search

appsmithorg / appsmith

Platform to build admin panels, internal tools, and dashboards. Integrates with 25+ databases and any API.
https://www.appsmith.com
Apache License 2.0
32.49k stars 3.52k forks source link

[Feature]: Support encryption for automated backups #34283

Open moneystack-alex opened 1 month ago

moneystack-alex commented 1 month ago

Is there an existing issue for this?

Description

Automated backups are not encrypted before uploading to s3, but they should be encrypted using APPSMITH_ENCRYPTION_PASSWORD APPSMITH_ENCRYPTION_SALT

Steps To Reproduce

  1. When I run this command below, a backup is generated, encrypted with the password provided at command line, and then uploaded to s3.

docker-compose exec appsmith appsmithctl backup --upload-to-s3

  1. On the other hand, when that same command is scheduled to run with cron as shown here, it is not encrypted before uploading to s3.

  2. The backup should be encrypted using the encryption env values provided in the docker.env file:
    APPSMITH_ENCRYPTION_PASSWORD APPSMITH_ENCRYPTION_SALT

image

Public Sample App

No response

Environment

Production

Severity

Medium (Frustrating UX)

Issue video log

No response

Version

self-hosted, 1.28

Nikhil-Nandagopal commented 1 month ago

@moneystack-alex thanks you for raising the issue. This was intended behavior as we did not want to save the encryption values which could pose a security risk. We'll take this feature request into consideration and see if there is a better way to solve this