Created by Colin Watson on 2019-06-27 and last modified on 2019-08-21
Get this branch:
bzr branch lp:~cjwatson/launchpad/snap-store-secrets-encrypt
Only Colin Watson can upload to this branch. If you are Colin Watson please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Colin Watson
Launchpad itself

Recent revisions

18994. By Colin Watson on 2019-08-21

Factor out a _set_discharge_macaroon_raw function.

18993. By Colin Watson on 2019-08-21

Remove unused function.

18992. By Colin Watson on 2019-06-27

Support encrypting snap store discharge macaroons at rest.

We should be encrypting sensitive data such as authentication tokens at rest
in the database, and this adds basic general support for doing that and sets
it up for the SSO discharge macaroons used for uploading snaps to the store.

These discharge macaroons are refreshed every so often, and that will
encrypt the refreshed tokens if a suitable public key is configured.

The JSON-serialised encrypted format includes the public key in order to
support future key rotation (by configuring multiple key pairs and using the
corresponding private key for decryption), although I haven't actually
written the code for that yet.

18991. By Launchpad PQM Bot on 2019-06-21

[r=cjwatson][no-qa] Upgrade loggerhead to r493.

18990. By Launchpad PQM Bot on 2019-06-21

[r=cjwatson][no-qa] Manual Review should not fail the upload job

18989. By Launchpad PQM Bot on 2019-06-20

[r=twom][no-qa] Log lightly-redacted payloads of scheduled webhook

18988. By Launchpad PQM Bot on 2019-06-19

[r=cjwatson][bug=1684529] Use release intents to release snapbuilds
 to channels after building

18987. By Launchpad PQM Bot on 2019-06-19

[r=cjwatson][bug=1831942] Add u-boot Flat Image Tree signing support.

18986. By Launchpad PQM Bot on 2019-06-18

[testfix][r=cjwatson][no-qa] Go back to using the unique name for

18985. By Launchpad PQM Bot on 2019-06-18

[r=maxiberta][no-qa] Upgrade to difftacular r11.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.