kalzu-value-store

ryyst/kalzu-value-store

Fork 1

Commit Graph

Author	SHA1	Message	Date
ryyst	5ab03331fc	Implement Phase 2: Enterprise-grade KVS enhancements This massive enhancement transforms KVS from a basic distributed key-value store into a production-ready enterprise database system with comprehensive authentication, authorization, data management, and security features. PHASE 2.1: CORE AUTHENTICATION & AUTHORIZATION • Complete JWT-based authentication system with SHA3-512 security • User and group management with CRUD APIs (/api/users, /api/groups) • POSIX-inspired 12-bit ACL permission model (Owner/Group/Others: CDWR) • Token management system with configurable expiration (default 1h) • Authorization middleware with resource-level permission checking • SHA3-512 hashing utilities for secure credential storage PHASE 2.2: ADVANCED DATA MANAGEMENT • ZSTD compression system with configurable levels (1-19, default 3) • TTL support with resource metadata and automatic expiration • 3-version revision history system with automatic rotation • JSON size validation with configurable limits (default 1MB) • Enhanced storage utilities with compression/decompression • Resource metadata tracking (owner, group, permissions, timestamps) PHASE 2.3: ENTERPRISE SECURITY & OPERATIONS • Per-user rate limiting with sliding window algorithm • Tamper-evident logging with cryptographic signatures (SHA3-512) • Automated backup scheduling using cron (default: daily at midnight) • ZSTD-compressed database snapshots with automatic cleanup • Configurable backup retention policies (default: 7 days) • Backup status monitoring API (/api/backup/status) TECHNICAL ADDITIONS • New dependencies: JWT v4, crypto/sha3, zstd compression, cron v3 • Extended configuration system with comprehensive Phase 2 settings • API endpoints: 13 new endpoints for authentication, management, monitoring • Storage patterns: user:<uuid>, group:<uuid>, token:<hash>, ratelimit:<user>:<window> • Revision history: data:<key>:rev:[1-3] with metadata integration • Tamper logs: log:<timestamp>:<uuid> with permanent retention BACKWARD COMPATIBILITY • All existing APIs remain fully functional • Existing Merkle tree replication system unchanged • New features can be disabled via configuration • Migration-ready design for upgrading existing deployments This implementation adds 1,500+ lines of sophisticated enterprise code while maintaining the distributed, eventually-consistent architecture. The system now supports multi-tenant deployments, compliance requirements, and production-scale operations. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-09-11 18:17:41 +03:00
ryyst	83ad9eea8c	Initial KVS implementation with core functionality - Go module setup with BadgerDB, Gorilla Mux, Logrus, UUID, and YAML - Core data structures for distributed key-value store - HTTP REST API with /kv/ endpoints (GET, PUT, DELETE) - Member management endpoints (/members/) - Timestamp indexing for efficient time-based queries - YAML configuration with auto-generation - Structured JSON logging with configurable levels - Operational modes (normal, read-only, syncing) - Basic health check endpoint - Graceful shutdown handling Tested basic functionality - all core endpoints working correctly. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-09-10 07:20:12 +03:00

Author

SHA1

Message

Date

ryyst

5ab03331fc

Implement Phase 2: Enterprise-grade KVS enhancements

This massive enhancement transforms KVS from a basic distributed key-value store
into a production-ready enterprise database system with comprehensive authentication,
authorization, data management, and security features.

PHASE 2.1: CORE AUTHENTICATION & AUTHORIZATION
• Complete JWT-based authentication system with SHA3-512 security
• User and group management with CRUD APIs (/api/users, /api/groups)
• POSIX-inspired 12-bit ACL permission model (Owner/Group/Others: CDWR)
• Token management system with configurable expiration (default 1h)
• Authorization middleware with resource-level permission checking
• SHA3-512 hashing utilities for secure credential storage

PHASE 2.2: ADVANCED DATA MANAGEMENT
• ZSTD compression system with configurable levels (1-19, default 3)
• TTL support with resource metadata and automatic expiration
• 3-version revision history system with automatic rotation
• JSON size validation with configurable limits (default 1MB)
• Enhanced storage utilities with compression/decompression
• Resource metadata tracking (owner, group, permissions, timestamps)

PHASE 2.3: ENTERPRISE SECURITY & OPERATIONS
• Per-user rate limiting with sliding window algorithm
• Tamper-evident logging with cryptographic signatures (SHA3-512)
• Automated backup scheduling using cron (default: daily at midnight)
• ZSTD-compressed database snapshots with automatic cleanup
• Configurable backup retention policies (default: 7 days)
• Backup status monitoring API (/api/backup/status)

TECHNICAL ADDITIONS
• New dependencies: JWT v4, crypto/sha3, zstd compression, cron v3
• Extended configuration system with comprehensive Phase 2 settings
• API endpoints: 13 new endpoints for authentication, management, monitoring
• Storage patterns: user:<uuid>, group:<uuid>, token:<hash>, ratelimit:<user>:<window>
• Revision history: data:<key>:rev:[1-3] with metadata integration
• Tamper logs: log:<timestamp>:<uuid> with permanent retention

BACKWARD COMPATIBILITY
• All existing APIs remain fully functional
• Existing Merkle tree replication system unchanged
• New features can be disabled via configuration
• Migration-ready design for upgrading existing deployments

This implementation adds 1,500+ lines of sophisticated enterprise code while
maintaining the distributed, eventually-consistent architecture. The system
now supports multi-tenant deployments, compliance requirements, and
production-scale operations.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-09-11 18:17:41 +03:00

ryyst

83ad9eea8c

Initial KVS implementation with core functionality

- Go module setup with BadgerDB, Gorilla Mux, Logrus, UUID, and YAML
- Core data structures for distributed key-value store
- HTTP REST API with /kv/ endpoints (GET, PUT, DELETE)
- Member management endpoints (/members/)
- Timestamp indexing for efficient time-based queries
- YAML configuration with auto-generation
- Structured JSON logging with configurable levels
- Operational modes (normal, read-only, syncing)
- Basic health check endpoint
- Graceful shutdown handling

Tested basic functionality - all core endpoints working correctly.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-09-10 07:20:12 +03:00

2 Commits