refactor(cloud_hub): Mix in CloudAuthDatabase to the CloudHubDatabase (#290)

Instead of managing two database classes, merge Cloud Auth tables and accessors into the main `CloudHubDatabase` class.

Adds E2E tests as well.

Author: dnys1

services/celest_cloud_hub/bin/cloud_hub.dart

@@ -34,20 +34,6 @@ Future<void> main() async {
 
   context.logger.config('Starting Cloud Hub');
 
-  context.logger.config('Configuring Auth database');
-  final authDb = await connect(
-    Context.current,
-    name: 'AuthDatabase',
-    factory: AuthDatabase.new,
-    hostnameVariable: const env('AUTH_DATABASE_HOST'),
-    tokenSecret: const secret('AUTH_DATABASE_TOKEN'),
-  );
-  await authDb.ping();
-
-  final issuer = EntityUid.of('Celest::Service', 'cloud-hub');
-  final authorizer = Authorizer(db: authDb);
-  final cryptoKeys = await CryptoKeyRepository.create(db: authDb);
-
   context.logger.config('Configuring Cloud Hub database');
   final db = await connect(
     Context.current,
@@ -59,9 +45,13 @@ Future<void> main() async {
   );
   await db.ping();
 
+  final issuer = EntityUid.of('Celest::Service', 'cloud-hub');
+  final authorizer = Authorizer(db: db);
+  final cryptoKeys = await CryptoKeyRepository.create(db: db);
+
   final authMiddleware = AuthorizationMiddleware(
-    corks: CorksRepository(issuer: issuer, db: authDb, cryptoKeys: cryptoKeys),
-    db: authDb,
+    corks: CorksRepository(issuer: issuer, db: db, cryptoKeys: cryptoKeys),
+    db: db.cloudAuth,
   );
 
   final server = grpc.Server.create(
@@ -91,7 +81,7 @@ Future<void> main() async {
   );
 
   final gateway = await Gateway.create(
-    authDb: authDb,
+    db: db,
     grpcAddress: grpcAddress,
     port: switch (Platform.environment['PORT']) {
       final port? =>
@@ -117,7 +107,7 @@ Future<void> main() async {
     },
   );
 
-  context.logger.info('Serving on http://0.0.0.0:${gateway.port}');
+  print('Serving on http://0.0.0.0:${gateway.port}');
 
   final signal =
       await StreamGroup.merge([
@@ -128,7 +118,6 @@ Future<void> main() async {
 
   await server.shutdown();
   await gateway.close();
-  await authDb.close();
   await db.close();
   context.logger.fine('Server stopped');
 }

services/celest_cloud_hub/build.yaml

@@ -2,11 +2,22 @@ targets:
   $default:
     builders:
       drift_dev:
-        options:
+        # disable drift's default builder, we're using the modular setup
+        # instead.
+        enabled: false
+
+      # Instead, enable drift_dev:analyzer and drift_dev:modular manually:
+      drift_dev:analyzer:
+        enabled: true
+        options: &options
           sql:
             dialect: sqlite
             options:
               version: "3.38"
 
           named_parameters: true
           store_date_time_values_as_text: false
+      drift_dev:modular:
+        enabled: true
+        # We use yaml anchors to give the two builders the same options
+        options: *options

services/celest_cloud_hub/lib/src/auth/auth_interceptor.dart

@@ -1,7 +1,6 @@
-import 'package:cedar/cedar.dart';
+import 'package:celest_cloud_auth/celest_cloud_auth.dart';
 import 'package:celest_cloud_auth/src/authorization/corks_repository.dart';
 import 'package:celest_cloud_auth/src/context.dart';
-import 'package:celest_cloud_auth/src/database/auth_database.dart';
 import 'package:celest_cloud_auth/src/model/cookie.dart';
 import 'package:celest_cloud_auth/src/model/interop.dart';
 import 'package:celest_core/celest_core.dart' as core;
@@ -11,7 +10,7 @@ import 'package:corks_cedar/corks_cedar.dart';
 import 'package:grpc/grpc.dart';
 import 'package:meta/meta.dart';
 
-typedef _Deps = ({CorksRepository corks, AuthDatabase db});
+typedef _Deps = ({CorksRepository corks, CloudAuthDatabaseAccessors db});
 
 /// {@template celest_cloud_auth.request_authorizer}
 /// A middleware that authorizes requests based on the current policy set.
@@ -20,11 +19,11 @@ extension type AuthorizationMiddleware._(_Deps _deps) implements Object {
   /// {@macro celest_cloud_auth.request_authorizer}
   AuthorizationMiddleware({
     required CorksRepository corks,
-    required AuthDatabase db,
+    required CloudAuthDatabaseAccessors db,
   }) : this._((corks: corks, db: db));
 
   CorksRepository get _corks => _deps.corks;
-  AuthDatabase get _db => _deps.db;
+  CloudAuthDatabaseAccessors get _db => _deps.db;
 
   /// Authenticates the request and returns the user if the request is
   /// authorized.

services/celest_cloud_hub/lib/src/database/cloud_hub_database.dart

@@ -1,19 +1,41 @@
+import 'dart:io';
+
+import 'package:celest_cloud_auth/celest_cloud_auth.dart';
 import 'package:celest_cloud_hub/src/database/db_functions.dart';
-import 'package:celest_cloud_hub/src/model/lifecycle_state.dart';
+import 'package:celest_cloud_hub/src/project.dart';
 import 'package:drift/drift.dart';
 import 'package:drift/native.dart';
 
-part 'cloud_hub_database.g.dart';
+import 'cloud_hub_database.drift.dart';
 
 @DriftDatabase(
-  include: {'schema/operations.drift', 'schema/project_environments.drift'},
+  include: {
+    'schema/operations.drift',
+    'schema/project_environments.drift',
+
+    // Cloud Auth
+    ...CloudAuthDatabaseMixin.includes,
+  },
 )
-final class CloudHubDatabase extends _$CloudHubDatabase {
+final class CloudHubDatabase extends $CloudHubDatabase
+    with CloudAuthDatabaseMixin {
   CloudHubDatabase(super.e);
 
   CloudHubDatabase.memory()
     : this(NativeDatabase.memory(setup: (db) => db.addHelperFunctions()));
 
+  factory CloudHubDatabase.localFile(String path, {bool verbose = false}) {
+    return CloudHubDatabase(
+      NativeDatabase(
+        File(path),
+        logStatements: verbose,
+        setup: (db) => db.addHelperFunctions(),
+        cachePreparedStatements: true,
+        enableMigrations: true,
+      ),
+    );
+  }
+
   @override
   int get schemaVersion => 1;
 
@@ -22,6 +44,15 @@ final class CloudHubDatabase extends _$CloudHubDatabase {
     onCreate: (m) async {
       await m.createAll();
     },
+    onUpgrade: (m, from, to) async {
+      await cloudAuth.onUpgrade(m);
+    },
+    beforeOpen: (details) async {
+      if (details.wasCreated) {
+        await cloudAuth.seed();
+      }
+      await cloudAuth.upsertProject(project: project);
+    },
   );
 
   Future<void> ping() async {