feat(cloudwatch): make it possible to reset keys

closes #6697

pkg/api/cloudwatch/metrics.go

@@ -192,21 +192,6 @@ func handleGetMetrics(req *cwRequest, c *middleware.Context) {
 		}
 	} else {
 		var err error
-		/*
-			    assumeRoleArn := req.DataSource.JsonData.Get("assumeRoleArn").MustString()
-					accessKey := req.DataSource.JsonData.Get("accessKey").MustString()
-					secretKey := req.DataSource.JsonData.Get("secretKey").MustString()
-
-					cwData := &datasourceInfo{
-						AssumeRoleArn: assumeRoleArn,
-						Region:        req.Region,
-						Namespace:     reqParam.Parameters.Namespace,
-						Profile:       req.DataSource.Database,
-						AccessKey:     accessKey,
-						SecretKey:     secretKey,
-					}
-		*/
-
 		cwData := req.GetDatasourceInfo()
 		cwData.Namespace = reqParam.Parameters.Namespace
 
@@ -243,19 +228,10 @@ func handleGetDimensions(req *cwRequest, c *middleware.Context) {
 		}
 	} else {
 		var err error
-		assumeRoleArn := req.DataSource.JsonData.Get("assumeRoleArn").MustString()
-		accessKey := req.DataSource.JsonData.Get("accessKey").MustString()
-		secretKey := req.DataSource.JsonData.Get("secretKey").MustString()
-
-		cwDatasource := &datasourceInfo{
-			Region:        req.Region,
-			Namespace:     reqParam.Parameters.Namespace,
-			Profile:       req.DataSource.Database,
-			AssumeRoleArn: assumeRoleArn,
-			AccessKey:     accessKey,
-			SecretKey:     secretKey,
-		}
-		if dimensionValues, err = getDimensionsForCustomMetrics(cwDatasource, getAllMetrics); err != nil {
+		dsInfo := req.GetDatasourceInfo()
+		dsInfo.Namespace = reqParam.Parameters.Namespace
+
+		if dimensionValues, err = getDimensionsForCustomMetrics(dsInfo, getAllMetrics); err != nil {
 			c.JsonApiErr(500, "Unable to call AWS API", err)
 			return
 		}

pkg/api/datasources.go

@@ -215,5 +215,11 @@ func convertModelToDtos(ds *m.DataSource) dtos.DataSource {
 		dto.TLSAuth.ClientKeySet = len(ds.SecureJsonData["tlsClientKey"]) > 0
 	}
 
+	for k, v := range ds.SecureJsonData {
+		if len(v) > 0 {
+			dto.EncryptedFields = append(dto.EncryptedFields, k)
+		}
+	}
+
 	return dto
 }

pkg/api/dtos/models.go

@@ -64,24 +64,24 @@ type DashboardRedirect struct {
 }
 
 type DataSource struct {
-	Id                int64             `json:"id"`
-	OrgId             int64             `json:"orgId"`
-	Name              string            `json:"name"`
-	Type              string            `json:"type"`
-	TypeLogoUrl       string            `json:"typeLogoUrl"`
-	Access            m.DsAccess        `json:"access"`
-	Url               string            `json:"url"`
-	Password          string            `json:"password"`
-	User              string            `json:"user"`
-	Database          string            `json:"database"`
-	BasicAuth         bool              `json:"basicAuth"`
-	BasicAuthUser     string            `json:"basicAuthUser"`
-	BasicAuthPassword string            `json:"basicAuthPassword"`
-	WithCredentials   bool              `json:"withCredentials"`
-	IsDefault         bool              `json:"isDefault"`
-	JsonData          *simplejson.Json  `json:"jsonData,omitempty"`
-	SecureJsonData    map[string]string `json:"secureJsonData,omitempty"`
-	TLSAuth           TLSAuth           `json:"tlsAuth,omitempty"`
+	Id                int64            `json:"id"`
+	OrgId             int64            `json:"orgId"`
+	Name              string           `json:"name"`
+	Type              string           `json:"type"`
+	TypeLogoUrl       string           `json:"typeLogoUrl"`
+	Access            m.DsAccess       `json:"access"`
+	Url               string           `json:"url"`
+	Password          string           `json:"password"`
+	User              string           `json:"user"`
+	Database          string           `json:"database"`
+	BasicAuth         bool             `json:"basicAuth"`
+	BasicAuthUser     string           `json:"basicAuthUser"`
+	BasicAuthPassword string           `json:"basicAuthPassword"`
+	WithCredentials   bool             `json:"withCredentials"`
+	IsDefault         bool             `json:"isDefault"`
+	JsonData          *simplejson.Json `json:"jsonData,omitempty"`
+	TLSAuth           TLSAuth          `json:"tlsAuth,omitempty"`
+	EncryptedFields   []string         `json:"encryptedFields"`
 }
 
 // TLSAuth is used to show if TLS certs have been uploaded already

public/app/features/plugins/ds_edit_ctrl.ts

@@ -68,7 +68,6 @@ export class DataSourceEditCtrl {
       this.backendSrv.get('/api/datasources/' + id).then(ds => {
         this.isNew = false;
         this.current = ds;
-
         if (datasourceCreated) {
           datasourceCreated = false;
           this.testDatasource();

public/app/plugins/datasource/cloudwatch/config_ctrl.ts

@@ -7,10 +7,30 @@ export class CloudWatchConfigCtrl {
   static templateUrl = 'partials/config.html';
   current: any;
 
+  accessKeyExist: boolean = false;
+  secretKeyExist: boolean = false;
+
   /** @ngInject */
   constructor($scope) {
     this.current.jsonData.timeField = this.current.jsonData.timeField || '@timestamp';
     this.current.jsonData.authType = this.current.jsonData.authType || 'credentials';
+
+    for (let key of this.current.encryptedFields) {
+      if (key === "accessKey") {
+        this.accessKeyExist = true;
+      }
+      if (key === "secretKey") {
+        this.secretKeyExist = true;
+      }
+    }
+  }
+
+  resetAccessKey() {
+    this.accessKeyExist = false;
+  }
+
+  resetSecretKey() {
+    this.secretKeyExist = false;
   }
 
   authTypes = [

public/app/plugins/datasource/cloudwatch/partials/config.html

@@ -3,7 +3,7 @@
 <div class="gf-form-group max-width-30">
   <div class="gf-form">
     <label class="gf-form-label width-13">Auth Provider</label>
-    <select class="gf-form-input gf-size-auto" ng-model="ctrl.current.jsonData.authType" ng-options="f.value as f.name for f in ctrl.authTypes"></select>
+    <select class="gf-form-input gf-max-width-13" ng-model="ctrl.current.jsonData.authType" ng-options="f.value as f.name for f in ctrl.authTypes"></select>
   </div>
 
   <div class="gf-form" ng-show='ctrl.current.jsonData.authType == "credentials"'>
@@ -14,18 +14,22 @@
     </info-popover>
   </div>
   <div class="gf-form" ng-show='ctrl.current.jsonData.authType == "keys"'>
-    <label class="gf-form-label width-13">Access key</label>
-    <input type="text" class="gf-form-input max-width-18" ng-model='ctrl.current.secureJsonData.accessKey' placeholder="default"></input>
-    <info-popover mode="right-absolute">
-      AWS Access key id
-    </info-popover>
+    <label class="gf-form-label width-13">Access key </label>
+    <label class="gf-form-label width-13" ng-show="ctrl.accessKeyExist">Configured</label>
+    <a class="gf-form-button btn btn-danger btn-small" type="submit" ng-click="ctrl.resetAccessKey()" ng-show="ctrl.accessKeyExist">Reset</a>
+    <input type="text"
+      class="gf-form-input max-width-18"
+      ng-hide="ctrl.accessKeyExist"
+      ng-model='ctrl.current.secureJsonData.accessKey'></input>
   </div>
   <div class="gf-form" ng-show='ctrl.current.jsonData.authType == "keys"'>
     <label class="gf-form-label width-13">Secret key</label>
-    <input type="text" class="gf-form-input max-width-18" ng-model='ctrl.current.secureJsonData.secretKey' placeholder="default"></input>
-    <info-popover mode="right-absolute">
-      AWS Secret key
-    </info-popover>
+    <label class="gf-form-label width-13" ng-show="ctrl.secretKeyExist">Configured</label>
+    <a class="btn btn-danger gf-form-button btn-small" type="submit" ng-click="ctrl.resetSecretKey()" ng-show="ctrl.secretKeyExist">Reset</a>
+    <input type="text"
+      class="gf-form-input max-width-18"
+      ng-hide="ctrl.secretKeyExist"
+      ng-model='ctrl.current.secureJsonData.secretKey'></input>
   </div>
   <div class="gf-form" ng-show='ctrl.current.jsonData.authType == "arn"'>
     <label class="gf-form-label width-13">Assume Role ARN</label>