feat: add gateway pools for high-availability failover

backend/src/@types/fastify.d.ts

@@ -19,6 +19,7 @@ import { TEmailDomainServiceFactory } from "@app/ee/services/email-domain/email-
 import { TEventBusService as TInternalEventBusService } from "@app/ee/services/event-bus";
 import { TExternalKmsServiceFactory } from "@app/ee/services/external-kms/external-kms-service";
 import { TGatewayServiceFactory } from "@app/ee/services/gateway/gateway-service";
+import { TGatewayPoolServiceFactory } from "@app/ee/services/gateway-pool/gateway-pool-service";
 import { TGatewayV2ServiceFactory } from "@app/ee/services/gateway-v2/gateway-v2-service";
 import { TGithubOrgSyncServiceFactory } from "@app/ee/services/github-org-sync/github-org-sync-service";
 import { TGroupServiceFactory } from "@app/ee/services/group/group-service";
@@ -369,6 +370,7 @@ declare module "fastify" {
       insights: TInsightsServiceFactory;
       relay: TRelayServiceFactory;
       gatewayV2: TGatewayV2ServiceFactory;
+      gatewayPool: TGatewayPoolServiceFactory;
       githubOrgSync: TGithubOrgSyncServiceFactory;
       folderCommit: TFolderCommitServiceFactory;
       pit: TPitServiceFactory;

backend/src/@types/knex.d.ts

@@ -164,6 +164,12 @@ import {
   TGatewayEnrollmentTokens,
   TGatewayEnrollmentTokensInsert,
   TGatewayEnrollmentTokensUpdate,
+  TGatewayPoolMemberships,
+  TGatewayPoolMembershipsInsert,
+  TGatewayPoolMembershipsUpdate,
+  TGatewayPools,
+  TGatewayPoolsInsert,
+  TGatewayPoolsUpdate,
   TGateways,
   TGatewaysInsert,
   TGatewaysUpdate,
@@ -1596,6 +1602,12 @@ declare module "knex/types/tables" {
       TGatewayEnrollmentTokensInsert,
       TGatewayEnrollmentTokensUpdate
     >;
+    [TableName.GatewayPool]: KnexOriginal.CompositeTableType<TGatewayPools, TGatewayPoolsInsert, TGatewayPoolsUpdate>;
+    [TableName.GatewayPoolMembership]: KnexOriginal.CompositeTableType<
+      TGatewayPoolMemberships,
+      TGatewayPoolMembershipsInsert,
+      TGatewayPoolMembershipsUpdate
+    >;
     [TableName.UserNotifications]: KnexOriginal.CompositeTableType<
       TUserNotifications,
       TUserNotificationsInsert,

backend/src/db/migrations/20260414000001_add-gateway-pools.ts

@@ -0,0 +1,60 @@
+import { Knex } from "knex";
+
+import { TableName } from "../schemas";
+import { createOnUpdateTrigger, dropOnUpdateTrigger } from "../utils";
+
+export async function up(knex: Knex): Promise<void> {
+  // Create gateway_pools table
+  if (!(await knex.schema.hasTable(TableName.GatewayPool))) {
+    await knex.schema.createTable(TableName.GatewayPool, (t) => {
+      t.uuid("id", { primaryKey: true }).defaultTo(knex.fn.uuid());
+      t.uuid("orgId").notNullable();
+      t.foreign("orgId").references("id").inTable(TableName.Organization).onDelete("CASCADE");
+      t.string("name", 32).notNullable();
+      t.timestamps(true, true, true);
+      t.unique(["orgId", "name"]);
+    });
+
+    await createOnUpdateTrigger(knex, TableName.GatewayPool);
+  }
+
+  // Create gateway_pool_memberships join table
+  if (!(await knex.schema.hasTable(TableName.GatewayPoolMembership))) {
+    await knex.schema.createTable(TableName.GatewayPoolMembership, (t) => {
+      t.uuid("id", { primaryKey: true }).defaultTo(knex.fn.uuid());
+      t.uuid("gatewayPoolId").notNullable();
+      t.foreign("gatewayPoolId").references("id").inTable(TableName.GatewayPool).onDelete("CASCADE");
+      t.uuid("gatewayId").notNullable();
+      t.foreign("gatewayId").references("id").inTable(TableName.GatewayV2).onDelete("CASCADE");
+      t.timestamps(true, true, true);
+      t.unique(["gatewayPoolId", "gatewayId"]);
+    });
+
+    await createOnUpdateTrigger(knex, TableName.GatewayPoolMembership);
+  }
+
+  // Add gatewayPoolId to identity_kubernetes_auths
+  const hasGatewayPoolId = await knex.schema.hasColumn(TableName.IdentityKubernetesAuth, "gatewayPoolId");
+  if (!hasGatewayPoolId) {
+    await knex.schema.alterTable(TableName.IdentityKubernetesAuth, (t) => {
+      t.uuid("gatewayPoolId").nullable();
+      t.foreign("gatewayPoolId").references("id").inTable(TableName.GatewayPool).onDelete("SET NULL");
+    });
+  }
+}
+
+export async function down(knex: Knex): Promise<void> {
+  // Remove gatewayPoolId from identity_kubernetes_auths
+  const hasGatewayPoolId = await knex.schema.hasColumn(TableName.IdentityKubernetesAuth, "gatewayPoolId");
+  if (hasGatewayPoolId) {
+    await knex.schema.alterTable(TableName.IdentityKubernetesAuth, (t) => {
+      t.dropColumn("gatewayPoolId");
+    });
+  }
+
+  await dropOnUpdateTrigger(knex, TableName.GatewayPoolMembership);
+  await knex.schema.dropTableIfExists(TableName.GatewayPoolMembership);
+
+  await dropOnUpdateTrigger(knex, TableName.GatewayPool);
+  await knex.schema.dropTableIfExists(TableName.GatewayPool);
+}

backend/src/db/schemas/gateway-pool-memberships.ts

@@ -0,0 +1,22 @@
+// Code generated by automation script, DO NOT EDIT.
+// Automated by pulling database and generating zod schema
+// To update. Just run npm run generate:schema
+// Written by akhilmhdh.
+
+import { z } from "zod";
+
+import { TImmutableDBKeys } from "./models";
+
+export const GatewayPoolMembershipsSchema = z.object({
+  id: z.string().uuid(),
+  gatewayPoolId: z.string().uuid(),
+  gatewayId: z.string().uuid(),
+  createdAt: z.date(),
+  updatedAt: z.date()
+});
+
+export type TGatewayPoolMemberships = z.infer<typeof GatewayPoolMembershipsSchema>;
+export type TGatewayPoolMembershipsInsert = Omit<z.input<typeof GatewayPoolMembershipsSchema>, TImmutableDBKeys>;
+export type TGatewayPoolMembershipsUpdate = Partial<
+  Omit<z.input<typeof GatewayPoolMembershipsSchema>, TImmutableDBKeys>
+>;

backend/src/db/schemas/gateway-pools.ts

@@ -0,0 +1,20 @@
+// Code generated by automation script, DO NOT EDIT.
+// Automated by pulling database and generating zod schema
+// To update. Just run npm run generate:schema
+// Written by akhilmhdh.
+
+import { z } from "zod";
+
+import { TImmutableDBKeys } from "./models";
+
+export const GatewayPoolsSchema = z.object({
+  id: z.string().uuid(),
+  orgId: z.string().uuid(),
+  name: z.string(),
+  createdAt: z.date(),
+  updatedAt: z.date()
+});
+
+export type TGatewayPools = z.infer<typeof GatewayPoolsSchema>;
+export type TGatewayPoolsInsert = Omit<z.input<typeof GatewayPoolsSchema>, TImmutableDBKeys>;
+export type TGatewayPoolsUpdate = Partial<Omit<z.input<typeof GatewayPoolsSchema>, TImmutableDBKeys>>;

backend/src/db/schemas/identity-kubernetes-auths.ts

@@ -33,7 +33,8 @@ export const IdentityKubernetesAuthsSchema = z.object({
   gatewayId: z.string().uuid().nullable().optional(),
   accessTokenPeriod: z.coerce.number().default(0),
   tokenReviewMode: z.string().default("api"),
-  gatewayV2Id: z.string().uuid().nullable().optional()
+  gatewayV2Id: z.string().uuid().nullable().optional(),
+  gatewayPoolId: z.string().uuid().nullable().optional()
 });
 
 export type TIdentityKubernetesAuths = z.infer<typeof IdentityKubernetesAuthsSchema>;

backend/src/db/schemas/index.ts

@@ -54,6 +54,8 @@ export * from "./folder-commits";
 export * from "./folder-tree-checkpoint-resources";
 export * from "./folder-tree-checkpoints";
 export * from "./gateway-enrollment-tokens";
+export * from "./gateway-pool-memberships";
+export * from "./gateway-pools";
 export * from "./gateways";
 export * from "./gateways-v2";
 export * from "./git-app-install-sessions";

backend/src/db/schemas/models.ts

@@ -221,6 +221,8 @@ export enum TableName {
   Relay = "relays",
   GatewayV2 = "gateways_v2",
   GatewayEnrollmentTokens = "gateway_enrollment_tokens",
+  GatewayPool = "gateway_pools",
+  GatewayPoolMembership = "gateway_pool_memberships",
 
   KeyValueStore = "key_value_store",