mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
chore: remove sqlstore & mockstore dependencies from (most) packages (#57087)
* chore: add alias for InitTestDB and Session Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store. * next pass of removing sqlstore imports * last little bit * remove mockstore where possible
This commit is contained in:
Kristin Laemmert
GitHub
@@ -7,11 +7,10 @@ import (
|
||||
|
||||
"xorm.io/xorm"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/services/kmsproviders"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/db"
|
||||
)
|
||||
|
||||
const dataKeysTable = "data_keys"
|
||||
@@ -32,7 +31,7 @@ func (ss *SecretsStoreImpl) GetDataKey(ctx context.Context, id string) (*secrets
|
||||
dataKey := &secrets.DataKey{}
|
||||
var exists bool
|
||||
|
||||
err := ss.sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := ss.sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
var err error
|
||||
exists, err = sess.Table(dataKeysTable).
|
||||
Where("name = ?", id).
|
||||
@@ -55,7 +54,7 @@ func (ss *SecretsStoreImpl) GetCurrentDataKey(ctx context.Context, label string)
|
||||
dataKey := &secrets.DataKey{}
|
||||
var exists bool
|
||||
|
||||
err := ss.sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := ss.sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
var err error
|
||||
exists, err = sess.Table(dataKeysTable).
|
||||
Where("label = ? AND active = ?", label, ss.sqlStore.GetDialect().BooleanStr(true)).
|
||||
@@ -76,7 +75,7 @@ func (ss *SecretsStoreImpl) GetCurrentDataKey(ctx context.Context, label string)
|
||||
|
||||
func (ss *SecretsStoreImpl) GetAllDataKeys(ctx context.Context) ([]*secrets.DataKey, error) {
|
||||
result := make([]*secrets.DataKey, 0)
|
||||
err := ss.sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := ss.sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
err := sess.Table(dataKeysTable).Find(&result)
|
||||
return err
|
||||
})
|
||||
@@ -84,7 +83,7 @@ func (ss *SecretsStoreImpl) GetAllDataKeys(ctx context.Context) ([]*secrets.Data
|
||||
}
|
||||
|
||||
func (ss *SecretsStoreImpl) CreateDataKey(ctx context.Context, dataKey *secrets.DataKey) error {
|
||||
return ss.sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
return ss.sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return ss.CreateDataKeyWithDBSession(ctx, dataKey, sess.Session)
|
||||
})
|
||||
}
|
||||
@@ -102,7 +101,7 @@ func (ss *SecretsStoreImpl) CreateDataKeyWithDBSession(_ context.Context, dataKe
|
||||
}
|
||||
|
||||
func (ss *SecretsStoreImpl) DisableDataKeys(ctx context.Context) error {
|
||||
return ss.sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
return ss.sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
_, err := sess.Table(dataKeysTable).
|
||||
Where("active = ?", ss.sqlStore.GetDialect().BooleanStr(true)).
|
||||
UseBool("active").Update(&secrets.DataKey{Active: false})
|
||||
@@ -115,7 +114,7 @@ func (ss *SecretsStoreImpl) DeleteDataKey(ctx context.Context, id string) error
|
||||
return fmt.Errorf("data key id is missing")
|
||||
}
|
||||
|
||||
return ss.sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
return ss.sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
_, err := sess.Table(dataKeysTable).Delete(&secrets.DataKey{Id: id})
|
||||
|
||||
return err
|
||||
@@ -128,14 +127,14 @@ func (ss *SecretsStoreImpl) ReEncryptDataKeys(
|
||||
currProvider secrets.ProviderID,
|
||||
) error {
|
||||
keys := make([]*secrets.DataKey, 0)
|
||||
if err := ss.sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := ss.sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.Table(dataKeysTable).Find(&keys)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
for _, k := range keys {
|
||||
err := ss.sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := ss.sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
provider, ok := providers[kmsproviders.NormalizeProviderID(k.Provider)]
|
||||
if !ok {
|
||||
ss.log.Warn(
|
||||
|
||||
@@ -4,13 +4,13 @@ import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/kvstore"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/plugins"
|
||||
"github.com/grafana/grafana/pkg/plugins/backendplugin/secretsmanagerplugin"
|
||||
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/db"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
)
|
||||
|
||||
|
||||
@@ -4,6 +4,9 @@ import (
|
||||
"context"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/kvstore"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
acmock "github.com/grafana/grafana/pkg/services/accesscontrol/mock"
|
||||
@@ -13,12 +16,10 @@ import (
|
||||
"github.com/grafana/grafana/pkg/services/secrets/fakes"
|
||||
secretskvs "github.com/grafana/grafana/pkg/services/secrets/kvstore"
|
||||
secretsmng "github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func SetupTestDataSourceSecretMigrationService(t *testing.T, sqlStore *sqlstore.SQLStore, kvStore kvstore.KVStore, secretsStore secretskvs.SecretsKVStore, compatibility bool) *DataSourceSecretMigrationService {
|
||||
func SetupTestDataSourceSecretMigrationService(t *testing.T, sqlStore db.DB, kvStore kvstore.KVStore, secretsStore secretskvs.SecretsKVStore, compatibility bool) *DataSourceSecretMigrationService {
|
||||
t.Helper()
|
||||
cfg := &setting.Cfg{}
|
||||
features := featuremgmt.WithFeatures()
|
||||
@@ -33,7 +34,7 @@ func SetupTestDataSourceSecretMigrationService(t *testing.T, sqlStore *sqlstore.
|
||||
|
||||
func TestMigrate(t *testing.T) {
|
||||
t.Run("should migrate from legacy to unified without compatibility", func(t *testing.T) {
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
kvStore := kvstore.ProvideService(sqlStore)
|
||||
secretsService := secretsmng.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
secretsStore := secretskvs.NewSQLSecretsKVStore(sqlStore, secretsService, log.New("test.logger"))
|
||||
@@ -97,7 +98,7 @@ func TestMigrate(t *testing.T) {
|
||||
})
|
||||
|
||||
t.Run("should migrate from legacy to unified with compatibility", func(t *testing.T) {
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
kvStore := kvstore.ProvideService(sqlStore)
|
||||
secretsService := secretsmng.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
secretsStore := secretskvs.NewSQLSecretsKVStore(sqlStore, secretsService, log.New("test.logger"))
|
||||
@@ -163,7 +164,7 @@ func TestMigrate(t *testing.T) {
|
||||
})
|
||||
|
||||
t.Run("should replicate from unified to legacy for compatibility", func(t *testing.T) {
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
|
||||
kvStore := kvstore.ProvideService(sqlStore)
|
||||
secretsService := secretsmng.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
@@ -255,7 +256,7 @@ func TestMigrate(t *testing.T) {
|
||||
})
|
||||
|
||||
t.Run("should delete from legacy to remove compatibility", func(t *testing.T) {
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
kvStore := kvstore.ProvideService(sqlStore)
|
||||
secretsService := secretsmng.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
secretsStore := secretskvs.NewSQLSecretsKVStore(sqlStore, secretsService, log.New("test.logger"))
|
||||
|
||||
@@ -5,12 +5,12 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/kvstore"
|
||||
"github.com/grafana/grafana/pkg/plugins"
|
||||
"github.com/grafana/grafana/pkg/plugins/backendplugin/secretsmanagerplugin"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
secretskvs "github.com/grafana/grafana/pkg/services/secrets/kvstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
)
|
||||
|
||||
@@ -19,7 +19,7 @@ var errPluginUnavailable = errors.New("remote secret management plugin is unavai
|
||||
// MigrateFromPluginService This migrator will handle migration of the configured plugin secrets back to Grafana unified secrets
|
||||
type MigrateFromPluginService struct {
|
||||
cfg *setting.Cfg
|
||||
sqlStore sqlstore.Store
|
||||
sqlStore db.DB
|
||||
secretsService secrets.Service
|
||||
manager plugins.SecretsPluginManager
|
||||
kvstore kvstore.KVStore
|
||||
@@ -27,7 +27,7 @@ type MigrateFromPluginService struct {
|
||||
|
||||
func ProvideMigrateFromPluginService(
|
||||
cfg *setting.Cfg,
|
||||
sqlStore sqlstore.Store,
|
||||
sqlStore db.DB,
|
||||
secretsService secrets.Service,
|
||||
manager plugins.SecretsPluginManager,
|
||||
kvstore kvstore.KVStore,
|
||||
|
||||
@@ -4,15 +4,16 @@ import (
|
||||
"context"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/kvstore"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/plugins/backendplugin/secretsmanagerplugin"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/fakes"
|
||||
secretskvs "github.com/grafana/grafana/pkg/services/secrets/kvstore"
|
||||
secretsManager "github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// This tests will create a mock sql database and an inmemory
|
||||
@@ -44,7 +45,7 @@ func setupTestMigrateFromPluginService(t *testing.T) (*MigrateFromPluginService,
|
||||
t.Helper()
|
||||
|
||||
// this is to init the sql secret store inside the migration
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretsService := secretsManager.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
manager := secretskvs.NewFakeSecretsPluginManager(t, false)
|
||||
migratorService := ProvideMigrateFromPluginService(
|
||||
|
||||
@@ -5,11 +5,11 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/kvstore"
|
||||
"github.com/grafana/grafana/pkg/plugins"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
secretskvs "github.com/grafana/grafana/pkg/services/secrets/kvstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
)
|
||||
|
||||
@@ -20,7 +20,7 @@ var errSecretStoreIsNotPlugin = errors.New("SecretsKVStore is not a SecretsKVSto
|
||||
type MigrateToPluginService struct {
|
||||
secretsStore secretskvs.SecretsKVStore
|
||||
cfg *setting.Cfg
|
||||
sqlStore sqlstore.Store
|
||||
sqlStore db.DB
|
||||
secretsService secrets.Service
|
||||
kvstore kvstore.KVStore
|
||||
manager plugins.SecretsPluginManager
|
||||
@@ -29,7 +29,7 @@ type MigrateToPluginService struct {
|
||||
func ProvideMigrateToPluginService(
|
||||
secretsStore secretskvs.SecretsKVStore,
|
||||
cfg *setting.Cfg,
|
||||
sqlStore sqlstore.Store,
|
||||
sqlStore db.DB,
|
||||
secretsService secrets.Service,
|
||||
kvstore kvstore.KVStore,
|
||||
manager plugins.SecretsPluginManager,
|
||||
|
||||
@@ -6,17 +6,18 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"gopkg.in/ini.v1"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/db/dbtest"
|
||||
"github.com/grafana/grafana/pkg/infra/kvstore"
|
||||
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/fakes"
|
||||
secretskvs "github.com/grafana/grafana/pkg/services/secrets/kvstore"
|
||||
secretsManager "github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"gopkg.in/ini.v1"
|
||||
)
|
||||
|
||||
// This tests will create a mock sql database and an inmemory
|
||||
@@ -54,7 +55,7 @@ func TestFatalPluginErr_MigrationTestWithErrorDeletingUnifiedSecrets(t *testing.
|
||||
p, err := secretskvs.SetupFatalCrashTest(t, false, false, true)
|
||||
assert.NoError(t, err)
|
||||
|
||||
migration := setupTestMigratorServiceWithDeletionError(t, p.SecretsKVStore, &mockstore.SQLStoreMock{
|
||||
migration := setupTestMigratorServiceWithDeletionError(t, p.SecretsKVStore, &dbtest.FakeDB{
|
||||
ExpectedError: errors.New("random error"),
|
||||
}, p.KVStore)
|
||||
err = migration.Migrate(context.Background())
|
||||
@@ -104,7 +105,7 @@ func setupTestMigrateToPluginService(t *testing.T) (*MigrateToPluginService, sec
|
||||
secretsStoreForPlugin := secretskvs.WithCache(secretskvs.NewFakePluginSecretsKVStore(t, featuremgmt.WithFeatures(), fallbackStore), time.Minute*5, time.Minute*5)
|
||||
|
||||
// this is to init the sql secret store inside the migration
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretsService := secretsManager.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
manager := secretskvs.NewFakeSecretsPluginManager(t, false)
|
||||
migratorService := ProvideMigrateToPluginService(
|
||||
@@ -122,7 +123,7 @@ func setupTestMigrateToPluginService(t *testing.T) (*MigrateToPluginService, sec
|
||||
func setupTestMigratorServiceWithDeletionError(
|
||||
t *testing.T,
|
||||
secretskv secretskvs.SecretsKVStore,
|
||||
sqlStore sqlstore.Store,
|
||||
sqlStore db.DB,
|
||||
kvstore kvstore.KVStore,
|
||||
) *MigrateToPluginService {
|
||||
t.Helper()
|
||||
|
||||
@@ -6,10 +6,9 @@ import (
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/db"
|
||||
)
|
||||
|
||||
// SecretsKVStoreSQL provides a key/value store backed by the Grafana database
|
||||
@@ -53,7 +52,7 @@ func (kv *SecretsKVStoreSQL) Get(ctx context.Context, orgId int64, namespace str
|
||||
var isFound bool
|
||||
var decryptedValue []byte
|
||||
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *sqlstore.DBSession) error {
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
|
||||
has, err := dbSession.Get(&item)
|
||||
if err != nil {
|
||||
kv.log.Error("error getting secret value", "orgId", orgId, "type", typ, "namespace", namespace, "err", err)
|
||||
@@ -87,7 +86,7 @@ func (kv *SecretsKVStoreSQL) Set(ctx context.Context, orgId int64, namespace str
|
||||
return err
|
||||
}
|
||||
encodedValue := b64.EncodeToString(encryptedValue)
|
||||
return kv.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *sqlstore.DBSession) error {
|
||||
return kv.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
|
||||
item := Item{
|
||||
OrgId: &orgId,
|
||||
Namespace: &namespace,
|
||||
@@ -139,7 +138,7 @@ func (kv *SecretsKVStoreSQL) Set(ctx context.Context, orgId int64, namespace str
|
||||
|
||||
// Del deletes an item from the store.
|
||||
func (kv *SecretsKVStoreSQL) Del(ctx context.Context, orgId int64, namespace string, typ string) error {
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *sqlstore.DBSession) error {
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
|
||||
item := Item{
|
||||
OrgId: &orgId,
|
||||
Namespace: &namespace,
|
||||
@@ -174,7 +173,7 @@ func (kv *SecretsKVStoreSQL) Del(ctx context.Context, orgId int64, namespace str
|
||||
// organizations the constant 'kvstore.AllOrganizations' can be passed as orgId.
|
||||
func (kv *SecretsKVStoreSQL) Keys(ctx context.Context, orgId int64, namespace string, typ string) ([]Key, error) {
|
||||
var keys []Key
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *sqlstore.DBSession) error {
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
|
||||
query := dbSession.Where("namespace = ?", namespace).And("type = ?", typ)
|
||||
if orgId != AllOrganizations {
|
||||
query.And("org_id = ?", orgId)
|
||||
@@ -186,7 +185,7 @@ func (kv *SecretsKVStoreSQL) Keys(ctx context.Context, orgId int64, namespace st
|
||||
|
||||
// Rename an item in the store
|
||||
func (kv *SecretsKVStoreSQL) Rename(ctx context.Context, orgId int64, namespace string, typ string, newNamespace string) error {
|
||||
return kv.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *sqlstore.DBSession) error {
|
||||
return kv.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
|
||||
item := Item{
|
||||
OrgId: &orgId,
|
||||
Namespace: &namespace,
|
||||
@@ -221,7 +220,7 @@ func (kv *SecretsKVStoreSQL) Rename(ctx context.Context, orgId int64, namespace
|
||||
// only need it for migration from sql to plugin at this moment
|
||||
func (kv *SecretsKVStoreSQL) GetAll(ctx context.Context) ([]Item, error) {
|
||||
var items []Item
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *sqlstore.DBSession) error {
|
||||
err := kv.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
|
||||
return dbSession.Find(&items)
|
||||
})
|
||||
if err != nil {
|
||||
|
||||
@@ -5,12 +5,13 @@ import (
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/fakes"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
type TestCase struct {
|
||||
@@ -25,7 +26,7 @@ func (t *TestCase) Value() string {
|
||||
}
|
||||
|
||||
func TestSecretsKVStoreSQL(t *testing.T) {
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretsService := manager.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
kv := NewSQLSecretsKVStore(sqlStore, secretsService, log.New("test.logger"))
|
||||
|
||||
@@ -158,7 +159,7 @@ func TestSecretsKVStoreSQL(t *testing.T) {
|
||||
})
|
||||
|
||||
t.Run("listing existing keys", func(t *testing.T) {
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretsService := manager.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
kv := NewSQLSecretsKVStore(sqlStore, secretsService, log.New("test.logger"))
|
||||
|
||||
@@ -233,7 +234,7 @@ func TestSecretsKVStoreSQL(t *testing.T) {
|
||||
})
|
||||
|
||||
t.Run("getting all secrets", func(t *testing.T) {
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretsService := manager.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
kv := NewSQLSecretsKVStore(sqlStore, secretsService, log.New("test.logger"))
|
||||
|
||||
|
||||
@@ -6,6 +6,11 @@ import (
|
||||
"sync"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
"google.golang.org/grpc"
|
||||
"gopkg.in/ini.v1"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/kvstore"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/plugins"
|
||||
@@ -14,23 +19,19 @@ import (
|
||||
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/fakes"
|
||||
secretsmng "github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
"github.com/stretchr/testify/require"
|
||||
"google.golang.org/grpc"
|
||||
"gopkg.in/ini.v1"
|
||||
)
|
||||
|
||||
func NewFakeSQLSecretsKVStore(t *testing.T) *SecretsKVStoreSQL {
|
||||
t.Helper()
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretsService := secretsmng.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
return NewSQLSecretsKVStore(sqlStore, secretsService, log.New("test.logger"))
|
||||
}
|
||||
|
||||
func NewFakePluginSecretsKVStore(t *testing.T, features featuremgmt.FeatureToggles, fallback SecretsKVStore) *SecretsKVStorePlugin {
|
||||
t.Helper()
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretsService := secretsmng.SetupTestService(t, fakes.NewFakeSecretsStore())
|
||||
store := kvstore.ProvideService(sqlStore)
|
||||
namespacedKVStore := GetNamespacedKVStore(store)
|
||||
@@ -266,7 +267,7 @@ func SetupFatalCrashTest(
|
||||
fatalFlagOnce = sync.Once{}
|
||||
startupOnce = sync.Once{}
|
||||
cfg := SetupTestConfig(t)
|
||||
sqlStore := sqlstore.InitTestDB(t)
|
||||
sqlStore := db.InitTestDB(t)
|
||||
secretService := fakes.FakeSecretsService{}
|
||||
kvstore := kvstore.ProvideService(sqlStore)
|
||||
if isPluginErrorFatal {
|
||||
@@ -288,7 +289,7 @@ type fatalCrashTestFields struct {
|
||||
SecretsKVStore SecretsKVStore
|
||||
PluginManager plugins.SecretsPluginManager
|
||||
KVStore kvstore.KVStore
|
||||
SqlStore *sqlstore.SQLStore
|
||||
SqlStore db.DB
|
||||
}
|
||||
|
||||
func SetupTestConfig(t *testing.T) *setting.Cfg {
|
||||
|
||||
@@ -5,6 +5,11 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"gopkg.in/ini.v1"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/usagestats"
|
||||
encryptionprovider "github.com/grafana/grafana/pkg/services/encryption/provider"
|
||||
encryptionservice "github.com/grafana/grafana/pkg/services/encryption/service"
|
||||
@@ -12,16 +17,12 @@ import (
|
||||
"github.com/grafana/grafana/pkg/services/kmsproviders/osskmsproviders"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/database"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
"github.com/grafana/grafana/pkg/util"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"gopkg.in/ini.v1"
|
||||
)
|
||||
|
||||
func TestSecretsService_EnvelopeEncryption(t *testing.T) {
|
||||
store := database.ProvideSecretsStore(sqlstore.InitTestDB(t))
|
||||
store := database.ProvideSecretsStore(db.InitTestDB(t))
|
||||
svc := SetupTestService(t, store)
|
||||
ctx := context.Background()
|
||||
|
||||
@@ -81,7 +82,7 @@ func TestSecretsService_EnvelopeEncryption(t *testing.T) {
|
||||
}
|
||||
|
||||
func TestSecretsService_DataKeys(t *testing.T) {
|
||||
store := database.ProvideSecretsStore(sqlstore.InitTestDB(t))
|
||||
store := database.ProvideSecretsStore(db.InitTestDB(t))
|
||||
ctx := context.Background()
|
||||
|
||||
dataKey := &secrets.DataKey{
|
||||
@@ -159,7 +160,7 @@ func TestSecretsService_DataKeys(t *testing.T) {
|
||||
|
||||
func TestSecretsService_UseCurrentProvider(t *testing.T) {
|
||||
t.Run("When encryption_provider is not specified explicitly, should use 'secretKey' as a current provider", func(t *testing.T) {
|
||||
svc := SetupTestService(t, database.ProvideSecretsStore(sqlstore.InitTestDB(t)))
|
||||
svc := SetupTestService(t, database.ProvideSecretsStore(db.InitTestDB(t)))
|
||||
assert.Equal(t, secrets.ProviderID("secretKey.v1"), svc.currentProviderID)
|
||||
})
|
||||
|
||||
@@ -186,7 +187,7 @@ func TestSecretsService_UseCurrentProvider(t *testing.T) {
|
||||
|
||||
features := featuremgmt.WithFeatures()
|
||||
kms := newFakeKMS(osskmsproviders.ProvideService(encryptionService, settings, features))
|
||||
secretStore := database.ProvideSecretsStore(sqlstore.InitTestDB(t))
|
||||
secretStore := database.ProvideSecretsStore(db.InitTestDB(t))
|
||||
|
||||
secretsService, err := ProvideSecretsService(
|
||||
secretStore,
|
||||
@@ -260,7 +261,7 @@ func (f *fakeKMS) Provide() (map[secrets.ProviderID]secrets.Provider, error) {
|
||||
|
||||
func TestSecretsService_Run(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
sql := sqlstore.InitTestDB(t)
|
||||
sql := db.InitTestDB(t)
|
||||
store := database.ProvideSecretsStore(sql)
|
||||
svc := SetupTestService(t, store)
|
||||
|
||||
@@ -300,7 +301,7 @@ func TestSecretsService_Run(t *testing.T) {
|
||||
|
||||
func TestSecretsService_ReEncryptDataKeys(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
sql := sqlstore.InitTestDB(t)
|
||||
sql := db.InitTestDB(t)
|
||||
store := database.ProvideSecretsStore(sql)
|
||||
svc := SetupTestService(t, store)
|
||||
|
||||
@@ -341,7 +342,7 @@ func TestSecretsService_ReEncryptDataKeys(t *testing.T) {
|
||||
|
||||
func TestSecretsService_Decrypt(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
store := database.ProvideSecretsStore(sqlstore.InitTestDB(t))
|
||||
store := database.ProvideSecretsStore(db.InitTestDB(t))
|
||||
|
||||
t.Run("empty payload should fail", func(t *testing.T) {
|
||||
svc := SetupTestService(t, store)
|
||||
|
||||
@@ -5,12 +5,11 @@ import (
|
||||
"encoding/base64"
|
||||
"time"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/services/encryption"
|
||||
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/db"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
)
|
||||
|
||||
@@ -105,7 +104,7 @@ func (m *SecretsMigrator) RollBackSecrets(ctx context.Context) (bool, error) {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
if sqlErr := m.sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if sqlErr := m.sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
_, err := sess.Exec("DELETE FROM data_keys")
|
||||
return err
|
||||
}); sqlErr != nil {
|
||||
|
||||
@@ -6,11 +6,10 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/services/ngalert/notifier"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/db"
|
||||
)
|
||||
|
||||
func (s simpleSecret) reencrypt(ctx context.Context, secretsSrv *manager.SecretsService, sqlStore db.DB) bool {
|
||||
@@ -19,7 +18,7 @@ func (s simpleSecret) reencrypt(ctx context.Context, secretsSrv *manager.Secrets
|
||||
Secret []byte
|
||||
}
|
||||
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.Table(s.tableName).Select(fmt.Sprintf("id, %s as secret", s.columnName)).Find(&rows)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any secret to re-encrypt", "table", s.tableName)
|
||||
@@ -33,7 +32,7 @@ func (s simpleSecret) reencrypt(ctx context.Context, secretsSrv *manager.Secrets
|
||||
continue
|
||||
}
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
decrypted, err := secretsSrv.Decrypt(ctx, row.Secret)
|
||||
if err != nil {
|
||||
logger.Warn("Could not decrypt secret while re-encrypting it", "table", s.tableName, "id", row.Id, "error", err)
|
||||
@@ -75,7 +74,7 @@ func (s b64Secret) reencrypt(ctx context.Context, secretsSrv *manager.SecretsSer
|
||||
Secret string
|
||||
}
|
||||
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.Table(s.tableName).Select(fmt.Sprintf("id, %s as secret", s.columnName)).Find(&rows)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any secret to re-encrypt", "table", s.tableName)
|
||||
@@ -89,7 +88,7 @@ func (s b64Secret) reencrypt(ctx context.Context, secretsSrv *manager.SecretsSer
|
||||
continue
|
||||
}
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
decoded, err := s.encoding.DecodeString(row.Secret)
|
||||
if err != nil {
|
||||
logger.Warn("Could not decode base64-encoded secret while re-encrypting it", "table", s.tableName, "id", row.Id, "error", err)
|
||||
@@ -145,7 +144,7 @@ func (s jsonSecret) reencrypt(ctx context.Context, secretsSrv *manager.SecretsSe
|
||||
SecureJsonData map[string][]byte
|
||||
}
|
||||
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.Table(s.tableName).Cols("id", "secure_json_data").Find(&rows)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any secret to re-encrypt", "table", s.tableName)
|
||||
@@ -159,7 +158,7 @@ func (s jsonSecret) reencrypt(ctx context.Context, secretsSrv *manager.SecretsSe
|
||||
continue
|
||||
}
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
decrypted, err := secretsSrv.DecryptJsonData(ctx, row.SecureJsonData)
|
||||
if err != nil {
|
||||
logger.Warn("Could not decrypt secrets while re-encrypting them", "table", s.tableName, "id", row.Id, "error", err)
|
||||
@@ -206,7 +205,7 @@ func (s alertingSecret) reencrypt(ctx context.Context, secretsSrv *manager.Secre
|
||||
}
|
||||
|
||||
selectSQL := "SELECT id, alertmanager_configuration FROM alert_configuration"
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.SQL(selectSQL).Find(&results)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any alert_configuration secret to re-encrypt")
|
||||
@@ -218,7 +217,7 @@ func (s alertingSecret) reencrypt(ctx context.Context, secretsSrv *manager.Secre
|
||||
for _, result := range results {
|
||||
result := result
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
postableUserConfig, err := notifier.Load([]byte(result.AlertmanagerConfiguration))
|
||||
if err != nil {
|
||||
logger.Warn("Could not load alert_configuration while re-encrypting it", "id", result.Id, "error", err)
|
||||
|
||||
@@ -6,11 +6,10 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/db"
|
||||
"github.com/grafana/grafana/pkg/services/encryption"
|
||||
"github.com/grafana/grafana/pkg/services/ngalert/notifier"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/db"
|
||||
)
|
||||
|
||||
func (s simpleSecret) rollback(
|
||||
@@ -25,7 +24,7 @@ func (s simpleSecret) rollback(
|
||||
Secret []byte
|
||||
}
|
||||
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.Table(s.tableName).Select(fmt.Sprintf("id, %s as secret", s.columnName)).Find(&rows)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any secret to roll back", "table", s.tableName)
|
||||
@@ -37,7 +36,7 @@ func (s simpleSecret) rollback(
|
||||
continue
|
||||
}
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
decrypted, err := secretsSrv.Decrypt(ctx, row.Secret)
|
||||
if err != nil {
|
||||
logger.Warn("Could not decrypt secret while rolling it back", "table", s.tableName, "id", row.Id, "error", err)
|
||||
@@ -85,7 +84,7 @@ func (s b64Secret) rollback(
|
||||
Secret string
|
||||
}
|
||||
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.Table(s.tableName).Select(fmt.Sprintf("id, %s as secret", s.columnName)).Find(&rows)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any secret to roll back", "table", s.tableName)
|
||||
@@ -97,7 +96,7 @@ func (s b64Secret) rollback(
|
||||
continue
|
||||
}
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
decoded, err := s.encoding.DecodeString(row.Secret)
|
||||
if err != nil {
|
||||
logger.Warn("Could not decode base64-encoded secret while rolling it back", "table", s.tableName, "id", row.Id, "error", err)
|
||||
@@ -159,7 +158,7 @@ func (s jsonSecret) rollback(
|
||||
SecureJsonData map[string][]byte
|
||||
}
|
||||
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.Table(s.tableName).Cols("id", "secure_json_data").Find(&rows)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any secret to roll back", "table", s.tableName)
|
||||
@@ -171,7 +170,7 @@ func (s jsonSecret) rollback(
|
||||
continue
|
||||
}
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
decrypted, err := secretsSrv.DecryptJsonData(ctx, row.SecureJsonData)
|
||||
if err != nil {
|
||||
logger.Warn("Could not decrypt secrets while rolling them back", "table", s.tableName, "id", row.Id, "error", err)
|
||||
@@ -224,7 +223,7 @@ func (s alertingSecret) rollback(
|
||||
}
|
||||
|
||||
selectSQL := "SELECT id, alertmanager_configuration FROM alert_configuration"
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
if err := sqlStore.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
return sess.SQL(selectSQL).Find(&results)
|
||||
}); err != nil {
|
||||
logger.Warn("Could not find any alert_configuration secret to roll back")
|
||||
@@ -234,7 +233,7 @@ func (s alertingSecret) rollback(
|
||||
for _, result := range results {
|
||||
result := result
|
||||
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
||||
err := sqlStore.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
|
||||
postableUserConfig, err := notifier.Load([]byte(result.AlertmanagerConfiguration))
|
||||
if err != nil {
|
||||
logger.Warn("Could not load configuration (alert_configuration with id: %d) while rolling it back", result.Id, err)
|
||||
|
||||
Reference in New Issue
Block a user