diff --git a/CHANGELOG.md b/CHANGELOG.md index 2fdf89c0710..f1c60fcd6bb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ * **Templating**: Update panel repeats for variables that change on time refresh, closes [#5021](https://github.com/grafana/grafana/issues/5021) * **Elasticsearch**: Support to set Precision Threshold for Unique Count metric, closes [#4689](https://github.com/grafana/grafana/issues/4689) * **Navigation**: Add search to org swithcer, closes [#2609](https://github.com/grafana/grafana/issues/2609) +* **Database**: Allow database config using one propertie, closes [#5456](https://github.com/grafana/grafana/pull/5456) # 3.1.2 (unreleased) * **Templating**: Fixed issue when combining row & panel repeats, fixes [#5790](https://github.com/grafana/grafana/issues/5790) diff --git a/conf/defaults.ini b/conf/defaults.ini index dd772171341..18b83969b6f 100644 --- a/conf/defaults.ini +++ b/conf/defaults.ini @@ -59,12 +59,18 @@ cert_key = #################################### Database #################################### [database] +# You can configure the database connection by specifying type, host, name, user and password +# as seperate properties or as on string using the url propertie. + # Either "mysql", "postgres" or "sqlite3", it's your choice type = sqlite3 host = 127.0.0.1:3306 name = grafana user = root password = +# Use either URL or the previous fields to configure the database +# Example: mysql://user:secret@host:port/database +url = # For "postgres", use either "disable", "require" or "verify-full" # For "mysql", use either "true", "false", or "skip-verify". diff --git a/conf/sample.ini b/conf/sample.ini index 3978408e24e..9e0e34fb8a9 100644 --- a/conf/sample.ini +++ b/conf/sample.ini @@ -61,6 +61,9 @@ #################################### Database #################################### [database] +# You can configure the database connection by specifying type, host, name, user and password +# as seperate properties or as on string using the url propertie. + # Either "mysql", "postgres" or "sqlite3", it's your choice ;type = sqlite3 ;host = 127.0.0.1:3306 @@ -68,6 +71,10 @@ ;user = root ;password = +# Use either URL or the previous fields to configure the database +# Example: mysql://user:secret@host:port/database +;url = + # For "postgres" only, either "disable", "require" or "verify-full" ;ssl_mode = disable diff --git a/pkg/services/sqlstore/sqlstore.go b/pkg/services/sqlstore/sqlstore.go index 823a0b18421..031d8344a34 100644 --- a/pkg/services/sqlstore/sqlstore.go +++ b/pkg/services/sqlstore/sqlstore.go @@ -2,6 +2,7 @@ package sqlstore import ( "fmt" + "net/url" "os" "path" "path/filepath" @@ -155,16 +156,35 @@ func getEngine() (*xorm.Engine, error) { func LoadConfig() { sec := setting.Cfg.Section("database") - DbCfg.Type = sec.Key("type").String() + cfgURL := sec.Key("url").String() + if len(cfgURL) != 0 { + dbURL, _ := url.Parse(cfgURL) + DbCfg.Type = dbURL.Scheme + DbCfg.Host = dbURL.Host + + pathSplit := strings.Split(dbURL.Path, "/") + if len(pathSplit) > 1 { + DbCfg.Name = pathSplit[1] + } + + userInfo := dbURL.User + if userInfo != nil { + DbCfg.User = userInfo.Username() + DbCfg.Pwd, _ = userInfo.Password() + } + } else { + DbCfg.Type = sec.Key("type").String() + DbCfg.Host = sec.Key("host").String() + DbCfg.Name = sec.Key("name").String() + DbCfg.User = sec.Key("user").String() + if len(DbCfg.Pwd) == 0 { + DbCfg.Pwd = sec.Key("password").String() + } + } + if DbCfg.Type == "sqlite3" { UseSQLite3 = true } - DbCfg.Host = sec.Key("host").String() - DbCfg.Name = sec.Key("name").String() - DbCfg.User = sec.Key("user").String() - if len(DbCfg.Pwd) == 0 { - DbCfg.Pwd = sec.Key("password").String() - } DbCfg.SslMode = sec.Key("ssl_mode").String() DbCfg.Path = sec.Key("path").MustString("data/grafana.db") diff --git a/pkg/setting/setting.go b/pkg/setting/setting.go index 13c2dee78e2..c5f994cc692 100644 --- a/pkg/setting/setting.go +++ b/pkg/setting/setting.go @@ -183,6 +183,11 @@ func shouldRedactKey(s string) bool { return strings.Contains(uppercased, "PASSWORD") || strings.Contains(uppercased, "SECRET") } +func shouldRedactURLKey(s string) bool { + uppercased := strings.ToUpper(s) + return strings.Contains(uppercased, "DATABASE_URL") +} + func applyEnvVariableOverrides() { appliedEnvOverrides = make([]string, 0) for _, section := range Cfg.Sections() { @@ -197,6 +202,17 @@ func applyEnvVariableOverrides() { if shouldRedactKey(envKey) { envValue = "*********" } + if shouldRedactURLKey(envKey) { + u, _ := url.Parse(envValue) + ui := u.User + if ui != nil { + _, exists := ui.Password() + if exists { + u.User = url.UserPassword(ui.Username(), "-redacted-") + envValue = u.String() + } + } + } appliedEnvOverrides = append(appliedEnvOverrides, fmt.Sprintf("%s=%s", envKey, envValue)) } } diff --git a/pkg/setting/setting_test.go b/pkg/setting/setting_test.go index 4f177e96bae..586cd8ff61d 100644 --- a/pkg/setting/setting_test.go +++ b/pkg/setting/setting_test.go @@ -29,6 +29,20 @@ func TestLoadingSettings(t *testing.T) { So(LogsPath, ShouldEqual, filepath.Join(DataPath, "log")) }) + Convey("Should replace password when defined in environment", func() { + os.Setenv("GF_SECURITY_ADMIN_PASSWORD", "supersecret") + NewConfigContext(&CommandLineArgs{HomePath: "../../"}) + + So(appliedEnvOverrides, ShouldContain, "GF_SECURITY_ADMIN_PASSWORD=*********") + }) + + Convey("Should replace password in URL when url environment is defined", func() { + os.Setenv("GF_DATABASE_URL", "mysql://user:secret@localhost:3306/database") + NewConfigContext(&CommandLineArgs{HomePath: "../../"}) + + So(appliedEnvOverrides, ShouldContain, "GF_DATABASE_URL=mysql://user:-redacted-@localhost:3306/database") + }) + Convey("Should get property map from command line args array", func() { props := getCommandLineProperties([]string{"cfg:test=value", "cfg:map.test=1"})