From fb5a7acc7324018a1dd745f0f1aed797bc611ee1 Mon Sep 17 00:00:00 2001
From: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
Date: Mon, 27 Mar 2023 11:00:37 -0500
Subject: [PATCH] Plugins: Add cloudwatch support with the secure socks proxy
 (#65303)

* Plugins: enable secure socks proxy on cloudwatch with workaround
---
 pkg/tsdb/cloudwatch/cloudwatch.go             | 22 ++++++++++++++++---
 pkg/tsdb/cloudwatch/models/settings.go        |  3 ++-
 .../cloudwatch/components/ConfigEditor.tsx    |  8 +++++--
 3 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/pkg/tsdb/cloudwatch/cloudwatch.go b/pkg/tsdb/cloudwatch/cloudwatch.go
index c87b77717b7..b66a5fb3b2d 100644
--- a/pkg/tsdb/cloudwatch/cloudwatch.go
+++ b/pkg/tsdb/cloudwatch/cloudwatch.go
@@ -99,7 +99,12 @@ func NewInstanceSettings(httpClientProvider httpclient.Provider) datasource.Inst
 			return nil, fmt.Errorf("error reading settings: %w", err)
 		}
 
-		httpClient, err := httpClientProvider.New()
+		opts, err := settings.HTTPClientOptions()
+		if err != nil {
+			return nil, err
+		}
+
+		httpClient, err := httpClientProvider.New(opts)
 		if err != nil {
 			return nil, fmt.Errorf("error creating http client: %w", err)
 		}
@@ -245,9 +250,9 @@ func (e *cloudWatchExecutor) newSession(pluginCtx backend.PluginContext, region
 		region = instance.Settings.Region
 	}
 
-	return e.sessions.GetSession(awsds.SessionConfig{
+	sess, err := e.sessions.GetSession(awsds.SessionConfig{
 		// https://github.com/grafana/grafana/issues/46365
-		// HTTPClient: dsInfo.HTTPClient,
+		// HTTPClient: instance.HTTPClient,
 		Settings: awsds.AWSDatasourceSettings{
 			Profile:       instance.Settings.Profile,
 			Region:        region,
@@ -261,6 +266,17 @@ func (e *cloudWatchExecutor) newSession(pluginCtx backend.PluginContext, region
 		},
 		UserAgentName: aws.String("Cloudwatch"),
 	})
+	if err != nil {
+		return nil, err
+	}
+
+	// work around until https://github.com/grafana/grafana/issues/39089 is implemented
+	if e.cfg.SecureSocksDSProxy.Enabled && e.features.IsEnabled(featuremgmt.FlagSecureSocksDatasourceProxy) && instance.Settings.SecureSocksProxyEnabled {
+		// only update the transport to try to avoid the issue mentioned here https://github.com/grafana/grafana/issues/46365
+		sess.Config.HTTPClient.Transport = instance.HTTPClient.Transport
+	}
+
+	return sess, nil
 }
 
 func (e *cloudWatchExecutor) getInstance(pluginCtx backend.PluginContext) (*DataSource, error) {
diff --git a/pkg/tsdb/cloudwatch/models/settings.go b/pkg/tsdb/cloudwatch/models/settings.go
index 1f2cab0c3f0..e02ea2f2c4a 100644
--- a/pkg/tsdb/cloudwatch/models/settings.go
+++ b/pkg/tsdb/cloudwatch/models/settings.go
@@ -10,7 +10,8 @@ import (
 
 type CloudWatchSettings struct {
 	awsds.AWSDatasourceSettings
-	Namespace string `json:"customMetricsNamespaces"`
+	Namespace               string `json:"customMetricsNamespaces"`
+	SecureSocksProxyEnabled bool   `json:"enableSecureSocksProxy"` // this can be removed when https://github.com/grafana/grafana/issues/39089 is implemented
 }
 
 func LoadCloudWatchSettings(config backend.DataSourceInstanceSettings) (CloudWatchSettings, error) {
diff --git a/public/app/plugins/datasource/cloudwatch/components/ConfigEditor.tsx b/public/app/plugins/datasource/cloudwatch/components/ConfigEditor.tsx
index 7e84b93d9db..17229ff62b4 100644
--- a/public/app/plugins/datasource/cloudwatch/components/ConfigEditor.tsx
+++ b/public/app/plugins/datasource/cloudwatch/components/ConfigEditor.tsx
@@ -8,8 +8,9 @@ import {
   onUpdateDatasourceJsonDataOption,
   updateDatasourcePluginJsonDataOption,
 } from '@grafana/data';
-import { Input, InlineField, FieldProps } from '@grafana/ui';
+import { Input, InlineField, FieldProps, SecureSocksProxySettings } from '@grafana/ui';
 import { notifyApp } from 'app/core/actions';
+import { config } from 'app/core/config';
 import { createWarningNotification } from 'app/core/copy/appNotification';
 import { getDatasourceSrv } from 'app/features/plugins/datasource_srv';
 import { store } from 'app/store/store';
@@ -66,6 +67,10 @@ export const ConfigEditor = (props: Props) => {
         </InlineField>
       </ConnectionConfig>
 
+      {config.featureToggles.secureSocksDatasourceProxy && (
+        <SecureSocksProxySettings options={options} onOptionsChange={onOptionsChange} />
+      )}
+
       <h3 className="page-heading">CloudWatch Logs</h3>
       <div className="gf-form-group">
         <InlineField
@@ -124,7 +129,6 @@ export const ConfigEditor = (props: Props) => {
           />
         </InlineField>
       </div>
-
       <XrayLinkConfig
         onChange={(uid) => updateDatasourcePluginJsonDataOption(props, 'tracingDatasourceUid', uid)}
         datasourceUid={options.jsonData.tracingDatasourceUid}