From 2043fe594f2fa16696c6429805108b94224957c0 Mon Sep 17 00:00:00 2001
From: imand3r <ianderson@gitlab.com>
Date: Mon, 12 Feb 2024 22:53:43 +0000
Subject: [PATCH] Add configuration settings for Arkose client API

Changelog: added
MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144534
---
 app/models/application_setting.rb             |  2 ++
 ...12223930_add_arkose_client_api_settings.rb | 23 +++++++++++++++++++
 db/schema_migrations/20240212223930           |  1 +
 db/structure.sql                              |  4 ++++
 4 files changed, 30 insertions(+)
 create mode 100644 db/migrate/20240212223930_add_arkose_client_api_settings.rb
 create mode 100644 db/schema_migrations/20240212223930

diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 4cb918c9c8b0d..5f6b869401e63 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -719,6 +719,8 @@ def self.kroki_formats_attributes
   attr_encrypted :external_pipeline_validation_service_token, encryption_options_base_32_aes_256_gcm
   attr_encrypted :mailgun_signing_key, encryption_options_base_32_aes_256_gcm.merge(encode: false)
   attr_encrypted :database_grafana_api_key, encryption_options_base_32_aes_256_gcm.merge(encode: false, encode_iv: false)
+  attr_encrypted :arkose_labs_client_xid, encryption_options_base_32_aes_256_gcm.merge(encode: false, encode_iv: false)
+  attr_encrypted :arkose_labs_client_secret, encryption_options_base_32_aes_256_gcm.merge(encode: false, encode_iv: false)
   attr_encrypted :arkose_labs_public_api_key, encryption_options_base_32_aes_256_gcm.merge(encode: false, encode_iv: false)
   attr_encrypted :arkose_labs_private_api_key, encryption_options_base_32_aes_256_gcm.merge(encode: false, encode_iv: false)
   attr_encrypted :arkose_labs_data_exchange_key, encryption_options_base_32_aes_256_gcm.merge(encode: false, encode_iv: false)
diff --git a/db/migrate/20240212223930_add_arkose_client_api_settings.rb b/db/migrate/20240212223930_add_arkose_client_api_settings.rb
new file mode 100644
index 0000000000000..31e9db553bc83
--- /dev/null
+++ b/db/migrate/20240212223930_add_arkose_client_api_settings.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+class AddArkoseClientApiSettings < Gitlab::Database::Migration[2.2]
+  milestone '16.10'
+
+  enable_lock_retries!
+
+  def up
+    add_column :application_settings, :encrypted_arkose_labs_client_xid, :binary
+    add_column :application_settings, :encrypted_arkose_labs_client_xid_iv, :binary
+
+    add_column :application_settings, :encrypted_arkose_labs_client_secret, :binary
+    add_column :application_settings, :encrypted_arkose_labs_client_secret_iv, :binary
+  end
+
+  def down
+    remove_column :application_settings, :encrypted_arkose_labs_client_xid, :binary
+    remove_column :application_settings, :encrypted_arkose_labs_client_xid_iv, :binary
+
+    remove_column :application_settings, :encrypted_arkose_labs_client_secret, :binary
+    remove_column :application_settings, :encrypted_arkose_labs_client_secret_iv, :binary
+  end
+end
diff --git a/db/schema_migrations/20240212223930 b/db/schema_migrations/20240212223930
new file mode 100644
index 0000000000000..3b274d76a0b09
--- /dev/null
+++ b/db/schema_migrations/20240212223930
@@ -0,0 +1 @@
+589d3135f638fa1222b03afa5d08d9be349d8c46c3c7f28fd6576cce43bff202
\ No newline at end of file
diff --git a/db/structure.sql b/db/structure.sql
index 008d218d43aa8..5032c2830e8ca 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -12656,6 +12656,10 @@ CREATE TABLE application_settings (
     enable_member_promotion_management boolean DEFAULT false NOT NULL,
     lock_math_rendering_limits_enabled boolean DEFAULT false NOT NULL,
     security_approval_policies_limit integer DEFAULT 5 NOT NULL,
+    encrypted_arkose_labs_client_xid bytea,
+    encrypted_arkose_labs_client_xid_iv bytea,
+    encrypted_arkose_labs_client_secret bytea,
+    encrypted_arkose_labs_client_secret_iv bytea,
     CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)),
     CONSTRAINT app_settings_container_registry_pre_import_tags_rate_positive CHECK ((container_registry_pre_import_tags_rate >= (0)::numeric)),
     CONSTRAINT app_settings_dep_proxy_ttl_policies_worker_capacity_positive CHECK ((dependency_proxy_ttl_group_policy_worker_capacity >= 0)),
-- 
GitLab