alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d63c831d155c51301f08e7f2ed38fd347028635f
tiny-forge/plans/docker-watcher-core/phase-2-crypto-config.md
T
alexei.dolgolyov 0bb52f9ec6 chore: add feature planner setup for docker-watcher-core 
Create structured plan files with 12 phases covering the full
implementation: scaffold, store, crypto, Docker/NPM clients,
registry poller, webhook, deployer, API layer, SvelteKit frontend,
embedding, and hardening.
2026-03-27 20:42:42 +03:00

51 lines
2.2 KiB
Markdown
Raw Blame History

# Phase 2: Crypto & Config Seed Loader
**Status:** ⬜ Not Started
**Parent plan:** [PLAN.md](./PLAN.md)
**Domain:** backend
## Objective
Implement AES-256 encryption for credential storage and the YAML seed config parser that imports into SQLite on first launch.
## Tasks
- [ ] Task 1: Implement AES-256-GCM encrypt/decrypt functions using Go stdlib `crypto/aes` + `crypto/cipher`
- [ ] Task 2: Key derivation from ENCRYPTION_KEY env var (SHA-256 hash to get 32 bytes)
- [ ] Task 3: Define YAML config structs matching the seed format from PLAN.md
- [ ] Task 4: Implement YAML parser — read and validate seed file
- [ ] Task 5: Implement seed importer — checks if DB is empty, if so imports YAML into SQLite via store CRUD
- [ ] Task 6: Encrypt credential fields (registry tokens, NPM password) during import
- [ ] Task 7: Create `docker-watcher.example.yaml` with documented example config
- [ ] Task 8: Wire seed import into `cmd/server/main.go` startup sequence
## Files to Modify/Create
- `internal/crypto/crypto.go` — AES-256-GCM encrypt/decrypt
- `internal/config/config.go` — YAML structs and parser
- `internal/config/seed.go` — seed import logic (YAML → SQLite)
- `docker-watcher.example.yaml` — example seed config
- `cmd/server/main.go` — add seed import to startup
## Acceptance Criteria
- Encrypt then decrypt round-trips correctly
- Different plaintexts produce different ciphertexts (random nonce)
- YAML parsing handles all fields from the seed format
- Seed import creates projects, stages, registries, and settings in SQLite
- Credentials are encrypted before storage
- Import is idempotent — skipped if DB already has data
## Notes
- ENCRYPTION_KEY is the only secret env var — everything else is encrypted in SQLite
- Use GCM mode for authenticated encryption (integrity + confidentiality)
- Seed import should be transactional — all or nothing
- The example YAML should have placeholder values, not real credentials
## Review Checklist
- [ ] All tasks completed
- [ ] Crypto uses secure practices (random nonce, GCM, no ECB)
- [ ] No hardcoded keys or secrets
- [ ] YAML parsing validates required fields
- [ ] Import is transactional
## Handoff to Next Phase
<!-- Filled in by the implementation agent after completing this phase. -->
Reference in New Issue View Git Blame Copy Permalink