perf: bad get key performance by Flo4604 · Pull Request #3724 · unkeyed/unkey

Flo4604 · 2025-08-04T09:26:05Z

What does this PR do?

The query we used to find by either keyid or hash was bad for performance since mysql choose the wrong index and looked at the apis table first

this fixes that by being explicit by what we are searching for.

Type of change

Bug fix (non-breaking change which fixes an issue)
Chore (refactoring code, technical debt, workflow improvements)
Enhancement (small improvements)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to not work as expected)
This change requires a documentation update

How should this be tested?

Test A
Test B

Checklist

Required

Appreciated

If a UI change was made: Added a screen recording or screenshots to this PR
Updated the Unkey Docs if changes were necessary

Summary by CodeRabbit

Refactor
- Improved key lookup logic for API key management endpoints, streamlining queries to use more specific and efficient methods.
- Enhanced database queries for key retrieval to ensure only active, non-deleted keys and associated data are returned.
- Removed legacy and redundant code and queries, resulting in a cleaner and more maintainable backend.
Bug Fixes
- Ensured more accurate and reliable key validation by filtering out deleted keys and APIs.

No changes to user-facing workflows or interfaces.

changeset-bot · 2025-08-04T09:26:10Z

⚠️ No Changeset found

Latest commit: d58283e

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

vercel · 2025-08-04T09:26:10Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments

Name	Status	Preview	Comments	Updated (UTC)
dashboard	⬜️ Ignored (Inspect)	Visit Preview		Aug 4, 2025 9:46am
engineering	⬜️ Ignored (Inspect)	Visit Preview		Aug 4, 2025 9:46am

coderabbitai · 2025-08-04T09:26:14Z

📝 Walkthrough

Walkthrough

This change refactors key lookup logic across multiple API route handlers and database access layers. It replaces the previous flexible key lookup by ID or hash with more specific queries: FindLiveKeyByID and FindLiveKeyByHash. Several SQL queries, generated Go code, and related structs are updated or removed to align with this new approach, and some unused files are deleted.

Changes

Cohort / File(s)	Change Summary
API Route Handlers – Key Lookup Refactor `go/apps/api/routes/v2_keys_add_permissions/handler.go`, `go/apps/api/routes/v2_keys_add_roles/handler.go`, `go/apps/api/routes/v2_keys_delete_key/handler.go`, `go/apps/api/routes/v2_keys_get_key/handler.go`, `go/apps/api/routes/v2_keys_remove_permissions/handler.go`, `go/apps/api/routes/v2_keys_remove_roles/handler.go`, `go/apps/api/routes/v2_keys_set_permissions/handler.go`, `go/apps/api/routes/v2_keys_set_roles/handler.go`, `go/apps/api/routes/v2_keys_update_credits/handler.go`, `go/apps/api/routes/v2_keys_update_key/handler.go`, `go/apps/api/routes/v2_keys_whoami/handler.go`	All handlers now use `FindLiveKeyByID` or `FindLiveKeyByHash` for key retrieval, replacing `FindKeyByIdOrHash`. Associated parameter structs and imports are removed. Error handling and subsequent logic remain unchanged.
SQL Query and Generated Go Code – Key Lookup `go/pkg/db/key_find_by_hash.sql_generated.go`, `go/pkg/db/key_find_by_id.sql_generated.go`, `go/pkg/db/key_find_live_by_hash.sql_generated.go`, `go/pkg/db/key_find_live_by_id.sql_generated.go`, `go/pkg/db/querier_generated.go`	`FindKeyByIdOrHash` and its parameter/result structs are removed. New queries and result structs for `FindLiveKeyByID` and `FindLiveKeyByHash` are introduced, joining `keys`, `apis`, and `encrypted_keys` tables and filtering out deleted records. `FindKeyByHash` is updated to include joined data.
SQL Query Definitions `go/pkg/db/queries/key_find_by_hash.sql`, `go/pkg/db/queries/key_find_by_id.sql`, `go/pkg/db/queries/key_find_by_id_or_hash.sql`, `go/pkg/db/queries/key_find_live_by_hash.sql`, `go/pkg/db/queries/key_find_live_by_id.sql`	`key_find_by_id_or_hash.sql` is deleted. `key_find_by_hash.sql` is expanded to join more tables and filter deleted records. New queries for `FindLiveKeyByID` and `FindLiveKeyByHash` are added. `key_find_by_id.sql` is reformatted with table aliasing.
Deleted Generated Code – Branch and Ratelimit `go/pkg/db/branch_insert.sql_generated.go`, `go/pkg/db/branch_upsert.sql_generated.go`, `go/pkg/db/ratelimit_override_list_matches.sql_generated.go`	Removes generated files and associated parameter/result structs and functions for branch insert, branch upsert, and ratelimit override list matches, as they are no longer used.

Sequence Diagram(s)

sequenceDiagram
    participant API_Handler as API Handler
    participant DB as Database Layer

    API_Handler->>DB: FindLiveKeyByID(key_id) or FindLiveKeyByHash(hash)
    DB-->>API_Handler: Key + API + EncryptedKey data (if exists)
    API_Handler->>API_Handler: Continue processing with retrieved key

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

perkinsjr
mcstepp
MichaelUnkey
ogzhanolguncu
imeyer

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 88a26ad and d58283e.

📒 Files selected for processing (21)

go/apps/api/routes/v2_keys_add_permissions/handler.go (1 hunks)
go/apps/api/routes/v2_keys_add_roles/handler.go (1 hunks)
go/apps/api/routes/v2_keys_delete_key/handler.go (1 hunks)
go/apps/api/routes/v2_keys_get_key/handler.go (1 hunks)
go/apps/api/routes/v2_keys_remove_permissions/handler.go (1 hunks)
go/apps/api/routes/v2_keys_remove_roles/handler.go (1 hunks)
go/apps/api/routes/v2_keys_set_permissions/handler.go (1 hunks)
go/apps/api/routes/v2_keys_set_roles/handler.go (1 hunks)
go/apps/api/routes/v2_keys_update_credits/handler.go (3 hunks)
go/apps/api/routes/v2_keys_update_key/handler.go (1 hunks)
go/apps/api/routes/v2_keys_whoami/handler.go (1 hunks)
go/pkg/db/branch_insert.sql_generated.go (0 hunks)
go/pkg/db/branch_upsert.sql_generated.go (0 hunks)
go/pkg/db/key_find_by_id.sql_generated.go (1 hunks)
go/pkg/db/key_find_live_by_hash.sql_generated.go (3 hunks)
go/pkg/db/key_find_live_by_id.sql_generated.go (1 hunks)
go/pkg/db/querier_generated.go (2 hunks)
go/pkg/db/queries/key_find_by_id.sql (1 hunks)
go/pkg/db/queries/key_find_live_by_hash.sql (1 hunks)
go/pkg/db/queries/key_find_live_by_id.sql (1 hunks)
go/pkg/db/ratelimit_override_list_matches.sql_generated.go (0 hunks)

💤 Files with no reviewable changes (3)

go/pkg/db/branch_upsert.sql_generated.go
go/pkg/db/branch_insert.sql_generated.go
go/pkg/db/ratelimit_override_list_matches.sql_generated.go

🧰 Additional context used

📓 Path-based instructions (2)

**/*.go

📄 CodeRabbit Inference Engine (CLAUDE.md)

**/*.go: Follow comprehensive documentation guidelines for Go code as described in go/GO_DOCUMENTATION_GUIDELINES.md
Every public function/type in Go code must be documented
Prefer interfaces for testability in Go code
Use AIDEV-* comments for complex/important code in Go services

Files:

go/apps/api/routes/v2_keys_update_key/handler.go
go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_delete_key/handler.go
go/apps/api/routes/v2_keys_add_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_whoami/handler.go
go/apps/api/routes/v2_keys_update_credits/handler.go
go/apps/api/routes/v2_keys_get_key/handler.go
go/apps/api/routes/v2_keys_set_permissions/handler.go
go/pkg/db/key_find_by_id.sql_generated.go
go/pkg/db/key_find_live_by_id.sql_generated.go
go/pkg/db/querier_generated.go
go/apps/api/routes/v2_keys_remove_roles/handler.go
go/pkg/db/key_find_live_by_hash.sql_generated.go

**/*.{env,js,ts,go}

📄 CodeRabbit Inference Engine (CLAUDE.md)

All environment variables must follow the format: UNKEY_<SERVICE_NAME>_VARNAME

Files:

go/apps/api/routes/v2_keys_update_key/handler.go
go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_delete_key/handler.go
go/apps/api/routes/v2_keys_add_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_whoami/handler.go
go/apps/api/routes/v2_keys_update_credits/handler.go
go/apps/api/routes/v2_keys_get_key/handler.go
go/apps/api/routes/v2_keys_set_permissions/handler.go
go/pkg/db/key_find_by_id.sql_generated.go
go/pkg/db/key_find_live_by_id.sql_generated.go
go/pkg/db/querier_generated.go
go/apps/api/routes/v2_keys_remove_roles/handler.go
go/pkg/db/key_find_live_by_hash.sql_generated.go

🧠 Learnings (18)

📓 Common learnings

Learnt from: ogzhanolguncu
PR: unkeyed/unkey#2876
File: apps/dashboard/components/logs/datetime/constants.ts:96-96
Timestamp: 2025-02-06T17:41:47.228Z
Learning: In the Unkey codebase, avoid hardcoding IDs or indices that depend on array positions, as the arrays may be modified in the future. Instead, use methods like `find` with unique identifiers or properties to locate specific items.

Learnt from: chronark
PR: unkeyed/unkey#2693
File: apps/api/src/routes/v1_keys_updateKey.ts:350-368
Timestamp: 2024-11-29T15:15:47.308Z
Learning: In `apps/api/src/routes/v1_keys_updateKey.ts`, the code intentionally handles `externalId` and `ownerId` separately for clarity. The `ownerId` field will be removed in the future, simplifying the code.

Learnt from: Flo4604
PR: unkeyed/unkey#3631
File: go/pkg/db/bulk_keyring_insert.sql.go:23-25
Timestamp: 2025-07-17T14:24:20.403Z
Learning: In go/pkg/db/bulk_keyring_insert.sql.go and similar bulk insert generated files, hardcoded zero values for fields like size_approx and size_last_updated_at are intentional and reflect the original SQL query structure, not missing parameters.

Learnt from: ogzhanolguncu
PR: unkeyed/unkey#2872
File: apps/dashboard/lib/trpc/routers/ratelimit/createNamespace.ts:36-39
Timestamp: 2025-04-08T09:34:24.576Z
Learning: In the Unkey dashboard, when making database queries involving workspaces, use `ctx.workspace.id` directly instead of fetching the workspace separately for better performance and security.

📚 Learning: the v2 update identity endpoint (go/apps/api/routes/v2_identities_update_identity/handler.go) intent...

Learnt from: ogzhanolguncu
PR: unkeyed/unkey#3661
File: go/apps/api/routes/v2_identities_update_identity/handler.go:115-119
Timestamp: 2025-07-28T11:47:43.144Z
Learning: The v2 update identity endpoint (go/apps/api/routes/v2_identities_update_identity/handler.go) intentionally uses `ExternalId` field instead of the unified `Identity` field used in other v2 identity endpoints. This is because the update endpoint needs to both find by externalId and potentially update the externalId value, making the specific field name more appropriate than the generic `Identity` field.

Applied to files:

go/apps/api/routes/v2_keys_update_key/handler.go
go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_delete_key/handler.go
go/apps/api/routes/v2_keys_add_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_whoami/handler.go
go/apps/api/routes/v2_keys_update_credits/handler.go
go/apps/api/routes/v2_keys_get_key/handler.go
go/apps/api/routes/v2_keys_set_permissions/handler.go
go/apps/api/routes/v2_keys_remove_roles/handler.go

📚 Learning: in `apps/api/src/routes/v1_keys_updatekey.ts`, the code intentionally handles `externalid` and `owne...

Learnt from: chronark
PR: unkeyed/unkey#2693
File: apps/api/src/routes/v1_keys_updateKey.ts:350-368
Timestamp: 2024-11-29T15:15:47.308Z
Learning: In `apps/api/src/routes/v1_keys_updateKey.ts`, the code intentionally handles `externalId` and `ownerId` separately for clarity. The `ownerId` field will be removed in the future, simplifying the code.

Applied to files:

go/apps/api/routes/v2_keys_update_key/handler.go
go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_delete_key/handler.go
go/apps/api/routes/v2_keys_add_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_whoami/handler.go
go/apps/api/routes/v2_keys_update_credits/handler.go
go/apps/api/routes/v2_keys_get_key/handler.go
go/apps/api/routes/v2_keys_set_permissions/handler.go
go/pkg/db/querier_generated.go
go/apps/api/routes/v2_keys_remove_roles/handler.go

📚 Learning: in go/pkg/db/bulk_keyring_insert.sql.go and similar bulk insert generated files, hardcoded zero valu...

Learnt from: Flo4604
PR: unkeyed/unkey#3631
File: go/pkg/db/bulk_keyring_insert.sql.go:23-25
Timestamp: 2025-07-17T14:24:20.403Z
Learning: In go/pkg/db/bulk_keyring_insert.sql.go and similar bulk insert generated files, hardcoded zero values for fields like size_approx and size_last_updated_at are intentional and reflect the original SQL query structure, not missing parameters.

Applied to files:

go/apps/api/routes/v2_keys_update_key/handler.go
go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_delete_key/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/pkg/db/queries/key_find_live_by_id.sql
go/apps/api/routes/v2_keys_update_credits/handler.go
go/apps/api/routes/v2_keys_get_key/handler.go
go/pkg/db/queries/key_find_by_id.sql
go/pkg/db/key_find_by_id.sql_generated.go
go/pkg/db/queries/key_find_live_by_hash.sql
go/pkg/db/key_find_live_by_id.sql_generated.go
go/pkg/db/querier_generated.go
go/apps/api/routes/v2_keys_remove_roles/handler.go
go/pkg/db/key_find_live_by_hash.sql_generated.go

📚 Learning: in the `v1/keys.updatekey` endpoint, the server validates the refill configuration before checking i...

Learnt from: MichaelUnkey
PR: unkeyed/unkey#2114
File: apps/api/src/routes/v1_keys_updateKey.error.test.ts:0-0
Timestamp: 2024-09-27T15:20:05.475Z
Learning: In the `v1/keys.updateKey` endpoint, the server validates the refill configuration before checking if the key exists. Therefore, tests can assert validation errors without needing to create the key first.

Applied to files:

go/apps/api/routes/v2_keys_update_key/handler.go
go/apps/api/routes/v2_keys_add_permissions/handler.go
go/apps/api/routes/v2_keys_update_credits/handler.go
go/apps/api/routes/v2_keys_set_permissions/handler.go

📚 Learning: in the authorization roles refactor, the rolebasic type uses `roleid` as the property name for the r...

Learnt from: ogzhanolguncu
PR: unkeyed/unkey#3324
File: apps/dashboard/app/(app)/authorization/roles/components/table/components/actions/keys-table-action.popover.constants.tsx:17-18
Timestamp: 2025-06-19T11:48:05.070Z
Learning: In the authorization roles refactor, the RoleBasic type uses `roleId` as the property name for the role identifier, not `id`. This is consistent throughout the codebase in apps/dashboard/lib/trpc/routers/authorization/roles/query.ts.

Applied to files:

go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_remove_roles/handler.go

📚 Learning: the hydra package (go/pkg/hydra) is planned to be migrated from gorm to sqlc for database operations...

Learnt from: chronark
PR: unkeyed/unkey#3420
File: go/pkg/hydra/store/gorm/gorm.go:486-498
Timestamp: 2025-07-02T11:51:58.572Z
Learning: The Hydra package (go/pkg/hydra) is planned to be migrated from GORM to sqlc for database operations, which explains why raw SQL queries are acceptable in the current implementation.

Applied to files:

go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/pkg/db/queries/key_find_by_id.sql
go/pkg/db/key_find_by_id.sql_generated.go
go/pkg/db/key_find_live_by_id.sql_generated.go
go/apps/api/routes/v2_keys_remove_roles/handler.go
go/pkg/db/key_find_live_by_hash.sql_generated.go

📚 Learning: for debugging database replica usage in go/pkg/db/replica.go, it's acceptable to mark queryrowcontex...

Learnt from: Flo4604
PR: unkeyed/unkey#3606
File: go/pkg/db/replica.go:8-11
Timestamp: 2025-07-16T15:38:53.491Z
Learning: For debugging database replica usage in go/pkg/db/replica.go, it's acceptable to mark QueryRowContext operations as "success" even though SQL errors only surface during row.Scan() calls. The timing metrics are the primary concern for debugging replica performance patterns.

Applied to files:

go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_update_credits/handler.go
go/apps/api/routes/v2_keys_remove_roles/handler.go

📚 Learning: applies to **/*_test.go : organize go tests by http status codes...

Learnt from: CR
PR: unkeyed/unkey#0
File: CLAUDE.md:0-0
Timestamp: 2025-08-04T07:44:39.430Z
Learning: Applies to **/*_test.go : Organize Go tests by HTTP status codes

Applied to files:

go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_remove_roles/handler.go

📚 Learning: go/deploy/metald cannot currently import helpers from go/pkg/db because it is not yet part of the ma...

Learnt from: chronark
PR: unkeyed/unkey#3560
File: go/deploy/metald/internal/database/repository.go:0-0
Timestamp: 2025-07-15T14:59:30.212Z
Learning: go/deploy/metald cannot currently import helpers from go/pkg/db because it is not yet part of the main Go module; avoid suggesting such imports until the modules are unified.

Applied to files:

go/apps/api/routes/v2_keys_add_roles/handler.go
go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_set_roles/handler.go
go/apps/api/routes/v2_keys_remove_roles/handler.go

📚 Learning: in the unkey dashboard, when making database queries involving workspaces, use `ctx.workspace.id` di...

Learnt from: ogzhanolguncu
PR: unkeyed/unkey#2872
File: apps/dashboard/lib/trpc/routers/ratelimit/createNamespace.ts:36-39
Timestamp: 2025-04-08T09:34:24.576Z
Learning: In the Unkey dashboard, when making database queries involving workspaces, use `ctx.workspace.id` directly instead of fetching the workspace separately for better performance and security.

Applied to files:

go/apps/api/routes/v2_keys_remove_permissions/handler.go
go/apps/api/routes/v2_keys_add_permissions/handler.go
go/apps/api/routes/v2_keys_set_permissions/handler.go
go/pkg/db/key_find_by_id.sql_generated.go
go/apps/api/routes/v2_keys_remove_roles/handler.go
go/pkg/db/key_find_live_by_hash.sql_generated.go

📚 Learning: in the unkey codebase, input validation for api endpoints is handled at the openapi schema layer, wh...

Learnt from: chronark
PR: unkeyed/unkey#3560
File: go/apps/api/routes/v2_keys_create_key/handler.go:353-466
Timestamp: 2025-07-15T14:25:05.608Z
Learning: In the Unkey codebase, input validation for API endpoints is handled at the OpenAPI schema layer, which validates request fields like permission slugs (pattern: "^[a-zA-Z0-9_]+$", length: 1-100 characters) before requests reach the handler code. This validation occurs during the zen.BindBody call in handlers.

Applied to files:

go/apps/api/routes/v2_keys_add_permissions/handler.go

📚 Learning: in the unkey api openapi schema, the permissions query regex for the verifykey endpoint intentionall...

Learnt from: chronark
PR: unkeyed/unkey#3617
File: go/apps/api/openapi/openapi.yaml:3309-3312
Timestamp: 2025-07-16T17:51:57.297Z
Learning: In the Unkey API OpenAPI schema, the permissions query regex for the verifyKey endpoint intentionally allows all whitespace characters (including tabs and newlines) via `\s`. Do not flag this as an error in future reviews.

Applied to files:

go/apps/api/routes/v2_keys_add_permissions/handler.go

📚 Learning: in the unkey codebase, input validation for api endpoints is primarily handled through openapi schem...

Learnt from: Flo4604
PR: unkeyed/unkey#2955
File: go/apps/api/routes/v2_identities_create_identity/handler.go:162-202
Timestamp: 2025-03-19T09:25:59.751Z
Learning: In the Unkey codebase, input validation for API endpoints is primarily handled through OpenAPI schema validation, which occurs before requests reach the handler code. For example, in the identities.createIdentity endpoint, minimum values for ratelimit duration and limit are defined in the OpenAPI schema rather than duplicating these checks in the handler.

Applied to files:

go/apps/api/routes/v2_keys_add_permissions/handler.go

📚 Learning: in the unkey codebase, role and permission names are validated at the openapi schema layer with stri...

Learnt from: chronark
PR: unkeyed/unkey#3560
File: go/apps/api/routes/v2_keys_create_key/handler.go:468-581
Timestamp: 2025-07-15T14:47:20.490Z
Learning: In the Unkey codebase, role and permission names are validated at the OpenAPI schema layer with strict regex patterns: role names must match "^[a-zA-Z][a-zA-Z0-9_-]*$" (start with letter, followed by letters/numbers/underscores/hyphens) and permission names must match "^[a-zA-Z0-9_]+$" (letters, numbers, underscores only). This validation occurs during zen.BindBody call before handlers run, preventing malicious or improperly formatted names from reaching auto-creation logic.

Applied to files:

go/apps/api/routes/v2_keys_add_permissions/handler.go

📚 Learning: in the unkey codebase, avoid hardcoding ids or indices that depend on array positions, as the arrays...

Learnt from: ogzhanolguncu
PR: unkeyed/unkey#2876
File: apps/dashboard/components/logs/datetime/constants.ts:96-96
Timestamp: 2025-02-06T17:41:47.228Z
Learning: In the Unkey codebase, avoid hardcoding IDs or indices that depend on array positions, as the arrays may be modified in the future. Instead, use methods like `find` with unique identifiers or properties to locate specific items.

Applied to files:

go/pkg/db/querier_generated.go

📚 Learning: for identity deletion operations in the unkey api, identityid takes precedence over externalid when ...

Learnt from: Flo4604
PR: unkeyed/unkey#3151
File: go/apps/api/openapi/gen.go:221-233
Timestamp: 2025-04-18T20:01:33.812Z
Learning: For identity deletion operations in the Unkey API, identityId takes precedence over externalId when both are provided in the request body.

Applied to files:

go/pkg/db/querier_generated.go

📚 Learning: in the shortcutactivator component within filters-popover.tsx, the purpose is to track keys separate...

Learnt from: ogzhanolguncu
PR: unkeyed/unkey#3115
File: apps/dashboard/components/logs/checkbox/filters-popover.tsx:33-55
Timestamp: 2025-04-24T14:34:30.621Z
Learning: In the ShortcutActivator component within filters-popover.tsx, the purpose is to track keys separately for each filter item, providing a registration mechanism for shortcuts passed to it rather than enforcing specific key combinations like option+shift+key.

Applied to files:

go/pkg/db/querier_generated.go

🧬 Code Graph Analysis (3)

go/apps/api/routes/v2_keys_whoami/handler.go (1)

go/pkg/hash/sha256.go (1)

Sha256 (28-33)

go/pkg/db/key_find_live_by_id.sql_generated.go (2)

go/pkg/db/types/null_string.go (1)

NullString (10-10)

go/pkg/hydra/store/db.go (1)

DBTX (8-13)

go/pkg/db/querier_generated.go (3)

go/pkg/hydra/store/db.go (1)

DBTX (8-13)

go/pkg/db/key_find_live_by_hash.sql_generated.go (1)

FindLiveKeyByHashRow (26-53)

go/pkg/db/key_find_live_by_id.sql_generated.go (1)

FindLiveKeyByIDRow (26-53)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: Test Agent Local / test_agent_local
GitHub Check: Test Go API Local / Test
GitHub Check: Test API / API Test Local

🔇 Additional comments (25)

go/pkg/db/queries/key_find_live_by_id.sql (1)

1-11: LGTM! Well-structured query for live key retrieval.

The new FindLiveKeyByID query provides a comprehensive approach to key retrieval by:

Joining with the apis table to embed API data using sqlc.embed(a)

Left joining encrypted_keys for optional encryption metadata

Properly filtering out deleted records from both keys and APIs

Using appropriate table aliases for clarity

This addresses the performance issue mentioned in the PR objectives by providing a more explicit query structure that should help MySQL choose the optimal index.

go/apps/api/routes/v2_keys_add_permissions/handler.go (1)

59-59: LGTM! Simplified key lookup improves performance.

The change from FindKeyByIdOrHash to FindLiveKeyByID aligns with the PR's performance optimization goals. The new method:

Uses a direct string parameter instead of a nullable struct

Performs explicit joins with better index utilization

Returns richer data with embedded API information

This should resolve the MySQL index selection issue mentioned in the PR objectives.

go/apps/api/routes/v2_keys_delete_key/handler.go (1)

62-62: LGTM! Consistent performance optimization.

The migration to FindLiveKeyByID maintains consistency with other handlers while improving query performance through explicit index guidance.

go/apps/api/routes/v2_keys_update_key/handler.go (1)

65-65: LGTM! Performance optimization applied consistently.

The change to FindLiveKeyByID follows the same pattern as other v2 key handlers, ensuring consistent performance improvements across the API.

go/pkg/db/queries/key_find_by_id.sql (1)

1-3: LGTM! Clean query simplification.

The consolidation to a single-line format with table alias k improves readability while maintaining the same functionality. This complements the new FindLiveKeyByID query for different use cases.

go/apps/api/routes/v2_keys_set_roles/handler.go (1)

61-61: LGTM: Performance optimization successfully implemented.

The change from FindKeyByIdOrHash to FindLiveKeyByID directly addresses the MySQL index selection performance issue described in the PR. The simplified parameter passing (direct string instead of parameter struct) should guide MySQL to use the appropriate index.

go/apps/api/routes/v2_keys_get_key/handler.go (1)

65-65: LGTM: Consistent performance optimization.

The change from FindKeyByIdOrHash to FindLiveKeyByID is consistent with the performance improvements across all handlers and properly addresses the MySQL index selection issue.

go/pkg/db/key_find_by_id.sql_generated.go (1)

13-20: LGTM: Generated code reflects SQL query improvements.

The addition of table alias k and single-line formatting improves query readability. Since this is generated code from sqlc, the changes appropriately reflect updates to the underlying SQL query definition.

go/apps/api/routes/v2_keys_set_permissions/handler.go (1)

63-63: LGTM: Consistent performance optimization applied.

The migration from FindKeyByIdOrHash to FindLiveKeyByID follows the same performance improvement pattern across all handlers, addressing the MySQL index selection issue effectively.

go/apps/api/routes/v2_keys_whoami/handler.go (1)

61-61: LGTM: Correct hash-based key lookup optimization.

The change to FindLiveKeyByHash with hash.Sha256(req.Key) is appropriate for this endpoint, which receives a plain key value rather than a key ID. This addresses the performance issue by using a specific hash-based query instead of the flexible but inefficient FindKeyByIdOrHash.

go/apps/api/routes/v2_keys_remove_permissions/handler.go (1)

60-60: LGTM! Performance optimization aligns with PR objectives.

The replacement of FindKeyByIdOrHash with FindLiveKeyByID directly addresses the performance issue described in the PR objectives. This change makes the search criteria explicit, guiding MySQL to use the appropriate index instead of scanning inefficient tables.

go/apps/api/routes/v2_keys_add_roles/handler.go (1)

60-60: LGTM! Consistent performance optimization.

Same beneficial change as other handlers - replacing the flexible but slow FindKeyByIdOrHash with the explicit FindLiveKeyByID to improve MySQL index selection and query performance.

go/pkg/db/queries/key_find_live_by_hash.sql (1)

1-11: Well-designed query that addresses the performance issue.

This new query effectively resolves the MySQL index selection problem mentioned in the PR objectives:

Explicit joins: The keys -> apis -> encrypted_keys join path guides MySQL to use appropriate indexes

Specific filtering: Single hash parameter eliminates the nullable parameter complexity

Live records only: deleted_at_m IS NULL filters ensure efficient scanning

Rich data: sqlc.embed(a) and encryption key fields provide complete key information

This design should significantly improve query performance compared to the previous flexible approach.

go/apps/api/routes/v2_keys_remove_roles/handler.go (1)

61-61: LGTM! Consistent performance improvement.

Same beneficial change applied consistently across handlers to improve MySQL query performance.

go/apps/api/routes/v2_keys_update_credits/handler.go (3)

62-62: LGTM! Performance improvement for initial key lookup.

Consistent with other handlers - replacing FindKeyByIdOrHash with FindLiveKeyByID to improve MySQL query performance.

131-131: LGTM! Proper type updates for transaction handling.

The transaction return type and error handling have been correctly updated to use FindLiveKeyByIDRow to match the new query interface.

Also applies to: 138-138, 153-153

161-161: LGTM! Consistent query method for key refetch.

Using FindLiveKeyByID for the post-update key retrieval maintains consistency and performance benefits throughout the transaction.

go/pkg/db/key_find_live_by_id.sql_generated.go (3)

13-24: Excellent performance optimization with explicit joins and filtering.

The SQL query structure addresses the performance issue mentioned in the PR by:

Using explicit JOIN with apis table on key_auth_id

Adding LEFT JOIN for optional encrypted key data

Filtering out deleted records early with AND k.deleted_at_m IS NULL AND a.deleted_at_m IS NULL

This should guide MySQL to use the appropriate index and avoid scanning the apis table first.

26-53: Well-structured result struct with proper null handling.

The FindLiveKeyByIDRow struct properly handles nullable fields using sql.NullString, sql.NullTime, etc., and includes all necessary data from the joined tables. The embedded Api struct provides clean access to API data.

67-108: Clean generated function with comprehensive field scanning.

The function signature is clear and the row scanning correctly maps all fields from the complex query result. Error handling follows Go conventions by returning the error directly from row.Scan().

go/pkg/db/key_find_live_by_hash.sql_generated.go (3)

13-24: Consistent performance optimization for hash-based lookup.

The query structure mirrors the ID-based version with proper joins and filtering:

Explicit JOIN with apis table

LEFT JOIN for encrypted keys

Early filtering of deleted records

Hash-based WHERE clause (WHERE hash = ?)

This maintains consistency with the ID-based query optimization.

26-53: Identical struct structure ensures consistency.

The FindLiveKeyByHashRow struct is identical to FindLiveKeyByIDRow, which is correct since both queries return the same data structure, just accessed via different search criteria.

67-108: Function correctly implements hash-based lookup.

The function signature properly accepts a hash string parameter and the implementation is consistent with the ID-based version. The field scanning order matches the SELECT statement.

go/pkg/db/querier_generated.go (2)

203-205: Simplified FindKeyByID query for basic key retrieval.

The FindKeyByID method has been simplified to a basic key lookup without joins, which is appropriate when you only need key data without associated API or encryption information.

326-351: Well-documented new methods for live key lookups.

The new FindLiveKeyByHash and FindLiveKeyByID methods are properly documented with their SQL queries shown in comments. The method signatures clearly indicate they return the rich row structs with joined data, making the intent clear to consumers.

These methods replace the previous FindKeyByIdOrHash with more explicit, single-purpose queries that should perform better.

✨ Finishing Touches

📝 Generate Docstrings

🧪 Generate unit tests

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch perf/bad-get-key-performance

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Explain this complex logic.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai explain this code block.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and explain its main purpose.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai generate docstrings to generate docstrings for this PR.
@coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
@coderabbitai generate unit tests to generate unit tests for this PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

github-actions · 2025-08-04T09:26:14Z

Thank you for following the naming conventions for pull request titles! 🙏

go/pkg/db/querier_generated.go

Flo4604 · 2025-08-04T09:45:55Z

renamed it and cleaned up generated files that we dont need anymore

graphite-app · 2025-08-04T10:19:11Z

graphite-app · 2025-08-04T10:20:11Z

Graphite Automations

"Post a GIF when PR approved" took an action on this PR • (08/04/25)

1 gif was posted to this PR based on Andreas Thomas's automation.

* Dialog created * small changes * half functional * small spacing changes and chevron * Rabbit Changes * remove useffect * almost * re ordered badge list collapse * undo rabbit * [autofix.ci] apply automated fixes * fix scroll * changes before merge * chore: deprecate v1 endpoints (#3680) * fix: openapi * chore: deprecate v1 endpoints * fix: vault credentials and chproxy config (#3681) * fix: openapi * fix: vault credentials and chproxy config * fix: rename flag accessor too * fix: linter issues * fix: some more v2 api changes (#3677) * remove namespaceID * actually use limit and cursor * filter out delted overrides * fix error messages list endpoints * fix more error messages * ensure identity create handles like permission/role create * fix regex for roles * fix regex for roles * fix list keys cursor * fix: uppercase common files (#3683) * name files uppercase * name files uppercase * [autofix.ci] apply automated fixes * name files uppercase * name files uppercase --------- Co-authored-by: Andreas Thomas <dev@chronark.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: conflicting casing (#3689) * fix the openapi spec again (#3692) * dont trace chproxy endpoints (#3691) * fix: log verifications to the owning workspace (#3693) * functioning again * style change * more tweaks * fix: validate s3 config (#3694) * Fix all the fucking things * remove close button * fmt * fix: speakeasy ignore directive is ignored if it's a string (#3699) * fix: upsert permissions with slug or name colission (#3696) * fix: upsert permissions with slug or name colission * chore: also remove index * fix permission test and remove unnnecessary test --------- Co-authored-by: Flo <53355483+Flo4604@users.noreply.github.com> * docs: migration (#3678) * fix: openapi * docs: migration from v1 to v2 * fix: remove binaries * [autofix.ci] apply automated fixes * docs: add james' feedback --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: api list keys zod errors (#3702) * fix api zod errors * [autofix.ci] apply automated fixes * make array handling uniform * make array handling uniform * fix rabbi comment * fix: permission array for roles --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * ci: don't build for windows and freebsd (#3700) * docs: errors (#3703) * chore: move sdks to unkeyed/sdks (#3701) * fix: omitting array vs null (#3704) * fix omitting array vs null * [autofix.ci] apply automated fixes * fix flakey test * fix flakey test --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: panics not being catched (#3706) * fix panics not being catched * feat: add counter to track panics Signed-off-by: Ian Meyer <k@imeyer.io> --------- Signed-off-by: Ian Meyer <k@imeyer.io> Co-authored-by: Ian Meyer <k@imeyer.io> * docs: use `CodeGroup` in hono/nextjs TS libraries (#3708) * Update hono.mdx * Update nextjs.mdx * ci: remove outdated steps and flows (#3709) * docs: update sdks (#3712) * docs: update sdks * Update nextjs.mdx * [autofix.ci] apply automated fixes * fix: rabbit feedback * Update nextjs.mdx * fix: root key is required --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * dialog and confirm added * feat(deployment beta): projects UI for Unkey Deploy (#3662) * projects and branches * wip * wip * spec differ wip * fix some docker, add some trpc, integrate diff viewer * change version to deployments, add feature flag, update go schema * update versions page * fix null condition * delete old router, fix null assertion * fmt * fmt * fmt again * apply auth and feature flagging access to projects, remove versions * yolo * stable yolo * stable yolo * style: fmt * fix: hardcode time, so it doesn't fail on the first of a month * [autofix.ci] apply automated fixes --------- Co-authored-by: chronark <dev@chronark.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * chore: add missingd delete endpoint for v2 (#3711) * only log key at the end (#3716) * fix: allow wildcard and colon in permissions query (#3717) * remove regex for permissions * allow for asterix and colon in permissions * fix: update identity by identity key instead of externalId and fix wrong body for permission and role (#3713) * docs and remove externalId from keyResponse * fix updateIdentity to take in an identity parameter instead of an externalId * fix get role/permission * Update go/apps/api/openapi/spec/common/Permission.yaml Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Update openapi-generated.yaml * fix comment --------- Co-authored-by: Andreas Thomas <dev@chronark.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * chore: openapi references (#3723) * feat: add paginated tRPC endpoint for projects (#3697) * feat: add new endpoint for deploy projects * chore: replace file path * [autofix.ci] apply automated fixes * feat: add missing endpoint * fix: trpc path * fix: add feature flag * chore: remove optin --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: region not showing and wrong rl id (#3722) * fix: region not showing and wrong rl id * pass region down * perf: bad get key performance (#3724) * perf: make getKey 2 seperate queries so mysql chooses correct idx * fix query * fix query name * docs: verify identities endpoints (#3727) * chore: docs (#3728) * chore: fixup migration guide * adjust more * adjust more * adjust more * rabbit comments * Update index.mdx * working updates * re factor for clarity * only update if diff than existing * [autofix.ci] apply automated fixes * re name create-root-key to root-key folder --------- Signed-off-by: Ian Meyer <k@imeyer.io> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Andreas Thomas <dev@chronark.com> Co-authored-by: Flo <53355483+Flo4604@users.noreply.github.com> Co-authored-by: Oğuzhan Olguncu <21091016+ogzhanolguncu@users.noreply.github.com> Co-authored-by: James Perkins <jamesperkins@hey.com> Co-authored-by: Ian Meyer <k@imeyer.io> Co-authored-by: JA Castro <51177379+ubinatus@users.noreply.github.com> Co-authored-by: Meg Stepp <mcstepp@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* chore: new root key dialog (#3637) * Dialog created * small changes * feat: ui show permission side bar when select permission button is (#3654) * Dialog created * small changes * half functional * small spacing changes and chevron * Rabbit Changes * remove useffect * feat: UI when a permission is selected it should show in the modal (#3663) * Dialog created * small changes * half functional * small spacing changes and chevron * Rabbit Changes * remove useffect * almost * re ordered badge list collapse * undo rabbit * [autofix.ci] apply automated fixes * fix scroll * button size and margin --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * feat: UI when a user searches for a permission it should show (#3695) * Dialog created * small changes * half functional * small spacing changes and chevron * Rabbit Changes * remove useffect * almost * re ordered badge list collapse * undo rabbit * [autofix.ci] apply automated fixes * fix scroll * changes before merge * functioning again * style change * more tweaks * Fix all the fucking things * remove close button * fmt --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: James Perkins <jamesperkins@hey.com> * feat: rootkey create with success dialog and confirm close (#3714) * Dialog created * small changes * half functional * small spacing changes and chevron * Rabbit Changes * remove useffect * almost * re ordered badge list collapse * undo rabbit * [autofix.ci] apply automated fixes * fix scroll * changes before merge * functioning again * style change * more tweaks * Fix all the fucking things * remove close button * fmt * dialog and confirm added --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: James Perkins <jamesperkins@hey.com> * feat: a user selects edit root key and an edit root key modal (#3731) * Dialog created * small changes * half functional * small spacing changes and chevron * Rabbit Changes * remove useffect * almost * re ordered badge list collapse * undo rabbit * [autofix.ci] apply automated fixes * fix scroll * changes before merge * chore: deprecate v1 endpoints (#3680) * fix: openapi * chore: deprecate v1 endpoints * fix: vault credentials and chproxy config (#3681) * fix: openapi * fix: vault credentials and chproxy config * fix: rename flag accessor too * fix: linter issues * fix: some more v2 api changes (#3677) * remove namespaceID * actually use limit and cursor * filter out delted overrides * fix error messages list endpoints * fix more error messages * ensure identity create handles like permission/role create * fix regex for roles * fix regex for roles * fix list keys cursor * fix: uppercase common files (#3683) * name files uppercase * name files uppercase * [autofix.ci] apply automated fixes * name files uppercase * name files uppercase --------- Co-authored-by: Andreas Thomas <dev@chronark.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: conflicting casing (#3689) * fix the openapi spec again (#3692) * dont trace chproxy endpoints (#3691) * fix: log verifications to the owning workspace (#3693) * functioning again * style change * more tweaks * fix: validate s3 config (#3694) * Fix all the fucking things * remove close button * fmt * fix: speakeasy ignore directive is ignored if it's a string (#3699) * fix: upsert permissions with slug or name colission (#3696) * fix: upsert permissions with slug or name colission * chore: also remove index * fix permission test and remove unnnecessary test --------- Co-authored-by: Flo <53355483+Flo4604@users.noreply.github.com> * docs: migration (#3678) * fix: openapi * docs: migration from v1 to v2 * fix: remove binaries * [autofix.ci] apply automated fixes * docs: add james' feedback --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: api list keys zod errors (#3702) * fix api zod errors * [autofix.ci] apply automated fixes * make array handling uniform * make array handling uniform * fix rabbi comment * fix: permission array for roles --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * ci: don't build for windows and freebsd (#3700) * docs: errors (#3703) * chore: move sdks to unkeyed/sdks (#3701) * fix: omitting array vs null (#3704) * fix omitting array vs null * [autofix.ci] apply automated fixes * fix flakey test * fix flakey test --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: panics not being catched (#3706) * fix panics not being catched * feat: add counter to track panics Signed-off-by: Ian Meyer <k@imeyer.io> --------- Signed-off-by: Ian Meyer <k@imeyer.io> Co-authored-by: Ian Meyer <k@imeyer.io> * docs: use `CodeGroup` in hono/nextjs TS libraries (#3708) * Update hono.mdx * Update nextjs.mdx * ci: remove outdated steps and flows (#3709) * docs: update sdks (#3712) * docs: update sdks * Update nextjs.mdx * [autofix.ci] apply automated fixes * fix: rabbit feedback * Update nextjs.mdx * fix: root key is required --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * dialog and confirm added * feat(deployment beta): projects UI for Unkey Deploy (#3662) * projects and branches * wip * wip * spec differ wip * fix some docker, add some trpc, integrate diff viewer * change version to deployments, add feature flag, update go schema * update versions page * fix null condition * delete old router, fix null assertion * fmt * fmt * fmt again * apply auth and feature flagging access to projects, remove versions * yolo * stable yolo * stable yolo * style: fmt * fix: hardcode time, so it doesn't fail on the first of a month * [autofix.ci] apply automated fixes --------- Co-authored-by: chronark <dev@chronark.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * chore: add missingd delete endpoint for v2 (#3711) * only log key at the end (#3716) * fix: allow wildcard and colon in permissions query (#3717) * remove regex for permissions * allow for asterix and colon in permissions * fix: update identity by identity key instead of externalId and fix wrong body for permission and role (#3713) * docs and remove externalId from keyResponse * fix updateIdentity to take in an identity parameter instead of an externalId * fix get role/permission * Update go/apps/api/openapi/spec/common/Permission.yaml Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Update openapi-generated.yaml * fix comment --------- Co-authored-by: Andreas Thomas <dev@chronark.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * chore: openapi references (#3723) * feat: add paginated tRPC endpoint for projects (#3697) * feat: add new endpoint for deploy projects * chore: replace file path * [autofix.ci] apply automated fixes * feat: add missing endpoint * fix: trpc path * fix: add feature flag * chore: remove optin --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: region not showing and wrong rl id (#3722) * fix: region not showing and wrong rl id * pass region down * perf: bad get key performance (#3724) * perf: make getKey 2 seperate queries so mysql chooses correct idx * fix query * fix query name * docs: verify identities endpoints (#3727) * chore: docs (#3728) * chore: fixup migration guide * adjust more * adjust more * adjust more * rabbit comments * Update index.mdx * working updates * re factor for clarity * only update if diff than existing * [autofix.ci] apply automated fixes * re name create-root-key to root-key folder --------- Signed-off-by: Ian Meyer <k@imeyer.io> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Andreas Thomas <dev@chronark.com> Co-authored-by: Flo <53355483+Flo4604@users.noreply.github.com> Co-authored-by: Oğuzhan Olguncu <21091016+ogzhanolguncu@users.noreply.github.com> Co-authored-by: James Perkins <jamesperkins@hey.com> Co-authored-by: Ian Meyer <k@imeyer.io> Co-authored-by: JA Castro <51177379+ubinatus@users.noreply.github.com> Co-authored-by: Meg Stepp <mcstepp@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fresh * start rabbit changes * rabbits * missing processing * Update apps/dashboard/lib/trpc/routers/index.ts Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Update apps/dashboard/app/(app)/settings/root-keys/components/root-key/components/permission-badge-list.tsx Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * more rabbit * function name * [autofix.ci] apply automated fixes * minor changes * rabbit checked locally * comment changes * light mode fix * removed old page files * updated success * slack comment changes * cleanup * rabbit * more rabbits * most consts * change clear and details * cleanup * pr suggested changes * few nits --------- Signed-off-by: Ian Meyer <k@imeyer.io> Co-authored-by: CodeReaper <148160799+MichaelUnkey@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Andreas Thomas <dev@chronark.com> Co-authored-by: Flo <53355483+Flo4604@users.noreply.github.com> Co-authored-by: Oğuzhan Olguncu <21091016+ogzhanolguncu@users.noreply.github.com> Co-authored-by: Ian Meyer <k@imeyer.io> Co-authored-by: JA Castro <51177379+ubinatus@users.noreply.github.com> Co-authored-by: Meg Stepp <mcstepp@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: MichaelUnkey <michael@unkey.com>

Flo4604 added 2 commits August 4, 2025 11:16

perf: make getKey 2 seperate queries so mysql chooses correct idx

78c2435

fix query

88a26ad

Flo4604 requested review from chronark, imeyer and perkinsjr as code owners August 4, 2025 09:26

Flo4604 changed the title ~~Perf: bad get key performance~~ perf: bad get key performance Aug 4, 2025

chronark reviewed Aug 4, 2025

View reviewed changes

go/pkg/db/querier_generated.go Outdated Show resolved Hide resolved

fix query name

d58283e

Flo4604 requested a review from chronark August 4, 2025 09:57

chronark approved these changes Aug 4, 2025

View reviewed changes

Flo4604 added this pull request to the merge queue Aug 4, 2025

Merged via the queue into main with commit 27e2638 Aug 4, 2025
18 of 19 checks passed

Flo4604 deleted the perf/bad-get-key-performance branch August 4, 2025 10:49

This was referenced Aug 14, 2025

feat: v2 reroll key endpoint #3785

Merged

refactor: get rid of n+1 queries for /v2/api/listKeys #3809

Merged

coderabbitai bot mentioned this pull request Aug 27, 2025

feat: poc migrating from prefixed-api-key #3841

Closed

18 tasks

coderabbitai bot mentioned this pull request Oct 29, 2025

fix: Added caching for key endpoints that lookup keys by id / whoami endpoint #4203

Closed

18 tasks

coderabbitai bot mentioned this pull request Nov 12, 2025

feat: add key migration endpoint #4320

Merged

19 tasks

Conversation

Flo4604 commented Aug 4, 2025 • edited by coderabbitai bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What does this PR do?

Type of change

How should this be tested?

Checklist

Required

Appreciated

Summary by CodeRabbit

Uh oh!

changeset-bot bot commented Aug 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠️ No Changeset found

Uh oh!

vercel bot commented Aug 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

coderabbitai bot commented Aug 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Sequence Diagram(s)

Estimated code review effort

Suggested reviewers

Chat

Support

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (.coderabbit.yaml)

Documentation and Community

Uh oh!

github-actions bot commented Aug 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Flo4604 commented Aug 4, 2025

Uh oh!

graphite-app bot commented Aug 4, 2025

Uh oh!

graphite-app bot commented Aug 4, 2025

Graphite Automations

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Flo4604 commented Aug 4, 2025 •

edited by coderabbitai bot

Loading

changeset-bot bot commented Aug 4, 2025 •

edited

Loading

vercel bot commented Aug 4, 2025 •

edited

Loading

coderabbitai bot commented Aug 4, 2025 •

edited

Loading

CodeRabbit Configuration File (`.coderabbit.yaml`)

github-actions bot commented Aug 4, 2025 •

edited

Loading