* Add protobuf config and generated code, and client wrapper
* wire up loading of secretsmanager plugin, using renderer plugin as a model
* update kvstore provider to check if we should use the grpc plugin. return false always in OSS
* add OSS remote plugin check
* refactor wire gen file
* log which secrets manager is being used
* Fix argument types for remote checker
* Turns out if err != nil, then the result is always nil. Return empty values if there is an error.
* remove duplicate import
* ensure atomicity by adding secret management as a step to sql operations and rolling back if necessary
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* refactor RemotePluginCheck interface to just return the Plugin client directly
* rename struct to something less silly
* add special error handling for remote secrets management
* switch to errors.as instead of type inference
* remove unnecessary rollback call
* just declare error once
* refactor .proto file according to prior PR suggestions
* re-generate protobuf files and fix compilation errors
* only wrap (ergo display in the front end) errors that are user friendly from the plugin
* rename error type to suggest user friendly only
* rename plugin functions to be more descriptive
* change delete message name
* Revert "change delete message name"
This reverts commit 8ca978301e.
* Revert "rename plugin functions to be more descriptive"
This reverts commit 4355c9b9ff.
* fix pointer to pointer problem
* change plugin user error to just hold a string
* fix sequencing problem with datasource updates
* clean up some return statements
* need to wrap multiple transactions with the InTransaction() func in order to keep the lock
* make linter happy
* revert input var name
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* context all the things
* apply feedback
* rollback some alerting changes
* rollback some alerting changes #2
* more rollbacks
* more rollbacks #2
* more rollbacks #3
* more rollbacks #4
* fix integration test
* add missing context
* add missing and remove incorrect dispatch
* Encryption: Add support to encrypt/decrypt sjd
* Add datasources.Service as a proxy to datasources db operations
* Encrypt ds.SecureJsonData before calling SQLStore
* Move ds cache code into ds service
* Fix tlsmanager tests
* Fix pluginproxy tests
* Remove some securejsondata.GetEncryptedJsonData usages
* Add pluginsettings.Service as a proxy for plugin settings db operations
* Add AlertNotificationService as a proxy for alert notification db operations
* Remove some securejsondata.GetEncryptedJsonData usages
* Remove more securejsondata.GetEncryptedJsonData usages
* Fix lint errors
* Minor fixes
* Remove encryption global functions usages from ngalert
* Fix lint errors
* Minor fixes
* Minor fixes
* Remove securejsondata.DecryptedValue usage
* Refactor the refactor
* Remove securejsondata.DecryptedValue usage
* Move securejsondata to migrations package
* Move securejsondata to migrations package
* Minor fix
* Fix integration test
* Fix integration tests
* Undo undesired changes
* Fix tests
* Add context.Context into encryption methods
* Fix tests
* Fix tests
* Fix tests
* Trigger CI
* Fix test
* Add names to params of encryption service interface
* Remove bus from CacheServiceImpl
* Add logging
* Add keys to logger
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Add missing key to logger
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Undo changes in markdown files
* Fix formatting
* Add context to secrets service
* Rename decryptSecureJsonData to decryptSecureJsonDataFn
* Name args in GetDecryptedValueFn
* Add template back to NewAlertmanagerNotifier
* Copy GetDecryptedValueFn to ngalert
* Add logging to pluginsettings
* Fix pluginsettings test
Co-authored-by: Tania B <yalyna.ts@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Chore: Collect elasticsearch version usage stats
* Fix lint error
* use GetDataSources from sqlstore
* Apply review suggestions
* Return error if datasource type is not specified
* Update pkg/services/sqlstore/datasource.go
* fix undefined var
* update go-mssqldb package
* mssql: support for Windows integrated security
Adds a dropdown to the config page to choose between
SQL Server auth and Windows auth. If the login/username
is empty then the go-mssqldb driver will use single sign on
(Windows integrated security) if on Windows.
* mssql: update ds - don't ignore the user column
* SQLStore: customise the limit of retrieved datasources per organisation
* update all suggestions regarding nil or 0 as default
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* correct default.ini description + adding unittest
* Apply suggestions from code review
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* modify unittest name
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* Metrics: remove unused metrics
Metric `M_Grafana_Version` is not used anywhere, nor the mentioned
`M_Grafana_Build_Version`. Seems to be an artefact?
* Metrics: make the naming consistent
* Metrics: add comments to exported vars
* Metrics: use proper naming
Fixes#18110
* Store passwords in secureJsonData
* Revert unnecessary refactors
* Fix for nil jsonSecureData value
* Remove copied encryption code from migration
* Fix wrong field reference
* Remove migration and provisioning changes
* Use password getters in datasource proxy
* Refactor password handling in datasource configs
* Add provisioning warnings
* Update documentation
* Remove migration command, moved to separate PR
* Remove unused code
* Set the upgrade version
* Remove unused code
* Remove double reference
if the sql query failed has is false and the method will return
m.ErrDataSourceNotFound which is incorrect. We now return the
correct error message from the query
ref #10843
Use a SecureJsonData field for TLS
Client Auth instead of 3 new db
fields. Same model as used for
PluginSettings.
Saves and encrypts the pem file
content rather than just saving
the paths to the cert and key.
This allows for uploading from
the Edit Datasource page in
Grafana.
