Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue 413: Encrypt sensitive data in the clinics table #3048

Merged
merged 3 commits into from
Sep 24, 2023
Merged

Issue 413: Encrypt sensitive data in the clinics table #3048

merged 3 commits into from
Sep 24, 2023

Conversation

mercedesb
Copy link
Contributor

@mercedesb mercedesb commented Aug 18, 2023
edited
Loading

I rule and have completed some work on Case Manager that's ready for review!

This PR encrypts sensitive clinic data at-rest.

This pull request makes the following changes:

  • Configures deterministic encryption to support cases where that's required (like when we want to have uniqueness validation)
    • You'll want to set an env var in production for ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY prior to running the post-deploy rake task
  • Encrypts sensitive clinic columns
  • Adds post-deploy rake task to encrypt existing clinic data
    • run rails clinic:encrypt_sensitive_columns after you deploy this branch
    • if you run a select query on the clinics table in production, you should see both a bunch of the columns are encrypted

It relates to the following issue #s:

For reviewer:

  • Adjust the title to explain what it does for the notification email to the listserv.
  • Tag this PR:
    • feature if it contains a feature, fix, or similar. This is anything that contains a user-facing fix in some way, such as frontend changes, alterations to backend behavior, or bug fixes.
    • dependencies if it contains library upgrades or similar. This is anything that upgrades any dependency, such as a Gemfile update or npm package upgrade.
  • If it contains neither, no need to tag this PR.

@mercedesb
Copy link
Contributor Author

coordinates is probably a sensitive column but it's a decimal array field so out-of-the-box ActiveRecord encryption doesn't totally work. Let me know if you'd like me to spend some time on a small custom solution so we can encrypt non-string fields (I'd do that work in a separate PR)

colinxfleming
colinxfleming approved these changes Sep 24, 2023
View reviewed changes
Copy link
Member

@colinxfleming colinxfleming left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does what it says on the tin! Nice work again. I've also added the new env var to our staging and prod environments.

I think encrypting coordinates is good if we can swing it. I'm willing to change the datatype for that column if it's helpful though that's obviously a bit more involved. If you want to tackle it, whip up an issue for it I think?

thanks much @mercedesb !

@colinxfleming colinxfleming merged commit d84016b into DARIAEngineering:main Sep 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@colinxfleming colinxfleming colinxfleming approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mercedesb @colinxfleming