mirror of
https://github.com/grafana/grafana.git
synced 2025-01-15 19:22:34 -06:00
FeatureToggls: remove IsFeatureToggleEnabled from SettingsProvider (#44574)
This commit is contained in:
parent
de04f19c47
commit
7ee38af95a
@ -179,7 +179,7 @@ func (s alertingSecret) reencrypt(secretsSrv *manager.SecretsService, sess *xorm
|
||||
}
|
||||
|
||||
func ReEncryptSecrets(_ utils.CommandLine, runner runner.Runner) error {
|
||||
if !runner.SettingsProvider.IsFeatureToggleEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
if !runner.Features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
logger.Warn("Envelope encryption is not enabled, quitting...")
|
||||
return nil
|
||||
}
|
||||
|
@ -2,6 +2,7 @@ package runner
|
||||
|
||||
import (
|
||||
"github.com/grafana/grafana/pkg/services/encryption"
|
||||
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
||||
"github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
@ -11,17 +12,19 @@ type Runner struct {
|
||||
Cfg *setting.Cfg
|
||||
SQLStore *sqlstore.SQLStore
|
||||
SettingsProvider setting.Provider
|
||||
Features featuremgmt.FeatureToggles
|
||||
EncryptionService encryption.Internal
|
||||
SecretsService *manager.SecretsService
|
||||
}
|
||||
|
||||
func New(cfg *setting.Cfg, sqlStore *sqlstore.SQLStore, settingsProvider setting.Provider,
|
||||
encryptionService encryption.Internal, secretsService *manager.SecretsService) Runner {
|
||||
encryptionService encryption.Internal, features featuremgmt.FeatureToggles, secretsService *manager.SecretsService) Runner {
|
||||
return Runner{
|
||||
Cfg: cfg,
|
||||
SQLStore: sqlStore,
|
||||
SettingsProvider: settingsProvider,
|
||||
EncryptionService: encryptionService,
|
||||
SecretsService: secretsService,
|
||||
Features: features,
|
||||
}
|
||||
}
|
||||
|
@ -13,6 +13,7 @@ import (
|
||||
"github.com/grafana/grafana/pkg/infra/tracing"
|
||||
"github.com/grafana/grafana/pkg/infra/usagestats"
|
||||
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
||||
"github.com/grafana/grafana/pkg/services/hooks"
|
||||
"github.com/grafana/grafana/pkg/services/secrets"
|
||||
secretsDatabase "github.com/grafana/grafana/pkg/services/secrets/database"
|
||||
secretsManager "github.com/grafana/grafana/pkg/services/secrets/manager"
|
||||
@ -36,6 +37,7 @@ var wireSet = wire.NewSet(
|
||||
wire.Bind(new(secrets.Store), new(*secretsDatabase.SecretsStoreImpl)),
|
||||
secretsManager.ProvideSecretsService,
|
||||
wire.Bind(new(secrets.Service), new(*secretsManager.SecretsService)),
|
||||
hooks.ProvideService,
|
||||
)
|
||||
|
||||
func Initialize(cfg *setting.Cfg) (Runner, error) {
|
||||
|
@ -5,11 +5,13 @@ package runner
|
||||
|
||||
import (
|
||||
"github.com/google/wire"
|
||||
"github.com/grafana/grafana/pkg/models"
|
||||
"github.com/grafana/grafana/pkg/registry"
|
||||
"github.com/grafana/grafana/pkg/services/encryption"
|
||||
"github.com/grafana/grafana/pkg/services/encryption/ossencryption"
|
||||
"github.com/grafana/grafana/pkg/services/kmsproviders"
|
||||
"github.com/grafana/grafana/pkg/services/kmsproviders/osskmsproviders"
|
||||
"github.com/grafana/grafana/pkg/services/licensing"
|
||||
"github.com/grafana/grafana/pkg/services/sqlstore/migrations"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
)
|
||||
@ -17,6 +19,8 @@ import (
|
||||
var wireExtsSet = wire.NewSet(
|
||||
wireSet,
|
||||
migrations.ProvideOSSMigrations,
|
||||
licensing.ProvideService,
|
||||
wire.Bind(new(models.Licensing), new(*licensing.OSSLicensingService)),
|
||||
wire.Bind(new(registry.DatabaseMigrator), new(*migrations.OSSMigrations)),
|
||||
setting.ProvideProvider,
|
||||
wire.Bind(new(setting.Provider), new(*setting.OSSImpl)),
|
||||
|
@ -12,17 +12,19 @@ import (
|
||||
type Service struct {
|
||||
enc encryption.Internal
|
||||
settings setting.Provider
|
||||
features featuremgmt.FeatureToggles
|
||||
}
|
||||
|
||||
func ProvideService(enc encryption.Internal, settings setting.Provider) Service {
|
||||
func ProvideService(enc encryption.Internal, settings setting.Provider, features featuremgmt.FeatureToggles) Service {
|
||||
return Service{
|
||||
enc: enc,
|
||||
settings: settings,
|
||||
features: features,
|
||||
}
|
||||
}
|
||||
|
||||
func (s Service) Provide() (map[secrets.ProviderID]secrets.Provider, error) {
|
||||
if !s.settings.IsFeatureToggleEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
if !s.features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
|
@ -37,9 +37,10 @@ func SetupTestService(tb testing.TB, store secrets.Store) *SecretsService {
|
||||
encryption := ossencryption.ProvideService()
|
||||
secretsService, err := ProvideSecretsService(
|
||||
store,
|
||||
osskmsproviders.ProvideService(encryption, settings),
|
||||
osskmsproviders.ProvideService(encryption, settings, features),
|
||||
encryption,
|
||||
settings,
|
||||
features,
|
||||
&usagestats.UsageStatsMock{T: tb},
|
||||
)
|
||||
require.NoError(tb, err)
|
||||
|
@ -24,6 +24,7 @@ type SecretsService struct {
|
||||
store secrets.Store
|
||||
enc encryption.Internal
|
||||
settings setting.Provider
|
||||
features featuremgmt.FeatureToggles
|
||||
usageStats usagestats.Service
|
||||
|
||||
currentProviderID secrets.ProviderID
|
||||
@ -37,6 +38,7 @@ func ProvideSecretsService(
|
||||
kmsProvidersService kmsproviders.Service,
|
||||
enc encryption.Internal,
|
||||
settings setting.Provider,
|
||||
features featuremgmt.FeatureToggles,
|
||||
usageStats usagestats.Service,
|
||||
) (*SecretsService, error) {
|
||||
providers, err := kmsProvidersService.Provide()
|
||||
@ -45,7 +47,7 @@ func ProvideSecretsService(
|
||||
}
|
||||
|
||||
logger := log.New("secrets")
|
||||
enabled := settings.IsFeatureToggleEnabled(featuremgmt.FlagEnvelopeEncryption)
|
||||
enabled := features.IsEnabled(featuremgmt.FlagEnvelopeEncryption)
|
||||
currentProviderID := readCurrentProviderID(settings)
|
||||
|
||||
if _, ok := providers[currentProviderID]; enabled && !ok {
|
||||
@ -66,6 +68,7 @@ func ProvideSecretsService(
|
||||
providers: providers,
|
||||
currentProviderID: currentProviderID,
|
||||
dataKeyCache: make(map[string]dataKeyCacheItem),
|
||||
features: features,
|
||||
log: logger,
|
||||
}
|
||||
|
||||
@ -89,7 +92,7 @@ func (s *SecretsService) registerUsageMetrics() {
|
||||
|
||||
// Enabled / disabled
|
||||
usageMetrics["stats.encryption.envelope_encryption_enabled.count"] = 0
|
||||
if s.settings.IsFeatureToggleEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
if s.features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
usageMetrics["stats.encryption.envelope_encryption_enabled.count"] = 1
|
||||
}
|
||||
|
||||
@ -132,7 +135,7 @@ func (s *SecretsService) Encrypt(ctx context.Context, payload []byte, opt secret
|
||||
|
||||
func (s *SecretsService) EncryptWithDBSession(ctx context.Context, payload []byte, opt secrets.EncryptionOptions, sess *xorm.Session) ([]byte, error) {
|
||||
// Use legacy encryption service if envelopeEncryptionFeatureToggle toggle is off
|
||||
if !s.settings.IsFeatureToggleEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
if !s.features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
return s.enc.Encrypt(ctx, payload, setting.SecretKey)
|
||||
}
|
||||
|
||||
@ -175,7 +178,7 @@ func (s *SecretsService) keyName(scope string) string {
|
||||
|
||||
func (s *SecretsService) Decrypt(ctx context.Context, payload []byte) ([]byte, error) {
|
||||
// Use legacy encryption service if featuremgmt.FlagEnvelopeEncryption toggle is off
|
||||
if !s.settings.IsFeatureToggleEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
if !s.features.IsEnabled(featuremgmt.FlagEnvelopeEncryption) {
|
||||
return s.enc.Decrypt(ctx, payload, setting.SecretKey)
|
||||
}
|
||||
|
||||
|
@ -178,15 +178,16 @@ func TestSecretsService_UseCurrentProvider(t *testing.T) {
|
||||
raw, err := ini.Load([]byte(rawCfg))
|
||||
require.NoError(t, err)
|
||||
|
||||
features := featuremgmt.WithFeatures(featuremgmt.FlagEnvelopeEncryption)
|
||||
providerID := secrets.ProviderID("fakeProvider.v1")
|
||||
settings := &setting.OSSImpl{
|
||||
Cfg: &setting.Cfg{
|
||||
Raw: raw,
|
||||
IsFeatureToggleEnabled: featuremgmt.WithFeatures(featuremgmt.FlagEnvelopeEncryption).IsEnabled,
|
||||
IsFeatureToggleEnabled: features.IsEnabled,
|
||||
},
|
||||
}
|
||||
encr := ossencryption.ProvideService()
|
||||
kms := newFakeKMS(osskmsproviders.ProvideService(encr, settings))
|
||||
kms := newFakeKMS(osskmsproviders.ProvideService(encr, settings, features))
|
||||
secretStore := database.ProvideSecretsStore(sqlstore.InitTestDB(t))
|
||||
|
||||
svcEncrypt, err := ProvideSecretsService(
|
||||
@ -194,6 +195,7 @@ func TestSecretsService_UseCurrentProvider(t *testing.T) {
|
||||
&kms,
|
||||
encr,
|
||||
settings,
|
||||
features,
|
||||
&usagestats.UsageStatsMock{T: t},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
@ -211,6 +213,7 @@ func TestSecretsService_UseCurrentProvider(t *testing.T) {
|
||||
&kms,
|
||||
encr,
|
||||
settings,
|
||||
features,
|
||||
&usagestats.UsageStatsMock{T: t},
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
@ -49,8 +49,6 @@ type Provider interface {
|
||||
// RegisterReloadHandler registers a handler for validation and reload
|
||||
// of configuration updates tied to a specific section
|
||||
RegisterReloadHandler(section string, handler ReloadHandler)
|
||||
// IsFeatureToggleEnabled checks if the feature's toggle is enabled
|
||||
IsFeatureToggleEnabled(name string) bool
|
||||
}
|
||||
|
||||
// Section is a settings section copy
|
||||
|
Loading…
Reference in New Issue
Block a user