feat: rollback encrypted data

common-lib/go.mod

@@ -17,6 +17,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.79.4
 	github.com/aws/smithy-go v1.22.3
 	github.com/caarlos0/env v3.5.0+incompatible
+	github.com/devtron-labs/kubelink v0.0.0-20241003100859-1859c74af205
 	github.com/docker/docker v28.1.1+incompatible
 	github.com/gammazero/workerpool v1.1.3
 	github.com/go-pg/pg v6.15.1+incompatible
@@ -41,6 +42,7 @@ require (
 	k8s.io/api v0.33.0
 	k8s.io/apiextensions-apiserver v0.33.0
 	k8s.io/apimachinery v0.33.0
+	k8s.io/cli-runtime v0.33.0
 	k8s.io/client-go v0.33.0
 	k8s.io/kube-aggregator v0.33.0
 	k8s.io/kubectl v0.33.0
@@ -72,6 +74,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/sso v1.25.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.1 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.33.19 // indirect
+	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 // indirect
 	github.com/containerd/errdefs v1.0.0 // indirect
 	github.com/containerd/platforms v0.2.1 // indirect
@@ -80,22 +83,26 @@ require (
 	github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
 	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/go-errors/errors v1.4.2 // indirect
 	github.com/go-jose/go-jose/v4 v4.1.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/moby/docker-image-spec v1.3.1 // indirect
 	github.com/moby/sys/atomicwriter v0.1.0 // indirect
+	github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
-	github.com/onsi/ginkgo v1.16.5 // indirect
+	github.com/nxadm/tail v1.4.8 // indirect
 	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
 	github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
+	github.com/xlab/treeprint v1.2.0 // indirect
 	github.com/zeebo/errs v1.4.0 // indirect
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
 	go.opentelemetry.io/contrib/detectors/gcp v1.36.0 // indirect
@@ -107,9 +114,10 @@ require (
 	go.opentelemetry.io/proto/otlp v1.6.0 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/go-playground/assert.v1 v1.2.1 // indirect
-	gotest.tools/v3 v3.4.0 // indirect
 	mellium.im/sasl v0.3.2 // indirect
 	oras.land/oras-go/v2 v2.5.0 // indirect
+	sigs.k8s.io/kustomize/api v0.19.0 // indirect
+	sigs.k8s.io/kustomize/kyaml v0.19.0 // indirect
 	sigs.k8s.io/randfill v1.0.0 // indirect
 )
 
@@ -129,7 +137,7 @@ require (
 	github.com/containerd/log v0.1.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
 	github.com/docker/cli v28.1.1+incompatible
-	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/docker/go-connections v0.5.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/emicklei/go-restful/v3 v3.12.2 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
@@ -177,7 +185,7 @@ require (
 	google.golang.org/genproto v0.0.0-20250519155744-55703ea1f237 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20250519155744-55703ea1f237 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20250519155744-55703ea1f237 // indirect
-	google.golang.org/grpc v1.72.2 // indirect
+	google.golang.org/grpc v1.72.2
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect

common-lib/securestore/rollback/Dockerfile

@@ -0,0 +1,51 @@
+FROM golang:1.24-alpine AS builder
+
+# Install git for go mod dependencies
+RUN apk add --no-cache git
+
+# Create non-root user for build
+RUN addgroup -g 1001 -S appgroup && \
+    adduser -u 1001 -S appuser -G appgroup
+
+# Set working directory
+WORKDIR /app
+
+# Copy go mod files
+COPY go.mod go.sum ./
+
+# Download dependencies
+RUN go mod download
+
+# Copy source code
+COPY . .
+
+# Build the application
+RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o rollback .
+
+# Final stage
+FROM alpine:latest
+
+# Install ca-certificates for HTTPS requests
+RUN apk --no-cache add ca-certificates
+
+# Create non-root user
+RUN addgroup -g 1001 -S appgroup && \
+    adduser -u 1001 -S appuser -G appgroup
+
+# Set working directory
+WORKDIR /app
+
+# Copy binary from builder stage
+COPY --from=builder /app/rollback .
+
+# Change ownership to non-root user
+RUN chown -R appuser:appgroup /app
+
+# Switch to non-root user
+USER appuser
+
+# Expose any necessary ports (if needed)
+# EXPOSE 8080
+
+# Set entrypoint
+ENTRYPOINT ["./rollback"]

common-lib/securestore/rollback/README.md

@@ -0,0 +1,204 @@
+# Database Encryption Rollback Utility
+
+This utility provides functionality to revert encrypted data in multiple database tables back to plain text format.
+
+## Overview
+
+The rollback utility performs the following operations:
+1. Reads encrypted data from specified columns in supported tables
+2. Decrypts the data using the stored encryption key from the `attributes` table
+3. Stores the decrypted data back as plain text in the same columns
+
+## Supported Tables
+
+| Table | Encrypted Columns | Data Type |
+|-------|------------------|-----------|
+| `cluster` | `config` | EncryptedMap |
+| `gitops_config` | `token` | EncryptedString |
+| `docker_artifact_store` | `aws_secret_accesskey`, `password` | EncryptedString |
+| `git_provider` | `password`, `ssh_private_key`, `access_token` | EncryptedString |
+| `remote_connection_config` | `ssh_password`, `ssh_auth_key` | EncryptedString |
+
+## Files
+
+- `rollback_service.go` - Core rollback service with methods for all supported tables
+- `main.go` - Command-line executable for running rollback operations
+- `rollback_service_test.go` - Unit tests
+- `run_rollback.sh` - Convenient shell script with safety checks
+- `README.md` - This documentation file
+
+## Usage
+
+### Prerequisites
+
+1. Ensure the encryption key exists in the `attributes` table
+2. Set up the required environment variables for database connection
+3. Have appropriate database permissions to read and update the cluster table
+
+### Environment Variables
+
+```bash
+export PG_ADDR="127.0.0.1"          # PostgreSQL address
+export PG_PORT="5432"               # PostgreSQL port
+export PG_USER="your_username"      # PostgreSQL username
+export PG_PASSWORD="your_password"  # PostgreSQL password
+export PG_DATABASE="orchestrator"   # PostgreSQL database name
+```
+
+### Running the Utility
+
+#### Rollback All Tables
+
+```bash
+cd common-lib/securestore/rollback
+go run *.go
+```
+
+#### Rollback Specific Table
+
+```bash
+go run *.go -table=cluster
+go run *.go -table=gitops_config
+go run *.go -table=docker_artifact_store
+go run *.go -table=git_provider
+go run *.go -table=remote_connection_config
+```
+
+#### Rollback Specific Record
+
+```bash
+go run *.go -table=cluster -id=123
+go run *.go -table=docker_artifact_store -id=abc-def-123
+go run *.go -table=gitops_config -id=456
+```
+
+#### Validate Rollback Results
+
+```bash
+go run *.go -validate                    # Validate all tables
+go run *.go -table=cluster -validate     # Validate specific table
+```
+
+#### Use Different Database
+
+```bash
+go run *.go -database=mydb
+```
+
+#### Show Help
+
+```bash
+go run *.go -help
+```
+
+### Command Line Options
+
+- `-database string` - Database name to connect to (default: "orchestrator")
+- `-table string` - Table to rollback (cluster, gitops_config, docker_artifact_store, git_provider, remote_connection_config, all) (default: "all")
+- `-id string` - Specific record ID to rollback (optional)
+- `-validate` - Validate rollback results
+- `-help` - Show help message
+
+### Using the Shell Script
+
+The shell script provides additional safety features:
+
+```bash
+# Interactive rollback with confirmation
+./run_rollback.sh
+
+# Rollback specific table
+./run_rollback.sh -t cluster
+
+# Rollback specific record
+./run_rollback.sh -t cluster -i 123
+
+# Validate results
+./run_rollback.sh -v
+
+# Dry run (show what would be executed)
+./run_rollback.sh --dry-run
+```
+
+## Code Structure
+
+The rollback utility is implemented as a single Go package with the following files:
+
+- `rollback_service.go` - Core rollback service implementation for all tables
+- `main.go` - Command-line interface and main function
+- `rollback_service_test.go` - Unit tests
+- `go.mod` - Go module definition
+
+All files are in the same `package main` to create a single executable.
+
+## How It Works
+
+### Encryption Detection
+
+The utility uses the `EncryptedMap.Scan()` method to detect if data is encrypted:
+- If the data can be successfully scanned as an `EncryptedMap`, it's considered encrypted
+- If scanning fails, the data is assumed to be already in plain text format
+
+### Decryption Process
+
+1. The utility loads the encryption key from the `attributes` table
+2. For each cluster with config data:
+   - Attempts to scan the config as an `EncryptedMap`
+   - If successful, the `Scan()` method automatically decrypts the data
+   - The decrypted data is then marshaled to JSON and stored back
+
+### Safety Features
+
+- **Non-destructive**: If data is already in plain text, it's left unchanged
+- **Validation**: Provides validation functionality to verify rollback success
+- **Logging**: Comprehensive logging for monitoring progress and debugging
+- **Error handling**: Continues processing other clusters even if one fails
+
+## Error Handling
+
+The utility handles various error scenarios:
+- Database connection failures
+- Missing encryption keys
+- Invalid encrypted data
+- JSON marshaling errors
+- Database update failures
+
+Each error is logged with appropriate context, and the utility continues processing remaining clusters.
+
+## Validation
+
+The validation feature checks that all cluster configs are valid JSON after rollback:
+- Attempts to unmarshal each config as JSON
+- Reports any configs that are not valid JSON
+- Provides summary of validation results
+
+## Security Considerations
+
+- The utility requires access to the encryption key stored in the database
+- Ensure proper database permissions are in place
+- Consider backing up the database before running the rollback
+- The rollback operation converts encrypted data to plain text permanently
+
+## Troubleshooting
+
+### Common Issues
+
+1. **"encryption key not found"**
+   - Ensure the encryption key exists in the attributes table
+   - Run the encryption key setup if needed
+
+2. **Database connection errors**
+   - Verify environment variables are set correctly
+   - Check database connectivity and permissions
+
+3. **"Failed to scan as encrypted data"**
+   - This is usually normal and indicates data is already in plain text
+   - Check logs to confirm the data is being handled correctly
+
+### Logging
+
+The utility provides detailed logging at different levels:
+- `INFO`: General progress and summary information
+- `WARN`: Non-critical issues (e.g., data already in plain text)
+- `ERROR`: Critical errors that prevent processing
+- `DEBUG`: Detailed information for troubleshooting (when enabled)

common-lib/securestore/rollback/go.mod

@@ -0,0 +1,39 @@
+module cluster-rollback
+
+go 1.24.0
+
+toolchain go1.24.4
+
+require (
+	github.com/caarlos0/env v3.5.0+incompatible
+	github.com/devtron-labs/common-lib v0.0.0-00010101000000-000000000000
+	github.com/go-pg/pg v6.15.1+incompatible
+	github.com/sirupsen/logrus v1.9.3
+	github.com/stretchr/testify v1.10.0
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/docker/cli v28.1.1+incompatible // indirect
+	github.com/google/wire v0.6.0 // indirect
+	github.com/jinzhu/inflection v1.0.0 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/nxadm/tail v1.4.11 // indirect
+	github.com/onsi/gomega v1.38.2 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/prometheus/client_golang v1.22.0 // indirect
+	github.com/prometheus/client_model v0.6.2 // indirect
+	github.com/prometheus/common v0.64.0 // indirect
+	github.com/prometheus/procfs v0.16.1 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.27.0 // indirect
+	golang.org/x/crypto v0.38.0 // indirect
+	golang.org/x/sys v0.35.0 // indirect
+	google.golang.org/protobuf v1.36.7 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	mellium.im/sasl v0.3.2 // indirect
+)
+
+replace github.com/devtron-labs/common-lib => github.com/devtron-labs/devtron-services/common-lib v0.0.0-20251015063403-c79706370455