Skip to content

Commit 607fa97

Browse files
authored
Merge pull request #4 from codedmonkey/encryption
Encrypted database values
2 parents ed76e94 + bfc5b02 commit 607fa97

30 files changed

+934
-7
lines changed

.github/workflows/tests.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,9 @@ jobs:
4949
- name: Install Composer dependencies
5050
run: composer install --ansi --no-interaction --no-progress
5151

52+
- name: Generate encryption keys
53+
run: bin/console encryption:generate-keys
54+
5255
- name: Validate mapping
5356
run: bin/console doctrine:schema:validate --skip-sync -vvv --ansi --no-interaction
5457

@@ -113,6 +116,9 @@ jobs:
113116
- name: Build assets
114117
run: npm run build
115118

119+
- name: Generate encryption keys
120+
run: bin/console encryption:generate-keys
121+
116122
- name: Create database schema
117123
run: bin/console doctrine:schema:create --env=test
118124

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
/config/dirigent.php
55
/config/dirigent.yaml
66
/config/dirigent.yml
7+
/config/encryption/
78
/config/packages/dirigent.yaml
89
/storage/
910

Dockerfile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,7 @@ RUN set -e; \
6161
php83-phar \
6262
php83-session \
6363
php83-simplexml \
64+
php83-sodium \
6465
php83-tokenizer \
6566
php83-xml \
6667
postgresql \

composer.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
"ext-ctype": "*",
1212
"ext-curl": "*",
1313
"ext-iconv": "*",
14+
"ext-sodium": "*",
1415
"cebe/markdown": "^1.2",
1516
"composer/composer": "^2.7",
1617
"doctrine/doctrine-bundle": "^2.11",

composer.lock

Lines changed: 3 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

config/packages/doctrine.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,9 @@ doctrine:
88

99
profiling_collect_backtrace: '%kernel.debug%'
1010
use_savepoints: true
11+
12+
types:
13+
encrypted_text: CodedMonkey\Dirigent\Doctrine\Type\EncryptedTextType
1114
orm:
1215
auto_generate_proxy_classes: true
1316
enable_lazy_ghost_objects: true

config/packages/doctrine_migrations.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,5 @@ doctrine_migrations:
44
# as migrations classes should NOT be autoloaded
55
'DoctrineMigrations': '%kernel.project_dir%/migrations'
66
enable_profiler: false
7+
services:
8+
'Doctrine\Migrations\Version\MigrationFactory': CodedMonkey\Dirigent\Doctrine\MigrationFactory

config/services.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,4 +31,5 @@ services:
3131
public: true
3232
arguments:
3333
-
34+
'encryption:generate-keys': '@CodedMonkey\Dirigent\Command\EncryptionGenerateKeysCommand'
3435
'packages:update': '@CodedMonkey\Dirigent\Command\PackagesUpdateCommand'

docker/config.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,13 @@ parameters:
22
kernel_secret: '%env(default:kernel_secret_file:KERNEL_SECRET)%'
33
kernel_secret_file: '%env(default::file:KERNEL_SECRET_FILE)%'
44

5+
dirigent:
6+
encryption:
7+
private_key: '%env(DECRYPTION_KEY)%'
8+
private_key_path: '%env(DECRYPTION_KEY_FILE)%'
9+
public_key: '%env(ENCRYPTION_KEY)%'
10+
public_key_path: '%env(ENCRYPTION_KEY_FILE)%'
11+
512
framework:
613
secret: '%kernel_secret%'
714

docker/env.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,10 @@
55
'DIRIGENT_IMAGE' => '1',
66
'SYMFONY_DOTENV_PATH' => './.env.dirigent',
77

8+
'DECRYPTION_KEY' => '',
9+
'DECRYPTION_KEY_FILE' => '/srv/config/secrets/decryption_key',
10+
'ENCRYPTION_KEY' => '',
11+
'ENCRYPTION_KEY_FILE' => '/srv/config/secrets/encryption_key',
812
'GITHUB_TOKEN' => '',
913
'KERNEL_SECRET_FILE' => '/srv/config/secrets/kernel_secret',
1014
'MAILER_DSN' => 'null://null',

0 commit comments

Comments
 (0)