Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement vault batch_input to decrypt multiple attributes efficiently #134

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Implement vault batch_input to decrypt multiple attributes efficiently #134

wants to merge 1 commit into from

Conversation

joekarl
Copy link

@joekarl joekarl commented May 11, 2023

Description

As currently implemented, __vault_load_attributes loops over __vault_load_attribute if vault_single_decrypt is disabled. In the case where an encrypted model has many vault attributes this will incur a vault load per attribute.
Vault supports batch_input/batch_results on the decrypt API which allows loading all of the decrypted data for multiple attributes in a single vault call.

This adds the decrypt_all call to Vault::Rails which internally uses batch_input.
Also added is support code to use this and some test code to verify correctness.

Implement vault batch_input to decrypt multiple attributes efficiently
3c49049 
Adds __vault_load_all_attributes which uses the vault decrypt batch_input API
Adds a new vault_batch_decrypt setting to enable this behavior on an encrypted model
Adds tests to exercise the new batching behavior
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@joekarl