2019-07-11 16:41:04 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class EncryptDeployTokensTokens < ActiveRecord::Migration[5.1]
|
|
|
|
DOWNTIME = false
|
|
|
|
|
|
|
|
class DeploymentTokens < ActiveRecord::Base
|
|
|
|
self.table_name = 'deploy_tokens'
|
|
|
|
end
|
|
|
|
|
|
|
|
def up
|
|
|
|
say_with_time("Encrypting tokens from deploy_tokens") do
|
2019-07-17 09:38:28 -04:00
|
|
|
DeploymentTokens.where('token_encrypted is NULL AND token IS NOT NULL').find_each(batch_size: 10000) do |deploy_token|
|
2021-02-01 19:09:14 -05:00
|
|
|
token_encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(deploy_token.token, nonce: Gitlab::CryptoHelper::AES256_GCM_IV_STATIC)
|
2019-07-11 16:41:04 -04:00
|
|
|
deploy_token.update!(token_encrypted: token_encrypted)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def down
|
|
|
|
say_with_time("Decrypting tokens from deploy_tokens") do
|
2019-07-17 09:38:28 -04:00
|
|
|
DeploymentTokens.where('token_encrypted IS NOT NULL AND token IS NULL').find_each(batch_size: 10000) do |deploy_token|
|
2019-07-11 16:41:04 -04:00
|
|
|
token = Gitlab::CryptoHelper.aes256_gcm_decrypt(deploy_token.token_encrypted)
|
|
|
|
deploy_token.update!(token: token)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|