f8cd7049e8
Secrets: garbage collection ( #110247 )
...
* clean up older secret versions
* start gargbage collection worker as background service
* make gen-go
* fix typo
* make update-workspace
* undo go mod changes
* undo go work sum changes
* Update pkg/registry/apis/secret/garbagecollectionworker/worker.go
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
* Update pkg/registry/apis/secret/garbagecollectionworker/worker.go
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
* default gc_worker_batch_size to 1 minute
* fix typo
* fix typo
* add test to ensure cleaning up secure values is idempotent
* make gen-go
* make update-workspace
* undo go.mod and .sum changes
* undo enterprise imports
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
2025-09-02 11:11:01 -03:00
80d7892d6a
Secrets: Save owner reference fields in secure value db table ( #108905 )
...
* Secrets: Save owner reference fields in secure value db table
* Save api group and version separately
2025-07-31 10:42:19 +02:00
227799a9f8
Secrets: Add missing indices for secure value (list) and data key (list+read) ( #108763 )
2025-07-28 14:25:06 +02:00
baa89f3eac
Secrets: encryption encryption storage uses versioning ( #108036 )
...
* Secrets: delete unused FakeKeeper
* Secrets: encrypted value storage stores versions
* add version to span
* trigger build
* remove ineffectual assignment
* lint
* drop secret_encrypted_value.uid / add name and version columns
2025-07-14 09:28:07 -03:00
8283d35e56
Secrets: make operations sync ( #107732 )
...
* Secrets: make operations sync
* k8s gen / update query to list secure values to include the version
* always store new version of a secret
* make update-workspace
* go mod tidy
* update queries
* update queries
* improve and use testutils in decrypt_store_test
* fix broken test
* make update-workspace
* ./hack/update-codegen.sh secret
* update Test_SecureValueMetadataStorage_CreateAndRead
* undo dependency changes
* linter: fix remaining errors
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
2025-07-09 10:43:34 -03:00
a59ec345c2
SecretsManager: Introduce metrics and logs ( #107582 )
...
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com >
2025-07-03 17:32:18 +01:00
cfd3b9f582
SecretsManager: outbox use message id ( #107472 )
...
* SecretsManager: outbox use message id
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
* Remove query timestamp
* Add missing query
---------
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com >
2025-07-03 15:21:47 +01:00
0fccc01ebe
SecretsManager: add data key store ( #107396 )
...
* SecretsManager: Add data key store
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com >
* SecretsManager: Add wiring of data key store
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com >
---------
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
2025-06-30 17:17:07 +01:00
6097841e67
SecretsManager: add secure value store ( #106708 )
...
* SecretsManager: add secure value model and sql templates
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com >
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com >
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
* SecretsManager: secure value rest layer to use store
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com >
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com >
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
* SecretsManager: temporary add actor prefix to decrypters
* Remove list securevalue by namefor now
---------
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com >
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
2025-06-16 10:19:44 +01:00
de28231f2f
SecretsManager: Add outbox store ( #106613 )
...
SecretsManager: add outbox store
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
2025-06-12 13:31:48 +01:00
c22b4845bb
SecretsManager: Add encrypted value store ( #106607 )
...
* SecretsManager: add encrypted value store
Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com >
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
* SecretsManager: wiring of encrypted value store
---------
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
2025-06-12 11:52:01 +01:00
5401175562
SecretsManager: Conditionally lock DB before migrations using config setting ( #106003 )
...
Secrets: Conditionally lock DB before migrations using config setting (#105949 )
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
2025-05-26 18:28:53 +01:00
6e5e133f7d
SecretsManager: Introduce db migrator with keeper table ( #105538 )
...
Co-authored-by: PoorlyDefinedBehaviour <brunotj2015@hotmail.com >
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com >
Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com >
2025-05-21 15:02:51 +01:00
Bruno
Matheus Macabu
Dana Axinte