows queued safely.
	//
	//  INSERT INTO `clickhouse_outbox` (
	//      version,
	//      workspace_id,
	//      event_id,
	//      payload,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      CAST(? AS JSON),
	//      ?
	//  )
	InsertClickhouseOutbox(ctx context.Context, db DBTX, arg InsertClickhouseOutboxParams) error
	//InsertClickhouseWorkspaceSettings
	//
	//  INSERT INTO `clickhouse_workspace_settings` (
	//      workspace_id,
	//      username,
	//      password_encrypted,
	//      quota_duration_seconds,
	//      max_queries_per_window,
	//      max_execution_time_per_window,
	//      max_query_execution_time,
	//      max_query_memory_bytes,
	//      max_query_result_rows,
	//      created_at,
	//      updated_at
	//  )
	//  VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertClickhouseWorkspaceSettings(ctx context.Context, db DBTX, arg InsertClickhouseWorkspaceSettingsParams) error
	//InsertCustomDomain
	//
	//  INSERT INTO custom_domains (
	//      id, workspace_id, project_id, app_id, environment_id, domain,
	//      challenge_type, verification_status, verification_token, target_cname,
	//      domain_connect_provider, domain_connect_url, invocation_id, created_at
	//  ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
	InsertCustomDomain(ctx context.Context, db DBTX, arg InsertCustomDomainParams) error
	//InsertDeployment
	//
	//  INSERT INTO `deployments` (
	//      id,
	//      k8s_name,
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      environment_id,
	//      git_commit_sha,
	//      git_branch,
	//      sentinel_config,
	//      git_commit_message,
	//      git_commit_author_handle,
	//      git_commit_author_avatar_url,
	//      git_commit_timestamp,
	//      encrypted_environment_variables,
	//      command,
	//      status,
	//      cpu_millicores,
	//      memory_mib,
	//      storage_mib,
	//      port,
	//      shutdown_signal,
	//      upstream_protocol,
	//      healthcheck,
	//      pr_number,
	//      fork_repository_full_name,
	//      created_at,
	//      updated_at
	//  )
	//  VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertDeployment(ctx context.Context, db DBTX, arg InsertDeploymentParams) error
	//InsertDeploymentChange
	//
	//  INSERT INTO `deployment_changes` (
	//      resource_type,
	//      resource_id,
	//      region_id,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertDeploymentChange(ctx context.Context, db DBTX, arg InsertDeploymentChangeParams) error
	//InsertDeploymentStep
	//
	//  INSERT INTO `deployment_steps` (
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      environment_id,
	//      deployment_id,
	//      step,
	//      started_at
	//  )
	//  VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  ) ON DUPLICATE KEY UPDATE
	//      started_at = VALUES(started_at),
	//      ended_at = NULL,
	//      error = NULL
	InsertDeploymentStep(ctx context.Context, db DBTX, arg InsertDeploymentStepParams) error
	//InsertDeploymentTopology
	//
	//  INSERT INTO `deployment_topology` (
	//      workspace_id,
	//      deployment_id,
	//      region_id,
	//      autoscaling_replicas_min,
	//      autoscaling_replicas_max,
	//      autoscaling_threshold_cpu,
	//      autoscaling_threshold_memory,
	//      desired_status,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertDeploymentTopology(ctx context.Context, db DBTX, arg InsertDeploymentTopologyParams) error
	//InsertEnvironment
	//
	//  INSERT INTO environments (
	//      id,
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      slug,
	//      description,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?, ?, ?, ?, ?, ?, ?, ?
	//  )
	InsertEnvironment(ctx context.Context, db DBTX, arg InsertEnvironmentParams) error
	//InsertFrontlineRoute
	//
	//  INSERT INTO frontline_routes (
	//      id,
	//      project_id,
	//      app_id,
	//      deployment_id,
	//      environment_id,
	//      fully_qualified_domain_name,
	//      sticky,
	//      created_at,
	//      updated_at
	//  )
	//  VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertFrontlineRoute(ctx context.Context, db DBTX, arg InsertFrontlineRouteParams) error
	//InsertGithubRepoConnection
	//
	//  INSERT INTO github_repo_connections (
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      installation_id,
	//      repository_id,
	//      repository_full_name,
	//      created_at,
	//      updated_at
	//  )
	//  VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertGithubRepoConnection(ctx context.Context, db DBTX, arg InsertGithubRepoConnectionParams) error
	//InsertIdentity
	//
	//  INSERT INTO `identities` (
	//      id,
	//      external_id,
	//      workspace_id,
	//      environment,
	//      created_at,
	//      meta
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      CAST(? AS JSON)
	//  )
	InsertIdentity(ctx context.Context, db DBTX, arg InsertIdentityParams) error
	//InsertIdentityRatelimit
	//
	//  INSERT INTO `ratelimits` (
	//      id,
	//      workspace_id,
	//      identity_id,
	//      name,
	//      `limit`,
	//      duration,
	//      created_at,
	//      auto_apply
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  ) ON DUPLICATE KEY UPDATE
	//      name = VALUES(name),
	//      `limit` = VALUES(`limit`),
	//      duration = VALUES(duration),
	//      auto_apply = VALUES(auto_apply),
	//      updated_at = VALUES(created_at)
	InsertIdentityRatelimit(ctx context.Context, db DBTX, arg InsertIdentityRatelimitParams) error
	//InsertKey
	//
	//  INSERT INTO `keys` (
	//      id,
	//      key_auth_id,
	//      hash,
	//      start,
	//      workspace_id,
	//      for_workspace_id,
	//      name,
	//      owner_id,
	//      identity_id,
	//      meta,
	//      expires,
	//      created_at_m,
	//      enabled,
	//      remaining_requests,
	//      refill_day,
	//      refill_amount,
	//      pending_migration_id
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      null,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertKey(ctx context.Context, db DBTX, arg InsertKeyParams) error
	//InsertKeyAuth
	//
	//  INSERT INTO key_auth (
	//      id,
	//      workspace_id,
	//      created_at_m,
	//      default_prefix,
	//      default_bytes,
	//      store_encrypted_keys
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      false
	//  )
	InsertKeyAuth(ctx context.Context, db DBTX, arg InsertKeyAuthParams) error
	//InsertKeyEncryption
	//
	//  INSERT INTO encrypted_keys
	//  (workspace_id, key_id, encrypted, encryption_key_id, created_at)
	//  VALUES (?, ?, ?, ?, ?)
	InsertKeyEncryption(ctx context.Context, db DBTX, arg InsertKeyEncryptionParams) error
	//InsertKeyMigration
	//
	//  INSERT INTO key_migrations (
	//      id,
	//      workspace_id,
	//      algorithm
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertKeyMigration(ctx context.Context, db DBTX, arg InsertKeyMigrationParams) error
	//InsertKeyPermission
	//
	//  INSERT INTO `keys_permissions` (
	//      key_id,
	//      permission_id,
	//      workspace_id,
	//      created_at_m
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  ) ON DUPLICATE KEY UPDATE updated_at_m = ?
	InsertKeyPermission(ctx context.Context, db DBTX, arg InsertKeyPermissionParams) error
	//InsertKeyRatelimit
	//
	//  INSERT INTO `ratelimits` (
	//      id,
	//      workspace_id,
	//      key_id,
	//      name,
	//      `limit`,
	//      duration,
	//      auto_apply,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  ) ON DUPLICATE KEY UPDATE
	//  `limit` = VALUES(`limit`),
	//  duration = VALUES(duration),
	//  auto_apply = VALUES(auto_apply),
	//  updated_at = ?
	InsertKeyRatelimit(ctx context.Context, db DBTX, arg InsertKeyRatelimitParams) error
	//InsertKeyRole
	//
	//  INSERT INTO keys_roles (
	//    key_id,
	//    role_id,
	//    workspace_id,
	//    created_at_m
	//  )
	//  VALUES (
	//    ?,
	//    ?,
	//    ?,
	//    ?
	//  )
	InsertKeyRole(ctx context.Context, db DBTX, arg InsertKeyRoleParams) error
	//InsertKeySpace
	//
	//  INSERT INTO `key_auth` (
	//      id,
	//      workspace_id,
	//      created_at_m,
	//      store_encrypted_keys,
	//      default_prefix,
	//      default_bytes,
	//      size_approx,
	//      size_last_updated_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//        ?,
	//      ?,
	//      ?,
	//      ?,
	//      0,
	//      0
	//  )
	InsertKeySpace(ctx context.Context, db DBTX, arg InsertKeySpaceParams) error
	//InsertPermission
	//
	//  INSERT INTO permissions (
	//    id,
	//    workspace_id,
	//    name,
	//    slug,
	//    description,
	//    created_at_m
	//  )
	//  VALUES (
	//    ?,
	//    ?,
	//    ?,
	//    ?,
	//    ?,
	//    ?
	//  )
	InsertPermission(ctx context.Context, db DBTX, arg InsertPermissionParams) error
	//InsertPortalConfig
	//
	//  INSERT INTO portal_configurations (
	//      id,
	//      workspace_id,
	//      slug,
	//      app_id,
	//      key_auth_id,
	//      enabled,
	//      return_url,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertPortalConfig(ctx context.Context, db DBTX, arg InsertPortalConfigParams) error
	//InsertPortalSession
	//
	//  INSERT INTO portal_sessions (
	//      id,
	//      workspace_id,
	//      portal_config_id,
	//      external_id,
	//      permissions,
	//      preview,
	//      expires_at,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertPortalSession(ctx context.Context, db DBTX, arg InsertPortalSessionParams) error
	//InsertPortalSessionToken
	//
	//  INSERT INTO portal_session_tokens (
	//      id,
	//      workspace_id,
	//      portal_config_id,
	//      external_id,
	//      permissions,
	//      preview,
	//      expires_at,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertPortalSessionToken(ctx context.Context, db DBTX, arg InsertPortalSessionTokenParams) error
	//InsertProject
	//
	//  INSERT INTO projects (
	//      id,
	//      workspace_id,
	//      name,
	//      slug,
	//      delete_protection,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?, ?, ?, ?, ?, ?, ?
	//  )
	InsertProject(ctx context.Context, db DBTX, arg InsertProjectParams) error
	//InsertRatelimitNamespace
	//
	//  INSERT INTO
	//      `ratelimit_namespaces` (
	//          id,
	//          workspace_id,
	//          name,
	//          created_at_m,
	//          updated_at_m,
	//          deleted_at_m
	//          )
	//  VALUES
	//      (
	//          ?,
	//          ?,
	//          ?,
	//           ?,
	//          NULL,
	//          NULL
	//      )
	InsertRatelimitNamespace(ctx context.Context, db DBTX, arg InsertRatelimitNamespaceParams) error
	//InsertRatelimitOverride
	//
	//  INSERT INTO ratelimit_overrides (
	//      id,
	//      workspace_id,
	//      namespace_id,
	//      identifier,
	//      `limit`,
	//      duration,
	//      created_at_m
	//  )
	//  VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	//  ON DUPLICATE KEY UPDATE
	//      `limit` = VALUES(`limit`),
	//      duration = VALUES(duration),
	//      updated_at_m = ?
	InsertRatelimitOverride(ctx context.Context, db DBTX, arg InsertRatelimitOverrideParams) error
	//InsertRole
	//
	//  INSERT INTO roles (
	//    id,
	//    workspace_id,
	//    name,
	//    description,
	//    created_at_m
	//  )
	//  VALUES (
	//    ?,
	//    ?,
	//    ?,
	//    ?,
	//    ?
	//  )
	InsertRole(ctx context.Context, db DBTX, arg InsertRoleParams) error
	//InsertRolePermission
	//
	//  INSERT INTO roles_permissions (
	//    role_id,
	//    permission_id,
	//    workspace_id,
	//    created_at_m
	//  )
	//  VALUES (
	//    ?,
	//    ?,
	//    ?,
	//    ?
	//  )
	InsertRolePermission(ctx context.Context, db DBTX, arg InsertRolePermissionParams) error
	//InsertSentinel
	//
	//  INSERT INTO sentinels (
	//      id,
	//      workspace_id,
	//      environment_id,
	//      project_id,
	//      k8s_address,
	//      k8s_name,
	//      region_id,
	//      image,
	//      desired_replicas,
	//      cpu_millicores,
	//      memory_mib,
	//      created_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	InsertSentinel(ctx context.Context, db DBTX, arg InsertSentinelParams) error
	//InsertWorkspace
	//
	//  INSERT INTO `workspaces` (
	//      id,
	//      org_id,
	//      name,
	//      slug,
	//      created_at_m,
	//      tier,
	//      beta_features,
	//      enabled,
	//      delete_protection,
	//      k8s_namespace
	//  )
	//  VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      'Free',
	//      '{}',
	//      true,
	//      true,
	//      ?
	//  )
	InsertWorkspace(ctx context.Context, db DBTX, arg InsertWorkspaceParams) error
	// ListAllCiliumNetworkPoliciesByRegion returns cilium network policies for a region, paginated by pk.
	// Used during full sync (version=0) to bootstrap krane agents with current state.
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at FROM `cilium_network_policies`
	//  WHERE region_id = ? AND pk > ?
	//  ORDER BY pk ASC
	//  LIMIT ?
	ListAllCiliumNetworkPoliciesByRegion(ctx context.Context, db DBTX, arg ListAllCiliumNetworkPoliciesByRegionParams) ([]CiliumNetworkPolicy, error)
	// ListAllDeploymentTopologiesByRegion returns running deployment topologies for a region, paginated by pk.
	// Used by SyncDesiredState to reconcile krane agents with current desired state.
	//
	//  SELECT
	//      dt.pk, dt.workspace_id, dt.deployment_id, dt.region_id, dt.autoscaling_replicas_min, dt.autoscaling_replicas_max, dt.autoscaling_threshold_cpu, dt.autoscaling_threshold_memory, dt.desired_status, dt.created_at, dt.updated_at,
	//      d.pk, d.id, d.k8s_name, d.workspace_id, d.project_id, d.environment_id, d.app_id, d.image, d.build_id, d.git_commit_sha, d.git_branch, d.git_commit_message, d.git_commit_author_handle, d.git_commit_author_avatar_url, d.git_commit_timestamp, d.sentinel_config, d.cpu_millicores, d.memory_mib, d.storage_mib, d.desired_state, d.encrypted_environment_variables, d.command, d.port, d.shutdown_signal, d.upstream_protocol, d.healthcheck, d.pr_number, d.fork_repository_full_name, d.github_deployment_id, d.invocation_id, d.status, d.created_at, d.updated_at,
	//      w.k8s_namespace,
	//      e.slug AS environment_slug,
	//      r.name AS region_name,
	//      grc.repository_full_name AS git_repo
	//  FROM `deployment_topology` dt
	//  INNER JOIN `deployments` d ON dt.deployment_id = d.id
	//  INNER JOIN `workspaces` w ON d.workspace_id = w.id
	//  INNER JOIN `regions` r ON dt.region_id = r.id
	//  INNER JOIN `environments` e ON d.environment_id = e.id
	//  LEFT JOIN `github_repo_connections` grc ON d.app_id = grc.app_id
	//  WHERE r.id = ? AND dt.pk > ? AND dt.desired_status = 'running'
	//  ORDER BY dt.pk ASC
	//  LIMIT ?
	ListAllDeploymentTopologiesByRegion(ctx context.Context, db DBTX, arg ListAllDeploymentTopologiesByRegionParams) ([]ListAllDeploymentTopologiesByRegionRow, error)
	// ListAllSentinelsByRegion returns sentinels for a region, paginated by pk.
	// Used during full sync (version=0) to bootstrap krane agents with current state.
	//
	//  SELECT pk, id, workspace_id, project_id, environment_id, k8s_name, k8s_address, region_id, image, running_image, desired_state, health, desired_replicas, available_replicas, deploy_status, cpu_millicores, memory_mib, created_at, updated_at FROM `sentinels`
	//  WHERE region_id = ? AND pk > ?
	//  ORDER BY pk ASC
	//  LIMIT ?
	ListAllSentinelsByRegion(ctx context.Context, db DBTX, arg ListAllSentinelsByRegionParams) ([]Sentinel, error)
	//ListAppIdsByProject
	//
	//  SELECT id FROM apps WHERE project_id = ?
	ListAppIdsByProject(ctx context.Context, db DBTX, projectID string) ([]string, error)
	//ListAppsByProject
	//
	//  SELECT apps.pk, apps.id, apps.workspace_id, apps.project_id, apps.name, apps.slug, apps.default_branch, apps.current_deployment_id, apps.is_rolled_back, apps.delete_protection, apps.created_at, apps.updated_at
	//  FROM apps
	//  WHERE project_id = ?
	//  ORDER BY created_at ASC
	ListAppsByProject(ctx context.Context, db DBTX, projectID string) ([]ListAppsByProjectRow, error)
	//ListCustomDomainsByProjectID
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at
	//  FROM custom_domains
	//  WHERE project_id = ?
	//  ORDER BY created_at DESC
	ListCustomDomainsByProjectID(ctx context.Context, db DBTX, projectID string) ([]CustomDomain, error)
	// ListDeploymentChangesByRegionAll returns all deployment changes for a region with version > after_version.
	// Used by the unified WatchDeploymentChanges stream. Does not filter by resource_type.
	//
	//  SELECT pk, resource_type, resource_id, region_id, created_at
	//  FROM `deployment_changes`
	//  WHERE pk > ? AND region_id = ?
	//  ORDER BY pk ASC
	//  LIMIT ?
	ListDeploymentChangesByRegionAll(ctx context.Context, db DBTX, arg ListDeploymentChangesByRegionAllParams) ([]DeploymentChange, error)
	//ListDeploymentsByEnvironmentIdAndStatus
	//
	//  SELECT pk, id, k8s_name, workspace_id, project_id, environment_id, app_id, image, build_id, git_commit_sha, git_branch, git_commit_message, git_commit_author_handle, git_commit_author_avatar_url, git_commit_timestamp, sentinel_config, cpu_millicores, memory_mib, storage_mib, desired_state, encrypted_environment_variables, command, port, shutdown_signal, upstream_protocol, healthcheck, pr_number, fork_repository_full_name, github_deployment_id, invocation_id, status, created_at, updated_at FROM `deployments`
	//  WHERE environment_id = ?
	//    AND status = ?
	//    AND created_at < ?
	//    AND (updated_at IS null OR updated_at < ? )
	ListDeploymentsByEnvironmentIdAndStatus(ctx context.Context, db DBTX, arg ListDeploymentsByEnvironmentIdAndStatusParams) ([]Deployment, error)
	// ListDesiredDeploymentTopology returns all deployment topologies matching the desired state for a region.
	// Used during bootstrap to stream all running deployments to krane.
	//
	//  SELECT
	//      dt.pk, dt.workspace_id, dt.deployment_id, dt.region_id, dt.autoscaling_replicas_min, dt.autoscaling_replicas_max, dt.autoscaling_threshold_cpu, dt.autoscaling_threshold_memory, dt.desired_status, dt.created_at, dt.updated_at,
	//      d.pk, d.id, d.k8s_name, d.workspace_id, d.project_id, d.environment_id, d.app_id, d.image, d.build_id, d.git_commit_sha, d.git_branch, d.git_commit_message, d.git_commit_author_handle, d.git_commit_author_avatar_url, d.git_commit_timestamp, d.sentinel_config, d.cpu_millicores, d.memory_mib, d.storage_mib, d.desired_state, d.encrypted_environment_variables, d.command, d.port, d.shutdown_signal, d.upstream_protocol, d.healthcheck, d.pr_number, d.fork_repository_full_name, d.github_deployment_id, d.invocation_id, d.status, d.created_at, d.updated_at,
	//      w.k8s_namespace
	//  FROM `deployment_topology` dt
	//  INNER JOIN `deployments` d ON dt.deployment_id = d.id
	//  INNER JOIN `workspaces` w ON d.workspace_id = w.id
	//  INNER JOIN `regions` r ON dt.region_id = r.id
	//  WHERE (? = ” OR r.name = ?)
	//      AND d.desired_state = ?
	//      AND dt.deployment_id > ?
	//  ORDER BY dt.deployment_id ASC
	//  LIMIT ?
	ListDesiredDeploymentTopology(ctx context.Context, db DBTX, arg ListDesiredDeploymentTopologyParams) ([]ListDesiredDeploymentTopologyRow, error)
	//ListDesiredNetworkPolicies
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at
	//  FROM `cilium_network_policies`
	//  WHERE (? = ” OR region_id = ?) AND id > ?
	//  ORDER BY id ASC
	//  LIMIT ?
	ListDesiredNetworkPolicies(ctx context.Context, db DBTX, arg ListDesiredNetworkPoliciesParams) ([]CiliumNetworkPolicy, error)
	// ListDesiredSentinels returns all sentinels matching the desired state for a region.
	// Used during bootstrap to stream all running sentinels to krane.
	//
	//  SELECT pk, id, workspace_id, project_id, environment_id, k8s_name, k8s_address, region_id, image, running_image, desired_state, health, desired_replicas, available_replicas, deploy_status, cpu_millicores, memory_mib, created_at, updated_at
	//  FROM `sentinels`
	//  WHERE (? = ” OR region_id = ?)
	//      AND desired_state = ?
	//      AND id > ?
	//  ORDER BY id ASC
	//  LIMIT ?
	ListDesiredSentinels(ctx context.Context, db DBTX, arg ListDesiredSentinelsParams) ([]Sentinel, error)
	//ListDirectPermissionsByKeyID
	//
	//  SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.description, p.created_at_m, p.updated_at_m
	//  FROM keys_permissions kp
	//  JOIN permissions p ON kp.permission_id = p.id
	//  WHERE kp.key_id = ?
	//  ORDER BY p.slug
	ListDirectPermissionsByKeyID(ctx context.Context, db DBTX, keyID string) ([]Permission, error)
	//ListEnvVarsForRepoConnections
	//
	//  SELECT aev.app_id, aev.`key`, aev.value
	//  FROM app_environment_variables aev
	//  INNER JOIN apps a ON a.id = aev.app_id
	//  INNER JOIN environments e ON e.app_id = a.id AND e.id = aev.environment_id
	//  INNER JOIN github_repo_connections gc ON gc.app_id = a.id
	//  WHERE gc.installation_id = ?
	//    AND gc.repository_id = ?
	//    AND e.slug = CASE
	//      WHEN CAST(? AS SIGNED) = 1 THEN 'preview'
	//      WHEN ? = COALESCE(NULLIF(a.default_branch, ”), 'main')
	//      THEN 'production'
	//      ELSE 'preview'
	//    END
	ListEnvVarsForRepoConnections(ctx context.Context, db DBTX, arg ListEnvVarsForRepoConnectionsParams) ([]ListEnvVarsForRepoConnectionsRow, error)
	//ListEnvironmentIdsByApp
	//
	//  SELECT id FROM environments WHERE app_id = ?
	ListEnvironmentIdsByApp(ctx context.Context, db DBTX, appID string) ([]string, error)
	//ListExecutableChallenges
	//
	//  SELECT dc.workspace_id, dc.challenge_type, d.domain FROM acme_challenges dc
	//  JOIN custom_domains d ON dc.domain_id = d.id
	//  WHERE (dc.status = 'waiting' OR (dc.status = 'verified' AND dc.expires_at <= UNIX_TIMESTAMP(DATE_ADD(NOW(), INTERVAL 30 DAY)) * 1000))
	//  AND dc.challenge_type IN (/*SLICE:verification_types*/?)
	//  ORDER BY d.created_at ASC
	ListExecutableChallenges(ctx context.Context, db DBTX, verificationTypes []AcmeChallengesChallengeType) ([]ListExecutableChallengesRow, error)
	//ListGithubRepoConnections
	//
	//  SELECT
	//      pk,
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      installation_id,
	//      repository_id,
	//      repository_full_name,
	//      created_at,
	//      updated_at
	//  FROM github_repo_connections
	//  WHERE installation_id = ?
	//    AND repository_id = ?
	ListGithubRepoConnections(ctx context.Context, db DBTX, arg ListGithubRepoConnectionsParams) ([]GithubRepoConnection, error)
	//ListIdentities
	//
	//  SELECT
	//      i.id,
	//      i.external_id,
	//      i.workspace_id,
	//      i.environment,
	//      i.meta,
	//      i.deleted,
	//      i.created_at,
	//      i.updated_at,
	//      COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              JSON_OBJECT(
	//                  'id', r.id,
	//                  'name', r.name,
	//                  'limit', r.`limit`,
	//                  'duration', r.duration,
	//                  'auto_apply', r.auto_apply = 1
	//              )
	//          )
	//          FROM ratelimits r
	//          WHERE r.identity_id = i.id),
	//          JSON_ARRAY()
	//      ) as ratelimits
	//  FROM identities i
	//  WHERE i.workspace_id = ?
	//  AND i.deleted = ?
	//  AND i.id >= ?
	//  ORDER BY i.id ASC
	//  LIMIT ?
	ListIdentities(ctx context.Context, db DBTX, arg ListIdentitiesParams) ([]ListIdentitiesRow, error)
	//ListIdentityRatelimits
	//
	//  SELECT pk, id, name, workspace_id, created_at, updated_at, key_id, identity_id, `limit`, duration, auto_apply
	//  FROM ratelimits
	//  WHERE identity_id = ?
	//  ORDER BY id ASC
	ListIdentityRatelimits(ctx context.Context, db DBTX, identityID sql.NullString) ([]Ratelimit, error)
	//ListIdentityRatelimitsByID
	//
	//  SELECT pk, id, name, workspace_id, created_at, updated_at, key_id, identity_id, `limit`, duration, auto_apply FROM ratelimits WHERE identity_id = ?
	ListIdentityRatelimitsByID(ctx context.Context, db DBTX, identityID sql.NullString) ([]Ratelimit, error)
	//ListIdentityRatelimitsByIDs
	//
	//  SELECT pk, id, name, workspace_id, created_at, updated_at, key_id, identity_id, `limit`, duration, auto_apply FROM ratelimits WHERE identity_id IN (/*SLICE:ids*/?)
	ListIdentityRatelimitsByIDs(ctx context.Context, db DBTX, ids []sql.NullString) ([]Ratelimit, error)
	//ListKeysByKeySpaceID
	//
	//  SELECT
	//    k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
	//    i.id as identity_id,
	//    i.external_id as external_id,
	//    i.meta as identity_meta,
	//    ek.encrypted as encrypted_key,
	//    ek.encryption_key_id as encryption_key_id
	//
	//  FROM `keys` k
	//  LEFT JOIN `identities` i ON k.identity_id = i.id
	//  LEFT JOIN encrypted_keys ek ON k.id = ek.key_id
	//  WHERE k.key_auth_id = ?
	//  AND k.id >= ?
	//  AND (? IS NULL OR k.identity_id = ?)
	//  AND k.deleted_at_m IS NULL
	//  ORDER BY k.id ASC
	//  LIMIT ?
	ListKeysByKeySpaceID(ctx context.Context, db DBTX, arg ListKeysByKeySpaceIDParams) ([]ListKeysByKeySpaceIDRow, error)
	// ListKeysForRefill returns keys that need their remaining_requests refilled.
	// Uses a deferred join on pk for stable cursor-based pagination that avoids
	// OFFSET drift when rows are mutated between batches.
	// Keys are selected if:
	//   - refill_day is NULL (daily refill)
	//   - refill_day matches today's day of month
	//   - refill_day > today's day AND today is the last day of month (catch-up for short months)
	// Keys are skipped if remaining_requests >= refill_amount (already full).
	//
	//  SELECT k.pk, k.id, k.workspace_id, k.refill_amount, k.remaining_requests, k.name
	//  FROM `keys` k
	//  INNER JOIN (
	//      SELECT ki.pk
	//      FROM `keys` ki
	//      WHERE ki.refill_amount IS NOT NULL
	//        AND ki.deleted_at_m IS NULL
	//        AND (ki.remaining_requests IS NULL OR ki.refill_amount > ki.remaining_requests)
	//        AND (
	//            ki.refill_day IS NULL
	//            OR ki.refill_day = ?
	//            OR (? = 1 AND ki.refill_day > ?)
	//        )
	//        AND ki.pk > ?
	//      ORDER BY pk
	//      LIMIT ?
	//  ) AS batch ON batch.pk = k.pk
	ListKeysForRefill(ctx context.Context, db DBTX, arg ListKeysForRefillParams) ([]ListKeysForRefillRow, error)
	//ListLiveKeysByKeySpaceID
	//
	//  SELECT k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
	//         i.id                 as identity_table_id,
	//         i.external_id        as identity_external_id,
	//         i.meta               as identity_meta,
	//         ek.encrypted         as encrypted_key,
	//         ek.encryption_key_id as encryption_key_id,
	//         -- Roles with both IDs and names (sorted by name)
	//         COALESCE(
	//                 (SELECT JSON_ARRAYAGG(
	//                                 JSON_OBJECT(
	//                                         'id', r.id,
	//                                         'name', r.name,
	//                                         'description', r.description
	//                                 )
	//                         )
	//                  FROM keys_roles kr
	//                           JOIN roles r ON r.id = kr.role_id
	//                  WHERE kr.key_id = k.id
	//                  ORDER BY r.name),
	//                 JSON_ARRAY()
	//         )                    as roles,
	//         -- Direct permissions attached to the key (sorted by slug)
	//         COALESCE(
	//                 (SELECT JSON_ARRAYAGG(
	//                                 JSON_OBJECT(
	//                                         'id', p.id,
	//                                         'name', p.name,
	//                                         'slug', p.slug,
	//                                         'description', p.description
	//                                 )
	//                         )
	//                  FROM keys_permissions kp
	//                           JOIN permissions p ON kp.permission_id = p.id
	//                  WHERE kp.key_id = k.id
	//                  ORDER BY p.slug),
	//                 JSON_ARRAY()
	//         )                    as permissions,
	//         -- Permissions from roles (sorted by slug)
	//         COALESCE(
	//                 (SELECT JSON_ARRAYAGG(
	//                                 JSON_OBJECT(
	//                                         'id', p.id,
	//                                         'name', p.name,
	//                                         'slug', p.slug,
	//                                         'description', p.description
	//                                 )
	//                         )
	//                  FROM keys_roles kr
	//                           JOIN roles_permissions rp ON kr.role_id = rp.role_id
	//                           JOIN permissions p ON rp.permission_id = p.id
	//                  WHERE kr.key_id = k.id
	//                  ORDER BY p.slug),
	//                 JSON_ARRAY()
	//         )                    as role_permissions,
	//         -- Rate limits
	//         COALESCE(
	//                 (SELECT JSON_ARRAYAGG(
	//                                 JSON_OBJECT(
	//                                         'id', id,
	//                                         'name', name,
	//                                         'key_id', key_id,
	//                                         'identity_id', identity_id,
	//                                         'limit', `limit`,
	//                                         'duration', duration,
	//                                         'auto_apply', auto_apply = 1
	//                                 )
	//                         )
	//                  FROM (
	//                      SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
	//                      FROM ratelimits rl
	//                      WHERE rl.key_id = k.id
	//                      UNION ALL
	//                      SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
	//                      FROM ratelimits rl
	//                      WHERE rl.identity_id = i.id
	//                  ) AS combined_rl),
	//                 JSON_ARRAY()
	//         )                    AS ratelimits
	//  FROM `keys` k
	//           STRAIGHT_JOIN key_auth ka ON ka.id = k.key_auth_id
	//           LEFT JOIN identities i ON k.identity_id = i.id AND i.deleted = false
	//           LEFT JOIN encrypted_keys ek ON ek.key_id = k.id
	//  WHERE k.key_auth_id = ?
	//    AND k.id >= ?
	//    AND (? IS NULL OR k.identity_id = ?)
	//    AND k.deleted_at_m IS NULL
	//    AND ka.deleted_at_m IS NULL
	//  ORDER BY k.id ASC
	//  LIMIT ?
	ListLiveKeysByKeySpaceID(ctx context.Context, db DBTX, arg ListLiveKeysByKeySpaceIDParams) ([]ListLiveKeysByKeySpaceIDRow, error)
	// Only deployments still in the queue (haven't acquired a build slot yet)
	// are eligible for supersession. Once a deployment transitions to `starting`
	// (after slot acquisition) it's committed — we don't cancel work that's
	// already running.
	//
	//  SELECT id, invocation_id
	//  FROM deployments
	//  WHERE app_id = ?
	//    AND environment_id = ?
	//    AND git_branch = ?
	//    AND status IN ('pending', 'awaiting_approval')
	//    AND created_at < ?
	//    AND id != ?
	//  ORDER BY created_at ASC
	ListOlderActiveDeploymentsForDedup(ctx context.Context, db DBTX, arg ListOlderActiveDeploymentsForDedupParams) ([]ListOlderActiveDeploymentsForDedupRow, error)
	//ListPermissions
	//
	//  SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.description, p.created_at_m, p.updated_at_m
	//  FROM permissions p
	//  WHERE p.workspace_id = ?
	//    AND p.id >= ?
	//  ORDER BY p.id
	//  LIMIT ?
	ListPermissions(ctx context.Context, db DBTX, arg ListPermissionsParams) ([]Permission, error)
	//ListPermissionsByKeyID
	//
	//  WITH direct_permissions AS (
	//      SELECT p.slug as permission_slug
	//      FROM keys_permissions kp
	//      JOIN permissions p ON kp.permission_id = p.id
	//      WHERE kp.key_id = ?
	//  ),
	//  role_permissions AS (
	//      SELECT p.slug as permission_slug
	//      FROM keys_roles kr
	//      JOIN roles_permissions rp ON kr.role_id = rp.role_id
	//      JOIN permissions p ON rp.permission_id = p.id
	//      WHERE kr.key_id = ?
	//  )
	//  SELECT DISTINCT permission_slug
	//  FROM (
	//      SELECT permission_slug FROM direct_permissions
	//      UNION ALL
	//      SELECT permission_slug FROM role_permissions
	//  ) all_permissions
	ListPermissionsByKeyID(ctx context.Context, db DBTX, arg ListPermissionsByKeyIDParams) ([]string, error)
	//ListPermissionsByRoleID
	//
	//  SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.description, p.created_at_m, p.updated_at_m
	//  FROM permissions p
	//  JOIN roles_permissions rp ON p.id = rp.permission_id
	//  WHERE rp.role_id = ?
	//  ORDER BY p.slug
	ListPermissionsByRoleID(ctx context.Context, db DBTX, roleID string) ([]Permission, error)
	//ListPreviewEnvironments
	//
	//  SELECT pk, id, workspace_id, project_id, app_id, slug, description, delete_protection, created_at, updated_at
	//  FROM environments
	//  WHERE slug = 'preview'
	//  AND pk > ?
	//  ORDER BY pk ASC
	//  LIMIT ?
	ListPreviewEnvironments(ctx context.Context, db DBTX, arg ListPreviewEnvironmentsParams) ([]Environment, error)
	//ListRatelimitOverridesByNamespaceID
	//
	//  SELECT pk, id, workspace_id, namespace_id, identifier, `limit`, duration, created_at_m, updated_at_m, deleted_at_m FROM ratelimit_overrides
	//  WHERE
	//  workspace_id = ?
	//  AND namespace_id = ?
	//  AND deleted_at_m IS NULL
	//  AND id >= ?
	//  ORDER BY id ASC
	//  LIMIT ?
	ListRatelimitOverridesByNamespaceID(ctx context.Context, db DBTX, arg ListRatelimitOverridesByNamespaceIDParams) ([]RatelimitOverride, error)
	//ListRatelimitsByKeyID
	//
	//  SELECT
	//    id,
	//    name,
	//    `limit`,
	//    duration,
	//    auto_apply
	//  FROM ratelimits
	//  WHERE key_id = ?
	ListRatelimitsByKeyID(ctx context.Context, db DBTX, keyID sql.NullString) ([]ListRatelimitsByKeyIDRow, error)
	//ListRatelimitsByKeyIDs
	//
	//  SELECT
	//    id,
	//    key_id,
	//    name,
	//    `limit`,
	//    duration,
	//    auto_apply
	//  FROM ratelimits
	//  WHERE key_id IN (/*SLICE:key_ids*/?)
	//  ORDER BY key_id, id
	ListRatelimitsByKeyIDs(ctx context.Context, db DBTX, keyIds []sql.NullString) ([]ListRatelimitsByKeyIDsRow, error)
	//ListRegions
	//
	//  SELECT id, name, platform, can_schedule FROM regions
	ListRegions(ctx context.Context, db DBTX) ([]ListRegionsRow, error)
	//ListRepoConnectionDeployContexts
	//
	//  SELECT
	//      gc.pk, gc.workspace_id, gc.project_id, gc.app_id, gc.installation_id, gc.repository_id, gc.repository_full_name, gc.created_at, gc.updated_at,
	//      p.pk, p.id, p.workspace_id, p.name, p.slug, p.depot_project_id, p.delete_protection, p.created_at, p.updated_at,
	//      e.pk, e.id, e.workspace_id, e.project_id, e.app_id, e.slug, e.description, e.delete_protection, e.created_at, e.updated_at,
	//      a.pk, a.id, a.workspace_id, a.project_id, a.name, a.slug, a.default_branch, a.current_deployment_id, a.is_rolled_back, a.delete_protection, a.created_at, a.updated_at,
	//      abs.pk, abs.workspace_id, abs.app_id, abs.environment_id, abs.dockerfile, abs.docker_context, abs.watch_paths, abs.auto_deploy, abs.created_at, abs.updated_at,
	//      ars.pk, ars.workspace_id, ars.app_id, ars.environment_id, ars.port, ars.cpu_millicores, ars.memory_mib, ars.storage_mib, ars.command, ars.healthcheck, ars.shutdown_signal, ars.upstream_protocol, ars.sentinel_config, ars.openapi_spec_path, ars.created_at, ars.updated_at
	//  FROM github_repo_connections gc
	//  INNER JOIN apps a ON a.id = gc.app_id
	//  INNER JOIN projects p ON p.id = gc.project_id
	//  INNER JOIN environments e ON e.app_id = a.id
	//    AND e.slug = CASE
	//      WHEN CAST(? AS SIGNED) = 1 THEN 'preview'
	//      WHEN ? = COALESCE(NULLIF(a.default_branch, ”), 'main')
	//      THEN 'production'
	//      ELSE 'preview'
	//    END
	//  INNER JOIN app_build_settings abs ON abs.app_id = a.id AND abs.environment_id = e.id
	//  INNER JOIN app_runtime_settings ars ON ars.app_id = a.id AND ars.environment_id = e.id
	//  WHERE gc.installation_id = ?
	//    AND gc.repository_id = ?
	ListRepoConnectionDeployContexts(ctx context.Context, db DBTX, arg ListRepoConnectionDeployContextsParams) ([]ListRepoConnectionDeployContextsRow, error)
	//ListRoles
	//
	//  SELECT r.pk, r.id, r.workspace_id, r.name, r.description, r.created_at_m, r.updated_at_m, COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              json_object(
	//                  'id', permission.id,
	//                  'name', permission.name,
	//                  'slug', permission.slug,
	//                  'description', permission.description
	//             )
	//          )
	//           FROM (SELECT name, id, slug, description
	//                 FROM roles_permissions rp
	//                          JOIN permissions p ON p.id = rp.permission_id
	//                 WHERE rp.role_id = r.id) as permission),
	//          JSON_ARRAY()
	//  ) as permissions
	//  FROM roles r
	//  WHERE r.workspace_id = ?
	//  AND r.id >= ?
	//  ORDER BY r.id
	//  LIMIT ?
	ListRoles(ctx context.Context, db DBTX, arg ListRolesParams) ([]ListRolesRow, error)
	//ListRolesByKeyID
	//
	//  SELECT r.pk, r.id, r.workspace_id, r.name, r.description, r.created_at_m, r.updated_at_m, COALESCE(
	//          (SELECT JSON_ARRAYAGG(
	//              json_object(
	//                  'id', permission.id,
	//                  'name', permission.name,
	//                  'slug', permission.slug,
	//                  'description', permission.description
	//             )
	//          )
	//           FROM (SELECT name, id, slug, description
	//                 FROM roles_permissions rp
	//                          JOIN permissions p ON p.id = rp.permission_id
	//                 WHERE rp.role_id = r.id) as permission),
	//          JSON_ARRAY()
	//  ) as permissions
	//  FROM keys_roles kr
	//  JOIN roles r ON kr.role_id = r.id
	//  WHERE kr.key_id = ?
	//  ORDER BY r.name
	ListRolesByKeyID(ctx context.Context, db DBTX, keyID string) ([]ListRolesByKeyIDRow, error)
	// ListRunningSentinelIDsAndImages returns IDs, images, and regions of all
	// running sentinels, paginated by id. Used by the rollout service to plan
	// wave assignments without fetching full sentinel rows.
	//
	//  SELECT id, image, region_id
	//  FROM sentinels
	//  WHERE desired_state = 'running'
	//    AND id > ?
	//  ORDER BY id ASC
	//  LIMIT ?
	ListRunningSentinelIDsAndImages(ctx context.Context, db DBTX, arg ListRunningSentinelIDsAndImagesParams) ([]ListRunningSentinelIDsAndImagesRow, error)
	//ListWorkspaces
	//
	//  SELECT
	//     w.pk, w.id, w.org_id, w.name, w.slug, w.k8s_namespace, w.tier, w.stripe_customer_id, w.stripe_subscription_id, w.beta_features, w.subscriptions, w.enabled, w.delete_protection, w.created_at_m, w.updated_at_m, w.deleted_at_m,
	//     q.pk, q.workspace_id, q.requests_per_month, q.logs_retention_days, q.audit_logs_retention_days, q.team, q.ratelimit_api_limit, q.ratelimit_api_duration, q.allocated_cpu_millicores_total, q.allocated_memory_mib_total, q.allocated_storage_mib_total, q.max_cpu_millicores_per_instance, q.max_memory_mib_per_instance, q.max_storage_mib_per_instance, q.max_concurrent_builds
	//  FROM `workspaces` w
	//  LEFT JOIN quota q ON w.id = q.workspace_id
	//  WHERE w.id > ?
	//  ORDER BY w.id ASC
	//  LIMIT 100
	ListWorkspaces(ctx context.Context, db DBTX, cursor string) ([]ListWorkspacesRow, error)
	//ListWorkspacesForQuotaCheck
	//
	//  SELECT
	//     w.id,
	//     w.org_id,
	//     w.name,
	//     w.stripe_customer_id,
	//     w.tier,
	//     w.enabled,
	//     q.requests_per_month
	//  FROM `workspaces` w
	//  LEFT JOIN quota q ON w.id = q.workspace_id
	//  WHERE w.id > ?
	//  ORDER BY w.id ASC
	//  LIMIT 100
	ListWorkspacesForQuotaCheck(ctx context.Context, db DBTX, cursor string) ([]ListWorkspacesForQuotaCheckRow, error)
	// Acquires an exclusive lock on the identity row to prevent concurrent modifications.
	// This should be called at the start of a transaction before modifying identity-related data.
	//
	//  SELECT id FROM identities
	//  WHERE id = ?
	//  FOR UPDATE
	LockIdentityForUpdate(ctx context.Context, db DBTX, id string) (string, error)
	// Acquires an exclusive lock on the key row to prevent concurrent modifications.
	// This is used to prevent deadlocks when updating key ratelimits concurrently.
	//
	//  SELECT id FROM `keys`
	//  WHERE id = ?
	//  FOR UPDATE
	LockKeyForUpdate(ctx context.Context, db DBTX, id string) (string, error)
	// MarkClickhouseOutboxBatchDeleted soft-deletes a set of pks after their CH
	// insert is confirmed. Called inside the same transaction that selected
	// them, so the row locks held by FOR UPDATE SKIP LOCKED are released as
	// part of commit. A crash between the CH insert and this UPDATE leaves the
	// rows with deleted_at IS NULL; the next batch picks them up and CH's
	// non_replicated_deduplication_window collapses the identical re-insert
	// into a noop.
	//
	// We mark instead of hard-delete so ops can re-queue events (clear
	// deleted_at) without re-reading the original payload from somewhere else,
	// and so the table doubles as an audit trail of what was exported. There's
	// no sweep job today; the table grows monotonically.
	//
	//  UPDATE clickhouse_outbox
	//  SET deleted_at = ?
	//  WHERE pk IN (/*SLICE:pks*/?)
	//    AND deleted_at IS NULL
	MarkClickhouseOutboxBatchDeleted(ctx context.Context, db DBTX, arg MarkClickhouseOutboxBatchDeletedParams) error
	//ReassignFrontlineRoute
	//
	//  UPDATE frontline_routes
	//  SET
	//    deployment_id = ?,
	//    updated_at = ?
	//  WHERE id = ?
	ReassignFrontlineRoute(ctx context.Context, db DBTX, arg ReassignFrontlineRouteParams) error
	// Records that kubelet has put a container into CrashLoopBackOff by setting
	// container_status.waiting.reason. The lastTerminationState carries the
	// most recent exit info and is left untouched — the dashboard renders both
	// the underlying exit and the "currently throttling" indicator together.
	//
	// Called once per (pod_uid, container_name, restart_count) when krane sees
	// the waiting container reach the BackOff state. The next terminated event
	// (or a successful start) will remove $.waiting via RecordInstanceExit.
	//
	// Out-of-order events are dropped via the restartCount guard: a delayed
	// crashloop RPC from an earlier container life cannot flip the waiting
	// reason back after RecordInstanceExit has already advanced restartCount
	// and removed $.waiting.
	//
	//  UPDATE instances
	//  SET container_status = JSON_SET(
	//  	container_status,
	//  	'$.waiting', JSON_OBJECT('reason', 'CrashLoopBackOff')
	//  )
	//  WHERE k8s_name = ?
	//  	AND region_id = ?
	//  	AND CAST(JSON_VALUE(container_status, '$.restartCount') AS UNSIGNED) <= CAST(? AS UNSIGNED)
	RecordInstanceCrashLoopBackOff(ctx context.Context, db DBTX, arg RecordInstanceCrashLoopBackOffParams) error
	// Denormalizes the most recent container exit info onto the instances row's
	// container_status JSON. Called by ctrl when krane reports an
	// event_kind='terminated' event.
	//
	// The caller computes the full new ContainerStatus value (restartCount,
	// lastTerminationState, no waiting) and passes it in one typed param. The
	// WHERE clause inspects the row's *existing* container_status to drop
	// delayed events; once the guard passes, the new value fully replaces the
	// old (including clearing $.waiting, since a fresh exit ends any prior
	// crashloop window).
	//
	// Out-of-order events from krane are dropped via a lexicographic
	// (restartCount, finishedAt) tuple comparison: an incoming row only wins
	// if its (restartCount, finishedAt) pair is strictly greater than the
	// pair already on the row. The previous OR-of-clauses formulation let a
	// delayed terminated event from restart_count-1 sneak past via the
	// finishedAt branch and regress the row after restart_count had already
	// advanced.
	//
	//  UPDATE instances
	//  SET container_status = ?
	//  WHERE k8s_name = ?
	//  	AND region_id = ?
	//  	AND (
	//  		CAST(JSON_VALUE(container_status, '$.restartCount') AS UNSIGNED) < CAST(? AS UNSIGNED)
	//  		OR (
	//  			CAST(JSON_VALUE(container_status, '$.restartCount') AS UNSIGNED) = CAST(? AS UNSIGNED)
	//  			AND (
	//  				JSON_VALUE(container_status, '$.lastTerminationState.finishedAt') IS NULL
	//  				OR CAST(JSON_VALUE(container_status, '$.lastTerminationState.finishedAt') AS UNSIGNED) < CAST(? AS UNSIGNED)
	//  			)
	//  		)
	//  	)
	RecordInstanceExit(ctx context.Context, db DBTX, arg RecordInstanceExitParams) error
	// RefillKeysByIDs sets remaining_requests to refill_amount for the given keys.
	// This is a bulk operation to minimize database round trips.
	//
	//  UPDATE `keys`
	//  SET remaining_requests = refill_amount,
	//      last_refill_at = NOW(3),
	//      updated_at_m = ?
	//  WHERE id IN (/*SLICE:ids*/?)
	//    AND deleted_at_m IS NULL
	RefillKeysByIDs(ctx context.Context, db DBTX, arg RefillKeysByIDsParams) error
	//ResetCustomDomainVerification
	//
	//  UPDATE custom_domains
	//  SET verification_status = ?,
	//      check_attempts = ?,
	//      verification_error = NULL,
	//      last_checked_at = NULL,
	//      invocation_id = ?,
	//      updated_at = ?
	//  WHERE id = ?
	ResetCustomDomainVerification(ctx context.Context, db DBTX, arg ResetCustomDomainVerificationParams) error
	//SetWorkspaceK8sNamespace
	//
	//  UPDATE `workspaces`
	//  SET k8s_namespace = ?
	//  WHERE id = ? AND k8s_namespace IS NULL
	SetWorkspaceK8sNamespace(ctx context.Context, db DBTX, arg SetWorkspaceK8sNamespaceParams) error
	//SoftDeleteApi
	//
	//  UPDATE apis
	//  SET deleted_at_m = ?
	//  WHERE id = ?
	SoftDeleteApi(ctx context.Context, db DBTX, arg SoftDeleteApiParams) error
	//SoftDeleteIdentity
	//
	//  UPDATE identities
	//  SET deleted = 1
	//  WHERE id = ?
	//    AND workspace_id = ?
	SoftDeleteIdentity(ctx context.Context, db DBTX, arg SoftDeleteIdentityParams) error
	//SoftDeleteKeyByID
	//
	//  UPDATE `keys` SET deleted_at_m = ? WHERE id = ?
	SoftDeleteKeyByID(ctx context.Context, db DBTX, arg SoftDeleteKeyByIDParams) error
	//SoftDeleteManyKeysByKeySpaceID
	//
	//  UPDATE `keys`
	//  SET deleted_at_m = ?
	//  WHERE key_auth_id = ?
	//  AND deleted_at_m IS NULL
	SoftDeleteManyKeysByKeySpaceID(ctx context.Context, db DBTX, arg SoftDeleteManyKeysByKeySpaceIDParams) error
	//SoftDeleteRatelimitNamespace
	//
	//  UPDATE `ratelimit_namespaces`
	//  SET
	//      deleted_at_m =  ?
	//  WHERE id = ?
	SoftDeleteRatelimitNamespace(ctx context.Context, db DBTX, arg SoftDeleteRatelimitNamespaceParams) error
	//SoftDeleteRatelimitOverride
	//
	//  UPDATE `ratelimit_overrides`
	//  SET
	//      deleted_at_m =  ?
	//  WHERE id = ?
	SoftDeleteRatelimitOverride(ctx context.Context, db DBTX, arg SoftDeleteRatelimitOverrideParams) error
	//SoftDeleteWorkspace
	//
	//  UPDATE `workspaces`
	//  SET deleted_at_m = ?
	//  WHERE id = ?
	//  AND delete_protection = false
	SoftDeleteWorkspace(ctx context.Context, db DBTX, arg SoftDeleteWorkspaceParams) (sql.Result, error)
	//StopDeploymentIfNoInstances
	//
	//  UPDATE deployments d
	//  LEFT JOIN instances i ON i.deployment_id = d.id
	//  SET d.status = 'stopped', d.updated_at = ?
	//  WHERE d.id = ?
	//    AND d.desired_state IN ('standby', 'archived')
	//    AND i.deployment_id IS NULL
	StopDeploymentIfNoInstances(ctx context.Context, db DBTX, arg StopDeploymentIfNoInstancesParams) error
	//SumAllocatedResourcesByWorkspaceID
	//
	//  SELECT
	//    CAST(COALESCE(SUM(d.`cpu_millicores` * dt.`autoscaling_replicas_max`), 0) AS SIGNED) AS `total_cpu_millicores`,
	//    CAST(COALESCE(SUM(d.`memory_mib` * dt.`autoscaling_replicas_max`), 0) AS SIGNED) AS `total_memory_mib`,
	//    CAST(COALESCE(SUM(d.`storage_mib` * dt.`autoscaling_replicas_max`), 0) AS SIGNED) AS `total_storage_mib`
	//  FROM `deployment_topology` dt
	//  JOIN `deployments` d ON d.`id` = dt.`deployment_id`
	//  WHERE dt.`workspace_id` = ?
	//    AND dt.`desired_status` = 'running'
	SumAllocatedResourcesByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (SumAllocatedResourcesByWorkspaceIDRow, error)
	//UpdateAcmeChallengePending
	//
	//  UPDATE acme_challenges
	//  SET status = ?, token = ?, authorization = ?, updated_at = ?
	//  WHERE domain_id = ?
	UpdateAcmeChallengePending(ctx context.Context, db DBTX, arg UpdateAcmeChallengePendingParams) error
	//UpdateAcmeChallengeStatus
	//
	//  UPDATE acme_challenges
	//  SET status = ?, updated_at = ?
	//  WHERE domain_id = ?
	UpdateAcmeChallengeStatus(ctx context.Context, db DBTX, arg UpdateAcmeChallengeStatusParams) error
	//UpdateAcmeChallengeTryClaiming
	//
	//  UPDATE acme_challenges
	//  SET status = ?, updated_at = ?
	//  WHERE domain_id = ? AND status = 'waiting'
	UpdateAcmeChallengeTryClaiming(ctx context.Context, db DBTX, arg UpdateAcmeChallengeTryClaimingParams) error
	//UpdateAcmeChallengeVerifiedWithExpiry
	//
	//  UPDATE acme_challenges
	//  SET status = ?, expires_at = ?, updated_at = ?
	//  WHERE domain_id = ?
	UpdateAcmeChallengeVerifiedWithExpiry(ctx context.Context, db DBTX, arg UpdateAcmeChallengeVerifiedWithExpiryParams) error
	//UpdateAcmeUserRegistrationURI
	//
	//  UPDATE acme_users SET registration_uri = ? WHERE id = ?
	UpdateAcmeUserRegistrationURI(ctx context.Context, db DBTX, arg UpdateAcmeUserRegistrationURIParams) error
	//UpdateApiDeleteProtection
	//
	//  UPDATE apis
	//  SET delete_protection = ?
	//  WHERE id = ?
	UpdateApiDeleteProtection(ctx context.Context, db DBTX, arg UpdateApiDeleteProtectionParams) error
	//UpdateAppDeployments
	//
	//  UPDATE apps
	//  SET
	//    current_deployment_id = ?,
	//    is_rolled_back = ?,
	//    updated_at = ?
	//  WHERE id = ?
	UpdateAppDeployments(ctx context.Context, db DBTX, arg UpdateAppDeploymentsParams) error
	//UpdateCiliumNetworkPolicyByEnvironmentRegionAndName
	//
	//  UPDATE cilium_network_policies
	//  SET policy = ?,
	//      updated_at = ?
	//  WHERE environment_id = ?
	//    AND region_id = ?
	//    AND k8s_name = ?
	UpdateCiliumNetworkPolicyByEnvironmentRegionAndName(ctx context.Context, db DBTX, arg UpdateCiliumNetworkPolicyByEnvironmentRegionAndNameParams) error
	//UpdateClickhouseWorkspaceSettingsLimits
	//
	//  UPDATE `clickhouse_workspace_settings`
	//  SET
	//      quota_duration_seconds = ?,
	//      max_queries_per_window = ?,
	//      max_execution_time_per_window = ?,
	//      max_query_execution_time = ?,
	//      max_query_memory_bytes = ?,
	//      max_query_result_rows = ?,
	//      updated_at = ?
	//  WHERE workspace_id = ?
	UpdateClickhouseWorkspaceSettingsLimits(ctx context.Context, db DBTX, arg UpdateClickhouseWorkspaceSettingsLimitsParams) error
	//UpdateCustomDomainCheckAttempt
	//
	//  UPDATE custom_domains
	//  SET check_attempts = ?,
	//      last_checked_at = ?,
	//      updated_at = ?
	//  WHERE id = ?
	UpdateCustomDomainCheckAttempt(ctx context.Context, db DBTX, arg UpdateCustomDomainCheckAttemptParams) error
	//UpdateCustomDomainFailed
	//
	//  UPDATE custom_domains
	//  SET verification_status = ?,
	//      verification_error = ?,
	//      updated_at = ?
	//  WHERE id = ?
	UpdateCustomDomainFailed(ctx context.Context, db DBTX, arg UpdateCustomDomainFailedParams) error
	//UpdateCustomDomainInvocationID
	//
	//  UPDATE custom_domains
	//  SET invocation_id = ?,
	//      updated_at = ?
	//  WHERE id = ?
	UpdateCustomDomainInvocationID(ctx context.Context, db DBTX, arg UpdateCustomDomainInvocationIDParams) error
	//UpdateCustomDomainOwnership
	//
	//  UPDATE custom_domains
	//  SET ownership_verified = ?, cname_verified = ?, updated_at = ?
	//  WHERE id = ?
	UpdateCustomDomainOwnership(ctx context.Context, db DBTX, arg UpdateCustomDomainOwnershipParams) error
	//UpdateCustomDomainVerificationStatus
	//
	//  UPDATE custom_domains
	//  SET verification_status = ?,
	//      updated_at = ?
	//  WHERE id = ?
	UpdateCustomDomainVerificationStatus(ctx context.Context, db DBTX, arg UpdateCustomDomainVerificationStatusParams) error
	//UpdateDeploymentBuildID
	//
	//  UPDATE deployments
	//  SET build_id = ?, updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentBuildID(ctx context.Context, db DBTX, arg UpdateDeploymentBuildIDParams) error
	//UpdateDeploymentDesiredState
	//
	//  UPDATE deployments
	//  SET desired_state = ?, updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentDesiredState(ctx context.Context, db DBTX, arg UpdateDeploymentDesiredStateParams) error
	//UpdateDeploymentForkRepository
	//
	//  UPDATE deployments
	//  SET fork_repository_full_name = ?, updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentForkRepository(ctx context.Context, db DBTX, arg UpdateDeploymentForkRepositoryParams) error
	//UpdateDeploymentGitMetadata
	//
	//  UPDATE deployments
	//  SET
	//      git_commit_sha = ?,
	//      git_branch = ?,
	//      git_commit_message = ?,
	//      git_commit_author_handle = ?,
	//      git_commit_author_avatar_url = ?,
	//      git_commit_timestamp = ?,
	//      updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentGitMetadata(ctx context.Context, db DBTX, arg UpdateDeploymentGitMetadataParams) error
	//UpdateDeploymentGithubDeploymentId
	//
	//  UPDATE deployments
	//  SET github_deployment_id = ?, updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentGithubDeploymentId(ctx context.Context, db DBTX, arg UpdateDeploymentGithubDeploymentIdParams) error
	//UpdateDeploymentImage
	//
	//  UPDATE deployments
	//  SET image = ?, updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentImage(ctx context.Context, db DBTX, arg UpdateDeploymentImageParams) error
	//UpdateDeploymentInvocationID
	//
	//  UPDATE deployments
	//  SET invocation_id = ?, updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentInvocationID(ctx context.Context, db DBTX, arg UpdateDeploymentInvocationIDParams) error
	//UpdateDeploymentStatus
	//
	//  UPDATE deployments
	//  SET status = ?, updated_at = ?
	//  WHERE id = ?
	UpdateDeploymentStatus(ctx context.Context, db DBTX, arg UpdateDeploymentStatusParams) error
	//UpdateDeploymentStatusBatch
	//
	//  UPDATE deployments
	//  SET status = ?, updated_at = ?
	//  WHERE id IN (/*SLICE:ids*/?)
	UpdateDeploymentStatusBatch(ctx context.Context, db DBTX, arg UpdateDeploymentStatusBatchParams) error
	// Transition a deployment's status only when its current status is still
	// "active" (non-terminal). Prevents the Deploy handler's compensation
	// stack from overwriting a status that was set intentionally by the dedup
	// path (e.g. superseded) or by a successful completion (ready).
	//
	//  UPDATE deployments
	//  SET status = ?, updated_at = ?
	//  WHERE id = ?
	//    AND status NOT IN ('ready', 'failed', 'superseded', 'skipped', 'stopped', 'cancelled')
	UpdateDeploymentStatusIfActive(ctx context.Context, db DBTX, arg UpdateDeploymentStatusIfActiveParams) error
	// UpdateDeploymentTopologyDesiredStatus updates the desired_status of a topology entry.
	//
	//  UPDATE `deployment_topology`
	//  SET desired_status = ?, updated_at = ?
	//  WHERE deployment_id = ? AND region_id = ?
	UpdateDeploymentTopologyDesiredStatus(ctx context.Context, db DBTX, arg UpdateDeploymentTopologyDesiredStatusParams) error
	//UpdateFrontlineRouteDeploymentId
	//
	//  UPDATE frontline_routes
	//  SET deployment_id = ?
	//  WHERE id = ?
	UpdateFrontlineRouteDeploymentId(ctx context.Context, db DBTX, arg UpdateFrontlineRouteDeploymentIdParams) error
	//UpdateIdentity
	//
	//  UPDATE `identities`
	//  SET
	//      meta = CAST(? AS JSON),
	//      updated_at = NOW()
	//  WHERE
	//      id = ?
	UpdateIdentity(ctx context.Context, db DBTX, arg UpdateIdentityParams) error
	//UpdateKey
	//
	//  UPDATE `keys` k SET
	//      name = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.name
	//      END,
	//      identity_id = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.identity_id
	//      END,
	//      enabled = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.enabled
	//      END,
	//      meta = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.meta
	//      END,
	//      expires = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.expires
	//      END,
	//      remaining_requests = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.remaining_requests
	//      END,
	//      refill_amount = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.refill_amount
	//      END,
	//      refill_day = CASE
	//          WHEN CAST(? AS UNSIGNED) = 1 THEN ?
	//          ELSE k.refill_day
	//      END,
	//      updated_at_m = ?
	//  WHERE id = ?
	UpdateKey(ctx context.Context, db DBTX, arg UpdateKeyParams) error
	//UpdateKeyCreditsDecrement
	//
	//  UPDATE `keys`
	//  SET remaining_requests = CASE
	//      WHEN remaining_requests >= ? THEN remaining_requests - ?
	//      ELSE 0
	//  END
	//  WHERE id = ?
	UpdateKeyCreditsDecrement(ctx context.Context, db DBTX, arg UpdateKeyCreditsDecrementParams) error
	//UpdateKeyCreditsIncrement
	//
	//  UPDATE `keys`
	//  SET remaining_requests = remaining_requests + ?
	//  WHERE id = ?
	UpdateKeyCreditsIncrement(ctx context.Context, db DBTX, arg UpdateKeyCreditsIncrementParams) error
	//UpdateKeyCreditsRefill
	//
	//  UPDATE `keys` SET refill_amount = ?, refill_day = ? WHERE id = ?
	UpdateKeyCreditsRefill(ctx context.Context, db DBTX, arg UpdateKeyCreditsRefillParams) error
	//UpdateKeyCreditsSet
	//
	//  UPDATE `keys`
	//  SET remaining_requests = ?
	//  WHERE id = ?
	UpdateKeyCreditsSet(ctx context.Context, db DBTX, arg UpdateKeyCreditsSetParams) error
	//UpdateKeySpaceKeyEncryption
	//
	//  UPDATE `key_auth` SET store_encrypted_keys = ? WHERE id = ?
	UpdateKeySpaceKeyEncryption(ctx context.Context, db DBTX, arg UpdateKeySpaceKeyEncryptionParams) error
	//UpdateKeysLastUsed
	//
	//  UPDATE `keys`
	//  SET last_used_at = ?
	//  WHERE id IN (/*SLICE:key_ids*/?)
	//    AND last_used_at < ?
	UpdateKeysLastUsed(ctx context.Context, db DBTX, arg UpdateKeysLastUsedParams) error
	//UpdateProjectDepotID
	//
	//  UPDATE projects
	//  SET
	//      depot_project_id = ?,
	//      updated_at = ?
	//  WHERE id = ?
	UpdateProjectDepotID(ctx context.Context, db DBTX, arg UpdateProjectDepotIDParams) error
	//UpdateRatelimit
	//
	//  UPDATE `ratelimits`
	//  SET
	//      name = ?,
	//      `limit` = ?,
	//      duration = ?,
	//      auto_apply = ?,
	//      updated_at = NOW()
	//  WHERE
	//      id = ?
	UpdateRatelimit(ctx context.Context, db DBTX, arg UpdateRatelimitParams) error
	//UpdateRatelimitOverride
	//
	//  UPDATE `ratelimit_overrides`
	//  SET
	//      `limit` = ?,
	//      duration = ?,
	//      updated_at_m= ?
	//  WHERE id = ?
	UpdateRatelimitOverride(ctx context.Context, db DBTX, arg UpdateRatelimitOverrideParams) (sql.Result, error)
	// UpdateSentinelConfig updates a sentinel's configuration and deploy status.
	// Used by SentinelService.Deploy() to apply new config before triggering krane.
	//
	//  UPDATE sentinels SET
	//    image = ?,
	//    cpu_millicores = ?,
	//    memory_mib = ?,
	//    desired_replicas = ?,
	//    deploy_status = ?,
	//    updated_at = ?
	//  WHERE id = ?
	UpdateSentinelConfig(ctx context.Context, db DBTX, arg UpdateSentinelConfigParams) error
	// UpdateSentinelDeployStatus updates only the deploy status field.
	// Used after convergence check or rollback completes.
	//
	//  UPDATE sentinels SET
	//    deploy_status = ?,
	//    updated_at = ?
	//  WHERE id = ?
	UpdateSentinelDeployStatus(ctx context.Context, db DBTX, arg UpdateSentinelDeployStatusParams) error
	// UpdateSentinelObservedState writes observed state from a krane agent:
	// the current health, available replica count, and the image that is
	// actually running on the pods. The running image is used to detect
	// rollout convergence — a deploy is only complete when running_image
	// matches the desired image.
	//
	//  UPDATE sentinels SET
	//    available_replicas = ?,
	//    health = ?,
	//    running_image = ?,
	//    updated_at = ?
	//  WHERE k8s_name = ?
	UpdateSentinelObservedState(ctx context.Context, db DBTX, arg UpdateSentinelObservedStateParams) error
	//UpdateWorkspaceEnabled
	//
	//  UPDATE `workspaces`
	//  SET enabled = ?
	//  WHERE id = ?
	UpdateWorkspaceEnabled(ctx context.Context, db DBTX, arg UpdateWorkspaceEnabledParams) (sql.Result, error)
	//UpsertAppBuildSettings
	//
	//  INSERT INTO app_build_settings (
	//      workspace_id,
	//      app_id,
	//      environment_id,
	//      dockerfile,
	//      docker_context,
	//      watch_paths,
	//      auto_deploy,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	//  ON DUPLICATE KEY UPDATE
	//      dockerfile = VALUES(dockerfile),
	//      docker_context = VALUES(docker_context),
	//      watch_paths = VALUES(watch_paths),
	//      auto_deploy = VALUES(auto_deploy),
	//      updated_at = VALUES(updated_at)
	UpsertAppBuildSettings(ctx context.Context, db DBTX, arg UpsertAppBuildSettingsParams) error
	//UpsertAppRegionalSettings
	//
	//  INSERT INTO app_regional_settings (
	//      workspace_id,
	//      app_id,
	//      environment_id,
	//      region_id,
	//      replicas,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	//  ON DUPLICATE KEY UPDATE
	//      replicas = VALUES(replicas),
	//      updated_at = VALUES(updated_at)
	UpsertAppRegionalSettings(ctx context.Context, db DBTX, arg UpsertAppRegionalSettingsParams) error
	//UpsertAppRuntimeSettings
	//
	//  INSERT INTO app_runtime_settings (
	//      workspace_id,
	//      app_id,
	//      environment_id,
	//      port,
	//      cpu_millicores,
	//      memory_mib,
	//      storage_mib,
	//      command,
	//      healthcheck,
	//      shutdown_signal,
	//      upstream_protocol,
	//      sentinel_config,
	//      openapi_spec_path,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	//  ON DUPLICATE KEY UPDATE
	//      port = VALUES(port),
	//      cpu_millicores = VALUES(cpu_millicores),
	//      memory_mib = VALUES(memory_mib),
	//      storage_mib = VALUES(storage_mib),
	//      command = VALUES(command),
	//      healthcheck = VALUES(healthcheck),
	//      shutdown_signal = VALUES(shutdown_signal),
	//      upstream_protocol = VALUES(upstream_protocol),
	//      sentinel_config = VALUES(sentinel_config),
	//      openapi_spec_path = VALUES(openapi_spec_path),
	//      updated_at = VALUES(updated_at)
	UpsertAppRuntimeSettings(ctx context.Context, db DBTX, arg UpsertAppRuntimeSettingsParams) error
	// Upserts a cluster by region_id. If the cluster already exists, updates the heartbeat timestamp.
	//
	//  INSERT INTO clusters (
	//  	id,
	//  	region_id,
	//  	last_heartbeat_at
	//  )
	//  VALUES (
	//  	?,
	//  	?,
	//  	?
	//  )
	//  ON DUPLICATE KEY UPDATE
	//  	last_heartbeat_at = ?
	UpsertCluster(ctx context.Context, db DBTX, arg UpsertClusterParams) error
	//UpsertCustomDomain
	//
	//  INSERT INTO custom_domains (
	//      id, workspace_id, project_id, app_id, environment_id, domain,
	//      challenge_type, verification_status, verification_token, target_cname, created_at
	//  )
	//  VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
	//  ON DUPLICATE KEY UPDATE
	//      workspace_id = VALUES(workspace_id),
	//      project_id = VALUES(project_id),
	//      app_id = VALUES(app_id),
	//      environment_id = VALUES(environment_id),
	//      challenge_type = VALUES(challenge_type),
	//      verification_status = VALUES(verification_status),
	//      target_cname = VALUES(target_cname),
	//      updated_at = ?
	UpsertCustomDomain(ctx context.Context, db DBTX, arg UpsertCustomDomainParams) error
	//UpsertEnvironment
	//
	//  INSERT INTO environments (
	//      id,
	//      workspace_id,
	//      project_id,
	//      app_id,
	//      slug,
	//      created_at
	//  ) VALUES (?, ?, ?, ?, ?, ?)
	//  ON DUPLICATE KEY UPDATE slug = VALUES(slug)
	UpsertEnvironment(ctx context.Context, db DBTX, arg UpsertEnvironmentParams) error
	// Inserts a new identity or does nothing if one already exists for this workspace/external_id.
	// Use FindIdentityByExternalID after this to get the actual ID.
	//
	//  INSERT INTO `identities` (
	//      id,
	//      external_id,
	//      workspace_id,
	//      environment,
	//      created_at,
	//      meta
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      CAST(? AS JSON)
	//  )
	//  ON DUPLICATE KEY UPDATE external_id = external_id
	UpsertIdentity(ctx context.Context, db DBTX, arg UpsertIdentityParams) error
	//UpsertInstance
	//
	//  INSERT INTO instances (
	//  	id,
	//  	deployment_id,
	//  	workspace_id,
	//  	project_id,
	//  	app_id,
	//  	region_id,
	//  	k8s_name,
	//  	address,
	//  	cpu_millicores,
	//  	memory_mib,
	//  	status
	//  )
	//  VALUES (
	//  	?,
	//  	?,
	//  	?,
	//  	?,
	//  	?,
	//  	?,
	//  	?,
	//  	?,
	//  	?,
	//  	?,
	//  	?
	//  )
	//  ON DUPLICATE KEY UPDATE
	//  	address = ?,
	//  	cpu_millicores = ?,
	//  	memory_mib = ?,
	//  	status = ?
	UpsertInstance(ctx context.Context, db DBTX, arg UpsertInstanceParams) error
	//UpsertKeySpace
	//
	//  INSERT INTO key_auth (
	//      id,
	//      workspace_id,
	//      created_at_m,
	//      default_prefix,
	//      default_bytes,
	//      store_encrypted_keys
	//  ) VALUES (?, ?, ?, ?, ?, ?)
	//  ON DUPLICATE KEY UPDATE
	//      workspace_id = VALUES(workspace_id),
	//      store_encrypted_keys = VALUES(store_encrypted_keys)
	UpsertKeySpace(ctx context.Context, db DBTX, arg UpsertKeySpaceParams) error
	//UpsertOpenApiSpec
	//
	//  INSERT INTO openapi_specs (id,workspace_id, deployment_id, portal_config_id, content, created_at, updated_at)
	//  VALUES (?,?, ?, ?,
	//          ?, ?, ?)
	//  ON DUPLICATE KEY UPDATE
	//      content = VALUES(content),
	//      updated_at = VALUES(updated_at)
	UpsertOpenApiSpec(ctx context.Context, db DBTX, arg UpsertOpenApiSpecParams) error
	//UpsertPortalBranding
	//
	//  INSERT INTO portal_branding (
	//      portal_config_id,
	//      logo_url,
	//      primary_color,
	//      created_at,
	//      updated_at
	//  ) VALUES (
	//      ?,
	//      ?,
	//      ?,
	//      ?,
	//      ?
	//  )
	//  ON DUPLICATE KEY UPDATE
	//      logo_url = VALUES(logo_url),
	//      primary_color = VALUES(primary_color),
	//      updated_at = VALUES(updated_at)
	UpsertPortalBranding(ctx context.Context, db DBTX, arg UpsertPortalBrandingParams) error
	//UpsertQuota
	//
	//  INSERT INTO quota (
	//      workspace_id,
	//      requests_per_month,
	//      audit_logs_retention_days,
	//      logs_retention_days,
	//      team,
	//      ratelimit_api_limit,
	//      ratelimit_api_duration
	//  ) VALUES (?, ?, ?, ?, ?, ?, ?)
	//  ON DUPLICATE KEY UPDATE
	//      requests_per_month = VALUES(requests_per_month),
	//      audit_logs_retention_days = VALUES(audit_logs_retention_days),
	//      logs_retention_days = VALUES(logs_retention_days),
	//      ratelimit_api_limit = VALUES(ratelimit_api_limit),
	//      ratelimit_api_duration = VALUES(ratelimit_api_duration)
	UpsertQuota(ctx context.Context, db DBTX, arg UpsertQuotaParams) error
	// Inserts a region or does nothing if it already exists.
	//
	//  INSERT INTO regions (
	//  	id,
	//  	name,
	//  	platform
	//  )
	//  VALUES (
	//  	?,
	//  	?,
	//  	?
	//  )
	//  ON DUPLICATE KEY UPDATE name = name
	UpsertRegion(ctx context.Context, db DBTX, arg UpsertRegionParams) error
	//UpsertWorkspace
	//
	//  INSERT INTO workspaces (
	//      id,
	//      org_id,
	//      name,
	//      slug,
	//      created_at_m,
	//      tier,
	//      beta_features,
	//      enabled,
	//      delete_protection
	//  ) VALUES (?, ?, ?, ?, ?, ?, ?, true, false)
	//  ON DUPLICATE KEY UPDATE
	//      beta_features = VALUES(beta_features),
	//      name = VALUES(name)
	UpsertWorkspace(ctx context.Context, db DBTX, arg UpsertWorkspaceParams) error
}
var Query Querier = &Queries{}

Query provides access to the generated database queries defined in the SQL files

Example usage with a read operation: 

import (
    "context"
    "github.com/unkeyed/unkey/pkg/db"
)

func GetKeyByHash(ctx context.Context, database db.Database, hash string) (key gen.Key, err error) {
    // Use Query singleton with the read replica
    return db.Query.FindKeyByHash(ctx, database.RO(), hash)
}

Example usage with a write operation: 

func InsertWorkspace(ctx context.Context, database db.Database, params gen.InsertWorkspaceParams) error {
    // Use Query singleton with the write replica
    return db.Query.InsertWorkspace(ctx, database.RW(), params)
}

The Query object contains all the database operations defined in the SQL files and automatically generated by sqlc.

type Queries 

type Queries struct{}

func (*Queries) ClearAcmeChallengeTokens 

func (q *Queries) ClearAcmeChallengeTokens(ctx context.Context, db DBTX, arg ClearAcmeChallengeTokensParams) error

ClearAcmeChallengeTokens 

UPDATE acme_challenges
SET token = ?, authorization = ?, updated_at = ?
WHERE domain_id = ?

func (*Queries) CompareAndSwapDeploymentStatus 

func (q *Queries) CompareAndSwapDeploymentStatus(ctx context.Context, db DBTX, arg CompareAndSwapDeploymentStatusParams) (sql.Result, error)

CompareAndSwapDeploymentStatus 

UPDATE deployments
SET status = ?, updated_at = ?
WHERE id = ?
AND status = ?

func (*Queries) CountInstancesByAppId 

func (q *Queries) CountInstancesByAppId(ctx context.Context, db DBTX, appID string) (int64, error)

CountInstancesByAppId 

SELECT COUNT(*) as count
FROM instances i
JOIN deployments d ON i.deployment_id = d.id
WHERE d.app_id = ?

func (*Queries) CountSentinelsByAppId 

func (q *Queries) CountSentinelsByAppId(ctx context.Context, db DBTX, appID string) (int64, error)

CountSentinelsByAppId 

SELECT COUNT(*) as count
FROM sentinels s
JOIN environments e ON s.environment_id = e.id
WHERE e.app_id = ?

func (*Queries) CountSentinelsByProjectId 

func (q *Queries) CountSentinelsByProjectId(ctx context.Context, db DBTX, projectID string) (int64, error)

CountSentinelsByProjectId 

SELECT COUNT(*) as count FROM sentinels WHERE project_id = ?

func (*Queries) DeleteAcmeChallengeByDomainID 

func (q *Queries) DeleteAcmeChallengeByDomainID(ctx context.Context, db DBTX, domainID string) error

DeleteAcmeChallengeByDomainID 

DELETE FROM acme_challenges WHERE domain_id = ?

func (*Queries) DeleteAllKeyPermissionsByKeyID 

func (q *Queries) DeleteAllKeyPermissionsByKeyID(ctx context.Context, db DBTX, keyID string) error

DeleteAllKeyPermissionsByKeyID 

DELETE FROM keys_permissions
WHERE key_id = ?

func (*Queries) DeleteAllKeyRolesByKeyID 

func (q *Queries) DeleteAllKeyRolesByKeyID(ctx context.Context, db DBTX, keyID string) error

DeleteAllKeyRolesByKeyID 

DELETE FROM keys_roles
WHERE key_id = ?

func (*Queries) DeleteAppBuildSettingsByEnvironmentId 

func (q *Queries) DeleteAppBuildSettingsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteAppBuildSettingsByEnvironmentId 

DELETE FROM app_build_settings WHERE environment_id = ?

func (*Queries) DeleteAppById 

func (q *Queries) DeleteAppById(ctx context.Context, db DBTX, id string) error

DeleteAppById 

DELETE FROM apps WHERE id = ?

func (*Queries) DeleteAppEnvVarsByEnvironmentId 

func (q *Queries) DeleteAppEnvVarsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteAppEnvVarsByEnvironmentId 

DELETE FROM app_environment_variables WHERE environment_id = ?

func (*Queries) DeleteAppRegionalSettingsByEnvironmentId 

func (q *Queries) DeleteAppRegionalSettingsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteAppRegionalSettingsByEnvironmentId 

DELETE FROM app_regional_settings WHERE environment_id = ?

func (*Queries) DeleteAppRuntimeSettingsByEnvironmentId 

func (q *Queries) DeleteAppRuntimeSettingsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteAppRuntimeSettingsByEnvironmentId 

DELETE FROM app_runtime_settings WHERE environment_id = ?

func (*Queries) DeleteCiliumNetworkPoliciesByEnvironmentId 

func (q *Queries) DeleteCiliumNetworkPoliciesByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteCiliumNetworkPoliciesByEnvironmentId 

DELETE FROM cilium_network_policies WHERE environment_id = ?

func (*Queries) DeleteCustomDomainByID 

func (q *Queries) DeleteCustomDomainByID(ctx context.Context, db DBTX, id string) error

DeleteCustomDomainByID 

DELETE FROM custom_domains WHERE id = ?

func (*Queries) DeleteCustomDomainsByEnvironmentId 

func (q *Queries) DeleteCustomDomainsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteCustomDomainsByEnvironmentId 

DELETE FROM custom_domains WHERE environment_id = ?

func (*Queries) DeleteCustomDomainsByProjectId 

func (q *Queries) DeleteCustomDomainsByProjectId(ctx context.Context, db DBTX, projectID string) error

DeleteCustomDomainsByProjectId 

DELETE FROM custom_domains WHERE project_id = ?

func (*Queries) DeleteDeploymentChangesBefore 

func (q *Queries) DeleteDeploymentChangesBefore(ctx context.Context, db DBTX, before int64) error

DeleteDeploymentChangesBefore removes old deployment_changes entries for TTL-based cleanup. 

DELETE FROM `deployment_changes`
WHERE created_at < ?
LIMIT 10000

func (*Queries) DeleteDeploymentInstances 

func (q *Queries) DeleteDeploymentInstances(ctx context.Context, db DBTX, arg DeleteDeploymentInstancesParams) error

DeleteDeploymentInstances 

DELETE FROM instances
WHERE deployment_id = ? AND region_id = ?

func (*Queries) DeleteDeploymentStepsByEnvironmentId 

func (q *Queries) DeleteDeploymentStepsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteDeploymentStepsByEnvironmentId 

DELETE ds FROM deployment_steps ds
JOIN deployments d ON ds.deployment_id = d.id
WHERE d.environment_id = ?

func (*Queries) DeleteDeploymentTopologiesByEnvironmentId 

func (q *Queries) DeleteDeploymentTopologiesByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteDeploymentTopologiesByEnvironmentId 

DELETE dt FROM deployment_topology dt
JOIN deployments d ON dt.deployment_id = d.id
WHERE d.environment_id = ?

func (*Queries) DeleteDeploymentTopologyByDeploymentId 

func (q *Queries) DeleteDeploymentTopologyByDeploymentId(ctx context.Context, db DBTX, deploymentID string) error

DeleteDeploymentTopologyByDeploymentId 

DELETE FROM `deployment_topology`
WHERE deployment_id = ?

func (*Queries) DeleteDeploymentTopologyByDeploymentRegion 

func (q *Queries) DeleteDeploymentTopologyByDeploymentRegion(ctx context.Context, db DBTX, arg DeleteDeploymentTopologyByDeploymentRegionParams) error

DeleteDeploymentTopologyByDeploymentRegion 

DELETE FROM `deployment_topology`
WHERE deployment_id = ?
  AND region_id = ?

func (*Queries) DeleteDeploymentsByEnvironmentId 

func (q *Queries) DeleteDeploymentsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteDeploymentsByEnvironmentId 

DELETE FROM deployments WHERE environment_id = ?

func (*Queries) DeleteEnvironmentById 

func (q *Queries) DeleteEnvironmentById(ctx context.Context, db DBTX, id string) error

DeleteEnvironmentById 

DELETE FROM environments WHERE id = ?

func (*Queries) DeleteFrontlineRouteByFQDN 

func (q *Queries) DeleteFrontlineRouteByFQDN(ctx context.Context, db DBTX, fqdn string) error

DeleteFrontlineRouteByFQDN 

DELETE FROM frontline_routes WHERE fully_qualified_domain_name = ?

func (*Queries) DeleteFrontlineRoutesByEnvironmentId 

func (q *Queries) DeleteFrontlineRoutesByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteFrontlineRoutesByEnvironmentId 

DELETE FROM frontline_routes WHERE environment_id = ?

func (*Queries) DeleteFrontlineRoutesByProjectId 

func (q *Queries) DeleteFrontlineRoutesByProjectId(ctx context.Context, db DBTX, projectID string) error

DeleteFrontlineRoutesByProjectId 

DELETE FROM frontline_routes WHERE project_id = ?

func (*Queries) DeleteGithubRepoConnectionsByAppId 

func (q *Queries) DeleteGithubRepoConnectionsByAppId(ctx context.Context, db DBTX, appID string) error

DeleteGithubRepoConnectionsByAppId 

DELETE FROM github_repo_connections WHERE app_id = ?

func (*Queries) DeleteGithubRepoConnectionsByProjectId 

func (q *Queries) DeleteGithubRepoConnectionsByProjectId(ctx context.Context, db DBTX, projectID string) error

DeleteGithubRepoConnectionsByProjectId 

DELETE FROM github_repo_connections WHERE project_id = ?

func (*Queries) DeleteIdentity 

func (q *Queries) DeleteIdentity(ctx context.Context, db DBTX, arg DeleteIdentityParams) error

DeleteIdentity 

DELETE FROM identities
WHERE id = ?
  AND workspace_id = ?

func (*Queries) DeleteInstance 

func (q *Queries) DeleteInstance(ctx context.Context, db DBTX, arg DeleteInstanceParams) error

DeleteInstance 

DELETE FROM instances WHERE k8s_name = ? AND region_id = ?

func (*Queries) DeleteKeyByID 

func (q *Queries) DeleteKeyByID(ctx context.Context, db DBTX, id string) error

DeleteKeyByID 

DELETE k, kp, kr, rl, ek
FROM `keys` k
LEFT JOIN keys_permissions kp ON k.id = kp.key_id
LEFT JOIN keys_roles kr ON k.id = kr.key_id
LEFT JOIN ratelimits rl ON k.id = rl.key_id
LEFT JOIN encrypted_keys ek ON k.id = ek.key_id
WHERE k.id = ?

func (*Queries) DeleteKeyPermissionByKeyAndPermissionID 

func (q *Queries) DeleteKeyPermissionByKeyAndPermissionID(ctx context.Context, db DBTX, arg DeleteKeyPermissionByKeyAndPermissionIDParams) error

DeleteKeyPermissionByKeyAndPermissionID 

DELETE FROM keys_permissions
WHERE key_id = ? AND permission_id = ?

func (*Queries) DeleteManyKeyPermissionByKeyAndPermissionIDs 

func (q *Queries) DeleteManyKeyPermissionByKeyAndPermissionIDs(ctx context.Context, db DBTX, arg DeleteManyKeyPermissionByKeyAndPermissionIDsParams) error

DeleteManyKeyPermissionByKeyAndPermissionIDs 

DELETE FROM keys_permissions
WHERE key_id = ? AND permission_id IN (/*SLICE:ids*/?)

func (*Queries) DeleteManyKeyPermissionsByPermissionID 

func (q *Queries) DeleteManyKeyPermissionsByPermissionID(ctx context.Context, db DBTX, permissionID string) error

DeleteManyKeyPermissionsByPermissionID 

DELETE FROM keys_permissions
WHERE permission_id = ?

func (*Queries) DeleteManyKeyRolesByKeyAndRoleIDs 

func (q *Queries) DeleteManyKeyRolesByKeyAndRoleIDs(ctx context.Context, db DBTX, arg DeleteManyKeyRolesByKeyAndRoleIDsParams) error

DeleteManyKeyRolesByKeyAndRoleIDs 

DELETE FROM keys_roles
WHERE key_id = ? AND role_id IN(/*SLICE:role_ids*/?)

func (*Queries) DeleteManyKeyRolesByKeyID 

func (q *Queries) DeleteManyKeyRolesByKeyID(ctx context.Context, db DBTX, arg DeleteManyKeyRolesByKeyIDParams) error

DeleteManyKeyRolesByKeyID 

DELETE FROM keys_roles
WHERE key_id = ? AND role_id = ?

func (*Queries) DeleteManyKeyRolesByRoleID 

func (q *Queries) DeleteManyKeyRolesByRoleID(ctx context.Context, db DBTX, roleID string) error

DeleteManyKeyRolesByRoleID 

DELETE FROM keys_roles
WHERE role_id = ?

func (*Queries) DeleteManyRatelimitsByIDs 

func (q *Queries) DeleteManyRatelimitsByIDs(ctx context.Context, db DBTX, ids []string) error

DeleteManyRatelimitsByIDs 

DELETE FROM ratelimits WHERE id IN (/*SLICE:ids*/?)

func (*Queries) DeleteManyRatelimitsByIdentityID 

func (q *Queries) DeleteManyRatelimitsByIdentityID(ctx context.Context, db DBTX, identityID sql.NullString) error

DeleteManyRatelimitsByIdentityID 

DELETE FROM ratelimits WHERE identity_id = ?

func (*Queries) DeleteManyRolePermissionsByPermissionID 

func (q *Queries) DeleteManyRolePermissionsByPermissionID(ctx context.Context, db DBTX, permissionID string) error

DeleteManyRolePermissionsByPermissionID 

DELETE FROM roles_permissions
WHERE permission_id = ?

func (*Queries) DeleteManyRolePermissionsByRoleID 

func (q *Queries) DeleteManyRolePermissionsByRoleID(ctx context.Context, db DBTX, roleID string) error

DeleteManyRolePermissionsByRoleID 

DELETE FROM roles_permissions
WHERE role_id = ?

func (*Queries) DeleteOldIdentityByExternalID 

func (q *Queries) DeleteOldIdentityByExternalID(ctx context.Context, db DBTX, arg DeleteOldIdentityByExternalIDParams) error

DeleteOldIdentityByExternalID 

DELETE i, rl
FROM identities i
LEFT JOIN ratelimits rl ON rl.identity_id = i.id
WHERE i.workspace_id = ?
  AND i.external_id = ?
  AND i.id != ?
  AND i.deleted = true

func (*Queries) DeleteOldIdentityWithRatelimits 

func (q *Queries) DeleteOldIdentityWithRatelimits(ctx context.Context, db DBTX, arg DeleteOldIdentityWithRatelimitsParams) error

DeleteOldIdentityWithRatelimits 

DELETE i, rl
FROM identities i
LEFT JOIN ratelimits rl ON rl.identity_id = i.id
WHERE i.workspace_id = ?
  AND (i.id = ? OR i.external_id = ?)
  AND i.deleted = true

func (*Queries) DeletePermission 

func (q *Queries) DeletePermission(ctx context.Context, db DBTX, permissionID string) error

DeletePermission 

DELETE FROM permissions
WHERE id = ?

func (*Queries) DeleteProjectById 

func (q *Queries) DeleteProjectById(ctx context.Context, db DBTX, id string) error

DeleteProjectById 

DELETE FROM projects WHERE id = ?

func (*Queries) DeleteRatelimit 

func (q *Queries) DeleteRatelimit(ctx context.Context, db DBTX, id string) error

DeleteRatelimit 

DELETE FROM `ratelimits` WHERE id = ?

func (*Queries) DeleteRatelimitNamespace 

func (q *Queries) DeleteRatelimitNamespace(ctx context.Context, db DBTX, arg DeleteRatelimitNamespaceParams) (sql.Result, error)

DeleteRatelimitNamespace 

UPDATE `ratelimit_namespaces`
SET deleted_at_m = ?
WHERE id = ?

func (*Queries) DeleteRoleByID 

func (q *Queries) DeleteRoleByID(ctx context.Context, db DBTX, roleID string) error

DeleteRoleByID 

DELETE FROM roles
WHERE id = ?

func (*Queries) DeleteSentinelsByEnvironmentId 

func (q *Queries) DeleteSentinelsByEnvironmentId(ctx context.Context, db DBTX, environmentID string) error

DeleteSentinelsByEnvironmentId 

DELETE FROM sentinels WHERE environment_id = ?

func (*Queries) DeleteSentinelsByProjectId 

func (q *Queries) DeleteSentinelsByProjectId(ctx context.Context, db DBTX, projectID string) error

DeleteSentinelsByProjectId 

DELETE FROM sentinels WHERE project_id = ?

func (*Queries) EndActiveDeploymentStepsForDeployments 

func (q *Queries) EndActiveDeploymentStepsForDeployments(ctx context.Context, db DBTX, arg EndActiveDeploymentStepsForDeploymentsParams) error

EndActiveDeploymentStepsForDeployments 

UPDATE `deployment_steps`
SET ended_at = ?, error = ?
WHERE deployment_id IN (/*SLICE:deployment_ids*/?) AND ended_at IS NULL

func (*Queries) EndActiveDeploymentStepsWithError 

func (q *Queries) EndActiveDeploymentStepsWithError(ctx context.Context, db DBTX, arg EndActiveDeploymentStepsWithErrorParams) error

EndActiveDeploymentStepsWithError 

UPDATE `deployment_steps`
SET ended_at = ?, error = ?
WHERE deployment_id = ? AND ended_at IS NULL

func (*Queries) EndDeploymentStep 

func (q *Queries) EndDeploymentStep(ctx context.Context, db DBTX, arg EndDeploymentStepParams) error

EndDeploymentStep 

UPDATE `deployment_steps`
SET ended_at = ?, error = ?
WHERE deployment_id = ? AND step = ? AND ended_at IS NULL

func (*Queries) ExchangePortalSessionToken 

func (q *Queries) ExchangePortalSessionToken(ctx context.Context, db DBTX, arg ExchangePortalSessionTokenParams) (sql.Result, error)

ExchangePortalSessionToken 

UPDATE portal_session_tokens
SET exchanged_at = ?
WHERE id = ?
  AND exchanged_at IS NULL
  AND expires_at > ?

func (*Queries) FindAcmeChallengeByToken 

func (q *Queries) FindAcmeChallengeByToken(ctx context.Context, db DBTX, arg FindAcmeChallengeByTokenParams) (AcmeChallenge, error)

FindAcmeChallengeByToken 

SELECT pk, domain_id, workspace_id, token, challenge_type, authorization, status, expires_at, created_at, updated_at FROM acme_challenges WHERE workspace_id = ? AND domain_id = ? AND token = ?

func (*Queries) FindAcmeUserByWorkspaceID 

func (q *Queries) FindAcmeUserByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (AcmeUser, error)

FindAcmeUserByWorkspaceID 

SELECT pk, id, workspace_id, encrypted_key, registration_uri, created_at, updated_at FROM acme_users WHERE workspace_id = ? LIMIT 1

func (*Queries) FindApiByID 

func (q *Queries) FindApiByID(ctx context.Context, db DBTX, id string) (Api, error)

FindApiByID 

SELECT pk, id, name, workspace_id, ip_whitelist, auth_type, key_auth_id, created_at_m, updated_at_m, deleted_at_m, delete_protection FROM apis WHERE id = ?

func (*Queries) FindAppBuildSettingByAppEnv 

func (q *Queries) FindAppBuildSettingByAppEnv(ctx context.Context, db DBTX, arg FindAppBuildSettingByAppEnvParams) (AppBuildSetting, error)

FindAppBuildSettingByAppEnv 

SELECT pk, workspace_id, app_id, environment_id, dockerfile, docker_context, watch_paths, auto_deploy, created_at, updated_at
FROM `app_build_settings`
WHERE app_id = ?
  AND environment_id = ?

func (*Queries) FindAppById 

func (q *Queries) FindAppById(ctx context.Context, db DBTX, id string) (App, error)

FindAppById 

SELECT pk, id, workspace_id, project_id, name, slug, default_branch, current_deployment_id, is_rolled_back, delete_protection, created_at, updated_at
FROM apps
WHERE id = ?

func (*Queries) FindAppByProjectAndSlug 

func (q *Queries) FindAppByProjectAndSlug(ctx context.Context, db DBTX, arg FindAppByProjectAndSlugParams) (FindAppByProjectAndSlugRow, error)

FindAppByProjectAndSlug 

SELECT apps.pk, apps.id, apps.workspace_id, apps.project_id, apps.name, apps.slug, apps.default_branch, apps.current_deployment_id, apps.is_rolled_back, apps.delete_protection, apps.created_at, apps.updated_at
FROM apps
WHERE apps.project_id = ?
  AND apps.slug = ?

func (*Queries) FindAppByWorkspaceAndSlugs 

func (q *Queries) FindAppByWorkspaceAndSlugs(ctx context.Context, db DBTX, arg FindAppByWorkspaceAndSlugsParams) (FindAppByWorkspaceAndSlugsRow, error)

FindAppByWorkspaceAndSlugs 

SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.depot_project_id, p.delete_protection, p.created_at, p.updated_at, a.pk, a.id, a.workspace_id, a.project_id, a.name, a.slug, a.default_branch, a.current_deployment_id, a.is_rolled_back, a.delete_protection, a.created_at, a.updated_at
FROM apps a
INNER JOIN projects p ON p.id = a.project_id
WHERE p.workspace_id = ?
  AND p.slug = ?
  AND a.slug = ?

func (*Queries) FindAppEnvVarsByAppAndEnv 

func (q *Queries) FindAppEnvVarsByAppAndEnv(ctx context.Context, db DBTX, arg FindAppEnvVarsByAppAndEnvParams) ([]FindAppEnvVarsByAppAndEnvRow, error)

FindAppEnvVarsByAppAndEnv 

SELECT `key`, value
FROM app_environment_variables
WHERE app_id = ?
  AND environment_id = ?

func (*Queries) FindAppRegionalSettingsByAppAndEnv 

func (q *Queries) FindAppRegionalSettingsByAppAndEnv(ctx context.Context, db DBTX, arg FindAppRegionalSettingsByAppAndEnvParams) ([]FindAppRegionalSettingsByAppAndEnvRow, error)

FindAppRegionalSettingsByAppAndEnv returns per-region deployment settings including the autoscaling policy values (if attached) for snapshotting into deployment_topology at deploy time. 

SELECT
	ars.region_id,
	r.name AS region_name,
	ars.replicas,
	r.can_schedule AS region_can_schedule,
	hap.replicas_min AS autoscaling_replicas_min,
	hap.replicas_max AS autoscaling_replicas_max,
	hap.cpu_threshold AS autoscaling_threshold_cpu,
	hap.memory_threshold AS autoscaling_threshold_memory
FROM app_regional_settings ars
JOIN regions r ON r.id = ars.region_id
LEFT JOIN horizontal_autoscaling_policies hap ON hap.id = ars.horizontal_autoscaling_policy_id
WHERE ars.app_id = ?
  AND ars.environment_id = ?

func (*Queries) FindAppRuntimeSettingsByAppAndEnv 

func (q *Queries) FindAppRuntimeSettingsByAppAndEnv(ctx context.Context, db DBTX, arg FindAppRuntimeSettingsByAppAndEnvParams) (FindAppRuntimeSettingsByAppAndEnvRow, error)

FindAppRuntimeSettingsByAppAndEnv 

SELECT app_runtime_settings.pk, app_runtime_settings.workspace_id, app_runtime_settings.app_id, app_runtime_settings.environment_id, app_runtime_settings.port, app_runtime_settings.cpu_millicores, app_runtime_settings.memory_mib, app_runtime_settings.storage_mib, app_runtime_settings.command, app_runtime_settings.healthcheck, app_runtime_settings.shutdown_signal, app_runtime_settings.upstream_protocol, app_runtime_settings.sentinel_config, app_runtime_settings.openapi_spec_path, app_runtime_settings.created_at, app_runtime_settings.updated_at
FROM app_runtime_settings
WHERE app_id = ?
  AND environment_id = ?

func (*Queries) FindAppWithSettings 

func (q *Queries) FindAppWithSettings(ctx context.Context, db DBTX, arg FindAppWithSettingsParams) (FindAppWithSettingsRow, error)

FindAppWithSettings 

SELECT
    a.pk, a.id, a.workspace_id, a.project_id, a.name, a.slug, a.default_branch, a.current_deployment_id, a.is_rolled_back, a.delete_protection, a.created_at, a.updated_at,
    abs.pk, abs.workspace_id, abs.app_id, abs.environment_id, abs.dockerfile, abs.docker_context, abs.watch_paths, abs.auto_deploy, abs.created_at, abs.updated_at,
    ars.pk, ars.workspace_id, ars.app_id, ars.environment_id, ars.port, ars.cpu_millicores, ars.memory_mib, ars.storage_mib, ars.command, ars.healthcheck, ars.shutdown_signal, ars.upstream_protocol, ars.sentinel_config, ars.openapi_spec_path, ars.created_at, ars.updated_at
FROM apps a
INNER JOIN app_build_settings abs ON abs.app_id = a.id AND abs.environment_id = ?
INNER JOIN app_runtime_settings ars ON ars.app_id = a.id AND ars.environment_id = ?
WHERE a.id = ?

func (*Queries) FindAuditLogMaxPK 

func (q *Queries) FindAuditLogMaxPK(ctx context.Context, db DBTX) (int64, error)

FindAuditLogMaxPK returns MAX(pk) of the legacy audit_log table, used by the backfill VO to snapshot the cutoff on first invocation. Returns 0 when the table is empty (COALESCE + CAST keep the call from erroring on NULL aggregation and force sqlc to infer the result as uint64 instead of interface{}). 

SELECT CAST(COALESCE(MAX(pk), 0) AS UNSIGNED) AS max_pk
FROM audit_log

func (*Queries) FindAuditLogTargetByID 

func (q *Queries) FindAuditLogTargetByID(ctx context.Context, db DBTX, id string) ([]FindAuditLogTargetByIDRow, error)

FindAuditLogTargetByID 

SELECT audit_log_target.pk, audit_log_target.workspace_id, audit_log_target.bucket_id, audit_log_target.bucket, audit_log_target.audit_log_id, audit_log_target.display_name, audit_log_target.type, audit_log_target.id, audit_log_target.name, audit_log_target.meta, audit_log_target.created_at, audit_log_target.updated_at, audit_log.pk, audit_log.id, audit_log.workspace_id, audit_log.bucket, audit_log.bucket_id, audit_log.event, audit_log.time, audit_log.display, audit_log.remote_ip, audit_log.user_agent, audit_log.actor_type, audit_log.actor_id, audit_log.actor_name, audit_log.actor_meta, audit_log.created_at, audit_log.updated_at
FROM audit_log_target
JOIN audit_log ON audit_log.id = audit_log_target.audit_log_id
WHERE audit_log_target.id = ?

func (*Queries) FindAuditLogTargetsForBackfill 

func (q *Queries) FindAuditLogTargetsForBackfill(ctx context.Context, db DBTX, auditLogIds []string) ([]FindAuditLogTargetsForBackfillRow, error)

FindAuditLogTargetsForBackfill fetches every target row attached to a set of audit_log_ids in one query. Called by the backfill VO after FindAuditLogsForBackfill so we go from "page of N parents" to "page of N parents with all their targets" in two MySQL reads, never N+1.

The unique index on (audit_log_id, id) covers the IN-list lookup. Order by audit_log_id, pk so the VO's grouping pass sees a deterministic per-event target sequence. 

SELECT audit_log_id, type, id, name, meta
FROM audit_log_target
WHERE audit_log_id IN (/*SLICE:audit_log_ids*/?)
ORDER BY audit_log_id, pk

func (*Queries) FindAuditLogsForBackfill 

func (q *Queries) FindAuditLogsForBackfill(ctx context.Context, db DBTX, arg FindAuditLogsForBackfillParams) ([]FindAuditLogsForBackfillRow, error)

FindAuditLogsForBackfill returns one cursor page of legacy audit_log rows for the one-shot MySQL -> ClickHouse backfill VO. Ordered by pk so the cursor advances monotonically; on a crash mid-page the VO replays the same range from its persisted last_pk, and CH's non_replicated_deduplication_window collapses the duplicate insert block.

The pk <= cutoff bound makes the VO terminate. Rows written after the backfill snapshotted the legacy tail are already shipped via the live drainer, so the backfill skips them. Without this bound the cursor would chase a moving target forever.

The primary key on `pk` makes this a forward range scan; no extra index needed. We pull every column the auditlog.Event envelope needs in one read so the VO does not have to re-query per row. 

SELECT pk, id, workspace_id, bucket, event, time, display,
       remote_ip, user_agent, actor_type, actor_id, actor_name, actor_meta
FROM audit_log
WHERE pk > ?
  AND pk <= ?
ORDER BY pk
LIMIT ?

func (*Queries) FindCertificateByHostname 

func (q *Queries) FindCertificateByHostname(ctx context.Context, db DBTX, hostname string) (Certificate, error)

FindCertificateByHostname 

SELECT pk, id, workspace_id, hostname, certificate, encrypted_private_key, created_at, updated_at FROM certificates WHERE hostname = ?

func (*Queries) FindCertificatesByHostnames 

func (q *Queries) FindCertificatesByHostnames(ctx context.Context, db DBTX, hostnames []string) ([]Certificate, error)

FindCertificatesByHostnames 

SELECT pk, id, workspace_id, hostname, certificate, encrypted_private_key, created_at, updated_at FROM certificates WHERE hostname IN (/*SLICE:hostnames*/?)

func (*Queries) FindCiliumNetworkPoliciesByDeploymentID 

func (q *Queries) FindCiliumNetworkPoliciesByDeploymentID(ctx context.Context, db DBTX, deploymentID string) ([]CiliumNetworkPolicy, error)

FindCiliumNetworkPoliciesByDeploymentID 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at FROM cilium_network_policies WHERE deployment_id = ?

func (*Queries) FindCiliumNetworkPoliciesByEnvironmentID 

func (q *Queries) FindCiliumNetworkPoliciesByEnvironmentID(ctx context.Context, db DBTX, environmentID string) ([]CiliumNetworkPolicy, error)

FindCiliumNetworkPoliciesByEnvironmentID 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at FROM cilium_network_policies WHERE environment_id = ?

func (*Queries) FindCiliumNetworkPolicyByEnvironmentRegionAndName 

func (q *Queries) FindCiliumNetworkPolicyByEnvironmentRegionAndName(ctx context.Context, db DBTX, arg FindCiliumNetworkPolicyByEnvironmentRegionAndNameParams) (CiliumNetworkPolicy, error)

FindCiliumNetworkPolicyByEnvironmentRegionAndName 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at
FROM `cilium_network_policies`
WHERE environment_id = ? AND region_id = ? AND k8s_name = ?
LIMIT 1

func (*Queries) FindCiliumNetworkPolicyByIDAndRegion 

func (q *Queries) FindCiliumNetworkPolicyByIDAndRegion(ctx context.Context, db DBTX, arg FindCiliumNetworkPolicyByIDAndRegionParams) (CiliumNetworkPolicy, error)

FindCiliumNetworkPolicyByIDAndRegion 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at
FROM `cilium_network_policies`
WHERE region_id = ? AND id = ?
LIMIT 1

func (*Queries) FindClickhouseOutboxBatch 

func (q *Queries) FindClickhouseOutboxBatch(ctx context.Context, db DBTX, arg FindClickhouseOutboxBatchParams) ([]FindClickhouseOutboxBatchRow, error)

FindClickhouseOutboxBatch returns the next batch of unprocessed outbox rows for a known set of payload versions. Must be called inside a transaction. FOR UPDATE SKIP LOCKED locks the batch so a second cron tick (if Restate VO serialization ever fails) silently skips them rather than re-processing the same set. The lock is released when the caller commits or rolls back. Ordered by pk so retries see a deterministic row set, which lets CH's block-level deduplication collapse re-inserts after a partial failure.

The version filter means a drainer never reads a payload it can't decode. Unknown versions stay in the table until a drainer with the matching handler ships.

deleted_at IS NULL skips rows the drainer already shipped. Marked rows stay in the table for re-processing (clear deleted_at to re-queue) and as an ops audit trail; there's no sweep job today. 

SELECT pk, version, workspace_id, event_id, payload, created_at
FROM clickhouse_outbox
WHERE version IN (/*SLICE:versions*/?)
  AND deleted_at IS NULL
ORDER BY pk
LIMIT ?
FOR UPDATE SKIP LOCKED

func (*Queries) FindClickhouseWorkspaceSettingsByWorkspaceID 

func (q *Queries) FindClickhouseWorkspaceSettingsByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (FindClickhouseWorkspaceSettingsByWorkspaceIDRow, error)

FindClickhouseWorkspaceSettingsByWorkspaceID 

SELECT
    c.pk, c.workspace_id, c.username, c.password_encrypted, c.quota_duration_seconds, c.max_queries_per_window, c.max_execution_time_per_window, c.max_query_execution_time, c.max_query_memory_bytes, c.max_query_result_rows, c.created_at, c.updated_at,
    q.pk, q.workspace_id, q.requests_per_month, q.logs_retention_days, q.audit_logs_retention_days, q.team, q.ratelimit_api_limit, q.ratelimit_api_duration, q.allocated_cpu_millicores_total, q.allocated_memory_mib_total, q.allocated_storage_mib_total, q.max_cpu_millicores_per_instance, q.max_memory_mib_per_instance, q.max_storage_mib_per_instance, q.max_concurrent_builds
FROM `clickhouse_workspace_settings` c
JOIN `quota` q ON c.workspace_id = q.workspace_id
WHERE c.workspace_id = ?

func (*Queries) FindCustomDomainByDomain 

func (q *Queries) FindCustomDomainByDomain(ctx context.Context, db DBTX, domain string) (CustomDomain, error)

FindCustomDomainByDomain 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at
FROM custom_domains
WHERE domain = ?

func (*Queries) FindCustomDomainByDomainOrWildcard 

func (q *Queries) FindCustomDomainByDomainOrWildcard(ctx context.Context, db DBTX, arg FindCustomDomainByDomainOrWildcardParams) (CustomDomain, error)

FindCustomDomainByDomainOrWildcard 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
WHERE domain IN (?, ?)
ORDER BY
    CASE WHEN domain = ? THEN 0 ELSE 1 END
LIMIT 1

func (*Queries) FindCustomDomainById 

func (q *Queries) FindCustomDomainById(ctx context.Context, db DBTX, id string) (CustomDomain, error)

FindCustomDomainById 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at
FROM custom_domains
WHERE id = ?

func (*Queries) FindCustomDomainByWorkspaceAndDomain 

func (q *Queries) FindCustomDomainByWorkspaceAndDomain(ctx context.Context, db DBTX, arg FindCustomDomainByWorkspaceAndDomainParams) (CustomDomain, error)

FindCustomDomainByWorkspaceAndDomain 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
WHERE workspace_id = ? AND domain = ?

func (*Queries) FindCustomDomainWithCertByDomain 

func (q *Queries) FindCustomDomainWithCertByDomain(ctx context.Context, db DBTX, domain string) (FindCustomDomainWithCertByDomainRow, error)

FindCustomDomainWithCertByDomain 

SELECT
    cd.pk, cd.id, cd.workspace_id, cd.project_id, cd.app_id, cd.environment_id, cd.domain, cd.challenge_type, cd.verification_status, cd.verification_token, cd.ownership_verified, cd.cname_verified, cd.target_cname, cd.last_checked_at, cd.check_attempts, cd.verification_error, cd.domain_connect_provider, cd.domain_connect_url, cd.invocation_id, cd.created_at, cd.updated_at,
    c.id AS certificate_id
FROM custom_domains cd
LEFT JOIN certificates c ON c.hostname = cd.domain
WHERE cd.domain = ?

func (*Queries) FindDeploymentById 

func (q *Queries) FindDeploymentById(ctx context.Context, db DBTX, id string) (Deployment, error)

FindDeploymentById 

SELECT pk, id, k8s_name, workspace_id, project_id, environment_id, app_id, image, build_id, git_commit_sha, git_branch, git_commit_message, git_commit_author_handle, git_commit_author_avatar_url, git_commit_timestamp, sentinel_config, cpu_millicores, memory_mib, storage_mib, desired_state, encrypted_environment_variables, command, port, shutdown_signal, upstream_protocol, healthcheck, pr_number, fork_repository_full_name, github_deployment_id, invocation_id, status, created_at, updated_at FROM `deployments` WHERE id = ?

func (*Queries) FindDeploymentByK8sName 

func (q *Queries) FindDeploymentByK8sName(ctx context.Context, db DBTX, k8sName string) (Deployment, error)

FindDeploymentByK8sName 

SELECT pk, id, k8s_name, workspace_id, project_id, environment_id, app_id, image, build_id, git_commit_sha, git_branch, git_commit_message, git_commit_author_handle, git_commit_author_avatar_url, git_commit_timestamp, sentinel_config, cpu_millicores, memory_mib, storage_mib, desired_state, encrypted_environment_variables, command, port, shutdown_signal, upstream_protocol, healthcheck, pr_number, fork_repository_full_name, github_deployment_id, invocation_id, status, created_at, updated_at FROM `deployments` WHERE k8s_name = ?

func (*Queries) FindDeploymentRegions 

func (q *Queries) FindDeploymentRegions(ctx context.Context, db DBTX, deploymentID string) ([]Region, error)

Returns all regions where a deployment is configured. Used for fan-out: when a deployment changes, emit state_change to each region. 

SELECT r.pk, r.id, r.name, r.platform, r.can_schedule
FROM `deployment_topology` dt
INNER JOIN `regions` r ON dt.region_id = r.id
WHERE dt.deployment_id = ?

func (*Queries) FindDeploymentTopologyByDeploymentAndRegion 

func (q *Queries) FindDeploymentTopologyByDeploymentAndRegion(ctx context.Context, db DBTX, arg FindDeploymentTopologyByDeploymentAndRegionParams) (FindDeploymentTopologyByDeploymentAndRegionRow, error)

FindDeploymentTopologyByDeploymentAndRegion returns a single deployment topology with all joined data needed for the Watch stream. Used by the unified WatchDeploymentChanges RPC. 

SELECT
    dt.pk, dt.workspace_id, dt.deployment_id, dt.region_id, dt.autoscaling_replicas_min, dt.autoscaling_replicas_max, dt.autoscaling_threshold_cpu, dt.autoscaling_threshold_memory, dt.desired_status, dt.created_at, dt.updated_at,
    d.pk, d.id, d.k8s_name, d.workspace_id, d.project_id, d.environment_id, d.app_id, d.image, d.build_id, d.git_commit_sha, d.git_branch, d.git_commit_message, d.git_commit_author_handle, d.git_commit_author_avatar_url, d.git_commit_timestamp, d.sentinel_config, d.cpu_millicores, d.memory_mib, d.storage_mib, d.desired_state, d.encrypted_environment_variables, d.command, d.port, d.shutdown_signal, d.upstream_protocol, d.healthcheck, d.pr_number, d.fork_repository_full_name, d.github_deployment_id, d.invocation_id, d.status, d.created_at, d.updated_at,
    w.k8s_namespace,
    e.slug AS environment_slug,
    r.name AS region_name,
    grc.repository_full_name AS git_repo
FROM `deployment_topology` dt
INNER JOIN `deployments` d ON dt.deployment_id = d.id
INNER JOIN `workspaces` w ON d.workspace_id = w.id
INNER JOIN `regions` r ON dt.region_id = r.id
INNER JOIN `environments` e ON d.environment_id = e.id
LEFT JOIN `github_repo_connections` grc ON d.app_id = grc.app_id
WHERE dt.deployment_id = ? AND dt.region_id = ?
LIMIT 1

func (*Queries) FindDeploymentTopologyMinReplicas 

func (q *Queries) FindDeploymentTopologyMinReplicas(ctx context.Context, db DBTX, deploymentID string) ([]FindDeploymentTopologyMinReplicasRow, error)

Returns the per-region minimum replica requirement for a deployment. Used by ReportDeploymentStatus to compute whether enough regions are healthy to call DeployService.NotifyInstancesReady. 

SELECT region_id, autoscaling_replicas_min
FROM deployment_topology
WHERE deployment_id = ?

func (*Queries) FindEnvironmentByAppIdAndSlug 

func (q *Queries) FindEnvironmentByAppIdAndSlug(ctx context.Context, db DBTX, arg FindEnvironmentByAppIdAndSlugParams) (FindEnvironmentByAppIdAndSlugRow, error)

FindEnvironmentByAppIdAndSlug 

SELECT environments.pk, environments.id, environments.workspace_id, environments.project_id, environments.app_id, environments.slug, environments.description, environments.delete_protection, environments.created_at, environments.updated_at FROM environments
WHERE app_id = ? AND slug = ?

func (*Queries) FindEnvironmentById 

func (q *Queries) FindEnvironmentById(ctx context.Context, db DBTX, id string) (Environment, error)

FindEnvironmentById 

SELECT pk, id, workspace_id, project_id, app_id, slug, description, delete_protection, created_at, updated_at
FROM environments
WHERE id = ?

func (*Queries) FindEnvironmentByProjectIdAndSlug 

func (q *Queries) FindEnvironmentByProjectIdAndSlug(ctx context.Context, db DBTX, arg FindEnvironmentByProjectIdAndSlugParams) (Environment, error)

FindEnvironmentByProjectIdAndSlug 

SELECT pk, id, workspace_id, project_id, app_id, slug, description, delete_protection, created_at, updated_at
FROM environments
WHERE workspace_id = ?
  AND project_id = ?
  AND slug = ?

func (*Queries) FindFrontlineRouteByDeploymentIDAndSticky 

func (q *Queries) FindFrontlineRouteByDeploymentIDAndSticky(ctx context.Context, db DBTX, arg FindFrontlineRouteByDeploymentIDAndStickyParams) (FrontlineRoute, error)

FindFrontlineRouteByDeploymentIDAndSticky 

SELECT pk, id, project_id, app_id, deployment_id, environment_id, fully_qualified_domain_name, sticky, created_at, updated_at FROM frontline_routes WHERE deployment_id = ? AND sticky = ?

func (*Queries) FindFrontlineRouteByFQDN 

func (q *Queries) FindFrontlineRouteByFQDN(ctx context.Context, db DBTX, fullyQualifiedDomainName string) (FrontlineRoute, error)

FindFrontlineRouteByFQDN 

SELECT pk, id, project_id, app_id, deployment_id, environment_id, fully_qualified_domain_name, sticky, created_at, updated_at FROM frontline_routes WHERE fully_qualified_domain_name = ?

func (*Queries) FindFrontlineRouteForPromotion 

func (q *Queries) FindFrontlineRouteForPromotion(ctx context.Context, db DBTX, arg FindFrontlineRouteForPromotionParams) ([]FindFrontlineRouteForPromotionRow, error)

FindFrontlineRouteForPromotion 

SELECT
    id,
    project_id,
    environment_id,
    fully_qualified_domain_name,
    deployment_id,
    sticky,
    created_at,
    updated_at
FROM frontline_routes
WHERE
  environment_id = ?
  AND sticky IN (/*SLICE:sticky*/?)
ORDER BY created_at ASC

func (*Queries) FindFrontlineRoutesByDeploymentID 

func (q *Queries) FindFrontlineRoutesByDeploymentID(ctx context.Context, db DBTX, deploymentID string) ([]FrontlineRoute, error)

FindFrontlineRoutesByDeploymentID 

SELECT pk, id, project_id, app_id, deployment_id, environment_id, fully_qualified_domain_name, sticky, created_at, updated_at FROM frontline_routes WHERE deployment_id = ?

func (*Queries) FindFrontlineRoutesForRollback 

func (q *Queries) FindFrontlineRoutesForRollback(ctx context.Context, db DBTX, arg FindFrontlineRoutesForRollbackParams) ([]FindFrontlineRoutesForRollbackRow, error)

FindFrontlineRoutesForRollback 

SELECT
    id,
    project_id,
    environment_id,
    fully_qualified_domain_name,
    deployment_id,
    sticky,
    created_at,
    updated_at
FROM frontline_routes
WHERE
  environment_id = ?
  AND sticky IN (/*SLICE:sticky*/?)
ORDER BY created_at ASC

func (*Queries) FindGithubRepoConnectionByAppId 

func (q *Queries) FindGithubRepoConnectionByAppId(ctx context.Context, db DBTX, appID string) (GithubRepoConnection, error)

FindGithubRepoConnectionByAppId 

SELECT
    pk,
    workspace_id,
    project_id,
    app_id,
    installation_id,
    repository_id,
    repository_full_name,
    created_at,
    updated_at
FROM github_repo_connections
WHERE app_id = ?

func (*Queries) FindGithubRepoConnectionByProjectId 

func (q *Queries) FindGithubRepoConnectionByProjectId(ctx context.Context, db DBTX, projectID string) (FindGithubRepoConnectionByProjectIdRow, error)

FindGithubRepoConnectionByProjectId 

SELECT
    pk,
    workspace_id,
    project_id,
    installation_id,
    repository_id,
    repository_full_name,
    created_at,
    updated_at
FROM github_repo_connections
WHERE project_id = ?

func (*Queries) FindIdentities 

func (q *Queries) FindIdentities(ctx context.Context, db DBTX, arg FindIdentitiesParams) ([]Identity, error)

FindIdentities 

SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
FROM identities
WHERE workspace_id = ?
 AND deleted = ?
 AND (external_id IN(/*SLICE:identities*/?) OR id IN (/*SLICE:identities*/?))

func (*Queries) FindIdentitiesByExternalId 

func (q *Queries) FindIdentitiesByExternalId(ctx context.Context, db DBTX, arg FindIdentitiesByExternalIdParams) ([]Identity, error)

FindIdentitiesByExternalId 

SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
FROM identities
WHERE workspace_id = ? AND external_id IN (/*SLICE:externalIds*/?) AND deleted = ?

func (*Queries) FindIdentity 

func (q *Queries) FindIdentity(ctx context.Context, db DBTX, arg FindIdentityParams) (FindIdentityRow, error)

FindIdentity 

SELECT
    i.pk, i.id, i.external_id, i.workspace_id, i.environment, i.meta, i.deleted, i.created_at, i.updated_at,
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', rl.id,
                'name', rl.name,
                'key_id', rl.key_id,
                'identity_id', rl.identity_id,
                'limit', rl.`limit`,
                'duration', rl.duration,
                'auto_apply', rl.auto_apply = 1
            )
        )
        FROM ratelimits rl WHERE rl.identity_id = i.id),
        JSON_ARRAY()
    ) as ratelimits
FROM identities i
JOIN (
    SELECT id1.id FROM identities id1
    WHERE id1.id = ?
      AND id1.workspace_id = ?
      AND id1.deleted = ?
    UNION ALL
    SELECT id2.id FROM identities id2
    WHERE id2.workspace_id = ?
      AND id2.external_id = ?
      AND id2.deleted = ?
) AS identity_lookup ON i.id = identity_lookup.id
LIMIT 1

func (*Queries) FindIdentityByExternalID 

func (q *Queries) FindIdentityByExternalID(ctx context.Context, db DBTX, arg FindIdentityByExternalIDParams) (Identity, error)

FindIdentityByExternalID 

SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
FROM identities
WHERE workspace_id = ?
  AND external_id = ?
  AND deleted = ?

func (*Queries) FindIdentityByID 

func (q *Queries) FindIdentityByID(ctx context.Context, db DBTX, arg FindIdentityByIDParams) (Identity, error)

FindIdentityByID 

SELECT pk, id, external_id, workspace_id, environment, meta, deleted, created_at, updated_at
FROM identities
WHERE workspace_id = ?
  AND id = ?
  AND deleted = ?

func (*Queries) FindInstanceByPodName 

func (q *Queries) FindInstanceByPodName(ctx context.Context, db DBTX, arg FindInstanceByPodNameParams) (Instance, error)

FindInstanceByPodName 

SELECT
 pk, id, deployment_id, workspace_id, project_id, app_id, region_id, k8s_name, address, cpu_millicores, memory_mib, storage_mib, status, container_status
FROM instances
  WHERE k8s_name = ? AND region_id = ?

func (*Queries) FindInstancesByDeploymentId 

func (q *Queries) FindInstancesByDeploymentId(ctx context.Context, db DBTX, deploymentid string) ([]Instance, error)

FindInstancesByDeploymentId 

SELECT
 pk, id, deployment_id, workspace_id, project_id, app_id, region_id, k8s_name, address, cpu_millicores, memory_mib, storage_mib, status, container_status
FROM instances
WHERE deployment_id = ?

func (*Queries) FindInstancesByDeploymentIdAndRegionID 

func (q *Queries) FindInstancesByDeploymentIdAndRegionID(ctx context.Context, db DBTX, arg FindInstancesByDeploymentIdAndRegionIDParams) ([]Instance, error)

FindInstancesByDeploymentIdAndRegionID 

SELECT
 pk, id, deployment_id, workspace_id, project_id, app_id, region_id, k8s_name, address, cpu_millicores, memory_mib, storage_mib, status, container_status
FROM instances
WHERE deployment_id = ? AND region_id = ?

func (*Queries) FindKeyAuthsByIds 

func (q *Queries) FindKeyAuthsByIds(ctx context.Context, db DBTX, arg FindKeyAuthsByIdsParams) ([]FindKeyAuthsByIdsRow, error)

FindKeyAuthsByIds 

SELECT ka.id as key_auth_id, a.id as api_id
FROM apis a
JOIN key_auth as ka ON ka.id = a.key_auth_id
WHERE a.workspace_id = ?
    AND a.id IN (/*SLICE:api_ids*/?)
    AND ka.deleted_at_m IS NULL
    AND a.deleted_at_m IS NULL

func (*Queries) FindKeyAuthsByKeyAuthIds 

func (q *Queries) FindKeyAuthsByKeyAuthIds(ctx context.Context, db DBTX, arg FindKeyAuthsByKeyAuthIdsParams) ([]FindKeyAuthsByKeyAuthIdsRow, error)

FindKeyAuthsByKeyAuthIds 

SELECT ka.id as key_auth_id, a.id as api_id
FROM key_auth as ka
JOIN apis a ON a.key_auth_id = ka.id
WHERE a.workspace_id = ?
    AND ka.id IN (/*SLICE:key_auth_ids*/?)
    AND ka.deleted_at_m IS NULL
    AND a.deleted_at_m IS NULL

func (*Queries) FindKeyByID 

func (q *Queries) FindKeyByID(ctx context.Context, db DBTX, id string) (Key, error)

FindKeyByID 

SELECT pk, id, key_auth_id, hash, start, workspace_id, for_workspace_id, name, owner_id, identity_id, meta, expires, created_at_m, updated_at_m, deleted_at_m, refill_day, refill_amount, last_refill_at, enabled, remaining_requests, environment, last_used_at, pending_migration_id FROM `keys` k
WHERE k.id = ?

func (*Queries) FindKeyCredits 

func (q *Queries) FindKeyCredits(ctx context.Context, db DBTX, id string) (sql.NullInt64, error)

FindKeyCredits 

SELECT remaining_requests FROM `keys` k WHERE k.id = ?

func (*Queries) FindKeyEncryptionByKeyID 

func (q *Queries) FindKeyEncryptionByKeyID(ctx context.Context, db DBTX, keyID string) (EncryptedKey, error)

FindKeyEncryptionByKeyID 

SELECT pk, workspace_id, key_id, created_at, updated_at, encrypted, encryption_key_id FROM encrypted_keys WHERE key_id = ?

func (*Queries) FindKeyIDByHash 

func (q *Queries) FindKeyIDByHash(ctx context.Context, db DBTX, hash string) (string, error)

FindKeyIDByHash returns just the key ID for a given hash. Use this when you only need the ID for a subsequent mutation and do not need the full verification payload with roles, permissions, and rate limits. 

SELECT id FROM `keys` WHERE hash = ? AND deleted_at_m IS NULL

func (*Queries) FindKeyMigrationByID 

func (q *Queries) FindKeyMigrationByID(ctx context.Context, db DBTX, arg FindKeyMigrationByIDParams) (FindKeyMigrationByIDRow, error)

FindKeyMigrationByID 

SELECT
    id,
    workspace_id,
    algorithm
FROM key_migrations
WHERE id = ?
and workspace_id = ?

func (*Queries) FindKeyRoleByKeyAndRoleID 

func (q *Queries) FindKeyRoleByKeyAndRoleID(ctx context.Context, db DBTX, arg FindKeyRoleByKeyAndRoleIDParams) ([]KeysRole, error)

FindKeyRoleByKeyAndRoleID 

SELECT pk, key_id, role_id, workspace_id, created_at_m, updated_at_m
FROM keys_roles
WHERE key_id = ?
  AND role_id = ?

func (*Queries) FindKeySpaceByID 

func (q *Queries) FindKeySpaceByID(ctx context.Context, db DBTX, id string) (KeyAuth, error)

FindKeySpaceByID 

SELECT pk, id, workspace_id, created_at_m, updated_at_m, deleted_at_m, store_encrypted_keys, default_prefix, default_bytes, size_approx, size_last_updated_at FROM `key_auth` WHERE id = ?

func (*Queries) FindKeysByHash 

func (q *Queries) FindKeysByHash(ctx context.Context, db DBTX, hashes []string) ([]FindKeysByHashRow, error)

FindKeysByHash 

SELECT id, hash FROM `keys` WHERE hash IN (/*SLICE:hashes*/?)

func (*Queries) FindLatestReadyDeploymentByAppAndEnv 

func (q *Queries) FindLatestReadyDeploymentByAppAndEnv(ctx context.Context, db DBTX, arg FindLatestReadyDeploymentByAppAndEnvParams) (string, error)

FindLatestReadyDeploymentByAppAndEnv 

SELECT id
FROM deployments
WHERE app_id = ?
  AND environment_id = ?
  AND status = 'ready'
  AND id != ?
ORDER BY created_at DESC
LIMIT 1

func (*Queries) FindLiveApiByID 

func (q *Queries) FindLiveApiByID(ctx context.Context, db DBTX, id string) (FindLiveApiByIDRow, error)

FindLiveApiByID 

SELECT apis.pk, apis.id, apis.name, apis.workspace_id, apis.ip_whitelist, apis.auth_type, apis.key_auth_id, apis.created_at_m, apis.updated_at_m, apis.deleted_at_m, apis.delete_protection, ka.pk, ka.id, ka.workspace_id, ka.created_at_m, ka.updated_at_m, ka.deleted_at_m, ka.store_encrypted_keys, ka.default_prefix, ka.default_bytes, ka.size_approx, ka.size_last_updated_at
FROM apis
JOIN key_auth as ka ON ka.id = apis.key_auth_id
WHERE apis.id = ?
    AND ka.deleted_at_m IS NULL
    AND apis.deleted_at_m IS NULL
LIMIT 1

func (*Queries) FindLiveKeyByHash 

func (q *Queries) FindLiveKeyByHash(ctx context.Context, db DBTX, hash string) (FindLiveKeyByHashRow, error)

FindLiveKeyByHash 

SELECT
    k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
    a.pk, a.id, a.name, a.workspace_id, a.ip_whitelist, a.auth_type, a.key_auth_id, a.created_at_m, a.updated_at_m, a.deleted_at_m, a.delete_protection,
    ka.pk, ka.id, ka.workspace_id, ka.created_at_m, ka.updated_at_m, ka.deleted_at_m, ka.store_encrypted_keys, ka.default_prefix, ka.default_bytes, ka.size_approx, ka.size_last_updated_at,
    ws.pk, ws.id, ws.org_id, ws.name, ws.slug, ws.k8s_namespace, ws.tier, ws.stripe_customer_id, ws.stripe_subscription_id, ws.beta_features, ws.subscriptions, ws.enabled, ws.delete_protection, ws.created_at_m, ws.updated_at_m, ws.deleted_at_m,
    i.id as identity_table_id,
    i.external_id as identity_external_id,
    i.meta as identity_meta,
    ek.encrypted as encrypted_key,
    ek.encryption_key_id as encryption_key_id,

    -- Roles with both IDs and names
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', r.id,
                'name', r.name,
                'description', r.description
            )
        )
        FROM keys_roles kr
        JOIN roles r ON r.id = kr.role_id
        WHERE kr.key_id = k.id),
        JSON_ARRAY()
    ) as roles,

    -- Direct permissions attached to the key
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', p.id,
                'name', p.name,
                'slug', p.slug,
                'description', p.description
            )
        )
        FROM keys_permissions kp
        JOIN permissions p ON kp.permission_id = p.id
        WHERE kp.key_id = k.id),
        JSON_ARRAY()
    ) as permissions,

    -- Permissions from roles
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', p.id,
                'name', p.name,
                'slug', p.slug,
                'description', p.description
            )
        )
        FROM keys_roles kr
        JOIN roles_permissions rp ON kr.role_id = rp.role_id
        JOIN permissions p ON rp.permission_id = p.id
        WHERE kr.key_id = k.id),
        JSON_ARRAY()
    ) as role_permissions,

    -- Rate limits
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', id,
                'name', name,
                'key_id', key_id,
                'identity_id', identity_id,
                'limit', `limit`,
                'duration', duration,
                'auto_apply', auto_apply = 1
            )
        )
        FROM (
            SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
            FROM ratelimits rl
            WHERE rl.key_id = k.id
            UNION ALL
            SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
            FROM ratelimits rl
            WHERE rl.identity_id = i.id
        ) AS combined_rl),
        JSON_ARRAY()
    ) as ratelimits

FROM `keys` k
JOIN apis a ON a.key_auth_id = k.key_auth_id
JOIN key_auth ka ON ka.id = k.key_auth_id
JOIN workspaces ws ON ws.id = k.workspace_id
LEFT JOIN identities i ON k.identity_id = i.id AND i.deleted = false
LEFT JOIN encrypted_keys ek ON ek.key_id = k.id
WHERE k.hash = ?
    AND k.deleted_at_m IS NULL
    AND a.deleted_at_m IS NULL
    AND ka.deleted_at_m IS NULL
    AND ws.deleted_at_m IS NULL

func (*Queries) FindLiveKeyByID 

func (q *Queries) FindLiveKeyByID(ctx context.Context, db DBTX, id string) (FindLiveKeyByIDRow, error)

FindLiveKeyByID 

SELECT
    k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
    a.pk, a.id, a.name, a.workspace_id, a.ip_whitelist, a.auth_type, a.key_auth_id, a.created_at_m, a.updated_at_m, a.deleted_at_m, a.delete_protection,
    ka.pk, ka.id, ka.workspace_id, ka.created_at_m, ka.updated_at_m, ka.deleted_at_m, ka.store_encrypted_keys, ka.default_prefix, ka.default_bytes, ka.size_approx, ka.size_last_updated_at,
    ws.pk, ws.id, ws.org_id, ws.name, ws.slug, ws.k8s_namespace, ws.tier, ws.stripe_customer_id, ws.stripe_subscription_id, ws.beta_features, ws.subscriptions, ws.enabled, ws.delete_protection, ws.created_at_m, ws.updated_at_m, ws.deleted_at_m,
    i.id as identity_table_id,
    i.external_id as identity_external_id,
    i.meta as identity_meta,
    ek.encrypted as encrypted_key,
    ek.encryption_key_id as encryption_key_id,

    -- Roles with both IDs and names
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', r.id,
                'name', r.name,
                'description', r.description
            )
        )
        FROM keys_roles kr
        JOIN roles r ON r.id = kr.role_id
        WHERE kr.key_id = k.id),
        JSON_ARRAY()
    ) as roles,

    -- Direct permissions attached to the key
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', p.id,
                'name', p.name,
                'slug', p.slug,
                'description', p.description
            )
        )
        FROM keys_permissions kp
        JOIN permissions p ON kp.permission_id = p.id
        WHERE kp.key_id = k.id),
        JSON_ARRAY()
    ) as permissions,

    -- Permissions from roles
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', p.id,
                'name', p.name,
                'slug', p.slug,
                'description', p.description
            )
        )
        FROM keys_roles kr
        JOIN roles_permissions rp ON kr.role_id = rp.role_id
        JOIN permissions p ON rp.permission_id = p.id
        WHERE kr.key_id = k.id),
        JSON_ARRAY()
    ) as role_permissions,

    -- Rate limits
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', rl.id,
                'name', rl.name,
                'key_id', rl.key_id,
                'identity_id', rl.identity_id,
                'limit', rl.`limit`,
                'duration', rl.duration,
                'auto_apply', rl.auto_apply = 1
            )
        )
        FROM ratelimits rl
        WHERE rl.key_id = k.id
            OR rl.identity_id = i.id),
        JSON_ARRAY()
    ) as ratelimits

FROM `keys` k
JOIN apis a ON a.key_auth_id = k.key_auth_id
JOIN key_auth ka ON ka.id = k.key_auth_id
JOIN workspaces ws ON ws.id = k.workspace_id
LEFT JOIN identities i ON k.identity_id = i.id AND i.deleted = false
LEFT JOIN encrypted_keys ek ON ek.key_id = k.id
WHERE k.id = ?
    AND k.deleted_at_m IS NULL
    AND a.deleted_at_m IS NULL
    AND ka.deleted_at_m IS NULL
    AND ws.deleted_at_m IS NULL

func (*Queries) FindManyRatelimitNamespaces 

func (q *Queries) FindManyRatelimitNamespaces(ctx context.Context, db DBTX, arg FindManyRatelimitNamespacesParams) ([]FindManyRatelimitNamespacesRow, error)

FindManyRatelimitNamespaces 

SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m,
       coalesce(
               (select json_arrayagg(
                               json_object(
                                       'id', ro.id,
                                       'identifier', ro.identifier,
                                       'limit', ro.limit,
                                       'duration', ro.duration
                               )
                       )
                from ratelimit_overrides ro where ro.namespace_id = ns.id AND ro.deleted_at_m IS NULL),
               json_array()
       ) as overrides
FROM `ratelimit_namespaces` ns
WHERE ns.workspace_id = ?
  AND (ns.id IN (/*SLICE:namespaces*/?) OR ns.name IN (/*SLICE:namespaces*/?))

func (*Queries) FindManyRolesByIdOrNameWithPerms 

func (q *Queries) FindManyRolesByIdOrNameWithPerms(ctx context.Context, db DBTX, arg FindManyRolesByIdOrNameWithPermsParams) ([]FindManyRolesByIdOrNameWithPermsRow, error)

FindManyRolesByIdOrNameWithPerms 

SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m, COALESCE(
        (SELECT JSON_ARRAYAGG(
            json_object(
                'id', permission.id,
                'name', permission.name,
                'slug', permission.slug,
                'description', permission.description
           )
        )
         FROM (SELECT name, id, slug, description
               FROM roles_permissions rp
                        JOIN permissions p ON p.id = rp.permission_id
               WHERE rp.role_id = r.id) as permission),
        JSON_ARRAY()
) as permissions
FROM roles r
WHERE r.workspace_id = ? AND (
    r.id IN (/*SLICE:search*/?)
    OR r.name IN (/*SLICE:search*/?)
)

func (*Queries) FindManyRolesByNamesWithPerms 

func (q *Queries) FindManyRolesByNamesWithPerms(ctx context.Context, db DBTX, arg FindManyRolesByNamesWithPermsParams) ([]FindManyRolesByNamesWithPermsRow, error)

FindManyRolesByNamesWithPerms 

SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m, COALESCE(
        (SELECT JSON_ARRAYAGG(
            json_object(
                'id', permission.id,
                'name', permission.name,
                'slug', permission.slug,
                'description', permission.description
           )
        )
         FROM (SELECT name, id, slug, description
               FROM roles_permissions rp
                        JOIN permissions p ON p.id = rp.permission_id
               WHERE rp.role_id = r.id) as permission),
        JSON_ARRAY()
) as permissions
FROM roles r
WHERE r.workspace_id = ? AND r.name IN (/*SLICE:names*/?)

func (*Queries) FindOpenApiSpecByDeploymentID 

func (q *Queries) FindOpenApiSpecByDeploymentID(ctx context.Context, db DBTX, deploymentID sql.NullString) (OpenapiSpec, error)

FindOpenApiSpecByDeploymentID 

SELECT pk, id, workspace_id, deployment_id, portal_config_id, content, created_at, updated_at FROM openapi_specs WHERE deployment_id = ?

func (*Queries) FindPermissionByID 

func (q *Queries) FindPermissionByID(ctx context.Context, db DBTX, permissionID string) (Permission, error)

Finds a permission record by its ID Returns: The permission record if found 

SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
FROM permissions
WHERE id = ?
LIMIT 1

func (*Queries) FindPermissionByIdOrSlug 

func (q *Queries) FindPermissionByIdOrSlug(ctx context.Context, db DBTX, arg FindPermissionByIdOrSlugParams) (Permission, error)

FindPermissionByIdOrSlug 

SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
FROM permissions
WHERE workspace_id = ? AND (id = ? OR slug = ?)

func (*Queries) FindPermissionByNameAndWorkspaceID 

func (q *Queries) FindPermissionByNameAndWorkspaceID(ctx context.Context, db DBTX, arg FindPermissionByNameAndWorkspaceIDParams) (Permission, error)

FindPermissionByNameAndWorkspaceID 

SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
FROM permissions
WHERE name = ?
AND workspace_id = ?
LIMIT 1

func (*Queries) FindPermissionBySlugAndWorkspaceID 

func (q *Queries) FindPermissionBySlugAndWorkspaceID(ctx context.Context, db DBTX, arg FindPermissionBySlugAndWorkspaceIDParams) (Permission, error)

FindPermissionBySlugAndWorkspaceID 

SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m
FROM permissions
WHERE slug = ?
AND workspace_id = ?
LIMIT 1

func (*Queries) FindPermissionsBySlugs 

func (q *Queries) FindPermissionsBySlugs(ctx context.Context, db DBTX, arg FindPermissionsBySlugsParams) ([]Permission, error)

FindPermissionsBySlugs 

SELECT pk, id, workspace_id, name, slug, description, created_at_m, updated_at_m FROM permissions WHERE workspace_id = ? AND slug IN (/*SLICE:slugs*/?)

func (*Queries) FindPortalBrandingByConfigID 

func (q *Queries) FindPortalBrandingByConfigID(ctx context.Context, db DBTX, portalConfigID string) (PortalBranding, error)

FindPortalBrandingByConfigID 

SELECT pk, portal_config_id, logo_url, primary_color, created_at, updated_at FROM portal_branding WHERE portal_config_id = ?

func (*Queries) FindPortalConfigByWorkspaceAndSlug 

func (q *Queries) FindPortalConfigByWorkspaceAndSlug(ctx context.Context, db DBTX, arg FindPortalConfigByWorkspaceAndSlugParams) (PortalConfiguration, error)

FindPortalConfigByWorkspaceAndSlug 

SELECT pk, id, workspace_id, slug, app_id, key_auth_id, enabled, return_url, created_at, updated_at FROM portal_configurations
WHERE workspace_id = ? AND slug = ?

func (*Queries) FindProjectById 

func (q *Queries) FindProjectById(ctx context.Context, db DBTX, id string) (Project, error)

FindProjectById 

SELECT pk, id, workspace_id, name, slug, depot_project_id, delete_protection, created_at, updated_at
FROM projects
WHERE id = ?

func (*Queries) FindProjectBySlug 

func (q *Queries) FindProjectBySlug(ctx context.Context, db DBTX, slug string) (Project, error)

FindProjectBySlug 

SELECT pk, id, workspace_id, name, slug, depot_project_id, delete_protection, created_at, updated_at
FROM projects
WHERE slug = ?
LIMIT 1

func (*Queries) FindProjectByWorkspaceSlug 

func (q *Queries) FindProjectByWorkspaceSlug(ctx context.Context, db DBTX, arg FindProjectByWorkspaceSlugParams) (FindProjectByWorkspaceSlugRow, error)

FindProjectByWorkspaceSlug 

SELECT
    id,
    workspace_id,
    name,
    slug,
    delete_protection,
    created_at,
    updated_at
FROM projects
WHERE workspace_id = ? AND slug = ?
LIMIT 1

func (*Queries) FindQuotaByWorkspaceID 

func (q *Queries) FindQuotaByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (Quotas, error)

FindQuotaByWorkspaceID 

SELECT pk, workspace_id, requests_per_month, logs_retention_days, audit_logs_retention_days, team, ratelimit_api_limit, ratelimit_api_duration, allocated_cpu_millicores_total, allocated_memory_mib_total, allocated_storage_mib_total, max_cpu_millicores_per_instance, max_memory_mib_per_instance, max_storage_mib_per_instance, max_concurrent_builds
FROM `quota`
WHERE workspace_id = ?

func (*Queries) FindRatelimitNamespace 

func (q *Queries) FindRatelimitNamespace(ctx context.Context, db DBTX, arg FindRatelimitNamespaceParams) (FindRatelimitNamespaceRow, error)

FindRatelimitNamespace 

SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m,
       coalesce(
               (select json_arrayagg(
                               json_object(
                                       'id', ro.id,
                                       'identifier', ro.identifier,
                                       'limit', ro.limit,
                                       'duration', ro.duration
                               )
                       )
                from ratelimit_overrides ro where ro.namespace_id = ns.id AND ro.deleted_at_m IS NULL),
               json_array()
       ) as overrides
FROM `ratelimit_namespaces` ns
WHERE ns.workspace_id = ?
AND (ns.id = ? OR ns.name = ?)

func (*Queries) FindRatelimitNamespaceByID 

func (q *Queries) FindRatelimitNamespaceByID(ctx context.Context, db DBTX, id string) (RatelimitNamespace, error)

FindRatelimitNamespaceByID 

SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m FROM `ratelimit_namespaces`
WHERE id = ?

func (*Queries) FindRatelimitNamespaceByName 

func (q *Queries) FindRatelimitNamespaceByName(ctx context.Context, db DBTX, arg FindRatelimitNamespaceByNameParams) (RatelimitNamespace, error)

FindRatelimitNamespaceByName 

SELECT pk, id, workspace_id, name, created_at_m, updated_at_m, deleted_at_m FROM `ratelimit_namespaces`
WHERE name = ?
AND workspace_id = ?

func (*Queries) FindRatelimitOverrideByID 

func (q *Queries) FindRatelimitOverrideByID(ctx context.Context, db DBTX, arg FindRatelimitOverrideByIDParams) (RatelimitOverride, error)

FindRatelimitOverrideByID 

SELECT pk, id, workspace_id, namespace_id, identifier, `limit`, duration, created_at_m, updated_at_m, deleted_at_m FROM ratelimit_overrides
WHERE
    workspace_id = ?
    AND id = ?

func (*Queries) FindRatelimitOverrideByIdentifier 

func (q *Queries) FindRatelimitOverrideByIdentifier(ctx context.Context, db DBTX, arg FindRatelimitOverrideByIdentifierParams) (RatelimitOverride, error)

FindRatelimitOverrideByIdentifier 

SELECT pk, id, workspace_id, namespace_id, identifier, `limit`, duration, created_at_m, updated_at_m, deleted_at_m FROM ratelimit_overrides
WHERE
    workspace_id = ?
    AND namespace_id = ?
    AND identifier = ?

func (*Queries) FindRegionById 

func (q *Queries) FindRegionById(ctx context.Context, db DBTX, regionID string) (Region, error)

FindRegionById 

SELECT
 pk, id, name, platform, can_schedule
FROM regions
WHERE id = ? LIMIT 1

func (*Queries) FindRegionByPlatformAndName 

func (q *Queries) FindRegionByPlatformAndName(ctx context.Context, db DBTX, arg FindRegionByPlatformAndNameParams) (Region, error)

FindRegionByPlatformAndName 

SELECT
 pk, id, name, platform, can_schedule
FROM regions
WHERE platform = ? AND name = ? LIMIT 1

func (*Queries) FindRoleByID 

func (q *Queries) FindRoleByID(ctx context.Context, db DBTX, roleID string) (Role, error)

Finds a role record by its ID Returns: The role record if found 

SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m
FROM roles
WHERE id = ?
LIMIT 1

func (*Queries) FindRoleByIdOrNameWithPerms 

func (q *Queries) FindRoleByIdOrNameWithPerms(ctx context.Context, db DBTX, arg FindRoleByIdOrNameWithPermsParams) (FindRoleByIdOrNameWithPermsRow, error)

FindRoleByIdOrNameWithPerms 

SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m, COALESCE(
        (SELECT JSON_ARRAYAGG(
            json_object(
                'id', permission.id,
                'name', permission.name,
                'slug', permission.slug,
                'description', permission.description
           )
        )
         FROM (SELECT name, id, slug, description
               FROM roles_permissions rp
                        JOIN permissions p ON p.id = rp.permission_id
               WHERE rp.role_id = r.id) as permission),
        JSON_ARRAY()
) as permissions
FROM roles r
WHERE r.workspace_id = ? AND (
    r.id = ?
    OR r.name = ?
)

func (*Queries) FindRoleByNameAndWorkspaceID 

func (q *Queries) FindRoleByNameAndWorkspaceID(ctx context.Context, db DBTX, arg FindRoleByNameAndWorkspaceIDParams) (Role, error)

Finds a role record by its name within a specific workspace Returns: The role record if found 

SELECT pk, id, workspace_id, name, description, created_at_m, updated_at_m
FROM roles
WHERE name = ?
AND workspace_id = ?
LIMIT 1

func (*Queries) FindRolePermissionByRoleAndPermissionID 

func (q *Queries) FindRolePermissionByRoleAndPermissionID(ctx context.Context, db DBTX, arg FindRolePermissionByRoleAndPermissionIDParams) ([]RolesPermission, error)

FindRolePermissionByRoleAndPermissionID 

SELECT pk, role_id, permission_id, workspace_id, created_at_m, updated_at_m
FROM roles_permissions
WHERE role_id = ?
  AND permission_id = ?

func (*Queries) FindRolesByNames 

func (q *Queries) FindRolesByNames(ctx context.Context, db DBTX, arg FindRolesByNamesParams) ([]FindRolesByNamesRow, error)

FindRolesByNames 

SELECT id, name FROM roles WHERE workspace_id = ? AND name IN (/*SLICE:names*/?)

func (*Queries) FindSentinelByID 

func (q *Queries) FindSentinelByID(ctx context.Context, db DBTX, id string) (Sentinel, error)

FindSentinelByID 

SELECT pk, id, workspace_id, project_id, environment_id, k8s_name, k8s_address, region_id, image, running_image, desired_state, health, desired_replicas, available_replicas, deploy_status, cpu_millicores, memory_mib, created_at, updated_at FROM sentinels s
WHERE id = ? LIMIT 1

func (*Queries) FindSentinelDeployContextByK8sName 

func (q *Queries) FindSentinelDeployContextByK8sName(ctx context.Context, db DBTX, k8sName string) (FindSentinelDeployContextByK8sNameRow, error)

Returns the sentinel fields ReportSentinelStatus needs to decide whether a rollout has converged: deploy_status (gates), image comparison, and desired replica count. 

SELECT
    id,
    deploy_status,
    image AS desired_image,
    running_image,
    desired_replicas
FROM sentinels
WHERE k8s_name = ? LIMIT 1

func (*Queries) FindSentinelsByEnvironmentID 

func (q *Queries) FindSentinelsByEnvironmentID(ctx context.Context, db DBTX, environmentID string) ([]FindSentinelsByEnvironmentIDRow, error)

FindSentinelsByEnvironmentID 

SELECT s.pk, s.id, s.workspace_id, s.project_id, s.environment_id, s.k8s_name, s.k8s_address, s.region_id, s.image, s.running_image, s.desired_state, s.health, s.desired_replicas, s.available_replicas, s.deploy_status, s.cpu_millicores, s.memory_mib, s.created_at, s.updated_at, r.pk, r.id, r.name, r.platform, r.can_schedule FROM sentinels s LEFT JOIN regions r ON s.region_id = r.id WHERE s.environment_id = ?

func (*Queries) FindValidPortalSession 

func (q *Queries) FindValidPortalSession(ctx context.Context, db DBTX, arg FindValidPortalSessionParams) (PortalSession, error)

FindValidPortalSession 

SELECT pk, id, workspace_id, portal_config_id, external_id, permissions, preview, expires_at, created_at FROM portal_sessions
WHERE id = ?
  AND expires_at > ?

func (*Queries) FindValidPortalSessionToken 

func (q *Queries) FindValidPortalSessionToken(ctx context.Context, db DBTX, arg FindValidPortalSessionTokenParams) (PortalSessionToken, error)

FindValidPortalSessionToken 

SELECT pk, id, workspace_id, portal_config_id, external_id, permissions, preview, exchanged_at, expires_at, created_at FROM portal_session_tokens
WHERE id = ?
  AND exchanged_at IS NULL
  AND expires_at > ?

func (*Queries) FindVerifiedCustomDomainByAppID 

func (q *Queries) FindVerifiedCustomDomainByAppID(ctx context.Context, db DBTX, appID string) (CustomDomain, error)

FindVerifiedCustomDomainByAppID 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
WHERE app_id = ? AND verification_status = 'verified'
ORDER BY created_at ASC, id ASC
LIMIT 1

func (*Queries) FindVerifiedCustomDomainByDomainExcludingWorkspace 

func (q *Queries) FindVerifiedCustomDomainByDomainExcludingWorkspace(ctx context.Context, db DBTX, arg FindVerifiedCustomDomainByDomainExcludingWorkspaceParams) (CustomDomain, error)

FindVerifiedCustomDomainByDomainExcludingWorkspace 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at FROM custom_domains
WHERE domain = ?
  AND workspace_id != ?
  AND verification_status = 'verified'
LIMIT 1

func (*Queries) FindWorkspaceByID 

func (q *Queries) FindWorkspaceByID(ctx context.Context, db DBTX, id string) (Workspace, error)

FindWorkspaceByID 

SELECT pk, id, org_id, name, slug, k8s_namespace, tier, stripe_customer_id, stripe_subscription_id, beta_features, subscriptions, enabled, delete_protection, created_at_m, updated_at_m, deleted_at_m FROM `workspaces`
WHERE id = ?

func (*Queries) FlipSentinelDeployStatusIfProgressing 

func (q *Queries) FlipSentinelDeployStatusIfProgressing(ctx context.Context, db DBTX, arg FlipSentinelDeployStatusIfProgressingParams) (int64, error)

FlipSentinelDeployStatusIfProgressing flips deploy_status from progressing to the target status, guarding against concurrent writers (e.g. the Deploy worker marking failed on timeout) by only updating rows whose current status is still 'progressing'. Returns the number of rows affected; the caller should treat 0 as "someone else already moved this sentinel out of progressing" and skip follow-up side effects (NotifyReady, etc.). 

UPDATE sentinels SET
  deploy_status = ?,
  updated_at = ?
WHERE id = ?
  AND deploy_status = 'progressing'

func (*Queries) GetDeploymentChangesMaxVersion 

func (q *Queries) GetDeploymentChangesMaxVersion(ctx context.Context, db DBTX, regionID string) (int64, error)

GetDeploymentChangesMaxVersion returns the current maximum version (pk) for a region. Used during full sync to establish the starting version for incremental polling. 

SELECT CAST(COALESCE(MAX(pk), 0) AS UNSIGNED) AS max_version
FROM `deployment_changes`
WHERE region_id = ?

func (*Queries) GetKeyAuthByID 

func (q *Queries) GetKeyAuthByID(ctx context.Context, db DBTX, id string) (GetKeyAuthByIDRow, error)

GetKeyAuthByID 

SELECT
    id,
    workspace_id,
    created_at_m,
    default_prefix,
    default_bytes,
    store_encrypted_keys
FROM key_auth
WHERE id = ?
  AND deleted_at_m IS NULL

func (*Queries) GetWorkspacesForQuotaCheckByIDs 

func (q *Queries) GetWorkspacesForQuotaCheckByIDs(ctx context.Context, db DBTX, workspaceIds []string) ([]GetWorkspacesForQuotaCheckByIDsRow, error)

GetWorkspacesForQuotaCheckByIDs 

SELECT
   w.id,
   w.org_id,
   w.name,
   w.stripe_customer_id,
   w.tier,
   w.enabled,
   q.requests_per_month
FROM `workspaces` w
LEFT JOIN quota q ON w.id = q.workspace_id
WHERE w.id IN (/*SLICE:workspace_ids*/?)

func (*Queries) HardDeleteWorkspace 

func (q *Queries) HardDeleteWorkspace(ctx context.Context, db DBTX, id string) (sql.Result, error)

HardDeleteWorkspace 

DELETE FROM `workspaces`
WHERE id = ?
AND delete_protection = false

func (*Queries) HasNewerActiveDeployment 

func (q *Queries) HasNewerActiveDeployment(ctx context.Context, db DBTX, arg HasNewerActiveDeploymentParams) (bool, error)

Check whether a newer deployment exists for the same (app, env, branch) that makes building this one pointless. Matches any non-terminal status including 'ready' — if a newer commit is already deployed there is no reason to build an older one. 

SELECT EXISTS (
    SELECT 1 FROM deployments
    WHERE app_id = ?
      AND environment_id = ?
      AND git_branch = ?
      AND status NOT IN ('failed', 'skipped', 'stopped', 'superseded', 'cancelled')
      AND created_at > ?
      AND id != ?
) AS has_newer

func (*Queries) InsertAcmeChallenge 

func (q *Queries) InsertAcmeChallenge(ctx context.Context, db DBTX, arg InsertAcmeChallengeParams) error

InsertAcmeChallenge 

INSERT INTO acme_challenges (
    workspace_id,
    domain_id,
    token,
    authorization,
    status,
    challenge_type,
    created_at,
    updated_at,
    expires_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertAcmeUser 

func (q *Queries) InsertAcmeUser(ctx context.Context, db DBTX, arg InsertAcmeUserParams) error

InsertAcmeUser 

INSERT INTO acme_users (id, workspace_id, encrypted_key, created_at)
VALUES (?,?,?,?)

func (*Queries) InsertApi 

func (q *Queries) InsertApi(ctx context.Context, db DBTX, arg InsertApiParams) error

InsertApi 

INSERT INTO apis (
    id,
    name,
    workspace_id,
    auth_type,
    ip_whitelist,
    key_auth_id,
    created_at_m,
    deleted_at_m
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    NULL
)

func (*Queries) InsertApp 

func (q *Queries) InsertApp(ctx context.Context, db DBTX, arg InsertAppParams) error

InsertApp 

INSERT INTO apps (
    id,
    workspace_id,
    project_id,
    name,
    slug,
    default_branch,
    delete_protection,
    created_at,
    updated_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertAppEnvironmentVariable 

func (q *Queries) InsertAppEnvironmentVariable(ctx context.Context, db DBTX, arg InsertAppEnvironmentVariableParams) error

InsertAppEnvironmentVariable 

INSERT INTO app_environment_variables (id, workspace_id, app_id, environment_id, `key`, value, created_at)
VALUES (?, ?, ?, ?, ?, ?, ?)

func (*Queries) InsertAuditLog 

func (q *Queries) InsertAuditLog(ctx context.Context, db DBTX, arg InsertAuditLogParams) error

InsertAuditLog 

INSERT INTO `audit_log` (
    id,
    workspace_id,
    bucket_id,
    bucket,
    event,
    time,
    display,
    remote_ip,
    user_agent,
    actor_type,
    actor_id,
    actor_name,
    actor_meta,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    CAST(? AS JSON),
    ?
)

func (*Queries) InsertAuditLogTarget 

func (q *Queries) InsertAuditLogTarget(ctx context.Context, db DBTX, arg InsertAuditLogTargetParams) error

InsertAuditLogTarget 

INSERT INTO `audit_log_target` (
    workspace_id,
    bucket_id,
    bucket,
    audit_log_id,
    display_name,
    type,
    id,
    name,
    meta,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    CAST(? AS JSON),
    ?
)

func (*Queries) InsertCertificate 

func (q *Queries) InsertCertificate(ctx context.Context, db DBTX, arg InsertCertificateParams) error

InsertCertificate 

INSERT INTO certificates (id, workspace_id, hostname, certificate, encrypted_private_key, created_at)
VALUES (?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE
workspace_id = VALUES(workspace_id),
hostname = VALUES(hostname),
certificate = VALUES(certificate),
encrypted_private_key = VALUES(encrypted_private_key),
updated_at = ?

func (*Queries) InsertCiliumNetworkPolicy 

func (q *Queries) InsertCiliumNetworkPolicy(ctx context.Context, db DBTX, arg InsertCiliumNetworkPolicyParams) error

InsertCiliumNetworkPolicy 

INSERT INTO cilium_network_policies (
    id,
    workspace_id,
    project_id,
    app_id,
    environment_id,
    deployment_id,
    k8s_name,
    k8s_namespace,
    region_id,
    policy,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertClickhouseOutbox 

func (q *Queries) InsertClickhouseOutbox(ctx context.Context, db DBTX, arg InsertClickhouseOutboxParams) error

InsertClickhouseOutbox enqueues one event for ClickHouse export. Called from the same MySQL transaction as the underlying mutation, so durability is exactly the durability of the mutation: if the mutation commits, the outbox row commits.

version namespaces the payload schema (e.g. "audit_log.v1"). The drainer filters by versions it knows, so writing a new version without a matching drainer leaves rows queued safely. 

INSERT INTO `clickhouse_outbox` (
    version,
    workspace_id,
    event_id,
    payload,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    CAST(? AS JSON),
    ?
)

func (*Queries) InsertClickhouseWorkspaceSettings 

func (q *Queries) InsertClickhouseWorkspaceSettings(ctx context.Context, db DBTX, arg InsertClickhouseWorkspaceSettingsParams) error

InsertClickhouseWorkspaceSettings 

INSERT INTO `clickhouse_workspace_settings` (
    workspace_id,
    username,
    password_encrypted,
    quota_duration_seconds,
    max_queries_per_window,
    max_execution_time_per_window,
    max_query_execution_time,
    max_query_memory_bytes,
    max_query_result_rows,
    created_at,
    updated_at
)
VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertCustomDomain 

func (q *Queries) InsertCustomDomain(ctx context.Context, db DBTX, arg InsertCustomDomainParams) error

InsertCustomDomain 

INSERT INTO custom_domains (
    id, workspace_id, project_id, app_id, environment_id, domain,
    challenge_type, verification_status, verification_token, target_cname,
    domain_connect_provider, domain_connect_url, invocation_id, created_at
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)

func (*Queries) InsertDeployment 

func (q *Queries) InsertDeployment(ctx context.Context, db DBTX, arg InsertDeploymentParams) error

InsertDeployment 

INSERT INTO `deployments` (
    id,
    k8s_name,
    workspace_id,
    project_id,
    app_id,
    environment_id,
    git_commit_sha,
    git_branch,
    sentinel_config,
    git_commit_message,
    git_commit_author_handle,
    git_commit_author_avatar_url,
    git_commit_timestamp,
    encrypted_environment_variables,
    command,
    status,
    cpu_millicores,
    memory_mib,
    storage_mib,
    port,
    shutdown_signal,
    upstream_protocol,
    healthcheck,
    pr_number,
    fork_repository_full_name,
    created_at,
    updated_at
)
VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertDeploymentChange 

func (q *Queries) InsertDeploymentChange(ctx context.Context, db DBTX, arg InsertDeploymentChangeParams) error

InsertDeploymentChange 

INSERT INTO `deployment_changes` (
    resource_type,
    resource_id,
    region_id,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertDeploymentStep 

func (q *Queries) InsertDeploymentStep(ctx context.Context, db DBTX, arg InsertDeploymentStepParams) error

InsertDeploymentStep 

INSERT INTO `deployment_steps` (
    workspace_id,
    project_id,
    app_id,
    environment_id,
    deployment_id,
    step,
    started_at
)
VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
) ON DUPLICATE KEY UPDATE
    started_at = VALUES(started_at),
    ended_at = NULL,
    error = NULL

func (*Queries) InsertDeploymentTopology 

func (q *Queries) InsertDeploymentTopology(ctx context.Context, db DBTX, arg InsertDeploymentTopologyParams) error

InsertDeploymentTopology 

INSERT INTO `deployment_topology` (
    workspace_id,
    deployment_id,
    region_id,
    autoscaling_replicas_min,
    autoscaling_replicas_max,
    autoscaling_threshold_cpu,
    autoscaling_threshold_memory,
    desired_status,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertEnvironment 

func (q *Queries) InsertEnvironment(ctx context.Context, db DBTX, arg InsertEnvironmentParams) error

InsertEnvironment 

INSERT INTO environments (
    id,
    workspace_id,
    project_id,
    app_id,
    slug,
    description,
    created_at,
    updated_at
) VALUES (
    ?, ?, ?, ?, ?, ?, ?, ?
)

func (*Queries) InsertFrontlineRoute 

func (q *Queries) InsertFrontlineRoute(ctx context.Context, db DBTX, arg InsertFrontlineRouteParams) error

InsertFrontlineRoute 

INSERT INTO frontline_routes (
    id,
    project_id,
    app_id,
    deployment_id,
    environment_id,
    fully_qualified_domain_name,
    sticky,
    created_at,
    updated_at
)
VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertGithubRepoConnection 

func (q *Queries) InsertGithubRepoConnection(ctx context.Context, db DBTX, arg InsertGithubRepoConnectionParams) error

InsertGithubRepoConnection 

INSERT INTO github_repo_connections (
    workspace_id,
    project_id,
    app_id,
    installation_id,
    repository_id,
    repository_full_name,
    created_at,
    updated_at
)
VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertIdentity 

func (q *Queries) InsertIdentity(ctx context.Context, db DBTX, arg InsertIdentityParams) error

InsertIdentity 

INSERT INTO `identities` (
    id,
    external_id,
    workspace_id,
    environment,
    created_at,
    meta
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    CAST(? AS JSON)
)

func (*Queries) InsertIdentityRatelimit 

func (q *Queries) InsertIdentityRatelimit(ctx context.Context, db DBTX, arg InsertIdentityRatelimitParams) error

InsertIdentityRatelimit 

INSERT INTO `ratelimits` (
    id,
    workspace_id,
    identity_id,
    name,
    `limit`,
    duration,
    created_at,
    auto_apply
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
) ON DUPLICATE KEY UPDATE
    name = VALUES(name),
    `limit` = VALUES(`limit`),
    duration = VALUES(duration),
    auto_apply = VALUES(auto_apply),
    updated_at = VALUES(created_at)

func (*Queries) InsertKey 

func (q *Queries) InsertKey(ctx context.Context, db DBTX, arg InsertKeyParams) error

InsertKey 

INSERT INTO `keys` (
    id,
    key_auth_id,
    hash,
    start,
    workspace_id,
    for_workspace_id,
    name,
    owner_id,
    identity_id,
    meta,
    expires,
    created_at_m,
    enabled,
    remaining_requests,
    refill_day,
    refill_amount,
    pending_migration_id
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    null,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertKeyAuth 

func (q *Queries) InsertKeyAuth(ctx context.Context, db DBTX, arg InsertKeyAuthParams) error

InsertKeyAuth 

INSERT INTO key_auth (
    id,
    workspace_id,
    created_at_m,
    default_prefix,
    default_bytes,
    store_encrypted_keys
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    false
)

func (*Queries) InsertKeyEncryption 

func (q *Queries) InsertKeyEncryption(ctx context.Context, db DBTX, arg InsertKeyEncryptionParams) error

InsertKeyEncryption 

INSERT INTO encrypted_keys
(workspace_id, key_id, encrypted, encryption_key_id, created_at)
VALUES (?, ?, ?, ?, ?)

func (*Queries) InsertKeyMigration 

func (q *Queries) InsertKeyMigration(ctx context.Context, db DBTX, arg InsertKeyMigrationParams) error

InsertKeyMigration 

INSERT INTO key_migrations (
    id,
    workspace_id,
    algorithm
) VALUES (
    ?,
    ?,
    ?
)

func (*Queries) InsertKeyPermission 

func (q *Queries) InsertKeyPermission(ctx context.Context, db DBTX, arg InsertKeyPermissionParams) error

InsertKeyPermission 

INSERT INTO `keys_permissions` (
    key_id,
    permission_id,
    workspace_id,
    created_at_m
) VALUES (
    ?,
    ?,
    ?,
    ?
) ON DUPLICATE KEY UPDATE updated_at_m = ?

func (*Queries) InsertKeyRatelimit 

func (q *Queries) InsertKeyRatelimit(ctx context.Context, db DBTX, arg InsertKeyRatelimitParams) error

InsertKeyRatelimit 

INSERT INTO `ratelimits` (
    id,
    workspace_id,
    key_id,
    name,
    `limit`,
    duration,
    auto_apply,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
) ON DUPLICATE KEY UPDATE
`limit` = VALUES(`limit`),
duration = VALUES(duration),
auto_apply = VALUES(auto_apply),
updated_at = ?

func (*Queries) InsertKeyRole 

func (q *Queries) InsertKeyRole(ctx context.Context, db DBTX, arg InsertKeyRoleParams) error

InsertKeyRole 

INSERT INTO keys_roles (
  key_id,
  role_id,
  workspace_id,
  created_at_m
)
VALUES (
  ?,
  ?,
  ?,
  ?
)

func (*Queries) InsertKeySpace 

func (q *Queries) InsertKeySpace(ctx context.Context, db DBTX, arg InsertKeySpaceParams) error

InsertKeySpace 

INSERT INTO `key_auth` (
    id,
    workspace_id,
    created_at_m,
    store_encrypted_keys,
    default_prefix,
    default_bytes,
    size_approx,
    size_last_updated_at
) VALUES (
    ?,
    ?,
      ?,
    ?,
    ?,
    ?,
    0,
    0
)

func (*Queries) InsertPermission 

func (q *Queries) InsertPermission(ctx context.Context, db DBTX, arg InsertPermissionParams) error

InsertPermission 

INSERT INTO permissions (
  id,
  workspace_id,
  name,
  slug,
  description,
  created_at_m
)
VALUES (
  ?,
  ?,
  ?,
  ?,
  ?,
  ?
)

func (*Queries) InsertPortalConfig 

func (q *Queries) InsertPortalConfig(ctx context.Context, db DBTX, arg InsertPortalConfigParams) error

InsertPortalConfig 

INSERT INTO portal_configurations (
    id,
    workspace_id,
    slug,
    app_id,
    key_auth_id,
    enabled,
    return_url,
    created_at,
    updated_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertPortalSession 

func (q *Queries) InsertPortalSession(ctx context.Context, db DBTX, arg InsertPortalSessionParams) error

InsertPortalSession 

INSERT INTO portal_sessions (
    id,
    workspace_id,
    portal_config_id,
    external_id,
    permissions,
    preview,
    expires_at,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertPortalSessionToken 

func (q *Queries) InsertPortalSessionToken(ctx context.Context, db DBTX, arg InsertPortalSessionTokenParams) error

InsertPortalSessionToken 

INSERT INTO portal_session_tokens (
    id,
    workspace_id,
    portal_config_id,
    external_id,
    permissions,
    preview,
    expires_at,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertProject 

func (q *Queries) InsertProject(ctx context.Context, db DBTX, arg InsertProjectParams) error

InsertProject 

INSERT INTO projects (
    id,
    workspace_id,
    name,
    slug,
    delete_protection,
    created_at,
    updated_at
) VALUES (
    ?, ?, ?, ?, ?, ?, ?
)

func (*Queries) InsertRatelimitNamespace 

func (q *Queries) InsertRatelimitNamespace(ctx context.Context, db DBTX, arg InsertRatelimitNamespaceParams) error

InsertRatelimitNamespace 

INSERT INTO
    `ratelimit_namespaces` (
        id,
        workspace_id,
        name,
        created_at_m,
        updated_at_m,
        deleted_at_m
        )
VALUES
    (
        ?,
        ?,
        ?,
         ?,
        NULL,
        NULL
    )

func (*Queries) InsertRatelimitOverride 

func (q *Queries) InsertRatelimitOverride(ctx context.Context, db DBTX, arg InsertRatelimitOverrideParams) error

InsertRatelimitOverride 

INSERT INTO ratelimit_overrides (
    id,
    workspace_id,
    namespace_id,
    identifier,
    `limit`,
    duration,
    created_at_m
)
VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)
ON DUPLICATE KEY UPDATE
    `limit` = VALUES(`limit`),
    duration = VALUES(duration),
    updated_at_m = ?

func (*Queries) InsertRole 

func (q *Queries) InsertRole(ctx context.Context, db DBTX, arg InsertRoleParams) error

InsertRole 

INSERT INTO roles (
  id,
  workspace_id,
  name,
  description,
  created_at_m
)
VALUES (
  ?,
  ?,
  ?,
  ?,
  ?
)

func (*Queries) InsertRolePermission 

func (q *Queries) InsertRolePermission(ctx context.Context, db DBTX, arg InsertRolePermissionParams) error

InsertRolePermission 

INSERT INTO roles_permissions (
  role_id,
  permission_id,
  workspace_id,
  created_at_m
)
VALUES (
  ?,
  ?,
  ?,
  ?
)

func (*Queries) InsertSentinel 

func (q *Queries) InsertSentinel(ctx context.Context, db DBTX, arg InsertSentinelParams) error

InsertSentinel 

INSERT INTO sentinels (
    id,
    workspace_id,
    environment_id,
    project_id,
    k8s_address,
    k8s_name,
    region_id,
    image,
    desired_replicas,
    cpu_millicores,
    memory_mib,
    created_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)

func (*Queries) InsertWorkspace 

func (q *Queries) InsertWorkspace(ctx context.Context, db DBTX, arg InsertWorkspaceParams) error

InsertWorkspace 

INSERT INTO `workspaces` (
    id,
    org_id,
    name,
    slug,
    created_at_m,
    tier,
    beta_features,
    enabled,
    delete_protection,
    k8s_namespace
)
VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    'Free',
    '{}',
    true,
    true,
    ?
)

func (*Queries) ListAllCiliumNetworkPoliciesByRegion 

func (q *Queries) ListAllCiliumNetworkPoliciesByRegion(ctx context.Context, db DBTX, arg ListAllCiliumNetworkPoliciesByRegionParams) ([]CiliumNetworkPolicy, error)

ListAllCiliumNetworkPoliciesByRegion returns cilium network policies for a region, paginated by pk. Used during full sync (version=0) to bootstrap krane agents with current state. 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at FROM `cilium_network_policies`
WHERE region_id = ? AND pk > ?
ORDER BY pk ASC
LIMIT ?

func (*Queries) ListAllDeploymentTopologiesByRegion 

func (q *Queries) ListAllDeploymentTopologiesByRegion(ctx context.Context, db DBTX, arg ListAllDeploymentTopologiesByRegionParams) ([]ListAllDeploymentTopologiesByRegionRow, error)

ListAllDeploymentTopologiesByRegion returns running deployment topologies for a region, paginated by pk. Used by SyncDesiredState to reconcile krane agents with current desired state. 

SELECT
    dt.pk, dt.workspace_id, dt.deployment_id, dt.region_id, dt.autoscaling_replicas_min, dt.autoscaling_replicas_max, dt.autoscaling_threshold_cpu, dt.autoscaling_threshold_memory, dt.desired_status, dt.created_at, dt.updated_at,
    d.pk, d.id, d.k8s_name, d.workspace_id, d.project_id, d.environment_id, d.app_id, d.image, d.build_id, d.git_commit_sha, d.git_branch, d.git_commit_message, d.git_commit_author_handle, d.git_commit_author_avatar_url, d.git_commit_timestamp, d.sentinel_config, d.cpu_millicores, d.memory_mib, d.storage_mib, d.desired_state, d.encrypted_environment_variables, d.command, d.port, d.shutdown_signal, d.upstream_protocol, d.healthcheck, d.pr_number, d.fork_repository_full_name, d.github_deployment_id, d.invocation_id, d.status, d.created_at, d.updated_at,
    w.k8s_namespace,
    e.slug AS environment_slug,
    r.name AS region_name,
    grc.repository_full_name AS git_repo
FROM `deployment_topology` dt
INNER JOIN `deployments` d ON dt.deployment_id = d.id
INNER JOIN `workspaces` w ON d.workspace_id = w.id
INNER JOIN `regions` r ON dt.region_id = r.id
INNER JOIN `environments` e ON d.environment_id = e.id
LEFT JOIN `github_repo_connections` grc ON d.app_id = grc.app_id
WHERE r.id = ? AND dt.pk > ? AND dt.desired_status = 'running'
ORDER BY dt.pk ASC
LIMIT ?

func (*Queries) ListAllSentinelsByRegion 

func (q *Queries) ListAllSentinelsByRegion(ctx context.Context, db DBTX, arg ListAllSentinelsByRegionParams) ([]Sentinel, error)

ListAllSentinelsByRegion returns sentinels for a region, paginated by pk. Used during full sync (version=0) to bootstrap krane agents with current state. 

SELECT pk, id, workspace_id, project_id, environment_id, k8s_name, k8s_address, region_id, image, running_image, desired_state, health, desired_replicas, available_replicas, deploy_status, cpu_millicores, memory_mib, created_at, updated_at FROM `sentinels`
WHERE region_id = ? AND pk > ?
ORDER BY pk ASC
LIMIT ?

func (*Queries) ListAppIdsByProject 

func (q *Queries) ListAppIdsByProject(ctx context.Context, db DBTX, projectID string) ([]string, error)

ListAppIdsByProject 

SELECT id FROM apps WHERE project_id = ?

func (*Queries) ListAppsByProject 

func (q *Queries) ListAppsByProject(ctx context.Context, db DBTX, projectID string) ([]ListAppsByProjectRow, error)

ListAppsByProject 

SELECT apps.pk, apps.id, apps.workspace_id, apps.project_id, apps.name, apps.slug, apps.default_branch, apps.current_deployment_id, apps.is_rolled_back, apps.delete_protection, apps.created_at, apps.updated_at
FROM apps
WHERE project_id = ?
ORDER BY created_at ASC

func (*Queries) ListCustomDomainsByProjectID 

func (q *Queries) ListCustomDomainsByProjectID(ctx context.Context, db DBTX, projectID string) ([]CustomDomain, error)

ListCustomDomainsByProjectID 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, domain, challenge_type, verification_status, verification_token, ownership_verified, cname_verified, target_cname, last_checked_at, check_attempts, verification_error, domain_connect_provider, domain_connect_url, invocation_id, created_at, updated_at
FROM custom_domains
WHERE project_id = ?
ORDER BY created_at DESC

func (*Queries) ListDeploymentChangesByRegionAll 

func (q *Queries) ListDeploymentChangesByRegionAll(ctx context.Context, db DBTX, arg ListDeploymentChangesByRegionAllParams) ([]DeploymentChange, error)

ListDeploymentChangesByRegionAll returns all deployment changes for a region with version > after_version. Used by the unified WatchDeploymentChanges stream. Does not filter by resource_type. 

SELECT pk, resource_type, resource_id, region_id, created_at
FROM `deployment_changes`
WHERE pk > ? AND region_id = ?
ORDER BY pk ASC
LIMIT ?

func (*Queries) ListDeploymentsByEnvironmentIdAndStatus 

func (q *Queries) ListDeploymentsByEnvironmentIdAndStatus(ctx context.Context, db DBTX, arg ListDeploymentsByEnvironmentIdAndStatusParams) ([]Deployment, error)

ListDeploymentsByEnvironmentIdAndStatus 

SELECT pk, id, k8s_name, workspace_id, project_id, environment_id, app_id, image, build_id, git_commit_sha, git_branch, git_commit_message, git_commit_author_handle, git_commit_author_avatar_url, git_commit_timestamp, sentinel_config, cpu_millicores, memory_mib, storage_mib, desired_state, encrypted_environment_variables, command, port, shutdown_signal, upstream_protocol, healthcheck, pr_number, fork_repository_full_name, github_deployment_id, invocation_id, status, created_at, updated_at FROM `deployments`
WHERE environment_id = ?
  AND status = ?
  AND created_at < ?
  AND (updated_at IS null OR updated_at < ? )

func (*Queries) ListDesiredDeploymentTopology 

func (q *Queries) ListDesiredDeploymentTopology(ctx context.Context, db DBTX, arg ListDesiredDeploymentTopologyParams) ([]ListDesiredDeploymentTopologyRow, error)

ListDesiredDeploymentTopology returns all deployment topologies matching the desired state for a region. Used during bootstrap to stream all running deployments to krane. 

SELECT
    dt.pk, dt.workspace_id, dt.deployment_id, dt.region_id, dt.autoscaling_replicas_min, dt.autoscaling_replicas_max, dt.autoscaling_threshold_cpu, dt.autoscaling_threshold_memory, dt.desired_status, dt.created_at, dt.updated_at,
    d.pk, d.id, d.k8s_name, d.workspace_id, d.project_id, d.environment_id, d.app_id, d.image, d.build_id, d.git_commit_sha, d.git_branch, d.git_commit_message, d.git_commit_author_handle, d.git_commit_author_avatar_url, d.git_commit_timestamp, d.sentinel_config, d.cpu_millicores, d.memory_mib, d.storage_mib, d.desired_state, d.encrypted_environment_variables, d.command, d.port, d.shutdown_signal, d.upstream_protocol, d.healthcheck, d.pr_number, d.fork_repository_full_name, d.github_deployment_id, d.invocation_id, d.status, d.created_at, d.updated_at,
    w.k8s_namespace
FROM `deployment_topology` dt
INNER JOIN `deployments` d ON dt.deployment_id = d.id
INNER JOIN `workspaces` w ON d.workspace_id = w.id
INNER JOIN `regions` r ON dt.region_id = r.id
WHERE (? = '' OR r.name = ?)
    AND d.desired_state = ?
    AND dt.deployment_id > ?
ORDER BY dt.deployment_id ASC
LIMIT ?

func (*Queries) ListDesiredNetworkPolicies 

func (q *Queries) ListDesiredNetworkPolicies(ctx context.Context, db DBTX, arg ListDesiredNetworkPoliciesParams) ([]CiliumNetworkPolicy, error)

ListDesiredNetworkPolicies 

SELECT pk, id, workspace_id, project_id, app_id, environment_id, deployment_id, k8s_name, k8s_namespace, region_id, policy, created_at, updated_at
FROM `cilium_network_policies`
WHERE (? = '' OR region_id = ?) AND id > ?
ORDER BY id ASC
LIMIT ?

func (*Queries) ListDesiredSentinels 

func (q *Queries) ListDesiredSentinels(ctx context.Context, db DBTX, arg ListDesiredSentinelsParams) ([]Sentinel, error)

ListDesiredSentinels returns all sentinels matching the desired state for a region. Used during bootstrap to stream all running sentinels to krane. 

SELECT pk, id, workspace_id, project_id, environment_id, k8s_name, k8s_address, region_id, image, running_image, desired_state, health, desired_replicas, available_replicas, deploy_status, cpu_millicores, memory_mib, created_at, updated_at
FROM `sentinels`
WHERE (? = '' OR region_id = ?)
    AND desired_state = ?
    AND id > ?
ORDER BY id ASC
LIMIT ?

func (*Queries) ListDirectPermissionsByKeyID 

func (q *Queries) ListDirectPermissionsByKeyID(ctx context.Context, db DBTX, keyID string) ([]Permission, error)

ListDirectPermissionsByKeyID 

SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.description, p.created_at_m, p.updated_at_m
FROM keys_permissions kp
JOIN permissions p ON kp.permission_id = p.id
WHERE kp.key_id = ?
ORDER BY p.slug

func (*Queries) ListEnvVarsForRepoConnections 

func (q *Queries) ListEnvVarsForRepoConnections(ctx context.Context, db DBTX, arg ListEnvVarsForRepoConnectionsParams) ([]ListEnvVarsForRepoConnectionsRow, error)

ListEnvVarsForRepoConnections 

SELECT aev.app_id, aev.`key`, aev.value
FROM app_environment_variables aev
INNER JOIN apps a ON a.id = aev.app_id
INNER JOIN environments e ON e.app_id = a.id AND e.id = aev.environment_id
INNER JOIN github_repo_connections gc ON gc.app_id = a.id
WHERE gc.installation_id = ?
  AND gc.repository_id = ?
  AND e.slug = CASE
    WHEN CAST(? AS SIGNED) = 1 THEN 'preview'
    WHEN ? = COALESCE(NULLIF(a.default_branch, ''), 'main')
    THEN 'production'
    ELSE 'preview'
  END

func (*Queries) ListEnvironmentIdsByApp 

func (q *Queries) ListEnvironmentIdsByApp(ctx context.Context, db DBTX, appID string) ([]string, error)

ListEnvironmentIdsByApp 

SELECT id FROM environments WHERE app_id = ?

func (*Queries) ListExecutableChallenges 

func (q *Queries) ListExecutableChallenges(ctx context.Context, db DBTX, verificationTypes []AcmeChallengesChallengeType) ([]ListExecutableChallengesRow, error)

ListExecutableChallenges 

SELECT dc.workspace_id, dc.challenge_type, d.domain FROM acme_challenges dc
JOIN custom_domains d ON dc.domain_id = d.id
WHERE (dc.status = 'waiting' OR (dc.status = 'verified' AND dc.expires_at <= UNIX_TIMESTAMP(DATE_ADD(NOW(), INTERVAL 30 DAY)) * 1000))
AND dc.challenge_type IN (/*SLICE:verification_types*/?)
ORDER BY d.created_at ASC

func (*Queries) ListGithubRepoConnections 

func (q *Queries) ListGithubRepoConnections(ctx context.Context, db DBTX, arg ListGithubRepoConnectionsParams) ([]GithubRepoConnection, error)

ListGithubRepoConnections 

SELECT
    pk,
    workspace_id,
    project_id,
    app_id,
    installation_id,
    repository_id,
    repository_full_name,
    created_at,
    updated_at
FROM github_repo_connections
WHERE installation_id = ?
  AND repository_id = ?

func (*Queries) ListIdentities 

func (q *Queries) ListIdentities(ctx context.Context, db DBTX, arg ListIdentitiesParams) ([]ListIdentitiesRow, error)

ListIdentities 

SELECT
    i.id,
    i.external_id,
    i.workspace_id,
    i.environment,
    i.meta,
    i.deleted,
    i.created_at,
    i.updated_at,
    COALESCE(
        (SELECT JSON_ARRAYAGG(
            JSON_OBJECT(
                'id', r.id,
                'name', r.name,
                'limit', r.`limit`,
                'duration', r.duration,
                'auto_apply', r.auto_apply = 1
            )
        )
        FROM ratelimits r
        WHERE r.identity_id = i.id),
        JSON_ARRAY()
    ) as ratelimits
FROM identities i
WHERE i.workspace_id = ?
AND i.deleted = ?
AND i.id >= ?
ORDER BY i.id ASC
LIMIT ?

func (*Queries) ListIdentityRatelimits 

func (q *Queries) ListIdentityRatelimits(ctx context.Context, db DBTX, identityID sql.NullString) ([]Ratelimit, error)

ListIdentityRatelimits 

SELECT pk, id, name, workspace_id, created_at, updated_at, key_id, identity_id, `limit`, duration, auto_apply
FROM ratelimits
WHERE identity_id = ?
ORDER BY id ASC

func (*Queries) ListIdentityRatelimitsByID 

func (q *Queries) ListIdentityRatelimitsByID(ctx context.Context, db DBTX, identityID sql.NullString) ([]Ratelimit, error)

ListIdentityRatelimitsByID 

SELECT pk, id, name, workspace_id, created_at, updated_at, key_id, identity_id, `limit`, duration, auto_apply FROM ratelimits WHERE identity_id = ?

func (*Queries) ListIdentityRatelimitsByIDs 

func (q *Queries) ListIdentityRatelimitsByIDs(ctx context.Context, db DBTX, ids []sql.NullString) ([]Ratelimit, error)

ListIdentityRatelimitsByIDs 

SELECT pk, id, name, workspace_id, created_at, updated_at, key_id, identity_id, `limit`, duration, auto_apply FROM ratelimits WHERE identity_id IN (/*SLICE:ids*/?)

func (*Queries) ListKeysByKeySpaceID 

func (q *Queries) ListKeysByKeySpaceID(ctx context.Context, db DBTX, arg ListKeysByKeySpaceIDParams) ([]ListKeysByKeySpaceIDRow, error)

ListKeysByKeySpaceID 

SELECT
  k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
  i.id as identity_id,
  i.external_id as external_id,
  i.meta as identity_meta,
  ek.encrypted as encrypted_key,
  ek.encryption_key_id as encryption_key_id

FROM `keys` k
LEFT JOIN `identities` i ON k.identity_id = i.id
LEFT JOIN encrypted_keys ek ON k.id = ek.key_id
WHERE k.key_auth_id = ?
AND k.id >= ?
AND (? IS NULL OR k.identity_id = ?)
AND k.deleted_at_m IS NULL
ORDER BY k.id ASC
LIMIT ?

func (*Queries) ListKeysForRefill 

func (q *Queries) ListKeysForRefill(ctx context.Context, db DBTX, arg ListKeysForRefillParams) ([]ListKeysForRefillRow, error)

ListKeysForRefill returns keys that need their remaining_requests refilled. Uses a deferred join on pk for stable cursor-based pagination that avoids OFFSET drift when rows are mutated between batches. Keys are selected if:

  • refill_day is NULL (daily refill)
  • refill_day matches today's day of month
  • refill_day > today's day AND today is the last day of month (catch-up for short months)

Keys are skipped if remaining_requests >= refill_amount (already full). 

SELECT k.pk, k.id, k.workspace_id, k.refill_amount, k.remaining_requests, k.name
FROM `keys` k
INNER JOIN (
    SELECT ki.pk
    FROM `keys` ki
    WHERE ki.refill_amount IS NOT NULL
      AND ki.deleted_at_m IS NULL
      AND (ki.remaining_requests IS NULL OR ki.refill_amount > ki.remaining_requests)
      AND (
          ki.refill_day IS NULL
          OR ki.refill_day = ?
          OR (? = 1 AND ki.refill_day > ?)
      )
      AND ki.pk > ?
    ORDER BY pk
    LIMIT ?
) AS batch ON batch.pk = k.pk

func (*Queries) ListLiveKeysByKeySpaceID 

func (q *Queries) ListLiveKeysByKeySpaceID(ctx context.Context, db DBTX, arg ListLiveKeysByKeySpaceIDParams) ([]ListLiveKeysByKeySpaceIDRow, error)

ListLiveKeysByKeySpaceID 

SELECT k.pk, k.id, k.key_auth_id, k.hash, k.start, k.workspace_id, k.for_workspace_id, k.name, k.owner_id, k.identity_id, k.meta, k.expires, k.created_at_m, k.updated_at_m, k.deleted_at_m, k.refill_day, k.refill_amount, k.last_refill_at, k.enabled, k.remaining_requests, k.environment, k.last_used_at, k.pending_migration_id,
       i.id                 as identity_table_id,
       i.external_id        as identity_external_id,
       i.meta               as identity_meta,
       ek.encrypted         as encrypted_key,
       ek.encryption_key_id as encryption_key_id,
       -- Roles with both IDs and names (sorted by name)
       COALESCE(
               (SELECT JSON_ARRAYAGG(
                               JSON_OBJECT(
                                       'id', r.id,
                                       'name', r.name,
                                       'description', r.description
                               )
                       )
                FROM keys_roles kr
                         JOIN roles r ON r.id = kr.role_id
                WHERE kr.key_id = k.id
                ORDER BY r.name),
               JSON_ARRAY()
       )                    as roles,
       -- Direct permissions attached to the key (sorted by slug)
       COALESCE(
               (SELECT JSON_ARRAYAGG(
                               JSON_OBJECT(
                                       'id', p.id,
                                       'name', p.name,
                                       'slug', p.slug,
                                       'description', p.description
                               )
                       )
                FROM keys_permissions kp
                         JOIN permissions p ON kp.permission_id = p.id
                WHERE kp.key_id = k.id
                ORDER BY p.slug),
               JSON_ARRAY()
       )                    as permissions,
       -- Permissions from roles (sorted by slug)
       COALESCE(
               (SELECT JSON_ARRAYAGG(
                               JSON_OBJECT(
                                       'id', p.id,
                                       'name', p.name,
                                       'slug', p.slug,
                                       'description', p.description
                               )
                       )
                FROM keys_roles kr
                         JOIN roles_permissions rp ON kr.role_id = rp.role_id
                         JOIN permissions p ON rp.permission_id = p.id
                WHERE kr.key_id = k.id
                ORDER BY p.slug),
               JSON_ARRAY()
       )                    as role_permissions,
       -- Rate limits
       COALESCE(
               (SELECT JSON_ARRAYAGG(
                               JSON_OBJECT(
                                       'id', id,
                                       'name', name,
                                       'key_id', key_id,
                                       'identity_id', identity_id,
                                       'limit', `limit`,
                                       'duration', duration,
                                       'auto_apply', auto_apply = 1
                               )
                       )
                FROM (
                    SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
                    FROM ratelimits rl
                    WHERE rl.key_id = k.id
                    UNION ALL
                    SELECT rl.id, rl.name, rl.key_id, rl.identity_id, rl.`limit`, rl.duration, rl.auto_apply
                    FROM ratelimits rl
                    WHERE rl.identity_id = i.id
                ) AS combined_rl),
               JSON_ARRAY()
       )                    AS ratelimits
FROM `keys` k
         STRAIGHT_JOIN key_auth ka ON ka.id = k.key_auth_id
         LEFT JOIN identities i ON k.identity_id = i.id AND i.deleted = false
         LEFT JOIN encrypted_keys ek ON ek.key_id = k.id
WHERE k.key_auth_id = ?
  AND k.id >= ?
  AND (? IS NULL OR k.identity_id = ?)
  AND k.deleted_at_m IS NULL
  AND ka.deleted_at_m IS NULL
ORDER BY k.id ASC
LIMIT ?

func (*Queries) ListOlderActiveDeploymentsForDedup 

func (q *Queries) ListOlderActiveDeploymentsForDedup(ctx context.Context, db DBTX, arg ListOlderActiveDeploymentsForDedupParams) ([]ListOlderActiveDeploymentsForDedupRow, error)

Only deployments still in the queue (haven't acquired a build slot yet) are eligible for supersession. Once a deployment transitions to `starting` (after slot acquisition) it's committed — we don't cancel work that's already running. 

SELECT id, invocation_id
FROM deployments
WHERE app_id = ?
  AND environment_id = ?
  AND git_branch = ?
  AND status IN ('pending', 'awaiting_approval')
  AND created_at < ?
  AND id != ?
ORDER BY created_at ASC

func (*Queries) ListPermissions 

func (q *Queries) ListPermissions(ctx context.Context, db DBTX, arg ListPermissionsParams) ([]Permission, error)

ListPermissions 

SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.description, p.created_at_m, p.updated_at_m
FROM permissions p
WHERE p.workspace_id = ?
  AND p.id >= ?
ORDER BY p.id
LIMIT ?

func (*Queries) ListPermissionsByKeyID 

func (q *Queries) ListPermissionsByKeyID(ctx context.Context, db DBTX, arg ListPermissionsByKeyIDParams) ([]string, error)

ListPermissionsByKeyID 

WITH direct_permissions AS (
    SELECT p.slug as permission_slug
    FROM keys_permissions kp
    JOIN permissions p ON kp.permission_id = p.id
    WHERE kp.key_id = ?
),
role_permissions AS (
    SELECT p.slug as permission_slug
    FROM keys_roles kr
    JOIN roles_permissions rp ON kr.role_id = rp.role_id
    JOIN permissions p ON rp.permission_id = p.id
    WHERE kr.key_id = ?
)
SELECT DISTINCT permission_slug
FROM (
    SELECT permission_slug FROM direct_permissions
    UNION ALL
    SELECT permission_slug FROM role_permissions
) all_permissions

func (*Queries) ListPermissionsByRoleID 

func (q *Queries) ListPermissionsByRoleID(ctx context.Context, db DBTX, roleID string) ([]Permission, error)

ListPermissionsByRoleID 

SELECT p.pk, p.id, p.workspace_id, p.name, p.slug, p.description, p.created_at_m, p.updated_at_m
FROM permissions p
JOIN roles_permissions rp ON p.id = rp.permission_id
WHERE rp.role_id = ?
ORDER BY p.slug

func (*Queries) ListPreviewEnvironments 

func (q *Queries) ListPreviewEnvironments(ctx context.Context, db DBTX, arg ListPreviewEnvironmentsParams) ([]Environment, error)

ListPreviewEnvironments 

SELECT pk, id, workspace_id, project_id, app_id, slug, description, delete_protection, created_at, updated_at
FROM environments
WHERE slug = 'preview'
AND pk > ?
ORDER BY pk ASC
LIMIT ?

func (*Queries) ListRatelimitOverridesByNamespaceID 

func (q *Queries) ListRatelimitOverridesByNamespaceID(ctx context.Context, db DBTX, arg ListRatelimitOverridesByNamespaceIDParams) ([]RatelimitOverride, error)

ListRatelimitOverridesByNamespaceID 

SELECT pk, id, workspace_id, namespace_id, identifier, `limit`, duration, created_at_m, updated_at_m, deleted_at_m FROM ratelimit_overrides
WHERE
workspace_id = ?
AND namespace_id = ?
AND deleted_at_m IS NULL
AND id >= ?
ORDER BY id ASC
LIMIT ?

func (*Queries) ListRatelimitsByKeyID 

func (q *Queries) ListRatelimitsByKeyID(ctx context.Context, db DBTX, keyID sql.NullString) ([]ListRatelimitsByKeyIDRow, error)

ListRatelimitsByKeyID 

SELECT
  id,
  name,
  `limit`,
  duration,
  auto_apply
FROM ratelimits
WHERE key_id = ?

func (*Queries) ListRatelimitsByKeyIDs 

func (q *Queries) ListRatelimitsByKeyIDs(ctx context.Context, db DBTX, keyIds []sql.NullString) ([]ListRatelimitsByKeyIDsRow, error)

ListRatelimitsByKeyIDs 

SELECT
  id,
  key_id,
  name,
  `limit`,
  duration,
  auto_apply
FROM ratelimits
WHERE key_id IN (/*SLICE:key_ids*/?)
ORDER BY key_id, id

func (*Queries) ListRegions 

func (q *Queries) ListRegions(ctx context.Context, db DBTX) ([]ListRegionsRow, error)

ListRegions 

SELECT id, name, platform, can_schedule FROM regions

func (*Queries) ListRepoConnectionDeployContexts 

func (q *Queries) ListRepoConnectionDeployContexts(ctx context.Context, db DBTX, arg ListRepoConnectionDeployContextsParams) ([]ListRepoConnectionDeployContextsRow, error)

ListRepoConnectionDeployContexts 

SELECT
    gc.pk, gc.workspace_id, gc.project_id, gc.app_id, gc.installation_id, gc.repository_id, gc.repository_full_name, gc.created_at, gc.updated_at,
    p.pk, p.id, p.workspace_id, p.name, p.slug, p.depot_project_id, p.delete_protection, p.created_at, p.updated_at,
    e.pk, e.id, e.workspace_id, e.project_id, e.app_id, e.slug, e.description, e.delete_protection, e.created_at, e.updated_at,
    a.pk, a.id, a.workspace_id, a.project_id, a.name, a.slug, a.default_branch, a.current_deployment_id, a.is_rolled_back, a.delete_protection, a.created_at, a.updated_at,
    abs.pk, abs.workspace_id, abs.app_id, abs.environment_id, abs.dockerfile, abs.docker_context, abs.watch_paths, abs.auto_deploy, abs.created_at, abs.updated_at,
    ars.pk, ars.workspace_id, ars.app_id, ars.environment_id, ars.port, ars.cpu_millicores, ars.memory_mib, ars.storage_mib, ars.command, ars.healthcheck, ars.shutdown_signal, ars.upstream_protocol, ars.sentinel_config, ars.openapi_spec_path, ars.created_at, ars.updated_at
FROM github_repo_connections gc
INNER JOIN apps a ON a.id = gc.app_id
INNER JOIN projects p ON p.id = gc.project_id
INNER JOIN environments e ON e.app_id = a.id
  AND e.slug = CASE
    WHEN CAST(? AS SIGNED) = 1 THEN 'preview'
    WHEN ? = COALESCE(NULLIF(a.default_branch, ''), 'main')
    THEN 'production'
    ELSE 'preview'
  END
INNER JOIN app_build_settings abs ON abs.app_id = a.id AND abs.environment_id = e.id
INNER JOIN app_runtime_settings ars ON ars.app_id = a.id AND ars.environment_id = e.id
WHERE gc.installation_id = ?
  AND gc.repository_id = ?

func (*Queries) ListRoles 

func (q *Queries) ListRoles(ctx context.Context, db DBTX, arg ListRolesParams) ([]ListRolesRow, error)

ListRoles 

SELECT r.pk, r.id, r.workspace_id, r.name, r.description, r.created_at_m, r.updated_at_m, COALESCE(
        (SELECT JSON_ARRAYAGG(
            json_object(
                'id', permission.id,
                'name', permission.name,
                'slug', permission.slug,
                'description', permission.description
           )
        )
         FROM (SELECT name, id, slug, description
               FROM roles_permissions rp
                        JOIN permissions p ON p.id = rp.permission_id
               WHERE rp.role_id = r.id) as permission),
        JSON_ARRAY()
) as permissions
FROM roles r
WHERE r.workspace_id = ?
AND r.id >= ?
ORDER BY r.id
LIMIT ?

func (*Queries) ListRolesByKeyID 

func (q *Queries) ListRolesByKeyID(ctx context.Context, db DBTX, keyID string) ([]ListRolesByKeyIDRow, error)

ListRolesByKeyID 

SELECT r.pk, r.id, r.workspace_id, r.name, r.description, r.created_at_m, r.updated_at_m, COALESCE(
        (SELECT JSON_ARRAYAGG(
            json_object(
                'id', permission.id,
                'name', permission.name,
                'slug', permission.slug,
                'description', permission.description
           )
        )
         FROM (SELECT name, id, slug, description
               FROM roles_permissions rp
                        JOIN permissions p ON p.id = rp.permission_id
               WHERE rp.role_id = r.id) as permission),
        JSON_ARRAY()
) as permissions
FROM keys_roles kr
JOIN roles r ON kr.role_id = r.id
WHERE kr.key_id = ?
ORDER BY r.name

func (*Queries) ListRunningSentinelIDsAndImages 

func (q *Queries) ListRunningSentinelIDsAndImages(ctx context.Context, db DBTX, arg ListRunningSentinelIDsAndImagesParams) ([]ListRunningSentinelIDsAndImagesRow, error)

ListRunningSentinelIDsAndImages returns IDs, images, and regions of all running sentinels, paginated by id. Used by the rollout service to plan wave assignments without fetching full sentinel rows. 

SELECT id, image, region_id
FROM sentinels
WHERE desired_state = 'running'
  AND id > ?
ORDER BY id ASC
LIMIT ?

func (*Queries) ListWorkspaces 

func (q *Queries) ListWorkspaces(ctx context.Context, db DBTX, cursor string) ([]ListWorkspacesRow, error)

ListWorkspaces 

SELECT
   w.pk, w.id, w.org_id, w.name, w.slug, w.k8s_namespace, w.tier, w.stripe_customer_id, w.stripe_subscription_id, w.beta_features, w.subscriptions, w.enabled, w.delete_protection, w.created_at_m, w.updated_at_m, w.deleted_at_m,
   q.pk, q.workspace_id, q.requests_per_month, q.logs_retention_days, q.audit_logs_retention_days, q.team, q.ratelimit_api_limit, q.ratelimit_api_duration, q.allocated_cpu_millicores_total, q.allocated_memory_mib_total, q.allocated_storage_mib_total, q.max_cpu_millicores_per_instance, q.max_memory_mib_per_instance, q.max_storage_mib_per_instance, q.max_concurrent_builds
FROM `workspaces` w
LEFT JOIN quota q ON w.id = q.workspace_id
WHERE w.id > ?
ORDER BY w.id ASC
LIMIT 100

func (*Queries) ListWorkspacesForQuotaCheck 

func (q *Queries) ListWorkspacesForQuotaCheck(ctx context.Context, db DBTX, cursor string) ([]ListWorkspacesForQuotaCheckRow, error)

ListWorkspacesForQuotaCheck 

SELECT
   w.id,
   w.org_id,
   w.name,
   w.stripe_customer_id,
   w.tier,
   w.enabled,
   q.requests_per_month
FROM `workspaces` w
LEFT JOIN quota q ON w.id = q.workspace_id
WHERE w.id > ?
ORDER BY w.id ASC
LIMIT 100

func (*Queries) LockIdentityForUpdate 

func (q *Queries) LockIdentityForUpdate(ctx context.Context, db DBTX, id string) (string, error)

Acquires an exclusive lock on the identity row to prevent concurrent modifications. This should be called at the start of a transaction before modifying identity-related data. 

SELECT id FROM identities
WHERE id = ?
FOR UPDATE

func (*Queries) LockKeyForUpdate 

func (q *Queries) LockKeyForUpdate(ctx context.Context, db DBTX, id string) (string, error)

Acquires an exclusive lock on the key row to prevent concurrent modifications. This is used to prevent deadlocks when updating key ratelimits concurrently. 

SELECT id FROM `keys`
WHERE id = ?
FOR UPDATE

func (*Queries) MarkClickhouseOutboxBatchDeleted 

func (q *Queries) MarkClickhouseOutboxBatchDeleted(ctx context.Context, db DBTX, arg MarkClickhouseOutboxBatchDeletedParams) error

MarkClickhouseOutboxBatchDeleted soft-deletes a set of pks after their CH insert is confirmed. Called inside the same transaction that selected them, so the row locks held by FOR UPDATE SKIP LOCKED are released as part of commit. A crash between the CH insert and this UPDATE leaves the rows with deleted_at IS NULL; the next batch picks them up and CH's non_replicated_deduplication_window collapses the identical re-insert into a noop.

We mark instead of hard-delete so ops can re-queue events (clear deleted_at) without re-reading the original payload from somewhere else, and so the table doubles as an audit trail of what was exported. There's no sweep job today; the table grows monotonically. 

UPDATE clickhouse_outbox
SET deleted_at = ?
WHERE pk IN (/*SLICE:pks*/?)
  AND deleted_at IS NULL

func (*Queries) ReassignFrontlineRoute 

func (q *Queries) ReassignFrontlineRoute(ctx context.Context, db DBTX, arg ReassignFrontlineRouteParams) error

ReassignFrontlineRoute 

UPDATE frontline_routes
SET
  deployment_id = ?,
  updated_at = ?
WHERE id = ?

func (*Queries) RecordInstanceCrashLoopBackOff 

func (q *Queries) RecordInstanceCrashLoopBackOff(ctx context.Context, db DBTX, arg RecordInstanceCrashLoopBackOffParams) error

Records that kubelet has put a container into CrashLoopBackOff by setting container_status.waiting.reason. The lastTerminationState carries the most recent exit info and is left untouched — the dashboard renders both the underlying exit and the "currently throttling" indicator together.

Called once per (pod_uid, container_name, restart_count) when krane sees the waiting container reach the BackOff state. The next terminated event (or a successful start) will remove $.waiting via RecordInstanceExit.

Out-of-order events are dropped via the restartCount guard: a delayed crashloop RPC from an earlier container life cannot flip the waiting reason back after RecordInstanceExit has already advanced restartCount and removed $.waiting. 

UPDATE instances
SET container_status = JSON_SET(
	container_status,
	'$.waiting', JSON_OBJECT('reason', 'CrashLoopBackOff')
)
WHERE k8s_name = ?
	AND region_id = ?
	AND CAST(JSON_VALUE(container_status, '$.restartCount') AS UNSIGNED) <= CAST(? AS UNSIGNED)

func (*Queries) RecordInstanceExit 

func (q *Queries) RecordInstanceExit(ctx context.Context, db DBTX, arg RecordInstanceExitParams) error

Denormalizes the most recent container exit info onto the instances row's container_status JSON. Called by ctrl when krane reports an event_kind='terminated' event.

The caller computes the full new ContainerStatus value (restartCount, lastTerminationState, no waiting) and passes it in one typed param. The WHERE clause inspects the row's *existing* container_status to drop delayed events; once the guard passes, the new value fully replaces the old (including clearing $.waiting, since a fresh exit ends any prior crashloop window).

Out-of-order events from krane are dropped via a lexicographic (restartCount, finishedAt) tuple comparison: an incoming row only wins if its (restartCount, finishedAt) pair is strictly greater than the pair already on the row. The previous OR-of-clauses formulation let a delayed terminated event from restart_count-1 sneak past via the finishedAt branch and regress the row after restart_count had already advanced. 

UPDATE instances
SET container_status = ?
WHERE k8s_name = ?
	AND region_id = ?
	AND (
		CAST(JSON_VALUE(container_status, '$.restartCount') AS UNSIGNED) < CAST(? AS UNSIGNED)
		OR (
			CAST(JSON_VALUE(container_status, '$.restartCount') AS UNSIGNED) = CAST(? AS UNSIGNED)
			AND (
				JSON_VALUE(container_status, '$.lastTerminationState.finishedAt') IS NULL
				OR CAST(JSON_VALUE(container_status, '$.lastTerminationState.finishedAt') AS UNSIGNED) < CAST(? AS UNSIGNED)
			)
		)
	)

func (*Queries) RefillKeysByIDs 

func (q *Queries) RefillKeysByIDs(ctx context.Context, db DBTX, arg RefillKeysByIDsParams) error

RefillKeysByIDs sets remaining_requests to refill_amount for the given keys. This is a bulk operation to minimize database round trips. 

UPDATE `keys`
SET remaining_requests = refill_amount,
    last_refill_at = NOW(3),
    updated_at_m = ?
WHERE id IN (/*SLICE:ids*/?)
  AND deleted_at_m IS NULL

func (*Queries) ResetCustomDomainVerification 

func (q *Queries) ResetCustomDomainVerification(ctx context.Context, db DBTX, arg ResetCustomDomainVerificationParams) error

ResetCustomDomainVerification 

UPDATE custom_domains
SET verification_status = ?,
    check_attempts = ?,
    verification_error = NULL,
    last_checked_at = NULL,
    invocation_id = ?,
    updated_at = ?
WHERE id = ?

func (*Queries) SetWorkspaceK8sNamespace 

func (q *Queries) SetWorkspaceK8sNamespace(ctx context.Context, db DBTX, arg SetWorkspaceK8sNamespaceParams) error

SetWorkspaceK8sNamespace 

UPDATE `workspaces`
SET k8s_namespace = ?
WHERE id = ? AND k8s_namespace IS NULL

func (*Queries) SoftDeleteApi 

func (q *Queries) SoftDeleteApi(ctx context.Context, db DBTX, arg SoftDeleteApiParams) error

SoftDeleteApi 

UPDATE apis
SET deleted_at_m = ?
WHERE id = ?

func (*Queries) SoftDeleteIdentity 

func (q *Queries) SoftDeleteIdentity(ctx context.Context, db DBTX, arg SoftDeleteIdentityParams) error

SoftDeleteIdentity 

UPDATE identities
SET deleted = 1
WHERE id = ?
  AND workspace_id = ?

func (*Queries) SoftDeleteKeyByID 

func (q *Queries) SoftDeleteKeyByID(ctx context.Context, db DBTX, arg SoftDeleteKeyByIDParams) error

SoftDeleteKeyByID 

UPDATE `keys` SET deleted_at_m = ? WHERE id = ?

func (*Queries) SoftDeleteManyKeysByKeySpaceID 

func (q *Queries) SoftDeleteManyKeysByKeySpaceID(ctx context.Context, db DBTX, arg SoftDeleteManyKeysByKeySpaceIDParams) error

SoftDeleteManyKeysByKeySpaceID 

UPDATE `keys`
SET deleted_at_m = ?
WHERE key_auth_id = ?
AND deleted_at_m IS NULL

func (*Queries) SoftDeleteRatelimitNamespace 

func (q *Queries) SoftDeleteRatelimitNamespace(ctx context.Context, db DBTX, arg SoftDeleteRatelimitNamespaceParams) error

SoftDeleteRatelimitNamespace 

UPDATE `ratelimit_namespaces`
SET
    deleted_at_m =  ?
WHERE id = ?

func (*Queries) SoftDeleteRatelimitOverride 

func (q *Queries) SoftDeleteRatelimitOverride(ctx context.Context, db DBTX, arg SoftDeleteRatelimitOverrideParams) error

SoftDeleteRatelimitOverride 

UPDATE `ratelimit_overrides`
SET
    deleted_at_m =  ?
WHERE id = ?

func (*Queries) SoftDeleteWorkspace 

func (q *Queries) SoftDeleteWorkspace(ctx context.Context, db DBTX, arg SoftDeleteWorkspaceParams) (sql.Result, error)

SoftDeleteWorkspace 

UPDATE `workspaces`
SET deleted_at_m = ?
WHERE id = ?
AND delete_protection = false

func (*Queries) StopDeploymentIfNoInstances 

func (q *Queries) StopDeploymentIfNoInstances(ctx context.Context, db DBTX, arg StopDeploymentIfNoInstancesParams) error

StopDeploymentIfNoInstances 

UPDATE deployments d
LEFT JOIN instances i ON i.deployment_id = d.id
SET d.status = 'stopped', d.updated_at = ?
WHERE d.id = ?
  AND d.desired_state IN ('standby', 'archived')
  AND i.deployment_id IS NULL

func (*Queries) SumAllocatedResourcesByWorkspaceID 

func (q *Queries) SumAllocatedResourcesByWorkspaceID(ctx context.Context, db DBTX, workspaceID string) (SumAllocatedResourcesByWorkspaceIDRow, error)

SumAllocatedResourcesByWorkspaceID 

SELECT
  CAST(COALESCE(SUM(d.`cpu_millicores` * dt.`autoscaling_replicas_max`), 0) AS SIGNED) AS `total_cpu_millicores`,
  CAST(COALESCE(SUM(d.`memory_mib` * dt.`autoscaling_replicas_max`), 0) AS SIGNED) AS `total_memory_mib`,
  CAST(COALESCE(SUM(d.`storage_mib` * dt.`autoscaling_replicas_max`), 0) AS SIGNED) AS `total_storage_mib`
FROM `deployment_topology` dt
JOIN `deployments` d ON d.`id` = dt.`deployment_id`
WHERE dt.`workspace_id` = ?
  AND dt.`desired_status` = 'running'

func (*Queries) UpdateAcmeChallengePending 

func (q *Queries) UpdateAcmeChallengePending(ctx context.Context, db DBTX, arg UpdateAcmeChallengePendingParams) error

UpdateAcmeChallengePending 

UPDATE acme_challenges
SET status = ?, token = ?, authorization = ?, updated_at = ?
WHERE domain_id = ?

func (*Queries) UpdateAcmeChallengeStatus 

func (q *Queries) UpdateAcmeChallengeStatus(ctx context.Context, db DBTX, arg UpdateAcmeChallengeStatusParams) error

UpdateAcmeChallengeStatus 

UPDATE acme_challenges
SET status = ?, updated_at = ?
WHERE domain_id = ?

func (*Queries) UpdateAcmeChallengeTryClaiming 

func (q *Queries) UpdateAcmeChallengeTryClaiming(ctx context.Context, db DBTX, arg UpdateAcmeChallengeTryClaimingParams) error

UpdateAcmeChallengeTryClaiming 

UPDATE acme_challenges
SET status = ?, updated_at = ?
WHERE domain_id = ? AND status = 'waiting'

func (*Queries) UpdateAcmeChallengeVerifiedWithExpiry 

func (q *Queries) UpdateAcmeChallengeVerifiedWithExpiry(ctx context.Context, db DBTX, arg UpdateAcmeChallengeVerifiedWithExpiryParams) error

UpdateAcmeChallengeVerifiedWithExpiry 

UPDATE acme_challenges
SET status = ?, expires_at = ?, updated_at = ?
WHERE domain_id = ?

func (*Queries) UpdateAcmeUserRegistrationURI 

func (q *Queries) UpdateAcmeUserRegistrationURI(ctx context.Context, db DBTX, arg UpdateAcmeUserRegistrationURIParams) error

UpdateAcmeUserRegistrationURI 

UPDATE acme_users SET registration_uri = ? WHERE id = ?

func (*Queries) UpdateApiDeleteProtection 

func (q *Queries) UpdateApiDeleteProtection(ctx context.Context, db DBTX, arg UpdateApiDeleteProtectionParams) error

UpdateApiDeleteProtection 

UPDATE apis
SET delete_protection = ?
WHERE id = ?

func (*Queries) UpdateAppDeployments 

func (q *Queries) UpdateAppDeployments(ctx context.Context, db DBTX, arg UpdateAppDeploymentsParams) error

UpdateAppDeployments 

UPDATE apps
SET
  current_deployment_id = ?,
  is_rolled_back = ?,
  updated_at = ?
WHERE id = ?

func (*Queries) UpdateCiliumNetworkPolicyByEnvironmentRegionAndName 

func (q *Queries) UpdateCiliumNetworkPolicyByEnvironmentRegionAndName(ctx context.Context, db DBTX, arg UpdateCiliumNetworkPolicyByEnvironmentRegionAndNameParams) error

UpdateCiliumNetworkPolicyByEnvironmentRegionAndName 

UPDATE cilium_network_policies
SET policy = ?,
    updated_at = ?
WHERE environment_id = ?
  AND region_id = ?
  AND k8s_name = ?

func (*Queries) UpdateClickhouseWorkspaceSettingsLimits 

func (q *Queries) UpdateClickhouseWorkspaceSettingsLimits(ctx context.Context, db DBTX, arg UpdateClickhouseWorkspaceSettingsLimitsParams) error

UpdateClickhouseWorkspaceSettingsLimits 

UPDATE `clickhouse_workspace_settings`
SET
    quota_duration_seconds = ?,
    max_queries_per_window = ?,
    max_execution_time_per_window = ?,
    max_query_execution_time = ?,
    max_query_memory_bytes = ?,
    max_query_result_rows = ?,
    updated_at = ?
WHERE workspace_id = ?

func (*Queries) UpdateCustomDomainCheckAttempt 

func (q *Queries) UpdateCustomDomainCheckAttempt(ctx context.Context, db DBTX, arg UpdateCustomDomainCheckAttemptParams) error

UpdateCustomDomainCheckAttempt 

UPDATE custom_domains
SET check_attempts = ?,
    last_checked_at = ?,
    updated_at = ?
WHERE id = ?

func (*Queries) UpdateCustomDomainFailed 

func (q *Queries) UpdateCustomDomainFailed(ctx context.Context, db DBTX, arg UpdateCustomDomainFailedParams) error

UpdateCustomDomainFailed 

UPDATE custom_domains
SET verification_status = ?,
    verification_error = ?,
    updated_at = ?
WHERE id = ?

func (*Queries) UpdateCustomDomainInvocationID 

func (q *Queries) UpdateCustomDomainInvocationID(ctx context.Context, db DBTX, arg UpdateCustomDomainInvocationIDParams) error

UpdateCustomDomainInvocationID 

UPDATE custom_domains
SET invocation_id = ?,
    updated_at = ?
WHERE id = ?

func (*Queries) UpdateCustomDomainOwnership 

func (q *Queries) UpdateCustomDomainOwnership(ctx context.Context, db DBTX, arg UpdateCustomDomainOwnershipParams) error

UpdateCustomDomainOwnership 

UPDATE custom_domains
SET ownership_verified = ?, cname_verified = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateCustomDomainVerificationStatus 

func (q *Queries) UpdateCustomDomainVerificationStatus(ctx context.Context, db DBTX, arg UpdateCustomDomainVerificationStatusParams) error

UpdateCustomDomainVerificationStatus 

UPDATE custom_domains
SET verification_status = ?,
    updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentBuildID 

func (q *Queries) UpdateDeploymentBuildID(ctx context.Context, db DBTX, arg UpdateDeploymentBuildIDParams) error

UpdateDeploymentBuildID 

UPDATE deployments
SET build_id = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentDesiredState 

func (q *Queries) UpdateDeploymentDesiredState(ctx context.Context, db DBTX, arg UpdateDeploymentDesiredStateParams) error

UpdateDeploymentDesiredState 

UPDATE deployments
SET desired_state = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentForkRepository 

func (q *Queries) UpdateDeploymentForkRepository(ctx context.Context, db DBTX, arg UpdateDeploymentForkRepositoryParams) error

UpdateDeploymentForkRepository 

UPDATE deployments
SET fork_repository_full_name = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentGitMetadata 

func (q *Queries) UpdateDeploymentGitMetadata(ctx context.Context, db DBTX, arg UpdateDeploymentGitMetadataParams) error

UpdateDeploymentGitMetadata 

UPDATE deployments
SET
    git_commit_sha = ?,
    git_branch = ?,
    git_commit_message = ?,
    git_commit_author_handle = ?,
    git_commit_author_avatar_url = ?,
    git_commit_timestamp = ?,
    updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentGithubDeploymentId 

func (q *Queries) UpdateDeploymentGithubDeploymentId(ctx context.Context, db DBTX, arg UpdateDeploymentGithubDeploymentIdParams) error

UpdateDeploymentGithubDeploymentId 

UPDATE deployments
SET github_deployment_id = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentImage 

func (q *Queries) UpdateDeploymentImage(ctx context.Context, db DBTX, arg UpdateDeploymentImageParams) error

UpdateDeploymentImage 

UPDATE deployments
SET image = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentInvocationID 

func (q *Queries) UpdateDeploymentInvocationID(ctx context.Context, db DBTX, arg UpdateDeploymentInvocationIDParams) error

UpdateDeploymentInvocationID 

UPDATE deployments
SET invocation_id = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentStatus 

func (q *Queries) UpdateDeploymentStatus(ctx context.Context, db DBTX, arg UpdateDeploymentStatusParams) error

UpdateDeploymentStatus 

UPDATE deployments
SET status = ?, updated_at = ?
WHERE id = ?

func (*Queries) UpdateDeploymentStatusBatch 

func (q *Queries) UpdateDeploymentStatusBatch(ctx context.Context, db DBTX, arg UpdateDeploymentStatusBatchParams) error

UpdateDeploymentStatusBatch 

UPDATE deployments
SET status = ?, updated_at = ?
WHERE id IN (/*SLICE:ids*/?)

func (*Queries) UpdateDeploymentStatusIfActive 

func (q *Queries) UpdateDeploymentStatusIfActive(ctx context.Context, db DBTX, arg UpdateDeploymentStatusIfActiveParams) error

Transition a deployment's status only when its current status is still "active" (non-terminal). Prevents the Deploy handler's compensation stack from overwriting a status that was set intentionally by the dedup path (e.g. superseded) or by a successful completion (ready). 

UPDATE deployments
SET status = ?, updated_at = ?
WHERE id = ?
  AND status NOT IN ('ready', 'failed', 'superseded', 'skipped', 'stopped', 'cancelled')

func (*Queries) UpdateDeploymentTopologyDesiredStatus 

func (q *Queries) UpdateDeploymentTopologyDesiredStatus(ctx context.Context, db DBTX, arg UpdateDeploymentTopologyDesiredStatusParams) error

UpdateDeploymentTopologyDesiredStatus updates the desired_status of a topology entry. 

UPDATE `deployment_topology`
SET desired_status = ?, updated_at = ?
WHERE deployment_id = ? AND region_id = ?

func (*Queries) UpdateFrontlineRouteDeploymentId 

func (q *Queries) UpdateFrontlineRouteDeploymentId(ctx context.Context, db DBTX, arg UpdateFrontlineRouteDeploymentIdParams) error

UpdateFrontlineRouteDeploymentId 

UPDATE frontline_routes
SET deployment_id = ?
WHERE id = ?

func (*Queries) UpdateIdentity 

func (q *Queries) UpdateIdentity(ctx context.Context, db DBTX, arg UpdateIdentityParams) error

UpdateIdentity 

UPDATE `identities`
SET
    meta = CAST(? AS JSON),
    updated_at = NOW()
WHERE
    id = ?

func (*Queries) UpdateKey 

func (q *Queries) UpdateKey(ctx context.Context, db DBTX, arg UpdateKeyParams) error

UpdateKey 

UPDATE `keys` k SET
    name = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.name
    END,
    identity_id = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.identity_id
    END,
    enabled = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.enabled
    END,
    meta = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.meta
    END,
    expires = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.expires
    END,
    remaining_requests = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.remaining_requests
    END,
    refill_amount = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.refill_amount
    END,
    refill_day = CASE
        WHEN CAST(? AS UNSIGNED) = 1 THEN ?
        ELSE k.refill_day
    END,
    updated_at_m = ?
WHERE id = ?

func (*Queries) UpdateKeyCreditsDecrement 

func (q *Queries) UpdateKeyCreditsDecrement(ctx context.Context, db DBTX, arg UpdateKeyCreditsDecrementParams) error

UpdateKeyCreditsDecrement 

UPDATE `keys`
SET remaining_requests = CASE
    WHEN remaining_requests >= ? THEN remaining_requests - ?
    ELSE 0
END
WHERE id = ?

func (*Queries) UpdateKeyCreditsIncrement 

func (q *Queries) UpdateKeyCreditsIncrement(ctx context.Context, db DBTX, arg UpdateKeyCreditsIncrementParams) error

UpdateKeyCreditsIncrement 

UPDATE `keys`
SET remaining_requests = remaining_requests + ?
WHERE id = ?

func (*Queries) UpdateKeyCreditsRefill 

func (q *Queries) UpdateKeyCreditsRefill(ctx context.Context, db DBTX, arg UpdateKeyCreditsRefillParams) error

UpdateKeyCreditsRefill 

UPDATE `keys` SET refill_amount = ?, refill_day = ? WHERE id = ?

func (*Queries) UpdateKeyCreditsSet 

func (q *Queries) UpdateKeyCreditsSet(ctx context.Context, db DBTX, arg UpdateKeyCreditsSetParams) error

UpdateKeyCreditsSet 

UPDATE `keys`
SET remaining_requests = ?
WHERE id = ?

func (*Queries) UpdateKeySpaceKeyEncryption 

func (q *Queries) UpdateKeySpaceKeyEncryption(ctx context.Context, db DBTX, arg UpdateKeySpaceKeyEncryptionParams) error

UpdateKeySpaceKeyEncryption 

UPDATE `key_auth` SET store_encrypted_keys = ? WHERE id = ?

func (*Queries) UpdateKeysLastUsed 

func (q *Queries) UpdateKeysLastUsed(ctx context.Context, db DBTX, arg UpdateKeysLastUsedParams) error

UpdateKeysLastUsed 

UPDATE `keys`
SET last_used_at = ?
WHERE id IN (/*SLICE:key_ids*/?)
  AND last_used_at < ?

func (*Queries) UpdateProjectDepotID 

func (q *Queries) UpdateProjectDepotID(ctx context.Context, db DBTX, arg UpdateProjectDepotIDParams) error

UpdateProjectDepotID 

UPDATE projects
SET
    depot_project_id = ?,
    updated_at = ?
WHERE id = ?

func (*Queries) UpdateRatelimit 

func (q *Queries) UpdateRatelimit(ctx context.Context, db DBTX, arg UpdateRatelimitParams) error

UpdateRatelimit 

UPDATE `ratelimits`
SET
    name = ?,
    `limit` = ?,
    duration = ?,
    auto_apply = ?,
    updated_at = NOW()
WHERE
    id = ?

func (*Queries) UpdateRatelimitOverride 

func (q *Queries) UpdateRatelimitOverride(ctx context.Context, db DBTX, arg UpdateRatelimitOverrideParams) (sql.Result, error)

UpdateRatelimitOverride 

UPDATE `ratelimit_overrides`
SET
    `limit` = ?,
    duration = ?,
    updated_at_m= ?
WHERE id = ?

func (*Queries) UpdateSentinelConfig 

func (q *Queries) UpdateSentinelConfig(ctx context.Context, db DBTX, arg UpdateSentinelConfigParams) error

UpdateSentinelConfig updates a sentinel's configuration and deploy status. Used by SentinelService.Deploy() to apply new config before triggering krane. 

UPDATE sentinels SET
  image = ?,
  cpu_millicores = ?,
  memory_mib = ?,
  desired_replicas = ?,
  deploy_status = ?,
  updated_at = ?
WHERE id = ?

func (*Queries) UpdateSentinelDeployStatus 

func (q *Queries) UpdateSentinelDeployStatus(ctx context.Context, db DBTX, arg UpdateSentinelDeployStatusParams) error

UpdateSentinelDeployStatus updates only the deploy status field. Used after convergence check or rollback completes. 

UPDATE sentinels SET
  deploy_status = ?,
  updated_at = ?
WHERE id = ?

func (*Queries) UpdateSentinelObservedState 

func (q *Queries) UpdateSentinelObservedState(ctx context.Context, db DBTX, arg UpdateSentinelObservedStateParams) error

UpdateSentinelObservedState writes observed state from a krane agent: the current health, available replica count, and the image that is actually running on the pods. The running image is used to detect rollout convergence — a deploy is only complete when running_image matches the desired image. 

UPDATE sentinels SET
  available_replicas = ?,
  health = ?,
  running_image = ?,
  updated_at = ?
WHERE k8s_name = ?

func (*Queries) UpdateWorkspaceEnabled 

func (q *Queries) UpdateWorkspaceEnabled(ctx context.Context, db DBTX, arg UpdateWorkspaceEnabledParams) (sql.Result, error)

UpdateWorkspaceEnabled 

UPDATE `workspaces`
SET enabled = ?
WHERE id = ?

func (*Queries) UpsertAppBuildSettings 

func (q *Queries) UpsertAppBuildSettings(ctx context.Context, db DBTX, arg UpsertAppBuildSettingsParams) error

UpsertAppBuildSettings 

INSERT INTO app_build_settings (
    workspace_id,
    app_id,
    environment_id,
    dockerfile,
    docker_context,
    watch_paths,
    auto_deploy,
    created_at,
    updated_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)
ON DUPLICATE KEY UPDATE
    dockerfile = VALUES(dockerfile),
    docker_context = VALUES(docker_context),
    watch_paths = VALUES(watch_paths),
    auto_deploy = VALUES(auto_deploy),
    updated_at = VALUES(updated_at)

func (*Queries) UpsertAppRegionalSettings 

func (q *Queries) UpsertAppRegionalSettings(ctx context.Context, db DBTX, arg UpsertAppRegionalSettingsParams) error

UpsertAppRegionalSettings 

INSERT INTO app_regional_settings (
    workspace_id,
    app_id,
    environment_id,
    region_id,
    replicas,
    created_at,
    updated_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)
ON DUPLICATE KEY UPDATE
    replicas = VALUES(replicas),
    updated_at = VALUES(updated_at)

func (*Queries) UpsertAppRuntimeSettings 

func (q *Queries) UpsertAppRuntimeSettings(ctx context.Context, db DBTX, arg UpsertAppRuntimeSettingsParams) error

UpsertAppRuntimeSettings 

INSERT INTO app_runtime_settings (
    workspace_id,
    app_id,
    environment_id,
    port,
    cpu_millicores,
    memory_mib,
    storage_mib,
    command,
    healthcheck,
    shutdown_signal,
    upstream_protocol,
    sentinel_config,
    openapi_spec_path,
    created_at,
    updated_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?,
    ?
)
ON DUPLICATE KEY UPDATE
    port = VALUES(port),
    cpu_millicores = VALUES(cpu_millicores),
    memory_mib = VALUES(memory_mib),
    storage_mib = VALUES(storage_mib),
    command = VALUES(command),
    healthcheck = VALUES(healthcheck),
    shutdown_signal = VALUES(shutdown_signal),
    upstream_protocol = VALUES(upstream_protocol),
    sentinel_config = VALUES(sentinel_config),
    openapi_spec_path = VALUES(openapi_spec_path),
    updated_at = VALUES(updated_at)

func (*Queries) UpsertCluster 

func (q *Queries) UpsertCluster(ctx context.Context, db DBTX, arg UpsertClusterParams) error

Upserts a cluster by region_id. If the cluster already exists, updates the heartbeat timestamp. 

INSERT INTO clusters (
	id,
	region_id,
	last_heartbeat_at
)
VALUES (
	?,
	?,
	?
)
ON DUPLICATE KEY UPDATE
	last_heartbeat_at = ?

func (*Queries) UpsertCustomDomain 

func (q *Queries) UpsertCustomDomain(ctx context.Context, db DBTX, arg UpsertCustomDomainParams) error

UpsertCustomDomain 

INSERT INTO custom_domains (
    id, workspace_id, project_id, app_id, environment_id, domain,
    challenge_type, verification_status, verification_token, target_cname, created_at
)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE
    workspace_id = VALUES(workspace_id),
    project_id = VALUES(project_id),
    app_id = VALUES(app_id),
    environment_id = VALUES(environment_id),
    challenge_type = VALUES(challenge_type),
    verification_status = VALUES(verification_status),
    target_cname = VALUES(target_cname),
    updated_at = ?

func (*Queries) UpsertEnvironment 

func (q *Queries) UpsertEnvironment(ctx context.Context, db DBTX, arg UpsertEnvironmentParams) error

UpsertEnvironment 

INSERT INTO environments (
    id,
    workspace_id,
    project_id,
    app_id,
    slug,
    created_at
) VALUES (?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE slug = VALUES(slug)

func (*Queries) UpsertIdentity 

func (q *Queries) UpsertIdentity(ctx context.Context, db DBTX, arg UpsertIdentityParams) error

Inserts a new identity or does nothing if one already exists for this workspace/external_id. Use FindIdentityByExternalID after this to get the actual ID. 

INSERT INTO `identities` (
    id,
    external_id,
    workspace_id,
    environment,
    created_at,
    meta
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?,
    CAST(? AS JSON)
)
ON DUPLICATE KEY UPDATE external_id = external_id

func (*Queries) UpsertInstance 

func (q *Queries) UpsertInstance(ctx context.Context, db DBTX, arg UpsertInstanceParams) error

UpsertInstance 

INSERT INTO instances (
	id,
	deployment_id,
	workspace_id,
	project_id,
	app_id,
	region_id,
	k8s_name,
	address,
	cpu_millicores,
	memory_mib,
	status
)
VALUES (
	?,
	?,
	?,
	?,
	?,
	?,
	?,
	?,
	?,
	?,
	?
)
ON DUPLICATE KEY UPDATE
	address = ?,
	cpu_millicores = ?,
	memory_mib = ?,
	status = ?

func (*Queries) UpsertKeySpace 

func (q *Queries) UpsertKeySpace(ctx context.Context, db DBTX, arg UpsertKeySpaceParams) error

UpsertKeySpace 

INSERT INTO key_auth (
    id,
    workspace_id,
    created_at_m,
    default_prefix,
    default_bytes,
    store_encrypted_keys
) VALUES (?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE
    workspace_id = VALUES(workspace_id),
    store_encrypted_keys = VALUES(store_encrypted_keys)

func (*Queries) UpsertOpenApiSpec 

func (q *Queries) UpsertOpenApiSpec(ctx context.Context, db DBTX, arg UpsertOpenApiSpecParams) error

UpsertOpenApiSpec 

INSERT INTO openapi_specs (id,workspace_id, deployment_id, portal_config_id, content, created_at, updated_at)
VALUES (?,?, ?, ?,
        ?, ?, ?)
ON DUPLICATE KEY UPDATE
    content = VALUES(content),
    updated_at = VALUES(updated_at)

func (*Queries) UpsertPortalBranding 

func (q *Queries) UpsertPortalBranding(ctx context.Context, db DBTX, arg UpsertPortalBrandingParams) error

UpsertPortalBranding 

INSERT INTO portal_branding (
    portal_config_id,
    logo_url,
    primary_color,
    created_at,
    updated_at
) VALUES (
    ?,
    ?,
    ?,
    ?,
    ?
)
ON DUPLICATE KEY UPDATE
    logo_url = VALUES(logo_url),
    primary_color = VALUES(primary_color),
    updated_at = VALUES(updated_at)

func (*Queries) UpsertQuota 

func (q *Queries) UpsertQuota(ctx context.Context, db DBTX, arg UpsertQuotaParams) error

UpsertQuota 

INSERT INTO quota (
    workspace_id,
    requests_per_month,
    audit_logs_retention_days,
    logs_retention_days,
    team,
    ratelimit_api_limit,
    ratelimit_api_duration
) VALUES (?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE
    requests_per_month = VALUES(requests_per_month),
    audit_logs_retention_days = VALUES(audit_logs_retention_days),
    logs_retention_days = VALUES(logs_retention_days),
    ratelimit_api_limit = VALUES(ratelimit_api_limit),
    ratelimit_api_duration = VALUES(ratelimit_api_duration)

func (*Queries) UpsertRegion 

func (q *Queries) UpsertRegion(ctx context.Context, db DBTX, arg UpsertRegionParams) error

Inserts a region or does nothing if it already exists. 

INSERT INTO regions (
	id,
	name,
	platform
)
VALUES (
	?,
	?,
	?
)
ON DUPLICATE KEY UPDATE name = name

func (*Queries) UpsertWorkspace 

func (q *Queries) UpsertWorkspace(ctx context.Context, db DBTX, arg UpsertWorkspaceParams) error

UpsertWorkspace 

INSERT INTO workspaces (
    id,
    org_id,
    name,
    slug,
    created_at_m,
    tier,
    beta_features,
    enabled,
    delete_protection
) VALUES (?, ?, ?, ?, ?, ?, ?, true, false)
ON DUPLICATE KEY UPDATE
    beta_features = VALUES(beta_features),
    name = VALUES(name)

type Quotas 

type Quotas struct {
	Pk                          uint64        `db:"pk"`
	WorkspaceID                 string        `db:"workspace_id"`
	RequestsPerMonth            int64         `db:"requests_per_month"`
	LogsRetentionDays           int32         `db:"logs_retention_days"`
	AuditLogsRetentionDays      int32         `db:"audit_logs_retention_days"`
	Team                        bool          `db:"team"`
	RatelimitApiLimit           sql.NullInt32 `db:"ratelimit_api_limit"`
	RatelimitApiDuration        sql.NullInt32 `db:"ratelimit_api_duration"`
	AllocatedCpuMillicoresTotal uint32        `db:"allocated_cpu_millicores_total"`
	AllocatedMemoryMibTotal     uint32        `db:"allocated_memory_mib_total"`
	AllocatedStorageMibTotal    uint32        `db:"allocated_storage_mib_total"`
	MaxCpuMillicoresPerInstance uint32        `db:"max_cpu_millicores_per_instance"`
	MaxMemoryMibPerInstance     uint32        `db:"max_memory_mib_per_instance"`
	MaxStorageMibPerInstance    uint32        `db:"max_storage_mib_per_instance"`
	MaxConcurrentBuilds         uint32        `db:"max_concurrent_builds"`
}

type Ratelimit 

type Ratelimit struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	Name        string         `db:"name"`
	WorkspaceID string         `db:"workspace_id"`
	CreatedAt   int64          `db:"created_at"`
	UpdatedAt   sql.NullInt64  `db:"updated_at"`
	KeyID       sql.NullString `db:"key_id"`
	IdentityID  sql.NullString `db:"identity_id"`
	Limit       uint64         `db:"limit"`
	Duration    uint64         `db:"duration"`
	AutoApply   bool           `db:"auto_apply"`
}

type RatelimitBlocklist 

type RatelimitBlocklist struct {
	Pk          uint64 `db:"pk"`
	WorkspaceID string `db:"workspace_id"`
	Namespace   string `db:"namespace"`
	Identifier  string `db:"identifier"`
	DurationMs  uint64 `db:"duration_ms"`
	Sequence    int64  `db:"sequence"`
	Limit       uint64 `db:"limit"`
	ExpiresAt   uint64 `db:"expires_at"`
}

type RatelimitInfo 

type RatelimitInfo struct {
	ID         string            `json:"id"`
	Name       string            `json:"name"`
	KeyID      dbtype.NullString `json:"key_id"`
	IdentityID dbtype.NullString `json:"identity_id"`
	Limit      uint64            `json:"limit"`
	Duration   uint64            `json:"duration"`
	AutoApply  bool              `json:"auto_apply"`
}

type RatelimitNamespace 

type RatelimitNamespace struct {
	Pk          uint64        `db:"pk"`
	ID          string        `db:"id"`
	WorkspaceID string        `db:"workspace_id"`
	Name        string        `db:"name"`
	CreatedAtM  int64         `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64 `db:"updated_at_m"`
	DeletedAtM  sql.NullInt64 `db:"deleted_at_m"`
}

type RatelimitOverride 

type RatelimitOverride struct {
	Pk          uint64        `db:"pk"`
	ID          string        `db:"id"`
	WorkspaceID string        `db:"workspace_id"`
	NamespaceID string        `db:"namespace_id"`
	Identifier  string        `db:"identifier"`
	Limit       uint64        `db:"limit"`
	Duration    uint64        `db:"duration"`
	CreatedAtM  int64         `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64 `db:"updated_at_m"`
	DeletedAtM  sql.NullInt64 `db:"deleted_at_m"`
}

type ReassignFrontlineRouteParams 

type ReassignFrontlineRouteParams struct {
	DeploymentID string        `db:"deployment_id"`
	UpdatedAt    sql.NullInt64 `db:"updated_at"`
	ID           string        `db:"id"`
}

type RecordInstanceCrashLoopBackOffParams 

type RecordInstanceCrashLoopBackOffParams struct {
	K8sName      string `db:"k8s_name"`
	RegionID     string `db:"region_id"`
	RestartCount int64  `db:"restart_count"`
}

type RecordInstanceExitParams 

type RecordInstanceExitParams struct {
	ContainerStatus dbtype.ContainerStatus `db:"container_status"`
	K8sName         string                 `db:"k8s_name"`
	RegionID        string                 `db:"region_id"`
	RestartCount    int64                  `db:"restart_count"`
	RestartCount_2  int64                  `db:"restart_count_2"`
	FinishedAt      int64                  `db:"finished_at"`
}

type RefillKeysByIDsParams 

type RefillKeysByIDsParams struct {
	Now sql.NullInt64 `db:"now"`
	Ids []string      `db:"ids"`
}

type Region 

type Region struct {
	Pk          uint64 `db:"pk"`
	ID          string `db:"id"`
	Name        string `db:"name"`
	Platform    string `db:"platform"`
	CanSchedule bool   `db:"can_schedule"`
}

type Replica 

type Replica struct {
	// contains filtered or unexported fields
}

Replica wraps a standard SQL database connection and implements the gen.DBTX interface to enable interaction with the generated database code.

func (*Replica) Begin 

func (r *Replica) Begin(ctx context.Context) (DBTx, error)

Begin starts a transaction and returns it. This method provides a way to use the Replica in transaction-based operations.

func (*Replica) ExecContext 

func (r *Replica) ExecContext(ctx context.Context, query string, args ...any) (sql.Result, error)

ExecContext executes a SQL statement and returns a result summary. It's used for INSERT, UPDATE, DELETE statements that don't return rows.

func (*Replica) PingContext 

func (r *Replica) PingContext(ctx context.Context) error

PingContext verifies the database connection is alive.

func (*Replica) PrepareContext 

func (r *Replica) PrepareContext(ctx context.Context, query string) (*sql.Stmt, error)

PrepareContext prepares a SQL statement for later execution.

func (*Replica) QueryContext 

func (r *Replica) QueryContext(ctx context.Context, query string, args ...any) (*sql.Rows, error)

QueryContext executes a SQL query that returns rows.

func (*Replica) QueryRowContext 

func (r *Replica) QueryRowContext(ctx context.Context, query string, args ...any) *sql.Row

QueryRowContext executes a SQL query that returns a single row.

type ResetCustomDomainVerificationParams 

type ResetCustomDomainVerificationParams struct {
	VerificationStatus CustomDomainsVerificationStatus `db:"verification_status"`
	CheckAttempts      int32                           `db:"check_attempts"`
	InvocationID       sql.NullString                  `db:"invocation_id"`
	UpdatedAt          sql.NullInt64                   `db:"updated_at"`
	ID                 string                          `db:"id"`
}

type Role 

type Role struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	Name        string         `db:"name"`
	Description sql.NullString `db:"description"`
	CreatedAtM  int64          `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64  `db:"updated_at_m"`
}

type RoleInfo 

type RoleInfo struct {
	ID          string            `json:"id"`
	Name        string            `json:"name"`
	Description dbtype.NullString `json:"description"`
}

RoleInfo types mirror the database models and support JSON serialization and deserialization. They are used to unmarshal aggregated results (e.g., JSON arrays) returned by database queries.

type RolesPermission 

type RolesPermission struct {
	Pk           uint64        `db:"pk"`
	RoleID       string        `db:"role_id"`
	PermissionID string        `db:"permission_id"`
	WorkspaceID  string        `db:"workspace_id"`
	CreatedAtM   int64         `db:"created_at_m"`
	UpdatedAtM   sql.NullInt64 `db:"updated_at_m"`
}

type Sentinel 

type Sentinel struct {
	Pk                uint64                `db:"pk"`
	ID                string                `db:"id"`
	WorkspaceID       string                `db:"workspace_id"`
	ProjectID         string                `db:"project_id"`
	EnvironmentID     string                `db:"environment_id"`
	K8sName           string                `db:"k8s_name"`
	K8sAddress        string                `db:"k8s_address"`
	RegionID          string                `db:"region_id"`
	Image             string                `db:"image"`
	RunningImage      string                `db:"running_image"`
	DesiredState      SentinelsDesiredState `db:"desired_state"`
	Health            SentinelsHealth       `db:"health"`
	DesiredReplicas   int32                 `db:"desired_replicas"`
	AvailableReplicas int32                 `db:"available_replicas"`
	DeployStatus      SentinelsDeployStatus `db:"deploy_status"`
	CpuMillicores     int32                 `db:"cpu_millicores"`
	MemoryMib         int32                 `db:"memory_mib"`
	CreatedAt         int64                 `db:"created_at"`
	UpdatedAt         sql.NullInt64         `db:"updated_at"`
}

type SentinelsDeployStatus 

type SentinelsDeployStatus string
const (
	SentinelsDeployStatusIdle        SentinelsDeployStatus = "idle"
	SentinelsDeployStatusProgressing SentinelsDeployStatus = "progressing"
	SentinelsDeployStatusReady       SentinelsDeployStatus = "ready"
	SentinelsDeployStatusFailed      SentinelsDeployStatus = "failed"
)

func (*SentinelsDeployStatus) Scan 

func (e *SentinelsDeployStatus) Scan(src interface{}) error

type SentinelsDesiredState 

type SentinelsDesiredState string
const (
	SentinelsDesiredStateRunning  SentinelsDesiredState = "running"
	SentinelsDesiredStateStandby  SentinelsDesiredState = "standby"
	SentinelsDesiredStateArchived SentinelsDesiredState = "archived"
)

func (*SentinelsDesiredState) Scan 

func (e *SentinelsDesiredState) Scan(src interface{}) error

type SentinelsHealth 

type SentinelsHealth string
const (
	SentinelsHealthUnknown   SentinelsHealth = "unknown"
	SentinelsHealthPaused    SentinelsHealth = "paused"
	SentinelsHealthHealthy   SentinelsHealth = "healthy"
	SentinelsHealthUnhealthy SentinelsHealth = "unhealthy"
)

func (*SentinelsHealth) Scan 

func (e *SentinelsHealth) Scan(src interface{}) error

type SetWorkspaceK8sNamespaceParams 

type SetWorkspaceK8sNamespaceParams struct {
	K8sNamespace sql.NullString `db:"k8s_namespace"`
	ID           string         `db:"id"`
}

type SoftDeleteApiParams 

type SoftDeleteApiParams struct {
	Now   sql.NullInt64 `db:"now"`
	ApiID string        `db:"api_id"`
}

type SoftDeleteIdentityParams 

type SoftDeleteIdentityParams struct {
	IdentityID  string `db:"identity_id"`
	WorkspaceID string `db:"workspace_id"`
}

type SoftDeleteKeyByIDParams 

type SoftDeleteKeyByIDParams struct {
	Now sql.NullInt64 `db:"now"`
	ID  string        `db:"id"`
}

type SoftDeleteManyKeysByKeySpaceIDParams 

type SoftDeleteManyKeysByKeySpaceIDParams struct {
	Now        sql.NullInt64 `db:"now"`
	KeySpaceID string        `db:"key_space_id"`
}

type SoftDeleteRatelimitNamespaceParams 

type SoftDeleteRatelimitNamespaceParams struct {
	Now sql.NullInt64 `db:"now"`
	ID  string        `db:"id"`
}

type SoftDeleteRatelimitOverrideParams 

type SoftDeleteRatelimitOverrideParams struct {
	Now sql.NullInt64 `db:"now"`
	ID  string        `db:"id"`
}

type SoftDeleteWorkspaceParams 

type SoftDeleteWorkspaceParams struct {
	Now sql.NullInt64 `db:"now"`
	ID  string        `db:"id"`
}

type StopDeploymentIfNoInstancesParams 

type StopDeploymentIfNoInstancesParams struct {
	UpdatedAt sql.NullInt64 `db:"updated_at"`
	ID        string        `db:"id"`
}

type SumAllocatedResourcesByWorkspaceIDRow 

type SumAllocatedResourcesByWorkspaceIDRow struct {
	TotalCpuMillicores int64 `db:"total_cpu_millicores"`
	TotalMemoryMib     int64 `db:"total_memory_mib"`
	TotalStorageMib    int64 `db:"total_storage_mib"`
}

type TracedTx 

type TracedTx struct {
	// contains filtered or unexported fields
}

TracedTx wraps a sql.Tx to add tracing to all database operations within a transaction

func (*TracedTx) Commit 

func (t *TracedTx) Commit() error

Commit commits the transaction with tracing

func (*TracedTx) ExecContext 

func (t *TracedTx) ExecContext(ctx context.Context, query string, args ...any) (sql.Result, error)

ExecContext executes a SQL statement within the transaction with tracing

func (*TracedTx) PrepareContext 

func (t *TracedTx) PrepareContext(ctx context.Context, query string) (*sql.Stmt, error)

PrepareContext prepares a SQL statement within the transaction with tracing

func (*TracedTx) QueryContext 

func (t *TracedTx) QueryContext(ctx context.Context, query string, args ...any) (*sql.Rows, error)

QueryContext executes a SQL query within the transaction with tracing

func (*TracedTx) QueryRowContext 

func (t *TracedTx) QueryRowContext(ctx context.Context, query string, args ...any) *sql.Row

QueryRowContext executes a SQL query that returns a single row within the transaction with tracing

func (*TracedTx) Rollback 

func (t *TracedTx) Rollback() error

Rollback rolls back the transaction with tracing

type UpdateAcmeChallengePendingParams 

type UpdateAcmeChallengePendingParams struct {
	Status        AcmeChallengesStatus `db:"status"`
	Token         string               `db:"token"`
	Authorization string               `db:"authorization"`
	UpdatedAt     sql.NullInt64        `db:"updated_at"`
	DomainID      string               `db:"domain_id"`
}

type UpdateAcmeChallengeStatusParams 

type UpdateAcmeChallengeStatusParams struct {
	Status    AcmeChallengesStatus `db:"status"`
	UpdatedAt sql.NullInt64        `db:"updated_at"`
	DomainID  string               `db:"domain_id"`
}

type UpdateAcmeChallengeTryClaimingParams 

type UpdateAcmeChallengeTryClaimingParams struct {
	Status    AcmeChallengesStatus `db:"status"`
	UpdatedAt sql.NullInt64        `db:"updated_at"`
	DomainID  string               `db:"domain_id"`
}

type UpdateAcmeChallengeVerifiedWithExpiryParams 

type UpdateAcmeChallengeVerifiedWithExpiryParams struct {
	Status    AcmeChallengesStatus `db:"status"`
	ExpiresAt int64                `db:"expires_at"`
	UpdatedAt sql.NullInt64        `db:"updated_at"`
	DomainID  string               `db:"domain_id"`
}

type UpdateAcmeUserRegistrationURIParams 

type UpdateAcmeUserRegistrationURIParams struct {
	RegistrationUri sql.NullString `db:"registration_uri"`
	ID              string         `db:"id"`
}

type UpdateApiDeleteProtectionParams 

type UpdateApiDeleteProtectionParams struct {
	DeleteProtection sql.NullBool `db:"delete_protection"`
	ApiID            string       `db:"api_id"`
}

type UpdateAppDeploymentsParams 

type UpdateAppDeploymentsParams struct {
	CurrentDeploymentID sql.NullString `db:"current_deployment_id"`
	IsRolledBack        bool           `db:"is_rolled_back"`
	UpdatedAt           sql.NullInt64  `db:"updated_at"`
	AppID               string         `db:"app_id"`
}

type UpdateCiliumNetworkPolicyByEnvironmentRegionAndNameParams 

type UpdateCiliumNetworkPolicyByEnvironmentRegionAndNameParams struct {
	Policy        json.RawMessage `db:"policy"`
	UpdatedAt     sql.NullInt64   `db:"updated_at"`
	EnvironmentID string          `db:"environment_id"`
	RegionID      string          `db:"region_id"`
	K8sName       string          `db:"k8s_name"`
}

type UpdateClickhouseWorkspaceSettingsLimitsParams 

type UpdateClickhouseWorkspaceSettingsLimitsParams struct {
	QuotaDurationSeconds      int32         `db:"quota_duration_seconds"`
	MaxQueriesPerWindow       int32         `db:"max_queries_per_window"`
	MaxExecutionTimePerWindow int32         `db:"max_execution_time_per_window"`
	MaxQueryExecutionTime     int32         `db:"max_query_execution_time"`
	MaxQueryMemoryBytes       int64         `db:"max_query_memory_bytes"`
	MaxQueryResultRows        int32         `db:"max_query_result_rows"`
	UpdatedAt                 sql.NullInt64 `db:"updated_at"`
	WorkspaceID               string        `db:"workspace_id"`
}

type UpdateCustomDomainCheckAttemptParams 

type UpdateCustomDomainCheckAttemptParams struct {
	CheckAttempts int32         `db:"check_attempts"`
	LastCheckedAt sql.NullInt64 `db:"last_checked_at"`
	UpdatedAt     sql.NullInt64 `db:"updated_at"`
	ID            string        `db:"id"`
}

type UpdateCustomDomainFailedParams 

type UpdateCustomDomainFailedParams struct {
	VerificationStatus CustomDomainsVerificationStatus `db:"verification_status"`
	VerificationError  sql.NullString                  `db:"verification_error"`
	UpdatedAt          sql.NullInt64                   `db:"updated_at"`
	ID                 string                          `db:"id"`
}

type UpdateCustomDomainInvocationIDParams 

type UpdateCustomDomainInvocationIDParams struct {
	InvocationID sql.NullString `db:"invocation_id"`
	UpdatedAt    sql.NullInt64  `db:"updated_at"`
	ID           string         `db:"id"`
}

type UpdateCustomDomainOwnershipParams 

type UpdateCustomDomainOwnershipParams struct {
	OwnershipVerified bool          `db:"ownership_verified"`
	CnameVerified     bool          `db:"cname_verified"`
	UpdatedAt         sql.NullInt64 `db:"updated_at"`
	ID                string        `db:"id"`
}

type UpdateCustomDomainVerificationStatusParams 

type UpdateCustomDomainVerificationStatusParams struct {
	VerificationStatus CustomDomainsVerificationStatus `db:"verification_status"`
	UpdatedAt          sql.NullInt64                   `db:"updated_at"`
	ID                 string                          `db:"id"`
}

type UpdateDeploymentBuildIDParams 

type UpdateDeploymentBuildIDParams struct {
	BuildID   sql.NullString `db:"build_id"`
	UpdatedAt sql.NullInt64  `db:"updated_at"`
	ID        string         `db:"id"`
}

type UpdateDeploymentDesiredStateParams 

type UpdateDeploymentDesiredStateParams struct {
	DesiredState DeploymentsDesiredState `db:"desired_state"`
	UpdatedAt    sql.NullInt64           `db:"updated_at"`
	ID           string                  `db:"id"`
}

type UpdateDeploymentForkRepositoryParams 

type UpdateDeploymentForkRepositoryParams struct {
	ForkRepositoryFullName sql.NullString `db:"fork_repository_full_name"`
	UpdatedAt              sql.NullInt64  `db:"updated_at"`
	ID                     string         `db:"id"`
}

type UpdateDeploymentGitMetadataParams 

type UpdateDeploymentGitMetadataParams struct {
	GitCommitSha             sql.NullString `db:"git_commit_sha"`
	GitBranch                sql.NullString `db:"git_branch"`
	GitCommitMessage         sql.NullString `db:"git_commit_message"`
	GitCommitAuthorHandle    sql.NullString `db:"git_commit_author_handle"`
	GitCommitAuthorAvatarUrl sql.NullString `db:"git_commit_author_avatar_url"`
	GitCommitTimestamp       sql.NullInt64  `db:"git_commit_timestamp"`
	UpdatedAt                sql.NullInt64  `db:"updated_at"`
	ID                       string         `db:"id"`
}

type UpdateDeploymentGithubDeploymentIdParams 

type UpdateDeploymentGithubDeploymentIdParams struct {
	GithubDeploymentID sql.NullInt64 `db:"github_deployment_id"`
	UpdatedAt          sql.NullInt64 `db:"updated_at"`
	ID                 string        `db:"id"`
}

type UpdateDeploymentImageParams 

type UpdateDeploymentImageParams struct {
	Image     sql.NullString `db:"image"`
	UpdatedAt sql.NullInt64  `db:"updated_at"`
	ID        string         `db:"id"`
}

type UpdateDeploymentInvocationIDParams 

type UpdateDeploymentInvocationIDParams struct {
	InvocationID sql.NullString `db:"invocation_id"`
	UpdatedAt    sql.NullInt64  `db:"updated_at"`
	ID           string         `db:"id"`
}

type UpdateDeploymentStatusBatchParams 

type UpdateDeploymentStatusBatchParams struct {
	Status    DeploymentsStatus `db:"status"`
	UpdatedAt sql.NullInt64     `db:"updated_at"`
	Ids       []string          `db:"ids"`
}

type UpdateDeploymentStatusIfActiveParams 

type UpdateDeploymentStatusIfActiveParams struct {
	Status    DeploymentsStatus `db:"status"`
	UpdatedAt sql.NullInt64     `db:"updated_at"`
	ID        string            `db:"id"`
}

type UpdateDeploymentStatusParams 

type UpdateDeploymentStatusParams struct {
	Status    DeploymentsStatus `db:"status"`
	UpdatedAt sql.NullInt64     `db:"updated_at"`
	ID        string            `db:"id"`
}

type UpdateDeploymentTopologyDesiredStatusParams 

type UpdateDeploymentTopologyDesiredStatusParams struct {
	DesiredStatus DeploymentTopologyDesiredStatus `db:"desired_status"`
	UpdatedAt     sql.NullInt64                   `db:"updated_at"`
	DeploymentID  string                          `db:"deployment_id"`
	RegionID      string                          `db:"region_id"`
}

type UpdateFrontlineRouteDeploymentIdParams 

type UpdateFrontlineRouteDeploymentIdParams struct {
	Deploymentid string `db:"deploymentid"`
	ID           string `db:"id"`
}

type UpdateIdentityParams 

type UpdateIdentityParams struct {
	Meta json.RawMessage `db:"meta"`
	ID   string          `db:"id"`
}

type UpdateKeyCreditsDecrementParams 

type UpdateKeyCreditsDecrementParams struct {
	Credits sql.NullInt64 `db:"credits"`
	ID      string        `db:"id"`
}

type UpdateKeyCreditsIncrementParams 

type UpdateKeyCreditsIncrementParams struct {
	Credits sql.NullInt64 `db:"credits"`
	ID      string        `db:"id"`
}

type UpdateKeyCreditsRefillParams 

type UpdateKeyCreditsRefillParams struct {
	RefillAmount sql.NullInt64 `db:"refill_amount"`
	RefillDay    sql.NullInt16 `db:"refill_day"`
	ID           string        `db:"id"`
}

type UpdateKeyCreditsSetParams 

type UpdateKeyCreditsSetParams struct {
	Credits sql.NullInt64 `db:"credits"`
	ID      string        `db:"id"`
}

type UpdateKeyParams 

type UpdateKeyParams struct {
	NameSpecified              int64          `db:"name_specified"`
	Name                       sql.NullString `db:"name"`
	IdentityIDSpecified        int64          `db:"identity_id_specified"`
	IdentityID                 sql.NullString `db:"identity_id"`
	EnabledSpecified           int64          `db:"enabled_specified"`
	Enabled                    sql.NullBool   `db:"enabled"`
	MetaSpecified              int64          `db:"meta_specified"`
	Meta                       sql.NullString `db:"meta"`
	ExpiresSpecified           int64          `db:"expires_specified"`
	Expires                    sql.NullTime   `db:"expires"`
	RemainingRequestsSpecified int64          `db:"remaining_requests_specified"`
	RemainingRequests          sql.NullInt64  `db:"remaining_requests"`
	RefillAmountSpecified      int64          `db:"refill_amount_specified"`
	RefillAmount               sql.NullInt64  `db:"refill_amount"`
	RefillDaySpecified         int64          `db:"refill_day_specified"`
	RefillDay                  sql.NullInt16  `db:"refill_day"`
	Now                        sql.NullInt64  `db:"now"`
	ID                         string         `db:"id"`
}

type UpdateKeySpaceKeyEncryptionParams 

type UpdateKeySpaceKeyEncryptionParams struct {
	StoreEncryptedKeys bool   `db:"store_encrypted_keys"`
	ID                 string `db:"id"`
}

type UpdateKeysLastUsedParams 

type UpdateKeysLastUsedParams struct {
	LastUsedAt uint64   `db:"last_used_at"`
	KeyIds     []string `db:"key_ids"`
}

type UpdateProjectDepotIDParams 

type UpdateProjectDepotIDParams struct {
	DepotProjectID sql.NullString `db:"depot_project_id"`
	UpdatedAt      sql.NullInt64  `db:"updated_at"`
	ID             string         `db:"id"`
}

type UpdateRatelimitOverrideParams 

type UpdateRatelimitOverrideParams struct {
	Windowlimit uint64        `db:"windowlimit"`
	Duration    uint64        `db:"duration"`
	Now         sql.NullInt64 `db:"now"`
	ID          string        `db:"id"`
}

type UpdateRatelimitParams 

type UpdateRatelimitParams struct {
	Name      string `db:"name"`
	Limit     uint64 `db:"limit"`
	Duration  uint64 `db:"duration"`
	AutoApply bool   `db:"auto_apply"`
	ID        string `db:"id"`
}

type UpdateSentinelConfigParams 

type UpdateSentinelConfigParams struct {
	Image           string                `db:"image"`
	CpuMillicores   int32                 `db:"cpu_millicores"`
	MemoryMib       int32                 `db:"memory_mib"`
	DesiredReplicas int32                 `db:"desired_replicas"`
	DeployStatus    SentinelsDeployStatus `db:"deploy_status"`
	UpdatedAt       sql.NullInt64         `db:"updated_at"`
	ID              string                `db:"id"`
}

type UpdateSentinelDeployStatusParams 

type UpdateSentinelDeployStatusParams struct {
	DeployStatus SentinelsDeployStatus `db:"deploy_status"`
	UpdatedAt    sql.NullInt64         `db:"updated_at"`
	ID           string                `db:"id"`
}

type UpdateSentinelObservedStateParams 

type UpdateSentinelObservedStateParams struct {
	AvailableReplicas int32           `db:"available_replicas"`
	Health            SentinelsHealth `db:"health"`
	RunningImage      string          `db:"running_image"`
	UpdatedAt         sql.NullInt64   `db:"updated_at"`
	K8sName           string          `db:"k8s_name"`
}

type UpdateWorkspaceEnabledParams 

type UpdateWorkspaceEnabledParams struct {
	Enabled bool   `db:"enabled"`
	ID      string `db:"id"`
}

type UpsertAppBuildSettingsParams 

type UpsertAppBuildSettingsParams struct {
	WorkspaceID   string             `db:"workspace_id"`
	AppID         string             `db:"app_id"`
	EnvironmentID string             `db:"environment_id"`
	Dockerfile    string             `db:"dockerfile"`
	DockerContext string             `db:"docker_context"`
	WatchPaths    dbtype.StringSlice `db:"watch_paths"`
	AutoDeploy    bool               `db:"auto_deploy"`
	CreatedAt     int64              `db:"created_at"`
	UpdatedAt     sql.NullInt64      `db:"updated_at"`
}

type UpsertAppRegionalSettingsParams 

type UpsertAppRegionalSettingsParams struct {
	WorkspaceID   string        `db:"workspace_id"`
	AppID         string        `db:"app_id"`
	EnvironmentID string        `db:"environment_id"`
	RegionID      string        `db:"region_id"`
	Replicas      int32         `db:"replicas"`
	CreatedAt     int64         `db:"created_at"`
	UpdatedAt     sql.NullInt64 `db:"updated_at"`
}

type UpsertAppRuntimeSettingsParams 

type UpsertAppRuntimeSettingsParams struct {
	WorkspaceID      string                             `db:"workspace_id"`
	AppID            string                             `db:"app_id"`
	EnvironmentID    string                             `db:"environment_id"`
	Port             int32                              `db:"port"`
	CpuMillicores    int32                              `db:"cpu_millicores"`
	MemoryMib        int32                              `db:"memory_mib"`
	StorageMib       uint32                             `db:"storage_mib"`
	Command          dbtype.StringSlice                 `db:"command"`
	Healthcheck      dbtype.NullHealthcheck             `db:"healthcheck"`
	ShutdownSignal   AppRuntimeSettingsShutdownSignal   `db:"shutdown_signal"`
	UpstreamProtocol AppRuntimeSettingsUpstreamProtocol `db:"upstream_protocol"`
	SentinelConfig   []byte                             `db:"sentinel_config"`
	OpenapiSpecPath  sql.NullString                     `db:"openapi_spec_path"`
	CreatedAt        int64                              `db:"created_at"`
	UpdatedAt        sql.NullInt64                      `db:"updated_at"`
}

type UpsertClusterParams 

type UpsertClusterParams struct {
	ID              string `db:"id"`
	RegionID        string `db:"region_id"`
	LastHeartbeatAt uint64 `db:"last_heartbeat_at"`
}

type UpsertCustomDomainParams 

type UpsertCustomDomainParams struct {
	ID                 string                          `db:"id"`
	WorkspaceID        string                          `db:"workspace_id"`
	ProjectID          string                          `db:"project_id"`
	AppID              string                          `db:"app_id"`
	EnvironmentID      string                          `db:"environment_id"`
	Domain             string                          `db:"domain"`
	ChallengeType      CustomDomainsChallengeType      `db:"challenge_type"`
	VerificationStatus CustomDomainsVerificationStatus `db:"verification_status"`
	VerificationToken  string                          `db:"verification_token"`
	TargetCname        string                          `db:"target_cname"`
	CreatedAt          int64                           `db:"created_at"`
	UpdatedAt          sql.NullInt64                   `db:"updated_at"`
}

type UpsertEnvironmentParams 

type UpsertEnvironmentParams struct {
	ID          string `db:"id"`
	WorkspaceID string `db:"workspace_id"`
	ProjectID   string `db:"project_id"`
	AppID       string `db:"app_id"`
	Slug        string `db:"slug"`
	CreatedAt   int64  `db:"created_at"`
}

type UpsertIdentityParams 

type UpsertIdentityParams struct {
	ID          string          `db:"id"`
	ExternalID  string          `db:"external_id"`
	WorkspaceID string          `db:"workspace_id"`
	Environment string          `db:"environment"`
	CreatedAt   int64           `db:"created_at"`
	Meta        json.RawMessage `db:"meta"`
}

type UpsertInstanceParams 

type UpsertInstanceParams struct {
	ID            string          `db:"id"`
	DeploymentID  string          `db:"deployment_id"`
	WorkspaceID   string          `db:"workspace_id"`
	ProjectID     string          `db:"project_id"`
	AppID         string          `db:"app_id"`
	RegionID      string          `db:"region_id"`
	K8sName       string          `db:"k8s_name"`
	Address       string          `db:"address"`
	CpuMillicores int32           `db:"cpu_millicores"`
	MemoryMib     int32           `db:"memory_mib"`
	Status        InstancesStatus `db:"status"`
}

type UpsertKeySpaceParams 

type UpsertKeySpaceParams struct {
	ID                 string         `db:"id"`
	WorkspaceID        string         `db:"workspace_id"`
	CreatedAtM         int64          `db:"created_at_m"`
	DefaultPrefix      sql.NullString `db:"default_prefix"`
	DefaultBytes       sql.NullInt32  `db:"default_bytes"`
	StoreEncryptedKeys bool           `db:"store_encrypted_keys"`
}

type UpsertOpenApiSpecParams 

type UpsertOpenApiSpecParams struct {
	ID             string         `db:"id"`
	WorkspaceID    string         `db:"workspace_id"`
	DeploymentID   sql.NullString `db:"deployment_id"`
	PortalConfigID sql.NullString `db:"portal_config_id"`
	Content        []byte         `db:"content"`
	CreatedAt      int64          `db:"created_at"`
	UpdatedAt      sql.NullInt64  `db:"updated_at"`
}

type UpsertPortalBrandingParams 

type UpsertPortalBrandingParams struct {
	PortalConfigID string         `db:"portal_config_id"`
	LogoUrl        sql.NullString `db:"logo_url"`
	PrimaryColor   sql.NullString `db:"primary_color"`
	CreatedAt      int64          `db:"created_at"`
	UpdatedAt      sql.NullInt64  `db:"updated_at"`
}

type UpsertQuotaParams 

type UpsertQuotaParams struct {
	WorkspaceID            string        `db:"workspace_id"`
	RequestsPerMonth       int64         `db:"requests_per_month"`
	AuditLogsRetentionDays int32         `db:"audit_logs_retention_days"`
	LogsRetentionDays      int32         `db:"logs_retention_days"`
	Team                   bool          `db:"team"`
	RatelimitApiLimit      sql.NullInt32 `db:"ratelimit_api_limit"`
	RatelimitApiDuration   sql.NullInt32 `db:"ratelimit_api_duration"`
}

type UpsertRegionParams 

type UpsertRegionParams struct {
	ID       string `db:"id"`
	Name     string `db:"name"`
	Platform string `db:"platform"`
}

type UpsertWorkspaceParams 

type UpsertWorkspaceParams struct {
	ID           string          `db:"id"`
	OrgID        string          `db:"org_id"`
	Name         string          `db:"name"`
	Slug         string          `db:"slug"`
	CreatedAtM   int64           `db:"created_at_m"`
	Tier         sql.NullString  `db:"tier"`
	BetaFeatures json.RawMessage `db:"beta_features"`
}

type VercelBinding 

type VercelBinding struct {
	Pk            uint64                     `db:"pk"`
	ID            string                     `db:"id"`
	IntegrationID string                     `db:"integration_id"`
	WorkspaceID   string                     `db:"workspace_id"`
	ProjectID     string                     `db:"project_id"`
	Environment   VercelBindingsEnvironment  `db:"environment"`
	ResourceID    string                     `db:"resource_id"`
	ResourceType  VercelBindingsResourceType `db:"resource_type"`
	VercelEnvID   string                     `db:"vercel_env_id"`
	LastEditedBy  string                     `db:"last_edited_by"`
	CreatedAtM    int64                      `db:"created_at_m"`
	UpdatedAtM    sql.NullInt64              `db:"updated_at_m"`
	DeletedAtM    sql.NullInt64              `db:"deleted_at_m"`
}

type VercelBindingsEnvironment 

type VercelBindingsEnvironment string
const (
	VercelBindingsEnvironmentDevelopment VercelBindingsEnvironment = "development"
	VercelBindingsEnvironmentPreview     VercelBindingsEnvironment = "preview"
	VercelBindingsEnvironmentProduction  VercelBindingsEnvironment = "production"
)

func (*VercelBindingsEnvironment) Scan 

func (e *VercelBindingsEnvironment) Scan(src interface{}) error

type VercelBindingsResourceType 

type VercelBindingsResourceType string
const (
	VercelBindingsResourceTypeRootKey VercelBindingsResourceType = "rootKey"
	VercelBindingsResourceTypeApiId   VercelBindingsResourceType = "apiId"
)

func (*VercelBindingsResourceType) Scan 

func (e *VercelBindingsResourceType) Scan(src interface{}) error

type VercelIntegration 

type VercelIntegration struct {
	Pk          uint64         `db:"pk"`
	ID          string         `db:"id"`
	WorkspaceID string         `db:"workspace_id"`
	TeamID      sql.NullString `db:"team_id"`
	AccessToken string         `db:"access_token"`
	CreatedAtM  int64          `db:"created_at_m"`
	UpdatedAtM  sql.NullInt64  `db:"updated_at_m"`
	DeletedAtM  sql.NullInt64  `db:"deleted_at_m"`
}

type Workspace 

type Workspace struct {
	Pk                   uint64          `db:"pk"`
	ID                   string          `db:"id"`
	OrgID                string          `db:"org_id"`
	Name                 string          `db:"name"`
	Slug                 string          `db:"slug"`
	K8sNamespace         sql.NullString  `db:"k8s_namespace"`
	Tier                 sql.NullString  `db:"tier"`
	StripeCustomerID     sql.NullString  `db:"stripe_customer_id"`
	StripeSubscriptionID sql.NullString  `db:"stripe_subscription_id"`
	BetaFeatures         json.RawMessage `db:"beta_features"`
	Subscriptions        []byte          `db:"subscriptions"`
	Enabled              bool            `db:"enabled"`
	DeleteProtection     sql.NullBool    `db:"delete_protection"`
	CreatedAtM           int64           `db:"created_at_m"`
	UpdatedAtM           sql.NullInt64   `db:"updated_at_m"`
	DeletedAtM           sql.NullInt64   `db:"deleted_at_m"`
}

Source Files

View all Source files

Directories

Path Synopsis
plugins
bulk-insert command
Package main provides a sqlc plugin that generates bulk insert functions.
 Package main provides a sqlc plugin that generates bulk insert functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.