* initial cut at migration from plugin
* create new migration from plugin
* only migrate to or from, not both
* remove cfg check from plugin migration itself
* update comments, clean up secret after migration
* add better error handling
* hook up REST API with migrations
* Minor fixes
* fix wire injection issue
* modify migrator to access plugin calls directly. create unit tests
* change pre-migration checks in admin api
* stop plugin after migrating from it
* fix compile issues after merge
* add comment about migration
* fix linting issue
* bleh, fix unit test
* fix another unit test
* update plugin error fatal flag after a migration from the plugin
* add extra logging to migration
* make linter happy
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com>
* Move license check to secret store plugin
* Use shouldUseRemoteSecretsPlugin for migration
* Encapsulate plugin startup logic in sync.Once
* Remove global logger from startup functions
* Fix issues with wire and secrets plugin check
* Remove todo for plugin fatal error
* Rename fatalErr variable to be less confusing
* Fix merge conflicts
* Fix issue with grafana-cli wire and opentsdb
* Remove duplicated import on remote plugin
* Rename plugin check in favor of error return value
* Remove unnecessary import on grafana-cli wireexts_oss
* Remove unnecessary import on grafana wireexts_oss
* Reset sync.Once during test setup
* Remove unrelated opentsdb change on grafana-cli wire
* Readd opentsdb change on grafana-cli wire
* add special handling on the plugin gathering side to check whether secrets manager plugins are enabled or not
* show disabled badge in front end if the plugin is not enabled
* Only show error in disabled badge hover if one is present (otherwise it shows "undefined")
* refactor to make use of fields already available in the DTO
* fix typo
* if there is no error returned for the plugin, just show 'disabled'
* fix typo
* Update public/app/features/plugins/admin/components/Badges/PluginDisabledBadge.tsx
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Update frontendsettings.go
add clarifying comment
* fix unit test
* rework task to use new frontend property combined with plugin type to determine if the plugin should be disabled
* Update helpers.test.ts
revert test change
* fix unit test
* show custom uninstall message if the plugin is a secrets manager
* bogus commit to trigger precommit
* undo commit
* run precommit manually
* add some consts
* refactor a bit to pull plugin error management up a level
* re-add code squashed in merge
* fix compile issues
* add code to set plugin error fatal flag after secret migration
* refactor to move plugin startup out of Should Check func
* re-add important check
* make plugin startup errors fatal the first time we set a secret on the plugin
* rename func to make intent clearler
* remove unnecessary duplicate code from plugin mig
* fix compile error
* fix more compile errors
* add some extra logging to secrets migration
* have remote_plugin secret service managed plugin error fatal flag directly
* add blank file for eventual unit tests
* fix linting issues
* changes from PR review
* quick bit of cleanup
* add comment explaining design decision
* move more common test helpers to file
* slightly update to first time Get secret call
* add unit tests
* remove override func from provider
* fix linting issues
* add test cleanup step
* add some comments about refactoring to hacky test function
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Created PluginSecretMigrationService to be able to migrate from the secrets table from the database to the secret plugin. Added migration which takes all the secrets at the sql store and stores it in the plugin. Then deletes all the secrets from the sql
* Added secretsKVStoreSQL.GetAll() method to return all the secrets at the sql table
* Renaming kvstore_test.go as sql_test.go, adding GetAll test case. Fixing decryption of keys
* Implement disableSecretsCompatibility flag
* Allow secret deletion right after migration
* Use dialect.Quote for secure_json_data on secret deletion
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Set secure_json_data to NULL instead of empty json
* Run toggles_gen_test and use generated flag variable
* Add ID to delete data source secrets command on function call
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Remove extra query to get datasource on secret deletion
* Fix linting issues with CHANGELOG.md
* Use empty json string when deleting secure json data
* Implement secret migration as a background process
* Refactor secret migration as a background service
* Refactor migration to be inside secret store
* Re-add secret deletion function removed on merge
* Try using transaction to fix db lock during tests
* Disable migration for pipeline debugging
* Try adding sleep to fix database lock
* Remove unecessary time sleep from migration
* Fix merge issue, replace models with datasources
* Try event listener approach
* Fix merge issue, replace models with datasources
* Fix linting issues with unchecked error
* Remove unecessary trainling new line
* Increase wait interval on background secret migration
* Rename secret store migration folder for consistency
* Convert background migration to blocking
* Fix number of arguments on server tests
* Check error value of secret migration provider
* Fix linting issue with method varaible
* Revert unintended change on background services
* Move secret migration service provider to wire.go
* Remove unecessary else from datasource service
* Move transaction inside loop on secret migration
* Remove unecessary GetServices function
* Remove unecessary interface after method removal
* Rename Run to Migrate on secret migration interface
* Rename secret migrations service variable on server
* Use MustBool on datasource secret migration
* Revert changes to GetDataSources
* Implement GetAllDataSources function
* Remove DeleteDataSourceSecrets function
* Move datasource secret migration to datasource service
* Remove unecessary properties from datasource secret migration
* Make DecryptLegacySecrets a private method
* Remove context canceled check on secret migrator
* Log error when fail to unmarshal datasource secret
* Add necessary fields to update command on migration
* Handle high availability on secret migration
* Use kvstore for datasource secret migration status
* Add error check for migration status set on kvstore
* Remove NewSecretMigrationService from server tests
* Use const for strings on datasource secrets migration
* Test all cases for datasources secret migrations
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Implement unified secrets short lived cache
* Improve debug logging for unified secrets cache
* Re-add decryption cache to sql secret kvstore
* Remove cache from remote secret store plugin
* Revert secret store helpers implementation
* Remove cache from secret store plugin struct
* Update secret store cache to implement interface
* Set secret store cache value on get
* Fix issues with sql secret store decryption cache
* Increase clean up interval on cached secret store
* Add protobuf config and generated code, and client wrapper
* wire up loading of secretsmanager plugin, using renderer plugin as a model
* update kvstore provider to check if we should use the grpc plugin. return false always in OSS
* add OSS remote plugin check
* refactor wire gen file
* log which secrets manager is being used
* Fix argument types for remote checker
* Turns out if err != nil, then the result is always nil. Return empty values if there is an error.
* remove duplicate import
* ensure atomicity by adding secret management as a step to sql operations and rolling back if necessary
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* refactor RemotePluginCheck interface to just return the Plugin client directly
* rename struct to something less silly
* add special error handling for remote secrets management
* switch to errors.as instead of type inference
* remove unnecessary rollback call
* just declare error once
* refactor .proto file according to prior PR suggestions
* re-generate protobuf files and fix compilation errors
* only wrap (ergo display in the front end) errors that are user friendly from the plugin
* rename error type to suggest user friendly only
* rename plugin functions to be more descriptive
* change delete message name
* Revert "change delete message name"
This reverts commit 8ca978301e.
* Revert "rename plugin functions to be more descriptive"
This reverts commit 4355c9b9ff.
* fix pointer to pointer problem
* change plugin user error to just hold a string
* fix sequencing problem with datasource updates
* clean up some return statements
* need to wrap multiple transactions with the InTransaction() func in order to keep the lock
* make linter happy
* revert input var name
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* refactor .proto file according to prior PR suggestions
* re-generate protobuf files and fix compilation errors
* rename proto functions to be more descriptive
* Add protobuf config and generated code, and client wrapper
* wire up loading of secretsmanager plugin, using renderer plugin as a model
* update kvstore provider to check if we should use the grpc plugin. return false always in OSS
* add OSS remote plugin check
* refactor wire gen file
* log which secrets manager is being used
* Fix argument types for remote checker
* Turns out if err != nil, then the result is always nil. Return empty values if there is an error.
* remove duplicate import
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* refactor RemotePluginCheck interface to just return the Plugin client directly
* rename struct to something less silly
* Update pkg/plugins/backendplugin/secretsmanagerplugin/secretsmanager.proto
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* wip: Implement kvstore for secrets
* wip: Refactor kvstore for secrets
* wip: Add format key function to secrets kvstore sql
* wip: Add migration for secrets kvstore
* Remove unused Key field from secrets kvstore
* Remove secret values from debug logs
* Integrate unified secrets with datasources
* Fix minor issues and tests for kvstore
* Create test service helper for secret store
* Remove encryption tests from datasources
* Move secret operations after datasources
* Fix datasource proxy tests
* Fix legacy data tests
* Add Name to all delete data source commands
* Implement decryption cache on sql secret store
* Fix minor issue with cache and tests
* Use secret type on secret store datasource operations
* Add comments to make create and update clear
* Rename itemFound variable to isFound
* Improve secret deletion and cache management
* Add base64 encoding to sql secret store
* Move secret retrieval to decrypted values function
* Refactor decrypt secure json data functions
* Fix expr tests
* Fix datasource tests
* Fix plugin proxy tests
* Fix query tests
* Fix metrics api tests
* Remove unused fake secrets service from query tests
* Add rename function to secret store
* Add check for error renaming secret
* Remove bus from tests to fix merge conflicts
* Add background secrets migration to datasources
* Get datasource secure json fields from secrets
* Move migration to secret store
* Revert "Move migration to secret store"
This reverts commit 7c3f872072.
* Add secret service to datasource service on tests
* Fix datasource tests
* Remove merge conflict on wire
* Add ctx to data source http transport on prometheus stats collector
* Add ctx to data source http transport on stats collector test
