feat(storage): Wire up storage buckets in session recording

internal/daemon/controller/controller.go

@@ -83,7 +83,7 @@ var (
 	downstreamersFactory           func(context.Context, string, string) (common.Downstreamers, error)
 	downstreamWorkersTickerFactory func(context.Context, string, string, common.Downstreamers, downstreamReceiver) (downstreamWorkersTicker, error)
 	commandClientFactory           func(context.Context, *Controller) error
-	extControllerFactory           func(ctx context.Context, c *Controller, r db.Reader, w db.Writer) (intglobals.ControllerExtension, error)
+	extControllerFactory           func(ctx context.Context, c *Controller, r db.Reader, w db.Writer, kms *kms.Kms) (intglobals.ControllerExtension, error)
 )
 
 type Controller struct {
@@ -448,7 +448,7 @@ func New(ctx context.Context, conf *Config) (*Controller, error) {
 	}
 
 	if extControllerFactory != nil {
-		if c.ControllerExtension, err = extControllerFactory(ctx, c, dbase, dbase); err != nil {
+		if c.ControllerExtension, err = extControllerFactory(ctx, c, dbase, dbase, c.kms); err != nil {
 			return nil, fmt.Errorf("unable to extend controller: %w", err)
 		}
 	}

internal/daemon/controller/handlers/targets/target_service.go

@@ -42,7 +42,6 @@ import (
 	pb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/targets"
 	fm "github.com/hashicorp/boundary/version"
 	"github.com/hashicorp/go-bexpr"
-	wrapping "github.com/hashicorp/go-kms-wrapping/v2"
 	"github.com/hashicorp/go-multierror"
 	"github.com/hashicorp/go-secure-stdlib/strutil"
 	"github.com/mr-tron/base58"
@@ -690,7 +689,7 @@ func AuthorizeSessionWithWorkerFilter(_ context.Context, t target.Target, select
 	return selectedWorkers, nil, nil
 }
 
-func DefaultPostSessionAuthorizationCallback(context.Context, intglobals.ControllerExtension, wrapping.Wrapper, *target.Repository, target.Target, *session.Session, *server.Worker) error {
+func DefaultPostSessionAuthorizationCallback(context.Context, intglobals.ControllerExtension, *kms.Kms, *target.Repository, target.Target, *session.Session, *server.Worker) error {
 	return nil
 }
 
@@ -1104,7 +1103,7 @@ func (s Service) AuthorizeSession(ctx context.Context, req *pbs.AuthorizeSession
 	if err := PostSessionAuthorizationCallback(
 		ctx,
 		s.controllerExt,
-		s.kmsCache.GetExternalWrappers(ctx).Bsr(),
+		s.kmsCache,
 		repo,
 		t,
 		sess,

internal/storage/plugin/client.go

@@ -13,9 +13,9 @@ import (
 // to a worker through a CommandClientProducer to a corresponding storage plugin.
 type StorageProxyClient interface {
 	// OnCreateStorageBucket is a hook that runs when a storage bucket is created.
-	OnCreateStorageBucket(context.Context, *wpbs.OnCreateStorageBucketRequest) (*wpbs.OnCreateStorageBucketResponse, error)
+	OnCreateStorageBucket(context.Context, string, *wpbs.OnCreateStorageBucketRequest) (*wpbs.OnCreateStorageBucketResponse, error)
 	// OnUpdateStorageBucket is a hook that runs when a storage bucket is updated.
-	OnUpdateStorageBucket(context.Context, *wpbs.OnUpdateStorageBucketRequest) (*wpbs.OnUpdateStorageBucketResponse, error)
+	OnUpdateStorageBucket(context.Context, string, *wpbs.OnUpdateStorageBucketRequest) (*wpbs.OnUpdateStorageBucketResponse, error)
 	// OnDeleteStorageBucket is a hook that runs when a storage bucket is deleted.
-	OnDeleteStorageBucket(context.Context, *wpbs.OnDeleteStorageBucketRequest) (*wpbs.OnDeleteStorageBucketResponse, error)
+	OnDeleteStorageBucket(context.Context, string, *wpbs.OnDeleteStorageBucketRequest) (*wpbs.OnDeleteStorageBucketResponse, error)
 }