IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-18 12:33:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
7bcc151ae6
grafana/pkg/services/sqlstore/migrations/secrets_mig.go
Joan López de la Franca Beltran e43879e55d
Encryption: Add support for multiple data keys per day (#47765) 
* Add database migrations

* Use short uids as data key ids

* Add support for manual data key rotation

* Fix duplicated mutex unlocks

* Fix migration

* Manage current data keys per name

* Adjust key re-encryption and test

* Modify rename column migration for MySQL compatibility

* Refactor secrets manager and data keys cache

* Multiple o11y adjustments

* Fix stats query

* Apply suggestions from code review

Co-authored-by: Tania <yalyna.ts@gmail.com>

* Fix linter

* Docs: Rotate data encryption keys API endpoint

Co-authored-by: Tania <yalyna.ts@gmail.com>
2022-05-23 13:13:55 +02:00

65 lines
2.2 KiB
Go
Raw Blame History

package migrations
import (
"fmt"
"github.com/grafana/grafana/pkg/services/sqlstore/migrator"
)
func addSecretsMigration(mg *migrator.Migrator) {
dataKeysV1 := migrator.Table{
Name: "data_keys",
Columns: []*migrator.Column{
{Name: "name", Type: migrator.DB_NVarchar, Length: 100, IsPrimaryKey: true},
{Name: "active", Type: migrator.DB_Bool},
{Name: "scope", Type: migrator.DB_NVarchar, Length: 30, Nullable: false},
{Name: "provider", Type: migrator.DB_NVarchar, Length: 50, Nullable: false},
{Name: "encrypted_data", Type: migrator.DB_Blob, Nullable: false},
{Name: "created", Type: migrator.DB_DateTime, Nullable: false},
{Name: "updated", Type: migrator.DB_DateTime, Nullable: false},
},
Indices: []*migrator.Index{},
}
mg.AddMigration("create data_keys table", migrator.NewAddTableMigration(dataKeysV1))
secretsV1 := migrator.Table{
Name: "secrets",
Columns: []*migrator.Column{
{Name: "id", Type: migrator.DB_BigInt, IsPrimaryKey: true, IsAutoIncrement: true},
{Name: "org_id", Type: migrator.DB_BigInt, Nullable: false},
{Name: "namespace", Type: migrator.DB_NVarchar, Length: 255, Nullable: false},
{Name: "type", Type: migrator.DB_NVarchar, Length: 255, Nullable: false},
{Name: "value", Type: migrator.DB_Text, Nullable: true},
{Name: "created", Type: migrator.DB_DateTime, Nullable: false},
{Name: "updated", Type: migrator.DB_DateTime, Nullable: false},
},
Indices: []*migrator.Index{
{Cols: []string{"org_id"}},
{Cols: []string{"org_id", "namespace"}},
{Cols: []string{"org_id", "namespace", "type"}, Type: migrator.UniqueIndex},
},
}
mg.AddMigration("create secrets table", migrator.NewAddTableMigration(secretsV1))
mg.AddMigration("rename data_keys name column to id", migrator.NewRenameColumnMigration(
dataKeysV1, "name", "id",
))
mg.AddMigration("add name column into data_keys", migrator.NewAddColumnMigration(
dataKeysV1,
&migrator.Column{
Name: "name",
Type: migrator.DB_NVarchar,
Length: 100,
Default: "''",
Nullable: false,
},
))
mg.AddMigration("copy data_keys id column values into name", migrator.NewRawSQLMigration(
fmt.Sprintf("UPDATE %s SET %s = %s", dataKeysV1.Name, "name", "id"),
))
}
Reference in New Issue View Git Blame Copy Permalink