IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Encryption: Enable envelope encryption by default (#49301)

Browse Source 
* Encryption: Enable envelope encryption by default

* Stop relying on feature toggles from settings (deprecated)

* Database encryption docs (envelope encryption)

* Remove deprecated (and no longer used) FT

* Apply suggestions from code review

Co-authored-by: Tania <yalyna.ts@gmail.com>
This commit is contained in:
Joan López de la Franca Beltran
2022-05-24 10:34:47 +02:00
committed by GitHub
parent 521b0202e2
commit 3e4b4dba46
12 changed files with 107 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/cmd/grafana-cli/commands/secretsmigrations/reencrypt_deks.go
View File

@@ -9,7 +9,7 @@ import (
)
func ReEncryptDEKS(_ utils.CommandLine, runner runner.Runner) error {
if !runner.Features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
if runner.Features.IsEnabled(featuremgmt.FlagDisableEnvelopeEncryption) {
logger.Warn("Envelope encryption is not enabled, quitting...")
return nil
}

2
pkg/cmd/grafana-cli/commands/secretsmigrations/reencrypt_secrets.go
View File

@@ -267,7 +267,7 @@ func (s alertingSecret) reencrypt(ctx context.Context, secretsSrv *manager.Secre
}
func ReEncryptSecrets(_ utils.CommandLine, runner runner.Runner) error {
if !runner.Features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
if runner.Features.IsEnabled(featuremgmt.FlagDisableEnvelopeEncryption) {
logger.Warn("Envelope encryption is not enabled, quitting...")
return nil
}

2
pkg/cmd/grafana-cli/commands/secretsmigrations/rollback_secrets.go
View File

@@ -291,7 +291,7 @@ func (s alertingSecret) rollback(
}
func RollBackSecrets(_ utils.CommandLine, runner runner.Runner) error {
if !runner.Features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
if runner.Features.IsEnabled(featuremgmt.FlagDisableEnvelopeEncryption) {
logger.Warn("Envelope encryption is not enabled, quitting...")
return nil
}