Encrypt runners tokens

What does this MR do?

This merge request adds encryption support for some tokens related to CI/CD runners.

What are the relevant issue numbers?

Closes #52931
Closes #51232

Does this MR meet the acceptance criteria?

• Changelog entry added, if necessary
• Tests added for this feature/bug
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the database guides

Moving this merge request from dev.gitlab.org, as per https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2639#note_141633 /cc @nick.thomas @godfat

added security + 1 deleted label

	3 Warnings
	This merge request is quite big (more than 1063 lines changed), please consider splitting it into multiple merge requests.
	This merge request adds files that do not enforce frozen string literal. See https://gitlab.com/gitlab-org/gitlab-ce/issues/47424 for more information.
	This merge request includes more than 10 commits. Please rebase these commits into a smaller number of commits.

	1 Message
	This merge request adds or changes files that require a review from the Database team.

Database Review

The following files require a review from the Database team:

• db/migrate/20181115140140_add_encrypted_runners_token_to_settings.rb
• db/migrate/20181116141415_add_encrypted_runners_token_to_namespaces.rb
• db/migrate/20181116141504_add_encrypted_runners_token_to_projects.rb
• db/migrate/20181120151656_add_token_encrypted_to_ci_runners.rb
• db/post_migrate/20181121111200_schedule_runners_token_encryption.rb
• db/schema.rb
• lib/gitlab/background_migration/encrypt_columns.rb
• lib/gitlab/background_migration/encrypt_runners_tokens.rb
• lib/gitlab/background_migration/models/encrypt_columns/namespace.rb
• lib/gitlab/background_migration/models/encrypt_columns/project.rb
• lib/gitlab/background_migration/models/encrypt_columns/runner.rb
• lib/gitlab/background_migration/models/encrypt_columns/settings.rb
• lib/gitlab/background_migration/models/encrypt_columns/web_hook.rb

To make sure these changes are reviewed, take the following steps:

1. Edit your merge request, and add gl-database to the list of Group approvers.
2. Mention @gl-database in a separate comment, and explain what needs to be reviewed by the team. Please don't mention the team until your changes are ready for review.

Enable Frozen String Literal

The following files should have # frozen_string_literal: true on the first line:

• spec/lib/gitlab/background_migration/encrypt_runners_tokens_spec.rb
• spec/lib/gitlab/crypto_helper_spec.rb
• spec/migrations/schedule_runners_token_encryption_spec.rb
• spec/models/concerns/token_authenticatable_strategies/base_spec.rb
• spec/models/concerns/token_authenticatable_strategies/encrypted_spec.rb

Generated by Danger

added 398 commits

• 4c7665f2...0f800a5c - 397 commits from branch master
• 0b8a2779 - Merge branch 'master' into fix/gb/encrypt-runners-tokens

Compare with previous version

unmarked as a Work In Progress

changed the description

@abrandl Can you please review database changes here?

@nick.thomas @godfat can you take a look at backend code for the last time?

Thanks in advance!

assigned to @abrandl

added 1 commit

• 439d22b9 - Add changelog for runners token encryption fix

Compare with previous version

added database label

mentioned in issue #53659 (closed)

Thanks @grzesiek , just minor things from my point of view now. I think this is about ready!

resolved all discussions

added 93 commits

• 439d22b9...68526805 - 92 commits from branch master
• a7fec177 - Merge commit '68526805' into fix/gb/encrypt-runners-tokens

Compare with previous version