* Secrets manager: create secure value using the active keeper
* SecureValueService.Update: fetch secure value from db to get the keeper
* fix keeper_store_test.go
* SecureValueService: fix bug in update where the current version keeper wasn't being passed to the createNewVersion method
* make gofmt
* remove outdated test
* update TestModel
* undo enterprise_imports changes
* use xkube.Namespace
* migrator: set secret_secure_value.keeper to 'system' when the column is null
* indent cue
* fix tests
* fix enterprise imports
* properly fix enterprise imports
* make update-workspace
* go mod tidy
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com>
* Secrets: Refactor data_key_id out of the encoded secure value payload (#111852)
* everything compiles
* tests pass
* remove file included by accident
* add entry to gitignore
* some scaffolding for the migration executor
* remove file
* implement and test the migration
* use xkube.Namespace in our interfaces
* add todo
* update wire deps
* add some logs
* fix wire dependency ordering
* create tests to validate error conditions during migrations
* only run the migration as an MT api server
* formatting issues
* change detection of secrets running as MT server
* add todo
* use more specific initializer flags
* make secrets playwright tests work
* set new properties to true by default
* remove developer mode flag
* fix unit tests
* everything compiles
* tests pass
* remove file included by accident
* add entry to gitignore
* some scaffolding for the migration executor
* remove file
* implement and test the migration
* use xkube.Namespace in our interfaces
* add todo
* update wire deps
* add some logs
* fix wire dependency ordering
* create tests to validate error conditions during migrations
* Secrets: Add service name as explicit parameter for Decrypt
* Apply suggestions from code review
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
---------
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
* Secrets: delete unused FakeKeeper
* Secrets: encrypted value storage stores versions
* add version to span
* trigger build
* remove ineffectual assignment
* lint
* drop secret_encrypted_value.uid / add name and version columns
* Secrets: add state machine test for CRUDL+decrpt operations
* make update-workspace
* make update-workspace
* make enterprise-dev
* make update-workspace
* fix go.mod
* make update-workspace
* fix gomod
* make update-workspace
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com>
* Secrets: make operations sync
* k8s gen / update query to list secure values to include the version
* always store new version of a secret
* make update-workspace
* go mod tidy
* update queries
* update queries
* improve and use testutils in decrypt_store_test
* fix broken test
* make update-workspace
* ./hack/update-codegen.sh secret
* update Test_SecureValueMetadataStorage_CreateAndRead
* undo dependency changes
* linter: fix remaining errors
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com>
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>
Matheus Macabu
Bruno
Mike
Michael Mandrus
Stephanie Hingtgen
Daniele Stefano Ferru
Peter Štibraný
lean.dev
Ryan McKinley
Dana Axinte