source.dussan.org Git - gitea.git/commit

author	Norwin <noerw@users.noreply.github.com>
	Mon, 31 May 2021 08:25:47 +0000 (08:25 +0000)
committer	GitHub <noreply@github.com>
	Mon, 31 May 2021 08:25:47 +0000 (04:25 -0400)
commit	cb940c4312981893fdb54cbd0e07520546776b34
tree	69ade3dd15712647ba04186008d3ffab203edf49	tree \| snapshot
parent	256b1a35615487f27878422f877f25be3f066f54	commit \| diff

Encrypt migration credentials at rest (#15895)

* encrypt migration credentials in task persistence

Not sure this is the best approach, we could encrypt the entire
`PayloadContent` instead. Also instead of clearing individual fields in
payload content, we could just delete the task once it has
(successfully) finished..?

* remove credentials of past migrations

* only run DB migration for completed tasks

* fix binding

* add omitempty

* never serialize unencrypted credentials

* fix import order

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

RSS Atom

models/migrations/migrations.go		diff \| blob \| history
models/migrations/v180.go	[new file with mode: 0644]	blob
models/task.go		diff \| blob \| history
modules/migrations/base/options.go		diff \| blob \| history
modules/task/task.go		diff \| blob \| history