Browse Source

grafana: update to 7.4.2

This includes a fix for I216528a76307189d8d87bd2fcfeff95c6ceb53cc.
Now it's released we can be a bit more explicit about why we added the
workaround.

Change-Id: Ibaf1850549b5e7ec3622418b650bc5e59a289ab6
changes/53/776553/1
Ian Wienand 1 year ago
parent
commit
7577439ff8
  1. 2
      docker/grafana/Dockerfile
  2. 7
      playbooks/roles/grafana/templates/grafana.vhost.j2

2
docker/grafana/Dockerfile

@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
FROM docker.io/grafana/grafana:7.4.1-ubuntu
FROM docker.io/grafana/grafana:7.4.2-ubuntu
LABEL maintainer="infra-root@openstack.org"

7
playbooks/roles/grafana/templates/grafana.vhost.j2

@ -34,6 +34,13 @@
SSLCertificateKeyFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key
SSLCertificateChainFile /etc/letsencrypt-certs/{{ inventory_hostname }}/ca.cer
# NOTE(ianw) 2021-02-19
# This was for a security issue fixed in 7.4.2
# where anonymous users could cause a write to disk, fixed
# with
# https://github.com/grafana/grafana/pull/31263/
# We leave it because we don't use the API, but if we need
# it, we can remove this.
RewriteEngine on
RewriteRule "^/api/snapshots(.*?)$" "-" [F]

Loading…
Cancel
Save