oobmigrations: Extract encryption tasks (!39984) · Merge requests · Warren Gifford / sourcegraph

Warren Gifford requested to merge ef/38050 into ef/38050-encrypter Aug 04, 2022

Created by: efritz

Cleanup encryption in the database and run background encryption as a worker task (not out-of-band migrations). Partial fix to #38050 (closed) and #38052 (closed).

This PR changes (roughly by commit):

Adds a background task to the worker service that encrypts/decrypts values in the database
Adds a ALLOW_DECRYPTION flag that stops encrypted writes and flips the background task direction
Updates encryption documentation and adds a changelog note
Removes four now redundant out-of-band migrations

Pre-work to this PR:

(#40050): Consolidates all encryption/decryption to the internal/encryption package (new helpers.go file)
(#40062): Adds a database utility that can encrypt records in batch

Test plan

Existing and new unit tests. End-to-end testing done by encrypting/decrypting values in a local instance.

oobmigrations: Extract encryption tasks

Test plan

Merge request reports