Sanitation
PlatformDomainsAcademyDesign SystemFeedback
v1.3.1
v1.3.1
  • Introducing DIGIT Sanitation
    • Roadmap
    • Who can use DIGIT Sanitation?
      • Field Research
  • Platform
    • Features
    • Release Notes
      • Test Cases
      • Service Build Update
        • Release Builds for DIGIT 2.8
      • MDMS Configuration Updates
      • Test Cases for Urban-Rural Convergence
      • Localisation
      • Impel Release Notes
    • Architecture
    • Installation
    • Setup
      • On AWS
    • Operations Guide
    • Development Guide
      • Backend Developer Guide
      • UI Developer Guide
    • Source Code
  • Product
    • Faecal Sludge Management (FSM)
      • Features
      • Sanitation Actors & Interactions
      • User Interface Design
      • FSM Core Service Configuration
        • FSM Implementation Configuration
        • FSM Calculator
        • FSM Vendor Registry
          • Workflow Service
            • Configuring Workflows For New Product/Entity
            • Setting Up Workflows
            • Workflow 2.0 Configuration
          • User Service
            • User Data Encryption Promotion
            • Encryption Client Library
          • API Contract
        • FSM Vehicle Registry
        • Legacy/Re-Indexing the FSM Data
        • FSM UI Docs
          • FSM Citizen UI
          • FSM Employee UI
          • FSM DSO UI
          • FSM FSTPO UI
        • FSM-DSS Technical Documentation
      • FSM User Manual
        • FSM Citizen User Manual
        • FSM Employee User Manual
          • Manage Vendor, Driver and Vehicle Details
        • DSO User Manual
        • Septage Treatment Plant Operator User Manual
      • Test Cases
      • FSM UI/UX Audit
      • FSM Functional Specification
      • FSM Technical Specification
        • Vehicle Technical Specification
        • Vendor Technical Specification
        • Calculator Technical Specification
      • FSM Release Notes
      • Training
  • Programme
    • Functional Customisation
      • Urban-Rural Convergence
    • Technical Customisation
    • Technical Specification: Urban-Rural Convergence
    • Standard Operating Procedure (SOP)
    • Program Rollout Plan
    • Adoption Metrics
    • Implementation Plan
    • Implementation Guide
      • General FSM Implementation Activities
    • Implementation Checklist
  • COMMUNITY
    • Contribute
    • Issues
Powered by GitBook

All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.

On this page
  • Promotion of Encryption Service
  • Data Migration
  • Service Builds

Was this helpful?

Export as PDF
  1. Product
  2. Faecal Sludge Management (FSM)
  3. FSM Core Service Configuration
  4. FSM Vendor Registry
  5. User Service

User Data Encryption Promotion

Last updated 1 year ago

Was this helpful?

Promotion of Encryption Service

Steps

  • Choose values for the following fields:

- master-password: choose any string of any length (can contain alphanumerics and special characters)

- master-salt: choose any string of length 8 (can contain alphanumerics and special characters)

- master-initialvector: choose any string of length 12 (can contain alphanumerics and special characters)

- Ask devops to generate keys for above selected values,

- In environment secrets.yml file, add “egov-enc-service” subsection under 'secrets' section, and provide values for above three fields. For example: For dev environment (Ask Devops to do it)

  • Add field “state-level-tenant-id“ under “egov-enc-service:” section for state level tenantId in environment yml. Example:

  • Promote egov-enc-service:4-master-f47bff2

  • Make sure “egov-enc-service“ entry is present in “egov-service-host” in environment yml ,ex:- for dev . If not, make changes and build and deploy zuul from master branch.

Data Migration

Steps

  • Provide DB details in following environment variables

- DB_PASSWORD

- DB_HOST

- DB_PORT

- DB_USERNAME

- DB_NAME'

  • Backup old tables

- Create table eg_user_backup_plaintext as (select * from eg_user)

- Create table eg_user_address_backup_plaintext as (select * from eg_user_address)

  • Delete foreign key referenced on ‘eg_user’ from ‘eg_userrole_v1’ temporarily until the data is transformed

- ALTER TABLE eg_userrole_v1 DROP CONSTRAINT fk_user_role_v1

  • Deploy user service build with encryption to run flyway migration (egov-user:11-user_changes_MT-800f319)

  • Clean tables of all plain text data

- Delete from eg_user_address

- Delete from eg_user

  • Run migration

- Script python package dependencies

- import psycopg2

- import sys

- import json

- import requests

- import configparser

- import logging

- import os

Commands to run for migration:

- python3 user_migration.py config_user_encryption.txt

- python3 user_migration.py config_address_encryption.tx

  • Restore earlier deleted foreign key constraint

- ALTER TABLE eg_userrole_v1 ADD CONSTRAINT fk_user_role_v1 FOREIGN KEY (user_id, user_tenantid) REFERENCES eg_user(id, tenantid) MATCH SIMPLE ON UPDATE NO ACTION ON DELETE NO ACTION

Service Builds

  • User service: egov-user:11-user_changes_MT-800f319

- Set environment variable “DECRYPTION_ABAC_ENABLED” to false

  • User service copy for chatbot: egov-user-chatbot:4-user_changes_MT-621fe60

Note: Promote only if Whatsapp chatbot is already running in the system. It uses another copy of user service named “egov-user-chatbot“. Not needed if Whatsapp- chatbot is not in the system.

  • Report service: report:22-report-encryption-changes-e92c8ae

  • enc-service: egov-enc-service:4-master-f47bff2

MDMS: Copy the MDMS folder -

https://github.com/egovernments/eGov-infraOps/blob/master/helm/environments/dev-secrets.yaml#L29
https://github.com/egovernments/eGov-infraOps/blob/master/helm/environments/qa.yaml#L525
https://github.com/egovernments/eGov-infraOps/blob/master/helm/environments/dev.yaml#L65
https://github.com/egovernments/egov-mdms-data/tree/master/data/pb/DataSecurity