Change encryption method of export files to GPG
Closed, ResolvedPublic3 Estimated Story Points
Actions

Description

We want to change the encryption method of exported data to GPG. The third-party software provider that is picking up the files needs to test their implementation of automatic processing, so we have to provide a test file for them. We can run the exporter and just write the column headers to a file.

Acceptance Criteria:

The recipient's public GPG key is present on the machine creating the export files
The nightly CSV exports are compressed and then encrypted using GPG
Formerly used encryption keys are removed from the ansible-vault
The respective user's home directory contains a folder called data_test.
The test folder contains an encrypted file for the third-party to test.

Related Objects

Mentioned In: T220957: Switch file and transport encryption method for data exports

Event Timeline

kai.nissen created this task.Oct 20 2017, 12:46 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 20 2017, 12:46 PM

The export files are not zipped anymore

What is the rationale behind this requirement? Doesn't this drastically increase the required disk space?

kai.nissen added a project: WMDE-Fundraising-Funban-2.Oct 25 2017, 4:16 PM

Thanks for pointing out. Of course, the files should be encrypted, but not using 7za.

Updated the task description to clarify the order of compression and description, as per https://stackoverflow.com/a/4399876/130121

kai.nissen removed a project: WMDE-Fundraising-Funban-2.Jul 2 2018, 8:34 AM

kai.nissen updated the task description. (Show Details)

gabriel-wmde set the point value for this task to 3.Jul 2 2018, 10:44 AM

• Tim_WMDE moved this task from Backlog to Sprint ready on the WMDE-Fundraising-Tech board.Jul 2 2018, 1:59 PM

gabriel-wmde added a project: WMDE-FUN-Sprint-2018-07-09.Jul 9 2018, 10:20 AM

• Tim_WMDE moved this task from Sprint ready to Current Sprint on the WMDE-Fundraising-Tech board.Jul 10 2018, 2:25 PM

gabriel-wmde moved this task from Todo to Doing on the WMDE-FUN-Sprint-2018-07-09 board.Jul 12 2018, 10:44 AM

https://github.com/wmde/fundraising-infrastructure/pull/217

gabriel-wmde moved this task from Doing to Todo on the WMDE-FUN-Sprint-2018-07-09 board.Jul 13 2018, 8:55 AM

gabriel-wmde moved this task from Todo to Doing on the WMDE-FUN-Sprint-2018-07-09 board.Jul 16 2018, 12:17 PM

I've exported some of today's donations into data_test/donations-201807161727.zip.gpg and used a modified version of the export script. When the third party has successfully tested this, we need to amend the PR to replace the export.sh script with export_gpg.sh, then run the backend.yml script.

gabriel-wmde moved this task from Doing to Test on the WMDE-FUN-Sprint-2018-07-09 board.Jul 16 2018, 3:48 PM

kai.nissen added a project: WMDE-FUN-Sprint-2018-07-23.Jul 23 2018, 10:06 AM

kai.nissen moved this task from Todo to Blocked externally on the WMDE-FUN-Sprint-2018-07-23 board.

• Tim_WMDE added a project: WMDE-FUN-Sprint-2018-08-06.Aug 6 2018, 10:11 AM

• Tim_WMDE moved this task from Todo to Blocked externally on the WMDE-FUN-Sprint-2018-08-06 board.

kai.nissen claimed this task.Aug 20 2018, 3:02 PM

kai.nissen moved this task from Current Sprint to Blocked on the WMDE-Fundraising-Tech board.

kai.nissen mentioned this in T220957: Switch file and transport encryption method for data exports.Apr 15 2019, 11:22 AM

kai.nissen closed this task as Resolved.Apr 15 2019, 2:26 PM

Change encryption method of export files to GPGClosed, ResolvedPublic3 Estimated Story PointsActions

Description

Related Objects

Event Timeline

Change encryption method of export files to GPG
Closed, ResolvedPublic3 Estimated Story Points
Actions