Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sensitive task data needs to be encrypted #17

Closed
5 tasks done
bohdan-shulha opened this issue Jun 22, 2024 · 1 comment
Closed
5 tasks done

Sensitive task data needs to be encrypted #17

bohdan-shulha opened this issue Jun 22, 2024 · 1 comment
Labels
feat New feature or request security
Milestone
Alpha

Comments

@bohdan-shulha
Copy link
Contributor

bohdan-shulha commented Jun 22, 2024
edited
Loading

The public key, used for encryption, should be generated when the Swarm cluster is initialized on the agent's side. Private key will be kept on the Swarm Cluster and Public key will be transferred to ptah.sh. Then, the secret vars/secret files should be encrypted on the client side.

This way, we'd be able to store all the secure data on our database and don't worry about clean-ups or storing/transmitting unencoded critical access data.

Consider dropping the config creation for secrets at all: #110 (completed here ptah-sh/ptah-agent#51)

Scope:

  • Secret Vars
  • Secret Files
  • S3 Storage passwords
  • Docker Registry passwords
  • Join Tokens (these have to be encoded by agent)
@bohdan-shulha bohdan-shulha added this to the Post-MVP milestone Jul 17, 2024
@bohdan-shulha

This comment was marked as resolved.

Sign in to view
@bohdan-shulha bohdan-shulha added feat New feature or request and removed triage labels Aug 29, 2024
@bohdan-shulha bohdan-shulha changed the title Sensitive task data needs to be encrypted for the time of the task being pending Sensitive task data needs to be encrypted Aug 29, 2024
This was referenced Sep 13, 2024
Closed
Closed
Closed
@bohdan-shulha bohdan-shulha mentioned this issue Sep 21, 2024
Closed
bohdan-shulha added a commit that referenced this issue Sep 22, 2024
@bohdan-shulha
feat: #17 support secrets encryption
2b44d94
@github-actions github-actions bot mentioned this issue Sep 21, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feat New feature or request security
Projects
None yet
Milestone
Alpha
Development

No branches or pull requests
1 participant
@bohdan-shulha