Chore: Remove public vars in setting package (#81018)

Removes the public variable setting.SecretKey plus some other ones. Introduces some new functions for creating setting.Cfg.
2025-02-25 18:55:37 -06:00 · 2024-01-23 12:36:22 +01:00
parent 147bf01745
commit 6768c6c059
131 changed files with 759 additions and 699 deletions
--- a/pkg/services/ngalert/image/service.go
+++ b/pkg/services/ngalert/image/service.go
@@ -93,12 +93,12 @@ func NewScreenshotImageServiceFromCfg(cfg *setting.Cfg, db *store.DBstore, ds da
 	if cfg.UnifiedAlerting.Screenshots.Capture {
 		cache = NewInmemCacheService(screenshotCacheTTL, r)
 		limiter = screenshot.NewTokenRateLimiter(cfg.UnifiedAlerting.Screenshots.MaxConcurrentScreenshots)
-		screenshots = screenshot.NewHeadlessScreenshotService(ds, rs, r)
+		screenshots = screenshot.NewHeadlessScreenshotService(cfg, ds, rs, r)
 		screenshotTimeout = cfg.UnifiedAlerting.Screenshots.CaptureTimeout

 		// Image uploading is an optional feature
 		if cfg.UnifiedAlerting.Screenshots.UploadExternalImageStorage {
-			m, err := imguploader.NewImageUploader()
+			m, err := imguploader.NewImageUploader(cfg)
 			if err != nil {
 				return nil, fmt.Errorf("failed to initialize uploading screenshot service: %w", err)
 			}
--- a/pkg/services/ngalert/migration/channel.go
+++ b/pkg/services/ngalert/migration/channel.go
@@ -146,7 +146,7 @@ var secureKeysToMigrate = map[string][]string{
 // migrateSettingsToSecureSettings takes care of that.
 func (om *OrgMigration) migrateSettingsToSecureSettings(chanType string, settings *simplejson.Json, secureSettings SecureJsonData) (*simplejson.Json, map[string]string, error) {
 	keys := secureKeysToMigrate[chanType]
-	newSecureSettings := secureSettings.Decrypt()
+	newSecureSettings := secureSettings.Decrypt(om.cfg.SecretKey)
 	cloneSettings := simplejson.New()
 	settingsMap, err := settings.Map()
 	if err != nil {
--- a/pkg/services/ngalert/migration/channel_test.go
+++ b/pkg/services/ngalert/migration/channel_test.go
@@ -174,8 +174,9 @@ func TestCreateReceivers(t *testing.T) {
 }

 func TestMigrateNotificationChannelSecureSettings(t *testing.T) {
+	cfg := setting.NewCfg()
 	legacyEncryptFn := func(data string) string {
-		raw, err := util.Encrypt([]byte(data), setting.SecretKey)
+		raw, err := util.Encrypt([]byte(data), cfg.SecretKey)
 		require.NoError(t, err)
 		return string(raw)
 	}
--- a/pkg/services/ngalert/migration/securejsondata.go
+++ b/pkg/services/ngalert/migration/securejsondata.go
@@ -4,7 +4,6 @@ import (
 	"os"

 	"github.com/grafana/grafana/pkg/infra/log"
-	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/util"
 )

@@ -16,10 +15,10 @@ var seclogger = log.New("securejsondata")

 // Decrypt returns map of the same type but where the all the values are decrypted. Opposite of what
 // GetEncryptedJsonData is doing.
-func (s SecureJsonData) Decrypt() map[string]string {
+func (s SecureJsonData) Decrypt(secretKey string) map[string]string {
 	decrypted := make(map[string]string)
 	for key, data := range s {
-		decryptedData, err := util.Decrypt(data, setting.SecretKey)
+		decryptedData, err := util.Decrypt(data, secretKey)
 		if err != nil {
 			seclogger.Error(err.Error())
 			os.Exit(1)
--- a/pkg/services/ngalert/migration/store/testing.go
+++ b/pkg/services/ngalert/migration/store/testing.go
@@ -73,10 +73,10 @@ func NewTestMigrationStore(t testing.TB, sqlStore *sqlstore.SQLStore, cfg *setti
 	require.NoError(t, err)

 	folderPermissions, err := ossaccesscontrol.ProvideFolderPermissions(
-		features, routeRegister, sqlStore, ac, license, dashboardStore, folderService, acSvc, teamSvc, userSvc)
+		cfg, features, routeRegister, sqlStore, ac, license, dashboardStore, folderService, acSvc, teamSvc, userSvc)
 	require.NoError(t, err)
 	dashboardPermissions, err := ossaccesscontrol.ProvideDashboardPermissions(
-		features, routeRegister, sqlStore, ac, license, dashboardStore, folderService, acSvc, teamSvc, userSvc)
+		cfg, features, routeRegister, sqlStore, ac, license, dashboardStore, folderService, acSvc, teamSvc, userSvc)
 	require.NoError(t, err)

 	dashboardService, err := dashboardservice.ProvideDashboardServiceImpl(
@@ -103,6 +103,6 @@ func NewTestMigrationStore(t testing.TB, sqlStore *sqlstore.SQLStore, cfg *setti
 		folderPermissions:              folderPermissions,
 		dashboardPermissions:           dashboardPermissions,
 		orgService:                     orgService,
-		legacyAlertNotificationService: legacyalerting.ProvideService(sqlStore, encryptionservice.SetupTestService(t), nil),
+		legacyAlertNotificationService: legacyalerting.ProvideService(cfg, sqlStore, encryptionservice.SetupTestService(t), nil),
 	}
 }