Ensure that unencrypted fields during a encryption key rotation are not modified #3215
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
johha
force-pushed
the
#3196-db-key-rotation-updated-at
branch
2 times, most recently
from
33761a7 to
21390dd
Compare
philippthun
approved these changes
Mar 9, 2023
spec/unit/lib/cloud_controller/errands/rotate_database_key_spec.rb
Outdated
Show resolved
Hide resolved
spec/unit/lib/cloud_controller/errands/rotate_database_key_spec.rb
Outdated
Show resolved
Hide resolved
johha
force-pushed
the
#3196-db-key-rotation-updated-at
branch
from
21390dd to
46994e3
Compare
This prevents that the `updated_at` timestamp is updated during a ccdb encryption key rotation. It should be only updated if the metadata of the resource changes See cloudfoundry#3196 Co-authored-by: Philipp Thun <[email protected]>
Fields `encrypted_environment_variables` and `salt` of the droplet model have been removed long time ago (see commit d591e30) However the columns still exists and can be safely removed by now
There have been cases where the field `syslog_drain_url` of `ManagedServiceInstance` was changed from valid URL to nil during a ccdb encryption key rotation. This change ensures that only modified columns/rows will be saved during a rotation. Tests for all models with encrypted fields check that unencrypted fields will not be modified. Co-authored-by: Philipp Thun <[email protected]>
johha
force-pushed
the
#3196-db-key-rotation-updated-at
branch
from
46994e3 to
57a54c6
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
During a ccdb encryption key rotation unencrypted fields incl. field
updated_atshould not be modified.We've seen cases where
updated_at&syslog_drain_urlhave been modified during rotation. See #3196These changes ensure that only modified fields are updated during a rotation.
While writing the tests we noticed that the droplet table contains the columns
encrypted_environment_variablesandsaltwhich are no longer referenced in the droplet model. Thus, it should be save to remove those columns.References:
I have reviewed the contributing guide
I have viewed, signed, and submitted the Contributor License Agreement
I have made this pull request to the
mainbranchI have run all the unit tests using
bundle exec rakeI have run CF Acceptance Tests