summaryrefslogtreecommitdiff
path: root/db/migrate/20201008013434_generate_ci_jwt_signing_key.rb
diff options
context:
space:
mode:
Diffstat (limited to 'db/migrate/20201008013434_generate_ci_jwt_signing_key.rb')
-rw-r--r--db/migrate/20201008013434_generate_ci_jwt_signing_key.rb32
1 files changed, 32 insertions, 0 deletions
diff --git a/db/migrate/20201008013434_generate_ci_jwt_signing_key.rb b/db/migrate/20201008013434_generate_ci_jwt_signing_key.rb
new file mode 100644
index 00000000000..7983a56f439
--- /dev/null
+++ b/db/migrate/20201008013434_generate_ci_jwt_signing_key.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class GenerateCiJwtSigningKey < ActiveRecord::Migration[6.0]
+ DOWNTIME = false
+
+ class ApplicationSetting < ActiveRecord::Base
+ self.table_name = 'application_settings'
+
+ attr_encrypted :ci_jwt_signing_key, {
+ mode: :per_attribute_iv,
+ key: Rails.application.secrets.db_key_base[0..31],
+ algorithm: 'aes-256-gcm',
+ encode: true
+ }
+ end
+
+ def up
+ ApplicationSetting.reset_column_information
+
+ ApplicationSetting.find_each do |application_setting|
+ application_setting.update(ci_jwt_signing_key: OpenSSL::PKey::RSA.new(2048).to_pem)
+ end
+ end
+
+ def down
+ ApplicationSetting.reset_column_information
+
+ ApplicationSetting.find_each do |application_setting|
+ application_setting.update_columns(encrypted_ci_jwt_signing_key: nil, encrypted_ci_jwt_signing_key_iv: nil)
+ end
+ end
+end
View Lorry Controller Status