I renamed `tlsAuth` to `tlsClientAuth` to better describe the fact that
this variable is used to enable TLS client authentication (as opposed to
server authentication) in c04d95f35.
However, changing the name breaks backwards compatibility for existing
installations using this feature and Grafana does not have a
standardised way of migrating changes in the schema:
https://github.com/grafana/grafana/pull/9377#issuecomment-333063543
For reasons of expediency given the severity of the bug (not verifying
TLS), keep the old name.
In c04d95f35 I changed the default for datasource HTTP requests so that
TLS is always verified.
This commit adds a checkbox to allow an admin to explicitly skip TLS
verification, for testing purposes.
* add postgresql datasource
* add rest of files for postgres datasource
* fix timeseries query, remove unused code
* consistent naming, refactoring
* s/mysql/postgres/
* s/mysql/postgres/
* couple more tests
* tests for more datatypes
* fix macros for postgres
* add __timeSec macro
* add frontend for postgres datasource
* adjust documentation
* fix formatting
* add proper plugin description
* merge editor changes from mysql
* port changes from mysql datasource
* set proper defaultQuery for postgres
* add time_sec to timeseries query
accept int for value for timeseries query
* revert allowing time_sec and handle int or float values as unix
timestamp for "time" column
* fix tslint error
* handle decimal values in timeseries query
* allow setting sslmode for postgres datasource
* use type switch for handling data types
* fix value for timeseries query
* refactor timeseries queries to make them more flexible
* remove debug statement from inner loop in type conversion
* use plain for loop in getTypedRowData
* fix timeseries queries
* adjust postgres datasource to tsdb refactoring
* adjust postgres datasource to frontend changes
* update lib/pq to latest version
* move type conversion to getTypedRowData
* handle address types cidr, inet and macaddr
* adjust response parser and docs for annotations
* convert unknown types to string
* add documentation for postgres datasource
* add another example query with metric column
* set more helpful default query
* update help text in query editor
* handle NULL in value column of timeseries query
* add __timeGroup macro
* add test for __timeGroup macro
* document __timeGroup and set proper default query for annotations
* fix typos in docs
* add postgres to list of datasources
* add postgres to builtInPlugins
* mysql: refactoring as prep for merging postgres
Refactors out the initialization of the xorm engine and the query logic
for an sql data source.
* mysql: rename refactoring + test update
* postgres:refactor to use SqlEngine(same as mysql)
Refactored to use a common base class with the MySql data source.
Other changes from the original PR:
- Changed time column to be time_sec to allow other time units in the
future and to be the same as MySQL
- Changed integration test to test the main Query method rather than
the private transformToTable method
- Changed the __timeSec macro name to __timeEpoch
- Renamed PostgresExecutor to PostgresQueryEndpoint
Fixes#9209 (the original PR)
* postgres: encrypt password on config page
With some other cosmetic changes to the config page:
- placeholder texts
- reset button for the password after it has been encrypted.
- default value for the sslmode field.
* postgres: change back col name to time from time_sec
* postgres mysql: remove annotation title
Title has been removed from annotations
* postgres: fix images for docs page
* postgres mysql: fix specs
* colorpicker: fix opening error when color is undefined
* colorpicker: replace spectrum picker by new color picker
* colorpicker: remove old spectrum picker directive
* annotations: use tinycolor for working with region colors
Macaron's gzip middleware tries to automatically figure out the content
type for a file when gzipped and seems to mostly fail with plugin
readmes. This change sets the content type to plain text.
Fixes#9344. Ref #5952.
At least in my Postgresql 9.6.5, the old syntax of capitalized queries doesn't work (Linux).<br>
Running with UTF-8 as standard encoding and the ` notations didn't work either, so removed those.
* annotations: add 25px space for events section
* annotations: restored create annotation action
* annotations: able to use fa icons as event markers
* annotations: initial emoji support from twemoji lib
* annotations: adjust fa icon position
* annotations: initial emoji picker
* annotation: include user info into annotation requests
* annotation: add icon info
* annotation: display user info in tooltip
* annotation: fix region saving
* annotation: initial region markers
* annotation: fix region clearing (add flot-temp-elem class)
* annotation: adjust styles a bit
* annotations: minor fixes
* annoations: removed userId look in loop, need a sql join or a user cache for this
* annotation: fix invisible events
* lib: changed twitter emoij lib to be npm dependency
* annotation: add icon picker to Add Annotation dialog
* annotation: save icon to annotation table
* annotation: able to set custom icon for annotation added by user
* annotations: fix emoji after library upgrade (switch to 72px)
* emoji: temporary remove bad code points
* annotations: improve icon picker
* annotations: icon show icon picker at the top
* annotations: use svg for emoji
* annotations: fix region drawing when add annotation editor opened
* annotations: use flot lib for drawing region fill
* annotations: move regions building into event_manager
* annotations: don't draw additional space if no events are got
* annotations: deduplicate events
* annotations: properly render cut regions
* annotations: fix cut region building
* annotations: refactor
* annotations: adjust event section size
* add-annotations: fix undefined default icon
* create-annotations: edit event (frontend part)
* fixed bug causes error when hover event marker
* create-annotations: update event (backend)
* ignore grafana-server debug binary in git (created VS Code)
* create-annotations: use PUT request for updating annotation.
* create-annotations: fixed time format when editing existing event
* create-annotations: support for region update
* create-annotations: fix bug with limit and event type
* create-annotations: delete annotation
* create-annotations: show only selected icon in edit mode
* create-annotations: show event editor only for users with at least Editor role
* create-annotations: handle double-sized emoji codepoints
* create-annotations: refactor
use CP_SEPARATOR from emojiDef
* create-annotations: update emoji list, add categories.
* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path
* create-annotations: initial tabs for emoji picker
* emoji-picker: adjust styles
* emoji-picker: minor refactor
* emoji-picker: refactor - rename and move into one directory
* emoji-picker: build emoji elements on app load, not on picker open
* emoji-picker: fix emoji searching
* emoji-picker: refactor
* emoji-picker: capitalize category name
* emoji-picker: refactor
move buildEmojiElem() into emoji_converter.ts for future reuse.
* jquery.flot.events: refactor
use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.
* emoji_converter: handle converting error
* tech: updated
* merged with master
* shore: clean up some stuff
* annotation: wip tags
* annotation: filtering by tags
* tags: parse out spaces etc. from a tags string
* annotations: use tagsinput component for tag filtering
* annotation: wip work on how we query alert & panel annotations
* annotations: support for updating tags in an annotation
* linting
* annotations: work on unifying how alert history annotations and manual panel annotations are created
* tslint: fixes
* tags: create tag on blur as well
Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).
* annotations: fix update after refactoring
* annotations: progress on how alert annotations are fetched
* annotations: minor progress
* annotations: progress
* annotation: minor progress
* annotations: move tag parsing from tooltip to ds
Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.
* annotations: more work on querying
* annotations: change from tags as string to array
when saving in the db and in the api.
* annotations: delete tag link if removed on edit
* annotation: more work on depricating annotation title
* annotations: delete tag links on delete
* annotations: fix for find
* annotation: added user to annotation tooltip and added alertName to annoation dto
* annotations: use id from route instead from cmd for updating
* annotations: http api docs
* create annotation: last edits
* annotations: minor fix for querying annotations before dashboard saved
* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)
* annotations: changing how the built in query gets added
* annotation: added time to header in edit mode
* tests: fixed jshint built issue
It should be specify to either use TLS client authentication or use a
user-supplied CA; previously you had to enable client authentication to
use a custom CA.
If either is set, try to use them.
This should help avoid a situation where someone has half-configured TLS
client authentication and it doesn't work without raising an obvious
error.
TLS was not being verified in a number of places:
- connections to grafana.com
- connections to OAuth providers when TLS client authentication was
enabled
- connections to self-hosted Grafana installations when using the CLI
tool
TLS should always be verified unless the user explicitly enables an
option to skip verification.
Removes some instances where `InsecureSkipVerify` is explicitly set to
`false`, the default, to help avoid confusion and make it more difficult
to regress on this fix by accident.
Adds a `--insecure` flag to `grafana-cli` to skip TLS verification.
Adds a `tls_skip_verify_insecure` setting for OAuth.
Adds a `app_tls_skip_verify_insecure` setting under a new `[plugins]`
section.
I'm not super happy with the way the global setting is used by
`pkg/api/app_routes.go` but that seems to be the existing pattern used.
This modification aim to allow users to set value via textMapping and
these values to be used in background coloring as it text coloring.
This pull request closes#8404, but doesn't agree with #9012.
The issue #9012 consider that no coloring output should be put when
there is no data. I partially agree with this as I explicitely setted a
value in the textMapping I obviously want to treat `N/A` as a number.
`data.valueFormatted` contain the stringified version of `data.value`
If `Number()` cannot convert a string into a number a `NaN` value is
returned. So the code is still valid if the inputted value in
`data.valueFormatted` is not a number.
