grafana/pkg/api/admin_encryption.go

package api

import (
	"fmt"
	"net/http"

	"github.com/grafana/grafana/pkg/api/response"
	contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
	skv "github.com/grafana/grafana/pkg/services/secrets/kvstore"
)

func (hs *HTTPServer) AdminRotateDataEncryptionKeys(c *contextmodel.ReqContext) response.Response {
	if err := hs.SecretsService.RotateDataKeys(c.Req.Context()); err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to rotate data keys", err)
	}

	return response.Respond(http.StatusNoContent, "")
}

func (hs *HTTPServer) AdminReEncryptEncryptionKeys(c *contextmodel.ReqContext) response.Response {
	if err := hs.SecretsService.ReEncryptDataKeys(c.Req.Context()); err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to re-encrypt data keys", err)
	}

	return response.Respond(http.StatusOK, "Data encryption keys re-encrypted successfully")
}

func (hs *HTTPServer) AdminReEncryptSecrets(c *contextmodel.ReqContext) response.Response {
	success, err := hs.secretsMigrator.ReEncryptSecrets(c.Req.Context())
	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to re-encrypt secrets", err)
	}

	if !success {
		return response.Error(http.StatusPartialContent, fmt.Sprintf("Something unexpected happened - %s", hs.Cfg.UserFacingDefaultError), err)
	}

	return response.Respond(http.StatusOK, "Secrets re-encrypted successfully")
}

func (hs *HTTPServer) AdminRollbackSecrets(c *contextmodel.ReqContext) response.Response {
	success, err := hs.secretsMigrator.RollBackSecrets(c.Req.Context())
	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to rollback secrets", err)
	}

	if !success {
		return response.Error(http.StatusPartialContent, fmt.Sprintf("Something unexpected happened - %s", hs.Cfg.UserFacingDefaultError), err)
	}

	return response.Respond(http.StatusOK, "Secrets rolled back successfully")
}

// To migrate to the plugin, it must be installed and configured
// so as not to lose access to migrated secrets
func (hs *HTTPServer) AdminMigrateSecretsToPlugin(c *contextmodel.ReqContext) response.Response {
	if skv.EvaluateRemoteSecretsPlugin(c.Req.Context(), hs.secretsPluginManager, hs.Cfg) != nil {
		hs.log.Warn("Received secrets plugin migration request while plugin is not available")
		return response.Respond(http.StatusBadRequest, "Secrets plugin is not available")
	}
	err := hs.secretsPluginMigrator.TriggerPluginMigration(c.Req.Context(), true)
	if err != nil {
		hs.log.Error("Failed to trigger secret migration to plugin", "error", err.Error())
		return response.Respond(http.StatusInternalServerError, "Secret migration to plugin failed")
	}
	return response.Respond(http.StatusOK, "Secret migration to plugin triggered successfully")
}

// To migrate from the plugin, it must be installed only
// as it is possible the user disabled it and then wants to migrate
func (hs *HTTPServer) AdminMigrateSecretsFromPlugin(c *contextmodel.ReqContext) response.Response {
	if hs.secretsPluginManager.SecretsManager(c.Req.Context()) == nil {
		hs.log.Warn("Received secrets plugin migration request while plugin is not installed")
		return response.Respond(http.StatusBadRequest, "Secrets plugin is not installed")
	}
	err := hs.secretsPluginMigrator.TriggerPluginMigration(c.Req.Context(), false)
	if err != nil {
		hs.log.Error("Failed to trigger secret migration from plugin", "error", err.Error())
		return response.Respond(http.StatusInternalServerError, "Secret migration from plugin failed")
	}
	return response.Respond(http.StatusOK, "Secret migration from plugin triggered successfully")
}

func (hs *HTTPServer) AdminDeleteAllSecretsManagerPluginSecrets(c *contextmodel.ReqContext) response.Response {
	if hs.secretsPluginManager.SecretsManager(c.Req.Context()) == nil {
		hs.log.Warn("Received secrets plugin deletion request while plugin is not installed")
		return response.Respond(http.StatusBadRequest, "Secrets plugin is not installed")
	}
	items, err := hs.secretsStore.GetAll(c.Req.Context())
	if err != nil {
		return response.Respond(http.StatusInternalServerError, "an error occurred while retrieving secrets")
	}
	for _, item := range items {
		err := hs.secretsStore.Del(c.Req.Context(), *item.OrgId, *item.Namespace, *item.Type)
		if err != nil {
			return response.Respond(http.StatusInternalServerError, fmt.Sprintf("error deleting key with org=%v namespace=%v type=%v. error=%v", *item.OrgId, *item.Namespace, *item.Type, err.Error()))
		}
	}
	return response.Respond(http.StatusOK, fmt.Sprintf("All %d Secrets Manager plugin secrets deleted", len(items)))
}
Encryption: Add support for multiple data keys per day (#47765) * Add database migrations * Use short uids as data key ids * Add support for manual data key rotation * Fix duplicated mutex unlocks * Fix migration * Manage current data keys per name * Adjust key re-encryption and test * Modify rename column migration for MySQL compatibility * Refactor secrets manager and data keys cache * Multiple o11y adjustments * Fix stats query * Apply suggestions from code review Co-authored-by: Tania <yalyna.ts@gmail.com> * Fix linter * Docs: Rotate data encryption keys API endpoint Co-authored-by: Tania <yalyna.ts@gmail.com> 2022-05-23 19:13:55 +08:00			`package api`

			`import (`
Secrets: Implement admin mechanism for deleting all secrets stored on the secrets plugin (#54264) * implement delete all secrets endpoint * change deletion check to just check for installed plugin * refactor function call 2022-08-30 02:44:55 +08:00			`"fmt"`
Encryption: Add support for multiple data keys per day (#47765) * Add database migrations * Use short uids as data key ids * Add support for manual data key rotation * Fix duplicated mutex unlocks * Fix migration * Manage current data keys per name * Adjust key re-encryption and test * Modify rename column migration for MySQL compatibility * Refactor secrets manager and data keys cache * Multiple o11y adjustments * Fix stats query * Apply suggestions from code review Co-authored-by: Tania <yalyna.ts@gmail.com> * Fix linter * Docs: Rotate data encryption keys API endpoint Co-authored-by: Tania <yalyna.ts@gmail.com> 2022-05-23 19:13:55 +08:00			`"net/http"`

			`"github.com/grafana/grafana/pkg/api/response"`
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"`
Secrets: Implement migration of secrets from plugin back to unified secrets (#53561) * initial cut at migration from plugin * create new migration from plugin * only migrate to or from, not both * remove cfg check from plugin migration itself * update comments, clean up secret after migration * add better error handling * hook up REST API with migrations * Minor fixes * fix wire injection issue * modify migrator to access plugin calls directly. create unit tests * change pre-migration checks in admin api * stop plugin after migrating from it * fix compile issues after merge * add comment about migration * fix linting issue * bleh, fix unit test * fix another unit test * update plugin error fatal flag after a migration from the plugin * add extra logging to migration * make linter happy Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com> 2022-08-25 04:24:50 +08:00			`skv "github.com/grafana/grafana/pkg/services/secrets/kvstore"`
Encryption: Add support for multiple data keys per day (#47765) * Add database migrations * Use short uids as data key ids * Add support for manual data key rotation * Fix duplicated mutex unlocks * Fix migration * Manage current data keys per name * Adjust key re-encryption and test * Modify rename column migration for MySQL compatibility * Refactor secrets manager and data keys cache * Multiple o11y adjustments * Fix stats query * Apply suggestions from code review Co-authored-by: Tania <yalyna.ts@gmail.com> * Fix linter * Docs: Rotate data encryption keys API endpoint Co-authored-by: Tania <yalyna.ts@gmail.com> 2022-05-23 19:13:55 +08:00			`)`

Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`func (hs HTTPServer) AdminRotateDataEncryptionKeys(c contextmodel.ReqContext) response.Response {`
Encryption: Add support for multiple data keys per day (#47765) * Add database migrations * Use short uids as data key ids * Add support for manual data key rotation * Fix duplicated mutex unlocks * Fix migration * Manage current data keys per name * Adjust key re-encryption and test * Modify rename column migration for MySQL compatibility * Refactor secrets manager and data keys cache * Multiple o11y adjustments * Fix stats query * Apply suggestions from code review Co-authored-by: Tania <yalyna.ts@gmail.com> * Fix linter * Docs: Rotate data encryption keys API endpoint Co-authored-by: Tania <yalyna.ts@gmail.com> 2022-05-23 19:13:55 +08:00			`if err := hs.SecretsService.RotateDataKeys(c.Req.Context()); err != nil {`
Encryption: Expose secrets migrations through HTTP API (#51707) * Encryption: Move secrets migrations into secrets.Migrator * Encryption: Refactor secrets.Service initialization * Encryption: Add support to run secrets migrations even when EE is disabled * Encryption: Expose secrets migrations through HTTP API * Update docs * Fix docs links * Some adjustments to makes errors explicit through HTTP response 2022-07-18 14:57:58 +08:00			`return response.Error(http.StatusInternalServerError, "Failed to rotate data keys", err)`
Encryption: Add support for multiple data keys per day (#47765) * Add database migrations * Use short uids as data key ids * Add support for manual data key rotation * Fix duplicated mutex unlocks * Fix migration * Manage current data keys per name * Adjust key re-encryption and test * Modify rename column migration for MySQL compatibility * Refactor secrets manager and data keys cache * Multiple o11y adjustments * Fix stats query * Apply suggestions from code review Co-authored-by: Tania <yalyna.ts@gmail.com> * Fix linter * Docs: Rotate data encryption keys API endpoint Co-authored-by: Tania <yalyna.ts@gmail.com> 2022-05-23 19:13:55 +08:00			`}`

			`return response.Respond(http.StatusNoContent, "")`
			`}`
Encryption: Expose secrets migrations through HTTP API (#51707) * Encryption: Move secrets migrations into secrets.Migrator * Encryption: Refactor secrets.Service initialization * Encryption: Add support to run secrets migrations even when EE is disabled * Encryption: Expose secrets migrations through HTTP API * Update docs * Fix docs links * Some adjustments to makes errors explicit through HTTP response 2022-07-18 14:57:58 +08:00
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`func (hs HTTPServer) AdminReEncryptEncryptionKeys(c contextmodel.ReqContext) response.Response {`
Encryption: Expose secrets migrations through HTTP API (#51707) * Encryption: Move secrets migrations into secrets.Migrator * Encryption: Refactor secrets.Service initialization * Encryption: Add support to run secrets migrations even when EE is disabled * Encryption: Expose secrets migrations through HTTP API * Update docs * Fix docs links * Some adjustments to makes errors explicit through HTTP response 2022-07-18 14:57:58 +08:00			`if err := hs.SecretsService.ReEncryptDataKeys(c.Req.Context()); err != nil {`
			`return response.Error(http.StatusInternalServerError, "Failed to re-encrypt data keys", err)`
			`}`

			`return response.Respond(http.StatusOK, "Data encryption keys re-encrypted successfully")`
			`}`

Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`func (hs HTTPServer) AdminReEncryptSecrets(c contextmodel.ReqContext) response.Response {`
Encryption: Expose secrets migrations through HTTP API (#51707) * Encryption: Move secrets migrations into secrets.Migrator * Encryption: Refactor secrets.Service initialization * Encryption: Add support to run secrets migrations even when EE is disabled * Encryption: Expose secrets migrations through HTTP API * Update docs * Fix docs links * Some adjustments to makes errors explicit through HTTP response 2022-07-18 14:57:58 +08:00			`success, err := hs.secretsMigrator.ReEncryptSecrets(c.Req.Context())`
			`if err != nil {`
			`return response.Error(http.StatusInternalServerError, "Failed to re-encrypt secrets", err)`
			`}`

			`if !success {`
Config: Add configuration option to define custom user-facing general error message for certain error types (#70023) --------- Co-authored-by: Summer Wollin <summer.wollin@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com> 2023-06-16 23:46:47 +08:00			`return response.Error(http.StatusPartialContent, fmt.Sprintf("Something unexpected happened - %s", hs.Cfg.UserFacingDefaultError), err)`
Encryption: Expose secrets migrations through HTTP API (#51707) * Encryption: Move secrets migrations into secrets.Migrator * Encryption: Refactor secrets.Service initialization * Encryption: Add support to run secrets migrations even when EE is disabled * Encryption: Expose secrets migrations through HTTP API * Update docs * Fix docs links * Some adjustments to makes errors explicit through HTTP response 2022-07-18 14:57:58 +08:00			`}`

			`return response.Respond(http.StatusOK, "Secrets re-encrypted successfully")`
			`}`

Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`func (hs HTTPServer) AdminRollbackSecrets(c contextmodel.ReqContext) response.Response {`
Encryption: Expose secrets migrations through HTTP API (#51707) * Encryption: Move secrets migrations into secrets.Migrator * Encryption: Refactor secrets.Service initialization * Encryption: Add support to run secrets migrations even when EE is disabled * Encryption: Expose secrets migrations through HTTP API * Update docs * Fix docs links * Some adjustments to makes errors explicit through HTTP response 2022-07-18 14:57:58 +08:00			`success, err := hs.secretsMigrator.RollBackSecrets(c.Req.Context())`
			`if err != nil {`
			`return response.Error(http.StatusInternalServerError, "Failed to rollback secrets", err)`
			`}`

			`if !success {`
Config: Add configuration option to define custom user-facing general error message for certain error types (#70023) --------- Co-authored-by: Summer Wollin <summer.wollin@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com> 2023-06-16 23:46:47 +08:00			`return response.Error(http.StatusPartialContent, fmt.Sprintf("Something unexpected happened - %s", hs.Cfg.UserFacingDefaultError), err)`
Encryption: Expose secrets migrations through HTTP API (#51707) * Encryption: Move secrets migrations into secrets.Migrator * Encryption: Refactor secrets.Service initialization * Encryption: Add support to run secrets migrations even when EE is disabled * Encryption: Expose secrets migrations through HTTP API * Update docs * Fix docs links * Some adjustments to makes errors explicit through HTTP response 2022-07-18 14:57:58 +08:00			`}`

			`return response.Respond(http.StatusOK, "Secrets rolled back successfully")`
			`}`
Secrets: Implement migration of secrets from plugin back to unified secrets (#53561) * initial cut at migration from plugin * create new migration from plugin * only migrate to or from, not both * remove cfg check from plugin migration itself * update comments, clean up secret after migration * add better error handling * hook up REST API with migrations * Minor fixes * fix wire injection issue * modify migrator to access plugin calls directly. create unit tests * change pre-migration checks in admin api * stop plugin after migrating from it * fix compile issues after merge * add comment about migration * fix linting issue * bleh, fix unit test * fix another unit test * update plugin error fatal flag after a migration from the plugin * add extra logging to migration * make linter happy Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com> 2022-08-25 04:24:50 +08:00
			`// To migrate to the plugin, it must be installed and configured`
			`// so as not to lose access to migrated secrets`
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`func (hs HTTPServer) AdminMigrateSecretsToPlugin(c contextmodel.ReqContext) response.Response {`
manager exposes renderer + secrets manager (#54629) 2022-09-02 20:20:10 +08:00			`if skv.EvaluateRemoteSecretsPlugin(c.Req.Context(), hs.secretsPluginManager, hs.Cfg) != nil {`
Secrets: Implement migration of secrets from plugin back to unified secrets (#53561) * initial cut at migration from plugin * create new migration from plugin * only migrate to or from, not both * remove cfg check from plugin migration itself * update comments, clean up secret after migration * add better error handling * hook up REST API with migrations * Minor fixes * fix wire injection issue * modify migrator to access plugin calls directly. create unit tests * change pre-migration checks in admin api * stop plugin after migrating from it * fix compile issues after merge * add comment about migration * fix linting issue * bleh, fix unit test * fix another unit test * update plugin error fatal flag after a migration from the plugin * add extra logging to migration * make linter happy Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com> 2022-08-25 04:24:50 +08:00			`hs.log.Warn("Received secrets plugin migration request while plugin is not available")`
			`return response.Respond(http.StatusBadRequest, "Secrets plugin is not available")`
			`}`
			`err := hs.secretsPluginMigrator.TriggerPluginMigration(c.Req.Context(), true)`
			`if err != nil {`
			`hs.log.Error("Failed to trigger secret migration to plugin", "error", err.Error())`
			`return response.Respond(http.StatusInternalServerError, "Secret migration to plugin failed")`
			`}`
			`return response.Respond(http.StatusOK, "Secret migration to plugin triggered successfully")`
			`}`

			`// To migrate from the plugin, it must be installed only`
			`// as it is possible the user disabled it and then wants to migrate`
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`func (hs HTTPServer) AdminMigrateSecretsFromPlugin(c contextmodel.ReqContext) response.Response {`
manager exposes renderer + secrets manager (#54629) 2022-09-02 20:20:10 +08:00			`if hs.secretsPluginManager.SecretsManager(c.Req.Context()) == nil {`
Secrets: Implement migration of secrets from plugin back to unified secrets (#53561) * initial cut at migration from plugin * create new migration from plugin * only migrate to or from, not both * remove cfg check from plugin migration itself * update comments, clean up secret after migration * add better error handling * hook up REST API with migrations * Minor fixes * fix wire injection issue * modify migrator to access plugin calls directly. create unit tests * change pre-migration checks in admin api * stop plugin after migrating from it * fix compile issues after merge * add comment about migration * fix linting issue * bleh, fix unit test * fix another unit test * update plugin error fatal flag after a migration from the plugin * add extra logging to migration * make linter happy Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com> 2022-08-25 04:24:50 +08:00			`hs.log.Warn("Received secrets plugin migration request while plugin is not installed")`
			`return response.Respond(http.StatusBadRequest, "Secrets plugin is not installed")`
			`}`
			`err := hs.secretsPluginMigrator.TriggerPluginMigration(c.Req.Context(), false)`
			`if err != nil {`
			`hs.log.Error("Failed to trigger secret migration from plugin", "error", err.Error())`
			`return response.Respond(http.StatusInternalServerError, "Secret migration from plugin failed")`
			`}`
			`return response.Respond(http.StatusOK, "Secret migration from plugin triggered successfully")`
			`}`
Secrets: Implement admin mechanism for deleting all secrets stored on the secrets plugin (#54264) * implement delete all secrets endpoint * change deletion check to just check for installed plugin * refactor function call 2022-08-30 02:44:55 +08:00
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 15:50:36 +08:00			`func (hs HTTPServer) AdminDeleteAllSecretsManagerPluginSecrets(c contextmodel.ReqContext) response.Response {`
manager exposes renderer + secrets manager (#54629) 2022-09-02 20:20:10 +08:00			`if hs.secretsPluginManager.SecretsManager(c.Req.Context()) == nil {`
Secrets: Implement admin mechanism for deleting all secrets stored on the secrets plugin (#54264) * implement delete all secrets endpoint * change deletion check to just check for installed plugin * refactor function call 2022-08-30 02:44:55 +08:00			`hs.log.Warn("Received secrets plugin deletion request while plugin is not installed")`
			`return response.Respond(http.StatusBadRequest, "Secrets plugin is not installed")`
			`}`
			`items, err := hs.secretsStore.GetAll(c.Req.Context())`
			`if err != nil {`
			`return response.Respond(http.StatusInternalServerError, "an error occurred while retrieving secrets")`
			`}`
			`for _, item := range items {`
			`err := hs.secretsStore.Del(c.Req.Context(), item.OrgId, item.Namespace, *item.Type)`
			`if err != nil {`
			`return response.Respond(http.StatusInternalServerError, fmt.Sprintf("error deleting key with org=%v namespace=%v type=%v. error=%v", item.OrgId, item.Namespace, *item.Type, err.Error()))`
			`}`
			`}`
			`return response.Respond(http.StatusOK, fmt.Sprintf("All %d Secrets Manager plugin secrets deleted", len(items)))`
			`}`