From 2622664b60fcc5cdbf9ccb1edb0f0da75088c31b Mon Sep 17 00:00:00 2001 From: Gabor Tanz Date: Mon, 29 Jul 2024 14:11:13 +0200 Subject: [PATCH] add support for tls client auth in prometheus datasource --- datasource/prometheus/options.go | 11 +++++++++++ datasource/prometheus/options_test.go | 10 ++++++++++ 2 files changed, 21 insertions(+) diff --git a/datasource/prometheus/options.go b/datasource/prometheus/options.go index 04cc743d..1daf063e 100644 --- a/datasource/prometheus/options.go +++ b/datasource/prometheus/options.go @@ -104,6 +104,17 @@ func WithCertificate(certificate string) Option { } } +// WithTLSClientAuth sets the client tls keypair. +func WithTLSClientAuth(certificate, key string) Option { + return func(datasource *Prometheus) error { + datasource.builder.JSONData.(map[string]interface{})["tlsAuth"] = true + datasource.builder.SecureJSONData.(map[string]interface{})["tlsClientCert"] = certificate + datasource.builder.SecureJSONData.(map[string]interface{})["tlsClientKey"] = key + + return nil + } +} + // WithCredentials joins credentials such as cookies or auth headers to cross-site requests. func WithCredentials() Option { return func(datasource *Prometheus) error { diff --git a/datasource/prometheus/options_test.go b/datasource/prometheus/options_test.go index ffd04845..a8acd770 100644 --- a/datasource/prometheus/options_test.go +++ b/datasource/prometheus/options_test.go @@ -5,6 +5,7 @@ import ( "testing" "time" + "github.com/K-Phoen/grabana/datasource" "github.com/K-Phoen/grabana/errors" "github.com/stretchr/testify/require" ) @@ -114,6 +115,15 @@ func TestWithCertificate(t *testing.T) { req.Equal("certificate-content", datasource.builder.SecureJSONData.(map[string]interface{})["tlsCACert"]) } +func TestWithTLSClientAuuth(t *testing.T) { + req := require.New(t) + datasource, err := New("", "", WithTLSClientAuth("cert-content", "key-content")) + req.NoError(err) + req.Equal(true, datasource.builder.JSONData.(map[string]interface{})["tlsAuth"]) + req.Equal("cert-content", datasource.builder.SecureJSONData.(map[string]interface{})["tlsClientCert"]) + req.Equal("key-content", datasource.builder.SecureJSONData.(map[string]interface{})["tlsClientKey"]) +} + func TestWithCredentials(t *testing.T) { req := require.New(t)