sidekiq-field-encryptor

Sidekiq::Field::Encryptor

This is a utility which is intended to be used for encrypting sensitive data in Sidekiq jobs. The data is encrypted before sending it to Redis, and decrypted right before the Sidekiq job is executed.

Installation

Add the following line to your application's Gemfile.

gem 'sidekiq-field-encryptor'

And then run bundle install.

Usage

This middleware configures encryption of any fields that can contain sensitive information. Keys in the hash are Sidekiq job classes and values are hashes that map indices in the args array to either "true" (encrypt the entire arg) or a list of keys (encrypt certain values in a hash argument). For example, the configuration hash:

{ 'Job::Foo' => { 0 => true, 3 => [ 'secret', 'id' ] } }

When applied to the Sidekiq job:

{
  'class' => 'Job::Foo',
  'args' => [{'x' => 1}, 'y', 'z', { 'public' => 'a', 'secret' => 'b' }],
  ...
}

Will encrypt the values {'x' => 1} and 'b' when storing the job in Redis and decrypt the values inside the client before the job is executed.

Contributing

1. Fork the project.
2. Commit your changes, with specs.
3. Ensure that your code passes specs (bundle exec rspec) and meets Aptible's Ruby style guide (bundle exec rubocop).
4. Create a new pull request on GitHub.

Copyright and License

MIT License, see LICENSE for details.

Copyright (c) 2024 Aptible, Blake Pettersson, and contributors.