blob: 9ce034b0065e637f22af17c9dc1b655ea713d457 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
# frozen_string_literal: true
class EncryptStaticObjectsExternalStorageAuthToken < Gitlab::Database::Migration[1.0]
class ApplicationSetting < ActiveRecord::Base
self.table_name = 'application_settings'
scope :encrypted_token_is_null, -> { where(static_objects_external_storage_auth_token_encrypted: nil) }
scope :encrypted_token_is_not_null, -> { where.not(static_objects_external_storage_auth_token_encrypted: nil) }
scope :plaintext_token_is_not_null, -> { where.not(static_objects_external_storage_auth_token: nil) }
end
def up
ApplicationSetting.reset_column_information
ApplicationSetting.encrypted_token_is_null.plaintext_token_is_not_null.find_each do |application_setting|
token_encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(application_setting.static_objects_external_storage_auth_token)
application_setting.update!(static_objects_external_storage_auth_token_encrypted: token_encrypted)
end
end
def down
ApplicationSetting.reset_column_information
ApplicationSetting.encrypted_token_is_not_null.find_each do |application_setting|
token = Gitlab::CryptoHelper.aes256_gcm_decrypt(application_setting.static_objects_external_storage_auth_token_encrypted)
application_setting.update!(static_objects_external_storage_auth_token: token, static_objects_external_storage_auth_token_encrypted: nil)
end
end
end
|