IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix: pass context into secrets logs (#95944)

Browse Source
This commit is contained in:
Mariell Hoversholm 2024-11-06 12:52:29 +01:00 committed by GitHub
parent 3c1a5ab439
commit f15f6022de
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/services/encryption/service/service.go
View File

@ -105,7 +105,7 @@ func (s *Service) Decrypt(ctx context.Context, payload []byte, secret string) ([
var err error var err error
defer func() { defer func() {
if err != nil { if err != nil {
s.log.Error("Decryption failed", "error", err) s.log.FromContext(ctx).Error("Decryption failed", "error", err)
} }
}() }()

4
pkg/services/secrets/manager/manager.go
View File

@ -331,7 +331,7 @@ func (s *SecretsService) Decrypt(ctx context.Context, payload []byte) ([]byte, e
}).Inc() }).Inc()
if err != nil { if err != nil {
s.log.Error("Failed to decrypt secret", "error", err) s.log.FromContext(ctx).Error("Failed to decrypt secret", "error", err)
} }
}() }()
@ -371,7 +371,7 @@ func (s *SecretsService) Decrypt(ctx context.Context, payload []byte) ([]byte, e
dataKey, err = s.dataKeyById(ctx, string(keyId)) dataKey, err = s.dataKeyById(ctx, string(keyId))
if err != nil { if err != nil {
s.log.Error("Failed to lookup data key by id", "id", string(keyId), "error", err) s.log.FromContext(ctx).Error("Failed to lookup data key by id", "id", string(keyId), "error", err)
return nil, err return nil, err
} }
} }

6
pkg/services/ssosettings/ssosettingsimpl/service.go
View File

@ -436,19 +436,19 @@ func (s *Service) decryptSecrets(ctx context.Context, settings map[string]any) (
if IsSecretField(k) && v != "" { if IsSecretField(k) && v != "" {
strValue, ok := v.(string) strValue, ok := v.(string)
if !ok { if !ok {
s.logger.Error("Failed to parse secret value, it is not a string", "key", k) s.logger.FromContext(ctx).Error("Failed to parse secret value, it is not a string", "key", k)
return nil, fmt.Errorf("secret value is not a string") return nil, fmt.Errorf("secret value is not a string")
} }
decoded, err := base64.RawStdEncoding.DecodeString(strValue) decoded, err := base64.RawStdEncoding.DecodeString(strValue)
if err != nil { if err != nil {
s.logger.Error("Failed to decode secret string", "err", err, "value") s.logger.FromContext(ctx).Error("Failed to decode secret string", "err", err, "value")
return nil, err return nil, err
} }
decrypted, err := s.secrets.Decrypt(ctx, decoded) decrypted, err := s.secrets.Decrypt(ctx, decoded)
if err != nil { if err != nil {
s.logger.Error("Failed to decrypt secret", "err", err) s.logger.FromContext(ctx).Error("Failed to decrypt secret", "err", err)
return nil, err return nil, err
} }