2021-01-29 00:20:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class GenerateCiJwtSigningKey < ActiveRecord::Migration[6.0]
|
|
|
|
DOWNTIME = false
|
|
|
|
|
|
|
|
class ApplicationSetting < ActiveRecord::Base
|
|
|
|
self.table_name = 'application_settings'
|
|
|
|
|
|
|
|
attr_encrypted :ci_jwt_signing_key, {
|
|
|
|
mode: :per_attribute_iv,
|
2021-06-08 01:23:25 +05:30
|
|
|
key: Gitlab::Utils.ensure_utf8_size(Rails.application.secrets.db_key_base, bytes: 32.bytes),
|
2021-01-29 00:20:46 +05:30
|
|
|
algorithm: 'aes-256-gcm',
|
|
|
|
encode: true
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
def up
|
|
|
|
ApplicationSetting.reset_column_information
|
|
|
|
|
|
|
|
ApplicationSetting.find_each do |application_setting|
|
|
|
|
application_setting.update(ci_jwt_signing_key: OpenSSL::PKey::RSA.new(2048).to_pem)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def down
|
|
|
|
ApplicationSetting.reset_column_information
|
|
|
|
|
|
|
|
ApplicationSetting.find_each do |application_setting|
|
|
|
|
application_setting.update_columns(encrypted_ci_jwt_signing_key: nil, encrypted_ci_jwt_signing_key_iv: nil)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|