Skip to content

Commit 45cfdbc

Browse files
author
Artem
committed
resolve PR comments
1 parent c88b561 commit 45cfdbc

File tree

3 files changed

+16
-15
lines changed

3 files changed

+16
-15
lines changed

DOCKER_README.md

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,10 @@ These commands will build the image and then start the container. Redis Insight
1717

1818
Redis Insight supports several configuration values that can be supplied via container environment variables. The following may be provided:
1919

20-
| Variable | Purpose | Default | Additional Info |
21-
| ---------|---------|-----------------|---------|
22-
| RI_APP_PORT | The port the app listens on | 5000 | See [Express Documentation](https://expressjs.com/en/api.html#app.listen) |
23-
| RI_APP_HOST | The host the app listens on | 0.0.0.0 | See [Express Documentation](https://expressjs.com/en/api.html#app.listen) |
24-
| RI_SERVER_TLS_KEY | Private key for HTTPS | | Private key in [PEM format](https://www.ssl.com/guide/pem-der-crt-and-cer-x-509-encodings-and-conversions/#ftoc-heading-3). May be a path to a file or a string in PEM format. |
25-
| RI_SERVER_TLS_CERT | Certificate for supplied private key | | Public certificate in [PEM format](https://www.ssl.com/guide/pem-der-crt-and-cer-x-509-encodings-and-conversions/#ftoc-heading-3) |
20+
| Variable | Purpose | Default | Additional Info |
21+
| ---------|---------|-----------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
22+
| RI_APP_PORT | The port the app listens on | 5000 | See [Express Documentation](https://expressjs.com/en/api.html#app.listen) |
23+
| RI_APP_HOST | The host the app listens on | 0.0.0.0 | See [Express Documentation](https://expressjs.com/en/api.html#app.listen) |
24+
| RI_SERVER_TLS_KEY | Private key for HTTPS | | Private key in [PEM format](https://www.ssl.com/guide/pem-der-crt-and-cer-x-509-encodings-and-conversions/#ftoc-heading-3). May be a path to a file or a string in PEM format. |
25+
| RI_SERVER_TLS_CERT | Certificate for supplied private key | | Public certificate in [PEM format](https://www.ssl.com/guide/pem-der-crt-and-cer-x-509-encodings-and-conversions/#ftoc-heading-3) |
26+
| RI_ENCRYPTION_KEY | Key to encrypt data with | | Redisinsight stores some data such as connection details locally (using [sqlite3](https://github.com/TryGhost/node-sqlite3)). It might be usefull to store sensitive data such as passwords, or private keys encrypted. For this case RedisInsight supports encryption with provided key.<br />Note: The Key must be the same for the same RedisInsight instance to be able to decrypt exising data. If for some reason the key was changed, you will have to enter the credentials again to connect to the Redis database. |

redisinsight/api/src/modules/encryption/strategies/key-encryption.strategy.spec.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ describe('KeyEncryptionStrategy', () => {
4646
expect(await service.encrypt(mockDataToEncrypt)).toEqual(mockKeyEncryptResult);
4747
expect(service['cipherKey']).not.toEqual(undefined);
4848
});
49-
it('Should throw KeytarEncryptionError when unable to encrypt', async () => {
49+
it('Should throw KeyEncryptionError when unable to encrypt', async () => {
5050
await expect(service.encrypt(null)).rejects.toThrowError(KeyEncryptionErrorException);
5151
});
5252
it('Should throw KeyUnavailable when there is no key but we are trying to encrypt', async () => {

redisinsight/api/src/modules/encryption/strategies/key-encryption.strategy.ts

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -6,19 +6,20 @@ import { EncryptionResult, EncryptionStrategy } from 'src/modules/encryption/mod
66
import { IEncryptionStrategy } from 'src/modules/encryption/strategies/encryption-strategy.interface';
77
import {
88
KeyDecryptionErrorException,
9-
KeyEncryptionErrorException, KeyUnavailableException
9+
KeyEncryptionErrorException,
10+
KeyUnavailableException,
1011
} from 'src/modules/encryption/exceptions';
11-
import config from 'src/utils/config';
12+
import config, { Config } from 'src/utils/config';
1213

1314
const ALGORITHM = 'aes-256-cbc';
1415
const HASH_ALGORITHM = 'sha256';
15-
const SERVER_CONFIG = config.get('server');
16+
const SERVER_CONFIG = config.get('server') as Config['server'];
1617

1718
@Injectable()
1819
export class KeyEncryptionStrategy implements IEncryptionStrategy {
1920
private logger = new Logger('KeyEncryptionStrategy');
2021

21-
private cipherKey;
22+
private cipherKey: Buffer;
2223

2324
private readonly key: string;
2425

@@ -27,8 +28,8 @@ export class KeyEncryptionStrategy implements IEncryptionStrategy {
2728
}
2829

2930
/**
30-
* Get password from storage and create cipher key
31-
* Note: Will generate new password if it doesn't exists yet
31+
* Will return existing cipher stored in-memory or
32+
* create new one using specified key and store it in-memory
3233
*/
3334
private async getCipherKey(): Promise<Buffer> {
3435
if (!this.cipherKey) {
@@ -45,8 +46,7 @@ export class KeyEncryptionStrategy implements IEncryptionStrategy {
4546
}
4647

4748
/**
48-
* Checks if Keytar functionality is available
49-
* Basically just try to get a password and checks if this call fails
49+
* Checks if secret key was specified
5050
*/
5151
async isAvailable(): Promise<boolean> {
5252
return !!this.key;

0 commit comments

Comments
 (0)