Secrets: encryption encryption storage uses versioning (#108036)

* Secrets: delete unused FakeKeeper

* Secrets: encrypted value storage stores versions

* add version to span

* trigger build

* remove ineffectual assignment

* lint

* drop secret_encrypted_value.uid / add name and version columns

pkg/storage/secret/encryption/testdata/mysql--encrypted_value_create-create.sql

@@ -1,12 +1,14 @@
 INSERT INTO `secret_encrypted_value` (
-  `uid`,
   `namespace`,
+  `name`,
+  `version`,
   `encrypted_data`,
   `created`,
   `updated`
 ) VALUES (
-  'abc123',
   'ns',
+  'n1',
+  1,
   '[115 101 99 114 101 116]',
   1234,
   5678

pkg/storage/secret/encryption/testdata/mysql--encrypted_value_delete-delete.sql

@@ -1,4 +1,6 @@
 DELETE FROM `secret_encrypted_value`
-WHERE `namespace` = 'ns' AND
-  `uid`      = 'abc123'
+WHERE 
+  `namespace` = 'ns' AND
+  `name`      = 'n1' AND
+  `version`   = 1
 ;

pkg/storage/secret/encryption/testdata/mysql--encrypted_value_read-read.sql

@@ -1,11 +1,14 @@
 SELECT
-  `uid`,
   `namespace`,
+  `name`,
+  `version`,
   `encrypted_data`,
   `created`,
   `updated`
 FROM
   `secret_encrypted_value`
-WHERE `namespace` = 'ns' AND
-  `uid` = 'abc123'
+WHERE 
+  `namespace` = 'ns' AND
+  `name` = 'n1' AND
+  `version` = 1
 ;

pkg/storage/secret/encryption/testdata/mysql--encrypted_value_update-update.sql

@@ -3,6 +3,8 @@ UPDATE
 SET
   `encrypted_data` = '[115 101 99 114 101 116]',
   `updated` = 5679
-WHERE `namespace` = 'ns' AND
-  `uid` = 'abc123'
+WHERE 
+  `namespace` = 'ns' AND
+  `name` = 'n1' AND
+  `version` = 1
 ;

pkg/storage/secret/encryption/testdata/postgres--encrypted_value_create-create.sql

@@ -1,12 +1,14 @@
 INSERT INTO "secret_encrypted_value" (
-  "uid",
   "namespace",
+  "name",
+  "version",
   "encrypted_data",
   "created",
   "updated"
 ) VALUES (
-  'abc123',
   'ns',
+  'n1',
+  1,
   '[115 101 99 114 101 116]',
   1234,
   5678

pkg/storage/secret/encryption/testdata/postgres--encrypted_value_delete-delete.sql

@@ -1,4 +1,6 @@
 DELETE FROM "secret_encrypted_value"
-WHERE "namespace" = 'ns' AND
-  "uid"      = 'abc123'
+WHERE 
+  "namespace" = 'ns' AND
+  "name"      = 'n1' AND
+  "version"   = 1
 ;

pkg/storage/secret/encryption/testdata/postgres--encrypted_value_read-read.sql

@@ -1,11 +1,14 @@
 SELECT
-  "uid",
   "namespace",
+  "name",
+  "version",
   "encrypted_data",
   "created",
   "updated"
 FROM
   "secret_encrypted_value"
-WHERE "namespace" = 'ns' AND
-  "uid" = 'abc123'
+WHERE 
+  "namespace" = 'ns' AND
+  "name" = 'n1' AND
+  "version" = 1
 ;

pkg/storage/secret/encryption/testdata/postgres--encrypted_value_update-update.sql

@@ -3,6 +3,8 @@ UPDATE
 SET
   "encrypted_data" = '[115 101 99 114 101 116]',
   "updated" = 5679
-WHERE "namespace" = 'ns' AND
-  "uid" = 'abc123'
+WHERE 
+  "namespace" = 'ns' AND
+  "name" = 'n1' AND
+  "version" = 1
 ;

pkg/storage/secret/encryption/testdata/sqlite--encrypted_value_create-create.sql

@@ -1,12 +1,14 @@
 INSERT INTO "secret_encrypted_value" (
-  "uid",
   "namespace",
+  "name",
+  "version",
   "encrypted_data",
   "created",
   "updated"
 ) VALUES (
-  'abc123',
   'ns',
+  'n1',
+  1,
   '[115 101 99 114 101 116]',
   1234,
   5678

pkg/storage/secret/encryption/testdata/sqlite--encrypted_value_delete-delete.sql

@@ -1,4 +1,6 @@
 DELETE FROM "secret_encrypted_value"
-WHERE "namespace" = 'ns' AND
-  "uid"      = 'abc123'
+WHERE 
+  "namespace" = 'ns' AND
+  "name"      = 'n1' AND
+  "version"   = 1
 ;

pkg/storage/secret/encryption/testdata/sqlite--encrypted_value_read-read.sql

@@ -1,11 +1,14 @@
 SELECT
-  "uid",
   "namespace",
+  "name",
+  "version",
   "encrypted_data",
   "created",
   "updated"
 FROM
   "secret_encrypted_value"
-WHERE "namespace" = 'ns' AND
-  "uid" = 'abc123'
+WHERE 
+  "namespace" = 'ns' AND
+  "name" = 'n1' AND
+  "version" = 1
 ;

pkg/storage/secret/encryption/testdata/sqlite--encrypted_value_update-update.sql

@@ -3,6 +3,8 @@ UPDATE
 SET
   "encrypted_data" = '[115 101 99 114 101 116]',
   "updated" = 5679
-WHERE "namespace" = 'ns' AND
-  "uid" = 'abc123'
+WHERE 
+  "namespace" = 'ns' AND
+  "name" = 'n1' AND
+  "version" = 1
 ;