MCPcopy Index your code
hub / github.com/coder/coder / ensureEncrypted

Method ensureEncrypted

enterprise/dbcrypt/dbcrypt.go:1007–1043  ·  view source on GitHub ↗
(ctx context.Context)

Source from the content-addressed store, hash-verified

1005}
1006
1007func (db *dbCrypt) ensureEncrypted(ctx context.Context) error {
1008 return db.InTx(func(s database.Store) error {
1009 // Attempt to read the encrypted test fields of the currently active keys.
1010 ks, err := s.GetDBCryptKeys(ctx)
1011 if err != nil && !xerrors.Is(err, sql.ErrNoRows) {
1012 return err
1013 }
1014
1015 var highestNumber int32
1016 var activeCipherFound bool
1017 for _, k := range ks {
1018 // If our primary key has been revoked, then we can't do anything.
1019 if k.RevokedKeyDigest.Valid && k.RevokedKeyDigest.String == db.primaryCipherDigest {
1020 return xerrors.Errorf("primary encryption key %q has been revoked", db.primaryCipherDigest)
1021 }
1022
1023 if k.ActiveKeyDigest.Valid && k.ActiveKeyDigest.String == db.primaryCipherDigest {
1024 activeCipherFound = true
1025 }
1026
1027 if k.Number > highestNumber {
1028 highestNumber = k.Number
1029 }
1030 }
1031
1032 if activeCipherFound || len(db.ciphers) == 0 {
1033 return nil
1034 }
1035
1036 // If we get here, then we have a new key that we need to insert.
1037 return s.InsertDBCryptKey(ctx, database.InsertDBCryptKeyParams{
1038 Number: highestNumber + 1,
1039 ActiveKeyDigest: db.primaryCipherDigest,
1040 Test: testValue,
1041 })
1042 }, &database.TxOptions{Isolation: sql.LevelRepeatableRead})
1043}

Callers 1

Calls 5

InTxMethod · 0.95
GetDBCryptKeysMethod · 0.95
InsertDBCryptKeyMethod · 0.95
IsMethod · 0.45
ErrorfMethod · 0.45

Tested by

no test coverage detected