SecretsManager: add data key store (#107396)

* SecretsManager: Add data key store Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com> Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com> Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com> * SecretsManager: Add wiring of data key store Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com> Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com> Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com> --------- Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com> Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>
2025-06-30 17:17:07 +01:00
parent 2d634639a2
commit 0fccc01ebe
39 changed files with 1097 additions and 25 deletions
@@ -3,7 +3,9 @@ package encryption
 import (
 	"testing"
 	"text/template"
+	"time"

+	"github.com/grafana/grafana/pkg/registry/apis/secret/contracts"
 	"github.com/grafana/grafana/pkg/storage/unified/sql/sqltemplate/mocks"
 )

@@ -61,3 +63,98 @@ func TestEncryptedValueQueries(t *testing.T) {
 		},
 	})
 }
+
+func TestDataKeyQueries(t *testing.T) {
+	mocks.CheckQuerySnapshots(t, mocks.TemplateTestSetup{
+		RootDir: "testdata",
+		Templates: map[*template.Template][]mocks.TemplateTestCase{
+			sqlDataKeyCreate: {
+				{
+					Name: "create",
+					Data: &createDataKey{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Row: &contracts.SecretDataKey{
+							UID:           "abc123",
+							Active:        true,
+							Namespace:     "ns",
+							Label:         "label",
+							Provider:      "provider",
+							EncryptedData: []byte("secret"),
+						},
+					},
+				},
+				{
+					Name: "create-not-active",
+					Data: &createDataKey{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Row: &contracts.SecretDataKey{
+							UID:           "abc123",
+							Active:        false,
+							Namespace:     "ns",
+							Label:         "label",
+							Provider:      "provider",
+							EncryptedData: []byte("secret"),
+						},
+					},
+				},
+			},
+			sqlDataKeyRead: {
+				{
+					Name: "read",
+					Data: &readDataKey{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Namespace:   "ns",
+						UID:         "abc123",
+					},
+				},
+			},
+			sqlDataKeyReadCurrent: {
+				{
+					Name: "read_current",
+					Data: &readCurrentDataKey{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Namespace:   "ns",
+						Label:       "label",
+					},
+				},
+			},
+			sqlDataKeyList: {
+				{
+					Name: "list",
+					Data: &listDataKeys{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Namespace:   "ns",
+					},
+				},
+			},
+			sqlDataKeyDisable: {
+				{
+					Name: "disable",
+					Data: &disableDataKeys{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Namespace:   "ns",
+						Updated:     time.Unix(1735689600, 0).UTC(),
+					},
+				},
+			},
+			sqlDataKeyDelete: {
+				{
+					Name: "delete",
+					Data: &deleteDataKey{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Namespace:   "ns",
+						UID:         "abc123",
+					},
+				},
+				{
+					Name: "delete-no-uid",
+					Data: &deleteDataKey{
+						SQLTemplate: mocks.NewTestingSQLTemplate(),
+						Namespace:   "ns",
+						UID:         "",
+					},
+				},
+			},
+		},
+	})
+}