upstream/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2026-05-18 10:09:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
forgejo/models
History
Gusted 0c11e9a43a feat: use keying for task secrets (#9923) 
- Follow up of forgejo/forgejo!5041, forgejo/forgejo!6074, forgejo/forgejo!8692
- The `task` table contains three secrets: clone address (with credentials), auth password and auth token. These secrets are stored for migrating repositories (also the only usage of this table, although it allows for more usages).
- Use `keying` to safely store these secrets and bound them to the table, column, row id and JSON field name.
- The migration isn't spectacular but does closely follow what we learned in the previous two migrations: use a transaction and delete records when you can't decrypt them. We also learned about `db.Iterate` not being happy when updating records but it has since been fixed.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/9923
Reviewed-by: Mathieu Fenniak <mfenniak@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-11-03 13:42:32 +01:00
..
actions perf: update concurrency group query to be index-capable for status (#9943) 2025-11-03 00:01:51 +01:00
activities fix: prevent user-entered text with | characters from being truncated in activity feed (#8844) 2025-08-10 19:48:46 +02:00
admin feat: use keying for task secrets (#9923) 2025-11-03 13:42:32 +01:00
asymkey feat(build): improve lint-locale-usage further (#8736) 2025-08-27 23:47:34 +02:00
auth feat: add foreign keys to forgejo_auth_token (#9886) 2025-10-29 01:09:06 +01:00
avatars chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
db feat: add foreign keys to table pull_request (#9832) 2025-10-24 18:02:14 +02:00
dbfs Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
fixtures fix: reduce deadlocks merging PRs by using caching for repo issue count stats (#9922) 2025-10-31 23:50:05 +01:00
forgefed Federated user activity following: Isolated model changes (#8078) 2025-06-21 12:02:58 +02:00
forgejo/semver Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
forgejo_migrations feat: use keying for task secrets (#9923) 2025-11-03 13:42:32 +01:00
forgejo_migrations_legacy fix: strict error handling on corrupted DB migration tracking tables (#9773) 2025-10-20 18:03:30 +02:00
git feat: always publish the link to the commit status (#8177) 2025-06-13 12:41:34 +02:00
gitea_migrations feat: use keying for task secrets (#9923) 2025-11-03 13:42:32 +01:00
issues fix: reduce deadlocks merging PRs w/ async milestone stat recalcs (#9916) 2025-10-31 15:53:45 +01:00
moderation feat(build): improve lint-locale-usage further (#8736) 2025-08-27 23:47:34 +02:00
organization fix(ui): wrong org dashboard links when switching dashboard context (#8688) 2025-08-07 14:32:55 +02:00
packages fix: replace limit/offset pagination in debian SearchPackages (#9892) 2025-10-29 09:57:55 +01:00
perm feat: add foreign keys to the access table (#9557) 2025-10-14 05:39:47 +02:00
project feat(build): improve lint-locale-usage further (#8736) 2025-08-27 23:47:34 +02:00
pull fix: do not ignore automerge while a PR is checking for conflicts (#8189) 2025-06-17 10:58:07 +02:00
quota fix: quotas double counting repo size when calculating size:all (#9234) 2025-09-11 16:30:04 +02:00
repo fix: prevent deadlocks updating repo.num_action_runs/num_closed_action_runs (#9927) 2025-11-02 22:24:56 +01:00
secret feat: migrate action secrets to keying to store them more securely (#8692) 2025-07-29 01:03:36 +02:00
shared/types chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
system Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
unit feat(build): add support for the base.Messenger, $.locale.Tr, Form structs to lint-locale-usage (#9095) 2025-09-30 03:25:45 +02:00
unittest fix: reduce deadlocks merging PRs by using caching for repo issue count stats (#9922) 2025-10-31 23:50:05 +01:00
user fix: GLOBAL_TWO_FACTOR_REQUIREMENT=all prevents actions/checkout from cloning repositories (#9764) 2025-10-20 16:41:28 +02:00
webhook Actions Failure, Succes, Recover Webhooks (#7508) 2025-06-03 14:29:19 +02:00
error.go fix: don't allow credentials in migrate/push mirror URL 2025-08-30 08:07:23 +02:00
main_test.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
org.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
org_team.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
org_team_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
org_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
repo.go fix: reduce deadlocks merging PRs by using caching for repo issue count stats (#9922) 2025-10-31 23:50:05 +01:00
repo_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00
repo_transfer.go chore: branding import path (#7337) 2025-03-27 19:40:14 +00:00
repo_transfer_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v2 (forgejo) (#7367) 2025-03-28 22:22:21 +00:00