* initial passwordless client
* passwordless login page
* Working basic e2e flow
* Add todo comments
* Improve the passwordless login flow
* improved passwordless login, backend for passwordless signup
* add expiration to emails
* update email templates & render username & name fields on signup
* improve email templates
* change login page text while awaiting passwordless code
* fix merge conflicts
* use claims.TypeUser
* add initial passwordless tests
* better error messages
* simplified error name
* remove completed TODOs
* linting & minor test improvements & rename passwordless routes
* more linting fixes
* move code generation to its own func, use locationService to get query params
* fix ampersand in email templates & use passwordless api routes in LoginCtrl
* txt emails more closely match html email copy
* move passwordless auth behind experimental feature toggle
* fix PasswordlessLogin property failing typecheck
* make update-workspace
* user correct placeholder
* Update emails/templates/passwordless_verify_existing_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_existing_user.mjml
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.mjml
Co-authored-by: Dan Cech <dcech@grafana.com>
* use & in email templates
* Update emails/templates/passwordless_verify_existing_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove IP address validation
* struct for passwordless settings
* revert go.work.sum changes
* mock locationService.getSearch in failing test
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
* Use a enable configuration to enable frontend sandbox
* Modify settings to load enableFrontendSandbox
* Check for signature type
* Update commment
* Fix e2e tests for the frontend sandbox
* Modify logic so a custom check function is used instead of a list of checks
* Fixes flaky test
* fix comment
* Update comment
* Empty commit
* Empty commit
* ManagedServiceAccounts: Add a config option to disabled by default
* Update log in pkg/services/extsvcauth/registry/service.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* allow post URL
* check for config
* allow relative paths
* add allowed internal pattern; add checks for method
* update defaults.ini
* add custom header
* update config comment
* use globbing, switch to older middleware - deprecated call
* add codeowner
* update to use current api, add test
* update fall through logic
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* add more tests
* Update pkg/middleware/validate_action_url_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* fix request headers
* add additional tests for all verbs
* fix request headers++
* throw error when method is unknown
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Brian Gann <bkgann@gmail.com>
Co-authored-by: Brian Gann <briangann@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
* update oauthtoken service to use remote cache and server lock
* remove token cache
* retry is lock is held by an in-flight refresh
* refactor token renewal to avoid race condition
* re-add refresh token expiry cache, but in SyncOauthTokenHook
* Add delta to the cache ttl
* Fix merge
* Change lockTimeConfig
* Always set the token from within the server lock
* Improvements
* early return when user is not authed by OAuth or refresh is disabled
* Allow more time for token refresh, tracing
* Retry on Mysql Deadlock error 1213
* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Add settings for configuring min wait time between retries
* Add docs for the new setting
* Clean up
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* add gms client function
* add timeout config for endpoint
* report events to gms
* fix lint error
* clean up report calls and make sure reports all have local ids
* extra validation
* improve error logging and fix url
* implement querying gms for snapshot status
* add some documentation
* provide snapshot resources after snapshot is created
* add rate limiting to backend
* fix compilation error
* fix typo
* add unit tests
* finish merge
* lint
* swagger gen
* more testing
* remove duplicate test
* address a couple PR comments
* update switch statement to a map
* add timeouts to gms client through the http client
* remove extra whitespace
* put method back where it was so the PR is less confusing
* fix tests
* add todo
* fix final unit test
* Cloud migrations: create snapshot and store it on disk
* fix merge conflicts
* implement StartSnapshot for gms client
* pass snapshot directory as argument to snapshot builder
* ensure snapshot folder is set
* make swagger-gen
* remove Test_ExecuteAsyncWorkflow
* pass signed in user to buildSnapshot method / use github.com/grafana/grafana-cloud-migration-snapshot to create snapshot files
* fix FakeServiceImpl.CreateSnapshot
* remove new line
* Alerting: Add setting for maximum allowed rule evaluation results
Added a new configuration setting `quota.alerting_rule_evaluation_results` to set the maximum number of alert rule evaluation results per rule. If the limit is exceeded, the evaluation will result in an error.
* Simple replace of State.Resolved with State.ResolvedAt
* Retain ResolvedAt time between Normal->Normal transition
* Introduce ResolvedRetention to keep sending recently resolved alerts
* Make ResolvedRetention configurable with resolved_alert_retention
* Tick-based LastSentAt for testing of ResendDelay and ResolvedRetention
* Do not reset ResolvedAt during Normal->Pending transition
Initially this was done to be inline with Prom ruler. However, Prom ruler
doesn't keep track of Inactive->Pending/Alerting using the same alert instance,
so it's more understandable that they choose not to retain ResolvedAt. In our
case, since we use the same cached instance to represent the transition, it
makes more sense to retain it.
This should help alleviate some odd situations where temporarily entering
Pending will stop future resolved notifications that would have happened
because of ResolvedRetention.
* Pointers for ResolvedAt & LastSentAt
To avoid awkward time.Time{}.Unix() defaults on persist
* Docs: Update "Configure high availability" guide with ha_reconnect_timeout configuration
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Auth: Implement org role mapping for google oauth provider
* Update docs
* Remove unused function
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
