Dimitris Sotirakis
|
c798c0e958
|
Security: Fix directory traversal issue (#42846)
* security: fix dir traversal issue
(cherry picked from commit 00e38ba555)
* Improve comments and error message.
Co-authored-by: Kyle Brandt <kyle@grafana.com>
|
2021-12-07 19:15:53 +02:00 |
|
Will Browne
|
2e3e7a7e55
|
Plugins: Plugin Store API returns DTO model (#41340)
* toying around
* fix refs
* remove unused fields
* go further
* add context
* ensure streaming handler is set
|
2021-11-17 12:04:22 +01:00 |
|
Will Browne
|
b80fbe03f0
|
Plugins: Refactor Plugin Management (#40477)
* add core plugin flow
* add instrumentation
* move func
* remove cruft
* support external backend plugins
* refactor + clean up
* remove comments
* refactor loader
* simplify core plugin path arg
* cleanup loggers
* move signature validator to plugins package
* fix sig packaging
* cleanup plugin model
* remove unnecessary plugin field
* add start+stop for pm
* fix failures
* add decommissioned state
* export fields just to get things flowing
* fix comments
* set static routes
* make image loading idempotent
* merge with backend plugin manager
* re-use funcs
* reorder imports + remove unnecessary interface
* add some TODOs + remove unused func
* remove unused instrumentation func
* simplify client usage
* remove import alias
* re-use backendplugin.Plugin interface
* re order funcs
* improve var name
* fix log statements
* refactor data model
* add logic for dupe check during loading
* cleanup state setting
* refactor loader
* cleanup manager interface
* add rendering flow
* refactor loading + init
* add renderer support
* fix renderer plugin
* reformat imports
* track errors
* fix plugin signature inheritance
* name param in interface
* update func comment
* fix func arg name
* introduce class concept
* remove func
* fix external plugin check
* apply changes from pm-experiment
* fix core plugins
* fix imports
* rename interface
* comment API interface
* add support for testdata plugin
* enable alerting + use correct core plugin contracts
* slim manager API
* fix param name
* fix filter
* support static routes
* fix rendering
* tidy rendering
* get tests compiling
* fix install+uninstall
* start finder test
* add finder test coverage
* start loader tests
* add test for core plugins
* load core + bundled test
* add test for nested plugin loading
* add test files
* clean interface + fix registering some core plugins
* refactoring
* reformat and create sub packages
* simplify core plugin init
* fix ctx cancel scenario
* migrate initializer
* remove Init() funcs
* add test starter
* new logger
* flesh out initializer tests
* refactoring
* remove unused svc
* refactor rendering flow
* fixup loader tests
* add enabled helper func
* fix logger name
* fix data fetchers
* fix case where plugin dir doesn't exist
* improve coverage + move dupe checking to loader
* remove noisy debug logs
* register core plugins automagically
* add support for renderer in catalog
* make private func + fix req validation
* use interface
* re-add check for renderer in catalog
* tidy up from moving to auto reg core plugins
* core plugin registrar
* guards
* copy over core plugins for test infra
* all tests green
* renames
* propagate new interfaces
* kill old manager
* get compiling
* tidy up
* update naming
* refactor manager test + cleanup
* add more cases to finder test
* migrate validator to field
* more coverage
* refactor dupe checking
* add test for plugin class
* add coverage for initializer
* split out rendering
* move
* fixup tests
* fix uss test
* fix frontend settings
* fix grafanads test
* add check when checking sig errors
* fix enabled map
* fixup
* allow manual setup of CM
* rename to cloud-monitoring
* remove TODO
* add installer interface for testing
* loader interface returns
* tests passing
* refactor + add more coverage
* support 'stackdriver'
* fix frontend settings loading
* improve naming based on package name
* small tidy
* refactor test
* fix renderer start
* make cloud-monitoring plugin ID clearer
* add plugin update test
* add integration tests
* don't break all if sig can't be calculated
* add root URL check test
* add more signature verification tests
* update DTO name
* update enabled plugins comment
* update comments
* fix linter
* revert fe naming change
* fix errors endpoint
* reset error code field name
* re-order test to help verify
* assert -> require
* pm check
* add missing entry + re-order
* re-check
* dump icon log
* verify manager contents first
* reformat
* apply PR feedback
* apply style changes
* fix one vs all loading err
* improve log output
* only start when no signature error
* move log
* rework plugin update check
* fix test
* fix multi loading from cfg.PluginSettings
* improve log output #2
* add error abstraction to capture errors without registering a plugin
* add debug log
* add unsigned warning
* e2e test attempt
* fix logger
* set home path
* prevent panic
* alternate
* ugh.. fix home path
* return renderer even if not started
* make renderer plugin managed
* add fallback renderer icon, update renderer badge + prevent changes when renderer is installed
* fix icon loading
* rollback renderer changes
* use correct field
* remove unneccessary block
* remove newline
* remove unused func
* fix bundled plugins base + module fields
* remove unused field since refactor
* add authorizer abstraction
* loader only returns plugins expected to run
* fix multi log output
|
2021-11-01 10:53:33 +01:00 |
|
Will Browne
|
40643ee023
|
track signature files + add warn log (#38938)
|
2021-09-08 08:49:05 +02:00 |
|
Will Browne
|
e0315dabe8
|
Plugins: Use file extension allowlist when serving plugin assets instead of checking for UNIX executable (#37688)
* explicitly check for plugin binary
* remove check completely
* resolve conflicts
* allow module + logos
* add tests
* simplify
* rework to allowlist
* add case
* remove old stuff
* simplify
* add case insensitive test
|
2021-08-09 16:07:54 +02:00 |
|