root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 266 Packages Projects Releases Wiki Activity
grafana/pkg/setting/setting_azure_test.go

330 lines
10 KiB
Go
Raw Normal View History

Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
package setting
import (
"testing"
Chore: Update grafana-azure-sdk-go (#84741) * Update grafana-azure-sdk-go * Update test
2024-03-19 22:56:40 +08:00
"github.com/grafana/grafana-azure-sdk-go/v2/azsettings"
Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestAzureSettings(t *testing.T) {
t.Run("cloud name", func(t *testing.T) {
testCases := []struct {
name string
configuredValue string
resolvedValue string
}{
{
name: "should be Public if not set",
configuredValue: "",
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test
2022-04-01 19:26:49 +08:00
resolvedValue: azsettings.AzurePublic,
Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
},
{
name: "should be Public if set to Public",
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test
2022-04-01 19:26:49 +08:00
configuredValue: azsettings.AzurePublic,
resolvedValue: azsettings.AzurePublic,
Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
},
{
name: "should be Public if set to Public using alternative name",
configuredValue: "AzurePublicCloud",
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test
2022-04-01 19:26:49 +08:00
resolvedValue: azsettings.AzurePublic,
Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
},
{
name: "should be China if set to China",
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test
2022-04-01 19:26:49 +08:00
configuredValue: azsettings.AzureChina,
resolvedValue: azsettings.AzureChina,
Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
},
{
name: "should be US Government if set to US Government using alternative name",
configuredValue: "usgov",
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test
2022-04-01 19:26:49 +08:00
resolvedValue: azsettings.AzureUSGovernment,
Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
},
{
name: "should be same as set if not known",
configuredValue: "Custom123",
resolvedValue: "Custom123",
},
}
for _, c := range testCases {
t.Run(c.name, func(t *testing.T) {
cfg := NewCfg()
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("cloud", c.configuredValue)
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
assert.Equal(t, c.resolvedValue, cfg.Azure.Cloud)
})
}
})
Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording
2023-05-16 01:00:54 +08:00
Prometheus: Add missing Azure setting (#84094)
2024-03-11 16:57:42 +08:00
t.Run("prometheus", func(t *testing.T) {
t.Run("should enable azure auth", func(t *testing.T) {
cfg := NewCfg()
authSection, err := cfg.Raw.NewSection("auth")
require.NoError(t, err)
_, err = authSection.NewKey("azure_auth_enabled", "true")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure.AzureAuthEnabled)
assert.True(t, cfg.Azure.AzureAuthEnabled)
})
t.Run("should default to disabled", func(t *testing.T) {
cfg := NewCfg()
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure.AzureAuthEnabled)
assert.False(t, cfg.Azure.AzureAuthEnabled)
})
})
Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording
2023-05-16 01:00:54 +08:00
t.Run("User Identity", func(t *testing.T) {
t.Run("should be disabled by default", func(t *testing.T) {
cfg := NewCfg()
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
assert.False(t, cfg.Azure.UserIdentityEnabled)
})
t.Run("should be enabled", func(t *testing.T) {
cfg := NewCfg()
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
require.NotNil(t, cfg.Azure.UserIdentityTokenEndpoint)
assert.True(t, cfg.Azure.UserIdentityEnabled)
})
AzureMonitor: User authentication support (#81918) * Stub out frontend user auth * Stub out backend user auth * Add context * Reorganise files * Refactor app registration form * Alert for user auth service principal credentials * AzureMonitor: Add flag for enabling/disabling fallback credentials for current user authentication (#82332) * Rename field * Add fallback setting * Update tests and mock * Remove duplicate setting line * Update name of property * Update frontend settings * Update docs and default config files * Update azure-sdk * Fix lint * Update test * Bump dependency * Update configuration * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Docs review * AzureMonitor: User authentication frontend updates (#83107) * Rename field * Add fallback setting * Update tests and mock * Remove duplicate setting line * Update name of property * Update frontend settings * Update docs and default config files * Add alerts to query editor - Add authenticatedBy property to grafana/data - Update mocks - Update query editor to disable it under certain circumstances - Update tests * Add separate FallbackCredentials component - Reset AppRegistrationCredentials component to only handle clientsecret credentials - Update AzureCredentialsForm - Update selectors - Update tests - Update credentials utility functions logic * Alert when fallback credentials disabled * Update condition * Update azure-sdk * Fix lint * Update test * Remove unneeded conditions * Set auth type correctly * Legacy cloud options * Fix client secret * Remove accidental import * Bump dependency * Add tests * Don't use VerticalGroup component * Remove unused import * Fix lint * Appropriately set oAuthPassThru and disableGrafanaCache properties * Clear azureCredentials on authType change * Correctly retrieve secret * Fix bug in authTypeOptions * Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> * Update public/app/plugins/datasource/azuremonitor/components/QueryEditor/QueryEditor.tsx Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> * Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> * Add documentation links * Fix broken link --------- Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> * AzureMonitor: Update docs for current user authentication (#83440) * Rename field * Add fallback setting * Update tests and mock * Remove duplicate setting line * Update name of property * Update frontend settings * Update docs and default config files * Add alerts to query editor - Add authenticatedBy property to grafana/data - Update mocks - Update query editor to disable it under certain circumstances - Update tests * Add separate FallbackCredentials component - Reset AppRegistrationCredentials component to only handle clientsecret credentials - Update AzureCredentialsForm - Update selectors - Update tests - Update credentials utility functions logic * Alert when fallback credentials disabled * Update condition * Update azure-sdk * Fix lint * Update test * Remove unneeded conditions * Set auth type correctly * Legacy cloud options * Fix client secret * Remove accidental import * Bump dependency * Add tests * Don't use VerticalGroup component * Remove unused import * Update docs * Fix lint * Appropriately set oAuthPassThru and disableGrafanaCache properties * Clear azureCredentials on authType change * Correctly retrieve secret * Feedback * Spelling * Update docs/sources/datasources/azure-monitor/_index.md Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com> * Update docs/sources/datasources/azure-monitor/_index.md Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com> * Update docs/sources/datasources/azure-monitor/_index.md Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com> * Update docs/sources/datasources/azure-monitor/_index.md Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com> --------- Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com> * Docs review * Update docs with additional configuration information * Fix to appropriately hide the query editor * Typo * Update isCredentialsComplete * Update test --------- Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>
2024-03-20 00:32:24 +08:00
t.Run("enables service credentials by default", func(t *testing.T) {
cfg := NewCfg()
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
cfg.readAzureSettings()
assert.True(t, cfg.Azure.UserIdentityFallbackCredentialsEnabled)
})
t.Run("disables service credentials", func(t *testing.T) {
cfg := NewCfg()
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_fallback_credentials_enabled", "false")
require.NoError(t, err)
cfg.readAzureSettings()
assert.False(t, cfg.Azure.UserIdentityFallbackCredentialsEnabled)
})
Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording
2023-05-16 01:00:54 +08:00
t.Run("should use token endpoint from Azure AD if enabled", func(t *testing.T) {
cfg := NewCfg()
azureAdSection, err := cfg.Raw.NewSection("auth.azuread")
require.NoError(t, err)
_, err = azureAdSection.NewKey("enabled", "true")
require.NoError(t, err)
_, err = azureAdSection.NewKey("token_url", "URL_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_id", "ID_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_secret", "SECRET_1")
require.NoError(t, err)
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
require.NotNil(t, cfg.Azure.UserIdentityTokenEndpoint)
assert.True(t, cfg.Azure.UserIdentityEnabled)
assert.Equal(t, "URL_1", cfg.Azure.UserIdentityTokenEndpoint.TokenUrl)
assert.Equal(t, "ID_1", cfg.Azure.UserIdentityTokenEndpoint.ClientId)
assert.Equal(t, "SECRET_1", cfg.Azure.UserIdentityTokenEndpoint.ClientSecret)
})
t.Run("should not use token endpoint from Azure AD if not enabled", func(t *testing.T) {
cfg := NewCfg()
azureAdSection, err := cfg.Raw.NewSection("auth.azuread")
require.NoError(t, err)
_, err = azureAdSection.NewKey("enabled", "false")
require.NoError(t, err)
_, err = azureAdSection.NewKey("token_url", "URL_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_id", "ID_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_secret", "SECRET_1")
require.NoError(t, err)
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
require.NotNil(t, cfg.Azure.UserIdentityTokenEndpoint)
assert.True(t, cfg.Azure.UserIdentityEnabled)
assert.Empty(t, cfg.Azure.UserIdentityTokenEndpoint.TokenUrl)
assert.Empty(t, cfg.Azure.UserIdentityTokenEndpoint.ClientId)
assert.Empty(t, cfg.Azure.UserIdentityTokenEndpoint.ClientSecret)
})
t.Run("should override Azure AD settings", func(t *testing.T) {
cfg := NewCfg()
azureAdSection, err := cfg.Raw.NewSection("auth.azuread")
require.NoError(t, err)
_, err = azureAdSection.NewKey("enabled", "true")
require.NoError(t, err)
_, err = azureAdSection.NewKey("token_url", "URL_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_id", "ID_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_secret", "SECRET_1")
require.NoError(t, err)
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_token_url", "URL_2")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_client_id", "ID_2")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_client_secret", "SECRET_2")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
require.NotNil(t, cfg.Azure.UserIdentityTokenEndpoint)
assert.True(t, cfg.Azure.UserIdentityEnabled)
assert.Equal(t, "URL_2", cfg.Azure.UserIdentityTokenEndpoint.TokenUrl)
assert.Equal(t, "ID_2", cfg.Azure.UserIdentityTokenEndpoint.ClientId)
assert.Equal(t, "SECRET_2", cfg.Azure.UserIdentityTokenEndpoint.ClientSecret)
})
t.Run("should not use secret from Azure AD if client ID overridden", func(t *testing.T) {
cfg := NewCfg()
azureAdSection, err := cfg.Raw.NewSection("auth.azuread")
require.NoError(t, err)
_, err = azureAdSection.NewKey("enabled", "true")
require.NoError(t, err)
_, err = azureAdSection.NewKey("token_url", "URL_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_id", "ID_1")
require.NoError(t, err)
_, err = azureAdSection.NewKey("client_secret", "SECRET_1")
require.NoError(t, err)
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_token_url", "URL_2")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_client_id", "ID_2")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
require.NotNil(t, cfg.Azure.UserIdentityTokenEndpoint)
assert.True(t, cfg.Azure.UserIdentityEnabled)
assert.Equal(t, "URL_2", cfg.Azure.UserIdentityTokenEndpoint.TokenUrl)
assert.Equal(t, "ID_2", cfg.Azure.UserIdentityTokenEndpoint.ClientId)
assert.Empty(t, cfg.Azure.UserIdentityTokenEndpoint.ClientSecret)
})
Azure: Fix for username assertion (#87853) Fix for username assertion - Allow setting username assertion in INI - Correctly set the azsettings value - Update tests
2024-05-17 00:50:02 +08:00
t.Run("does not enable username assertion by default", func(t *testing.T) {
cfg := NewCfg()
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
require.NotNil(t, cfg.Azure.UserIdentityTokenEndpoint)
assert.True(t, cfg.Azure.UserIdentityEnabled)
assert.False(t, cfg.Azure.UserIdentityTokenEndpoint.UsernameAssertion)
})
t.Run("should appropriately set username assertion", func(t *testing.T) {
cfg := NewCfg()
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("user_identity_enabled", "true")
require.NoError(t, err)
_, err = azureSection.NewKey("username_assertion", "username")
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
require.NotNil(t, cfg.Azure.UserIdentityTokenEndpoint)
assert.True(t, cfg.Azure.UserIdentityEnabled)
assert.True(t, cfg.Azure.UserIdentityTokenEndpoint.UsernameAssertion)
})
Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording
2023-05-16 01:00:54 +08:00
})
Plugins: Include Azure settings as a part of Grafana config sent in plugin requests (#79342) * Add Azure settings and update tests * Filter by plugin ID * Add forward settings config variable * Update line * Add tests * Update so that data sources are fully defined in config * Update SDK and test * Fix lint * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> * Remove unnecessary if --------- Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
2023-12-14 19:48:22 +08:00
t.Run("forward settings to plugins", func(t *testing.T) {
testCases := []struct {
name string
configuredValue string
resolvedValue []string
}{
{
name: "should be set to user plugins if set",
configuredValue: "test-datasource",
resolvedValue: []string{"test-datasource"},
},
}
for _, c := range testCases {
t.Run(c.name, func(t *testing.T) {
cfg := NewCfg()
azureSection, err := cfg.Raw.NewSection("azure")
require.NoError(t, err)
_, err = azureSection.NewKey("forward_settings_to_plugins", c.configuredValue)
require.NoError(t, err)
cfg.readAzureSettings()
require.NotNil(t, cfg.Azure)
assert.Equal(t, c.resolvedValue, cfg.Azure.ForwardSettingsPlugins)
})
}
})
Fix alternative Azure cloud names (#37133)
2021-08-13 21:58:05 +08:00
}