Auth: configure SSO settings reload interval from the ini file (#80290)

* configure sso reload interval from ini file

* change section name to sso_settings

conf/defaults.ini

@@ -577,6 +577,13 @@ id_response_header_prefix = X-Grafana
 # The header value will encode the namespace ("user:<id>", "api-key:<id>", "service-account:<id>")
 id_response_header_namespaces = user api-key service-account
 
+#################################### SSO Settings ###########################
+[sso_settings]
+# interval for reloading the SSO Settings from the database
+# useful in high availability setups running multiple Grafana instances
+# set to 0 to disable this feature
+reload_interval = 1m
+
 #################################### Anonymous Auth ######################
 [auth.anonymous]
 # enable anonymous access
@@ -592,7 +599,7 @@ org_role = Viewer
 hide_version = false
 
 # number of devices in total
-device_limit = 
+device_limit =
 
 #################################### GitHub Auth #########################
 [auth.github]
@@ -843,7 +850,7 @@ skip_org_role_sync = false
 sync_cron = "0 1 * * *"
 active_sync_enabled = true
 
-#################################### AWS ###########################
+#################################### AWS #####################################
 [aws]
 # Enter a comma-separated list of allowed AWS authentication providers.
 # Options are: default (AWS SDK Default), keys (Access && secret key), credentials (Credentials field), ec2_iam_role (EC2 IAM Role)

pkg/services/ssosettings/ssosettingsimpl/service.go

@@ -252,7 +252,12 @@ func (s *SSOSettingsService) encryptSecrets(ctx context.Context, settings map[st
 }
 
 func (s *SSOSettingsService) Run(ctx context.Context) error {
-	ticker := time.NewTicker(1 * time.Minute)
+	interval := s.cfg.SSOSettingsReloadInterval
+	if interval == 0 {
+		return nil
+	}
+
+	ticker := time.NewTicker(interval)
 
 	// start a background process for reloading the SSO settings for all providers at a fixed interval
 	// it is useful for high availability setups running multiple Grafana instances

pkg/setting/setting.go

@@ -342,6 +342,9 @@ type Cfg struct {
 	ExtendedJWTExpectIssuer   string
 	ExtendedJWTExpectAudience string
 
+	// SSO Settings Auth
+	SSOSettingsReloadInterval time.Duration
+
 	// Dataproxy
 	SendUserHeader                 bool
 	DataProxyLogging               bool
@@ -1623,6 +1626,10 @@ func readAuthSettings(iniFile *ini.File, cfg *Cfg) (err error) {
 
 	cfg.AuthProxyHeadersEncoded = authProxy.Key("headers_encoded").MustBool(false)
 
+	// SSO Settings
+	ssoSettings := iniFile.Section("sso_settings")
+	cfg.SSOSettingsReloadInterval = ssoSettings.Key("reload_interval").MustDuration(1 * time.Minute)
+
 	return nil
 }