gitlab-org--gitlab-foss/db/migrate/20201008013434_generate_ci_jwt_signing_key.rb

32 lines
871 B
Ruby

# frozen_string_literal: true
class GenerateCiJwtSigningKey < ActiveRecord::Migration[6.0]
DOWNTIME = false
class ApplicationSetting < ActiveRecord::Base
self.table_name = 'application_settings'
attr_encrypted :ci_jwt_signing_key, {
mode: :per_attribute_iv,
key: Rails.application.secrets.db_key_base[0..31],
algorithm: 'aes-256-gcm',
encode: true
}
end
def up
ApplicationSetting.reset_column_information
ApplicationSetting.find_each do |application_setting|
application_setting.update(ci_jwt_signing_key: OpenSSL::PKey::RSA.new(2048).to_pem)
end
end
def down
ApplicationSetting.reset_column_information
ApplicationSetting.find_each do |application_setting|
application_setting.update_columns(encrypted_ci_jwt_signing_key: nil, encrypted_ci_jwt_signing_key_iv: nil)
end
end
end