Plugins: add env variables needed for the secure socks proxy in the plugins sdk (#65878)

2025-02-25 18:55:37 -06:00 · 2023-04-07 09:20:25 -05:00 · 2023-04-07 09:20:25 -05:00 · 536fad5b61
commit 536fad5b61
parent fcdbb7a86f
6 changed files with 27 additions and 9 deletions
--- a/go.mod
+++ b/go.mod
@ -67,7 +67,7 @@ require (
 	github.com/grafana/cuetsy v0.1.6
 	github.com/grafana/grafana-aws-sdk v0.12.0
 	github.com/grafana/grafana-azure-sdk-go v1.6.0
-	github.com/grafana/grafana-plugin-sdk-go v0.158.0
+	github.com/grafana/grafana-plugin-sdk-go v0.159.0
 	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0
 	github.com/hashicorp/go-hclog v1.2.0
 	github.com/hashicorp/go-plugin v1.4.3
--- a/go.sum
+++ b/go.sum
@ -1299,6 +1299,8 @@ github.com/grafana/grafana-plugin-sdk-go v0.157.0 h1:Qm0r5A4TsG+Tmy8Vagffqv21t3R
 github.com/grafana/grafana-plugin-sdk-go v0.157.0/go.mod h1:FwinU1fti54nWWsacIdL8D2WfYcKOWB2VRMtxnBbY+o=
 github.com/grafana/grafana-plugin-sdk-go v0.158.0 h1:kucTwr4LEa6hoSunnRqkuEeJOgbBTFrhdGNkJrMV4Zg=
 github.com/grafana/grafana-plugin-sdk-go v0.158.0/go.mod h1:7/F3lL/w3MGuZTwu0jam5oL/4zNOQmhs2k8WZ9VlzhI=
+github.com/grafana/grafana-plugin-sdk-go v0.159.0 h1:tjqzTe/wz+1zzaeHpOJvBvSvZFx/bJUSHj6WA8HJqhE=
+github.com/grafana/grafana-plugin-sdk-go v0.159.0/go.mod h1:7/F3lL/w3MGuZTwu0jam5oL/4zNOQmhs2k8WZ9VlzhI=
 github.com/grafana/kindsys v0.0.0-20230309200316-812b9884a375 h1:iWFjqAU5GjIV/HetIE/Me6VF3SRw29u5QviMVbJUVQo=
 github.com/grafana/kindsys v0.0.0-20230309200316-812b9884a375/go.mod h1:213a3clTiegHfheYcLPLeEyHv/azK/fAF67OEbzuLzw=
 github.com/grafana/phlare/api v0.1.3 h1:mYTaE9mLsAW/uzPXlW/PQSLsZ4ojBFA+oAMfR/PDdw8=
--- a/pkg/infra/proxy/secure_socks_proxy_test.go
+++ b/pkg/infra/proxy/secure_socks_proxy_test.go
@ -67,12 +67,6 @@ func TestSecureSocksProxyEnabledOnDS(t *testing.T) {
 				},
 				enabled: false,
 			},
-			{
-				instanceSettings: &backend.AppInstanceSettings{
-					JSONData: []byte("{ \"enableSecureSocksProxy\": \"nonbool\" }"),
-				},
-				enabled: false,
-			},
 			{
 				instanceSettings: &backend.AppInstanceSettings{
 					JSONData: []byte("{ \"enableSecureSocksProxy\": false }"),
--- a/pkg/plugins/config/config.go
+++ b/pkg/plugins/config/config.go
@ -24,6 +24,9 @@ type Cfg struct {
 	// Azure Cloud settings
 	Azure *azsettings.AzureSettings

+	// Proxy Settings
+	ProxySettings setting.SecureSocksDSProxySettings
+
 	BuildVersion string // TODO Remove

 	LogDatasourceRequests bool
@ -34,8 +37,8 @@ type Cfg struct {
 }

 func NewCfg(devMode bool, pluginsPath string, pluginSettings setting.PluginSettings, pluginsAllowUnsigned []string,
-	awsAllowedAuthProviders []string, awsAssumeRoleEnabled bool, azure *azsettings.AzureSettings, grafanaVersion string,
-	logDatasourceRequests bool, pluginsCDNURLTemplate string, tracing Tracing) *Cfg {
+	awsAllowedAuthProviders []string, awsAssumeRoleEnabled bool, azure *azsettings.AzureSettings, secureSocksDSProxy setting.SecureSocksDSProxySettings,
+	grafanaVersion string, logDatasourceRequests bool, pluginsCDNURLTemplate string, tracing Tracing) *Cfg {
 	return &Cfg{
 		log:                     log.New("plugin.cfg"),
 		PluginsPath:             pluginsPath,
@ -46,6 +49,7 @@ func NewCfg(devMode bool, pluginsPath string, pluginSettings setting.PluginSetti
 		AWSAllowedAuthProviders: awsAllowedAuthProviders,
 		AWSAssumeRoleEnabled:    awsAssumeRoleEnabled,
 		Azure:                   azure,
+		ProxySettings:           secureSocksDSProxy,
 		LogDatasourceRequests:   logDatasourceRequests,
 		PluginsCDNURLTemplate:   pluginsCDNURLTemplate,
 		Tracing:                 tracing,
--- a/pkg/plugins/manager/loader/initializer/initializer.go
+++ b/pkg/plugins/manager/loader/initializer/initializer.go
@ -4,10 +4,12 @@ import (
 	"context"
 	"fmt"
 	"os"
+	"strconv"
 	"strings"

 	"github.com/grafana/grafana-aws-sdk/pkg/awsds"
 	"github.com/grafana/grafana-azure-sdk-go/azsettings"
+	"github.com/grafana/grafana-plugin-sdk-go/backend/proxy"

 	"github.com/grafana/grafana/pkg/plugins"
 	"github.com/grafana/grafana/pkg/plugins/config"
@ -63,6 +65,7 @@ func (i *Initializer) envVars(plugin *plugins.Plugin) []string {
 	}

 	hostEnv = append(hostEnv, i.awsEnvVars()...)
+	hostEnv = append(hostEnv, i.secureSocksProxyEnvVars()...)
 	hostEnv = append(hostEnv, azsettings.WriteToEnvStr(i.cfg.Azure)...)

 	// Tracing
@ -97,6 +100,20 @@ func (i *Initializer) awsEnvVars() []string {
 	return variables
 }

+func (i *Initializer) secureSocksProxyEnvVars() []string {
+	var variables []string
+	if i.cfg.ProxySettings.Enabled {
+		variables = append(variables, proxy.PluginSecureSocksProxyClientCert+"="+i.cfg.ProxySettings.ClientCert)
+		variables = append(variables, proxy.PluginSecureSocksProxyClientKey+"="+i.cfg.ProxySettings.ClientKey)
+		variables = append(variables, proxy.PluginSecureSocksProxyRootCACert+"="+i.cfg.ProxySettings.RootCA)
+		variables = append(variables, proxy.PluginSecureSocksProxyProxyAddress+"="+i.cfg.ProxySettings.ProxyAddress)
+		variables = append(variables, proxy.PluginSecureSocksProxyServerName+"="+i.cfg.ProxySettings.ServerName)
+		variables = append(variables, proxy.PluginSecureSocksProxyEnabled+"="+strconv.FormatBool(i.cfg.ProxySettings.Enabled))
+	}
+
+	return variables
+}
+
 type pluginSettings map[string]string

 func (ps pluginSettings) asEnvVar(prefix string, hostEnv []string) []string {
--- a/pkg/services/pluginsintegration/config/config.go
+++ b/pkg/services/pluginsintegration/config/config.go
@ -33,6 +33,7 @@ func ProvideConfig(settingProvider setting.Provider, grafanaCfg *setting.Cfg) (*
 		allowedAuth,
 		aws.KeyValue("assume_role_enabled").MustBool(grafanaCfg.AWSAssumeRoleEnabled),
 		grafanaCfg.Azure,
+		grafanaCfg.SecureSocksDSProxy,
 		grafanaCfg.BuildVersion,
 		grafanaCfg.PluginLogBackendRequests,
 		grafanaCfg.PluginsCDNURLTemplate,