opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-29 03:22:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
grafana/pkg/setting/setting_secrets_manager.go
Matheus Macabu c90e2e8e5e SecretsManager: Add (en/de)cryption packages (#104923) 
Merging the code as-is from the feature branch: secret-service/feature-branch

Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com>
Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com>
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com>
Co-authored-by: Mariell Hoversholm <mariell.hoversholm@grafana.com>
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
2025-05-05 15:26:52 +02:00

38 lines
1.5 KiB
Go
Raw Blame History

package setting
import (
"regexp"
"time"
"github.com/grafana/grafana/pkg/registry/apis/secret/encryption/cipher"
"github.com/grafana/grafana/pkg/services/kmsproviders"
)
type EncryptionSettings struct {
DataKeysCacheTTL time.Duration
DataKeysCleanupInterval time.Duration
Algorithm string
}
type SecretsManagerSettings struct {
SecretKey string
EncryptionProvider string
AvailableProviders []string
Encryption EncryptionSettings
}
func (cfg *Cfg) readSecretsManagerSettings() {
secretsMgmt := cfg.Raw.Section("secrets_manager")
cfg.SecretsManagement.EncryptionProvider = secretsMgmt.Key("encryption_provider").MustString(kmsproviders.Default)
// TODO: These are not used yet by the secrets manager because we need to distentagle the dependencies with OSS.
cfg.SecretsManagement.SecretKey = secretsMgmt.Key("secret_key").MustString("")
cfg.SecretsManagement.AvailableProviders = regexp.MustCompile(`\s*,\s*`).Split(secretsMgmt.Key("available_encryption_providers").MustString(""), -1) // parse comma separated list
encryption := cfg.Raw.Section("secrets_manager.encryption")
cfg.SecretsManagement.Encryption.DataKeysCacheTTL = encryption.Key("data_keys_cache_ttl").MustDuration(15 * time.Minute)
cfg.SecretsManagement.Encryption.DataKeysCleanupInterval = encryption.Key("data_keys_cache_cleanup_interval").MustDuration(1 * time.Minute)
cfg.SecretsManagement.Encryption.Algorithm = encryption.Key("algorithm").MustString(cipher.AesGcm)
}
Reference in New Issue View Git Blame Copy Permalink