Change certificates.not_after and certificates.renew_retry to allow null values

2025-02-05 05:56:40 +00:00 · 2025-01-31 18:54:12 +00:00 · 2025-01-31 18:54:12 +00:00 · c373f18336
commit c373f18336
parent c247a50472
10 changed files with 63 additions and 29 deletions
--- a/database/certificate.sql.go
+++ b/database/certificate.sql.go
@ -1,6 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
-//   sqlc v1.25.0
+//   sqlc v1.28.0
 // source: certificate.sql

 package database
@ -19,7 +19,7 @@ VALUES (?, ?, ?, ?)
 type AddCertificateParams struct {
 	Owner     string        `json:"owner"`
 	Dns       sql.NullInt64 `json:"dns"`
-	NotAfter  time.Time     `json:"not_after"`
+	NotAfter  sql.NullTime  `json:"not_after"`
 	UpdatedAt time.Time     `json:"updated_at"`
 }

@ -75,7 +75,7 @@ FROM certificates AS cert
 WHERE cert.active = 1
  AND (cert.auto_renew = 1 OR cert.not_after IS NULL)
  AND cert.renewing = 0
-  AND DATETIME() > DATETIME(cert.renew_retry)
+  AND (cert.renew_retry IS NULL OR DATETIME() > DATETIME(cert.renew_retry))
  AND (cert.not_after IS NULL OR DATETIME(cert.not_after, 'utc', '-30 days') < DATETIME())
 ORDER BY cert.temp_parent, cert.not_after DESC NULLS FIRST
 LIMIT 1
@ -83,7 +83,7 @@ LIMIT 1

 type FindNextCertRow struct {
 	ID         int64          `json:"id"`
-	NotAfter   time.Time      `json:"not_after"`
+	NotAfter   sql.NullTime   `json:"not_after"`
 	Type       sql.NullString `json:"type"`
 	Token      sql.NullString `json:"token"`
 	TempParent sql.NullInt64  `json:"temp_parent"`
@ -116,14 +116,14 @@ FROM certificates AS cert
 `

 type FindOwnedCertsRow struct {
-	ID         int64     `json:"id"`
-	AutoRenew  bool      `json:"auto_renew"`
-	Active     bool      `json:"active"`
-	Renewing   bool      `json:"renewing"`
-	RenewRetry time.Time `json:"renew_retry"`
-	NotAfter   time.Time `json:"not_after"`
-	UpdatedAt  time.Time `json:"updated_at"`
-	Domain     string    `json:"domain"`
+	ID         int64        `json:"id"`
+	AutoRenew  bool         `json:"auto_renew"`
+	Active     bool         `json:"active"`
+	Renewing   bool         `json:"renewing"`
+	RenewRetry sql.NullTime `json:"renew_retry"`
+	NotAfter   sql.NullTime `json:"not_after"`
+	UpdatedAt  time.Time    `json:"updated_at"`
+	Domain     string       `json:"domain"`
 }

 func (q *Queries) FindOwnedCerts(ctx context.Context) ([]FindOwnedCertsRow, error) {
@ -190,9 +190,9 @@ WHERE id = ?
 `

 type UpdateCertAfterRenewalParams struct {
-	NotAfter  time.Time `json:"not_after"`
-	UpdatedAt time.Time `json:"updated_at"`
-	ID        int64     `json:"id"`
+	NotAfter  sql.NullTime `json:"not_after"`
+	UpdatedAt time.Time    `json:"updated_at"`
+	ID        int64        `json:"id"`
 }

 func (q *Queries) UpdateCertAfterRenewal(ctx context.Context, arg UpdateCertAfterRenewalParams) error {
@ -208,9 +208,9 @@ WHERE id = ?
 `

 type UpdateRenewingStateParams struct {
-	Renewing   bool      `json:"renewing"`
-	RenewRetry time.Time `json:"renew_retry"`
-	ID         int64     `json:"id"`
+	Renewing   bool         `json:"renewing"`
+	RenewRetry sql.NullTime `json:"renew_retry"`
+	ID         int64        `json:"id"`
 }

 func (q *Queries) UpdateRenewingState(ctx context.Context, arg UpdateRenewingStateParams) error {
--- a/database/certificate_domains.sql.go
+++ b/database/certificate_domains.sql.go
@ -1,6 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
-//   sqlc v1.25.0
+//   sqlc v1.28.0
 // source: certificate_domains.sql

 package database
--- a/database/db.go
+++ b/database/db.go
@ -1,6 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
-//   sqlc v1.25.0
+//   sqlc v1.28.0

 package database

--- a/database/migrations/20250131183447_null_not_after.down.sql
+++ b/database/migrations/20250131183447_null_not_after.down.sql
--- a/database/migrations/20250131183447_null_not_after.up.sql
+++ b/database/migrations/20250131183447_null_not_after.up.sql
@ -0,0 +1,29 @@
+-- null not after
+
+ALTER TABLE certificates
+    RENAME COLUMN not_after TO not_after_2;
+
+ALTER TABLE certificates
+    ADD COLUMN not_after DATETIME NULL;
+
+UPDATE certificates
+SET not_after = not_after_2
+WHERE not_after IS NULL;
+
+ALTER TABLE certificates
+    DROP COLUMN not_after_2;
+
+-- null renew retry
+
+ALTER TABLE certificates
+    RENAME COLUMN renew_retry TO renew_retry_2;
+
+ALTER TABLE certificates
+    ADD COLUMN renew_retry DATETIME NULL;
+
+UPDATE certificates
+SET renew_retry = renew_retry_2
+WHERE renew_retry IS NULL;
+
+ALTER TABLE certificates
+    DROP COLUMN renew_retry_2;
--- a/database/models.go
+++ b/database/models.go
@ -1,6 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
 // versions:
-//   sqlc v1.25.0
+//   sqlc v1.28.0

 package database

@ -16,10 +16,10 @@ type Certificate struct {
 	AutoRenew  bool          `json:"auto_renew"`
 	Active     bool          `json:"active"`
 	Renewing   bool          `json:"renewing"`
-	NotAfter   time.Time     `json:"not_after"`
+	NotAfter   sql.NullTime  `json:"not_after"`
 	UpdatedAt  time.Time     `json:"updated_at"`
 	TempParent sql.NullInt64 `json:"temp_parent"`
-	RenewRetry time.Time     `json:"renew_retry"`
+	RenewRetry sql.NullTime  `json:"renew_retry"`
 }

 type CertificateDomain struct {
--- a/database/queries/certificate.sql
+++ b/database/queries/certificate.sql
@ -5,7 +5,7 @@ FROM certificates AS cert
 WHERE cert.active = 1
  AND (cert.auto_renew = 1 OR cert.not_after IS NULL)
  AND cert.renewing = 0
-  AND DATETIME() > DATETIME(cert.renew_retry)
+  AND (cert.renew_retry IS NULL OR DATETIME() > DATETIME(cert.renew_retry))
  AND (cert.not_after IS NULL OR DATETIME(cert.not_after, 'utc', '-30 days') < DATETIME())
 ORDER BY cert.temp_parent, cert.not_after DESC NULLS FIRST
 LIMIT 1;
--- a/renewal/service.go
+++ b/renewal/service.go
@ -292,7 +292,7 @@ func (s *Service) findNextCertificateToRenew() (*localCertData, error) {
 	d.id = row.ID
 	d.dns.name = row.Type
 	d.dns.token = row.Token
-	d.notAfter = row.NotAfter
+	d.notAfter = row.NotAfter.Time
 	d.tempParent = row.TempParent

 	return d, nil
@ -412,7 +412,7 @@ func (s *Service) renewCert(localData *localCertData) error {

 	// set the NotAfter/NotBefore in the database
 	err = s.db.UpdateCertAfterRenewal(context.Background(), database.UpdateCertAfterRenewalParams{
-		NotAfter:  cert.NotAfter,
+		NotAfter:  sql.NullTime{Time: cert.NotAfter, Valid: true},
 		UpdatedAt: cert.NotBefore,
 		ID:        localData.id,
 	})
--- a/servers/api.go
+++ b/servers/api.go
@ -73,8 +73,8 @@ func NewApiServer(listen string, db *database.Queries, signer *mjwt.KeyStore, do
 				AutoRenew:  row.AutoRenew,
 				Active:     row.Active,
 				Renewing:   row.Renewing,
-				RenewRetry: row.RenewRetry,
-				NotAfter:   row.NotAfter,
+				RenewRetry: row.RenewRetry.Time,
+				NotAfter:   row.NotAfter.Time,
 				UpdatedAt:  row.UpdatedAt,
 			}
 			d := row.Domain
@ -136,7 +136,7 @@ func NewApiServer(listen string, db *database.Queries, signer *mjwt.KeyStore, do
 		err := db.AddCertificate(req.Context(), database.AddCertificateParams{
 			Owner:     b.Subject,
 			Dns:       sql.NullInt64{},
-			NotAfter:  time.Now(),
+			NotAfter:  sql.NullTime{Time: time.Now(), Valid: true},
 			UpdatedAt: time.Now(),
 		})
 		if err != nil {
--- a/sqlc.yaml
+++ b/sqlc.yaml
@ -8,3 +8,8 @@ sql:
        package: "database"
        out: "database"
        emit_json_tags: true
+        overrides:
+          - column: certificates.not_after
+            go_type: database/sql.NullTime
+          - column: certificates.renew_retry
+            go_type: database/sql.NullTime