forked from oracle-devrel/oracle-autonomous-database-samples
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathoci_object_storage_agent_install.sql
More file actions
4657 lines (4211 loc) · 189 KB
/
oci_object_storage_agent_install.sql
File metadata and controls
4657 lines (4211 loc) · 189 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
-- Copyright (c) 2025 Oracle and/or its affiliates.
-- Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
--
-- Installer script for OCI Object Storage AI tools (Select AI Agent / Oracle AI Database)
--
-- Purpose:
-- Install a consolidated PL/SQL package and AI Agent tool registrations
-- to automate OCI Object Storage operations via Select AI Agent (Oracle AI Database).
--
-- Script Structure
-- 1) Initialization: grants, configuration setup.
-- 2) Package deployment: &&INSTALL_SCHEMA.oci_object_storage_agents (spec and body).
-- 3) AI tool setup: creation of all Object Storage agent tools.
--
-- Usage:
-- sqlplus admin@db @oci_object_storage_agent_install.sql <INSTALL_SCHEMA> [CONFIG_JSON]
-- Minimal:
-- sqlplus admin@db @oci_object_storage_agent_install.sql <INSTALL_SCHEMA>
--
-- Notes:
-- - Optional CONFIG_JSON keys:
-- * credential_name (string)
-- * compartment_ocid (string)
-- - You may also update config in OCI_AGENT_CONFIG after install.
--
SET SERVEROUTPUT ON
SET VERIFY OFF
-- First argument: Schema Name (Required)
DEFINE INSTALL_SCHEMA = '<schema_name>'
-- Second argument: JSON config (optional)
-- DEFINE INSTALL_CONFIG_JSON = q'({"credential_name": "MY_CRED", "compartment_name": "MY_COMP"})'
DEFINE INSTALL_CONFIG_JSON = NULL
-------------------------------------------------------------------------------
-- Initializes the OCI Object Storage AI Agent. This procedure:
-- • Grants all required DBMS_CLOUD_OCI Object Storage type privileges.
-- • Creates the OCI_AGENT_CONFIG table.
-- • Parses the JSON config and persists credential, compartment.
-- Ensures the Object Storage agent is fully ready for tool execution.
-------------------------------------------------------------------------------
CREATE OR REPLACE PROCEDURE initilize_object_storage_agent(
p_install_schema_name IN VARCHAR2,
p_config_json IN CLOB
)
IS
-- local vars
l_use_rp BOOLEAN := NULL;
l_credential_name VARCHAR2(4000) := NULL;
l_compartment_ocid VARCHAR2(4000) := NULL;
l_compartment_name VARCHAR2(4000) := NULL;
l_schema_name VARCHAR2(128);
c_obs_agent CONSTANT VARCHAR2(64) := 'OCI_OBJECT_STORAGE';
TYPE priv_list_t IS VARRAY(300) OF VARCHAR2(4000);
l_priv_list CONSTANT priv_list_t := priv_list_t(
'DBMS_CLOUD',
'DBMS_CLOUD_ADMIN',
'DBMS_CLOUD_AI_AGENT',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_OBJECTS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_OBJECT_VERSIONS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_LIST_OBJECTS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_OBJECT_SUMMARY_TBL',
-- Head/Get/Put object likely types (best-effort)
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_OBJECT_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_PUT_OBJECT_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_HEAD_OBJECT_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_HEAD_BUCKET_RESPONSE_T',
-- Buckets
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_BUCKET_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_BUCKETS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_CREATE_BUCKET_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_DELETE_BUCKET_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_UPDATE_BUCKET_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_UPDATE_BUCKET_DETAILS_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_MAKE_BUCKET_WRITABLE_RESPONSE_T',
-- Namespace and metadata
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_NAMESPACE_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_UPDATE_NAMESPACE_METADATA_RESPONSE_T',
-- Lifecycle policy
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_PUT_OBJECT_LIFECYCLE_POLICY_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_OBJECT_LIFECYCLE_RULE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_OBJECT_LIFECYCLE_RULE_TBL',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_PUT_OBJECT_LIFECYCLE_POLICY_DETAILS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_OBJECT_NAME_FILTER_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_VARCHAR2_TBL',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_DELETE_OBJECT_LIFECYCLE_POLICY_RESPONSE_T',
-- Multipart upload
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_CREATE_MULTIPART_UPLOAD_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_UPLOAD_PART_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_MULTIPART_UPLOADS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_MULTIPART_UPLOAD_PARTS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_MULTIPART_UPLOAD_PART_SUMMARY_TBL',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_COMMIT_MULTIPART_UPLOAD_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_ABORT_MULTIPART_UPLOAD_RESPONSE_T',
-- PARs
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_CREATE_PREAUTHENTICATED_REQUEST_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_PREAUTHENTICATED_REQUEST_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_PREAUTHENTICATED_REQUESTS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_DELETE_PREAUTHENTICATED_REQUEST_RESPONSE_T',
-- Replication
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_CREATE_REPLICATION_POLICY_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_REPLICATION_POLICY_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_REPLICATION_POLICIES_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_DELETE_REPLICATION_POLICY_RESPONSE_T',
-- Retention
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_CREATE_RETENTION_RULE_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_RETENTION_RULE_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_RETENTION_RULES_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_UPDATE_RETENTION_RULE_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_DELETE_RETENTION_RULE_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_RETENTION_RULE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_RETENTION_RULE_COLLECTION_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_DURATION_T',
-- Work requests
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_WORK_REQUEST_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_WORK_REQUESTS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_WORK_REQUEST_ERRORS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_WORK_REQUEST_LOGS_RESPONSE_T',
-- Rename
'DBMS_CLOUD_OCI_OBJECT_STORAGE_RENAME_OBJECT_DETAILS_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_RENAME_OBJECT_RESPONSE_T',
-- Reencrypt
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_REENCRYPT_BUCKET_RESPONSE_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_REENCRYPT_OBJECT_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_REENCRYPT_OBJECT_DETAILS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_SSE_CUSTOMER_KEY_DETAILS_T',
-- Restore
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_RESTORE_OBJECTS_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_RESTORE_OBJECTS_DETAILS_T',
-- Replication sources/policies details
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_REPLICATION_SOURCES_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_REPLICATION_SOURCE_TBL',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_REPLICATION_POLICY_SUMMARY_TBL',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_REPLICATION_POLICY_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_UPDATE_NAMESPACE_METADATA_DETAILS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_UPDATE_RETENTION_RULE_DETAILS_T',
-- Additional types for remaining imported functions
'DBMS_CLOUD_OCI_OBJECT_STORAGE_CREATE_BUCKET_DETAILS_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_COPY_OBJECT_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_COPY_OBJECT_DETAILS_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_DELETE_OBJECT_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_CREATE_MULTIPART_UPLOAD_DETAILS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_COMMIT_MULTIPART_UPLOAD_PART_DETAILS_TBL',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_COMMIT_MULTIPART_UPLOAD_DETAILS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_NUMBER_TBL',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_VARCHAR2_TBL',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_CREATE_PREAUTHENTICATED_REQUEST_DETAILS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_CREATE_REPLICATION_POLICY_DETAILS_T',
'DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_CANCEL_WORK_REQUEST_RESPONSE_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_CREATE_RETENTION_RULE_DETAILS_T',
'DBMS_CLOUD_OCI_OBJECT_STORAGE_PREAUTHENTICATED_REQUEST_SUMMARY_T'
);
----------------------------------------------------------------------------
-- Helper: grant execute on list of objects
----------------------------------------------------------------------------
PROCEDURE execute_grants(p_schema IN VARCHAR2, p_objects IN priv_list_t) IS
BEGIN
EXECUTE IMMEDIATE 'GRANT SELECT ON SYS.V_$PDBS TO ' || p_schema;
FOR i IN 1 .. p_objects.COUNT LOOP
BEGIN
EXECUTE IMMEDIATE 'GRANT EXECUTE ON ' || p_objects(i) || ' TO ' || p_schema;
EXCEPTION WHEN OTHERS THEN
DBMS_OUTPUT.PUT_LINE('Warning: failed to grant ' || p_objects(i) ||
' to ' || p_schema || ' - ' || SQLERRM);
END;
END LOOP;
END execute_grants;
----------------------------------------------------------------------------
-- get_config: returns parsed values via OUT params (no globals modified)
----------------------------------------------------------------------------
PROCEDURE get_config(
p_config_json IN CLOB,
o_use_rp OUT BOOLEAN,
o_credential_name OUT VARCHAR2,
o_compartment_name OUT VARCHAR2,
o_compartment_ocid OUT VARCHAR2
) IS
l_cfg JSON_OBJECT_T := NULL;
BEGIN
-- initialize outs to NULL for deterministic behavior
o_use_rp := NULL;
o_credential_name := NULL;
o_compartment_name := NULL;
o_compartment_ocid := NULL;
IF p_config_json IS NOT NULL AND TRIM(p_config_json) IS NOT NULL THEN
BEGIN
l_cfg := JSON_OBJECT_T.parse(p_config_json);
IF l_cfg.has('use_resource_principal') THEN
o_use_rp := l_cfg.get_boolean('use_resource_principal');
END IF;
IF l_cfg.has('credential_name') THEN
o_credential_name := l_cfg.get_string('credential_name');
END IF;
IF l_cfg.has('compartment_name') THEN
o_compartment_name := l_cfg.get_string('compartment_name');
END IF;
IF l_cfg.has('compartment_ocid') THEN
o_compartment_ocid := l_cfg.get_string('compartment_ocid');
END IF;
EXCEPTION
WHEN OTHERS THEN
DBMS_OUTPUT.PUT_LINE('Config JSON parse failed: ' || SQLERRM);
o_use_rp := NULL;
o_credential_name := NULL;
o_compartment_name := NULL;
o_compartment_ocid := NULL;
END;
ELSE
DBMS_OUTPUT.PUT_LINE('No config JSON provided, using defaults.');
END IF;
END get_config;
----------------------------------------------------------------------------
-- Helper: generic MERGE for a single config key/value (schema-qualified)
----------------------------------------------------------------------------
PROCEDURE merge_config_key(
p_schema IN VARCHAR2,
p_key IN VARCHAR2,
p_val IN CLOB,
p_agent IN VARCHAR2
) IS
l_sql CLOB;
BEGIN
l_sql :=
'MERGE INTO ' || p_schema || '.OCI_AGENT_CONFIG c
USING (SELECT :k AS "KEY", :v AS "VALUE", :a AS "AGENT" FROM DUAL) src
ON (c."KEY" = src."KEY" AND c."AGENT" = src."AGENT")
WHEN MATCHED THEN
UPDATE SET c."VALUE" = src."VALUE"
WHEN NOT MATCHED THEN
INSERT ("KEY", "VALUE", "AGENT") VALUES (src."KEY", src."VALUE", src."AGENT")';
EXECUTE IMMEDIATE l_sql
USING p_key, p_val, p_agent;
EXCEPTION
WHEN OTHERS THEN
DBMS_OUTPUT.PUT_LINE('Warning: failed to persist ' || p_key || ' config: ' || SQLERRM);
END merge_config_key;
----------------------------------------------------------------------------
-- Combined helper: Apply config and insert into config table
----------------------------------------------------------------------------
PROCEDURE apply_config(
p_schema IN VARCHAR2,
p_use_rp IN BOOLEAN,
p_credential_name IN VARCHAR2,
p_compartment_name IN VARCHAR2,
p_compartment_ocid IN VARCHAR2
) IS
l_effective_use_rp BOOLEAN;
l_enable_rp_str VARCHAR2(3);
BEGIN
IF p_use_rp IS NULL THEN
l_effective_use_rp := TRUE; -- default YES
ELSE
l_effective_use_rp := p_use_rp;
END IF;
IF p_credential_name IS NOT NULL THEN
merge_config_key(p_schema, 'CREDENTIAL_NAME', p_credential_name, c_obs_agent);
END IF;
IF p_compartment_name IS NOT NULL THEN
merge_config_key(p_schema, 'COMPARTMENT_NAME', p_compartment_name, c_obs_agent);
END IF;
l_enable_rp_str := CASE WHEN l_effective_use_rp THEN 'YES' ELSE 'NO' END;
merge_config_key(p_schema, 'ENABLE_RESOURCE_PRINCIPAL', l_enable_rp_str, c_obs_agent);
IF l_effective_use_rp THEN
BEGIN
DBMS_CLOUD_ADMIN.ENABLE_RESOURCE_PRINCIPAL(USERNAME => p_schema);
DBMS_OUTPUT.PUT_LINE('Resource principal enabled for ' || p_schema);
EXCEPTION
WHEN OTHERS THEN
DBMS_OUTPUT.PUT_LINE('Failed to enable resource principal for ' || p_schema || ' - ' || SQLERRM);
END;
ELSE
DBMS_OUTPUT.PUT_LINE(
'Resource principal NOT enabled per config. Using credential: '
|| NVL(p_credential_name, '<not provided>')
);
END IF;
END apply_config;
BEGIN
l_schema_name := DBMS_ASSERT.SIMPLE_SQL_NAME(p_install_schema_name);
-- Grants
execute_grants(l_schema_name, l_priv_list);
-- Parse config JSON
get_config(
p_config_json => p_config_json,
o_use_rp => l_use_rp,
o_credential_name => l_credential_name,
o_compartment_name => l_compartment_name,
o_compartment_ocid => l_compartment_ocid
);
-- Config table (idempotent) in target schema
BEGIN
EXECUTE IMMEDIATE
'CREATE TABLE ' || l_schema_name || '.OCI_AGENT_CONFIG (
"ID" NUMBER GENERATED BY DEFAULT AS IDENTITY,
"KEY" VARCHAR2(200) NOT NULL,
"VALUE" CLOB,
"AGENT" VARCHAR2(128) NOT NULL,
CONSTRAINT OCI_AGENT_CONFIG_PK PRIMARY KEY ("ID"),
CONSTRAINT OCI_AGENT_CONFIG_UK UNIQUE ("KEY","AGENT")
)';
EXCEPTION
WHEN OTHERS THEN
IF SQLCODE = -955 THEN
NULL; -- already exists
ELSE
RAISE;
END IF;
END;
-- Persist config (into <schema>.OCI_AGENT_CONFIG)
apply_config(
p_schema => l_schema_name,
p_use_rp => l_use_rp,
p_credential_name => l_credential_name,
p_compartment_name => l_compartment_name,
p_compartment_ocid => l_compartment_ocid
);
DBMS_OUTPUT.PUT_LINE('initilize_object_storage_agent completed for schema ' || l_schema_name);
EXCEPTION
WHEN OTHERS THEN
DBMS_OUTPUT.PUT_LINE('Fatal error in initilize_object_storage_agent: ' || SQLERRM);
RAISE;
END initilize_object_storage_agent;
/
-------------------------------------------------------------------------------
-- Run the setup for the Object Storage AI agent.
-- This call applies all grants, creates the config table in the target schema,
-- and stores the runtime settings from the JSON config.
-------------------------------------------------------------------------------
BEGIN
initilize_object_storage_agent(
p_install_schema_name => '&&INSTALL_SCHEMA',
p_config_json => &&INSTALL_CONFIG_JSON
);
END;
/
alter session set current_schema = &&INSTALL_SCHEMA;
------------------------------------------------------------------------
-- Package specification
------------------------------------------------------------------------
CREATE OR REPLACE PACKAGE oci_object_storage_agents
AS
/*
Package: oci_object_storage_agents
Purpose: collection of PL/SQL helper functions for OCI Object Storage operations
*/
FUNCTION list_objects(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION get_object(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2
) RETURN CLOB;
FUNCTION list_buckets(
region IN VARCHAR2
) RETURN CLOB;
FUNCTION put_object(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
content IN CLOB,
content_type IN VARCHAR2
) RETURN CLOB;
FUNCTION get_bucket(
bucket_name IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION head_bucket(
bucket_name IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION head_object(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2
) RETURN CLOB;
FUNCTION list_object_versions(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION list_multipart_uploads(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION list_multipart_upload_parts(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
upload_id IN VARCHAR2
) RETURN CLOB;
FUNCTION update_bucket(
bucket_name IN VARCHAR2,
display_name IN VARCHAR2,
region IN VARCHAR2,
versioning IN VARCHAR2,
public_access_type IN VARCHAR2,
object_events_enabled IN NUMBER
) RETURN CLOB;
FUNCTION make_bucket_writable(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION put_object_lifecycle_policy(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
action IN VARCHAR2,
time_amount IN NUMBER,
time_unit IN VARCHAR2,
rule_name IN VARCHAR2 DEFAULT 'demo-rule'
) RETURN CLOB;
FUNCTION list_retention_rules(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION get_retention_rule(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
retention_rule_id IN VARCHAR2
) RETURN CLOB;
FUNCTION list_preauthenticated_requests(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION list_replication_policies(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION get_replication_policy(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
replication_id IN VARCHAR2
) RETURN CLOB;
FUNCTION list_replication_sources(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION reencrypt_bucket(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION reencrypt_object(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
kms_key_id IN VARCHAR2
) RETURN CLOB;
FUNCTION rename_object(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
source_object IN VARCHAR2,
new_object IN VARCHAR2
) RETURN CLOB;
FUNCTION restore_objects(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
hours IN NUMBER DEFAULT 24,
version_id IN VARCHAR2 DEFAULT NULL
) RETURN CLOB;
FUNCTION upload_part(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
upload_id IN VARCHAR2,
upload_part_num IN NUMBER,
upload_part_body IN BLOB,
content_length IN NUMBER
) RETURN CLOB;
FUNCTION update_namespace_metadata(
region IN VARCHAR2
) RETURN CLOB;
FUNCTION update_retention_rule(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
rule_id IN VARCHAR2,
new_display_name IN VARCHAR2,
duration_amount IN NUMBER,
time_unit IN VARCHAR2
) RETURN CLOB;
FUNCTION list_work_requests(
region IN VARCHAR2
) RETURN CLOB;
FUNCTION list_work_request_errors(
work_request_id IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION list_work_request_logs(
work_request_id IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION get_work_request(
work_request_id IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION create_bucket(
bucket_name IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION delete_bucket(
bucket_name IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION delete_object(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2
) RETURN CLOB;
FUNCTION copy_object(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
source_object_name IN VARCHAR2,
destination_region IN VARCHAR2,
destination_bucket_name IN VARCHAR2,
destination_object_name IN VARCHAR2
) RETURN CLOB;
FUNCTION create_multipart_upload(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
content_type IN VARCHAR2 DEFAULT NULL
) RETURN CLOB;
FUNCTION commit_multipart_upload(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
upload_id IN VARCHAR2,
part_num_arr IN DBMS_CLOUD_OCI_OBJECT_STORAGE_NUMBER_TBL,
etag_arr IN DBMS_CLOUD_OCI_OBJECT_STORAGE_VARCHAR2_TBL
) RETURN CLOB;
FUNCTION abort_multipart_upload(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
object_name IN VARCHAR2,
upload_id IN VARCHAR2
) RETURN CLOB;
FUNCTION create_preauthenticated_request(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
name IN VARCHAR2,
object_name IN VARCHAR2,
access_type IN VARCHAR2,
listing_action IN VARCHAR2 DEFAULT 'Deny',
time_expires IN TIMESTAMP WITH TIME ZONE
) RETURN CLOB;
FUNCTION get_preauthenticated_request(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
par_id IN VARCHAR2
) RETURN CLOB;
FUNCTION delete_preauthenticated_request(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
par_id IN VARCHAR2
) RETURN CLOB;
FUNCTION create_replication_policy(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
destination_region_name IN VARCHAR2,
destination_bucket_name IN VARCHAR2,
policy_name IN VARCHAR2
) RETURN CLOB;
FUNCTION delete_replication_policy(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
replication_id IN VARCHAR2
) RETURN CLOB;
FUNCTION create_retention_rule(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
display_name IN VARCHAR2,
duration_amount IN NUMBER,
time_unit IN VARCHAR2
) RETURN CLOB;
FUNCTION delete_retention_rule(
region IN VARCHAR2,
bucket_name IN VARCHAR2,
retention_rule_id IN VARCHAR2
) RETURN CLOB;
FUNCTION delete_object_lifecycle_policy(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB;
FUNCTION cancel_work_request(
work_request_id IN VARCHAR2,
region IN VARCHAR2
) RETURN CLOB;
FUNCTION get_namespace(
region IN VARCHAR2
) RETURN CLOB;
END oci_object_storage_agents;
/
------------------------------------------------------------------------
-- Package body
------------------------------------------------------------------------
CREATE OR REPLACE PACKAGE BODY oci_object_storage_agents
AS
-- Helper function to get configuration parameters
FUNCTION get_agent_config(
schema_name IN VARCHAR2,
table_name IN VARCHAR2,
agent_name IN VARCHAR2
) RETURN CLOB
IS
l_sql VARCHAR2(4000);
l_cursor SYS_REFCURSOR;
l_config_json JSON_OBJECT_T := JSON_OBJECT_T();
l_key VARCHAR2(200);
l_value CLOB;
l_result_json JSON_OBJECT_T := JSON_OBJECT_T();
BEGIN
l_sql := 'SELECT "KEY", "VALUE" FROM ' || schema_name || '.' || table_name ||
' WHERE "AGENT" = :agent';
OPEN l_cursor FOR l_sql USING agent_name;
LOOP
FETCH l_cursor INTO l_key, l_value;
EXIT WHEN l_cursor%NOTFOUND;
l_config_json.put(l_key, l_value);
END LOOP;
CLOSE l_cursor;
l_result_json.put('status', 'success');
l_result_json.put('config_params', l_config_json);
RETURN l_result_json.to_clob();
EXCEPTION
WHEN OTHERS THEN
l_result_json := JSON_OBJECT_T();
l_result_json.put('status', 'error');
l_result_json.put('message', 'Error: ' || SQLERRM);
RETURN l_result_json.to_clob();
END get_agent_config;
-- Helper: gets the list of compartments
FUNCTION list_compartments(credential_name VARCHAR2)
RETURN CLOB
IS
l_response CLOB;
l_endpoint VARCHAR2(1000);
l_result_json JSON_OBJECT_T := JSON_OBJECT_T();
l_compartments JSON_ARRAY_T := JSON_ARRAY_T();
l_comp_data JSON_ARRAY_T;
l_comp_obj JSON_OBJECT_T;
l_name VARCHAR2(200);
l_ocid VARCHAR2(200);
l_description VARCHAR2(500);
l_lifecycle_state VARCHAR2(50);
l_time_created VARCHAR2(100);
tenancy_id VARCHAR2(128);
l_region VARCHAR2(128);
BEGIN
SELECT
JSON_VALUE(cloud_identity, '$.TENANT_OCID') AS tenant_ocid,
JSON_VALUE(cloud_identity, '$.REGION') AS region
into tenancy_id,l_region
FROM v$pdbs;
-- Construct endpoint to list compartments in tenancy
l_endpoint := 'https://identity.'||l_region||'.oci.oraclecloud.com/20160918/compartments?compartmentId='
|| tenancy_id ;
BEGIN
-- Call OCI REST API
l_response := DBMS_CLOUD.get_response_text(
DBMS_CLOUD.send_request(
credential_name => credential_name,
uri => l_endpoint,
method => DBMS_CLOUD.METHOD_GET
)
);
-- Parse response JSON as array
l_comp_data := JSON_ARRAY_T.parse(l_response);
IF l_comp_data.get_size() > 0 THEN
FOR i IN 0 .. l_comp_data.get_size() - 1 LOOP
l_comp_obj := JSON_OBJECT_T(l_comp_data.get(i));
l_name := l_comp_obj.get_string('name');
l_ocid := l_comp_obj.get_string('id');
l_description := l_comp_obj.get_string('description');
l_lifecycle_state := l_comp_obj.get_string('lifecycleState');
l_time_created := l_comp_obj.get_string('timeCreated');
IF l_name in ('COMP_STABLE','COMP_PUBLIC') then
IF l_name = 'COMP_STABLE' THEN
l_name := 'COMP_AI_AGENT';
ELSE
l_name := 'COMP_DB';
END IF;
l_compartments.append(
JSON_OBJECT(
'name' VALUE l_name,
'id' VALUE l_ocid,
'description' VALUE l_description,
'lifecycle_state' VALUE l_lifecycle_state,
'time_created' VALUE l_time_created
)
);
END IF;
END LOOP;
l_result_json.put('status', 'success');
l_result_json.put('message', 'Successfully retrieved compartments');
l_result_json.put('total_compartments', l_compartments.get_size());
l_result_json.put('compartments', l_compartments);
ELSE
l_result_json.put('status', 'error');
l_result_json.put('message', 'No compartments found in response');
END IF;
EXCEPTION
WHEN OTHERS THEN
l_result_json.put('status', 'error');
l_result_json.put('message', 'Failed to retrieve compartments: ' || SQLERRM);
l_result_json.put('endpoint_used', l_endpoint);
END;
RETURN l_result_json.to_clob();
END list_compartments;
-- Helper: gets the compartment ocid with the given compatment name
FUNCTION get_compartment_ocid_by_name(
compartment_name IN VARCHAR2
) RETURN CLOB
IS
l_comp_json_clob CLOB;
l_result_json JSON_OBJECT_T := JSON_OBJECT_T();
l_compartments JSON_ARRAY_T;
l_compartment_str VARCHAR2(32767);
l_comp_obj JSON_OBJECT_T;
l_ocid VARCHAR2(200);
found BOOLEAN := FALSE;
l_compartment_name VARCHAR2(256);
credential_name VARCHAR2(256);
l_current_user VARCHAR2(128):= SYS_CONTEXT('USERENV','CURRENT_USER');
l_cfg_json CLOB;
l_cfg JSON_OBJECT_T;
l_params JSON_OBJECT_T;
BEGIN
l_cfg_json := get_agent_config(l_current_user,'OCI_AGENT_CONFIG','OCI_OBJECT_STORAGE');
l_cfg := JSON_OBJECT_T.parse(l_cfg_json);
IF l_cfg.get_string('status')='success' THEN
l_params := l_cfg.get_object('config_params');
credential_name := l_params.get_string('CREDENTIAL_NAME');
END IF;
-- Call existing list_compartments function
l_comp_json_clob := list_compartments(credential_name);
-- Parse returned JSON object
l_result_json := JSON_OBJECT_T.parse(l_comp_json_clob);
IF l_result_json.get('status').to_string() = '"success"' THEN
-- Get compartments array (array of JSON strings)
l_compartments := l_result_json.get_array('compartments');
FOR i IN 0 .. l_compartments.get_size() - 1 LOOP
-- Each element is a JSON string, parse it to JSON object
l_compartment_str := l_compartments.get_string(i);
l_comp_obj := JSON_OBJECT_T.parse(l_compartment_str);
IF l_comp_obj.get_string('name') = compartment_name THEN
l_ocid := l_comp_obj.get_string('id');
found := TRUE;
EXIT;
END IF;
END LOOP;
IF found THEN
l_result_json := JSON_OBJECT_T();
l_result_json.put('status', 'success');
l_result_json.put('compartment_name', compartment_name);
l_result_json.put('compartment_ocid', l_ocid);
ELSE
l_result_json := JSON_OBJECT_T();
l_result_json.put('status', 'error');
l_result_json.put('message', 'Compartment "' || compartment_name || '" not found');
END IF;
ELSE
-- Forward error from list_compartments
RETURN l_comp_json_clob;
END IF;
RETURN l_result_json.to_clob();
EXCEPTION
WHEN OTHERS THEN
l_result_json := JSON_OBJECT_T();
l_result_json.put('status', 'error');
l_result_json.put('message', 'Unexpected error: ' || SQLERRM);
RETURN l_result_json.to_clob();
END get_compartment_ocid_by_name;
----------------------------------------------------------------------
-- get_namespace: Retrieve namespace metadata
----------------------------------------------------------------------
FUNCTION get_namespace(
region IN VARCHAR2
) RETURN CLOB
AS
l_resp DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_GET_NAMESPACE_RESPONSE_T;
result_json JSON_OBJECT_T := JSON_OBJECT_T();
l_current_user VARCHAR2(128):= SYS_CONTEXT('USERENV','CURRENT_USER');
l_cfg_json CLOB;
l_cfg JSON_OBJECT_T;
l_params JSON_OBJECT_T;
credential_name VARCHAR2(256);
compartment_name VARCHAR2(256);
compartment_id VARCHAR2(256);
l_json CLOB;
l_obj JSON_OBJECT_T;
BEGIN
l_cfg_json := get_agent_config(l_current_user,'OCI_AGENT_CONFIG','OCI_OBJECT_STORAGE');
l_cfg := JSON_OBJECT_T.parse(l_cfg_json);
IF l_cfg.get_string('status')='success' THEN
l_params := l_cfg.get_object('config_params');
credential_name := l_params.get_string('CREDENTIAL_NAME');
compartment_name := l_params.get_string('COMPARTMENT_NAME');
END IF;
l_json := get_compartment_ocid_by_name(compartment_name => compartment_name);
l_obj := JSON_OBJECT_T.parse(l_json);
IF l_obj.has('compartment_ocid') THEN
compartment_id := l_obj.get_string('compartment_ocid');
END IF;
l_resp := DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE.GET_NAMESPACE(
opc_client_request_id => NULL,
compartment_id => compartment_id,
region => region,
endpoint => NULL,
credential_name => credential_name
);
result_json.put('namespace', TRIM(BOTH CHR(34) FROM l_resp.response_body));
result_json.put('region', region);
result_json.put('compartment_id', compartment_id);
result_json.put('status_code', l_resp.status_code);
IF l_resp.headers IS NOT NULL AND l_resp.headers.has('opc-request-id') THEN
result_json.put('opc_request_id', l_resp.headers.get_string('opc-request-id'));
END IF;
RETURN result_json.to_clob();
EXCEPTION WHEN OTHERS THEN
result_json := JSON_OBJECT_T(); result_json.put('status','error'); result_json.put('message', SQLERRM);
result_json.put('region', region); RETURN result_json.to_clob();
END get_namespace;
-- Helper: resolve metadata (namespace and compartment_id) using local get_namespace
PROCEDURE resolve_metadata(
region IN VARCHAR2,
namespace OUT VARCHAR2,
compartment_id OUT VARCHAR2
)
IS
l_json CLOB;
l_obj JSON_OBJECT_T;
l_ns VARCHAR2(256);
l_com_id VARCHAR2(256);
BEGIN
l_json := get_namespace(region => region);
l_obj := JSON_OBJECT_T.parse(l_json);
IF l_obj.has('namespace') THEN
l_ns := l_obj.get_string('namespace');
END IF;
IF l_obj.has('compartment_id') THEN
l_com_id := l_obj.get_string('compartment_id');
END IF;
namespace := l_ns;
compartment_id := l_com_id;
EXCEPTION
WHEN OTHERS THEN
NULL;
END resolve_metadata;
----------------------------------------------------------------------
-- list_objects: List all objects in a bucket (uses namespace lookup API)
----------------------------------------------------------------------
FUNCTION list_objects(
region IN VARCHAR2,
bucket_name IN VARCHAR2
) RETURN CLOB
AS
l_resp DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE_LIST_OBJECTS_RESPONSE_T;
l_objs DBMS_CLOUD_OCI_OBJECT_STORAGE_LIST_OBJECTS_T;
l_items DBMS_CLOUD_OCI_OBJECT_STORAGE_OBJECT_SUMMARY_TBL;
result_json JSON_OBJECT_T := JSON_OBJECT_T();
objects_arr JSON_ARRAY_T := JSON_ARRAY_T();
l_current_user VARCHAR2(128):= SYS_CONTEXT('USERENV', 'CURRENT_USER');
l_cfg_json CLOB;
l_cfg JSON_OBJECT_T;
l_params JSON_OBJECT_T;
credential_name VARCHAR2(256);
namespace VARCHAR2(256);
compartment_id VARCHAR2(256);
BEGIN
-- Load credential from config
l_cfg_json := get_agent_config(l_current_user, 'OCI_AGENT_CONFIG', 'OCI_OBJECT_STORAGE');
l_cfg := JSON_OBJECT_T.parse(l_cfg_json);
IF l_cfg.get_string('status') = 'success' THEN
l_params := l_cfg.get_object('config_params');
credential_name := l_params.get_string('CREDENTIAL_NAME');
END IF;
resolve_metadata(region => region, namespace => namespace, compartment_id => compartment_id);
-- Call LIST_OBJECTS API
l_resp := DBMS_CLOUD_OCI_OBS_OBJECT_STORAGE.LIST_OBJECTS(
namespace_name => namespace,
bucket_name => bucket_name,
region => region,
credential_name => credential_name
);
l_objs := l_resp.response_body;
l_items := l_objs.objects;