search

grafana / github-datasource

Grafana data source plugin using the Github API to retrieve and visualize Github data.
https://grafana.com/grafana/plugins/grafana-github-datasource/
Apache License 2.0
226 stars 54 forks source link

handle untrusted https certificates with github enterprise #222

Open farmboy-dev opened 1 year ago

farmboy-dev commented 1 year ago

info by @gabor : add ways to handle the case where the https certificate of the github instance is not trusted by the server running grafana.. the two options are:

image Post "https://corp github url/api/graphql": x509: certificate signed by unknown authority

Hello, I'm trying to use this plugin for github enterprise server, but I'm getting the above error. I can access the graphql api server using postman, vscode, grafana graphql plugin.

Thank you

farmboy-dev commented 1 year ago

https://github.com/google/go-github/issues/1439 I'm not sure, but I think my problem is related to the above issue.

farmboy-dev commented 1 year ago

+Update I added some code to turn off tls verification. now I keep getting this error, and still can't do health check as well. image it's my first time to use go to figure this problem out, so is there any guide? I updated code in https://github.com/grafana/github-datasource/blob/main/pkg/github/datasource.go

func NewDatasource(ctx context.Context, settings models.Settings) *Datasource {
    src := oauth2.StaticTokenSource(
        &oauth2.Token{AccessToken: settings.AccessToken},
    )
        httpTransport := &http.Transport{
        TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
    }
    httpClientTransport := &http.Client{Transport: httpTransport}
        ctx = context.WithValue(ctx, oauth2.HTTPClient, httpClientTransport)
    httpClient := oauth2.NewClient(ctx, src)

    if settings.GithubURL == "" {
        return &Datasource{
            client: githubv4.NewClient(httpClient),
        }
    }

    return &Datasource{
        client: githubv4.NewEnterpriseClient(fmt.Sprintf("%s/api/graphql", settings.GithubURL), httpClient),
    }
}
kajal1310 commented 5 months ago

Has anybody found a solution yet? We are also stuck here. Is there any way we can have insecure skip verify flag while setting up data source itself ?

gabor commented 1 month ago

hi, right now there's no way to disable tls-verification i'll update this issue to be a feature-request.

in the meantime, as a workaround, i recommend making the server running grafana trust the https certificate of the github-enterprise-install (this probably involves adding certificates to the server operating system's certificate store).