updated backend

Merge remote-tracking branch 'origin' into sriram/postgres-config-page-tls-regrouping
Postgres: Regroup config page for TLS related settings
2025-12-20 19:44:55 +08:00 · 2025-07-16 10:38:26 +01:00 · 2025-07-07 16:27:12 +01:00 · 2025-07-07 11:40:43 +01:00
8 changed files with 378 additions and 132 deletions
--- a/pkg/tsdb/grafana-postgresql-datasource/connection_string.go
+++ b/pkg/tsdb/grafana-postgresql-datasource/connection_string.go
@@ -0,0 +1,142 @@
 package postgres
 import (
 	"errors"
 	"fmt"
 	"strconv"
 	"strings"
 	"github.com/grafana/grafana-plugin-sdk-go/backend/log"
 	"github.com/grafana/grafana/pkg/tsdb/grafana-postgresql-datasource/sqleng"
 	"github.com/lib/pq"
 )
 func GenerateConnectionString(dsInfo sqleng.DataSourceInfo, tlsManager tlsSettingsProvider, logger log.Logger) (string, error) {
 	connStr, err := getInitialConnectionString(dsInfo, logger)
 	if err != nil {
 		return connStr, err
 	}
 	return getTLSIncludedConnectionString(connStr, tlsManager, dsInfo, logger)
 }
 func getInitialConnectionString(dsInfo sqleng.DataSourceInfo, logger log.Logger) (string, error) {
 	if dsInfo.JsonData.ConnectionType == sqleng.ConnectionTypeConnectionString {
 		return dsInfo.DecryptedSecureJSONData["connectionString"], validateConnectionString(dsInfo)
 	}
 	var host string
 	var port int
 	if strings.HasPrefix(dsInfo.URL, "/") {
 		host = dsInfo.URL
 		logger.Debug("Generating connection string with Unix socket specifier", "address", dsInfo.URL)
 	} else {
 		index := strings.LastIndex(dsInfo.URL, ":")
 		v6Index := strings.Index(dsInfo.URL, "]")
 		sp := strings.SplitN(dsInfo.URL, ":", 2)
 		host = sp[0]
 		if v6Index == -1 {
 			if len(sp) > 1 {
 				var err error
 				port, err = strconv.Atoi(sp[1])
 				if err != nil {
 					logger.Debug("Error parsing the IPv4 address", "address", dsInfo.URL)
 					return "", sqleng.ErrParsingPostgresURL
 				}
 				logger.Debug("Generating IPv4 connection string with network host/port pair", "host", host, "port", port, "address", dsInfo.URL)
 			} else {
 				logger.Debug("Generating IPv4 connection string with network host", "host", host, "address", dsInfo.URL)
 			}
 		} else {
 			if index == v6Index+1 {
 				host = dsInfo.URL[1 : index-1]
 				var err error
 				port, err = strconv.Atoi(dsInfo.URL[index+1:])
 				if err != nil {
 					logger.Debug("Error parsing the IPv6 address", "address", dsInfo.URL)
 					return "", sqleng.ErrParsingPostgresURL
 				}
 				logger.Debug("Generating IPv6 connection string with network host/port pair", "host", host, "port", port, "address", dsInfo.URL)
 			} else {
 				host = dsInfo.URL[1 : len(dsInfo.URL)-1]
 				logger.Debug("Generating IPv6 connection string with network host", "host", host, "address", dsInfo.URL)
 			}
 		}
 	}
 	connStr := fmt.Sprintf("user='%s' password='%s' host='%s' dbname='%s'",
 		escape(dsInfo.User), escape(dsInfo.DecryptedSecureJSONData["password"]), escape(host), escape(dsInfo.Database))
 	if port > 0 {
 		connStr += fmt.Sprintf(" port=%d", port)
 	}
 	return connStr, nil
 }
 func getTLSIncludedConnectionString(connStr string, tlsManager tlsSettingsProvider, dsInfo sqleng.DataSourceInfo, logger log.Logger) (string, error) {
 	tlsSettings, err := tlsManager.getTLSSettings(dsInfo)
 	if err != nil {
 		return "", err
 	}
 	if dsInfo.JsonData.ConnectionType == sqleng.ConnectionTypeConnectionString {
 		connStr, err = removeTLSSettingsFromConnectionString(connStr)
 		if err != nil {
 			return connStr, err
 		}
 	}
 	connStr += fmt.Sprintf(" sslmode='%s'", escape(string(tlsSettings.Mode)))
 	// there is an issue with the lib/pq module, the `verify-ca` tls mode
 	// does not work correctly. ( see https://github.com/lib/pq/issues/1106 )
 	// to workaround the problem, if the `verify-ca` mode is chosen,
 	// we disable sslsni.
 	if tlsSettings.Mode == TLSModeVerifyCA {
 		connStr += " sslsni=0"
 	}
 	// Attach root certificate if provided
 	if tlsSettings.RootCertFile != "" {
 		logger.Debug("Setting server root certificate", "tlsRootCert", tlsSettings.RootCertFile)
 		connStr += fmt.Sprintf(" sslrootcert='%s'", escape(tlsSettings.RootCertFile))
 	}
 	// Attach client certificate and key if both are provided
 	if tlsSettings.CertFile != "" && tlsSettings.CertKeyFile != "" {
 		logger.Debug("Setting TLS/SSL client auth", "tlsCert", tlsSettings.CertFile, "tlsKey", tlsSettings.CertKeyFile)
 		connStr += fmt.Sprintf(" sslcert='%s' sslkey='%s'", escape(tlsSettings.CertFile), escape(tlsSettings.CertKeyFile))
 	} else if tlsSettings.CertFile != "" || tlsSettings.CertKeyFile != "" {
 		return "", fmt.Errorf("TLS/SSL client certificate and key must both be specified")
 	}
 	return connStr, nil
 }
 func validateConnectionString(dsInfo sqleng.DataSourceInfo) error {
 	connectionString := strings.ToLower(dsInfo.DecryptedSecureJSONData["connectionString"])
 	if dsInfo.JsonData.ConnectionType == sqleng.ConnectionTypeConnectionString && strings.TrimSpace(connectionString) == "" {
 		return errors.New("invalid / empty connection string")
 	}
 	return nil
 }
 func removeTLSSettingsFromConnectionString(connStr string) (string, error) {
 	sslPrefixes := []string{"sslmode", "sslsni", "sslrootcert", "sslcert", "sslkey"}
 	parsedConnectionString, err := pq.ParseURL(connStr)
 	if err != nil {
 		return "", err
 	}
 	kv := strings.Split(parsedConnectionString, " ")
 	newKv := []string{}
 	for _, v := range kv {
 		lowerV := strings.ToLower(v)
 		isSSLParam := false
 		for _, prefix := range sslPrefixes {
 			if strings.HasPrefix(lowerV, prefix) {
 				isSSLParam = true
 				break
 			}
 		}
 		if !isSSLParam {
 			newKv = append(newKv, v)
 		}
 	}
 	return strings.Join(newKv, " "), nil
 }
--- a/pkg/tsdb/grafana-postgresql-datasource/connection_string_test.go
+++ b/pkg/tsdb/grafana-postgresql-datasource/connection_string_test.go
@@ -0,0 +1,91 @@
 package postgres
 import (
 	"testing"
 	"github.com/grafana/grafana-plugin-sdk-go/backend/log"
 	"github.com/grafana/grafana/pkg/tsdb/grafana-postgresql-datasource/sqleng"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestGenerateConnectionString(t *testing.T) {
 	tests := []struct {
 		name        string
 		dsInfo      sqleng.DataSourceInfo
 		tlsSettings *tlsSettings
 		want        string
 		wantErr     error
 	}{
 		{
 			name: "default settings shouldn't throw error",
 			want: "user='' password='' host='' dbname='' sslmode=''",
 		},
 		{
 			name:        "default settings with host, port, dbname",
 			dsInfo:      sqleng.DataSourceInfo{URL: "host:1234", User: "user", Database: "db", DecryptedSecureJSONData: map[string]string{"password": "pass"}},
 			tlsSettings: &tlsSettings{Mode: "require"},
 			want:        "user='user' password='pass' host='host' dbname='db' port=1234 sslmode='require'",
 		},
 		{
 			name:        "default settings with host, port, dbname",
 			dsInfo:      sqleng.DataSourceInfo{URL: "host:1234", User: "user", Database: "db", DecryptedSecureJSONData: map[string]string{"password": "pass"}},
 			tlsSettings: &tlsSettings{Mode: "verify-ca", ConfigurationMethod: "file-content", RootCertFile: "root", CertFile: "cert", CertKeyFile: "key"},
 			want:        "user='user' password='pass' host='host' dbname='db' port=1234 sslmode='verify-ca' sslsni=0 sslrootcert='root' sslcert='cert' sslkey='key'",
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			tlssettings := tt.tlsSettings
 			if tlssettings == nil {
 				tlssettings = &tlsSettings{}
 			}
 			tlsManager := &tlsTestManager{settings: *tlssettings}
 			got, err := GenerateConnectionString(tt.dsInfo, tlsManager, log.DefaultLogger)
 			if tt.wantErr != nil {
 				require.NotNil(t, err)
 				assert.Equal(t, tt.wantErr, err)
 				return
 			}
 			require.Nil(t, err)
 			assert.Equal(t, tt.want, got)
 		})
 	}
 }
 func Test_removeTLSSettingsFromConnectionString(t *testing.T) {
 	tests := []struct {
 		name    string
 		connStr string
 		want    string
 		wantErr error
 	}{
 		{
 			name:    "should send original connection string if no ssl settings present",
 			connStr: "postgres://bob:secret@1.2.3.4:5432/mydb",
 			want:    "dbname='mydb' host='1.2.3.4' password='secret' port='5432' user='bob'",
 		},
 		{
 			name:    "should remove sslmode",
 			connStr: "postgres://bob:secret@1.2.3.4:5432/mydb?sslmode=verify-full",
 			want:    "dbname='mydb' host='1.2.3.4' password='secret' port='5432' user='bob'",
 		},
 		{
 			name:    "should respect case sensitive password",
 			connStr: "postgres://bob:sEcret@1.2.3.4:5432/mydb?sslmode=verify-full",
 			want:    "dbname='mydb' host='1.2.3.4' password='sEcret' port='5432' user='bob'",
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			got, err := removeTLSSettingsFromConnectionString(tt.connStr)
 			if tt.wantErr != nil {
 				require.NotNil(t, err)
 				assert.Equal(t, tt.wantErr, err)
 				return
 			}
 			require.Nil(t, err)
 			assert.Equal(t, tt.want, got)
 		})
 	}
 }
--- a/pkg/tsdb/grafana-postgresql-datasource/postgres.go
+++ b/pkg/tsdb/grafana-postgresql-datasource/postgres.go
@@ -118,7 +118,7 @@ func (s *Service) newInstanceSettings() datasource.InstanceFactoryFunc {
 			MaxIdleConns:        sqlCfg.DefaultMaxIdleConns,
 			ConnMaxLifetime:     sqlCfg.DefaultMaxConnLifetimeSeconds,
 			Timescaledb:         false,
-			ConfigurationMethod: "file-path",
+			ConfigurationMethod: string(TLSConfigurationMethodFilePath),
 			SecureDSProxy:       false,
 		}
@@ -143,7 +143,7 @@ func (s *Service) newInstanceSettings() datasource.InstanceFactoryFunc {
 			DecryptedSecureJSONData: settings.DecryptedSecureJSONData,
 		}
-		cnnstr, err := s.generateConnectionString(dsInfo)
+		cnnstr, err := GenerateConnectionString(dsInfo, s.tlsManager, logger)
 		if err != nil {
 			return nil, err
 		}
@@ -170,86 +170,6 @@ func escape(input string) string {
 	return strings.ReplaceAll(strings.ReplaceAll(input, `\`, `\\`), "'", `\'`)
 }
 func (s *Service) generateConnectionString(dsInfo sqleng.DataSourceInfo) (string, error) {
 	logger := s.logger
 	var host string
 	var port int
 	if strings.HasPrefix(dsInfo.URL, "/") {
 		host = dsInfo.URL
 		logger.Debug("Generating connection string with Unix socket specifier", "address", dsInfo.URL)
 	} else {
 		index := strings.LastIndex(dsInfo.URL, ":")
 		v6Index := strings.Index(dsInfo.URL, "]")
 		sp := strings.SplitN(dsInfo.URL, ":", 2)
 		host = sp[0]
 		if v6Index == -1 {
 			if len(sp) > 1 {
 				var err error
 				port, err = strconv.Atoi(sp[1])
 				if err != nil {
 					logger.Debug("Error parsing the IPv4 address", "address", dsInfo.URL)
 					return "", sqleng.ErrParsingPostgresURL
 				}
 				logger.Debug("Generating IPv4 connection string with network host/port pair", "host", host, "port", port, "address", dsInfo.URL)
 			} else {
 				logger.Debug("Generating IPv4 connection string with network host", "host", host, "address", dsInfo.URL)
 			}
 		} else {
 			if index == v6Index+1 {
 				host = dsInfo.URL[1 : index-1]
 				var err error
 				port, err = strconv.Atoi(dsInfo.URL[index+1:])
 				if err != nil {
 					logger.Debug("Error parsing the IPv6 address", "address", dsInfo.URL)
 					return "", sqleng.ErrParsingPostgresURL
 				}
 				logger.Debug("Generating IPv6 connection string with network host/port pair", "host", host, "port", port, "address", dsInfo.URL)
 			} else {
 				host = dsInfo.URL[1 : len(dsInfo.URL)-1]
 				logger.Debug("Generating IPv6 connection string with network host", "host", host, "address", dsInfo.URL)
 			}
 		}
 	}
 	connStr := fmt.Sprintf("user='%s' password='%s' host='%s' dbname='%s'",
 		escape(dsInfo.User), escape(dsInfo.DecryptedSecureJSONData["password"]), escape(host), escape(dsInfo.Database))
 	if port > 0 {
 		connStr += fmt.Sprintf(" port=%d", port)
 	}
 	tlsSettings, err := s.tlsManager.getTLSSettings(dsInfo)
 	if err != nil {
 		return "", err
 	}
 	connStr += fmt.Sprintf(" sslmode='%s'", escape(tlsSettings.Mode))
 	// there is an issue with the lib/pq module, the `verify-ca` tls mode
 	// does not work correctly. ( see https://github.com/lib/pq/issues/1106 )
 	// to workaround the problem, if the `verify-ca` mode is chosen,
 	// we disable sslsni.
 	if tlsSettings.Mode == "verify-ca" {
 		connStr += " sslsni=0"
 	}
 	// Attach root certificate if provided
 	if tlsSettings.RootCertFile != "" {
 		logger.Debug("Setting server root certificate", "tlsRootCert", tlsSettings.RootCertFile)
 		connStr += fmt.Sprintf(" sslrootcert='%s'", escape(tlsSettings.RootCertFile))
 	}
 	// Attach client certificate and key if both are provided
 	if tlsSettings.CertFile != "" && tlsSettings.CertKeyFile != "" {
 		logger.Debug("Setting TLS/SSL client auth", "tlsCert", tlsSettings.CertFile, "tlsKey", tlsSettings.CertKeyFile)
 		connStr += fmt.Sprintf(" sslcert='%s' sslkey='%s'", escape(tlsSettings.CertFile), escape(tlsSettings.CertKeyFile))
 	} else if tlsSettings.CertFile != "" || tlsSettings.CertKeyFile != "" {
 		return "", fmt.Errorf("TLS/SSL client certificate and key must both be specified")
 	}
 	logger.Debug("Generated Postgres connection string successfully")
 	return connStr, nil
 }
 type postgresQueryResultTransformer struct{}
 func (t *postgresQueryResultTransformer) TransformQueryError(_ log.Logger, err error) error {
--- a/pkg/tsdb/grafana-postgresql-datasource/postgres_test.go
+++ b/pkg/tsdb/grafana-postgresql-datasource/postgres_test.go
@@ -146,8 +146,9 @@ func TestIntegrationGenerateConnectionString(t *testing.T) {
 	}
 	for _, tt := range testCases {
 		t.Run(tt.desc, func(t *testing.T) {
 			tlsManager := &tlsTestManager{settings: tt.tlsSettings}
 			svc := Service{
-				tlsManager: &tlsTestManager{settings: tt.tlsSettings},
+				tlsManager: tlsManager,
 				logger:     backend.NewLoggerWith("logger", "tsdb.postgres"),
 			}
@@ -159,7 +160,7 @@ func TestIntegrationGenerateConnectionString(t *testing.T) {
 				UID:                     tt.uid,
 			}
-			connStr, err := svc.generateConnectionString(ds)
+			connStr, err := GenerateConnectionString(ds, tlsManager, svc.logger)
 			if tt.expErr == "" {
 				require.NoError(t, err, tt.desc)
--- a/pkg/tsdb/grafana-postgresql-datasource/sqleng/sql_engine.go
+++ b/pkg/tsdb/grafana-postgresql-datasource/sqleng/sql_engine.go
@@ -37,7 +37,16 @@ type SqlQueryResultTransformer interface {
 	GetConverterList() []sqlutil.StringConverter
 }
 type ConnectionType string
 const (
 	ConnectionTypeDefault          ConnectionType = "default"
 	ConnectionTypeConnectionString ConnectionType = "connectionString"
 )
 type JsonData struct {
 	ConnectionType ConnectionType `json:"connectionType"`
 	MaxOpenConns            int    `json:"maxOpenConns"`
 	MaxIdleConns            int    `json:"maxIdleConns"`
 	ConnMaxLifetime         int    `json:"connMaxLifetime"`
--- a/pkg/tsdb/grafana-postgresql-datasource/tlsmanager.go
+++ b/pkg/tsdb/grafana-postgresql-datasource/tlsmanager.go
@@ -47,9 +47,25 @@ func newTLSManager(logger log.Logger, dataPath string) tlsSettingsProvider {
 	}
 }
 type TLSMode string
 const (
 	TLSModeDisable    TLSMode = "disable"
 	TLSModeRequire    TLSMode = "require"
 	TLSModeVerifyCA   TLSMode = "verify-ca"
 	TLSModeVerifyFull TLSMode = "verify-full"
 )
 type TLSConfigurationMethod string
 const (
 	TLSConfigurationMethodFilePath    TLSConfigurationMethod = "file-path"
 	TLSConfigurationMethodFileContent TLSConfigurationMethod = "file-content"
 )
 type tlsSettings struct {
-	Mode                string
+	Mode                TLSMode
-	ConfigurationMethod string
+	ConfigurationMethod TLSConfigurationMethod
 	RootCertFile        string
 	CertFile            string
 	CertKeyFile         string
@@ -57,10 +73,10 @@ type tlsSettings struct {
 func (m *tlsManager) getTLSSettings(dsInfo sqleng.DataSourceInfo) (tlsSettings, error) {
 	tlsconfig := tlsSettings{
-		Mode: dsInfo.JsonData.Mode,
+		Mode: TLSMode(dsInfo.JsonData.Mode),
 	}
-	isTLSDisabled := (tlsconfig.Mode == "disable")
+	isTLSDisabled := (tlsconfig.Mode == TLSModeDisable)
 	if isTLSDisabled {
 		m.logger.Debug("Postgres TLS/SSL is disabled")
@@ -69,12 +85,12 @@ func (m *tlsManager) getTLSSettings(dsInfo sqleng.DataSourceInfo) (tlsSettings,
 	m.logger.Debug("Postgres TLS/SSL is enabled", "tlsMode", tlsconfig.Mode)
-	tlsconfig.ConfigurationMethod = dsInfo.JsonData.ConfigurationMethod
+	tlsconfig.ConfigurationMethod = TLSConfigurationMethod(dsInfo.JsonData.ConfigurationMethod)
 	tlsconfig.RootCertFile = dsInfo.JsonData.RootCertFile
 	tlsconfig.CertFile = dsInfo.JsonData.CertFile
 	tlsconfig.CertKeyFile = dsInfo.JsonData.CertKeyFile
-	if tlsconfig.ConfigurationMethod == "file-content" {
+	if tlsconfig.ConfigurationMethod == TLSConfigurationMethodFileContent {
 		if err := m.writeCertFiles(dsInfo, &tlsconfig); err != nil {
 			return tlsconfig, err
 		}
--- a/public/app/plugins/datasource/grafana-postgresql-datasource/configuration/ConfigurationEditor.tsx
+++ b/public/app/plugins/datasource/grafana-postgresql-datasource/configuration/ConfigurationEditor.tsx
@@ -17,6 +17,7 @@ import {
  SecretInput,
  Field,
  Tooltip,
  RadioButtonGroup,
  Label,
  Icon,
  Switch,
@@ -24,7 +25,13 @@ import {
  Collapse,
 } from '@grafana/ui';
-import { PostgresOptions, PostgresTLSMethods, PostgresTLSModes, SecureJsonData } from '../types';
+import {
  PostgresConnectionType,
  PostgresOptions,
  PostgresTLSMethods,
  PostgresTLSModes,
  SecureJsonData,
 } from '../types';
 import { useAutoDetectFeatures } from './useAutoDetectFeatures';
@@ -58,6 +65,10 @@ export const PostgresConfigEditor = (props: DataSourcePluginOptionsEditorProps<P
    updateDatasourcePluginResetOption(props, 'password');
  };
  const onResetConnectionString = () => {
    updateDatasourcePluginResetOption(props, 'connectionString');
  };
  const tlsModes: Array<SelectableValue<PostgresTLSModes>> = [
    { value: PostgresTLSModes.disable, label: 'disable' },
    { value: PostgresTLSModes.require, label: 'require' },
@@ -80,6 +91,13 @@ export const PostgresConfigEditor = (props: DataSourcePluginOptionsEditorProps<P
    updateDatasourcePluginJsonDataOption(props, 'timescaledb', event.currentTarget.checked);
  };
  const onConnectionTypeChanged = (connectionType: PostgresConnectionType) => {
    updateDatasourcePluginJsonDataOption(props, 'connectionType', connectionType);
    if (connectionType === 'connectionString') {
      onOptionsChange({ ...options, url: options.url || 'localhost:5432', jsonData: { ...jsonData, connectionType } });
    }
  };
  const onDSOptionChanged = (property: keyof PostgresOptions) => {
    return (event: SyntheticEvent<HTMLInputElement>) => {
      onOptionsChange({ ...options, ...{ [property]: event.currentTarget.value } });
@@ -88,6 +106,8 @@ export const PostgresConfigEditor = (props: DataSourcePluginOptionsEditorProps<P
  const WIDTH_LONG = 40;
  const EXAMPLE_CONNECTION_STRING = 'postgresql://username:password@localhost:5432/database_name?connect_timeout=10';
  return (
    <>
      <DataSourceDescription
@@ -110,49 +130,91 @@ export const PostgresConfigEditor = (props: DataSourcePluginOptionsEditorProps<P
      <Divider />
      <ConfigSection title="Connection">
-        <Field label="Host URL" required>
+        <Field label="Connection Type" noMargin={false}>
-          <Input
+          <RadioButtonGroup<PostgresConnectionType>
-            width={WIDTH_LONG}
+            value={jsonData.connectionType || 'default'}
-            name="host"
+            options={[
-            type="text"
+              { value: 'default', label: 'Connection Parameters' },
-            value={options.url || ''}
+              { value: 'connectionString', label: 'Connection String' },
-            placeholder="localhost:5432"
+            ]}
-            onChange={onDSOptionChanged('url')}
+            onChange={onConnectionTypeChanged}
          />
        </Field>
        <Field label="Database name" required>
          <Input
            width={WIDTH_LONG}
            name="database"
            value={jsonData.database || ''}
            placeholder="Database"
            onChange={onUpdateDatasourceJsonDataOption(props, 'database')}
          />
        </Field>
      </ConfigSection>
      <Divider />
      <ConfigSection title="Authentication">
        <Field label="Username" required>
          <Input
            width={WIDTH_LONG}
            value={options.user || ''}
            placeholder="Username"
            onChange={onDSOptionChanged('user')}
          />
        </Field>
        <Field label="Password" required>
          <SecretInput
            width={WIDTH_LONG}
            placeholder="Password"
            isConfigured={options.secureJsonFields && options.secureJsonFields.password}
            onReset={onResetPassword}
            onBlur={onUpdateDatasourceSecureJsonDataOption(props, 'password')}
          />
        </Field>
        {jsonData.connectionType === 'connectionString' && (
          <Field
            noMargin={false}
            label={
              <Label>
                <EditorStack gap={0.5}>
                  <span>Connection String</span>
                  <Tooltip
                    content={
                      <span>
                        Postgres connection string.
                        <br />
                        Example: "{EXAMPLE_CONNECTION_STRING}".
                        <br />
                        Note: Don't include the TLS/SSL related settings here. Use "TLS/SSL Auth Details" section
                        instead.
                      </span>
                    }
                  >
                    <Icon name="info-circle" size="sm" />
                  </Tooltip>
                </EditorStack>
              </Label>
            }
            required
          >
            <SecretInput
              width={WIDTH_LONG}
              placeholder={EXAMPLE_CONNECTION_STRING}
              isConfigured={options.secureJsonFields && options.secureJsonFields.connectionString}
              onReset={onResetConnectionString}
              onBlur={onUpdateDatasourceSecureJsonDataOption(props, 'connectionString')}
            />
          </Field>
        )}
        {jsonData.connectionType !== 'connectionString' && (
          <>
            <Field label="Host URL" required>
              <Input
                width={WIDTH_LONG}
                name="host"
                type="text"
                value={options.url || ''}
                placeholder="localhost:5432"
                onChange={onDSOptionChanged('url')}
              />
            </Field>
            <Field label="Database name" required>
              <Input
                width={WIDTH_LONG}
                name="database"
                value={jsonData.database || ''}
                placeholder="Database"
                onChange={onUpdateDatasourceJsonDataOption(props, 'database')}
              />
            </Field>
            <Field label="Username" required>
              <Input
                width={WIDTH_LONG}
                value={options.user || ''}
                placeholder="Username"
                onChange={onDSOptionChanged('user')}
              />
            </Field>
            <Field label="Password" required>
              <SecretInput
                width={WIDTH_LONG}
                placeholder="Password"
                isConfigured={options.secureJsonFields && options.secureJsonFields.password}
                onReset={onResetPassword}
                onBlur={onUpdateDatasourceSecureJsonDataOption(props, 'password')}
              />
            </Field>
          </>
        )}
      </ConfigSection>
      <Divider />
--- a/public/app/plugins/datasource/grafana-postgresql-datasource/types.ts
+++ b/public/app/plugins/datasource/grafana-postgresql-datasource/types.ts
@@ -11,7 +11,11 @@ export enum PostgresTLSMethods {
  filePath = 'file-path',
  fileContent = 'file-content',
 }
 export type PostgresConnectionType = 'default' | 'connectionString';
 export interface PostgresOptions extends SQLOptions {
  connectionType?: PostgresConnectionType;
  tlsConfigurationMethod?: PostgresTLSMethods;
  sslmode?: PostgresTLSModes;
  sslRootCertFile?: string;
@@ -24,4 +28,5 @@ export interface PostgresOptions extends SQLOptions {
 export interface SecureJsonData {
  password?: string;
  connectionString?: string;
 }
Author	SHA1	Message	Date
yesoreyeram	97b8e98a2e	updated backend Some checks failed CodeQL checks / Analyze (actions) (push) Has been cancelled Details CodeQL checks / Analyze (go) (push) Has been cancelled Details CodeQL checks / Analyze (javascript) (push) Has been cancelled Details	2025-07-16 10:38:26 +01:00
yesoreyeram	6518ae1398	Merge remote-tracking branch 'origin' into sriram/postgres-config-page-tls-regrouping	2025-07-07 16:27:12 +01:00
yesoreyeram	8cf48c7180	Postgres: Regroup config page for TLS related settings	2025-07-07 11:40:43 +01:00