fix(release,webhooks): Fixed retrieval of encrypted webhook token and prepare patch 2.0.1 release
This commit is contained in:
parent
c1631a0588
commit
98b37ca289
2 changed files with 37 additions and 8 deletions
16
CHANGELOG.md
16
CHANGELOG.md
|
|
@ -2,19 +2,21 @@
|
||||||
|
|
||||||
Changes adhere to [semantic versioning](https://semver.org).
|
Changes adhere to [semantic versioning](https://semver.org).
|
||||||
|
|
||||||
## [2.0.1] - UNRELEASED
|
## [2.0.1] - 2024/05/01
|
||||||
|
|
||||||
* ...
|
* Fixed retrieval of encrypted webhook token
|
||||||
|
|
||||||
## [2.0.0] - 2024/04/28
|
## [2.0.0] - 2024/04/28
|
||||||
|
|
||||||
> This is a major version upgrade. Other versions are incompatible with this release.
|
> This is a major version upgrade. Other versions are incompatible with this release.
|
||||||
|
|
||||||
* Added _Actions_, a simple way to trigger notifications via [shoutrrr](https://containrrr.dev/shoutrrr) which supports secrets
|
* Added _Actions_, a simple way to trigger notifications via [shoutrrr](https://containrrr.dev/shoutrrr) which supports
|
||||||
|
secrets
|
||||||
* Added new auth mode which allows setting multiple basic auth credentials
|
* Added new auth mode which allows setting multiple basic auth credentials
|
||||||
* Added `AUTH_MODE` which can be one of `basic_single` (_default_) and `basic_credentials`
|
* Added `AUTH_MODE` which can be one of `basic_single` (_default_) and `basic_credentials`
|
||||||
* For `basic_credentials`: added `BASIC_AUTH_CREDENTIALS` which can be used as list of `username1=password1,...` (comma separated)
|
* For `basic_credentials`: added `BASIC_AUTH_CREDENTIALS` which can be used as list of `username1=password1,...` (
|
||||||
* For `basic_single`: renamed `ADMIN_USER` and `ADMIN_PASSWORD` to `BASIC_AUTH_USER` and `BASIC_AUTH_PASSWORD`
|
comma separated)
|
||||||
|
* For `basic_single`: renamed `ADMIN_USER` and `ADMIN_PASSWORD` to `BASIC_AUTH_USER` and `BASIC_AUTH_PASSWORD`
|
||||||
* Added mandatory `SECRET` environment variable to encrypt some data inside the database
|
* Added mandatory `SECRET` environment variable to encrypt some data inside the database
|
||||||
* Switched to producing events only for _Updates_
|
* Switched to producing events only for _Updates_
|
||||||
* Switched to encrypting webhook tokens in database
|
* Switched to encrypting webhook tokens in database
|
||||||
|
|
@ -43,6 +45,8 @@ Changes adhere to [semantic versioning](https://semver.org).
|
||||||
|
|
||||||
* Initial release
|
* Initial release
|
||||||
|
|
||||||
|
[2.0.1]: https://git.myservermanager.com/varakh/upda/releases/tag/2.0.1
|
||||||
|
|
||||||
[2.0.0]: https://git.myservermanager.com/varakh/upda/releases/tag/2.0.0
|
[2.0.0]: https://git.myservermanager.com/varakh/upda/releases/tag/2.0.0
|
||||||
|
|
||||||
[1.0.3]: https://git.myservermanager.com/varakh/upda/releases/tag/1.0.3
|
[1.0.3]: https://git.myservermanager.com/varakh/upda/releases/tag/1.0.3
|
||||||
|
|
|
||||||
|
|
@ -26,7 +26,7 @@ type Update struct {
|
||||||
UpdatedAt time.Time `gorm:"time;autoUpdateTime;not null"`
|
UpdatedAt time.Time `gorm:"time;autoUpdateTime;not null"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// BeforeCreate encrypts secret value before storing to database
|
// BeforeCreate encrypts webhook token before storing to database
|
||||||
func (wh *Webhook) BeforeCreate(tx *gorm.DB) (err error) {
|
func (wh *Webhook) BeforeCreate(tx *gorm.DB) (err error) {
|
||||||
var er error
|
var er error
|
||||||
var encryptedToken string
|
var encryptedToken string
|
||||||
|
|
@ -40,7 +40,20 @@ func (wh *Webhook) BeforeCreate(tx *gorm.DB) (err error) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// AfterSave decrypt secret value after encrypted value has been retrieved from database
|
// BeforeUpdate encrypts webhook token before storing to database
|
||||||
|
func (wh *Webhook) BeforeUpdate(tx *gorm.DB) (err error) {
|
||||||
|
var er error
|
||||||
|
var encryptedValue string
|
||||||
|
|
||||||
|
if encryptedValue, er = util.EncryptAndEncode(wh.Token, os.Getenv(envSecret)); er != nil {
|
||||||
|
return er
|
||||||
|
}
|
||||||
|
|
||||||
|
wh.Token = encryptedValue
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// AfterSave decrypt webhook token after encrypted value has been retrieved from database
|
||||||
func (wh *Webhook) AfterSave(tx *gorm.DB) (err error) {
|
func (wh *Webhook) AfterSave(tx *gorm.DB) (err error) {
|
||||||
var er error
|
var er error
|
||||||
var decrypted string
|
var decrypted string
|
||||||
|
|
@ -52,6 +65,18 @@ func (wh *Webhook) AfterSave(tx *gorm.DB) (err error) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// AfterFind decrypt webhook token after encrypted value has been retrieved from database
|
||||||
|
func (wh *Webhook) AfterFind(tx *gorm.DB) (err error) {
|
||||||
|
var er error
|
||||||
|
var decrypted string
|
||||||
|
if decrypted, er = util.DecryptAndDecode(wh.Token, os.Getenv(envSecret)); er != nil {
|
||||||
|
return er
|
||||||
|
}
|
||||||
|
|
||||||
|
wh.Token = decrypted
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
// Webhook entity holding information for webhooks
|
// Webhook entity holding information for webhooks
|
||||||
type Webhook struct {
|
type Webhook struct {
|
||||||
ID uuid.UUID `gorm:"type:uuid;primary_key;unique;not null"`
|
ID uuid.UUID `gorm:"type:uuid;primary_key;unique;not null"`
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue