* Add prefixed API key gen.
* Retrieve API Key by hash
* Handle prefixed API keys for login
* Add placeholder key generator
* fix spelling
* add get by hash sqlstore test
* reformat query
* quote usage of reserved keyword key
* use constant
* improve error handling and pre-select key type
Co-authored-by: Victor Cinaglia <victor@grafana.com>
* nits
Co-authored-by: Victor Cinaglia <victor@grafana.com>
This commit adds a pkg/services/screenshot package for taking and uploading screenshots of Grafana dashboards. It supports taking screenshots of both dashboards and individual panels within a dashboard, using the rendering service.
The screenshot package has the following services, most of which can be composed:
BrowserScreenshotService (Takes screenshots with headless Chrome)
CachableScreenshotService (Caches screenshots taken with another service such as BrowserScreenshotService)
NoopScreenshotService (A no-op screenshot service for tests)
SingleFlightScreenshotService (Prevents duplicate screenshots when taking screenshots of the same dashboard or panel in parallel)
ScreenshotUnavailableService (A screenshot service that returns ErrScreenshotsUnavailable)
UploadingScreenshotService (A screenshot service that uploads taken screenshots)
The screenshot package does not support wire dependency injection yet. ngalert constructs its own version of the service. See https://github.com/grafana/grafana/issues/49296
This PR also adds an ImageScreenshotService to ngAlert. This is used to take screenshots with a screenshotservice and then store their location reference for use by alert instances and notifiers.
* adds an api endpoint for use with public dashboards that validates orgId, dashboard, and panel when running a query. This feature is in ALPHA and should not be enabled yet. Testing is based on new mock sqlstore.
Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com>
* Encryption: Add support to encrypt/decrypt sjd
* Add datasources.Service as a proxy to datasources db operations
* Encrypt ds.SecureJsonData before calling SQLStore
* Move ds cache code into ds service
* Fix tlsmanager tests
* Fix pluginproxy tests
* Remove some securejsondata.GetEncryptedJsonData usages
* Add pluginsettings.Service as a proxy for plugin settings db operations
* Add AlertNotificationService as a proxy for alert notification db operations
* Remove some securejsondata.GetEncryptedJsonData usages
* Remove more securejsondata.GetEncryptedJsonData usages
* Fix lint errors
* Minor fixes
* Remove encryption global functions usages from ngalert
* Fix lint errors
* Minor fixes
* Minor fixes
* Remove securejsondata.DecryptedValue usage
* Refactor the refactor
* Remove securejsondata.DecryptedValue usage
* Move securejsondata to migrations package
* Move securejsondata to migrations package
* Minor fix
* Fix integration test
* Fix integration tests
* Undo undesired changes
* Fix tests
* Add context.Context into encryption methods
* Fix tests
* Fix tests
* Fix tests
* Trigger CI
* Fix test
* Add names to params of encryption service interface
* Remove bus from CacheServiceImpl
* Add logging
* Add keys to logger
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Add missing key to logger
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Undo changes in markdown files
* Fix formatting
* Add context to secrets service
* Rename decryptSecureJsonData to decryptSecureJsonDataFn
* Name args in GetDecryptedValueFn
* Add template back to NewAlertmanagerNotifier
* Copy GetDecryptedValueFn to ngalert
* Add logging to pluginsettings
* Fix pluginsettings test
Co-authored-by: Tania B <yalyna.ts@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Add encryption service
* Add tests for encryption service
* Inject encryption service into http server
* Replace encryption global function usage in login tests
* Migrate to Wire
* Move Encryption bindings to OSS Wire set
* Chore: Refactor securedata to remove global encryption calls from dashboard snapshots
* Fix dashboard snapshot tests
* Remove no longer user test
* Add dashboard snapshots service tests
* Refactor service initialization
* Set up dashboard snapshots service as a background service
Co-authored-by: Tania B <yalyna.ts@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Fixes#30144
Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
* Add validation for grafana recipient
* Alertmanager API implementation (WIP)
* Fix encoding/decoding receiver settings from/to YAML
* Save templates together with the configuration
* update POST to apply latest config
* Alertmanager service enabled by the ngalert toggle
* Silence API integration with Alertmanager
* Apply suggestions from code review
Co-authored-by: gotjosh <josue@grafana.com>
Co-authored-by: Ganesh Vernekar <15064823+codesome@users.noreply.github.com>
* end 2 end
* fix import
* refactor
* introduce securedata
* check err
* use testify instead of convey
* cleanup test
* cleanup test
* blob time
* rename funcs
Enables creating signed URLs when uploading images to Google Cloud Storage.
By using signed urls, not only is the public URL expiration configurable but the
images in the bucket are not publicly accessible.
Fixes#26773
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
The external image storage for GCS creates the JWT Token from a credentials file,
but if your Grafana server runs under a GCE instance with a service account on it,
you can use that instead (you don't have to manage/secure the credentials file).
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Replicate SDK behaviour for WebIdentityRole
Fix#20473
* Use WebIdentityRole in s3 uploader as well
* Use consistent casing
* use WebIdentityRole to assume another role
Co-authored-by: eV <ev@7pr.xyz>
