feat(eventstore): increase parallel write capabilities (#5940)

This implementation increases parallel write capabilities of the eventstore.
Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and  [06](https://zitadel.com/docs/support/advisory/a10006).
The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`.
If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.

internal/command/org_domain_test.go

@@ -15,7 +15,6 @@ import (
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/eventstore"
-	"github.com/zitadel/zitadel/internal/eventstore/repository"
 	"github.com/zitadel/zitadel/internal/eventstore/v1/models"
 	"github.com/zitadel/zitadel/internal/id"
 	id_mock "github.com/zitadel/zitadel/internal/id/mock"
@@ -366,12 +365,10 @@ func TestCommandSide_AddOrgDomain(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainAddedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-							)),
-						},
+						org.NewDomainAddedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+						),
 					),
 				),
 			},
@@ -572,19 +569,17 @@ func TestCommandSide_GenerateOrgDomainValidation(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainVerificationAddedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-								domain.OrgDomainValidationTypeDNS,
-								&crypto.CryptoValue{
-									CryptoType: crypto.TypeEncryption,
-									Algorithm:  "enc",
-									KeyID:      "id",
-									Crypted:    []byte("a"),
-								},
-							)),
-						},
+						org.NewDomainVerificationAddedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+							domain.OrgDomainValidationTypeDNS,
+							&crypto.CryptoValue{
+								CryptoType: crypto.TypeEncryption,
+								Algorithm:  "enc",
+								KeyID:      "id",
+								Crypted:    []byte("a"),
+							},
+						),
 					),
 				),
 				secretGenerator: GetMockSecretGenerator(t),
@@ -624,19 +619,17 @@ func TestCommandSide_GenerateOrgDomainValidation(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainVerificationAddedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-								domain.OrgDomainValidationTypeHTTP,
-								&crypto.CryptoValue{
-									CryptoType: crypto.TypeEncryption,
-									Algorithm:  "enc",
-									KeyID:      "id",
-									Crypted:    []byte("a"),
-								},
-							)),
-						},
+						org.NewDomainVerificationAddedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+							domain.OrgDomainValidationTypeHTTP,
+							&crypto.CryptoValue{
+								CryptoType: crypto.TypeEncryption,
+								Algorithm:  "enc",
+								KeyID:      "id",
+								Crypted:    []byte("a"),
+							},
+						),
 					),
 				),
 				secretGenerator: GetMockSecretGenerator(t),
@@ -875,12 +868,10 @@ func TestCommandSide_ValidateOrgDomain(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainVerificationFailedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-							)),
-						},
+						org.NewDomainVerificationFailedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+						),
 					),
 				),
 				alg:                  crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
@@ -933,13 +924,10 @@ func TestCommandSide_ValidateOrgDomain(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainVerifiedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-							)),
-						},
-						uniqueConstraintsFromEventConstraint(org.NewAddOrgDomainUniqueConstraint("domain.ch")),
+						org.NewDomainVerifiedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+						),
 					),
 				),
 				alg:                  crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
@@ -995,13 +983,10 @@ func TestCommandSide_ValidateOrgDomain(t *testing.T) {
 					),
 					expectFilter(),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainVerifiedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-							)),
-						},
-						uniqueConstraintsFromEventConstraint(org.NewAddOrgDomainUniqueConstraint("domain.ch")),
+						org.NewDomainVerifiedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+						),
 					),
 				),
 				alg:                  crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
@@ -1078,21 +1063,16 @@ func TestCommandSide_ValidateOrgDomain(t *testing.T) {
 								&org.NewAggregate("org2").Aggregate,
 								false, false, false))),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainVerifiedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-							)),
-							eventFromEventPusher(user.NewDomainClaimedEvent(context.Background(),
-								&user.NewAggregate("user1", "org2").Aggregate,
-								"tempid@temporary.zitadel.ch",
-								"username@domain.ch",
-								false,
-							)),
-						},
-						uniqueConstraintsFromEventConstraint(org.NewAddOrgDomainUniqueConstraint("domain.ch")),
-						uniqueConstraintsFromEventConstraint(user.NewRemoveUsernameUniqueConstraint("username@domain.ch", "org2", false)),
-						uniqueConstraintsFromEventConstraint(user.NewAddUsernameUniqueConstraint("tempid@temporary.zitadel.ch", "org2", false)),
+						org.NewDomainVerifiedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+						),
+						user.NewDomainClaimedEvent(context.Background(),
+							&user.NewAggregate("user1", "org2").Aggregate,
+							"tempid@temporary.zitadel.ch",
+							"username@domain.ch",
+							false,
+						),
 					),
 				),
 				alg:                  crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
@@ -1283,12 +1263,10 @@ func TestCommandSide_SetPrimaryDomain(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainPrimarySetEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch",
-							)),
-						},
+						org.NewDomainPrimarySetEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch",
+						),
 					),
 				),
 			},
@@ -1476,12 +1454,10 @@ func TestCommandSide_RemoveOrgDomain(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainRemovedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch", false,
-							)),
-						},
+						org.NewDomainRemovedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch", false,
+						),
 					),
 				),
 			},
@@ -1526,13 +1502,10 @@ func TestCommandSide_RemoveOrgDomain(t *testing.T) {
 						),
 					),
 					expectPush(
-						[]*repository.Event{
-							eventFromEventPusher(org.NewDomainRemovedEvent(context.Background(),
-								&org.NewAggregate("org1").Aggregate,
-								"domain.ch", true,
-							)),
-						},
-						uniqueConstraintsFromEventConstraint(org.NewRemoveOrgDomainUniqueConstraint("domain.ch")),
+						org.NewDomainRemovedEvent(context.Background(),
+							&org.NewAggregate("org1").Aggregate,
+							"domain.ch", true,
+						),
 					),
 				),
 			},