WIP: Add private Secret Manager Plugins support to plugin platform (#49544)

* Add protobuf config and generated code, and client wrapper * wire up loading of secretsmanager plugin, using renderer plugin as a model * update kvstore provider to check if we should use the grpc plugin. return false always in OSS * add OSS remote plugin check * refactor wire gen file * log which secrets manager is being used * Fix argument types for remote checker * Turns out if err != nil, then the result is always nil. Return empty values if there is an error. * remove duplicate import * Update pkg/services/secrets/kvstore/kvstore.go Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> * Update pkg/services/secrets/kvstore/kvstore.go Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> * refactor RemotePluginCheck interface to just return the Plugin client directly * rename struct to something less silly * Update pkg/plugins/backendplugin/secretsmanagerplugin/secretsmanager.proto Co-authored-by: Will Browne <wbrowne@users.noreply.github.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2025-07-29 11:22:21 +08:00 · 2022-06-09 13:19:27 -04:00
parent ef401f5d62
commit f376c33903
17 changed files with 1460 additions and 23 deletions
--- a/pkg/plugins/plugins.go
+++ b/pkg/plugins/plugins.go
@ -10,6 +10,7 @@ import (
 	"github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/plugins/backendplugin"
 	"github.com/grafana/grafana/pkg/plugins/backendplugin/pluginextensionv2"
+	"github.com/grafana/grafana/pkg/plugins/backendplugin/secretsmanagerplugin"
 )

 type Plugin struct {
@ -36,9 +37,10 @@ type Plugin struct {
 	Module  string
 	BaseURL string

-	Renderer pluginextensionv2.RendererPlugin
-	client   backendplugin.Plugin
-	log      log.Logger
+	Renderer       pluginextensionv2.RendererPlugin
+	SecretsManager secretsmanagerplugin.SecretsManagerPlugin
+	client         backendplugin.Plugin
+	log            log.Logger
 }

 type PluginDTO struct {
@ -132,7 +134,7 @@ type JSONData struct {
 	Streaming    bool            `json:"streaming"`
 	SDK          bool            `json:"sdk,omitempty"`

-	// Backend (Datasource + Renderer)
+	// Backend (Datasource + Renderer + SecretsManager)
 	Executable string `json:"executable,omitempty"`
 }

@ -347,6 +349,10 @@ func (p *Plugin) IsRenderer() bool {
 	return p.Type == "renderer"
 }

+func (p *Plugin) IsSecretsManager() bool {
+	return p.Type == "secretsmanager"
+}
+
 func (p *Plugin) IsDataSource() bool {
 	return p.Type == "datasource"
 }
@ -384,20 +390,22 @@ var PluginTypes = []Type{
 	Panel,
 	App,
 	Renderer,
+	SecretsManager,
 }

 type Type string

 const (
-	DataSource Type = "datasource"
-	Panel      Type = "panel"
-	App        Type = "app"
-	Renderer   Type = "renderer"
+	DataSource     Type = "datasource"
+	Panel          Type = "panel"
+	App            Type = "app"
+	Renderer       Type = "renderer"
+	SecretsManager Type = "secretsmanager"
 )

 func (pt Type) IsValid() bool {
 	switch pt {
-	case DataSource, Panel, App, Renderer:
+	case DataSource, Panel, App, Renderer, SecretsManager:
 		return true
 	}
 	return false