Skip to content

feat(credentials): Implement KMS encryption process#1044

Merged
vprashrex merged 12 commits into
mainfrom
feat/kms-integration
Jul 16, 2026
Merged

feat(credentials): Implement KMS encryption process#1044
vprashrex merged 12 commits into
mainfrom
feat/kms-integration

Conversation

@vprashrex

@vprashrex vprashrex commented Jul 12, 2026

Copy link
Copy Markdown
Collaborator

Issue

Closes #416

Summary

  • Before: Existing credentials were not encrypted with KMS.
  • Now: Added KMS-based encryption and re-encryption process for credentials.
  • Implemented integration with KMS for encryption.
  • Developed re-encryption logic to update existing credentials.

Checklist

Before submitting a pull request, please ensure that you mark these task.

  • Ran fastapi run --reload app/main.py or docker compose up in the repository root and test.
  • If you've fixed a bug or added code that is tested and has test cases.

Notes

Please read the documentation for better understanding of how kms will work in kaapi
https://docs.google.com/document/d/1N8KVB6de0sydwtXvgJKNAjGKrZ5Uke8IUoWPDyNWMqc/edit?tab=t.0#heading=h.t2mkgsxvvisn

@coderabbitai

coderabbitai Bot commented Jul 12, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are limited based on label configuration.

🏷️ Required labels (at least one) (1)
  • ready-for-review

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 240af8bc-c672-4a30-aed0-22457c38aaa1

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/kms-integration

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions github-actions Bot changed the title feat(credentials): Implement KMS-based credential encryption and re-encryption process feat(credentials): Implement KMS encryption process Jul 12, 2026
@github-actions

github-actions Bot commented Jul 12, 2026

Copy link
Copy Markdown

OpenAPI changes   ⚪ No API surface changes

Note

This PR does not modify the API contract.

main60832991 · generated by oasdiff

@codecov

codecov Bot commented Jul 12, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 85.03401% with 22 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
backend/app/core/security.py 71.79% 11 Missing ⚠️
backend/app/services/credentials/reencrypt.py 76.31% 9 Missing ⚠️
backend/app/core/cloud/storage.py 50.00% 2 Missing ⚠️

📢 Thoughts on this report? Let us know!

@vprashrex vprashrex self-assigned this Jul 13, 2026
@vprashrex vprashrex added the enhancement New feature or request label Jul 13, 2026
@vprashrex vprashrex linked an issue Jul 13, 2026 that may be closed by this pull request
@vprashrex
vprashrex temporarily deployed to AWS_STAGING_ENV July 14, 2026 07:03 — with GitHub Actions Inactive
@vprashrex
vprashrex force-pushed the feat/kms-integration branch from eab503c to 7258a51 Compare July 14, 2026 07:16
@vprashrex
vprashrex force-pushed the feat/kms-integration branch from d52c954 to df08ac9 Compare July 16, 2026 04:35
@vprashrex
vprashrex requested review from Ayush8923 and Prajna1999 and removed request for Ayush8923 July 16, 2026 12:03
@vprashrex
vprashrex requested a review from kartpop July 16, 2026 12:04
@vprashrex
vprashrex merged commit 580d232 into main Jul 16, 2026
3 of 4 checks passed
@vprashrex
vprashrex deleted the feat/kms-integration branch July 16, 2026 12:17
@github-actions

Copy link
Copy Markdown

🎉 This PR is included in version 1.4.0-main.4 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request released on @main

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Authn/Authz: Enhanced security for client credentials management

3 participants