-
Notifications
You must be signed in to change notification settings - Fork 11.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Plugins: Add option to disable TLS in the socks proxy #79246
Plugins: Add option to disable TLS in the socks proxy #79246
Conversation
go.mod
Outdated
@@ -475,6 +474,8 @@ require ( | |||
go.opentelemetry.io/proto/otlp v1.0.0 // indirect | |||
) | |||
|
|||
require github.com/grafana/grafana-plugin-sdk-go v0.196.1-0.20231205151856-c5479f051888 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using a specific commit from my PR in the sdk repo. Will update to the correct sdk version after the PR in the sdk repo is merged.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated to the sdk version v0.197.0
1bf4615
to
13d59e2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great LGTM
Sidenote: It's convenient to use a replace directive in go.mod when temporary working with dependency update. You can use go mod edit -replace=github.com/grafana/grafana-plugin-sdk-go=github.com/grafana/grafana-plugin-sdk-go@<branch name or commit>
.
| `client_cert` | The file path of the client public key | /etc/client.crt | | ||
| `server_name` | The domain name of the proxy, used for SNI | proxy.grafana.svc.cluster.local | | ||
| `proxy_address` | The address of the proxy | localhost:9090 | | ||
| `allow_insecure` | Disable TLS in the socks proxy | localhost:9090 | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to change the example value in the new line to be a boolean.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed. It was a copy pasting mistake
What is this feature?
Adds
allow_insecure: bool
tosecure_socks_datasource_proxy
config section. The socks proxy won't use TLS whenallow_insecure
is set totrue
.Why do we need this feature?
From the issue description:
Who is this feature for?
Plugin developers
Which issue(s) does this PR fix?:
Part of https://github.com/grafana/hosted-grafana/issues/4935
Depends on grafana/grafana-plugin-sdk-go#833
TODO: