luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-06-20 16:10:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Encrypt migration credentials at rest (#15895)

Browse source 
* encrypt migration credentials in task persistence

Not sure this is the best approach, we could encrypt the entire
`PayloadContent` instead. Also instead of clearing individual fields in
payload content, we could just delete the task once it has
(successfully) finished..?

* remove credentials of past migrations

* only run DB migration for completed tasks

* fix binding

* add omitempty

* never serialize unencrypted credentials

* fix import order

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
Norwin 2021-05-31 08:25:47 +00:00 committed by GitHub
parent 256b1a3561
commit cb940c4312
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 145 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
models/migrations/migrations.go
View file

@ -309,6 +309,8 @@ var migrations = []Migration{
NewMigration("Add LFS columns to Mirror", addLFSMirrorColumns),
// v179 -> v180
NewMigration("Convert avatar url to text", convertAvatarURLToText),
// v180 -> v181
NewMigration("Delete credentials from past migrations", deleteMigrationCredentials),
}
// GetCurrentDBVersion returns the current db version