* copied files
* add copy of Pointer
* fix the API
* forward resample to the namespaced code
* moved the aligning-code to the parent
* call namespaced resample directly
* lint fix
* lint fix
* switch to plugin-sdk-go resample
* adjusted import path
* AuthN: Add NamespaceID struct. We should replace the usage of encoded namespaceID with this one
* AuthN: Add optional interface that clients can implement to be able to resolve identity for a namespace
* Authn: Implement IdentityResolverClient for api keys
* AuthN: use idenity resolvers
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* added pkg/util/rinq package to handle queueing of notifications
* fix linters
* Fix typo in comment
Co-authored-by: Dan Cech <dcech@grafana.com>
* improve allocation strategy for Enqueue; remove unnecessary clearing of slice
* Update pkg/util/ringq/dyn_chan_bench_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/util/ringq/ringq.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* refactor to move stats and shrinking into Ring
* add missing error assertions in tests
* add missing error assertions in tests and linting issues
* simplify controller closed check
* improve encapsulation of internal state in Ring
* use (*Ring).Len for clarity instead of stats
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
Fixes so that auth middleware trace/span doesn't wrap the next handlers.
Allow tracing service name to be overridden in standalone apiserver.
Change k8s api tracing operation name to KubernetesAPI from
grafana-apiserver (which is the service name)
* Making versioncheck url rely on config instead of being hardcoded
* Update pkg/services/updatechecker/plugins.go
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* making the names a bit more generic and using url.url library
* fixing tests
* fixing linting
---------
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Authn: Resolve authenticate by and auth id when fethcing signed in user
* Change logout client interface to only take Requester interface
* Session: Fetch external auth info when authenticating sessions
* Use authenticated by from identity
* Move call to get auth-info into session client and use GetAuthenticatedBy in various places
* Alerting: Persist silence state immediately on Create/Delete
Persists the silence state to the kvstore immediately instead of waiting for the
next maintenance run. This is used after Create/Delete to prevent silences from
being lost when a new Alertmanager is started before the state has persisted.
This can happen, for example, in a rolling deployment scenario.
* Fix test that requires real data
* Don't error if silence state persist fails, maintenance will correct
* Add Get method in dual writer
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Actually run the tests
* no need for t.Run()
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/apiserver/rest/dualwriter_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Log improvements
* Fix method name
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
* Revert "Revert "Add FolderUID for library elements" (#83776)"
This reverts commit 0dfdb2ae47.
* Fix bug, dashboard id and library element fodler_id are the corresponding values
Dashboard table hold both dahboards and tables
* Make Legacy a public field
* Remove duplicated Create method
* Add logger to dualwriter
* Use klog
* Add comment about selecting the dual writer
* Update pkg/apiserver/rest/dualwriter_mode1.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode2.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode2.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Create error var
* Lint
---------
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* extract genericService from RuleService just to reuse it later
* implement silence service
---------
Co-authored-by: William Wernert <william.wernert@grafana.com>
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* Storage server runs own instrumentation server if its the sole target. Starts adding some sample metrics for now.
* adds metric for failed optimistic locks
* refactors metrics registration to own method on service for testability. Adds tests.
* Register sql storage server metrics from within the service
* fixes test
* troubleshooting drone test failures. Maybe timing when starting instrumentation server?
* Waits until instrumentation server has started. Updates tests.
* defer wont get called unless theres an error. removing.
* wait for instrumentation server to be running
* linter - close res body
* use port 3000 for metrics and removes test metric inc() call
* fixes test - updates port
* refactors module server to provide an instrumentation server module when there is no ALL or CORE target provided and running as single target
* make instrumentation server a dependency of all modules that do not run their own http server
* adds module server test
* adds tests for instrumentation service and removes old tests that aren't needed
* ignore error in test
* uses helper to start and run service
* when running wait on ctx done or http server err
* wait for http server
* removes println
* updates module server test to be integration test
* require no error in goroutine
* skips integration test when GRAFANA_TEST_DB not defined
* move http server start into start, verify returned content
* make test error when run fails
* try waiting longer and see if drone tests pass
* update integration test mysql creds to match drone
* go back to only waiting half second
* debug log drone mysql connection string
* use same db connection config as drone
* try using same hostname as drone
* cant use localhost as mysql hostname in drone tests. Need to parse it from the cfg db connection string
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
* support continue at specified resource version
* detect whether list continue pages need to use entity_history, remove BatchRead, expand selectQuery helper
* refactor continue token handling
* fix tests, increase history chunk size
* lint fix
* Alerting: Make retention period configurable for the notification log
* update sample.ini
* fix outdated comment (on disk -> kvstore)
* skip checking cyclomatic complexity for ReadUnifiedAlertingSettings
* Add email and email_verified to id token if identity is a user
* Add endpoint to trigger email verification for user
* Add function to clear stored id tokens and use it when email verification is completed
* E2C: Resources table refactor
* update swagger spec with enums
* use native resource item type, rather than our mock type
* unit tests for resources table
* update spec
* Feature Flags: use FeatureToggles interface where possible
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* Replace TestFeatureToggles with existing WithFeatures
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* replace sqlstore with db interface in a few packages
* remove from stats
* remove sqlstore in admin test
* remove sqlstore from api plugin tests
* fix another createUser
* remove sqlstore in publicdashboards
* remove sqlstore from orgs
* clean up orguser test
* more clean up in sso
* clean up service accounts
* further cleanup
* more cleanup in accesscontrol
* last cleanup in accesscontrol
* clean up teams
* more removals
* split cfg from db in testenv
* few remaining fixes
* fix test with bus
* pass cfg for testing inside db as an option
* set query retries when no opts provided
* revert golden test data
* rebase and rollback
* Add feature toggle
* Add filters and group by variables by default to all new dashboards
* Nits
* Tests
* Rename feature toggle to newDashboardWithFiltersAndGroupBy
* E2C: Start connecting on-prem to real apis
* actually run the migration
* show resources
* basic dashboards resources
* show dashboard title
* remove console logs
* cleanup 1
* i18n
* disconnect
* i18n
* restore type
* use fixed format
* fix
* Implement run migration endpoint
* Refactor RunMigration method into separate methods
* Save migration runs fix lint
* Minor changes
* Refactor how to use cms endpoint
* fix interface
* complete merge
* add individual items
* adds tracing to getMigration
* linter
* updated swagger definition with the latest changes
* CloudMigrations: Implement core API handlers for cloud migrations and migration runs (#85407)
* implement delete
* add auth token encryption
* implement token validation
* call token validation during migration creation
* implement get migration status
* implement list migration runs
* fix bug
* finish parse domain func
* fix urls
* fix typo
* fix encoding and decoding
* remove double decryption
* add missing slash
* fix id returned by create function
* inject missing services
* finish implementing (as far as I can tell right now) data migration and response handling
* comment out broken test, needs a rewrite
* add a few final touches
* get dashboard migration to work properly
* changed runMigration to a POST
* swagger
* swagger
* swagger
---------
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Michael Mandrus <41969079+mmandrus@users.noreply.github.com>
* reenable ext-jwt-client
* fixup settings struct
* add user and service auth
* lint up
* add user auth to grafana ext
* fixes
* Populate token permissions
Co-authored-by: jguer <joao.guerreiro@grafana.com>
* fix tests
* fix lint
* small prealloc
* small prealloc
* use special namespace for access policies
* fix access policy auth
* fix tests
* fix uncalled settings expander
* add feature toggle
* small feedback fixes
* rename entitlements to permissions
* add authlibn
* allow viewing the signed in user info for non user namespace
* fix invalid namespacedID
* use authlib as verifier for tokens
* Update pkg/services/authn/clients/ext_jwt.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update pkg/services/authn/clients/ext_jwt_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix parameter names
* change asserts to normal package
* add rule for assert
* fix ownerships
* Local diff
* test and lint
* Fix test
* Fix ac test
* Fix pluginproxy test
* Revert testdata changes
* Force revert on test data
---------
Co-authored-by: gamab <gabriel.mabille@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* add function to static function to static service
* find email and login claims with jmespath
* rename configuration files
* Replace JWTClaims struct for map
* check for subclaims error
* don't iterate over first column as it is a time column already
* don't iterate over first column as it was handled earlier
* add more flexibility to run the commands
* Update pkg/tsdb/influxdb/influxql/converter/converter.go
Co-authored-by: Nick Richmond <5732000+NWRichmond@users.noreply.github.com>
---------
Co-authored-by: Nick Richmond <5732000+NWRichmond@users.noreply.github.com>
Terraform Issue: grafana/terraform-provider-grafana#1007
Nested routes should be allowed to inherit the contact point from the root (or direct parent) route but this fails in the provisioning API (it works in the UI)
* Bench testing search user perm
* Add BenchmarkSearchUsersPermissions_1K_1K
* Clarify benchmark searches by action prefix
* Make MySQL more efficient
* Move all filter options
* Expand after assignments union
* update comments
* Add cloud migration endpoints
* Built auth into creating a migration.
* Added more detail to the migration result model
* goimports
* Update pkg/services/cloudmigration/api/api.go
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
* Update pkg/services/cloudmigration/api/api.go
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
---------
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
* vendor latest wire into pkg/build
* use vendored wire in builds
* fix wire import path
* remove wire from bingo
* also support google/wire import
* make prettier happy
* change package in tess
* add debug walk for drone
* add wire_gen in tests
* remove debug walk
* restore imports
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* Move SAML strategy to ssosettings service
* Update codeowners file
* reload from settings provider
* add saml as configurable provider
* Add new SAML strategy
* rename old saml settings interface
* update saml string references
* use OSS license
* validate saml provider depends on license for List
* add tests for list rendering including saml
* change the licensing validation to service init
* replace service struct for provider
* add feature toggle usePrometheusFrontendPackage
* add feature toggle logic to Prometheus module
* use config editor with package and remove configOverhaul feature toggle
* update betterer because we will be removing other files as we replace with files from @grafana/prometheus
* fix exemplar ds picker selector
* add more description to ts-ignore
* remove go.work.sum change
* copy go.work.sum from main
* update go.work.sum after talking with ismail
* put back the promlib entry
---------
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
* allow users with regular actions access provisioning API paths
* update methods that read rules
skip new authorization logic if user CanReadAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* create deltas for single rul e
* update modify methods
skip new authorization logic if user CanWriteAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* implement RuleAccessControlService in provisioning
* update file provisioning user to have all permissions to bypass authz
* update provisioning API to return errutil errors correctly
---------
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
