Option to enable public rendering.

[vukmirovic98]

What would you like to be added:
A config option (preferably true/false) to enable/disable session requirement for the render to start.
Why is this needed:
Ease of access (on secure networks) where we do not want to grant anonymous access to all created dashboards.

[joanlopez]

Hi @vukmirovic98,

I'm sorry, but during our internal discussions to manage the most recent security fix related with the Grafana Image Renderer, we explicitly decided to do not allow untrusted communications (requests), at least not by default, because we consider the user's security primordial.

Of course, that's not a definitive answer to your feature request, but what I can say so far is that we'll need to internally discuss it more calmly and evaluate the possibility of letting users to (manually and voluntarily) run the Image Renderer in an insecure way.

Thanks! cc/ @jmatosgrafana

[lgogolin]

It already has support for remote storage like S3 for alerting. Implementing this for rendering would be sufficient.

Currently it's impossible to have direct image rendering used withing production systems.
Grafana would have to be exposed public and whats even worse authentication would have to be disable to share rendered images in Slack messages for example

I added discussion about that in grafana/grafana#60386

[AgnesToulet]

Hi! I think what you wrote in the discussion in grafana/grafana#60386 makes sense. We'll discuss internally to decide how we want to handle it (implement your suggestion or do it a bit differently) and, then, open an issue in grafana/grafana to track this work.

However, if we do what you suggested, I don't see anything to be done in the image renderer itself so I'll close this issue for now.