grafana/pkg/setting/setting_azure.go

package setting

import (
	"github.com/grafana/grafana-azure-sdk-go/azsettings"
	"github.com/grafana/grafana/pkg/util"
)

func (cfg *Cfg) readAzureSettings() {
	azureSettings := &azsettings.AzureSettings{}

	azureSection := cfg.Raw.Section("azure")

	// Cloud
	cloudName := azureSection.Key("cloud").MustString(azsettings.AzurePublic)
	azureSettings.Cloud = azsettings.NormalizeAzureCloud(cloudName)

	// Managed Identity authentication
	azureSettings.ManagedIdentityEnabled = azureSection.Key("managed_identity_enabled").MustBool(false)
	azureSettings.ManagedIdentityClientId = azureSection.Key("managed_identity_client_id").String()

	// Workload Identity authentication
	if azureSection.Key("workload_identity_enabled").MustBool(false) {
		azureSettings.WorkloadIdentityEnabled = true
		workloadIdentitySettings := &azsettings.WorkloadIdentitySettings{}

		if val := azureSection.Key("workload_identity_tenant_id").String(); val != "" {
			workloadIdentitySettings.TenantId = val
		}
		if val := azureSection.Key("workload_identity_client_id").String(); val != "" {
			workloadIdentitySettings.ClientId = val
		}
		if val := azureSection.Key("workload_identity_token_file").String(); val != "" {
			workloadIdentitySettings.TokenFile = val
		}

		azureSettings.WorkloadIdentitySettings = workloadIdentitySettings
	}

	// User Identity authentication
	if azureSection.Key("user_identity_enabled").MustBool(false) {
		azureSettings.UserIdentityEnabled = true
		tokenEndpointSettings := &azsettings.TokenEndpointSettings{}

		// Get token endpoint from Azure AD settings if enabled
		azureAdSection := cfg.Raw.Section("auth.azuread")
		if azureAdSection.Key("enabled").MustBool(false) {
			tokenEndpointSettings.TokenUrl = azureAdSection.Key("token_url").String()
			tokenEndpointSettings.ClientId = azureAdSection.Key("client_id").String()
			tokenEndpointSettings.ClientSecret = azureAdSection.Key("client_secret").String()
		}

		// Override individual settings
		if val := azureSection.Key("user_identity_token_url").String(); val != "" {
			tokenEndpointSettings.TokenUrl = val
		}
		if val := azureSection.Key("user_identity_client_id").String(); val != "" {
			tokenEndpointSettings.ClientId = val
			tokenEndpointSettings.ClientSecret = ""
		}
		if val := azureSection.Key("user_identity_client_secret").String(); val != "" {
			tokenEndpointSettings.ClientSecret = val
		}

		azureSettings.UserIdentityTokenEndpoint = tokenEndpointSettings
	}

	azureSettings.ForwardSettingsPlugins = util.SplitString(azureSection.Key("forward_settings_to_plugins").String())

	cfg.Azure = azureSettings
}
AzureMonitor: Azure settings in Grafana server config (#33728) * Azure cloud settings * Fix typos * Grouped Azure settings * Doc fixes * Some settings are not needed * Updated cloud name aliases 2021-05-12 22:23:37 +08:00			`package setting`

Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording 2023-05-16 01:00:54 +08:00			`import (`
			`"github.com/grafana/grafana-azure-sdk-go/azsettings"`
Plugins: Include Azure settings as a part of Grafana config sent in plugin requests (#79342) * Add Azure settings and update tests * Filter by plugin ID * Add forward settings config variable * Update line * Add tests * Update so that data sources are fully defined in config * Update SDK and test * Fix lint * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> * Remove unnecessary if --------- Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> 2023-12-14 19:48:22 +08:00			`"github.com/grafana/grafana/pkg/util"`
Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording 2023-05-16 01:00:54 +08:00			`)`
AzureMonitor: Azure settings in Grafana server config (#33728) * Azure cloud settings * Fix typos * Grouped Azure settings * Doc fixes * Some settings are not needed * Updated cloud name aliases 2021-05-12 22:23:37 +08:00
			`func (cfg *Cfg) readAzureSettings() {`
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test 2022-04-01 19:26:49 +08:00			`azureSettings := &azsettings.AzureSettings{}`

AzureMonitor: Azure settings in Grafana server config (#33728) * Azure cloud settings * Fix typos * Grouped Azure settings * Doc fixes * Some settings are not needed * Updated cloud name aliases 2021-05-12 22:23:37 +08:00			`azureSection := cfg.Raw.Section("azure")`

			`// Cloud`
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test 2022-04-01 19:26:49 +08:00			`cloudName := azureSection.Key("cloud").MustString(azsettings.AzurePublic)`
			`azureSettings.Cloud = azsettings.NormalizeAzureCloud(cloudName)`
AzureMonitor: Azure settings in Grafana server config (#33728) * Azure cloud settings * Fix typos * Grouped Azure settings * Doc fixes * Some settings are not needed * Updated cloud name aliases 2021-05-12 22:23:37 +08:00
Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording 2023-05-16 01:00:54 +08:00			`// Managed Identity authentication`
Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test 2022-04-01 19:26:49 +08:00			`azureSettings.ManagedIdentityEnabled = azureSection.Key("managed_identity_enabled").MustBool(false)`
			`azureSettings.ManagedIdentityClientId = azureSection.Key("managed_identity_client_id").String()`
AzureMonitor: Azure settings in Grafana server config (#33728) * Azure cloud settings * Fix typos * Grouped Azure settings * Doc fixes * Some settings are not needed * Updated cloud name aliases 2021-05-12 22:23:37 +08:00
Azure: Settings for Azure AD Workload Identity (#75283) * Settings for Azure AD Workload Identity * Update dependency on Grafana Azure SDK * Documentation * Fix JS code * Cleanup Prometheus backend code * Making prettier happy 2023-09-28 19:05:16 +08:00			`// Workload Identity authentication`
			`if azureSection.Key("workload_identity_enabled").MustBool(false) {`
			`azureSettings.WorkloadIdentityEnabled = true`
			`workloadIdentitySettings := &azsettings.WorkloadIdentitySettings{}`

			`if val := azureSection.Key("workload_identity_tenant_id").String(); val != "" {`
			`workloadIdentitySettings.TenantId = val`
			`}`
			`if val := azureSection.Key("workload_identity_client_id").String(); val != "" {`
			`workloadIdentitySettings.ClientId = val`
			`}`
			`if val := azureSection.Key("workload_identity_token_file").String(); val != "" {`
			`workloadIdentitySettings.TokenFile = val`
			`}`

			`azureSettings.WorkloadIdentitySettings = workloadIdentitySettings`
			`}`

Azure: Configuration for user identity authentication in datasources (Experimental) (#50277) * Configuration for user identity authentication * Use token endpoint form Azure AD settings * Documentation update * Update Grafana Azure SDK * Fix secret override * Fix lint * Fix doc wording 2023-05-16 01:00:54 +08:00			`// User Identity authentication`
			`if azureSection.Key("user_identity_enabled").MustBool(false) {`
			`azureSettings.UserIdentityEnabled = true`
			`tokenEndpointSettings := &azsettings.TokenEndpointSettings{}`

			`// Get token endpoint from Azure AD settings if enabled`
			`azureAdSection := cfg.Raw.Section("auth.azuread")`
			`if azureAdSection.Key("enabled").MustBool(false) {`
			`tokenEndpointSettings.TokenUrl = azureAdSection.Key("token_url").String()`
			`tokenEndpointSettings.ClientId = azureAdSection.Key("client_id").String()`
			`tokenEndpointSettings.ClientSecret = azureAdSection.Key("client_secret").String()`
			`}`

			`// Override individual settings`
			`if val := azureSection.Key("user_identity_token_url").String(); val != "" {`
			`tokenEndpointSettings.TokenUrl = val`
			`}`
			`if val := azureSection.Key("user_identity_client_id").String(); val != "" {`
			`tokenEndpointSettings.ClientId = val`
			`tokenEndpointSettings.ClientSecret = ""`
			`}`
			`if val := azureSection.Key("user_identity_client_secret").String(); val != "" {`
			`tokenEndpointSettings.ClientSecret = val`
			`}`

			`azureSettings.UserIdentityTokenEndpoint = tokenEndpointSettings`
			`}`

Plugins: Include Azure settings as a part of Grafana config sent in plugin requests (#79342) * Add Azure settings and update tests * Filter by plugin ID * Add forward settings config variable * Update line * Add tests * Update so that data sources are fully defined in config * Update SDK and test * Fix lint * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> * Remove unnecessary if --------- Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com> 2023-12-14 19:48:22 +08:00			`azureSettings.ForwardSettingsPlugins = util.SplitString(azureSection.Key("forward_settings_to_plugins").String())`

Shared Azure middleware between Azure Monitor and Prometheus datasources (#46002) * Scopes in Azure middleware * Enable Azure middleware without feature flag * Use common Azure middleware in Azure Monitor * Apply feature flag to JsonData configuration of Azure auth * Enforce feature flag in Prometheus datasource * Prometheus provider tests * Datasource service tests * Fix http client provider tests * Pass sdkhttpclient.Options by reference * Add middleware to httpclient.Options * Remove dependency on Grafana settings * Unit-tests updated * Fix ds_proxy_test * Fix service_test 2022-04-01 19:26:49 +08:00			`cfg.Azure = azureSettings`
AzureMonitor: Azure settings in Grafana server config (#33728) * Azure cloud settings * Fix typos * Grouped Azure settings * Doc fixes * Some settings are not needed * Updated cloud name aliases 2021-05-12 22:23:37 +08:00			`}`