Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API: Add secret rotation #315

Open
rajdip-b opened this issue Jul 4, 2024 · 6 comments
Open

API: Add secret rotation #315

rajdip-b opened this issue Jul 4, 2024 · 6 comments
Labels
difficulty: 2 foss hack Clustering all the curated issues for Foss Hack 2024 good first issue Good for newcomers hacktoberfest Hacktoberfest is on! priority: medium scope: api Everything related to the API type: feature Release drafter tag for tagging PRs related to adding new features

Comments

@rajdip-b
Copy link
Member

rajdip-b commented Jul 4, 2024

Description

Secrets have a rotateAfter field. We would like to scan through all secrets and rotate the values. The values will be automatically generated. For now, we would like to run a cron job every 1 hour and rotate the values of the secrets conditionally.

Criteria for autogenerated value:

  • Must me a minimum of 20 characters
  • Should have atleaset 1 character in a-z
  • Should have atleaset 1 character in A-Z
  • Should have atleaset 1 character in 0-9
  • Should have atleaset 1 character in !@#$%^&*

Solution

  • Add a rotatedAt field in the Secret model that will store the last time the values were rotated
  • Create a cron job in secret.service.ts that will rotate the values.
  • Run this query every 1 hour: Create new versions across every secretId-environmentId pair in SecretVersion where the Secret has rotateAfter != never and currentTime > rotatedAt+rotateAfter.
@rajdip-b rajdip-b added good first issue Good for newcomers scope: api Everything related to the API type: feature Release drafter tag for tagging PRs related to adding new features priority: medium foss hack Clustering all the curated issues for Foss Hack 2024 difficulty: 2 labels Jul 4, 2024
@rajdip-b rajdip-b moved this to Todo in keyshade-api Jul 4, 2024
@MelloB1989
Copy link

Hey I am Kartik Deshmukh. I am one of the participants in the FOSS Hack. We want to contribute to this issue and I feel confident my contribution will help!
/attempt

@NangunooriAbhinav
Copy link

/attempt

@github-actions GitHub Actions
Copy link

Assigned the issue to @NangunooriAbhinav!

@rajdip-b rajdip-b added the hacktoberfest Hacktoberfest is on! label Oct 1, 2024
@Allan2000-Git
Copy link
Contributor

/attempt. I'd love to work on this issue. I'm not sure, but i'll try to crack this.

@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 2, 2024

Assigned the issue to @Allan2000-Git!

@rajdip-b
Copy link
Member Author

rajdip-b commented Nov 5, 2024

@Allan2000-Git I'm unassigning you for the moment. Feel free to pick this up when you can.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
difficulty: 2 foss hack Clustering all the curated issues for Foss Hack 2024 good first issue Good for newcomers hacktoberfest Hacktoberfest is on! priority: medium scope: api Everything related to the API type: feature Release drafter tag for tagging PRs related to adding new features
Projects
keyshade-api
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Allan2000-Git @MelloB1989 @rajdip-b @NangunooriAbhinav