MCPcopy Index your code
hub / github.com/coder/coder / rotateKey

Method rotateKey

coderd/cryptokeys/rotate.go:202–228  ·  view source on GitHub ↗
(ctx context.Context, tx database.Store, key database.CryptoKey, now time.Time)

Source from the content-addressed store, hash-verified

200}
201
202func (k *rotator) rotateKey(ctx context.Context, tx database.Store, key database.CryptoKey, now time.Time) ([]database.CryptoKey, error) {
203 startsAt := minStartsAt(key, now, k.keyDuration)
204 newKey, err := k.insertNewKey(ctx, tx, key.Feature, startsAt)
205 if err != nil {
206 return nil, xerrors.Errorf("insert new key: %w", err)
207 }
208
209 // Set old key's deletes_at to an hour + however long the token
210 // for this feature is expected to be valid for. This should
211 // allow for sufficient time for the new key to propagate to
212 // dependent services (i.e. Workspace Proxies).
213 deletesAt := startsAt.Add(time.Hour).Add(tokenDuration(key.Feature))
214
215 updatedKey, err := tx.UpdateCryptoKeyDeletesAt(ctx, database.UpdateCryptoKeyDeletesAtParams{
216 Feature: key.Feature,
217 Sequence: key.Sequence,
218 DeletesAt: sql.NullTime{
219 Time: deletesAt.UTC(),
220 Valid: true,
221 },
222 })
223 if err != nil {
224 return nil, xerrors.Errorf("update old key's deletes_at: %w", err)
225 }
226
227 return []database.CryptoKey{updatedKey, newKey}, nil
228}
229
230func generateNewSecret(feature database.CryptoKeyFeature) (string, error) {
231 switch feature {

Callers 1

rotateKeysMethod · 0.95

Calls 6

insertNewKeyMethod · 0.95
minStartsAtFunction · 0.85
tokenDurationFunction · 0.85
AddMethod · 0.65
ErrorfMethod · 0.45

Tested by

no test coverage detected