From 3f5dcc81fd27a71066e3d689b1e4c56063c47aff Mon Sep 17 00:00:00 2001 From: Prem Palanisamy Date: Tue, 28 Apr 2026 15:57:41 +0100 Subject: [PATCH 1/3] Refactor migrations API to module style --- app/config/services.php | 2 +- app/controllers/api/migrations.php | 1277 ----------------- src/Appwrite/Platform/Appwrite.php | 2 + .../Http/Migrations/Appwrite/Create.php | 110 ++ .../Http/Migrations/Appwrite/Report/Get.php | 80 ++ .../Http/Migrations/CSV/Exports/Create.php | 213 +++ .../Http/Migrations/CSV/Imports/Create.php | 220 +++ .../Migrations/Http/Migrations/Delete.php | 74 + .../Http/Migrations/Firebase/Create.php | 114 ++ .../Http/Migrations/Firebase/Report/Get.php | 80 ++ .../Migrations/Http/Migrations/Get.php | 61 + .../Http/Migrations/JSON/Exports/Create.php | 198 +++ .../Http/Migrations/JSON/Imports/Create.php | 221 +++ .../Http/Migrations/NHost/Create.php | 122 ++ .../Http/Migrations/NHost/Report/Get.php | 86 ++ .../Http/Migrations/Supabase/Create.php | 120 ++ .../Http/Migrations/Supabase/Report/Get.php | 85 ++ .../Migrations/Http/Migrations/Update.php | 90 ++ .../Migrations/Http/Migrations/XList.php | 104 ++ .../Platform/Modules/Migrations/Module.php | 14 + .../Modules/Migrations/Services/Http.php | 59 + 21 files changed, 2054 insertions(+), 1278 deletions(-) delete mode 100644 app/controllers/api/migrations.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Report/Get.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Exports/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Imports/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Delete.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Report/Get.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Get.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Exports/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Imports/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Report/Get.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Create.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Report/Get.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Update.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Http/Migrations/XList.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Module.php create mode 100644 src/Appwrite/Platform/Modules/Migrations/Services/Http.php diff --git a/app/config/services.php b/app/config/services.php index 548f659a81..cf2714f8c5 100644 --- a/app/config/services.php +++ b/app/config/services.php @@ -286,7 +286,7 @@ return [ 'name' => 'Migrations', 'subtitle' => 'The Migrations service allows you to migrate third-party data to your Appwrite project.', 'description' => '/docs/services/migrations.md', - 'controller' => 'api/migrations.php', + 'controller' => '', // Uses modules 'sdk' => true, 'docs' => true, 'docsUrl' => 'https://appwrite.io/docs/migrations', diff --git a/app/controllers/api/migrations.php b/app/controllers/api/migrations.php deleted file mode 100644 index 7338197511..0000000000 --- a/app/controllers/api/migrations.php +++ /dev/null @@ -1,1277 +0,0 @@ - Transfer::GROUP_DATABASES_TABLES_DB, - DATABASE_TYPE_VECTORSDB => Transfer::GROUP_DATABASES_VECTOR_DB, - DATABASE_TYPE_DOCUMENTSDB => Transfer::GROUP_DATABASES_DOCUMENTS_DB, - default => throw new \LogicException('Unknown database type: ' . $databaseType), - }; -} - -function getDatabaseResourceType(string $databaseType): string -{ - return match($databaseType) { - DATABASE_TYPE_VECTORSDB => Resource::TYPE_DATABASE_VECTORSDB, - DATABASE_TYPE_DOCUMENTSDB => Resource::TYPE_DATABASE_DOCUMENTSDB, - default => Resource::TYPE_DATABASE, - }; -} - -Http::post('/v1/migrations/appwrite') - ->groups(['api', 'migrations']) - ->desc('Create Appwrite migration') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createAppwriteMigration', - description: '/docs/references/migrations/migration-appwrite.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(Appwrite::getSupportedResources())), 'List of resources to migrate') - ->param('endpoint', '', new URL(), 'Source Appwrite endpoint') - ->param('projectId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Source Project ID', false, ['dbForProject']) - ->param('apiKey', '', new Text(512), 'Source API Key') - ->inject('response') - ->inject('dbForProject') - ->inject('project') - ->inject('platform') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function (array $resources, string $endpoint, string $projectId, string $apiKey, Response $response, Database $dbForProject, Document $project, array $platform, Event $queueForEvents, MigrationPublisher $publisherForMigrations) { - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => ID::unique(), - 'status' => 'pending', - 'stage' => 'init', - 'source' => Appwrite::getName(), - 'destination' => Appwrite::getName(), - 'credentials' => [ - 'endpoint' => $endpoint, - 'projectId' => $projectId, - 'apiKey' => $apiKey, - ], - 'resources' => $resources, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - // Trigger Transfer - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::post('/v1/migrations/firebase') - ->groups(['api', 'migrations']) - ->desc('Create Firebase migration') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createFirebaseMigration', - description: '/docs/references/migrations/migration-firebase.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(Firebase::getSupportedResources())), 'List of resources to migrate') - ->param('serviceAccount', '', new Text(65536), 'JSON of the Firebase service account credentials') - ->inject('response') - ->inject('dbForProject') - ->inject('project') - ->inject('platform') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function (array $resources, string $serviceAccount, Response $response, Database $dbForProject, Document $project, array $platform, Event $queueForEvents, MigrationPublisher $publisherForMigrations) { - $serviceAccountData = json_decode($serviceAccount, true); - - if (empty($serviceAccountData)) { - throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); - } - - if (!isset($serviceAccountData['project_id']) || !isset($serviceAccountData['client_email']) || !isset($serviceAccountData['private_key'])) { - throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); - } - - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => ID::unique(), - 'status' => 'pending', - 'stage' => 'init', - 'source' => Firebase::getName(), - 'destination' => Appwrite::getName(), - 'credentials' => [ - 'serviceAccount' => $serviceAccount, - ], - 'resources' => $resources, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - // Trigger Transfer - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::post('/v1/migrations/supabase') - ->groups(['api', 'migrations']) - ->desc('Create Supabase migration') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createSupabaseMigration', - description: '/docs/references/migrations/migration-supabase.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(Supabase::getSupportedResources(), true)), 'List of resources to migrate') - ->param('endpoint', '', new URL(), 'Source\'s Supabase Endpoint') - ->param('apiKey', '', new Text(512), 'Source\'s API Key') - ->param('databaseHost', '', new Text(512), 'Source\'s Database Host') - ->param('username', '', new Text(512), 'Source\'s Database Username') - ->param('password', '', new Text(512), 'Source\'s Database Password') - ->param('port', 5432, new Integer(true), 'Source\'s Database Port', true) - ->inject('response') - ->inject('dbForProject') - ->inject('project') - ->inject('platform') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function (array $resources, string $endpoint, string $apiKey, string $databaseHost, string $username, string $password, int $port, Response $response, Database $dbForProject, Document $project, array $platform, Event $queueForEvents, MigrationPublisher $publisherForMigrations) { - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => ID::unique(), - 'status' => 'pending', - 'stage' => 'init', - 'source' => Supabase::getName(), - 'destination' => Appwrite::getName(), - 'credentials' => [ - 'endpoint' => $endpoint, - 'apiKey' => $apiKey, - 'databaseHost' => $databaseHost, - 'username' => $username, - 'password' => $password, - 'port' => $port, - ], - 'resources' => $resources, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - // Trigger Transfer - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::post('/v1/migrations/nhost') - ->groups(['api', 'migrations']) - ->desc('Create NHost migration') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createNHostMigration', - description: '/docs/references/migrations/migration-nhost.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(NHost::getSupportedResources())), 'List of resources to migrate') - ->param('subdomain', '', new Text(512), 'Source\'s Subdomain') - ->param('region', '', new Text(512), 'Source\'s Region') - ->param('adminSecret', '', new Text(512), 'Source\'s Admin Secret') - ->param('database', '', new Text(512), 'Source\'s Database Name') - ->param('username', '', new Text(512), 'Source\'s Database Username') - ->param('password', '', new Text(512), 'Source\'s Database Password') - ->param('port', 5432, new Integer(true), 'Source\'s Database Port', true) - ->inject('response') - ->inject('dbForProject') - ->inject('project') - ->inject('platform') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function (array $resources, string $subdomain, string $region, string $adminSecret, string $database, string $username, string $password, int $port, Response $response, Database $dbForProject, Document $project, array $platform, Event $queueForEvents, MigrationPublisher $publisherForMigrations) { - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => ID::unique(), - 'status' => 'pending', - 'stage' => 'init', - 'source' => NHost::getName(), - 'destination' => Appwrite::getName(), - 'credentials' => [ - 'subdomain' => $subdomain, - 'region' => $region, - 'adminSecret' => $adminSecret, - 'database' => $database, - 'username' => $username, - 'password' => $password, - 'port' => $port, - ], - 'resources' => $resources, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - // Trigger Transfer - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::post('/v1/migrations/csv/imports') - ->alias('/v1/migrations/csv') - ->groups(['api', 'migrations']) - ->desc('Import documents from a CSV') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createCSVImport', - description: '/docs/references/migrations/migration-csv-import.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('bucketId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](https://appwrite.io/docs/server/storage#createBucket).', false, ['dbForProject']) - ->param('fileId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'File ID.', false, ['dbForProject']) - ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database.') - ->param('internalFile', false, new Boolean(), 'Is the file stored in an internal bucket?', true) - ->inject('response') - ->inject('dbForProject') - ->inject('dbForPlatform') - ->inject('authorization') - ->inject('project') - ->inject('platform') - ->inject('deviceForFiles') - ->inject('deviceForMigrations') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function ( - string $bucketId, - string $fileId, - string $resourceId, - bool $internalFile, - Response $response, - Database $dbForProject, - Database $dbForPlatform, - Authorization $authorization, - Document $project, - array $platform, - Device $deviceForFiles, - Device $deviceForMigrations, - Event $queueForEvents, - MigrationPublisher $publisherForMigrations - ) { - $bucket = $authorization->skip(function () use ($internalFile, $dbForPlatform, $dbForProject, $bucketId) { - if ($internalFile) { - return $dbForPlatform->getDocument('buckets', 'default'); - } - return $dbForProject->getDocument('buckets', $bucketId); - }); - - if ($bucket->isEmpty()) { - throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); - } - - $file = $authorization->skip(fn () => $internalFile ? $dbForPlatform->getDocument('bucket_' . $bucket->getSequence(), $fileId) : $dbForProject->getDocument('bucket_' . $bucket->getSequence(), $fileId)); - if ($file->isEmpty()) { - throw new Exception(Exception::STORAGE_FILE_NOT_FOUND); - } - - $path = $file->getAttribute('path', ''); - if (!$deviceForFiles->exists($path)) { - throw new Exception(Exception::STORAGE_FILE_NOT_FOUND, 'File not found in ' . $path); - } - - // No encryption or compression on files above 20MB. - $hasEncryption = !empty($file->getAttribute('openSSLCipher')); - $compression = $file->getAttribute('algorithm', Compression::NONE); - $hasCompression = $compression !== Compression::NONE; - - $migrationId = ID::unique(); - $newPath = $deviceForMigrations->getPath($migrationId . '_' . $fileId . '.csv'); - - if ($hasEncryption || $hasCompression) { - $source = $deviceForFiles->read($path); - - if ($hasEncryption) { - $source = OpenSSL::decrypt( - $source, - $file->getAttribute('openSSLCipher'), - System::getEnv('_APP_OPENSSL_KEY_V' . $file->getAttribute('openSSLVersion')), - 0, - hex2bin($file->getAttribute('openSSLIV')), - hex2bin($file->getAttribute('openSSLTag')) - ); - } - - if ($hasCompression) { - switch ($compression) { - case Compression::ZSTD: - $source = (new Zstd())->decompress($source); - break; - case Compression::GZIP: - $source = (new GZIP())->decompress($source); - break; - } - } - - // Manual write after decryption and/or decompression - if (!$deviceForMigrations->write($newPath, $source, 'text/csv')) { - throw new \Exception('Unable to copy file'); - } - } elseif (!$deviceForFiles->transfer($path, $newPath, $deviceForMigrations)) { - throw new \Exception('Unable to copy file'); - } - - // getting databasetype - $resources = explode(':', $resourceId); - $databaseId = $resources[0]; - $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); - $databaseType = $database->getAttribute('type'); - if (!in_array($databaseType, CSV_ALLOWED_DATABASE_TYPES)) { - throw new Exception(Exception::MIGRATION_DATABASE_TYPE_UNSUPPORTED, 'Database type not supported for csv'); - } - $fileSize = $deviceForMigrations->getFileSize($newPath); - $resources = Transfer::extractServices([getDatabaseTransferResourceServices($databaseType)]); - $resourceType = getDatabaseResourceType($databaseType); - - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => $migrationId, - 'status' => 'pending', - 'stage' => 'init', - 'source' => CSV::getName(), - 'destination' => Appwrite::getName(), - 'resources' => $resources, - 'resourceId' => $resourceId, - 'resourceType' => $resourceType, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - 'options' => [ - 'path' => $newPath, - 'size' => $fileSize, - ], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::post('/v1/migrations/csv/exports') - ->groups(['api', 'migrations']) - ->desc('Export documents to CSV') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createCSVExport', - description: '/docs/references/migrations/migration-csv-export.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database to export.') - ->param('filename', '', new Text(255), 'The name of the file to be created for the export, excluding the .csv extension.') - ->param('columns', [], new ArrayList(new Text(Database::LENGTH_KEY)), 'List of attributes to export. If empty, all attributes will be exported. You can use the `*` wildcard to export all attributes from the collection.', true) - ->param('queries', [], new ArrayList(new Text(0)), 'Array of query strings generated using the Query class provided by the SDK to filter documents to export. [Learn more about queries](https://appwrite.io/docs/databases#querying-documents). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' queries are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long.', true) - ->param('delimiter', ',', new Text(1), 'The character that separates each column value. Default is comma.', true) - ->param('enclosure', '"', new Text(1), 'The character that encloses each column value. Default is double quotes.', true) - ->param('escape', '"', new Text(1), 'The escape character for the enclosure character. Default is double quotes.', true) - ->param('header', true, new Boolean(), 'Whether to include the header row with column names. Default is true.', true) - ->param('notify', true, new Boolean(), 'Set to true to receive an email when the export is complete. Default is true.', true) - ->inject('user') - ->inject('response') - ->inject('dbForProject') - ->inject('dbForPlatform') - ->inject('authorization') - ->inject('project') - ->inject('platform') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function ( - string $resourceId, - string $filename, - array $columns, - array $queries, - string $delimiter, - string $enclosure, - string $escape, - bool $header, - bool $notify, - Document $user, - Response $response, - Database $dbForProject, - Database $dbForPlatform, - Authorization $authorization, - Document $project, - array $platform, - Event $queueForEvents, - MigrationPublisher $publisherForMigrations - ) { - try { - $parsedQueries = Query::parseQueries($queries); - } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); - } - - $bucket = $authorization->skip(fn () => $dbForPlatform->getDocument('buckets', 'default')); - if ($bucket->isEmpty()) { - throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); - } - - [$databaseId, $collectionId] = \explode(':', $resourceId, 2); - if (empty($databaseId)) { - throw new Exception(Exception::DATABASE_NOT_FOUND); - } - if (empty($collectionId)) { - throw new Exception(Exception::COLLECTION_NOT_FOUND); - } - - $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); - if ($database->isEmpty()) { - throw new Exception(Exception::DATABASE_NOT_FOUND); - } - - $collection = $authorization->skip(fn () => $dbForProject->getDocument('database_' . $database->getSequence(), $collectionId)); - if ($collection->isEmpty()) { - throw new Exception(Exception::COLLECTION_NOT_FOUND); - } - - // getting databasetype - $resources = explode(':', $resourceId); - $databaseId = $resources[0]; - $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); - $databaseType = $database->getAttribute('type'); - if (!in_array($databaseType, CSV_ALLOWED_DATABASE_TYPES)) { - throw new Exception(Exception::MIGRATION_DATABASE_TYPE_UNSUPPORTED, 'Database type not supported for csv'); - } - - // Schemaless databases (DocumentsDB, VectorsDB) allow queries on dynamic fields - $isSchemaless = in_array($databaseType, [DATABASE_TYPE_DOCUMENTSDB, DATABASE_TYPE_VECTORSDB]); - - $validator = new Documents( - attributes: $collection->getAttribute('attributes', []), - indexes: $collection->getAttribute('indexes', []), - idAttributeType: $dbForProject->getAdapter()->getIdAttributeType(), - supportForAttributes: !$isSchemaless, - ); - - if (!$validator->isValid($parsedQueries)) { - throw new Exception(Exception::GENERAL_QUERY_INVALID, $validator->getDescription()); - } - - $resources = Transfer::extractServices([getDatabaseTransferResourceServices($databaseType)]); - $resourceType = getDatabaseResourceType($databaseType); - - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => ID::unique(), - 'status' => 'pending', - 'stage' => 'init', - 'source' => Appwrite::getName(), - 'destination' => CSV::getName(), - 'resources' => $resources, - 'resourceId' => $resourceId, - 'resourceType' => $resourceType, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - 'options' => [ - 'bucketId' => 'default', // Always use internal bucket - 'filename' => $filename, - 'columns' => $columns, - 'queries' => $queries, - 'delimiter' => $delimiter, - 'enclosure' => $enclosure, - 'escape' => $escape, - 'header' => $header, - 'notify' => $notify, - 'userInternalId' => $user->getSequence(), - ], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::post('/v1/migrations/json/imports') - ->groups(['api', 'migrations']) - ->desc('Import documents from a JSON') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createJSONImport', - description: '/docs/references/migrations/migration-json-import.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('bucketId', '', new UID(), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](https://appwrite.io/docs/server/storage#createBucket).') - ->param('fileId', '', new UID(), 'File ID.') - ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database.') - ->param('internalFile', false, new Boolean(), 'Is the file stored in an internal bucket?', true) - ->inject('response') - ->inject('dbForProject') - ->inject('dbForPlatform') - ->inject('authorization') - ->inject('project') - ->inject('platform') - ->inject('deviceForFiles') - ->inject('deviceForMigrations') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function ( - string $bucketId, - string $fileId, - string $resourceId, - bool $internalFile, - Response $response, - Database $dbForProject, - Database $dbForPlatform, - Authorization $authorization, - Document $project, - array $platform, - Device $deviceForFiles, - Device $deviceForMigrations, - Event $queueForEvents, - MigrationPublisher $publisherForMigrations - ) { - $bucket = $authorization->skip(function () use ($internalFile, $dbForPlatform, $dbForProject, $bucketId) { - if ($internalFile) { - return $dbForPlatform->getDocument('buckets', 'default'); - } - return $dbForProject->getDocument('buckets', $bucketId); - }); - - if ($bucket->isEmpty()) { - throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); - } - - $file = $authorization->skip(fn () => $internalFile ? $dbForPlatform->getDocument('bucket_' . $bucket->getSequence(), $fileId) : $dbForProject->getDocument('bucket_' . $bucket->getSequence(), $fileId)); - if ($file->isEmpty()) { - throw new Exception(Exception::STORAGE_FILE_NOT_FOUND); - } - - $path = $file->getAttribute('path', ''); - if (!$deviceForFiles->exists($path)) { - throw new Exception(Exception::STORAGE_FILE_NOT_FOUND, 'File not found in ' . $path); - } - - // No encryption or compression on files above 20MB. - $hasEncryption = !empty($file->getAttribute('openSSLCipher')); - $compression = $file->getAttribute('algorithm', Compression::NONE); - $hasCompression = $compression !== Compression::NONE; - - $migrationId = ID::unique(); - $newPath = $deviceForMigrations->getPath($migrationId . '_' . $fileId . '.json'); - - if ($hasEncryption || $hasCompression) { - $source = $deviceForFiles->read($path); - - if ($hasEncryption) { - $source = OpenSSL::decrypt( - $source, - $file->getAttribute('openSSLCipher'), - System::getEnv('_APP_OPENSSL_KEY_V' . $file->getAttribute('openSSLVersion')), - 0, - hex2bin($file->getAttribute('openSSLIV')), - hex2bin($file->getAttribute('openSSLTag')) - ); - } - - if ($hasCompression) { - switch ($compression) { - case Compression::ZSTD: - $source = (new Zstd())->decompress($source); - break; - case Compression::GZIP: - $source = (new GZIP())->decompress($source); - break; - } - } - - // Manual write after decryption and/or decompression - if (!$deviceForMigrations->write($newPath, $source, 'application/json')) { - throw new \Exception('Unable to copy file'); - } - } elseif (!$deviceForFiles->transfer($path, $newPath, $deviceForMigrations)) { - throw new \Exception('Unable to copy file'); - } - - $fileSize = $deviceForMigrations->getFileSize($newPath); - - [$databaseId] = \explode(':', $resourceId, 2); - $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); - if ($database->isEmpty()) { - throw new Exception(Exception::DATABASE_NOT_FOUND); - } - $databaseType = $database->getAttribute('type'); - $resources = Transfer::extractServices([getDatabaseTransferResourceServices($databaseType)]); - $resourceType = getDatabaseResourceType($databaseType); - - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => $migrationId, - 'status' => 'pending', - 'stage' => 'init', - 'source' => JSON::getName(), - 'destination' => Appwrite::getName(), - 'resources' => $resources, - 'resourceId' => $resourceId, - 'resourceType' => $resourceType, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - 'options' => [ - 'path' => $newPath, - 'size' => $fileSize, - ], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::post('/v1/migrations/json/exports') - ->groups(['api', 'migrations']) - ->desc('Export documents to JSON') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].create') - ->label('audits.event', 'migration.create') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'createJSONExport', - description: '/docs/references/migrations/migration-json-export.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database to export.') - ->param('filename', '', new Text(255), 'The name of the file to be created for the export, excluding the .json extension.') - ->param('columns', [], new ArrayList(new Text(Database::LENGTH_KEY)), 'List of attributes to export. If empty, all attributes will be exported. You can use the `*` wildcard to export all attributes from the collection.', true) - ->param('queries', [], new ArrayList(new Text(0)), 'Array of query strings generated using the Query class provided by the SDK to filter documents to export. [Learn more about queries](https://appwrite.io/docs/databases#querying-documents). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' queries are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long.', true) - ->param('notify', true, new Boolean(), 'Set to true to receive an email when the export is complete. Default is true.', true) - ->inject('user') - ->inject('response') - ->inject('dbForProject') - ->inject('dbForPlatform') - ->inject('authorization') - ->inject('project') - ->inject('platform') - ->inject('queueForEvents') - ->inject('publisherForMigrations') - ->action(function ( - string $resourceId, - string $filename, - array $columns, - array $queries, - bool $notify, - Document $user, - Response $response, - Database $dbForProject, - Database $dbForPlatform, - Authorization $authorization, - Document $project, - array $platform, - Event $queueForEvents, - MigrationPublisher $publisherForMigrations - ) { - try { - $parsedQueries = Query::parseQueries($queries); - } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); - } - - $bucket = $authorization->skip(fn () => $dbForPlatform->getDocument('buckets', 'default')); - if ($bucket->isEmpty()) { - throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); - } - - [$databaseId, $collectionId] = \explode(':', $resourceId, 2); - if (empty($databaseId)) { - throw new Exception(Exception::DATABASE_NOT_FOUND); - } - if (empty($collectionId)) { - throw new Exception(Exception::COLLECTION_NOT_FOUND); - } - - $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); - if ($database->isEmpty()) { - throw new Exception(Exception::DATABASE_NOT_FOUND); - } - - $collection = $authorization->skip(fn () => $dbForProject->getDocument('database_' . $database->getSequence(), $collectionId)); - if ($collection->isEmpty()) { - throw new Exception(Exception::COLLECTION_NOT_FOUND); - } - - $databaseType = $database->getAttribute('type'); - - // Schemaless databases (DocumentsDB, VectorsDB) allow queries on dynamic fields - $isSchemaless = in_array($databaseType, [DATABASE_TYPE_DOCUMENTSDB, DATABASE_TYPE_VECTORSDB]); - - $validator = new Documents( - attributes: $collection->getAttribute('attributes', []), - indexes: $collection->getAttribute('indexes', []), - idAttributeType: $dbForProject->getAdapter()->getIdAttributeType(), - supportForAttributes: !$isSchemaless, - ); - - if (!$validator->isValid($parsedQueries)) { - throw new Exception(Exception::GENERAL_QUERY_INVALID, $validator->getDescription()); - } - - $resources = Transfer::extractServices([getDatabaseTransferResourceServices($databaseType)]); - $resourceType = getDatabaseResourceType($databaseType); - - $migration = $dbForProject->createDocument('migrations', new Document([ - '$id' => ID::unique(), - 'status' => 'pending', - 'stage' => 'init', - 'source' => Appwrite::getName(), - 'destination' => JSON::getName(), - 'resources' => $resources, - 'resourceId' => $resourceId, - 'resourceType' => $resourceType, - 'statusCounters' => '{}', - 'resourceData' => '{}', - 'errors' => [], - 'options' => [ - 'bucketId' => 'default', // Always use internal bucket - 'filename' => $filename, - 'columns' => $columns, - 'queries' => $queries, - 'notify' => $notify, - 'userInternalId' => $user->getSequence(), - ], - ])); - - $queueForEvents->setParam('migrationId', $migration->getId()); - - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response - ->setStatusCode(Response::STATUS_CODE_ACCEPTED) - ->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::get('/v1/migrations') - ->groups(['api', 'migrations']) - ->desc('List migrations') - ->label('scope', 'migrations.read') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'list', - description: '/docs/references/migrations/list-migrations.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_OK, - model: Response::MODEL_MIGRATION_LIST, - ) - ] - )) - ->param('queries', [], new Migrations(), 'Array of query strings generated using the Query class provided by the SDK. [Learn more about queries](https://appwrite.io/docs/databases#querying-documents). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' queries are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long. You may filter on the following attributes: ' . implode(', ', Migrations::ALLOWED_ATTRIBUTES), true) - ->param('search', '', new Text(256), 'Search term to filter your list results. Max length: 256 chars.', true) - ->param('total', true, new Boolean(true), 'When set to false, the total count returned will be 0 and will not be calculated.', true) - ->inject('response') - ->inject('dbForProject') - ->action(function (array $queries, string $search, bool $includeTotal, Response $response, Database $dbForProject) { - try { - $queries = Query::parseQueries($queries); - } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); - } - - if (!empty($search)) { - $queries[] = Query::search('search', $search); - } - - $cursor = Query::getCursorQueries($queries, false); - $cursor = \reset($cursor); - - if ($cursor !== false) { - $validator = new Cursor(); - if (!$validator->isValid($cursor)) { - throw new Exception(Exception::GENERAL_QUERY_INVALID, $validator->getDescription()); - } - - $migrationId = $cursor->getValue(); - $cursorDocument = $dbForProject->getDocument('migrations', $migrationId); - - if ($cursorDocument->isEmpty()) { - throw new Exception(Exception::GENERAL_CURSOR_NOT_FOUND, "Migration '{$migrationId}' for the 'cursor' value not found."); - } - - $cursor->setValue($cursorDocument); - } - - $filterQueries = Query::groupByType($queries)['filters']; - try { - $migrations = $dbForProject->find('migrations', $queries); - $total = $includeTotal ? $dbForProject->count('migrations', $filterQueries, APP_LIMIT_COUNT) : 0; - } catch (OrderException $e) { - throw new Exception(Exception::DATABASE_QUERY_ORDER_NULL, "The order attribute '{$e->getAttribute()}' had a null value. Cursor pagination requires all documents order attribute values are non-null."); - } - $response->dynamic(new Document([ - 'migrations' => $migrations, - 'total' => $total, - ]), Response::MODEL_MIGRATION_LIST); - }); - -Http::get('/v1/migrations/:migrationId') - ->groups(['api', 'migrations']) - ->desc('Get migration') - ->label('scope', 'migrations.read') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'get', - description: '/docs/references/migrations/get-migration.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_OK, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('migrationId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Migration unique ID.', false, ['dbForProject']) - ->inject('response') - ->inject('dbForProject') - ->action(function (string $migrationId, Response $response, Database $dbForProject) { - $migration = $dbForProject->getDocument('migrations', $migrationId); - - if ($migration->isEmpty()) { - throw new Exception(Exception::MIGRATION_NOT_FOUND); - } - - $response->dynamic($migration, Response::MODEL_MIGRATION); - }); - -Http::get('/v1/migrations/appwrite/report') - ->groups(['api', 'migrations']) - ->desc('Get Appwrite migration report') - ->label('scope', 'migrations.write') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'getAppwriteReport', - description: '/docs/references/migrations/migration-appwrite-report.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_OK, - model: Response::MODEL_MIGRATION_REPORT, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(Appwrite::getSupportedResources())), 'List of resources to migrate') - ->param('endpoint', '', new URL(), "Source's Appwrite Endpoint") - ->param('projectID', '', new Text(512), "Source's Project ID") - ->param('key', '', new Text(512), "Source's API Key") - ->inject('response') - ->inject('getDatabasesDB') - ->action(function (array $resources, string $endpoint, string $projectID, string $key, Response $response, callable $getDatabasesDB) { - - try { - $appwrite = new Appwrite($projectID, $endpoint, $key, $getDatabasesDB); - $report = $appwrite->report($resources); - } catch (\Throwable $e) { - throw new Exception( - Exception::MIGRATION_PROVIDER_ERROR, - 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' - ); - } - - $response - ->setStatusCode(Response::STATUS_CODE_OK) - ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); - }); - -Http::get('/v1/migrations/firebase/report') - ->groups(['api', 'migrations']) - ->desc('Get Firebase migration report') - ->label('scope', 'migrations.write') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'getFirebaseReport', - description: '/docs/references/migrations/migration-firebase-report.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_OK, - model: Response::MODEL_MIGRATION_REPORT, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(Firebase::getSupportedResources())), 'List of resources to migrate') - ->param('serviceAccount', '', new Text(65536), 'JSON of the Firebase service account credentials') - ->inject('response') - ->action(function (array $resources, string $serviceAccount, Response $response) { - $serviceAccount = json_decode($serviceAccount, true); - - if (empty($serviceAccount)) { - throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); - } - - if (!isset($serviceAccount['project_id']) || !isset($serviceAccount['client_email']) || !isset($serviceAccount['private_key'])) { - throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); - } - - try { - $firebase = new Firebase($serviceAccount); - $report = $firebase->report($resources); - } catch (\Throwable $e) { - throw new Exception( - Exception::MIGRATION_PROVIDER_ERROR, - 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' - ); - } - - $response - ->setStatusCode(Response::STATUS_CODE_OK) - ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); - }); - -Http::get('/v1/migrations/supabase/report') - ->groups(['api', 'migrations']) - ->desc('Get Supabase migration report') - ->label('scope', 'migrations.write') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'getSupabaseReport', - description: '/docs/references/migrations/migration-supabase-report.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_OK, - model: Response::MODEL_MIGRATION_REPORT, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(Supabase::getSupportedResources(), true)), 'List of resources to migrate') - ->param('endpoint', '', new URL(), 'Source\'s Supabase Endpoint.') - ->param('apiKey', '', new Text(512), 'Source\'s API Key.') - ->param('databaseHost', '', new Text(512), 'Source\'s Database Host.') - ->param('username', '', new Text(512), 'Source\'s Database Username.') - ->param('password', '', new Text(512), 'Source\'s Database Password.') - ->param('port', 5432, new Integer(true), 'Source\'s Database Port.', true) - ->inject('response') - ->inject('dbForProject') - ->action(function (array $resources, string $endpoint, string $apiKey, string $databaseHost, string $username, string $password, int $port, Response $response) { - try { - $supabase = new Supabase($endpoint, $apiKey, $databaseHost, 'postgres', $username, $password, $port); - $report = $supabase->report($resources); - } catch (\Throwable $e) { - throw new Exception( - Exception::MIGRATION_PROVIDER_ERROR, - 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' - ); - } - - $response - ->setStatusCode(Response::STATUS_CODE_OK) - ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); - }); - -Http::get('/v1/migrations/nhost/report') - ->groups(['api', 'migrations']) - ->desc('Get NHost migration report') - ->label('scope', 'migrations.write') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'getNHostReport', - description: '/docs/references/migrations/migration-nhost-report.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_OK, - model: Response::MODEL_MIGRATION_REPORT, - ) - ] - )) - ->param('resources', [], new ArrayList(new WhiteList(NHost::getSupportedResources())), 'List of resources to migrate.') - ->param('subdomain', '', new Text(512), 'Source\'s Subdomain.') - ->param('region', '', new Text(512), 'Source\'s Region.') - ->param('adminSecret', '', new Text(512), 'Source\'s Admin Secret.') - ->param('database', '', new Text(512), 'Source\'s Database Name.') - ->param('username', '', new Text(512), 'Source\'s Database Username.') - ->param('password', '', new Text(512), 'Source\'s Database Password.') - ->param('port', 5432, new Integer(true), 'Source\'s Database Port.', true) - ->inject('response') - ->action(function (array $resources, string $subdomain, string $region, string $adminSecret, string $database, string $username, string $password, int $port, Response $response) { - try { - $nhost = new NHost($subdomain, $region, $adminSecret, $database, $username, $password, $port); - $report = $nhost->report($resources); - } catch (\Throwable $e) { - throw new Exception( - Exception::MIGRATION_PROVIDER_ERROR, - 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' - ); - } - - $response - ->setStatusCode(Response::STATUS_CODE_OK) - ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); - }); - -Http::patch('/v1/migrations/:migrationId') - ->groups(['api', 'migrations']) - ->desc('Update retry migration') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].retry') - ->label('audits.event', 'migration.retry') - ->label('audits.resource', 'migrations/{request.migrationId}') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'retry', - description: '/docs/references/migrations/retry-migration.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_ACCEPTED, - model: Response::MODEL_MIGRATION, - ) - ] - )) - ->param('migrationId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Migration unique ID.', false, ['dbForProject']) - ->inject('response') - ->inject('dbForProject') - ->inject('project') - ->inject('platform') - ->inject('publisherForMigrations') - ->action(function (string $migrationId, Response $response, Database $dbForProject, Document $project, array $platform, MigrationPublisher $publisherForMigrations) { - $migration = $dbForProject->getDocument('migrations', $migrationId); - - if ($migration->isEmpty()) { - throw new Exception(Exception::MIGRATION_NOT_FOUND); - } - - if ($migration->getAttribute('status') !== 'failed') { - throw new Exception(Exception::MIGRATION_IN_PROGRESS, 'Migration not failed yet'); - } - - $migration - ->setAttribute('status', 'pending') - ->setAttribute('dateUpdated', \time()); - - // Trigger Migration - $publisherForMigrations->enqueue(new MigrationMessage( - project: $project, - migration: $migration, - platform: $platform, - )); - - $response->noContent(); - }); - -Http::delete('/v1/migrations/:migrationId') - ->groups(['api', 'migrations']) - ->desc('Delete migration') - ->label('scope', 'migrations.write') - ->label('event', 'migrations.[migrationId].delete') - ->label('audits.event', 'migrationId.delete') - ->label('audits.resource', 'migrations/{request.migrationId}') - ->label('sdk', new Method( - namespace: 'migrations', - group: null, - name: 'delete', - description: '/docs/references/migrations/delete-migration.md', - auth: [AuthType::ADMIN], - responses: [ - new SDKResponse( - code: Response::STATUS_CODE_NOCONTENT, - model: Response::MODEL_NONE, - ) - ], - contentType: ContentType::NONE - )) - ->param('migrationId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Migration ID.', false, ['dbForProject']) - ->inject('response') - ->inject('dbForProject') - ->inject('queueForEvents') - ->action(function (string $migrationId, Response $response, Database $dbForProject, Event $queueForEvents) { - $migration = $dbForProject->getDocument('migrations', $migrationId); - - if ($migration->isEmpty()) { - throw new Exception(Exception::MIGRATION_NOT_FOUND); - } - - if (!$dbForProject->deleteDocument('migrations', $migration->getId())) { - throw new Exception(Exception::GENERAL_SERVER_ERROR, 'Failed to remove migration from DB'); - } - - $queueForEvents->setParam('migrationId', $migration->getId()); - - $response->noContent(); - }); diff --git a/src/Appwrite/Platform/Appwrite.php b/src/Appwrite/Platform/Appwrite.php index 06312d9cb2..88788b73fc 100644 --- a/src/Appwrite/Platform/Appwrite.php +++ b/src/Appwrite/Platform/Appwrite.php @@ -9,6 +9,7 @@ use Appwrite\Platform\Modules\Core; use Appwrite\Platform\Modules\Databases; use Appwrite\Platform\Modules\Functions; use Appwrite\Platform\Modules\Health; +use Appwrite\Platform\Modules\Migrations; use Appwrite\Platform\Modules\Project; use Appwrite\Platform\Modules\Projects; use Appwrite\Platform\Modules\Proxy; @@ -39,6 +40,7 @@ class Appwrite extends Platform $this->addModule(new Storage\Module()); $this->addModule(new VCS\Module()); $this->addModule(new Webhooks\Module()); + $this->addModule(new Migrations\Module()); $this->addModule(new Project\Module()); } } diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Create.php new file mode 100644 index 0000000000..006ab3ae90 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Create.php @@ -0,0 +1,110 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/appwrite') + ->desc('Create Appwrite migration') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createAppwriteMigration', + description: '/docs/references/migrations/migration-appwrite.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(AppwriteSource::getSupportedResources())), 'List of resources to migrate') + ->param('endpoint', '', new URL(), 'Source Appwrite endpoint') + ->param('projectId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Source Project ID', false, ['dbForProject']) + ->param('apiKey', '', new Text(512), 'Source API Key') + ->inject('response') + ->inject('dbForProject') + ->inject('project') + ->inject('platform') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + array $resources, + string $endpoint, + string $projectId, + string $apiKey, + Response $response, + Database $dbForProject, + Document $project, + array $platform, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => ID::unique(), + 'status' => 'pending', + 'stage' => 'init', + 'source' => AppwriteSource::getName(), + 'destination' => AppwriteSource::getName(), + 'credentials' => [ + 'endpoint' => $endpoint, + 'projectId' => $projectId, + 'apiKey' => $apiKey, + ], + 'resources' => $resources, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Report/Get.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Report/Get.php new file mode 100644 index 0000000000..32d8a62ec3 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Appwrite/Report/Get.php @@ -0,0 +1,80 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_GET) + ->setHttpPath('/v1/migrations/appwrite/report') + ->desc('Get Appwrite migration report') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'getAppwriteReport', + description: '/docs/references/migrations/migration-appwrite-report.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_OK, + model: Response::MODEL_MIGRATION_REPORT, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(AppwriteSource::getSupportedResources())), 'List of resources to migrate') + ->param('endpoint', '', new URL(), "Source's Appwrite Endpoint") + ->param('projectID', '', new Text(512), "Source's Project ID") + ->param('key', '', new Text(512), "Source's API Key") + ->inject('response') + ->inject('getDatabasesDB') + ->callback($this->action(...)); + } + + public function action( + array $resources, + string $endpoint, + string $projectID, + string $key, + Response $response, + callable $getDatabasesDB + ): void { + try { + $appwrite = new AppwriteSource($projectID, $endpoint, $key, $getDatabasesDB); + $report = $appwrite->report($resources); + } catch (\Throwable $e) { + throw new Exception( + Exception::MIGRATION_PROVIDER_ERROR, + 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' + ); + } + + $response + ->setStatusCode(Response::STATUS_CODE_OK) + ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Exports/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Exports/Create.php new file mode 100644 index 0000000000..0ab3cecf1a --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Exports/Create.php @@ -0,0 +1,213 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/csv/exports') + ->desc('Export documents to CSV') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createCSVExport', + description: '/docs/references/migrations/migration-csv-export.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database to export.') + ->param('filename', '', new Text(255), 'The name of the file to be created for the export, excluding the .csv extension.') + ->param('columns', [], new ArrayList(new Text(Database::LENGTH_KEY)), 'List of attributes to export. If empty, all attributes will be exported. You can use the `*` wildcard to export all attributes from the collection.', true) + ->param('queries', [], new ArrayList(new Text(0)), 'Array of query strings generated using the Query class provided by the SDK to filter documents to export. [Learn more about queries](https://appwrite.io/docs/databases#querying-documents). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' queries are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long.', true) + ->param('delimiter', ',', new Text(1), 'The character that separates each column value. Default is comma.', true) + ->param('enclosure', '"', new Text(1), 'The character that encloses each column value. Default is double quotes.', true) + ->param('escape', '"', new Text(1), 'The escape character for the enclosure character. Default is double quotes.', true) + ->param('header', true, new Boolean(), 'Whether to include the header row with column names. Default is true.', true) + ->param('notify', true, new Boolean(), 'Set to true to receive an email when the export is complete. Default is true.', true) + ->inject('user') + ->inject('response') + ->inject('dbForProject') + ->inject('dbForPlatform') + ->inject('authorization') + ->inject('project') + ->inject('platform') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + string $resourceId, + string $filename, + array $columns, + array $queries, + string $delimiter, + string $enclosure, + string $escape, + bool $header, + bool $notify, + Document $user, + Response $response, + Database $dbForProject, + Database $dbForPlatform, + Authorization $authorization, + Document $project, + array $platform, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + try { + $parsedQueries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + + $bucket = $authorization->skip(fn () => $dbForPlatform->getDocument('buckets', 'default')); + if ($bucket->isEmpty()) { + throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); + } + + [$databaseId, $collectionId] = \explode(':', $resourceId, 2); + if (empty($databaseId)) { + throw new Exception(Exception::DATABASE_NOT_FOUND); + } + if (empty($collectionId)) { + throw new Exception(Exception::COLLECTION_NOT_FOUND); + } + + $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); + if ($database->isEmpty()) { + throw new Exception(Exception::DATABASE_NOT_FOUND); + } + + $collection = $authorization->skip(fn () => $dbForProject->getDocument('database_' . $database->getSequence(), $collectionId)); + if ($collection->isEmpty()) { + throw new Exception(Exception::COLLECTION_NOT_FOUND); + } + + $databaseType = $database->getAttribute('type'); + if (!\in_array($databaseType, CSV_ALLOWED_DATABASE_TYPES)) { + throw new Exception(Exception::MIGRATION_DATABASE_TYPE_UNSUPPORTED, 'Database type not supported for csv'); + } + + // Schemaless databases (DocumentsDB, VectorsDB) allow queries on dynamic fields + $isSchemaless = \in_array($databaseType, [DATABASE_TYPE_DOCUMENTSDB, DATABASE_TYPE_VECTORSDB]); + + $validator = new Documents( + attributes: $collection->getAttribute('attributes', []), + indexes: $collection->getAttribute('indexes', []), + idAttributeType: $dbForProject->getAdapter()->getIdAttributeType(), + supportForAttributes: !$isSchemaless, + ); + + if (!$validator->isValid($parsedQueries)) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $validator->getDescription()); + } + + $resources = Transfer::extractServices([self::transferGroupForDatabaseType($databaseType)]); + $resourceType = self::resourceTypeForDatabaseType($databaseType); + + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => ID::unique(), + 'status' => 'pending', + 'stage' => 'init', + 'source' => AppwriteSource::getName(), + 'destination' => CSV::getName(), + 'resources' => $resources, + 'resourceId' => $resourceId, + 'resourceType' => $resourceType, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + 'options' => [ + 'bucketId' => 'default', // Always use internal bucket + 'filename' => $filename, + 'columns' => $columns, + 'queries' => $queries, + 'delimiter' => $delimiter, + 'enclosure' => $enclosure, + 'escape' => $escape, + 'header' => $header, + 'notify' => $notify, + 'userInternalId' => $user->getSequence(), + ], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } + + private static function transferGroupForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_LEGACY, + DATABASE_TYPE_TABLESDB => Transfer::GROUP_DATABASES_TABLES_DB, + DATABASE_TYPE_VECTORSDB => Transfer::GROUP_DATABASES_VECTOR_DB, + DATABASE_TYPE_DOCUMENTSDB => Transfer::GROUP_DATABASES_DOCUMENTS_DB, + default => throw new \LogicException('Unknown database type: ' . $databaseType), + }; + } + + private static function resourceTypeForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_VECTORSDB => Resource::TYPE_DATABASE_VECTORSDB, + DATABASE_TYPE_DOCUMENTSDB => Resource::TYPE_DATABASE_DOCUMENTSDB, + default => Resource::TYPE_DATABASE, + }; + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Imports/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Imports/Create.php new file mode 100644 index 0000000000..5cc21241c3 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/CSV/Imports/Create.php @@ -0,0 +1,220 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/csv/imports') + ->httpAlias('/v1/migrations/csv') + ->desc('Import documents from a CSV') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createCSVImport', + description: '/docs/references/migrations/migration-csv-import.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('bucketId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](https://appwrite.io/docs/server/storage#createBucket).', false, ['dbForProject']) + ->param('fileId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'File ID.', false, ['dbForProject']) + ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database.') + ->param('internalFile', false, new Boolean(), 'Is the file stored in an internal bucket?', true) + ->inject('response') + ->inject('dbForProject') + ->inject('dbForPlatform') + ->inject('authorization') + ->inject('project') + ->inject('platform') + ->inject('deviceForFiles') + ->inject('deviceForMigrations') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + string $bucketId, + string $fileId, + string $resourceId, + bool $internalFile, + Response $response, + Database $dbForProject, + Database $dbForPlatform, + Authorization $authorization, + Document $project, + array $platform, + Device $deviceForFiles, + Device $deviceForMigrations, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + $bucket = $authorization->skip(function () use ($internalFile, $dbForPlatform, $dbForProject, $bucketId) { + if ($internalFile) { + return $dbForPlatform->getDocument('buckets', 'default'); + } + return $dbForProject->getDocument('buckets', $bucketId); + }); + + if ($bucket->isEmpty()) { + throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); + } + + $file = $authorization->skip(fn () => $internalFile ? $dbForPlatform->getDocument('bucket_' . $bucket->getSequence(), $fileId) : $dbForProject->getDocument('bucket_' . $bucket->getSequence(), $fileId)); + if ($file->isEmpty()) { + throw new Exception(Exception::STORAGE_FILE_NOT_FOUND); + } + + $path = $file->getAttribute('path', ''); + if (!$deviceForFiles->exists($path)) { + throw new Exception(Exception::STORAGE_FILE_NOT_FOUND, 'File not found in ' . $path); + } + + // No encryption or compression on files above 20MB. + $hasEncryption = !empty($file->getAttribute('openSSLCipher')); + $compression = $file->getAttribute('algorithm', Compression::NONE); + $hasCompression = $compression !== Compression::NONE; + + $migrationId = ID::unique(); + $newPath = $deviceForMigrations->getPath($migrationId . '_' . $fileId . '.csv'); + + if ($hasEncryption || $hasCompression) { + $source = $deviceForFiles->read($path); + + if ($hasEncryption) { + $source = OpenSSL::decrypt( + $source, + $file->getAttribute('openSSLCipher'), + System::getEnv('_APP_OPENSSL_KEY_V' . $file->getAttribute('openSSLVersion')), + 0, + hex2bin($file->getAttribute('openSSLIV')), + hex2bin($file->getAttribute('openSSLTag')) + ); + } + + if ($hasCompression) { + switch ($compression) { + case Compression::ZSTD: + $source = (new Zstd())->decompress($source); + break; + case Compression::GZIP: + $source = (new GZIP())->decompress($source); + break; + } + } + + // Manual write after decryption and/or decompression + if (!$deviceForMigrations->write($newPath, $source, 'text/csv')) { + throw new \Exception('Unable to copy file'); + } + } elseif (!$deviceForFiles->transfer($path, $newPath, $deviceForMigrations)) { + throw new \Exception('Unable to copy file'); + } + + [$databaseId] = \explode(':', $resourceId, 2); + $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); + $databaseType = $database->getAttribute('type'); + if (!\in_array($databaseType, CSV_ALLOWED_DATABASE_TYPES)) { + throw new Exception(Exception::MIGRATION_DATABASE_TYPE_UNSUPPORTED, 'Database type not supported for csv'); + } + $fileSize = $deviceForMigrations->getFileSize($newPath); + $resources = Transfer::extractServices([self::transferGroupForDatabaseType($databaseType)]); + $resourceType = self::resourceTypeForDatabaseType($databaseType); + + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => $migrationId, + 'status' => 'pending', + 'stage' => 'init', + 'source' => CSV::getName(), + 'destination' => AppwriteSource::getName(), + 'resources' => $resources, + 'resourceId' => $resourceId, + 'resourceType' => $resourceType, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + 'options' => [ + 'path' => $newPath, + 'size' => $fileSize, + ], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } + + private static function transferGroupForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_LEGACY, + DATABASE_TYPE_TABLESDB => Transfer::GROUP_DATABASES_TABLES_DB, + DATABASE_TYPE_VECTORSDB => Transfer::GROUP_DATABASES_VECTOR_DB, + DATABASE_TYPE_DOCUMENTSDB => Transfer::GROUP_DATABASES_DOCUMENTS_DB, + default => throw new \LogicException('Unknown database type: ' . $databaseType), + }; + } + + private static function resourceTypeForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_VECTORSDB => Resource::TYPE_DATABASE_VECTORSDB, + DATABASE_TYPE_DOCUMENTSDB => Resource::TYPE_DATABASE_DOCUMENTSDB, + default => Resource::TYPE_DATABASE, + }; + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Delete.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Delete.php new file mode 100644 index 0000000000..f9c989b5bf --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Delete.php @@ -0,0 +1,74 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_DELETE) + ->setHttpPath('/v1/migrations/:migrationId') + ->desc('Delete migration') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].delete') + ->label('audits.event', 'migrationId.delete') + ->label('audits.resource', 'migrations/{request.migrationId}') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'delete', + description: '/docs/references/migrations/delete-migration.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_NOCONTENT, + model: Response::MODEL_NONE, + ) + ], + contentType: ContentType::NONE + )) + ->param('migrationId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Migration ID.', false, ['dbForProject']) + ->inject('response') + ->inject('dbForProject') + ->inject('queueForEvents') + ->callback($this->action(...)); + } + + public function action(string $migrationId, Response $response, Database $dbForProject, Event $queueForEvents): void + { + $migration = $dbForProject->getDocument('migrations', $migrationId); + + if ($migration->isEmpty()) { + throw new Exception(Exception::MIGRATION_NOT_FOUND); + } + + if (!$dbForProject->deleteDocument('migrations', $migration->getId())) { + throw new Exception(Exception::GENERAL_SERVER_ERROR, 'Failed to remove migration from DB'); + } + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $response->noContent(); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Create.php new file mode 100644 index 0000000000..a8347858b4 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Create.php @@ -0,0 +1,114 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/firebase') + ->desc('Create Firebase migration') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createFirebaseMigration', + description: '/docs/references/migrations/migration-firebase.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(Firebase::getSupportedResources())), 'List of resources to migrate') + ->param('serviceAccount', '', new Text(65536), 'JSON of the Firebase service account credentials') + ->inject('response') + ->inject('dbForProject') + ->inject('project') + ->inject('platform') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + array $resources, + string $serviceAccount, + Response $response, + Database $dbForProject, + Document $project, + array $platform, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + $serviceAccountData = json_decode($serviceAccount, true); + + if (empty($serviceAccountData)) { + throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); + } + + if (!isset($serviceAccountData['project_id']) || !isset($serviceAccountData['client_email']) || !isset($serviceAccountData['private_key'])) { + throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); + } + + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => ID::unique(), + 'status' => 'pending', + 'stage' => 'init', + 'source' => Firebase::getName(), + 'destination' => AppwriteSource::getName(), + 'credentials' => [ + 'serviceAccount' => $serviceAccount, + ], + 'resources' => $resources, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Report/Get.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Report/Get.php new file mode 100644 index 0000000000..ef8084795e --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Firebase/Report/Get.php @@ -0,0 +1,80 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_GET) + ->setHttpPath('/v1/migrations/firebase/report') + ->desc('Get Firebase migration report') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'getFirebaseReport', + description: '/docs/references/migrations/migration-firebase-report.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_OK, + model: Response::MODEL_MIGRATION_REPORT, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(Firebase::getSupportedResources())), 'List of resources to migrate') + ->param('serviceAccount', '', new Text(65536), 'JSON of the Firebase service account credentials') + ->inject('response') + ->callback($this->action(...)); + } + + public function action(array $resources, string $serviceAccount, Response $response): void + { + $serviceAccount = json_decode($serviceAccount, true); + + if (empty($serviceAccount)) { + throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); + } + + if (!isset($serviceAccount['project_id']) || !isset($serviceAccount['client_email']) || !isset($serviceAccount['private_key'])) { + throw new Exception(Exception::MIGRATION_PROVIDER_ERROR, 'Invalid Service Account JSON'); + } + + try { + $firebase = new Firebase($serviceAccount); + $report = $firebase->report($resources); + } catch (\Throwable $e) { + throw new Exception( + Exception::MIGRATION_PROVIDER_ERROR, + 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' + ); + } + + $response + ->setStatusCode(Response::STATUS_CODE_OK) + ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Get.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Get.php new file mode 100644 index 0000000000..14b40e2306 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Get.php @@ -0,0 +1,61 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_GET) + ->setHttpPath('/v1/migrations/:migrationId') + ->desc('Get migration') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.read') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'get', + description: '/docs/references/migrations/get-migration.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_OK, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('migrationId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Migration unique ID.', false, ['dbForProject']) + ->inject('response') + ->inject('dbForProject') + ->callback($this->action(...)); + } + + public function action(string $migrationId, Response $response, Database $dbForProject): void + { + $migration = $dbForProject->getDocument('migrations', $migrationId); + + if ($migration->isEmpty()) { + throw new Exception(Exception::MIGRATION_NOT_FOUND); + } + + $response->dynamic($migration, Response::MODEL_MIGRATION); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Exports/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Exports/Create.php new file mode 100644 index 0000000000..d968bd91f6 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Exports/Create.php @@ -0,0 +1,198 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/json/exports') + ->desc('Export documents to JSON') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createJSONExport', + description: '/docs/references/migrations/migration-json-export.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database to export.') + ->param('filename', '', new Text(255), 'The name of the file to be created for the export, excluding the .json extension.') + ->param('columns', [], new ArrayList(new Text(Database::LENGTH_KEY)), 'List of attributes to export. If empty, all attributes will be exported. You can use the `*` wildcard to export all attributes from the collection.', true) + ->param('queries', [], new ArrayList(new Text(0)), 'Array of query strings generated using the Query class provided by the SDK to filter documents to export. [Learn more about queries](https://appwrite.io/docs/databases#querying-documents). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' queries are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long.', true) + ->param('notify', true, new Boolean(), 'Set to true to receive an email when the export is complete. Default is true.', true) + ->inject('user') + ->inject('response') + ->inject('dbForProject') + ->inject('dbForPlatform') + ->inject('authorization') + ->inject('project') + ->inject('platform') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + string $resourceId, + string $filename, + array $columns, + array $queries, + bool $notify, + Document $user, + Response $response, + Database $dbForProject, + Database $dbForPlatform, + Authorization $authorization, + Document $project, + array $platform, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + try { + $parsedQueries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + + $bucket = $authorization->skip(fn () => $dbForPlatform->getDocument('buckets', 'default')); + if ($bucket->isEmpty()) { + throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); + } + + [$databaseId, $collectionId] = \explode(':', $resourceId, 2); + if (empty($databaseId)) { + throw new Exception(Exception::DATABASE_NOT_FOUND); + } + if (empty($collectionId)) { + throw new Exception(Exception::COLLECTION_NOT_FOUND); + } + + $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); + if ($database->isEmpty()) { + throw new Exception(Exception::DATABASE_NOT_FOUND); + } + + $collection = $authorization->skip(fn () => $dbForProject->getDocument('database_' . $database->getSequence(), $collectionId)); + if ($collection->isEmpty()) { + throw new Exception(Exception::COLLECTION_NOT_FOUND); + } + + $databaseType = $database->getAttribute('type'); + + // Schemaless databases (DocumentsDB, VectorsDB) allow queries on dynamic fields + $isSchemaless = \in_array($databaseType, [DATABASE_TYPE_DOCUMENTSDB, DATABASE_TYPE_VECTORSDB]); + + $validator = new Documents( + attributes: $collection->getAttribute('attributes', []), + indexes: $collection->getAttribute('indexes', []), + idAttributeType: $dbForProject->getAdapter()->getIdAttributeType(), + supportForAttributes: !$isSchemaless, + ); + + if (!$validator->isValid($parsedQueries)) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $validator->getDescription()); + } + + $resources = Transfer::extractServices([self::transferGroupForDatabaseType($databaseType)]); + $resourceType = self::resourceTypeForDatabaseType($databaseType); + + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => ID::unique(), + 'status' => 'pending', + 'stage' => 'init', + 'source' => AppwriteSource::getName(), + 'destination' => JSONSource::getName(), + 'resources' => $resources, + 'resourceId' => $resourceId, + 'resourceType' => $resourceType, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + 'options' => [ + 'bucketId' => 'default', // Always use internal bucket + 'filename' => $filename, + 'columns' => $columns, + 'queries' => $queries, + 'notify' => $notify, + 'userInternalId' => $user->getSequence(), + ], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } + + private static function transferGroupForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_LEGACY, + DATABASE_TYPE_TABLESDB => Transfer::GROUP_DATABASES_TABLES_DB, + DATABASE_TYPE_VECTORSDB => Transfer::GROUP_DATABASES_VECTOR_DB, + DATABASE_TYPE_DOCUMENTSDB => Transfer::GROUP_DATABASES_DOCUMENTS_DB, + default => throw new \LogicException('Unknown database type: ' . $databaseType), + }; + } + + private static function resourceTypeForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_VECTORSDB => Resource::TYPE_DATABASE_VECTORSDB, + DATABASE_TYPE_DOCUMENTSDB => Resource::TYPE_DATABASE_DOCUMENTSDB, + default => Resource::TYPE_DATABASE, + }; + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Imports/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Imports/Create.php new file mode 100644 index 0000000000..55081b2645 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/JSON/Imports/Create.php @@ -0,0 +1,221 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/json/imports') + ->desc('Import documents from a JSON') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createJSONImport', + description: '/docs/references/migrations/migration-json-import.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('bucketId', '', new UID(), 'Storage bucket unique ID. You can create a new storage bucket using the Storage service [server integration](https://appwrite.io/docs/server/storage#createBucket).') + ->param('fileId', '', new UID(), 'File ID.') + ->param('resourceId', null, new CompoundUID(), 'Composite ID in the format {databaseId:collectionId}, identifying a collection within a database.') + ->param('internalFile', false, new Boolean(), 'Is the file stored in an internal bucket?', true) + ->inject('response') + ->inject('dbForProject') + ->inject('dbForPlatform') + ->inject('authorization') + ->inject('project') + ->inject('platform') + ->inject('deviceForFiles') + ->inject('deviceForMigrations') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + string $bucketId, + string $fileId, + string $resourceId, + bool $internalFile, + Response $response, + Database $dbForProject, + Database $dbForPlatform, + Authorization $authorization, + Document $project, + array $platform, + Device $deviceForFiles, + Device $deviceForMigrations, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + $bucket = $authorization->skip(function () use ($internalFile, $dbForPlatform, $dbForProject, $bucketId) { + if ($internalFile) { + return $dbForPlatform->getDocument('buckets', 'default'); + } + return $dbForProject->getDocument('buckets', $bucketId); + }); + + if ($bucket->isEmpty()) { + throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND); + } + + $file = $authorization->skip(fn () => $internalFile ? $dbForPlatform->getDocument('bucket_' . $bucket->getSequence(), $fileId) : $dbForProject->getDocument('bucket_' . $bucket->getSequence(), $fileId)); + if ($file->isEmpty()) { + throw new Exception(Exception::STORAGE_FILE_NOT_FOUND); + } + + $path = $file->getAttribute('path', ''); + if (!$deviceForFiles->exists($path)) { + throw new Exception(Exception::STORAGE_FILE_NOT_FOUND, 'File not found in ' . $path); + } + + // No encryption or compression on files above 20MB. + $hasEncryption = !empty($file->getAttribute('openSSLCipher')); + $compression = $file->getAttribute('algorithm', Compression::NONE); + $hasCompression = $compression !== Compression::NONE; + + $migrationId = ID::unique(); + $newPath = $deviceForMigrations->getPath($migrationId . '_' . $fileId . '.json'); + + if ($hasEncryption || $hasCompression) { + $source = $deviceForFiles->read($path); + + if ($hasEncryption) { + $source = OpenSSL::decrypt( + $source, + $file->getAttribute('openSSLCipher'), + System::getEnv('_APP_OPENSSL_KEY_V' . $file->getAttribute('openSSLVersion')), + 0, + hex2bin($file->getAttribute('openSSLIV')), + hex2bin($file->getAttribute('openSSLTag')) + ); + } + + if ($hasCompression) { + switch ($compression) { + case Compression::ZSTD: + $source = (new Zstd())->decompress($source); + break; + case Compression::GZIP: + $source = (new GZIP())->decompress($source); + break; + } + } + + // Manual write after decryption and/or decompression + if (!$deviceForMigrations->write($newPath, $source, 'application/json')) { + throw new \Exception('Unable to copy file'); + } + } elseif (!$deviceForFiles->transfer($path, $newPath, $deviceForMigrations)) { + throw new \Exception('Unable to copy file'); + } + + $fileSize = $deviceForMigrations->getFileSize($newPath); + + [$databaseId] = \explode(':', $resourceId, 2); + $database = $authorization->skip(fn () => $dbForProject->getDocument('databases', $databaseId)); + if ($database->isEmpty()) { + throw new Exception(Exception::DATABASE_NOT_FOUND); + } + $databaseType = $database->getAttribute('type'); + $resources = Transfer::extractServices([self::transferGroupForDatabaseType($databaseType)]); + $resourceType = self::resourceTypeForDatabaseType($databaseType); + + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => $migrationId, + 'status' => 'pending', + 'stage' => 'init', + 'source' => JSONSource::getName(), + 'destination' => AppwriteSource::getName(), + 'resources' => $resources, + 'resourceId' => $resourceId, + 'resourceType' => $resourceType, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + 'options' => [ + 'path' => $newPath, + 'size' => $fileSize, + ], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } + + private static function transferGroupForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_LEGACY, + DATABASE_TYPE_TABLESDB => Transfer::GROUP_DATABASES_TABLES_DB, + DATABASE_TYPE_VECTORSDB => Transfer::GROUP_DATABASES_VECTOR_DB, + DATABASE_TYPE_DOCUMENTSDB => Transfer::GROUP_DATABASES_DOCUMENTS_DB, + default => throw new \LogicException('Unknown database type: ' . $databaseType), + }; + } + + private static function resourceTypeForDatabaseType(string $databaseType): string + { + return match ($databaseType) { + DATABASE_TYPE_VECTORSDB => Resource::TYPE_DATABASE_VECTORSDB, + DATABASE_TYPE_DOCUMENTSDB => Resource::TYPE_DATABASE_DOCUMENTSDB, + default => Resource::TYPE_DATABASE, + }; + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Create.php new file mode 100644 index 0000000000..fb97b1c16c --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Create.php @@ -0,0 +1,122 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/nhost') + ->desc('Create NHost migration') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createNHostMigration', + description: '/docs/references/migrations/migration-nhost.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(NHost::getSupportedResources())), 'List of resources to migrate') + ->param('subdomain', '', new Text(512), 'Source\'s Subdomain') + ->param('region', '', new Text(512), 'Source\'s Region') + ->param('adminSecret', '', new Text(512), 'Source\'s Admin Secret') + ->param('database', '', new Text(512), 'Source\'s Database Name') + ->param('username', '', new Text(512), 'Source\'s Database Username') + ->param('password', '', new Text(512), 'Source\'s Database Password') + ->param('port', 5432, new Integer(true), 'Source\'s Database Port', true) + ->inject('response') + ->inject('dbForProject') + ->inject('project') + ->inject('platform') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + array $resources, + string $subdomain, + string $region, + string $adminSecret, + string $database, + string $username, + string $password, + int $port, + Response $response, + Database $dbForProject, + Document $project, + array $platform, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => ID::unique(), + 'status' => 'pending', + 'stage' => 'init', + 'source' => NHost::getName(), + 'destination' => AppwriteSource::getName(), + 'credentials' => [ + 'subdomain' => $subdomain, + 'region' => $region, + 'adminSecret' => $adminSecret, + 'database' => $database, + 'username' => $username, + 'password' => $password, + 'port' => $port, + ], + 'resources' => $resources, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Report/Get.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Report/Get.php new file mode 100644 index 0000000000..964f2dc347 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/NHost/Report/Get.php @@ -0,0 +1,86 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_GET) + ->setHttpPath('/v1/migrations/nhost/report') + ->desc('Get NHost migration report') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'getNHostReport', + description: '/docs/references/migrations/migration-nhost-report.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_OK, + model: Response::MODEL_MIGRATION_REPORT, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(NHost::getSupportedResources())), 'List of resources to migrate.') + ->param('subdomain', '', new Text(512), 'Source\'s Subdomain.') + ->param('region', '', new Text(512), 'Source\'s Region.') + ->param('adminSecret', '', new Text(512), 'Source\'s Admin Secret.') + ->param('database', '', new Text(512), 'Source\'s Database Name.') + ->param('username', '', new Text(512), 'Source\'s Database Username.') + ->param('password', '', new Text(512), 'Source\'s Database Password.') + ->param('port', 5432, new Integer(true), 'Source\'s Database Port.', true) + ->inject('response') + ->callback($this->action(...)); + } + + public function action( + array $resources, + string $subdomain, + string $region, + string $adminSecret, + string $database, + string $username, + string $password, + int $port, + Response $response + ): void { + try { + $nhost = new NHost($subdomain, $region, $adminSecret, $database, $username, $password, $port); + $report = $nhost->report($resources); + } catch (\Throwable $e) { + throw new Exception( + Exception::MIGRATION_PROVIDER_ERROR, + 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' + ); + } + + $response + ->setStatusCode(Response::STATUS_CODE_OK) + ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Create.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Create.php new file mode 100644 index 0000000000..98b33e379d --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Create.php @@ -0,0 +1,120 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_POST) + ->setHttpPath('/v1/migrations/supabase') + ->desc('Create Supabase migration') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].create') + ->label('audits.event', 'migration.create') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'createSupabaseMigration', + description: '/docs/references/migrations/migration-supabase.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(Supabase::getSupportedResources(), true)), 'List of resources to migrate') + ->param('endpoint', '', new URL(), 'Source\'s Supabase Endpoint') + ->param('apiKey', '', new Text(512), 'Source\'s API Key') + ->param('databaseHost', '', new Text(512), 'Source\'s Database Host') + ->param('username', '', new Text(512), 'Source\'s Database Username') + ->param('password', '', new Text(512), 'Source\'s Database Password') + ->param('port', 5432, new Integer(true), 'Source\'s Database Port', true) + ->inject('response') + ->inject('dbForProject') + ->inject('project') + ->inject('platform') + ->inject('queueForEvents') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + array $resources, + string $endpoint, + string $apiKey, + string $databaseHost, + string $username, + string $password, + int $port, + Response $response, + Database $dbForProject, + Document $project, + array $platform, + Event $queueForEvents, + MigrationPublisher $publisherForMigrations + ): void { + $migration = $dbForProject->createDocument('migrations', new Document([ + '$id' => ID::unique(), + 'status' => 'pending', + 'stage' => 'init', + 'source' => Supabase::getName(), + 'destination' => AppwriteSource::getName(), + 'credentials' => [ + 'endpoint' => $endpoint, + 'apiKey' => $apiKey, + 'databaseHost' => $databaseHost, + 'username' => $username, + 'password' => $password, + 'port' => $port, + ], + 'resources' => $resources, + 'statusCounters' => '{}', + 'resourceData' => '{}', + 'errors' => [], + ])); + + $queueForEvents->setParam('migrationId', $migration->getId()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response + ->setStatusCode(Response::STATUS_CODE_ACCEPTED) + ->dynamic($migration, Response::MODEL_MIGRATION); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Report/Get.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Report/Get.php new file mode 100644 index 0000000000..423e611430 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Supabase/Report/Get.php @@ -0,0 +1,85 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_GET) + ->setHttpPath('/v1/migrations/supabase/report') + ->desc('Get Supabase migration report') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'getSupabaseReport', + description: '/docs/references/migrations/migration-supabase-report.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_OK, + model: Response::MODEL_MIGRATION_REPORT, + ) + ] + )) + ->param('resources', [], new ArrayList(new WhiteList(Supabase::getSupportedResources(), true)), 'List of resources to migrate') + ->param('endpoint', '', new URL(), 'Source\'s Supabase Endpoint.') + ->param('apiKey', '', new Text(512), 'Source\'s API Key.') + ->param('databaseHost', '', new Text(512), 'Source\'s Database Host.') + ->param('username', '', new Text(512), 'Source\'s Database Username.') + ->param('password', '', new Text(512), 'Source\'s Database Password.') + ->param('port', 5432, new Integer(true), 'Source\'s Database Port.', true) + ->inject('response') + ->callback($this->action(...)); + } + + public function action( + array $resources, + string $endpoint, + string $apiKey, + string $databaseHost, + string $username, + string $password, + int $port, + Response $response + ): void { + try { + $supabase = new Supabase($endpoint, $apiKey, $databaseHost, 'postgres', $username, $password, $port); + $report = $supabase->report($resources); + } catch (\Throwable $e) { + throw new Exception( + Exception::MIGRATION_PROVIDER_ERROR, + 'Unable to connect to the migration source. Please verify your credentials and ensure the source is reachable from this server. Check for network restrictions such as firewalls, IP allowlists, or outbound connectivity limits.' + ); + } + + $response + ->setStatusCode(Response::STATUS_CODE_OK) + ->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Update.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Update.php new file mode 100644 index 0000000000..8ecc53c2a3 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/Update.php @@ -0,0 +1,90 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_PATCH) + ->setHttpPath('/v1/migrations/:migrationId') + ->desc('Update retry migration') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.write') + ->label('event', 'migrations.[migrationId].retry') + ->label('audits.event', 'migration.retry') + ->label('audits.resource', 'migrations/{request.migrationId}') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'retry', + description: '/docs/references/migrations/retry-migration.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_ACCEPTED, + model: Response::MODEL_MIGRATION, + ) + ] + )) + ->param('migrationId', '', fn (Database $dbForProject) => new UID($dbForProject->getAdapter()->getMaxUIDLength()), 'Migration unique ID.', false, ['dbForProject']) + ->inject('response') + ->inject('dbForProject') + ->inject('project') + ->inject('platform') + ->inject('publisherForMigrations') + ->callback($this->action(...)); + } + + public function action( + string $migrationId, + Response $response, + Database $dbForProject, + Document $project, + array $platform, + MigrationPublisher $publisherForMigrations + ): void { + $migration = $dbForProject->getDocument('migrations', $migrationId); + + if ($migration->isEmpty()) { + throw new Exception(Exception::MIGRATION_NOT_FOUND); + } + + if ($migration->getAttribute('status') !== 'failed') { + throw new Exception(Exception::MIGRATION_IN_PROGRESS, 'Migration not failed yet'); + } + + $migration + ->setAttribute('status', 'pending') + ->setAttribute('dateUpdated', \time()); + + $publisherForMigrations->enqueue(new MigrationMessage( + project: $project, + migration: $migration, + platform: $platform, + )); + + $response->noContent(); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/XList.php b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/XList.php new file mode 100644 index 0000000000..1a1252be79 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Http/Migrations/XList.php @@ -0,0 +1,104 @@ +setHttpMethod(Action::HTTP_REQUEST_METHOD_GET) + ->setHttpPath('/v1/migrations') + ->desc('List migrations') + ->groups(['api', 'migrations']) + ->label('scope', 'migrations.read') + ->label('sdk', new Method( + namespace: 'migrations', + group: null, + name: 'list', + description: '/docs/references/migrations/list-migrations.md', + auth: [AuthType::ADMIN], + responses: [ + new SDKResponse( + code: Response::STATUS_CODE_OK, + model: Response::MODEL_MIGRATION_LIST, + ) + ] + )) + ->param('queries', [], new Migrations(), 'Array of query strings generated using the Query class provided by the SDK. [Learn more about queries](https://appwrite.io/docs/databases#querying-documents). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' queries are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long. You may filter on the following attributes: ' . implode(', ', Migrations::ALLOWED_ATTRIBUTES), true) + ->param('search', '', new Text(256), 'Search term to filter your list results. Max length: 256 chars.', true) + ->param('total', true, new Boolean(true), 'When set to false, the total count returned will be 0 and will not be calculated.', true) + ->inject('response') + ->inject('dbForProject') + ->callback($this->action(...)); + } + + public function action(array $queries, string $search, bool $includeTotal, Response $response, Database $dbForProject): void + { + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + + if (!empty($search)) { + $queries[] = Query::search('search', $search); + } + + $cursor = Query::getCursorQueries($queries, false); + $cursor = \reset($cursor); + + if ($cursor !== false) { + $validator = new Cursor(); + if (!$validator->isValid($cursor)) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $validator->getDescription()); + } + + $migrationId = $cursor->getValue(); + $cursorDocument = $dbForProject->getDocument('migrations', $migrationId); + + if ($cursorDocument->isEmpty()) { + throw new Exception(Exception::GENERAL_CURSOR_NOT_FOUND, "Migration '{$migrationId}' for the 'cursor' value not found."); + } + + $cursor->setValue($cursorDocument); + } + + $filterQueries = Query::groupByType($queries)['filters']; + try { + $migrations = $dbForProject->find('migrations', $queries); + $total = $includeTotal ? $dbForProject->count('migrations', $filterQueries, APP_LIMIT_COUNT) : 0; + } catch (OrderException $e) { + throw new Exception(Exception::DATABASE_QUERY_ORDER_NULL, "The order attribute '{$e->getAttribute()}' had a null value. Cursor pagination requires all documents order attribute values are non-null."); + } + + $response->dynamic(new Document([ + 'migrations' => $migrations, + 'total' => $total, + ]), Response::MODEL_MIGRATION_LIST); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Module.php b/src/Appwrite/Platform/Modules/Migrations/Module.php new file mode 100644 index 0000000000..6ec1e49a88 --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Module.php @@ -0,0 +1,14 @@ +addService('http', new Http()); + } +} diff --git a/src/Appwrite/Platform/Modules/Migrations/Services/Http.php b/src/Appwrite/Platform/Modules/Migrations/Services/Http.php new file mode 100644 index 0000000000..1e2c95a78b --- /dev/null +++ b/src/Appwrite/Platform/Modules/Migrations/Services/Http.php @@ -0,0 +1,59 @@ +type = Service::TYPE_HTTP; + + // Migrations + $this->addAction(ListMigrations::getName(), new ListMigrations()); + $this->addAction(GetMigration::getName(), new GetMigration()); + $this->addAction(UpdateMigration::getName(), new UpdateMigration()); + $this->addAction(DeleteMigration::getName(), new DeleteMigration()); + + // Appwrite source + $this->addAction(CreateAppwriteMigration::getName(), new CreateAppwriteMigration()); + $this->addAction(GetAppwriteReport::getName(), new GetAppwriteReport()); + + // Firebase source + $this->addAction(CreateFirebaseMigration::getName(), new CreateFirebaseMigration()); + $this->addAction(GetFirebaseReport::getName(), new GetFirebaseReport()); + + // Supabase source + $this->addAction(CreateSupabaseMigration::getName(), new CreateSupabaseMigration()); + $this->addAction(GetSupabaseReport::getName(), new GetSupabaseReport()); + + // NHost source + $this->addAction(CreateNHostMigration::getName(), new CreateNHostMigration()); + $this->addAction(GetNHostReport::getName(), new GetNHostReport()); + + // CSV import / export + $this->addAction(CreateCSVImport::getName(), new CreateCSVImport()); + $this->addAction(CreateCSVExport::getName(), new CreateCSVExport()); + + // JSON import / export + $this->addAction(CreateJSONImport::getName(), new CreateJSONImport()); + $this->addAction(CreateJSONExport::getName(), new CreateJSONExport()); + } +} From ec3aa2b54f0fc14365051ce6c203f6a11d54f533 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Wed, 29 Apr 2026 15:09:39 +0530 Subject: [PATCH 2/3] ci: share docker image via GHCR instead of upload-artifact The build job uploads the appwrite-dev image as an actions artifact (~hundreds of MB), and 30+ E2E test jobs all pull it concurrently with actions/download-artifact. GitHub Actions' artifact storage struggles with that many parallel downloads and intermittently fails with BlobNotFound or 'Artifact download failed after 5 retries'. Push the built image to ghcr.io//appwrite-dev: in the build job and pull from GHCR in each test job. GHCR handles parallel image fetches without throttling. Mirrors appwrite-labs/cloud#3906. --- .github/workflows/ci.yml | 150 ++++++++++++++++++++++++--------------- 1 file changed, 93 insertions(+), 57 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e521ac3771..8cc3b3e113 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,6 +7,7 @@ concurrency: env: COMPOSE_FILE: docker-compose.yml IMAGE: appwrite-dev + REGISTRY_IMAGE: ghcr.io/${{ github.repository }}/appwrite-dev K6_VERSION: '0.53.0' on: @@ -19,6 +20,10 @@ on: type: string default: '' +permissions: + contents: read + packages: write + jobs: dependencies: name: Checks / Dependencies @@ -258,32 +263,30 @@ jobs: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v4 - - name: Build Appwrite + - name: Build and push Appwrite uses: docker/build-push-action@v6 with: context: . - push: false - tags: ${{ env.IMAGE }} - load: true + push: true + tags: ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} cache-from: type=gha cache-to: type=gha,mode=max - outputs: type=docker,dest=/tmp/${{ env.IMAGE }}.tar target: development build-args: | DEBUG=false TESTING=true VERSION=dev - - name: Upload Docker Image - uses: actions/upload-artifact@v7 - with: - name: ${{ env.IMAGE }} - path: /tmp/${{ env.IMAGE }}.tar - retention-days: 1 - unit: name: Tests / Unit runs-on: ubuntu-latest @@ -291,26 +294,32 @@ jobs: permissions: contents: read pull-requests: write + packages: read steps: - name: checkout uses: actions/checkout@v6 - - name: Download Docker Image - uses: actions/download-artifact@v7 - with: - name: ${{ env.IMAGE }} - path: /tmp - - name: Login to Docker Hub uses: docker/login-action@v4 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Pull Docker Image + run: | + docker pull ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} + docker tag ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.IMAGE }} + - name: Load and Start Appwrite timeout-minutes: 5 run: | - docker load --input /tmp/${{ env.IMAGE }}.tar docker compose pull --quiet --ignore-buildable docker compose up -d --quiet-pull --wait @@ -338,26 +347,32 @@ jobs: permissions: contents: read pull-requests: write + packages: read steps: - name: checkout uses: actions/checkout@v6 - - name: Download Docker Image - uses: actions/download-artifact@v7 - with: - name: ${{ env.IMAGE }} - path: /tmp - - name: Login to Docker Hub uses: docker/login-action@v4 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Pull Docker Image + run: | + docker pull ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} + docker tag ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.IMAGE }} + - name: Load and Start Appwrite timeout-minutes: 5 run: | - docker load --input /tmp/${{ env.IMAGE }}.tar docker compose pull --quiet --ignore-buildable docker compose up -d --quiet-pull --wait @@ -396,6 +411,7 @@ jobs: permissions: contents: read pull-requests: write + packages: read strategy: fail-fast: false matrix: @@ -450,16 +466,10 @@ jobs: - name: Checkout repository uses: actions/checkout@v6 - - name: Download Docker Image - uses: actions/download-artifact@v7 - with: - name: ${{ env.IMAGE }} - path: /tmp - - name: Set environment run: | echo "_APP_OPTIONS_ROUTER_PROTECTION=enabled" >> $GITHUB_ENV - + if [ "${{ matrix.database }}" = "MariaDB" ]; then echo "COMPOSE_PROFILES=mariadb" >> $GITHUB_ENV echo "_APP_DB_ADAPTER=mariadb" >> $GITHUB_ENV @@ -483,6 +493,18 @@ jobs: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Pull Docker Image + run: | + docker pull ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} + docker tag ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.IMAGE }} + - name: Load and Start Appwrite timeout-minutes: 5 env: @@ -491,7 +513,6 @@ jobs: _APP_DATABASE_DOCUMENTSDB_SHARED_TABLES: ${{ matrix.mode != 'dedicated' && 'documentsdb_db_main' || '' }} _APP_DATABASE_VECTORSDB_SHARED_TABLES: ${{ matrix.mode != 'dedicated' && 'vectorsdb_db_main' || '' }} run: | - docker load --input /tmp/${{ env.IMAGE }}.tar docker compose pull --quiet --ignore-buildable docker compose up -d --quiet-pull --wait @@ -545,6 +566,7 @@ jobs: permissions: contents: read pull-requests: write + packages: read strategy: fail-fast: false matrix: @@ -555,18 +577,24 @@ jobs: with: fetch-depth: 1 - - name: Download Docker Image - uses: actions/download-artifact@v7 - with: - name: ${{ env.IMAGE }} - path: /tmp - - name: Login to Docker Hub uses: docker/login-action@v4 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Pull Docker Image + run: | + docker pull ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} + docker tag ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.IMAGE }} + - name: Load and Start Appwrite timeout-minutes: 5 env: @@ -575,7 +603,6 @@ jobs: _APP_DATABASE_DOCUMENTSDB_SHARED_TABLES: ${{ matrix.mode != 'dedicated' && 'documentsdb_db_main' || '' }} _APP_DATABASE_VECTORSDB_SHARED_TABLES: ${{ matrix.mode != 'dedicated' && 'vectorsdb_db_main' || '' }} run: | - docker load --input /tmp/${{ env.IMAGE }}.tar docker compose pull --quiet --ignore-buildable docker compose up -d --quiet-pull --wait @@ -606,6 +633,7 @@ jobs: permissions: contents: read pull-requests: write + packages: read strategy: fail-fast: false matrix: @@ -614,18 +642,24 @@ jobs: - name: Checkout repository uses: actions/checkout@v6 - - name: Download Docker Image - uses: actions/download-artifact@v7 - with: - name: ${{ env.IMAGE }} - path: /tmp - - name: Login to Docker Hub uses: docker/login-action@v4 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Pull Docker Image + run: | + docker pull ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} + docker tag ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.IMAGE }} + - name: Load and Start Appwrite timeout-minutes: 5 env: @@ -633,7 +667,6 @@ jobs: _APP_DATABASE_DOCUMENTSDB_SHARED_TABLES: ${{ matrix.mode != 'dedicated' && 'documentsdb_db_main' || '' }} _APP_DATABASE_VECTORSDB_SHARED_TABLES: ${{ matrix.mode != 'dedicated' && 'vectorsdb_db_main' || '' }} run: | - docker load --input /tmp/${{ env.IMAGE }}.tar docker compose pull --quiet --ignore-buildable docker compose up -d --quiet-pull --wait @@ -675,28 +708,31 @@ jobs: contents: read issues: write pull-requests: write + packages: read steps: - name: Checkout repository uses: actions/checkout@v6 with: fetch-depth: 1 - - name: Download Docker Image - uses: actions/download-artifact@v7 - with: - name: ${{ env.IMAGE }} - path: /tmp - - name: Login to Docker Hub uses: docker/login-action@v4 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Load Appwrite image + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Pull Appwrite image run: | - docker load --input /tmp/${{ env.IMAGE }}.tar - docker tag ${{ env.IMAGE }} ${{ env.IMAGE }}:after + docker pull ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} + docker tag ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.IMAGE }} + docker tag ${{ env.REGISTRY_IMAGE }}:${{ github.sha }} ${{ env.IMAGE }}:after - name: Setup k6 uses: grafana/setup-k6-action@ffe7d7290dfa715e48c2ccc924d068444c94bde2 From 701f557755046e934ef2082f3e39179c02deb8fc Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Wed, 29 Apr 2026 15:23:05 +0530 Subject: [PATCH 3/3] ci: clean up GHCR CI image after pipeline finishes Every CI run pushes ghcr.io//appwrite-dev: and nothing removes it. On an active repo with many PRs the GHCR storage grows without bound. Add a cleanup job that runs after all consumer jobs complete (always, even if some fail) and deletes the SHA-tagged package version via the Packages API. Addresses Greptile feedback on appwrite/appwrite#12176. --- .github/workflows/ci.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8cc3b3e113..3c644dbec5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -871,3 +871,29 @@ jobs: - name: Fail benchmark if: always() && steps.benchmark_after.outcome != 'success' run: exit 1 + + cleanup: + name: Cleanup GHCR Image + if: ${{ always() && github.event_name == 'pull_request' }} + needs: [build, unit, e2e_general, e2e_service, e2e_abuse, e2e_screenshots, benchmark] + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - name: Delete CI image from GHCR + continue-on-error: true + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + package_path="${GITHUB_REPOSITORY#*/}/appwrite-dev" + encoded_path="$(printf '%s' "$package_path" | jq -Rr @uri)" + version_id=$(gh api -H "Accept: application/vnd.github+json" \ + "/orgs/${GITHUB_REPOSITORY_OWNER}/packages/container/${encoded_path}/versions" \ + --jq ".[] | select(.metadata.container.tags | index(\"${GITHUB_SHA}\")) | .id") + if [ -n "$version_id" ]; then + gh api --method DELETE -H "Accept: application/vnd.github+json" \ + "/orgs/${GITHUB_REPOSITORY_OWNER}/packages/container/${encoded_path}/versions/${version_id}" + echo "Deleted ${package_path}:${GITHUB_SHA} (version ${version_id})" + else + echo "No GHCR version found for SHA ${GITHUB_SHA}" + fi