* add feature toggle
* add a middleware that appens headers for IP range AC
* sort imports
* sign IP range header and only append it if the request is going to allow listed data sources
* sign a random generated string instead of IP, also change the name of the middleware to make it more generic
* remove the DS IP range AC options from the config file; remove unwanted change
* add test
* sanitize the URLs when comparing
* cleanup and fixes
* check if X-Real-Ip is present, and set the internal request header if it is not present
* use split string function from the util package
* Add teamHeaders for datasource proxy requests
* adds validation for the teamHeaders
* added tests for applying teamHeaders
* remove previous implementation
* validation for header values being set to authproxy
* removed unnecessary checks
* newline
* Add middleware for injecting headers on the data source backend
* renamed feature toggle
* Get user teams from context
* Fix feature toggle name
* added test for validation of the auth headers and fixed evaluation to cover headers
* renaming of teamHeaders to teamHTTPHeaders
* use of header set for non-existing header and add for existing headers
* moves types into datasources
* fixed unchecked errors
* Refactor
* Add tests for data model
* Update pkg/api/datasources.go
Co-authored-by: Victor Cinaglia <victor@grafana.com>
* Update pkg/api/datasources.go
Co-authored-by: Victor Cinaglia <victor@grafana.com>
---------
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
Co-authored-by: Victor Cinaglia <victor@grafana.com>
* Plugins: Add client middlware that forwards the signed grafana id token if present
* DsProxy: Set grafana id header if id token exists
* Add util function to apply id token to header
* Only add id forwarding middleware if feature toggle is enabled
* Add feature toggles to ds proxy and check if id forwarding is enabled
* Clean up test setup
* Change to use backend.ForwardHTTPHeaders interface
* PluginProxy: Forward signed identity when feature toggle is enabled
* PluginProxy: forrward signed id header
* add termination stage
* uid -> pluginID (for now)
* also fix fakes
* add simple test
* Fix logger name
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
* inline stop func call
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
---------
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
* Plugins: Angular detector: Remote patterns fetching
* Renamed PatternType to GCOMPatternType
* Renamed files
* Renamed more files
* Moved files again
* Add type checks, unexport GCOM structs
* Cache failures, update log messages, fix GCOM URL
* Fail silently for unknown pattern types, update docstrings
* Fix tests
* Rename gcomPattern.Value to gcomPattern.Pattern
* Refactoring
* Add FlagPluginsRemoteAngularDetectionPatterns feature flag
* Fix tests
* Re-generate feature flags
* Add TestProvideInspector, renamed TestDefaultStaticDetectorsInspector
* Add TestProvideInspector
* Add TestContainsBytesDetector and TestRegexDetector
* Renamed getter to provider
* More tests
* TestStaticDetectorsProvider, TestSequenceDetectorsProvider
* GCOM tests
* Lint
* Made detector.detect unexported, updated docstrings
* Allow changing grafana.com URL
* Fix API path, add more logs
* Update tryUpdateRemoteDetectors docstring
* Use angulardetector http client
* Return false, nil if module.js does not exist
* Chore: Split angualrdetector into angularinspector and angulardetector packages
Moved files around, changed references and fixed tests:
- Split the old angulardetector package into angular/angulardetector and angular/angularinspector
- angulardetector provides the detection structs/interfaces (Detector, DetectorsProvider...)
- angularinspector provides the actual angular detection service used directly in pluginsintegration
- Exported most of the stuff that was private and now put into angulardetector, as it is not required by angularinspector
* Renamed detector.go -> angulardetector.go and inspector.go -> angularinspector.go
Forgot to rename those two files to match the package's names
* Renamed angularinspector.ProvideInspector to angularinspector.ProvideService
* Renamed "harcoded" to "static" and "remote" to "dynamic"
from PR review, matches the same naming schema used for signing keys fetching
* WIP: Angular: cache patterns in db, moved gcom into pluginsintegration
More similar to signing keys fetching
* Rename package, refactoring
* try to solve circular import
* Fix merge conflict on updated angular patterns
* Fix circular imports
* Fix wire gen
* Add docstrings, refactoring
* Removed angualrdetectorsprovider dependency into angularpatternsstore
* Moved GCOM test files
* Removed GCOM cache
* Renamed Detect to DetectAngular and Detector to AngularDetector
* Fix call to NewGCOMDetectorsProvider in newDynamicInspector
* Removed unused test function newError500GCOMScenario
* Added angularinspector service definition in pluginsintegration
* refactoring
* lint
* Fix angularinspector TestProvideService
* cleanup
* Await initial restore
* Register dynamicAngularDetector background service
* Removed static detectors provider from pluginsintegration
* Add tests for kvstore
* Add more tests
* order imports in dynamic_test.go
* Fix potential panic in dynamic_test
* Add "runs the job periodically" test
* lint
* add timeout to test
* refactoring
* Removed context.Context from DetectorsProvider
* Refactoring, ensure angular dynamic background service is not started if feature flag is off
* Fix deadlock on startup
* Fix angulardetectorsprovider tests
* Revert "Removed context.Context from DetectorsProvider"
This reverts commit 4e8c6dded70844709400fa0ce4ce45e66c8458ca.
* Fix wrong argument number in dynamic_teset
* Standardize gcom http client
* Reduce context timeout for angular inspector in plugins loader
* Simplify initial restore logic
* Fix dynamic detectors provider tests
* Chore: removed angulardetector/provider.go
* Add more tests
* Removed backgroundJob interface, PR review feedback
* Update tests
* PR review feedback: remove ErrNoCachedValue from kv store Get
* Update tests
* PR review feedback: add IsDisabled and remove nop background srevice
* Update tests
* Remove initialRestore channel, use mux instead
* Removed backgroundJobInterval, use package-level variable instead
* Add TestDynamicAngularDetectorsProviderBackgroundService
* Removed timeouts
* pr review feedback: restore from store before returning the service
* Update tests
* Log duration on startup restore and cron run
* Switch cron job start log to debug level
* Do not attempt to restore if disabled
* Plugins: Angular detector: Remote patterns fetching
* Renamed PatternType to GCOMPatternType
* Renamed files
* Renamed more files
* Moved files again
* Add type checks, unexport GCOM structs
* Cache failures, update log messages, fix GCOM URL
* Fail silently for unknown pattern types, update docstrings
* Fix tests
* Rename gcomPattern.Value to gcomPattern.Pattern
* Refactoring
* Add FlagPluginsRemoteAngularDetectionPatterns feature flag
* Fix tests
* Re-generate feature flags
* Add TestProvideInspector, renamed TestDefaultStaticDetectorsInspector
* Add TestProvideInspector
* Add TestContainsBytesDetector and TestRegexDetector
* Renamed getter to provider
* More tests
* TestStaticDetectorsProvider, TestSequenceDetectorsProvider
* GCOM tests
* Lint
* Made detector.detect unexported, updated docstrings
* Allow changing grafana.com URL
* Fix API path, add more logs
* Update tryUpdateRemoteDetectors docstring
* Use angulardetector http client
* Return false, nil if module.js does not exist
* Chore: Split angualrdetector into angularinspector and angulardetector packages
Moved files around, changed references and fixed tests:
- Split the old angulardetector package into angular/angulardetector and angular/angularinspector
- angulardetector provides the detection structs/interfaces (Detector, DetectorsProvider...)
- angularinspector provides the actual angular detection service used directly in pluginsintegration
- Exported most of the stuff that was private and now put into angulardetector, as it is not required by angularinspector
* Renamed detector.go -> angulardetector.go and inspector.go -> angularinspector.go
Forgot to rename those two files to match the package's names
* Renamed angularinspector.ProvideInspector to angularinspector.ProvideService
* Renamed "harcoded" to "static" and "remote" to "dynamic"
from PR review, matches the same naming schema used for signing keys fetching
* Fix merge conflict on updated angular patterns
* Removed GCOM cache
* Renamed Detect to DetectAngular and Detector to AngularDetector
* Fix call to NewGCOMDetectorsProvider in newDynamicInspector
* Removed unused test function newError500GCOMScenario
* Added angularinspector service definition in pluginsintegration
* Moved dynamic inspector into pluginsintegration
* Move gcom angulardetectorsprovider into pluginsintegration
* Log errUnknownPatternType at debug level
* re-generate feature flags
* fix error log
* define initial service and add to wire
* update caching service interface
* add skipQueryCache header handler and update metrics query function to use it
* add caching service as a dependency to query service
* working caching impl
* propagate cache status to frontend in response
* beginning of improvements suggested by Lean - separate caching logic from query logic.
* more changes to simplify query function
* Decided to revert renaming of function
* Remove error status from cache request
* add extra documentation
* Move query caching duration metric to query package
* add a little bit of documentation
* wip: convert resource caching
* Change return type of query service QueryData to a QueryDataResponse with Headers
* update codeowners
* change X-Cache value to const
* use resource caching in endpoint handlers
* write resource headers to response even if it's not a cache hit
* fix panic caused by lack of nil check
* update unit test
* remove NONE header - shouldn't show up in OSS
* Convert everything to use the plugin middleware
* revert a few more things
* clean up unused vars
* start reverting resource caching, start to implement in plugin middleware
* revert more, fix typo
* Update caching interfaces - resource caching now has a separate cache method
* continue wiring up new resource caching conventions - still in progress
* add more safety to implementation
* remove some unused objects
* remove some code that I left in by accident
* add some comments, fix codeowners, fix duplicate registration
* fix source of panic in resource middleware
* Update client decorator test to provide an empty response object
* create tests for caching middleware
* fix unit test
* Update pkg/services/caching/service.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* improve error message in error log
* quick docs update
* Remove use of mockery. Update return signature to return an explicit hit/miss bool
* create unit test for empty request context
* rename caching metrics to make it clear they pertain to caching
* Update pkg/services/pluginsintegration/clientmiddleware/caching_middleware.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Add clarifying comments to cache skip middleware func
* Add comment pointing to the resource cache update call
* fix unit tests (missing dependency)
* try to fix mystery syntax error
* fix a panic
* Caching: Introduce feature toggle to caching service refactor (#66323)
* introduce new feature toggle
* hide calls to new service behind a feature flag
* remove licensing flag from toggle (misunderstood what it was for)
* fix unit tests
* rerun toggle gen
---------
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
`X-Dashboard-Uid`, `X-Datasource-Uid`, `X-Grafana-Org-Id`, `X-Panel-Id` are very useful headers set
by Grafana front-end that we would like to see on the data source as
well. This is so that it would be possible to pinpoint from where slow
queries are coming in Mimir/Thanos/Cortex/etc., for example. Relevant
Mimir code lines:
0a94f26203/pkg/frontend/transport/handler.go (L182-L184)
Tested manually that with these changes the headers are visible.
Automatically forward core plugin request HTTP headers in outgoing HTTP requests.
Core datasource plugin authors don't have to specifically handle forwarding of HTTP
headers, e.g. do not have to "hardcode" the header-names in the datasource plugin,
if not having custom needs.
Fixes#57065
Grafana would forward the X-Grafana-User header to backend plugin request when
dataproxy.send_user_header is enabled. In addition, X-Grafana-User will be automatically
forwarded in outgoing HTTP requests for core/builtin HTTP datasources.
Use grafana-plugin-sdk-go v0.147.0.
Fixes#47734
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Adding support for backend plugin client middlewares. This allows headers in outgoing
backend plugin and HTTP requests to be modified using client middlewares.
The following client middlewares added:
Forward cookies: Will forward incoming HTTP request Cookies to outgoing plugins.Client
and HTTP requests if the datasource has enabled forwarding of cookies (keepCookies).
Forward OAuth token: Will set OAuth token headers on outgoing plugins.Client and HTTP
requests if the datasource has enabled Forward OAuth Identity (oauthPassThru).
Clear auth headers: Will clear any outgoing HTTP headers that was part of the incoming
HTTP request and used when authenticating to Grafana.
The current suggested way to register client middlewares is to have a separate package,
pluginsintegration, responsible for bootstrap/instantiate the backend plugin client with
middlewares and/or longer term bootstrap/instantiate plugin management.
Fixes#54135
Related to #47734
Related to #57870
Related to #41623
Related to #57065
