opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-30 18:12:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
grafana/pkg/registry/apis/secret/contracts/encryption.go
Dana Axinte b4cd51810b SecretsManager: Various utils for usage insights, outbox and secretkeeper (#106010) 
* SecretsManager: utils for usage insights on ST mode

Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>

* SecretsManager: add assert

Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com>

* SecretsManager: Remove encryption scope option

Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>

* SecretsManager: add fake keeper

Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com>
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com>
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>

---------

Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com>
2025-05-28 12:46:54 +01:00

32 lines
1.3 KiB
Go
Raw Blame History

package contracts
import "context"
// EncryptionManager is an envelope encryption service in charge of encrypting/decrypting secrets.
type EncryptionManager interface {
// Encrypt MUST NOT be used within database transactions, it may cause database locks.
// For those specific use cases where the encryption operation cannot be moved outside
// the database transaction, look at database-specific methods present at the specific
// implementation present at manager.EncryptionService.
Encrypt(ctx context.Context, namespace string, payload []byte) ([]byte, error)
Decrypt(ctx context.Context, namespace string, payload []byte) ([]byte, error)
RotateDataKeys(ctx context.Context, namespace string) error
ReEncryptDataKeys(ctx context.Context, namespace string) error
}
type EncryptedValue struct {
UID string
Namespace string
EncryptedData []byte
Created int64
Updated int64
}
type EncryptedValueStorage interface {
Create(ctx context.Context, namespace string, encryptedData []byte) (*EncryptedValue, error)
Update(ctx context.Context, namespace string, uid string, encryptedData []byte) error
Get(ctx context.Context, namespace string, uid string) (*EncryptedValue, error)
Delete(ctx context.Context, namespace string, uid string) error
}
Reference in New Issue View Git Blame Copy Permalink