commit | bfa9be5ac82ea93a5441b1b64227f1bccd72ad86 | [log] [tgz] |
---|---|---|
author | Luca Milanesio <luca.milanesio@gmail.com> | Mon Oct 31 14:46:08 2016 +0000 |
committer | Luca Milanesio <luca.milanesio@gmail.com> | Mon Oct 31 14:49:06 2016 +0000 |
tree | 8ad2e883c7a1c404426b22092a0778c6db205794 | |
parent | b88314015e92073ecac952bd86d8ca15625c2a05 [diff] |
Initial prototype of encrypted secure.config This initial version is a pure copy of the Gerrit DefaultSecureStore, which contains the basic structure of the plugin and the associated documentation. Main purpose of this commit is to demonstrate that we can build the plugin, install on Gerrit /lib, configure and have it fully working with a secure.config file. Change-Id: I60e4754a7fc2826362784c25ca59305c43015ff5
Encrypt all the values contained in the Gerrit's secure.config.
Clone the secure-config plugin into a Gerrit source tree under the directory plugins/secure-config, and then run:
$ buck build plugins/secure-config
Resulting plugin jar is generated under /buck-out/gen/plugins/secure-config/secure-config.jar
Differently from the other plugins, secure-config needs to be copied to the /lib directory of Gerrit installation.
Example:
$ cp buck-out/gen/plugins/secure-config/secure-config.jar $GERRIT_SITE/lib/
Add the gerrit.secureStoreClass configuration entry in gerrit.config to instruct Gerrit to use the secure-store plugin for the encryption and decryption of all values contained in your secure.config file.
Example:
$ cat - >> $GERRIT_SITE/etc/gerrit.config [gerrit] secureStoreClass = com.googlesource.gerrit.plugins.secureconfig.SecureConfigStore ^D