[rbdemo] Decrypt and encrypt sensitive fixture data.
Review Request #12409 — Created June 24, 2022 and submitted — Latest diff uploaded
The new rbdemo fixture support made a bad assumption that the hosting
service account data could be simply set and used, but this data is
actually encrypted, meaning it's not portable between servers.
To address this, that part of the fixture data is no longer literal.
Instead, each key specifies whether it's raw or encrypted in the
fixture, and whether it should be raw or encrypted in the resulting
To cover bases, user password hashes are now encrypted as well.
An AES encryption key must be set on the instance, and this will be used
to decrypt the data in the fixture. The data can then be re-encrypted
for the target server.
This allows for safe sensitive data storage and fixture portability.
Deployed this to demo.reviewboard.org along with new fixtures using
this. The data was successfully decrypted from the fixture and
re-encrypted for the target server.