merge: #2864

2864: feat: implement symmetric encryption for secrets & keys r=fnichol a=fnichol <img src="https://media1.giphy.com/media/xYEYXCt93QZTP5adXQ/giphy.gif"/> Co-authored-by: Victor Bustamante <[email protected]> Co-authored-by: Fletcher Nichol <[email protected]>
systeminit · Oct 16, 2023 · 9a2a4b9 · 9a2a4b9
2 parents 6434993 + d49344d
commit 9a2a4b9
Show file tree

Hide file tree

Showing 76 changed files with 1,426 additions and 644 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -28,8 +28,10 @@ members = [
     "lib/object-tree",
     "lib/pinga-server",
     "lib/sdf-server",
+    "lib/si-crypto",
     "lib/si-data-nats",
     "lib/si-data-pg",
+    "lib/si-hash",
     "lib/si-pkg",
     "lib/si-settings",
     "lib/si-std",
@@ -52,6 +54,7 @@ blake3 = "1.3.3"
 bytes = "1.4.0"
 chrono = { version = "0.4.24", features = ["serde"] }
 clap = { version = "4.2.7", features = ["derive", "color", "env", "wrap_help"] }
+ciborium = "0.2.1"
 color-eyre = "0.6.2"
 colored = "2.0.4"
 comfy-table = { version = "7.0.1", features = ["crossterm", "tty", "custom_styling"] }

diff --git a/app/web/src/components/Workspace/WorkspaceCustomizeSecrets.vue b/app/web/src/components/Workspace/WorkspaceCustomizeSecrets.vue
@@ -35,14 +35,15 @@
                     <i class="text-xs text-neutral-500">
                       by {{ secret.createdInfo?.actor?.label || "UNDEF" }}
                     </i>
-                    <VButton
+                    <!-- Disabled until delete gets reimplemented on the backend -->
+                    <!--VButton
                       :disabled="secretsStore.secretIsTransitioning[secret.id]"
                       class="ml-2"
                       size="xs"
                       tone="neutral"
                       icon="x-circle"
                       @click="secretsStore.DELETE_SECRET(secret.id)"
-                    />
+                    /-->
                   </li>
                 </ul>
               </li>
@@ -72,7 +73,7 @@
 
 <script lang="ts" setup>
 import { computed, ref } from "vue";
-import { ResizablePanel, VButton, VormInput } from "@si/vue-lib/design-system";
+import { ResizablePanel, VormInput } from "@si/vue-lib/design-system";
 import * as _ from "lodash-es";
 import { useFeatureFlagsStore } from "@/store/feature_flags.store";
 import SidebarSubpanelTitle from "@/components/SidebarSubpanelTitle.vue";

diff --git a/app/web/src/store/secrets.store.ts b/app/web/src/store/secrets.store.ts
@@ -117,6 +117,7 @@ export function useSecretsStore() {
     defineStore("secrets", {
       state: () => ({
         secretDefinitionByDefinitionId: {} as SecretsDefinitionHashMap,
+        // Stores whether a request is running on a secret. Previously used to disable the delete button temporarily
         secretIsTransitioning: {} as Record<SecretId, boolean>,
         publicKey: null as PublicKey | null,
       }),

diff --git a/bin/pinga/BUCK b/bin/pinga/BUCK
@@ -16,6 +16,7 @@ rust_binary(
     srcs = glob(["src/**/*.rs"]),
     resources = {
         "dev.encryption.key": "//lib/cyclone-server:dev.encryption.key",
+        "dev.donkey.key": "//lib/dal:dev.donkey.key",
     },
 )
 

diff --git a/bin/sdf/BUCK b/bin/sdf/BUCK
@@ -18,6 +18,7 @@ rust_binary(
         "dev.jwt_signing_public_key.pem": "//config/keys:dev.jwt_signing_public_key.pem",
         "prod.jwt_signing_public_key.pem": "//config/keys:prod.jwt_signing_public_key.pem",
         "dev.encryption.key": "//lib/cyclone-server:dev.encryption.key",
+        "dev.donkey.key": "//lib/dal:dev.donkey.key",
         "pkgs_path": "//pkgs:pkgs",
     },
 )