Enables creating signed URLs when uploading images to Google Cloud Storage.
By using signed urls, not only is the public URL expiration configurable but the
images in the bucket are not publicly accessible.
Fixes#26773
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
The external image storage for GCS creates the JWT Token from a credentials file,
but if your Grafana server runs under a GCE instance with a service account on it,
you can use that instead (you don't have to manage/secure the credentials file).
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Replicate SDK behaviour for WebIdentityRole
Fix#20473
* Use WebIdentityRole in s3 uploader as well
* Use consistent casing
* use WebIdentityRole to assume another role
Co-authored-by: eV <ev@7pr.xyz>
* svc alerting - use a shorter ctx to upload the img
This will prevent timeout on img upload to cancel the notifications from being sent
* components img uploader - pass the ctx to aws lib
* make webdavuploader use the ctx
* make azureblobuploader use the ctx
* rename uploadImage() to renderAndUploadImage()
for better clarity about what this method work
* Use timeout + 2s for plugin renderer (same as service and phantomjs)
* Make sure that original EvalContext is updated after render and upload
* Verify notification sent even if render or image upload times out
* fix lint
* fixes after review
Co-authored-by: Edouard Hur <3418467+hekmon@users.noreply.github.com>
Fixes#21018
* imguploader: add support for non-Amazon S3 endpoints and forcing of path-style S3 addressing
fixes#11240
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
See https://github.com/securego/gosec for more info.
Disabled a lot of rules. I guess we should go through them
and recheck if we really need to disable some
Fixes#16204
I removed some code, and commented out other one.
See,
$ gometalinter --vendor --disable-all --disable=gotype --enable=megacheck --deadline 6m ./... | grep unused
pkg/api/avatar/avatar.go💯26⚠️ func (*CacheServer).mustInt is unused (U1000) (megacheck)
pkg/api/folder_test.go:136:6⚠️ func callGetFolderByUID is unused (U1000) (megacheck)
pkg/api/folder_test.go:141:6⚠️ func callDeleteFolder is unused (U1000) (megacheck)
pkg/api/live/hub.go:40:15⚠️ func (*hub).removeConnection is unused (U1000) (megacheck)
pkg/components/imguploader/azureblobuploader.go:130:5⚠️ var client is unused (U1000) (megacheck)
pkg/middleware/middleware_test.go:438:28⚠️ func (*scenarioContext).withInvalidApiKey is unused (U1000) (megacheck)
pkg/services/alerting/ticker.go:40:18⚠️ func (*Ticker).updateOffset is unused (U1000) (megacheck)
pkg/services/notifications/notifications_test.go:12:6⚠️ type testTriggeredAlert is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:935:6⚠️ type scenarioContext is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:939:6⚠️ type scenarioFunc is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:941:6⚠️ func dashboardGuardianScenario is unused (U1000) (megacheck)
pkg/services/sqlstore/transactions_test.go:13:6⚠️ type testQuery is unused (U1000) (megacheck)
See,
$ gometalinter --disable-all --enable misspell --deadline 10m --vendor ./...
pkg/api/dtos/alerting_test.go:32:13⚠️ "expectes" is a misspelling of "expects" (misspell)
pkg/api/static/static.go:2:18⚠️ "Unknwon" is a misspelling of "Unknown" (misspell)
pkg/components/imguploader/azureblobuploader.go:55:48⚠️ "conatiner" is a misspelling of "container" (misspell)
pkg/login/ldap_settings.go:51:115⚠️ "compatability" is a misspelling of "compatibility" (misspell)
pkg/middleware/auth_proxy_test.go:122:22⚠️ "Destory" is a misspelling of "Destroy" (misspell)
pkg/middleware/logger.go:2:18⚠️ "Unknwon" is a misspelling of "Unknown" (misspell)
pkg/services/notifications/codes.go:9:13⚠️ "Unknwon" is a misspelling of "Unknown" (misspell)
pkg/services/session/mysql.go:170:3⚠️ "Destory" is a misspelling of "Destroy" (misspell)
pkg/services/session/mysql.go:171:24⚠️ "Destory" is a misspelling of "Destroy" (misspell)
pkg/services/session/session.go:95:4⚠️ "Destory" is a misspelling of "Destroy" (misspell)
pkg/services/session/session.go:96:1⚠️ "Destory" is a misspelling of "Destroy" (misspell)
pkg/services/session/session.go:167:25⚠️ "Destory" is a misspelling of "Destroy" (misspell)
pkg/setting/setting.go:1:18⚠️ "Unknwon" is a misspelling of "Unknown" (misspell)
pkg/tsdb/cloudwatch/cloudwatch.go:199:14⚠️ "resolutin" is a misspelling of "resolutions" (misspell)
pkg/tsdb/cloudwatch/cloudwatch.go:270:15⚠️ "resolutin" is a misspelling of "resolutions" (misspell)
pkg/tsdb/elasticsearch/response_parser.go:531:24⚠️ "Unkown" is a misspelling of "Unknown" (misspell)
pkg/tsdb/elasticsearch/client/search_request.go:113:7⚠️ "initaite" is a misspelling of "initiate" (misspell)
Note: Unknwon is a library name, and Destory a mysql typo.
* wip: start on refactoring settings
* settings: progress on settings refactor
* refactor: progress on settings refactoring
* fix: fixed failing test
* settings: moved smtp settings from global to instance