WIP: Add private Secret Manager Plugins support to plugin platform (#49544)

* Add protobuf config and generated code, and client wrapper * wire up loading of secretsmanager plugin, using renderer plugin as a model * update kvstore provider to check if we should use the grpc plugin. return false always in OSS * add OSS remote plugin check * refactor wire gen file * log which secrets manager is being used * Fix argument types for remote checker * Turns out if err != nil, then the result is always nil. Return empty values if there is an error. * remove duplicate import * Update pkg/services/secrets/kvstore/kvstore.go Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> * Update pkg/services/secrets/kvstore/kvstore.go Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> * refactor RemotePluginCheck interface to just return the Plugin client directly * rename struct to something less silly * Update pkg/plugins/backendplugin/secretsmanagerplugin/secretsmanager.proto Co-authored-by: Will Browne <wbrowne@users.noreply.github.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2022-06-09 13:19:27 -04:00
parent ef401f5d62
commit f376c33903
17 changed files with 1460 additions and 23 deletions
@@ -0,0 +1,56 @@
+syntax = "proto3";
+package secretsmanagerplugin;
+
+option go_package = "./;secretsmanagerplugin";
+
+message SecretsGetRequest {
+    Key keyDescriptor = 1;
+}
+
+message SecretsSetRequest {
+    Key keyDescriptor = 1;
+    string value = 2;
+}
+
+message SecretsDelRequest {
+    Key keyDescriptor = 1;
+}
+
+message SecretsKeysRequest {
+    Key keyDescriptor = 1;
+    bool allOrganizations = 2;
+}
+
+message SecretsRenameRequest {
+    Key keyDescriptor = 1;
+    string newNamespace = 2;
+}
+
+message Key {
+    int64 orgId = 1;
+    string namespace = 2;
+    string type = 3;
+}
+
+message SecretsErrorResponse {
+    string error = 1;
+}
+
+message SecretsGetResponse {
+    string error = 1;
+    string decryptedValue = 2;
+    bool exists = 3;  
+}
+
+message SecretsKeysResponse {
+    string error = 1;
+    repeated Key keys = 2;
+}
+
+service RemoteSecretsManager {
+    rpc Get(SecretsGetRequest) returns (SecretsGetResponse);
+    rpc Set(SecretsSetRequest) returns (SecretsErrorResponse);
+    rpc Del(SecretsDelRequest) returns (SecretsErrorResponse);
+    rpc Keys(SecretsKeysRequest) returns (SecretsKeysResponse);
+    rpc Rename(SecretsRenameRequest) returns (SecretsErrorResponse);
+}