Security fixes (#425)

* WIP: Fix XSS in runbook URL (#378)

(cherry picked from commit f4a8d96a4e1259ea25d9cc702a652f1b819db236)
(cherry picked from commit 337c08507b2b1c78ea470192d34cf611fae4b5da)
(cherry picked from commit 54b36a07406ed4e26ff8e161e50eda5401f504da)

* Update grabpl version

(cherry picked from commit b253e87d730f7b8aabdd0b328c5e7a82547c43b3)
(cherry picked from commit 080d3e46f3fcd61555795b9fe8fd6ee2492b422a)

* sign drone.yml

* Fix: Choose Lookup params per auth module

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

Fix: Prefer pointer to struct in lookup

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

Fix: user email for ldap

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

Fix: Use only login for lookup in LDAP

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

Fix: use user email for ldap

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

fix remaining test

fix nit picks

(cherry picked from commit 1eca4aeed878853743cebcf9790b05dd350c4f83)
(cherry picked from commit 0777d100e9263d08f51dbac71aee0766c8a85a92)

Co-authored-by: George Robinson <george.robinson@grafana.com>
Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: jguer <joao.guerreiro@grafana.com>

This commit is contained in:

Drew Slobodnjak

2022-07-14 11:25:13 -07:00

committed by

GitHub

parent d1f854e071

commit 4e69bd67be

3 changed files with 41 additions and 41 deletions

									
										scripts/drone/steps/lib.star
									
		+1
		-1
	
												View File
												
				@@ -1,6 +1,6 @@

				load('scripts/drone/vault.star', 'from_secret', 'github_token', 'pull_secret', 'drone_token', 'prerelease_bucket')

				grabpl_version = 'v2.9.50'

				grabpl_version = 'v2.9.52'

				build_image = 'grafana/build-container:1.5.5'

				publish_image = 'grafana/grafana-ci-deploy:1.3.1'

				deploy_docker_image = 'us.gcr.io/kubernetes-dev/drone/plugins/deploy-image'