Encrypt cache values via Solid Cache config #174
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
75d8332 to
c12f746
Compare
Allows you to enable encryption of cache values with:
```yaml
\# config/solid_cache.yml
production:
encrypt: true
```
or
```ruby
\# application.rb
config.solid_cache.encrypt = true
```
Requires Active Record Encryption to be configured already.
Solid Cache by default uses a custom encryptor and message serializer
that are optimised for it.
Firstly it disabled compression with the encryptor
`ActiveRecord::Encryption::Encryptor.new(compress: false)` - the cache
already compresses the data.
Secondly it uses `ActiveRecord::Encryption::MessagePackMessageSerializer.new`
as the serializer. This serializer can only be used for binary columns,
but can store about 40% more data than the standard serializer.
Or allow custom context properties to be set:
```ruby
\# application.rb
config.solid_cache.encryption_context_properties = {
encryptor: ActiveRecord::Encryption::Encryptor.new,
message_serializer: ActiveRecord::Encryption::MessageSerializer.new
}
```
Add 170 bytes to the estimated size of each entry when encryption is enabled. This assumes that the default context properties are used.
a51973a to
2133d72
Compare
This will need to wait for Rails to support binary encrypted columns - see rails/rails#52650.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Allows you to enable encryption of cache values with:
or
Requires Active Record Encryption to be configured already.
Solid Cache by default uses a custom encryptor and message serializer that are optimised for it.
Firstly it disabled compression with the encryptor
ActiveRecord::Encryption::Encryptor.new(compress: false)- the cache already compresses the data.Secondly it uses
ActiveRecord::Encryption::MessagePackMessageSerializer.newas the serializer. This serializer can only be used for binary columns, but can store about 40% more data than the standard serializer.Or allow custom context properties to be set: