opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-28 00:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
grafana/pkg/api/admin_encryption.go
Peter Štibraný 7268d6c1bc admin api: Fix reencryption of private_key in signing_key table, introduce test for reencryption (#105010) 
* Add integration test for reencrypting secrets.
Rotate keys before reencryption.
Test for setting table from enterprise repo.
2025-05-15 09:51:25 +02:00

52 lines
1.8 KiB
Go
Raw Blame History

package api
import (
"fmt"
"net/http"
"github.com/grafana/grafana/pkg/api/response"
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
)
func (hs *HTTPServer) AdminRotateDataEncryptionKeys(c *contextmodel.ReqContext) response.Response {
if err := hs.SecretsService.RotateDataKeys(c.Req.Context()); err != nil {
return response.Error(http.StatusInternalServerError, "Failed to rotate data keys", err)
}
return response.Respond(http.StatusNoContent, "")
}
func (hs *HTTPServer) AdminReEncryptEncryptionKeys(c *contextmodel.ReqContext) response.Response {
if err := hs.SecretsService.ReEncryptDataKeys(c.Req.Context()); err != nil {
return response.Error(http.StatusInternalServerError, "Failed to re-encrypt data keys", err)
}
return response.Respond(http.StatusOK, "Data encryption keys re-encrypted successfully")
}
func (hs *HTTPServer) AdminReEncryptSecrets(c *contextmodel.ReqContext) response.Response {
success, err := hs.SecretsMigrator.ReEncryptSecrets(c.Req.Context())
if err != nil {
return response.Error(http.StatusInternalServerError, "Failed to re-encrypt secrets", err)
}
if !success {
return response.Error(http.StatusPartialContent, fmt.Sprintf("Something unexpected happened - %s", hs.Cfg.UserFacingDefaultError), err)
}
return response.Respond(http.StatusOK, "Secrets re-encrypted successfully")
}
func (hs *HTTPServer) AdminRollbackSecrets(c *contextmodel.ReqContext) response.Response {
success, err := hs.SecretsMigrator.RollBackSecrets(c.Req.Context())
if err != nil {
return response.Error(http.StatusInternalServerError, "Failed to rollback secrets", err)
}
if !success {
return response.Error(http.StatusPartialContent, fmt.Sprintf("Something unexpected happened - %s", hs.Cfg.UserFacingDefaultError), err)
}
return response.Respond(http.StatusOK, "Secrets rolled back successfully")
}
Reference in New Issue View Git Blame Copy Permalink