Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
64c23778
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
64c23778
编写于
11月 21, 2018
作者:
G
Grzegorz Bizon
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add migratable models for runners tokens migration
上级
3578eb45
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
120 addition
and
6 deletion
+120
-6
lib/gitlab/background_migration/encrypt_columns.rb
lib/gitlab/background_migration/encrypt_columns.rb
+6
-4
lib/gitlab/background_migration/models/encrypt_columns/namespace.rb
.../background_migration/models/encrypt_columns/namespace.rb
+28
-0
lib/gitlab/background_migration/models/encrypt_columns/project.rb
...ab/background_migration/models/encrypt_columns/project.rb
+28
-0
lib/gitlab/background_migration/models/encrypt_columns/runner.rb
...lab/background_migration/models/encrypt_columns/runner.rb
+28
-0
lib/gitlab/background_migration/models/encrypt_columns/settings.rb
...b/background_migration/models/encrypt_columns/settings.rb
+28
-0
lib/gitlab/background_migration/models/encrypt_columns/web_hook.rb
...b/background_migration/models/encrypt_columns/web_hook.rb
+2
-2
未找到文件。
lib/gitlab/background_migration/encrypt_columns.rb
浏览文件 @
64c23778
...
...
@@ -5,15 +5,17 @@ module Gitlab
# EncryptColumn migrates data from an unencrypted column - `foo`, say - to
# an encrypted column - `encrypted_foo`, say.
#
# To avoid depending on a particular version of the model in app/, add a
# model to `lib/gitlab/background_migration/models/encrypt_columns` and use
# it in the migration that enqueues the jobs, so code can be shared.
#
# For this background migration to work, the table that is migrated _has_ to
# have an `id` column as the primary key. Additionally, the encrypted column
# should be managed by attr_encrypted, and map to an attribute with the same
# name as the unencrypted column (i.e., the unencrypted column should be
# shadowed).
# shadowed), unless you want to define specific methods / accessors in the
# temporary model in `/models/encrypt_columns/your_model.rb`.
#
# To avoid depending on a particular version of the model in app/, add a
# model to `lib/gitlab/background_migration/models/encrypt_columns` and use
# it in the migration that enqueues the jobs, so code can be shared.
class
EncryptColumns
def
perform
(
model
,
attributes
,
from
,
to
)
model
=
model
.
constantize
if
model
.
is_a?
(
String
)
...
...
lib/gitlab/background_migration/models/encrypt_columns/namespace.rb
0 → 100644
浏览文件 @
64c23778
# frozen_string_literal: true
module
Gitlab
module
BackgroundMigration
module
Models
module
EncryptColumns
# This model is shared between synchronous and background migrations to
# encrypt the `runners_token` column in `namespaces` table.
#
class
Namespace
<
ActiveRecord
::
Base
include
::
EachBatch
self
.
table_name
=
'namespaces'
self
.
inheritance_column
=
:_type_disabled
def
runners_token
=
(
value
)
self
.
runners_token_encrypted
=
::
Gitlab
::
CryptoHelper
.
aes256_gcm_encrypt
(
value
)
end
def
self
.
encrypted_attributes
{
runners_token:
{
attribute: :runners_token_encrypted
}
}
end
end
end
end
end
end
lib/gitlab/background_migration/models/encrypt_columns/project.rb
0 → 100644
浏览文件 @
64c23778
# frozen_string_literal: true
module
Gitlab
module
BackgroundMigration
module
Models
module
EncryptColumns
# This model is shared between synchronous and background migrations to
# encrypt the `runners_token` column in `projects` table.
#
class
Project
<
ActiveRecord
::
Base
include
::
EachBatch
self
.
table_name
=
'projects'
self
.
inheritance_column
=
:_type_disabled
def
runners_token
=
(
value
)
self
.
runners_token_encrypted
=
::
Gitlab
::
CryptoHelper
.
aes256_gcm_encrypt
(
value
)
end
def
self
.
encrypted_attributes
{
runners_token:
{
attribute: :runners_token_encrypted
}
}
end
end
end
end
end
end
lib/gitlab/background_migration/models/encrypt_columns/runner.rb
0 → 100644
浏览文件 @
64c23778
# frozen_string_literal: true
module
Gitlab
module
BackgroundMigration
module
Models
module
EncryptColumns
# This model is shared between synchronous and background migrations to
# encrypt the `token` column in `ci_runners` table.
#
class
Runner
<
ActiveRecord
::
Base
include
::
EachBatch
self
.
table_name
=
'ci_runners'
self
.
inheritance_column
=
:_type_disabled
def
runners_token
=
(
value
)
self
.
token_encrypted
=
::
Gitlab
::
CryptoHelper
.
aes256_gcm_encrypt
(
value
)
end
def
self
.
encrypted_attributes
{
token:
{
attribute: :token_encrypted
}
}
end
end
end
end
end
end
lib/gitlab/background_migration/models/encrypt_columns/settings.rb
0 → 100644
浏览文件 @
64c23778
# frozen_string_literal: true
module
Gitlab
module
BackgroundMigration
module
Models
module
EncryptColumns
# This model is shared between synchronous and background migrations to
# encrypt the `runners_token` column in `application_settings` table.
#
class
Settings
<
ActiveRecord
::
Base
include
::
EachBatch
self
.
table_name
=
'application_settings'
self
.
inheritance_column
=
:_type_disabled
def
runners_token
=
(
value
)
self
.
runners_token_encrypted
=
::
Gitlab
::
CryptoHelper
.
aes256_gcm_encrypt
(
value
)
end
def
self
.
encrypted_attributes
{
runners_token:
{
attribute: :runners_token_encrypted
}
}
end
end
end
end
end
end
lib/gitlab/background_migration/models/encrypt_columns/web_hook.rb
浏览文件 @
64c23778
...
...
@@ -15,12 +15,12 @@ module Gitlab
attr_encrypted
:token
,
mode: :per_attribute_iv
,
algorithm:
'aes-256-gcm'
,
key:
Settings
.
attr_encrypted_db_key_base_truncated
key:
::
Settings
.
attr_encrypted_db_key_base_truncated
attr_encrypted
:url
,
mode: :per_attribute_iv
,
algorithm:
'aes-256-gcm'
,
key:
Settings
.
attr_encrypted_db_key_base_truncated
key:
::
Settings
.
attr_encrypted_db_key_base_truncated
end
end
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录