The old GrafanaComURL setting didn't have the /api suffix so needed it
adding on by the proxy director, but the new GrafanaComAPIURL setting is
assumed to already point directly to the API and doesn't need an
additional suffix.
This is the only place in the codebase that GrafanaComAPIURL is used.
During the review of the initial PR adding this (#59506) I removed
a new global variable from the setting package, but forgot to update
the reference to the new setting, so the API URL wasn't actually
being used. This PR updates the proxy endpoint to use the API
URL correctly.
Aside: I'm not a huge fan of how the error is being ignored when parsing
the URL, but I think that should be addressed in a separate PR if anyone
has a suggestion for how we should handle it. (Should we check that the
URL is valid when parsing config?)
For a proxied request, e.g. Grafana's datasource or plugin proxy:
If the request is cancelled, e.g. from the browser, the HTTP status code is
now 499 Client closed request instead of 502 Bad gateway.
If the request times out, e.g. takes longer time than allowed, the HTTP status
code is now 504 Gateway timeout instead of 502 Bad gateway.
This also means that request metrics and logs will get their status codes
adjusted according to above.
Fixes#46337Fixes#46338
* fix(catalog): prefer rendering installed version over latest version
* feat(catalog): signify installed version in version history
* feat(catalog): introduce installedVersion and latestVersion
* refactor(catalog): use latestVersion for installation, simplify plugindetails header logic
* refactor(catalog): clean up installedVersion and latestVersion
* feat(catalog): use table-layout so versions list table has consistent column widths
* test(catalog): update failing tests
* removed the need of having a latest version in the plugin catalog type root level.
* fixed flaky test depending on what locale it was being running with.
* added missing test to verify version for a remote plugin.
* fixed version in header.
* preventing the UI from break if no versions are available.
* fixed failing test due to missing mock data.
* added todo as a reminder.
* refactor(catalog): prefer grafana plugin icons over gcom notfound images
* refactor(Plugins/Admin): change constant name
* refactor(Plugins/Admin): add comment to make condition easier to understand
* chore: update go modules
* feat(Backend/Plugins): add "dependencies" field to `PluginListItem`
* feat(Plugins/Admin): show the grafana dependency for the installed version
* refactor(Plugins/Admin): use the local version of links
* refactor(Plugins/Admin): prefer the local version for `.type`
* refactor(Plugins/ADmin): prefer the local `.description` field
* fix(Plugins/Admin): fix tests
* test(plugins/api): update the expected response for the `api/plugins` tests
* chore(Plugins/Admin): add todo comments to check preferation of remote/local values
* feat(backend/api): always send the grafana version as a header when proxying to GCOM
* feat(plugins/admin): use the `isCompatible` flag to get the latest compatible version
* feat(plugins/admin): show the latest compatible version in the versions list
* fix(plugins/admin): show the grafana dependency for the latest compatible version
* fix(plugins/admin): update the version list when installing/uninstalling a plugin
* test(plugins/admin): add some test-cases for the latest-compatible-version
* fix(plugins/admin): show the grafana dependency for the installed version (if installed)
* feat(plugins/backend): add the `dependencies.grafanaDependency` property to the plugin object
* test(plugins/backend): fix tests by adjusting expected response json
Co-authored-by: Marcus Andersson <marcus.andersson@grafana.com>
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* pass url parameters through context.Context
* fix url param names without colon prefix
* change context params to vars
* replace url vars in tests using new api
* rename vars to params
* add some comments
* rename seturlvars to seturlparams
See,
$ gometalinter --vendor --deadline 10m --disable-all --enable=golint ./...
ip.go:8:6⚠️ func SplitIpPort should be SplitIPPort (golint)
url.go:14:6⚠️ func NewUrlQueryReader should be NewURLQueryReader (golint)
url.go:9:6⚠️ type UrlQueryReader should be URLQueryReader (golint)
url.go:37:6⚠️ func JoinUrlFragments should be JoinURLFragments (golint)
TLS was not being verified in a number of places:
- connections to grafana.com
- connections to OAuth providers when TLS client authentication was
enabled
- connections to self-hosted Grafana installations when using the CLI
tool
TLS should always be verified unless the user explicitly enables an
option to skip verification.
Removes some instances where `InsecureSkipVerify` is explicitly set to
`false`, the default, to help avoid confusion and make it more difficult
to regress on this fix by accident.
Adds a `--insecure` flag to `grafana-cli` to skip TLS verification.
Adds a `tls_skip_verify_insecure` setting for OAuth.
Adds a `app_tls_skip_verify_insecure` setting under a new `[plugins]`
section.
I'm not super happy with the way the global setting is used by
`pkg/api/app_routes.go` but that seems to be the existing pattern used.
