The source project of this merge request has been removed.
Encrypt webhook tokens and URLs in the database
What does this MR do?
Introduces the following database columns
web_hooks.encrypted_token
web_hooks.encrypted_token_iv
web_hooks.encrypted_url
web_hooks.encrypted_url_iv
These shadow the web_hooks.token
and web_hooks.url
columns.
attr_encrypted
is used to store new webhook tokens and URLs encrypted in the database.
Unencrypted token
and url
values whenever a webhook updates.
I still need to figure out how to migrate the existing data proactively in a background migration.
I think we'll need an %11.5 follow-up to remove the fall-back-to-unencrypted-fields logic, and the unencrypted columns itself. Need to investigate that in some more detail.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
Tests added for this feature/bug -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides
Closes #51021
Edited by Nick Thomas