• Alex Kalderimis's avatar
    Add Integration.encrypted_properties · 0ee6c61d
    Alex Kalderimis authored
    This adds new colums to represent the encrypted serialization
    of `Integration#properties`.
    
    This uses `attr_encrypted`, which adds two colums to the DB,
    `encrypted_properties` and `encrypted_properties_iv`.
    We use this widely for encryption, and it supports better practices such
    as custom initialization vectors per attribute.
    
    A migration is added to backfill integrations.encrypted_properties from
    properties. This encrypt integrations in batches.
    
    The new Integration model attribute is not used, and currently just
    mirrors the data in `properties`, with the primary difference that it is
    encrypted at rest.
    
    We change the `integration_hash` method to re-encrypt properties on
    bulk-insert, ensuring that the data remains resistant to rainbow table
    attacks.
    
    Changelog: security
    0ee6c61d
migrations_helpers.rb 4.67 KB