diff options
| author | Norwin <noerw@users.noreply.github.com> | 2021-05-31 08:25:47 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-31 04:25:47 -0400 |
| commit | cb940c4312981893fdb54cbd0e07520546776b34 (patch) | |
| tree | 69ade3dd15712647ba04186008d3ffab203edf49 /models/migrations/migrations.go | |
| parent | 256b1a35615487f27878422f877f25be3f066f54 (diff) | |
| download | gitea-cb940c4312981893fdb54cbd0e07520546776b34.tar.gz gitea-cb940c4312981893fdb54cbd0e07520546776b34.zip | |
Encrypt migration credentials at rest (#15895)
* encrypt migration credentials in task persistence
Not sure this is the best approach, we could encrypt the entire
`PayloadContent` instead. Also instead of clearing individual fields in
payload content, we could just delete the task once it has
(successfully) finished..?
* remove credentials of past migrations
* only run DB migration for completed tasks
* fix binding
* add omitempty
* never serialize unencrypted credentials
* fix import order
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Diffstat (limited to 'models/migrations/migrations.go')
| -rw-r--r-- | models/migrations/migrations.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go index c54c383fb8..d440722c96 100644 --- a/models/migrations/migrations.go +++ b/models/migrations/migrations.go @@ -309,6 +309,8 @@ var migrations = []Migration{ NewMigration("Add LFS columns to Mirror", addLFSMirrorColumns), // v179 -> v180 NewMigration("Convert avatar url to text", convertAvatarURLToText), + // v180 -> v181 + NewMigration("Delete credentials from past migrations", deleteMigrationCredentials), } // GetCurrentDBVersion returns the current db version |