From 33cc1ba4922ea5ed85f83e3b80ef4dc2016e6de8 Mon Sep 17 00:00:00 2001
From: waleed <walif6@gmail.com>
Date: Thu, 2 Apr 2026 10:09:07 -0700
Subject: [PATCH] fix(credential): fix service_account migration to avoid
 unsafe enum usage in same transaction

---
 .../db/migrations/0184_hard_thaddeus_ross.sql |  2 ++
 .../migrations/0184_stiff_captain_marvel.sql  |  3 --
 .../db/migrations/meta/0184_snapshot.json     | 36 +------------------
 packages/db/migrations/meta/_journal.json     |  4 +--
 packages/db/schema.ts                         |  3 --
 5 files changed, 5 insertions(+), 43 deletions(-)
 create mode 100644 packages/db/migrations/0184_hard_thaddeus_ross.sql
 delete mode 100644 packages/db/migrations/0184_stiff_captain_marvel.sql

diff --git a/packages/db/migrations/0184_hard_thaddeus_ross.sql b/packages/db/migrations/0184_hard_thaddeus_ross.sql
new file mode 100644
index 0000000000..2ac7455297
--- /dev/null
+++ b/packages/db/migrations/0184_hard_thaddeus_ross.sql
@@ -0,0 +1,2 @@
+ALTER TYPE "public"."credential_type" ADD VALUE 'service_account';--> statement-breakpoint
+ALTER TABLE "credential" ADD COLUMN "encrypted_service_account_key" text;
\ No newline at end of file
diff --git a/packages/db/migrations/0184_stiff_captain_marvel.sql b/packages/db/migrations/0184_stiff_captain_marvel.sql
deleted file mode 100644
index 80a22d7ca4..0000000000
--- a/packages/db/migrations/0184_stiff_captain_marvel.sql
+++ /dev/null
@@ -1,3 +0,0 @@
-ALTER TYPE "public"."credential_type" ADD VALUE 'service_account';--> statement-breakpoint
-ALTER TABLE "credential" ADD COLUMN "encrypted_service_account_key" text;--> statement-breakpoint
-CREATE UNIQUE INDEX "credential_workspace_service_account_unique" ON "credential" USING btree ("workspace_id","type","provider_id","display_name") WHERE type = 'service_account';
\ No newline at end of file
diff --git a/packages/db/migrations/meta/0184_snapshot.json b/packages/db/migrations/meta/0184_snapshot.json
index 5487bf90d4..6a17c30686 100644
--- a/packages/db/migrations/meta/0184_snapshot.json
+++ b/packages/db/migrations/meta/0184_snapshot.json
@@ -1,5 +1,5 @@
 {
-  "id": "7f097b1f-1207-472e-b1bc-e237bab9528c",
+  "id": "1a38a6e2-09e2-4215-baa2-662f78824768",
   "prevId": "1114a957-9e5b-49fe-b82d-ef3612189345",
   "version": "7",
   "dialect": "postgresql",
@@ -2930,40 +2930,6 @@
           "concurrently": false,
           "method": "btree",
           "with": {}
-        },
-        "credential_workspace_service_account_unique": {
-          "name": "credential_workspace_service_account_unique",
-          "columns": [
-            {
-              "expression": "workspace_id",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            },
-            {
-              "expression": "type",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            },
-            {
-              "expression": "provider_id",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            },
-            {
-              "expression": "display_name",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": true,
-          "where": "type = 'service_account'",
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
         }
       },
       "foreignKeys": {
diff --git a/packages/db/migrations/meta/_journal.json b/packages/db/migrations/meta/_journal.json
index ed0d5da63b..d7f5b6098f 100644
--- a/packages/db/migrations/meta/_journal.json
+++ b/packages/db/migrations/meta/_journal.json
@@ -1286,8 +1286,8 @@
     {
       "idx": 184,
       "version": "7",
-      "when": 1775118314401,
-      "tag": "0184_stiff_captain_marvel",
+      "when": 1775149654511,
+      "tag": "0184_hard_thaddeus_ross",
       "breakpoints": true
     }
   ]
diff --git a/packages/db/schema.ts b/packages/db/schema.ts
index 6cb50f1c7c..42bcc3569a 100644
--- a/packages/db/schema.ts
+++ b/packages/db/schema.ts
@@ -2350,9 +2350,6 @@ export const credential = pgTable(
     workspacePersonalEnvUnique: uniqueIndex('credential_workspace_personal_env_unique')
       .on(table.workspaceId, table.type, table.envKey, table.envOwnerUserId)
       .where(sql`type = 'env_personal'`),
-    workspaceServiceAccountUnique: uniqueIndex('credential_workspace_service_account_unique')
-      .on(table.workspaceId, table.type, table.providerId, table.displayName)
-      .where(sql`type = 'service_account'`),
     oauthSourceConstraint: check(
       'credential_oauth_source_check',
       sql`(type <> 'oauth') OR (account_id IS NOT NULL AND provider_id IS NOT NULL)`