chore!: Introduce ZITADEL v3 (#9645)

This PR summarizes multiple changes specifically only available with
ZITADEL v3:

- feat: Web Keys management
(https://github.com/zitadel/zitadel/pull/9526)
- fix(cmd): ensure proper working of mirror
(https://github.com/zitadel/zitadel/pull/9509)
- feat(Authz): system user support for permission check v2
(https://github.com/zitadel/zitadel/pull/9640)
- chore(license): change from Apache to AGPL
(https://github.com/zitadel/zitadel/pull/9597)
- feat(console): list v2 sessions
(https://github.com/zitadel/zitadel/pull/9539)
- fix(console): add loginV2 feature flag
(https://github.com/zitadel/zitadel/pull/9682)
- fix(feature flags): allow reading "own" flags
(https://github.com/zitadel/zitadel/pull/9649)
- feat(console): add Actions V2 UI
(https://github.com/zitadel/zitadel/pull/9591)

BREAKING CHANGE
- feat(webkey): migrate to v2beta API
(https://github.com/zitadel/zitadel/pull/9445)
- chore!: remove CockroachDB Support
(https://github.com/zitadel/zitadel/pull/9444)
- feat(actions): migrate to v2beta API
(https://github.com/zitadel/zitadel/pull/9489)

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
Co-authored-by: Silvan <27845747+adlerhurst@users.noreply.github.com>
Co-authored-by: Ramon <mail@conblem.me>
Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Kenta Yamaguchi <56732734+KEY60228@users.noreply.github.com>
Co-authored-by: Harsha Reddy <harsha.reddy@klaviyo.com>
Co-authored-by: Livio Spring <livio@zitadel.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Iraq <66622793+kkrime@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Max Peintner <peintnerm@gmail.com>

internal/api/grpc/action/v2beta/execution.go

@@ -0,0 +1,143 @@
+package action
+
+import (
+	"context"
+
+	"google.golang.org/protobuf/types/known/timestamppb"
+
+	"github.com/zitadel/zitadel/internal/api/authz"
+	"github.com/zitadel/zitadel/internal/command"
+	"github.com/zitadel/zitadel/internal/domain"
+	"github.com/zitadel/zitadel/internal/repository/execution"
+	"github.com/zitadel/zitadel/internal/zerrors"
+	action "github.com/zitadel/zitadel/pkg/grpc/action/v2beta"
+)
+
+func (s *Server) SetExecution(ctx context.Context, req *action.SetExecutionRequest) (*action.SetExecutionResponse, error) {
+	if err := checkActionsEnabled(ctx); err != nil {
+		return nil, err
+	}
+	reqTargets := req.GetTargets()
+	targets := make([]*execution.Target, len(reqTargets))
+	for i, target := range reqTargets {
+		switch t := target.GetType().(type) {
+		case *action.ExecutionTargetType_Include:
+			include, err := conditionToInclude(t.Include)
+			if err != nil {
+				return nil, err
+			}
+			targets[i] = &execution.Target{Type: domain.ExecutionTargetTypeInclude, Target: include}
+		case *action.ExecutionTargetType_Target:
+			targets[i] = &execution.Target{Type: domain.ExecutionTargetTypeTarget, Target: t.Target}
+		}
+	}
+	set := &command.SetExecution{
+		Targets: targets,
+	}
+	var err error
+	var details *domain.ObjectDetails
+	instanceID := authz.GetInstance(ctx).InstanceID()
+	switch t := req.GetCondition().GetConditionType().(type) {
+	case *action.Condition_Request:
+		cond := executionConditionFromRequest(t.Request)
+		details, err = s.command.SetExecutionRequest(ctx, cond, set, instanceID)
+	case *action.Condition_Response:
+		cond := executionConditionFromResponse(t.Response)
+		details, err = s.command.SetExecutionResponse(ctx, cond, set, instanceID)
+	case *action.Condition_Event:
+		cond := executionConditionFromEvent(t.Event)
+		details, err = s.command.SetExecutionEvent(ctx, cond, set, instanceID)
+	case *action.Condition_Function:
+		details, err = s.command.SetExecutionFunction(ctx, command.ExecutionFunctionCondition(t.Function.GetName()), set, instanceID)
+	default:
+		err = zerrors.ThrowInvalidArgument(nil, "ACTION-5r5Ju", "Errors.Execution.ConditionInvalid")
+	}
+	if err != nil {
+		return nil, err
+	}
+	return &action.SetExecutionResponse{
+		SetDate: timestamppb.New(details.EventDate),
+	}, nil
+}
+
+func conditionToInclude(cond *action.Condition) (string, error) {
+	switch t := cond.GetConditionType().(type) {
+	case *action.Condition_Request:
+		cond := executionConditionFromRequest(t.Request)
+		if err := cond.IsValid(); err != nil {
+			return "", err
+		}
+		return cond.ID(domain.ExecutionTypeRequest), nil
+	case *action.Condition_Response:
+		cond := executionConditionFromResponse(t.Response)
+		if err := cond.IsValid(); err != nil {
+			return "", err
+		}
+		return cond.ID(domain.ExecutionTypeRequest), nil
+	case *action.Condition_Event:
+		cond := executionConditionFromEvent(t.Event)
+		if err := cond.IsValid(); err != nil {
+			return "", err
+		}
+		return cond.ID(), nil
+	case *action.Condition_Function:
+		cond := command.ExecutionFunctionCondition(t.Function.GetName())
+		if err := cond.IsValid(); err != nil {
+			return "", err
+		}
+		return cond.ID(), nil
+	default:
+		return "", zerrors.ThrowInvalidArgument(nil, "ACTION-9BBob", "Errors.Execution.ConditionInvalid")
+	}
+}
+
+func (s *Server) ListExecutionFunctions(ctx context.Context, _ *action.ListExecutionFunctionsRequest) (*action.ListExecutionFunctionsResponse, error) {
+	if err := checkActionsEnabled(ctx); err != nil {
+		return nil, err
+	}
+	return &action.ListExecutionFunctionsResponse{
+		Functions: s.ListActionFunctions(),
+	}, nil
+}
+
+func (s *Server) ListExecutionMethods(ctx context.Context, _ *action.ListExecutionMethodsRequest) (*action.ListExecutionMethodsResponse, error) {
+	if err := checkActionsEnabled(ctx); err != nil {
+		return nil, err
+	}
+	return &action.ListExecutionMethodsResponse{
+		Methods: s.ListGRPCMethods(),
+	}, nil
+}
+
+func (s *Server) ListExecutionServices(ctx context.Context, _ *action.ListExecutionServicesRequest) (*action.ListExecutionServicesResponse, error) {
+	if err := checkActionsEnabled(ctx); err != nil {
+		return nil, err
+	}
+	return &action.ListExecutionServicesResponse{
+		Services: s.ListGRPCServices(),
+	}, nil
+}
+
+func executionConditionFromRequest(request *action.RequestExecution) *command.ExecutionAPICondition {
+	return &command.ExecutionAPICondition{
+		Method:  request.GetMethod(),
+		Service: request.GetService(),
+		All:     request.GetAll(),
+	}
+}
+
+func executionConditionFromResponse(response *action.ResponseExecution) *command.ExecutionAPICondition {
+	return &command.ExecutionAPICondition{
+		Method:  response.GetMethod(),
+		Service: response.GetService(),
+		All:     response.GetAll(),
+	}
+}
+
+func executionConditionFromEvent(event *action.EventExecution) *command.ExecutionEventCondition {
+	return &command.ExecutionEventCondition{
+		Event: event.GetEvent(),
+		Group: event.GetGroup(),
+		All:   event.GetAll(),
+	}
+}