Initial commit: Orchard content-addressable storage system

- Go server with Gin framework - PostgreSQL for metadata storage - MinIO/S3 for artifact storage with SHA256 content addressing - REST API for grove/tree/fruit operations - Web UI for managing artifacts - Docker Compose setup for local development
2025-12-04 10:14:49 -06:00
commit f8e9650de3
19 changed files with 3531 additions and 0 deletions
--- a/internal/models/models.go
+++ b/internal/models/models.go
@@ -0,0 +1,110 @@
+package models
+
+import (
+	"time"
+)
+
+// Fruit represents a content-addressable artifact identified by SHA256 hash
+type Fruit struct {
+	ID           string    `json:"id" db:"id"`                       // SHA256 hash
+	Size         int64     `json:"size" db:"size"`                   // Size in bytes
+	ContentType  string    `json:"content_type" db:"content_type"`   // MIME type
+	OriginalName string    `json:"original_name" db:"original_name"` // Original filename
+	CreatedAt    time.Time `json:"created_at" db:"created_at"`
+	CreatedBy    string    `json:"created_by" db:"created_by"`       // Harvester ID
+	RefCount     int       `json:"ref_count" db:"ref_count"`         // Reference count
+	S3Key        string    `json:"-" db:"s3_key"`                    // S3 object key
+}
+
+// Tree represents a named package within a grove
+type Tree struct {
+	ID          string    `json:"id" db:"id"`
+	GroveID     string    `json:"grove_id" db:"grove_id"`
+	Name        string    `json:"name" db:"name"`
+	Description string    `json:"description" db:"description"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at" db:"updated_at"`
+}
+
+// Grove represents a top-level project
+type Grove struct {
+	ID          string    `json:"id" db:"id"`
+	Name        string    `json:"name" db:"name"`
+	Description string    `json:"description" db:"description"`
+	IsPublic    bool      `json:"is_public" db:"is_public"`
+	CreatedAt   time.Time `json:"created_at" db:"created_at"`
+	UpdatedAt   time.Time `json:"updated_at" db:"updated_at"`
+	CreatedBy   string    `json:"created_by" db:"created_by"`
+}
+
+// Graft represents an alias/tag pointing to a specific fruit
+type Graft struct {
+	ID        string    `json:"id" db:"id"`
+	TreeID    string    `json:"tree_id" db:"tree_id"`
+	Name      string    `json:"name" db:"name"`           // e.g., "latest", "v1.2.3", "stable"
+	FruitID   string    `json:"fruit_id" db:"fruit_id"`   // SHA256 of the fruit
+	CreatedAt time.Time `json:"created_at" db:"created_at"`
+	CreatedBy string    `json:"created_by" db:"created_by"`
+}
+
+// GraftHistory tracks changes to grafts for rollback capability
+type GraftHistory struct {
+	ID          string    `json:"id" db:"id"`
+	GraftID     string    `json:"graft_id" db:"graft_id"`
+	OldFruitID  string    `json:"old_fruit_id" db:"old_fruit_id"`
+	NewFruitID  string    `json:"new_fruit_id" db:"new_fruit_id"`
+	ChangedAt   time.Time `json:"changed_at" db:"changed_at"`
+	ChangedBy   string    `json:"changed_by" db:"changed_by"`
+}
+
+// Harvest represents metadata about an upload event
+type Harvest struct {
+	ID           string    `json:"id" db:"id"`
+	FruitID      string    `json:"fruit_id" db:"fruit_id"`
+	TreeID       string    `json:"tree_id" db:"tree_id"`
+	OriginalName string    `json:"original_name" db:"original_name"`
+	HarvestedAt  time.Time `json:"harvested_at" db:"harvested_at"`
+	HarvestedBy  string    `json:"harvested_by" db:"harvested_by"`
+	SourceIP     string    `json:"source_ip" db:"source_ip"`
+}
+
+// Consumer tracks which projects consume specific packages
+type Consumer struct {
+	ID         string    `json:"id" db:"id"`
+	TreeID     string    `json:"tree_id" db:"tree_id"`
+	ProjectURL string    `json:"project_url" db:"project_url"`
+	LastAccess time.Time `json:"last_access" db:"last_access"`
+	CreatedAt  time.Time `json:"created_at" db:"created_at"`
+}
+
+// AccessPermission defines grove-level access control
+type AccessPermission struct {
+	ID        string    `json:"id" db:"id"`
+	GroveID   string    `json:"grove_id" db:"grove_id"`
+	UserID    string    `json:"user_id" db:"user_id"`
+	Level     string    `json:"level" db:"level"` // read, write, admin
+	CreatedAt time.Time `json:"created_at" db:"created_at"`
+	ExpiresAt *time.Time `json:"expires_at,omitempty" db:"expires_at"`
+}
+
+// AuditLog tracks all operations for compliance
+type AuditLog struct {
+	ID        string    `json:"id" db:"id"`
+	Action    string    `json:"action" db:"action"`
+	Resource  string    `json:"resource" db:"resource"`
+	UserID    string    `json:"user_id" db:"user_id"`
+	Details   string    `json:"details" db:"details"` // JSON blob
+	Timestamp time.Time `json:"timestamp" db:"timestamp"`
+	SourceIP  string    `json:"source_ip" db:"source_ip"`
+}
+
+// APIKey for programmatic access
+type APIKey struct {
+	ID        string     `json:"id" db:"id"`
+	KeyHash   string     `json:"-" db:"key_hash"` // Hashed API key
+	Name      string     `json:"name" db:"name"`
+	UserID    string     `json:"user_id" db:"user_id"`
+	CreatedAt time.Time  `json:"created_at" db:"created_at"`
+	ExpiresAt *time.Time `json:"expires_at,omitempty" db:"expires_at"`
+	LastUsed  *time.Time `json:"last_used,omitempty" db:"last_used"`
+}