cloud/{apigw,lib/component}: add cockroachdb client, sample schema
This sets up some boilerplate to connect to CockroachDB servers,
including test in-memory servers.
We also add a first pass apigw user table schema, as the first user of
this new functionality. We exercise that, in turn, in a test.
We also rename component.Configuration to component.ComponentConfig.
There's a stutter in there, but it makes sense with
component.CockroachConfig alongside.
Change-Id: I76691146b87ce135d60db179b3f51eee16525df7
Reviewed-on: https://review.monogon.dev/c/monogon/+/912
Reviewed-by: Leopold Schabel <leo@monogon.tech>
Vouch-Run-CI: Leopold Schabel <leo@monogon.tech>
Tested-by: Jenkins CI
diff --git a/cloud/apigw/model/migrations/1663155947_initial.up.sql b/cloud/apigw/model/migrations/1663155947_initial.up.sql
new file mode 100644
index 0000000..4812e00
--- /dev/null
+++ b/cloud/apigw/model/migrations/1663155947_initial.up.sql
@@ -0,0 +1,17 @@
+CREATE TABLE accounts (
+ -- Internal account ID. Never changes.
+ account_id UUID NOT NULL DEFAULT gen_random_uuid() PRIMARY KEY,
+
+ -- Identity used to tied this account to OIDC.
+ -- OpenID Connect Core, 2. ID Token: “It MUST NOT exceed 255 ASCII
+ -- characters in length”.
+ account_oidc_sub STRING(255) NOT NULL UNIQUE,
+
+ --- Copy/cache of user data retrieved from OIDC IdP on login. Currently this
+ --- is only updated on first login, but we should find a way to trigger
+ --- a re-retrieval.
+ -- Display name preferred by user.
+ -- Self-limiting ourselves to 255 unicode codepoints here. This is also
+ -- supposedly what keycloak also defaults to for user attributes.
+ account_display_name STRING(255) NOT NULL
+);
\ No newline at end of file