apache
MINIFICPP-2282 Support re-encryption of sensitive properties
Added a new --re-encrypt option to the flow-config action of the encrypt-config binary, which can decrypt the sensitive properties using the .old key and re-encrypt them with a new key (either supported by the user or auto-generated).
https://issues.apache.org/jira/browse/MINIFICPP-2282
Thank you for submitting a contribution to Apache NiFi - MiNiFi C++.
In order to streamline the review of the contribution we ask you to ensure the following steps have been taken:
For all changes:
-
[x] Is there a JIRA ticket associated with this PR? Is it referenced in the commit message?
-
[x] Does your PR title start with MINIFICPP-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.
-
[x] Has your PR been rebased against the latest commit within the target branch (typically main)?
-
[ ] Is your initial contribution a single, squashed commit?
For code changes:
- [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
- [ ] If applicable, have you updated the LICENSE file?
- [ ] If applicable, have you updated the NOTICE file?
For documentation related changes:
- [ ] Have you ensured that format looks appropriate for the output in which it is rendered?
Note:
Please ensure that once the PR is submitted, you check GitHub Actions CI results for build issues and submit an update to your PR as soon as possible.
There is a problem with this pull request: if you run encrypt-config flow-config --re-encrypt twice, then it encrypts the already-encrypted properties a second time, making them unusable. I'll put the PR in draft mode until I fix this.
Update: fixed in 7fd97273f2eb5798777fc3a0e2b7e359d8758427