-- This migration runs on the CONTROL PLANE database (port 5433), not the tenant DB.
-- We need to ensure we migrate the correct DB.
-- For MVP, if we only have one migration pipeline, we might mix them?
-- Ideally we use `sqlx migrate run --database-url ...` for this specific migration.
-- Or we just put this table in the main DB for the MVP to avoid infrastructure complexity?
-- The `docker-compose.yml` has `control_db`.
-- Let's try to use the main DB for everything in MVP to reduce friction, 
-- OR use a separate folder for control plane migrations.

-- Let's put `projects` in the `public` schema of the main DB for simplicity of the "Single Tenant / Self Hosted" mode.
-- In a real SaaS, this would be separate.

CREATE EXTENSION IF NOT EXISTS pgcrypto;

CREATE TABLE IF NOT EXISTS projects (
    id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
    name TEXT NOT NULL,
    owner_id UUID, -- No FK to users strictly required if users are in tenant DB, but here they are same DB.
    status TEXT DEFAULT 'active',
    db_url TEXT NOT NULL,
    jwt_secret TEXT NOT NULL DEFAULT encode(gen_random_bytes(32), 'hex'),
    anon_key TEXT,
    service_role_key TEXT,
    created_at TIMESTAMPTZ DEFAULT now(),
    updated_at TIMESTAMPTZ DEFAULT now()
);

-- Trigger to generate keys on insert? Or handle in code.
-- Let's handle in code for keys.