* Add database migrations
* Use short uids as data key ids
* Add support for manual data key rotation
* Fix duplicated mutex unlocks
* Fix migration
* Manage current data keys per name
* Adjust key re-encryption and test
* Modify rename column migration for MySQL compatibility
* Refactor secrets manager and data keys cache
* Multiple o11y adjustments
* Fix stats query
* Apply suggestions from code review
Co-authored-by: Tania <yalyna.ts@gmail.com>
* Fix linter
* Docs: Rotate data encryption keys API endpoint
Co-authored-by: Tania <yalyna.ts@gmail.com>
This change adds a field to state.State and models.AlertInstance
that indicate the "Reason" that an instance has its current state. This
helps us account for cases where the state is "Normal" but the
underlying evaluation returned "NoData" or "Error", for example.
Fixes#42606
Signed-off-by: Joe Blubaugh <joe.blubaugh@grafana.com>
This change extracts screenshot data from alert messages via a private annotation `__alertScreenshotToken__` and attaches a URL to a Slack message or uploads the data to an image upload endpoint if needed.
This change also implements a few foundational functions for use in other notifiers.
The State Manager will now take screenshots when an alert instance
switches to an Alerting or Resolved state.
Signed-off-by: Joe Blubaugh joe.blubaugh@grafana.com
This commit adds a pkg/services/screenshot package for taking and uploading screenshots of Grafana dashboards. It supports taking screenshots of both dashboards and individual panels within a dashboard, using the rendering service.
The screenshot package has the following services, most of which can be composed:
BrowserScreenshotService (Takes screenshots with headless Chrome)
CachableScreenshotService (Caches screenshots taken with another service such as BrowserScreenshotService)
NoopScreenshotService (A no-op screenshot service for tests)
SingleFlightScreenshotService (Prevents duplicate screenshots when taking screenshots of the same dashboard or panel in parallel)
ScreenshotUnavailableService (A screenshot service that returns ErrScreenshotsUnavailable)
UploadingScreenshotService (A screenshot service that uploads taken screenshots)
The screenshot package does not support wire dependency injection yet. ngalert constructs its own version of the service. See https://github.com/grafana/grafana/issues/49296
This PR also adds an ImageScreenshotService to ngAlert. This is used to take screenshots with a screenshotservice and then store their location reference for use by alert instances and notifiers.
* Add coremodelValidation feature flag
* coremodels: use stubs when feature flag is off
* api: validate dashboards on save
* Need pointer receiver for FeatureManager
* Update dashboard Go model
* Align doc comments
* Include CoremodelRegistry in test
* Wedge coremodel in on all test cases, ugh
* Ugh fix comment again
* Update pkg/framework/coremodel/staticregistry/provide.go
Co-authored-by: Artur Wierzbicki <wierzbicki.artur.94@gmail.com>
* Update Thema (and its deps) for better errs
* omg whitespace
Co-authored-by: Artur Wierzbicki <wierzbicki.artur.94@gmail.com>
Makes `pkg/web` only accept handles from the following set:
```go
handlerStd = func(http.ResponseWriter, *http.Request)
handlerStdCtx = func(http.ResponseWriter, *http.Request, *web.Context)
handlerStdReqCtx = func(http.ResponseWriter, *http.Request, *models.ReqContext)
handlerReqCtx = func(*models.ReqContext)
handlerReqCtxRes = func(*models.ReqContext) Response
handlerCtx = func(*web.Context)
```
This is a first step to reducing above set to only `http.Handler`.
---
Due to a cyclic import situation between `pkg/models` and `pkg/web`, parts of this PR were put into `pkg/api/response`, even though they definitely do not belong there. This however is _temporary_ until we untangle `models.ReqContext`.
* introduce a fallback handler that checks that role is Viewer.
* update UI nav links to allow alerting tabs for anonymous user
* update rule api to check for Viewer role instead of SignedIn when RBAC is disabled
* Login: Fix mismatching label on user auth_module
* Login: ensure previous auth was set to differing
* Login: ensure only one entry of auth is updated
* compare both entries
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* remove noop
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
adds toggle to make a dashboard public
* config struct for public dashboard config
* api endpoints for public dashboard configuration
* ui for toggling public dashboard on and off
* load public dashboard config on share modal
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* rename folder to match package name
* backend/sqlstore: move GetDashboard into DashboardService
This is a stepping-stone commit which copies the GetDashboard function - which lets us remove the sqlstore from the interfaces in dashboards - without changing any other callers.
* checkpoint: moving GetDashboard calls into dashboard service
* finish refactoring api tests for dashboardService.GetDashboard
* AccessControl: Enforce user check when enterprise accesscontrol is on
* Update the test not to fail enterprise build
* Adding a log as suggested by Kalle
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* Update log message
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* create AlertGroupKey structure
* update PrometheusSrv.
- extract creation of RuleGroup to a separate method. Use group key for grouping
* update RuleSrv
- update calculateChanges to use groupKey
- authorize to use groupkey
* #45498: add String util to ListResponse for better UX
* #45498: refactor db_filestorage FS API backend - use path_hash in DB schema
* #45498: enable DB backend fs api tests
* #45498: add comment
* #45498: enable Storage feature flag during integration tests
* remove fmt.println
* #45498: reduce sizes of hash columns
* separate conditions
* #45498: make it easy to ignore backends when running fs api integration tests
* #45498: quote `key` column name
* #45498: reduce path_hash size
* #45498: verify `/{orgId}/{storageName}/` prefix convention in integration tests
* #45498: add etag to the sql table
* #45498: add etag to the sql table
* remove feature flag check (storage isn't dev-mode only)
* add cacheControl and content disposition
* add comments
* add path_hash comment
* explicitly set `path` column collation in `file` table for postgres
* Add RBAC section to settings
* Default to RBAC enabled settings to true
* Update tests to respect RBAC
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Only require create and permissions for new data source page
* Let users with permissions to create data sources list non-core plugins
* Keep the admin check as fallback when using rbac as well
* Add SQL filter for global user search
* Remove scope requirements from endpoints
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Remove banner when missing permissions to list users
* For OSS allow users to list other users if they have permissions to
write either team, dashboard or folder permissions
* Generate API for writing templates
* Persist templates app logic layer
* Validate templates
* Extract logic, make set and delete methods
* Drop post route for templates
* Fix response details, wire up remainder of API
* Authorize routes
* Mirror some existing tests on new APIs
* Generate mock for prov store
* Wire up prov store mock, add tests using it
* Cover cases for both storage paths
* Add happy path tests and fix bugs if file contains no template section
* Normalize template content with define statement
* Tests for deletion
* Fix linter error
* Move provenance field to DTO
* empty commit
* ID to name
* Fix in auth too
* reduce the usage of access control flag further by removing it from SQL store methods
* fixing tests
* fix another test
* linting
* remove AC feature toggle use from API keys
* remove unneeded function
* feat: add feature toggle azureMonitorExperimentalUI
Add QueryHeader which adds an experimental header to AzureMonitor. This work is documented in #44432.
* feature toggles
* return HTTP 207 from ds/query
* add ft check
* add API test
* add 207 check for qr
* change to OR
* revert check
* add explicit toggle check for cloudwatch
* remove unused import
* remove from defaults.ini
* add status codes to md and update swagger
* new fangled http api tests pattern
* update swagger
* Update docs/sources/http_api/data_source.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* add missing word and reformat
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Query history: Clean up stale history after 14 days
* Add unstarring sleanup
* Add wraapping
* Update sql for mysql database
* Update
* Remove fmt.Print
* Refactor and simplify solution
* Update pkg/services/queryhistory/database.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Adjust SQL to limit number of deleted queries
* Add limit enforcmenet to cleanup
* Change limit
* Update
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Fix secure json data reset on datasource update
* Update fillWithSecureJSONData to use DecryptedValues
* Remove unecessary conversion
* Move fillWithSecureJsonData logic to datasource service
* Add sanity check for nil secure json data
* replace dashboardid with dashboardUID in annotation API
* add some tests
* modify some docs and add uid into get endpoint
* rebase with main
* add map for avoiding too much retrieve on dashboards
* Move ApiKeyDTO to dtos package
* Add access control filter to api keys
* pass user in GetApiKeysQuery
* Add api key metadata to DTO
* Remove scope all requirement from get api keys endpoint
* Handle api key access control metadata in frondend
* Template service
* Add GET routes and implement them
* Generate mock for persist layer
* Unit tests for reading templates
* Set up composition root and get integration tests working
* Fix prealloc issue
* Extract setup boilerplate
* Update AuthorizationTest
* Rebase and resolve
* Fix linter error
* #45498: add rbac support in searchv2
* to revert: fix dependency cycle
* Revert "to revert: fix dependency cycle"
This reverts commit 1ffbee73ec.
* added a TODO for caching user permissions
* add orgId to `getDashboardReadFilter`
* use orgId from signedInUser
* goimport
* move upload to http
* use storage from grafanads
* rever gomod changes
* fix test
* wip
* add upload func
* update upload func
* writing to uploads
* edit response from service
* use dropzone for UI
* modify response struct in service
* better read file
* set content type for svg
* restrict file types upload
* add test and clean up errors
* pass test
* fix backend lint errors
* limit type of files on FE
* add TODO for after merge
* rebase with storage changes
* comment out unused function
* update UI to not have 2 uploads
* only call upload on select
* use utils function to find * in path
* show preview on drag over
* not allowing upload of svg
* add preview to upload tab
* no console.log
* resolve conflicts
* refactor log line
* fix failing BE test
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Artur Wierzbicki <artur.wierzbicki@grafana.com>
* #45498: add entity events table
* #45498: add entity events service
* #45498: hook up entity events service to http server
* #45498: use `dashboards.id` rather than `uid` and `org_id` in grn
* Update pkg/services/entityevents/service.go
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* #45498: move entityeventsservice to services/store
* #45498: add null check
* #45498: rename
* #45498: fix comment
* #45498: switch grn back to uid
* Search: listen for updates (#47719)
* #45498: wire entity event service with searchv2
* load last event id before building index for org 1
* fix service init in integration tests
* depend on required subset of event store methods
* Update pkg/services/sqlstore/migrations/entity_events_mig.go
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* #45498: pointer receiver
* #45498: mockery!
* #45498: add entity events service to background services
* dashboard query pagination, allow queries while re-indexing
* log level cleanups, use rlock, add comments
* fix lint, check feature toggle in search v2 service
* use unix time for event created column
* add missing changes for created column
* fix integration tests init
* log re-index execution times on info level
* #45498: fix entityEventsService tests
* #45498: save events on dashboard delete
* use camel case for log labels
* formatting
* #45498: rename grn to entityid
* #45498: add `IsDisabled` to entityEventsService
* #45498: remove feature flag from migration
* better context usage, fix capacity, comments/cleanups
* replace print with logger
* Revert "#45498: remove feature flag from migration"
This reverts commit ed23968898.
* revert:revert:revert conditional feature flag
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
Invalid PostableSilences could be passed to the Alerting API - if they
are passed all the way down into the alertmanager data layer, they can
cause a panic. This change adds validation to avoid a panic in the
alertmanager.
* Alerting: Create fewer contact points on migration
Previously a new contact point was created for every unique combination
of channels attached to any legacy alert. This was very hard to maintain,
requiring modifications in every generated contact point.
This change deduplicates the generated contact points to a more
reasonable state. There should now only be one contact point per legacy
channel, and we attached multiple contact points to a route by nesting
them. The sole exception to this is if there were multiple default
legacy channels, in which case we create a redundant contact point
containing all of them used only in the root policy. This allows for a
much simpler notification policy structure.
Co-authored-by: gotjosh <josue.abreu@gmail.com>
* Add test for decrypted values on datasource service
* Add debug log when fail to parse secure json fields
* Fix minor import issue
* Refactor encJson to json and simplejson to sjson on tests
* wip: Implement kvstore for secrets
* wip: Refactor kvstore for secrets
* wip: Add format key function to secrets kvstore sql
* wip: Add migration for secrets kvstore
* Remove unused Key field from secrets kvstore
* Remove secret values from debug logs
* Integrate unified secrets with datasources
* Fix minor issues and tests for kvstore
* Create test service helper for secret store
* Remove encryption tests from datasources
* Move secret operations after datasources
* Fix datasource proxy tests
* Fix legacy data tests
* Add Name to all delete data source commands
* Implement decryption cache on sql secret store
* Fix minor issue with cache and tests
* Use secret type on secret store datasource operations
* Add comments to make create and update clear
* Rename itemFound variable to isFound
* Improve secret deletion and cache management
* Add base64 encoding to sql secret store
* Move secret retrieval to decrypted values function
* Refactor decrypt secure json data functions
* Fix expr tests
* Fix datasource tests
* Fix plugin proxy tests
* Fix query tests
* Fix metrics api tests
* Remove unused fake secrets service from query tests
* Add rename function to secret store
* Add check for error renaming secret
* Remove bus from tests to fix merge conflicts
* Add background secrets migration to datasources
* Get datasource secure json fields from secrets
* Move migration to secret store
* Revert "Move migration to secret store"
This reverts commit 7c3f872072.
* Add secret service to datasource service on tests
* Fix datasource tests
* Remove merge conflict on wire
* Add ctx to data source http transport on prometheus stats collector
* Add ctx to data source http transport on stats collector test
* remove not used code:
- remove offset in ticket because it is not used
- remove unused ticker and scheduler methods
* use duration for interval
* add metrics grafana_alerting_ticker_last_consumed_tick_timestamp_seconds, grafana_alerting_ticker_next_tick_timestamp_seconds, grafana_alerting_ticker_interval_seconds
* Test composition simplification from last PR
* Policies use proper API model everywhere
* Expose policy provenance in API, miss some dep injection
* Complete injection
* fix args
* Tests for provenance value
* Extract test helpers so tests are very readable
* Single source adapter struct that was copied in 3 places
* Drop redundant test
* Resolve merge conflicts on changelog
* Add feature flag and scaffodling
* start adding actions
* WIP
* move action files
* Start adding styles
* Fix implementation based on feedback
* Add more hackathon code back to command palette
* Cleanup
* Cleanup unused service files for simple MVP pass
* Move type def to library
* WIP
* Move provider to proper place to pick up other routes’ actions
* Build actions off navbar, add explore actions
* Work around undefined typescript stuff
* Fix based on feedback
* close palette on ESC
* Fix based on PR feedback pt 1
* Move styles to classes
* Move another inline style to a class
* Enable command palette by default
* change around async hook structure
* Add simple feature tracking
* Code cleanup, and be sure the command is accurate
* Change to only render if there are actions, and only add actions once past login
* Implement preference service
* Adjust wire.go
* Fix integration test user
* Fix api pref tests
* Fix a11y error
Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Add basic and managed prefixes to avoid magic strings
For now let's stick with grafana_builtins
add function isBasic to RoleDTO
add function isBasic to Role
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Add team store to wire
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
