GitCaddy/GitCaddy Vault
Limited
2
0
Fork 0
Code Issues Releases 9
Files
c4d74c5682f8d1c403382e096ae36a7ce1cefe9f
gitcaddy-vault/templates/repo/vault/key_migrate.tmpl
logikonline c4d74c5682
All checks were successful
Build and Release / Tests (push) Successful in 1m9s
Details
Build and Release / Lint (push) Successful in 1m30s
Details
Build and Release / Create Release (push) Successful in 1s
Details
feat(vault): add master key migration and DEK rotation 
Implemented master key migration to re-encrypt vault DEKs when the master key changes. Added support for migrating single repositories or instance-wide. Implemented DEK rotation for Enterprise licenses to periodically rotate data encryption keys. Added new UI templates and API endpoints for key management operations with comprehensive error handling.
2026-02-06 21:47:45 -05:00

136 lines
4.8 KiB
Cheetah
Raw Blame History

{{template "repo/vault/layout_head" (dict "ctxData" . "pageClass" "repository vault key-migrate")}}
<div class="ui segment">
<h4 class="ui header">
{{svg "octicon-key" 20}} {{ctx.Locale.Tr "vault.key_migration_title"}}
<div class="sub header">{{ctx.Locale.Tr "vault.key_migration_description"}}</div>
</h4>
{{if .KeySource}}
<div class="ui label">
{{ctx.Locale.Tr "vault.current_key_source"}}: <strong>{{.KeySource}}</strong>
</div>
{{end}}
</div>
{{if .MigrationResult}}
<div class="ui {{if eq .MigrationResult.FailedCount 0}}positive{{else}}warning{{end}} message">
<div class="header">{{ctx.Locale.Tr "vault.migration_complete"}}</div>
<p>
{{ctx.Locale.Tr "vault.migration_success_count" .MigrationResult.SuccessCount}}
{{if gt .MigrationResult.FailedCount 0}}
<br>{{ctx.Locale.Tr "vault.migration_failed_count" .MigrationResult.FailedCount}}
{{end}}
</p>
{{if .MigrationResult.FailedRepos}}
<ul class="ui list">
{{range .MigrationResult.FailedRepos}}
<li>Repo ID {{.RepoID}}: {{.Error}}</li>
{{end}}
</ul>
{{end}}
</div>
{{end}}
{{if .MigrationError}}
<div class="ui negative message">
<div class="header">{{ctx.Locale.Tr "vault.migration_failed"}}</div>
<p>{{.MigrationError}}</p>
</div>
{{end}}
{{if .HasDedicatedMasterKey}}
<div class="ui segment">
<h5 class="ui header">
{{svg "octicon-zap" 16}} {{ctx.Locale.Tr "vault.one_click_migration"}}
</h5>
<div class="ui info message">
<p>{{ctx.Locale.Tr "vault.migrate_from_fallback_description"}}</p>
</div>
<form class="ui form" action="{{.RepoLink}}/vault/migrate-from-fallback" method="post">
{{.CsrfTokenHtml}}
<div class="field">
<select name="scope" class="ui dropdown">
<option value="repo">{{ctx.Locale.Tr "vault.migrate_this_repo"}}</option>
{{if .IsInstanceAdmin}}
<option value="all" selected>{{ctx.Locale.Tr "vault.migrate_all_repos"}}</option>
{{end}}
</select>
</div>
<button class="ui primary button" type="submit" onclick="return confirm('{{ctx.Locale.Tr "vault.confirm_migrate"}}');">
{{svg "octicon-sync" 16}} {{ctx.Locale.Tr "vault.migrate_from_fallback_button"}}
</button>
</form>
</div>
<div class="ui horizontal divider">{{ctx.Locale.Tr "or"}}</div>
{{end}}
<div class="ui segment">
<h5 class="ui header">
{{svg "octicon-key" 16}} {{ctx.Locale.Tr "vault.manual_migration"}}
</h5>
{{if .HasDedicatedMasterKey}}
<p class="text grey">{{ctx.Locale.Tr "vault.manual_migration_description"}}</p>
{{else}}
<div class="ui warning message">
<div class="header">{{ctx.Locale.Tr "vault.key_migration_warning_title"}}</div>
<p>{{ctx.Locale.Tr "vault.key_migration_warning"}}</p>
</div>
<h5 class="ui header">{{ctx.Locale.Tr "vault.when_to_migrate"}}</h5>
<ul class="ui list">
<li>{{ctx.Locale.Tr "vault.migrate_reason_1"}}</li>
<li>{{ctx.Locale.Tr "vault.migrate_reason_2"}}</li>
<li>{{ctx.Locale.Tr "vault.migrate_reason_3"}}</li>
</ul>
<div class="ui divider"></div>
{{end}}
<form class="ui form" action="{{.RepoLink}}/vault/migrate-key" method="post">
{{.CsrfTokenHtml}}
<div class="required field">
<label>{{ctx.Locale.Tr "vault.old_master_key"}}</label>
<input type="password" name="old_key" placeholder="{{ctx.Locale.Tr "vault.old_key_placeholder"}}" required>
<p class="help">{{ctx.Locale.Tr "vault.old_key_help"}}</p>
</div>
<div class="field">
<label>{{ctx.Locale.Tr "vault.migration_scope"}}</label>
<select name="scope" class="ui dropdown">
<option value="repo">{{ctx.Locale.Tr "vault.migrate_this_repo"}}</option>
{{if .IsInstanceAdmin}}
<option value="all">{{ctx.Locale.Tr "vault.migrate_all_repos"}}</option>
{{end}}
</select>
<p class="help">{{ctx.Locale.Tr "vault.migration_scope_help"}}</p>
</div>
<button class="ui {{if .HasDedicatedMasterKey}}{{else}}primary {{end}}button" type="submit" onclick="return confirm('{{ctx.Locale.Tr "vault.confirm_migrate"}}');">
{{svg "octicon-sync" 16}} {{ctx.Locale.Tr "vault.start_migration"}}
</button>
<a class="ui button" href="{{.RepoLink}}/vault">
{{ctx.Locale.Tr "cancel"}}
</a>
</form>
</div>
{{if .IsRepoAdmin}}
<div class="ui segment">
<h5 class="ui header">
{{svg "octicon-sync" 16}} {{ctx.Locale.Tr "vault.dek_rotation_title"}}
</h5>
<p>{{ctx.Locale.Tr "vault.dek_rotation_description"}}</p>
{{if .IsEnterprise}}
<form class="ui form" action="{{.RepoLink}}/vault/rotate-key" method="post">
{{.CsrfTokenHtml}}
<button class="ui button" type="submit" onclick="return confirm('{{ctx.Locale.Tr "vault.confirm_rotate"}}');">
{{svg "octicon-sync" 16}} {{ctx.Locale.Tr "vault.rotate_dek"}}
</button>
</form>
{{else}}
<div class="ui info message">
{{ctx.Locale.Tr "vault.dek_rotation_enterprise_only"}}
</div>
{{end}}
</div>
{{end}}
{{template "repo/vault/layout_footer" .}}
Reference in New Issue View Git Blame Copy Permalink