feat(01-foundation-03): implement SQLite storage with Finding CRUD and encryption

- schema.sql: CREATE TABLE for findings, scans, settings with indexes - db.go: Open() with WAL mode, foreign keys, embedded schema migration - findings.go: SaveFinding encrypts key_value before INSERT, ListFindings decrypts after SELECT - MaskKey: first8...last4 masking helper - Fix: NULL scan_id handling for findings without parent scan
2026-04-05 00:05:54 +03:00
parent 239e2c214c
commit 3334633867
3 changed files with 195 additions and 0 deletions
--- a/pkg/storage/schema.sql
+++ b/pkg/storage/schema.sql
@@ -0,0 +1,35 @@
+-- KeyHunter database schema
+-- Version: 1
+
+CREATE TABLE IF NOT EXISTS scans (
+    id            INTEGER PRIMARY KEY AUTOINCREMENT,
+    started_at    DATETIME NOT NULL,
+    finished_at   DATETIME,
+    source_path   TEXT,
+    finding_count INTEGER DEFAULT 0,
+    created_at    DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS findings (
+    id            INTEGER PRIMARY KEY AUTOINCREMENT,
+    scan_id       INTEGER REFERENCES scans(id),
+    provider_name TEXT NOT NULL,
+    key_value     BLOB NOT NULL,
+    key_masked    TEXT NOT NULL,
+    confidence    TEXT NOT NULL,
+    source_path   TEXT,
+    source_type   TEXT,
+    line_number   INTEGER,
+    created_at    DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS settings (
+    key        TEXT PRIMARY KEY,
+    value      TEXT NOT NULL,
+    updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+
+-- Indexes for common queries
+CREATE INDEX IF NOT EXISTS idx_findings_scan_id ON findings(scan_id);
+CREATE INDEX IF NOT EXISTS idx_findings_provider ON findings(provider_name);
+CREATE INDEX IF NOT EXISTS idx_findings_created ON findings(created_at DESC);