alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0bb52f9ec62a75c8d76596735d3ec0b44210a0af
tiny-forge/plans/docker-watcher-core/phase-2-crypto-config.md
T
alexei.dolgolyov 0bb52f9ec6 chore: add feature planner setup for docker-watcher-core 
Create structured plan files with 12 phases covering the full
implementation: scaffold, store, crypto, Docker/NPM clients,
registry poller, webhook, deployer, API layer, SvelteKit frontend,
embedding, and hardening.
2026-03-27 20:42:42 +03:00

2.2 KiB
Raw Blame History

Phase 2: Crypto & Config Seed Loader

Status: Not Started Parent plan: PLAN.md Domain: backend

Objective

Implement AES-256 encryption for credential storage and the YAML seed config parser that imports into SQLite on first launch.

Tasks

  • Task 1: Implement AES-256-GCM encrypt/decrypt functions using Go stdlib crypto/aes + crypto/cipher
  • Task 2: Key derivation from ENCRYPTION_KEY env var (SHA-256 hash to get 32 bytes)
  • Task 3: Define YAML config structs matching the seed format from PLAN.md
  • Task 4: Implement YAML parser — read and validate seed file
  • Task 5: Implement seed importer — checks if DB is empty, if so imports YAML into SQLite via store CRUD
  • Task 6: Encrypt credential fields (registry tokens, NPM password) during import
  • Task 7: Create docker-watcher.example.yaml with documented example config
  • Task 8: Wire seed import into cmd/server/main.go startup sequence

Files to Modify/Create

  • internal/crypto/crypto.go — AES-256-GCM encrypt/decrypt
  • internal/config/config.go — YAML structs and parser
  • internal/config/seed.go — seed import logic (YAML → SQLite)
  • docker-watcher.example.yaml — example seed config
  • cmd/server/main.go — add seed import to startup

Acceptance Criteria

  • Encrypt then decrypt round-trips correctly
  • Different plaintexts produce different ciphertexts (random nonce)
  • YAML parsing handles all fields from the seed format
  • Seed import creates projects, stages, registries, and settings in SQLite
  • Credentials are encrypted before storage
  • Import is idempotent — skipped if DB already has data

Notes

  • ENCRYPTION_KEY is the only secret env var — everything else is encrypted in SQLite
  • Use GCM mode for authenticated encryption (integrity + confidentiality)
  • Seed import should be transactional — all or nothing
  • The example YAML should have placeholder values, not real credentials

Review Checklist

  • All tasks completed
  • Crypto uses secure practices (random nonce, GCM, no ECB)
  • No hardcoded keys or secrets
  • YAML parsing validates required fields
  • Import is transactional

Handoff to Next Phase

Reference in New Issue View Git Blame Copy Permalink