-- Migration 007: Compliance Commit Ledger (G2)
-- Schema: compliance
-- Run: ssh macmini "docker exec -i bp-core-postgres psql -U breakpilot -d breakpilot_db" < control-pipeline/migrations/007_compliance_commits.sql

SET search_path TO compliance, public;

CREATE TABLE IF NOT EXISTS compliance_commits (
    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    tenant_id UUID NOT NULL,
    project_id UUID,

    -- Git Info
    commit_hash VARCHAR(64) NOT NULL,
    commit_message TEXT,
    commit_author VARCHAR(200),
    commit_date TIMESTAMPTZ,
    branch VARCHAR(200),
    repo_url TEXT,

    -- Affected Controls
    affected_control_ids JSONB NOT NULL DEFAULT '[]',
    affected_files JSONB DEFAULT '[]',

    -- Analysis
    risk_level VARCHAR(20) DEFAULT 'low'
        CHECK (risk_level IN ('low', 'medium', 'high', 'critical')),
    analysis_summary TEXT,
    analysis_metadata JSONB DEFAULT '{}',

    created_at TIMESTAMPTZ DEFAULT NOW()
);

CREATE INDEX IF NOT EXISTS idx_cc_tenant ON compliance_commits(tenant_id);
CREATE INDEX IF NOT EXISTS idx_cc_hash ON compliance_commits(commit_hash);
CREATE INDEX IF NOT EXISTS idx_cc_date ON compliance_commits(commit_date);
CREATE INDEX IF NOT EXISTS idx_cc_risk ON compliance_commits(risk_level);
-- GIN index for JSONB array containment queries (@>)
CREATE INDEX IF NOT EXISTS idx_cc_control_ids ON compliance_commits USING GIN (affected_control_ids);