Commit Graph

169 Commits

Author SHA1 Message Date
Arve Knudsen
f326b79cc1
Security: Add gosec G304 auditing annotations (#29578)
* Security: Add gosec G304 auditing annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* space

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: bergquist <carl.bergquist@gmail.com>
2020-12-03 22:13:06 +01:00
Arve Knudsen
f2b7fbc32a
Chore: Check errors from Close calls (#29562)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 10:11:14 +01:00
Arve Knudsen
4dd7b7a82d
Chore: Remove unused Go code (#28852)
* Chore: Remove more unused Go code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-17 11:51:31 +01:00
Arve Knudsen
3d3a7cbba8
Chore: Fix staticcheck issues (#28860)
* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-05 13:07:06 +01:00
Arve Knudsen
494c20db5f
gtime: Add ParseDuration function (#28525)
* gtime: Make calculations independent of current time

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Introduce gtime.ParseDuration function

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* gtime: Fix ParseDuration

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-02 19:26:19 +01:00
Arve Knudsen
70c7724b65
GCS image uploader: Add tests (#28521)
* GCS uploader: Add tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Use go generate

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-26 20:35:12 +01:00
gastonqiu
1646de4540
Image uploader: Fix uploading of images to GCS (#26493)
* GCS image uploader: Re-implement with Google SDK

Signed-off-by: gaston.qiu <gaston.qiu@umbocv.com>
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-24 13:00:36 +02:00
Will Browne
ef22ff7315
Snapshots: Store dashboard data encrypted in the database (#28129)
* end 2 end

* fix import

* refactor

* introduce securedata

* check err

* use testify instead of convey

* cleanup test

* cleanup test

* blob time

* rename funcs
2020-10-13 10:19:42 +02:00
Arve Knudsen
a5d9196a53
Chore/fix lint issues (#27704)
* Chore: Fix linting issues

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-09-22 16:22:19 +02:00
Marcos Mendez
4e94c0959a
Image Store: Add support for using signed URLs when uploading images to GCS (#26840)
Enables creating signed URLs when uploading images to Google Cloud Storage. 
By using signed urls, not only is the public URL expiration configurable but the 
images in the bucket are not publicly accessible.

Fixes #26773

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-09-07 19:10:14 +02:00
Emil Tullstedt
b68634fbb4
Tests: Batch of GoConvey to Testify conversions (#27008) 2020-08-14 14:43:25 +02:00
Arve Knudsen
1698c74ec1
Chore: Fix tests for Go 1.15 (#26957)
* Chore: Fix tests for Go 1.15
2020-08-12 17:45:03 +02:00
Arve Knudsen
415638cdda
Chore: Use interfaces where possible (#26392)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-23 08:17:20 +02:00
Arve Knudsen
4c56eb3991
Chore: Enable goprintffuncname and nakedret linters (#26376)
* Chore: Enable goprintffuncname linter
* Chore: Enable nakedret linter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-23 08:14:39 +02:00
Arve Knudsen
d4e4cb4c71
Chore: Enable Go linter gocritic (#26224)
* Chore: Enable gocritic linter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-16 14:39:01 +02:00
Arve Knudsen
9285595c50
tsdb/postgres: Support Unix socket for host (#25778)
* tsdb/postgres: Support Unix socket for host

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix host regex

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix host regex

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove panic

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix host parsing; add tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Add test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Use strings.HasPrefix to detect Unix socket host

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove debug logging

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Escape single quotes and backslashes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Test generateConnectionString as requested in review

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Add test case for SSL mode

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-09 14:57:09 +02:00
Arve Knudsen
41d432b5ae
Chore: Enable whitespace linter (#25903)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-06 20:17:28 +02:00
Labesse Kévin
8e7a88faff
Imagestore: Fallback to application default credentials when no key file is specified for GCS (#25948)
The external image storage for GCS creates the JWT Token from a credentials file, 
but if your Grafana server runs under a GCE instance with a service account on it, 
you can use that instead (you don't have to manage/secure the credentials file).

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-07-06 15:02:58 +02:00
Arve Knudsen
3651a8e976
Chore: Disable scopelint for tests (#25923)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-30 11:05:47 +02:00
Arve Knudsen
d1e6214a4a
Chore: Enable scopelint Go linter (#25896)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-29 17:04:38 +02:00
Arve Knudsen
5070f7a75b
Chore: Start harmonizing linting with plugin SDK (#25854)
* Chore: Harmonize linting with plugin SDK

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix linting issues

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-29 14:08:32 +02:00
Arve Knudsen
07582a8e85
Chore: Fix various spelling errors in back-end code (#25241)
* Chore: Fix various spelling errors in back-end code
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>>
2020-06-01 17:11:25 +02:00
Kyle Brandt
81e3f93677
Backend Readme: Add section on avoiding simplejson (#25116) 2020-05-26 14:32:00 -04:00
Ivana Huckova
1c58202b26
@grafana/ui: Replace various icons using Icon component (#23442)
* Replace icons in dashboard and settings

* Replace icons in alerting

* Update batch of icons

* Implement icons accross various files

* Style updates

* Search: Fix recent and starred icons

* Update styling and details

* Replace new icon created by unicons

* Fix e2e test, styling

* Minor styling updates

Co-authored-by: Clarity-89 <homes89@ukr.net>
2020-04-12 22:20:02 +02:00
Dário Nascimento
7329671793
Cloudwatch: prefer webIdentity over EC2 role (#23452) 2020-04-08 23:58:32 -07:00
Patrik Karlström
dbda5aece9
cloudwatch: Replicate SDK behaviour for WebIdentityRole (#21594)
* Replicate SDK behaviour for WebIdentityRole

Fix #20473

* Use WebIdentityRole in s3 uploader as well

* Use consistent casing

* use WebIdentityRole to assume another role

Co-authored-by: eV <ev@7pr.xyz>
2020-04-08 15:05:24 +02:00
Kyle Brandt
80729e9fb1
Chore: remove unused go package dynmap (#23409) 2020-04-07 14:58:10 -04:00
Agnès Toulet
56687a08f9
Core: use go-datemath in timerange utility (#23120)
* Core: use go-datemath in time_range

* Core: update timerange for negative epoch

* Core: update gtime component

* Core: clean up time_range tests

* Update pkg/components/gtime/gtime.go

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* Core: clean gtime tests

* components/gtime: Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-06 09:00:05 +02:00
Torkel Ödegaard
da37f4c83f
XSS: Fixed history XSS issue (#22680) 2020-03-10 14:56:27 +01:00
Marcus Efraimsson
71ffd1d108
Alerting: Fix image rendering and uploading timeout preventing to send alert notifications (#21536)
* svc alerting - use a shorter ctx to upload the img
This will prevent timeout on img upload to cancel the notifications from being sent

* components img uploader - pass the ctx to aws lib

* make webdavuploader use the ctx

* make azureblobuploader use the ctx

* rename uploadImage() to renderAndUploadImage()
for better clarity about what this method work

* Use timeout + 2s for plugin renderer (same as service and phantomjs)

* Make sure that original EvalContext is updated after render and upload

* Verify notification sent even if render or image upload times out

* fix lint

* fixes after review

Co-authored-by: Edouard Hur <3418467+hekmon@users.noreply.github.com>

Fixes #21018
2020-01-17 12:07:16 +01:00
Paul Emmerich
42032f6c03 ImgUploader: add support for non-amazon S3 (#20354)
* imguploader: add support for non-Amazon S3 endpoints and forcing of path-style S3 addressing

fixes #11240

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-01-02 15:10:20 +01:00
Arve Knudsen
35e0e078b7
pkg/util: Check errors (#19832)
* pkg/util: Check errors
* pkg/services: DRY up code
2019-10-23 10:40:12 +02:00
Arve Knudsen
fe8d0d27d2
pkg/components: Check errors (#19703)
* pkg/components: Check errors
2019-10-10 09:06:55 +02:00
Kyle Brandt
e1b2d61ceb
backend: null.Float NaN -> null for json marshal (#18284) 2019-08-06 12:28:48 -04:00
Kyle Brandt
7cac393ddc
datasource: testdata - add predicatable csv wave scenario (#18183) 2019-07-18 13:36:22 -04:00
Oleg Gaidarenko
caa1314f44
Build: use golangci-lint as a make command (#17739)
* Build: use golangci-lint as a make command

* Since gometalinter was deprecated in favor of golangci-lint so it was
  replaced by it. Responsibilities held by the gometalinter was moved to
  golangci-lint

* There was some changes in implementation (that was also mentioned in
  the code comment) between the tools, which uncovered couple errors
  in the code. Those issues were either solved or disabled by
  the inline comments

* Introduce the golangci-lint config, to make their
  configuration more manageable

* Build: replace backend-lint.sh script with make
2019-07-02 16:06:59 +03:00
Carl Bergquist
912df2e284
gtime: some code style refactoring (#17369) 2019-06-10 07:38:31 +02:00
Mario Trangoni
87760d4fde Codestyle: Fix govet issues (#17178)
ref #10381

Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>
2019-06-04 22:00:05 +02:00
Bernard Duggan
a0bb01103e MySQL/Postgres/MSSQL: Add parsing for day, weeks and year intervals in macros (#13086)
closes #11431
2019-05-30 09:58:29 +02:00
CodeLingo Bot
3ff3e0f2ac Defer closing of files (#17213)
Signed-off-by: CodeLingo Bot <bot@codelingo.io>
2019-05-22 08:48:47 +02:00
zhulongcheng
2fff8f77dc move log package to /infra (#17023)
ref #14679

Signed-off-by: zhulongcheng <zhulongcheng.me@gmail.com>
2019-05-13 08:45:54 +02:00
Carl Bergquist
a86b8c8a04
http: remove dualstack since its deprecated (#16940)
Deprecated: Fast Fallback is enabled by default. To
disable, set FallbackDelay to a negative value.

https://golang.org/src/net/dial.go
2019-05-08 10:37:48 +02:00
Oleg Gaidarenko
54c1bf0cc9
Chore: a bit of spring cleaning (#16710)
* Chore: use early return technic everywhere

And enable "indent-error-flow" revive rule

* Chore: remove if-return rule from revive config

* Chore: improve error messages

And enable "error-strings" revive rule

* Chore: enable "error-naming" revive rule

* Chore: make linter happy

* Chore: do not duplicate gofmt execution

* Chore: make linter happy

* Chore: address the pull review comments
2019-04-23 11:24:47 +03:00
Carl Bergquist
3f136e0da9
tech: replace bmizerany/assert with stretchr/testify (#16625)
bmizerany is old and unsupported. so we are replacing it
with stretchr which is an drop in replacement and something
we want to use more in Grafana.
2019-04-17 10:25:58 +02:00
Andrej Ocenas
66f6e16916
Security: Store datasource passwords encrypted in secureJsonData (#16175)
* Store passwords in secureJsonData

* Revert unnecessary refactors

* Fix for nil jsonSecureData value

* Remove copied encryption code from migration

* Fix wrong field reference

* Remove migration and provisioning changes

* Use password getters in datasource proxy

* Refactor password handling in datasource configs

* Add provisioning warnings

* Update documentation

* Remove migration command, moved to separate PR

* Remove unused code

* Set the upgrade version

* Remove unused code

* Remove double reference
2019-04-15 11:11:17 +02:00
Oleg Gaidarenko
1d955a8762
Chore: Implement gosec (#16261)
See https://github.com/securego/gosec for more info.

Disabled a lot of rules. I guess we should go through them
and recheck if we really need to disable some

Fixes #16204
2019-03-28 14:17:07 +01:00
bergquist
1b6203e430 removes error2 logger 2019-01-15 11:49:18 +01:00
Torkel Ödegaard
0a936a55b4 Fixed new gometalinter issues 2019-01-07 11:01:31 +01:00
Mario Trangoni
fadd816d89 pkg/*: Fix misspell issues
See,
$ find . -type f | xargs misspell -locale US | grep -vi -e vendor -e devenv -e Unknwon -e Destory | grep pkg
./pkg/services/sqlstore/org_test.go:190:15: "frome" is a misspelling of "from"
./pkg/tsdb/elasticsearch/response_parser.go:544:24: "Unkown" is a misspelling of "Unknown"
./pkg/tsdb/opentsdb/opentsdb.go:87:20: "marshalling" is a misspelling of "marshaling"
./pkg/components/dynmap/dynmap_test.go:2:7: "Licence" is a misspelling of "License"
./pkg/components/dynmap/dynmap.go:2:7: "Licence" is a misspelling of "License"
2018-12-04 23:29:34 +01:00
Mario Trangoni
dde650905d Fix megacheck issue unused code.
I removed some code, and commented out other one.

See,
$ gometalinter --vendor --disable-all --disable=gotype --enable=megacheck --deadline 6m ./... | grep unused
pkg/api/avatar/avatar.go💯26⚠️ func (*CacheServer).mustInt is unused (U1000) (megacheck)
pkg/api/folder_test.go:136:6⚠️ func callGetFolderByUID is unused (U1000) (megacheck)
pkg/api/folder_test.go:141:6⚠️ func callDeleteFolder is unused (U1000) (megacheck)
pkg/api/live/hub.go:40:15⚠️ func (*hub).removeConnection is unused (U1000) (megacheck)
pkg/components/imguploader/azureblobuploader.go:130:5⚠️ var client is unused (U1000) (megacheck)
pkg/middleware/middleware_test.go:438:28⚠️ func (*scenarioContext).withInvalidApiKey is unused (U1000) (megacheck)
pkg/services/alerting/ticker.go:40:18⚠️ func (*Ticker).updateOffset is unused (U1000) (megacheck)
pkg/services/notifications/notifications_test.go:12:6⚠️ type testTriggeredAlert is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:935:6⚠️ type scenarioContext is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:939:6⚠️ type scenarioFunc is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:941:6⚠️ func dashboardGuardianScenario is unused (U1000) (megacheck)
pkg/services/sqlstore/transactions_test.go:13:6⚠️ type testQuery is unused (U1000) (megacheck)
2018-10-01 18:23:59 +02:00