diff options
Diffstat (limited to 'db/migrate/20210305031822_create_dast_site_profile_variables.rb')
-rw-r--r-- | db/migrate/20210305031822_create_dast_site_profile_variables.rb | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/db/migrate/20210305031822_create_dast_site_profile_variables.rb b/db/migrate/20210305031822_create_dast_site_profile_variables.rb new file mode 100644 index 00000000000..f55755aa731 --- /dev/null +++ b/db/migrate/20210305031822_create_dast_site_profile_variables.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: true + +class CreateDastSiteProfileVariables < ActiveRecord::Migration[6.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + table_comment = { owner: 'group::dynamic analysis', description: 'Secret variables used in DAST on-demand scans' } + + encrypted_value_constraint_name = check_constraint_name(:dast_site_profile_secret_variables, 'encrypted_value', 'max_length') + encrypted_value_iv_constraint_name = check_constraint_name(:dast_site_profile_secret_variables, 'encrypted_value_iv', 'max_length') + + create_table_with_constraints :dast_site_profile_secret_variables, comment: table_comment.to_json do |t| + t.references :dast_site_profile, null: false, foreign_key: { on_delete: :cascade }, index: false + + t.timestamps_with_timezone + + t.integer :variable_type, null: false, default: 1, limit: 2 + + t.text :key, null: false + t.binary :encrypted_value, null: false + t.binary :encrypted_value_iv, null: false, unique: true + + t.index [:dast_site_profile_id, :key], unique: true, name: :index_site_profile_secret_variables_on_site_profile_id_and_key + + t.text_limit :key, 255 + + # This does not currently have first-class support via create_table_with_constraints + t.check_constraint encrypted_value_constraint_name, 'length(encrypted_value) <= 13352' + t.check_constraint encrypted_value_iv_constraint_name, 'length(encrypted_value_iv) <= 17' + end + end + + def down + drop_table :dast_site_profile_secret_variables + end +end |