Commit Graph

782 Commits

Author SHA1 Message Date
William Wernert
c62cc25513
Alerting: Configure recording rule writer from config.ini (#89056) 2024-06-12 16:04:46 -04:00
Jacob Valdemar
eb76ea47a0
Alerting: Add ha_reconnect_timeout configuration option (#88823)
* Docs: Update "Configure high availability" guide with ha_reconnect_timeout configuration

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-06-11 13:25:48 -04:00
Kristin Laemmert
90418dc00b
Chore: update sample.ini file (#86941)
rebase
2024-06-10 09:22:16 -04:00
Misi
9a44296bc2
Auth: Add org to role mappings support to AzureAD/Entra integration (#88861)
* Added implementation and tests

* Add docs, simplify implementation

* Remove unused func

* Update docs
2024-06-10 12:08:30 +02:00
Karl Persson
f3efd95bb4
Auth: Add org to role mappings support to Google integration (#88891)
* Auth: Implement org role mapping for google oauth provider

* Update docs

* Remove unused function

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
2024-06-07 14:07:35 +02:00
Misi
4f2a9a47f3
Auth: Add org to role mappings support to Okta integration (#88770)
* Add org mapping support to Okta

* Update docs and configs

* Prettier docs

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Improve tests

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-06-06 10:35:06 +02:00
Fayzal Ghantiwala
80f54778f3
Alerting: Add option to use Redis in cluster mode for Alerting HA (#88696)
* Add config option to use Redis in cluster mode

* Use UniversalOptions
2024-06-05 17:02:25 +01:00
Karl Persson
f28905f8c4
Auth: Add org to role mappings support to Gitlab integration (#88751)
* Conf: Add org_mapping and org_attribute_path to github and gitlab conf

* Gitlab: Implement org role mapping

* Update docs
---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-06-05 16:15:53 +02:00
Fayzal Ghantiwala
67b9e3b269
Alerting: Update HA Redis TLS docs (#88538)
* Update HA Redis TLS doc

* Add test for regular TLS

* Update docs

* Update prom registry
2024-05-31 13:23:45 +01:00
Misi
ed6b3e9e7c
Auth: Introduce pre-logout hooks + add GCOM LogoutHook (#88475)
* Introduce preLogoutHooks in authn service

* Add gcom_logout_hook

* Config the api token from the Grafana config file

* Simplify

* Add tests for logout hook

* Clean up

* Update

* Address PR comment

* Fix
2024-05-30 15:52:16 +02:00
Jon Cole
67b90ceba5
Azure: Load custom clouds from ini file (#87667)
* Load custom clouds from config file

* Update docs

* Use the correct list of clouds, add test, fix error condition handling

* Remove on custom cloud from sample.ini and docs

* Remove unnecessary else block

* Use cached json instead of serializing with each request

* Update grafana-azure-sdk-go version to v2.0.4

* update configure-grafana entry for clouds_config

* fix lint errors

* fix lint errors

---------

Co-authored-by: Jeremy Angel (from Dev Box) <jeremyangel@microsoft.com>
2024-05-24 17:40:04 +01:00
Mathieu Parent
b8c9ae0eb7
OIDC: Support Generic OAuth org to role mappings (#87394)
* Social: link to OrgRoleMapper

* OIDC: support Generic Oauth org to role mappings

Fixes: #73448
Signed-off-by: Mathieu Parent <math.parent@gmail.com>

* Handle when getAllOrgs fails in the org_role_mapper

* Add more tests

* OIDC: ensure orgs are evaluated from API when not from token

Signed-off-by: Mathieu Parent <math.parent@gmail.com>

* OIDC: ensure AutoAssignOrg is applied with OrgMapping without RoleAttributeStrict

Signed-off-by: Mathieu Parent <math.parent@gmail.com>

* Extend docs

* Fix test, lint

---------

Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
2024-05-23 09:55:45 +02:00
Andreas Christou
edae5fc791
Azure: Fix for username assertion (#87853)
Fix for username assertion

- Allow setting username assertion in INI
- Correctly set the azsettings value
- Update tests
2024-05-16 11:50:02 -05:00
Fayzal Ghantiwala
7a2fbad0c8
Alerting: Add options to configure TLS for HA using Redis (#87567)
* Add Alerting HA Redis Client TLS configs

* Add test to ping miniredis with mTLS

* Update .ini files and docs

* Add tests for unified alerting ha redis TLS settings

* Fix malformed go.sum

* Add modowner

* Fix lint error

* Update docs and use dstls config
2024-05-14 14:21:42 +01:00
Karl Persson
0f3080ecb8
AuthN: Fix signout redirect url (#87631)
* Add missing return

* Use sign out redirect url from auth config if configured

* remove option from auth.jwt that is not used
2024-05-12 19:53:19 +02:00
Laura Benz
f806b9749d
refactor: replace static placeholders with translatable ones (#87130)
* refactor: replace static placeholders with translatable ones

* refactor

* refactor: keep default option

* refactor: improve expression

* refactor: run extraction after merging fix
2024-05-01 13:17:53 +02:00
Steve Simpson
5c89b8fe12
gRPC Server: Make message size limits configurable. (#86982)
* gRPC Server: Make message size limits configurable.

* Fix mistake, don't add opts twice

* Apply suggestions from code review

Co-authored-by: Todd Treece <360020+toddtreece@users.noreply.github.com>

---------

Co-authored-by: Todd Treece <360020+toddtreece@users.noreply.github.com>
2024-04-30 16:18:03 +02:00
Kristina
2247d6c415
Short Links: Add setting for changing expiration time (#86003)
* Add setting for changing shortlink expiration time

* Add docs, add better language

* put all the numbers in the duration 🤷

* 🙄

* update language to be correct and clear

* Add max limit and more documentation
2024-04-22 07:39:24 -05:00
Michael Mandrus
45a7f649fe
CMS: Create local implementation of cloud migration for dev use (#86637)
* add developer mode property to config

* create cms stub

* cleanup

* implement and wire up gcom stub

* fix errors

* don't document the flag
2024-04-20 23:51:58 -04:00
TechVest
1ffe858e06
chore: remove repetitive words (#86412)
Signed-off-by: TechVest <techdashen@qq.com>
2024-04-17 13:08:00 +01:00
owensmallwood
8c8885ef23
Storage Api: Adds traces (#85391)
- adds traces and improved logging to the unified storage server
- add a configurable logger to the gRPC server service
2024-04-16 08:30:51 -06:00
Sofia Papagiannaki
ebf68f34fe
Chore: Fix spelling (#85435)
Fix spelling
2024-04-08 11:08:43 +03:00
Santiago
c7573bb0f7
Alerting: Make retention period configurable for the notification log (#85605)
* Alerting: Make retention period configurable for the notification log

* update sample.ini

* fix outdated comment (on disk -> kvstore)

* skip checking cyclomatic complexity for ReadUnifiedAlertingSettings
2024-04-05 12:25:43 +02:00
idafurjes
b885da09da
CloudMigrations: Implement migrations API (#85348)
* Implement run migration endpoint

* Refactor RunMigration method into separate methods

* Save migration runs fix lint

* Minor changes

* Refactor how to use cms endpoint

* fix interface

* complete merge

* add individual items

* adds tracing to getMigration

* linter

* updated swagger definition with the latest changes

* CloudMigrations: Implement core API handlers for cloud migrations and migration runs (#85407)

* implement delete

* add auth token encryption

* implement token validation

* call token validation during migration creation

* implement get migration status

* implement list migration runs

* fix bug

* finish parse domain func

* fix urls

* fix typo

* fix encoding and decoding

* remove double decryption

* add missing slash

* fix id returned by create function

* inject missing services

* finish implementing (as far as I can tell right now) data migration and response handling

* comment out broken test, needs a rewrite

* add a few final touches

* get dashboard migration to work properly

* changed runMigration to a POST

* swagger

* swagger

* swagger

---------

Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Michael Mandrus <41969079+mmandrus@users.noreply.github.com>
2024-04-03 13:36:13 +02:00
linoman
e4250a72db
JWT: Find login and email claims with JMESPATH (#85305)
* add function to static function to static service

* find email and login claims with jmespath

* rename configuration files

* Replace JWTClaims struct for map

* check for subclaims error
2024-03-28 17:25:26 +01:00
Bruno
a2e21eac8c
Cloud migrations: create endpoint to create an access token (#84690)
* fix merge conflicts

* make token expiration configurable
2024-03-25 12:43:28 -03:00
Ryan McKinley
713970d00a
SQLStore: Cleanup migrationLocking (#85054) 2024-03-25 10:09:15 +03:00
Sofia Papagiannaki
33b653534e
SQLStore: Enable migration locking by default (#84983)
* Introduce new configuration for migration locking

* Remove feature toggle

* Fix test and turn it into an integration

* Fix docs
2024-03-22 21:22:29 +02:00
Timur Olzhabayev
e9db9106c1
Chore: Disable angular support by default (#84738)
* Flipping angular support to disabled by default
2024-03-22 17:09:53 +01:00
chalapat
65c0669f01
Server: Reload TLS certs without a server restart (#83589)
* server: reload of grafana server certs when renewed without restart.

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>

* server: reload of grafana server certs when renewed without restart.

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>

* Update http_server.go

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update http_server.go

Address the comments

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Dan Cech <dan@aussiedan.com>

* Update http_server.go

Align the spaces

* Update http_server.go

* Update http_server.go

* Update pkg/api/http_server.go

Co-authored-by: Dan Cech <dan@aussiedan.com>

---------

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
2024-03-22 17:13:22 +02:00
Eric Leijonmarck
bb792ff540
Auth: Remove oauth skip org role sync (#84972)
* remove oauth wide skip org role sync

* we are warning from config

* set it to false

* removed from config ini files and updated docs
2024-03-22 15:34:05 +01:00
Andreas Christou
6bb7ab261a
AzureMonitor: User authentication support (#81918)
* Stub out frontend user auth

* Stub out backend user auth

* Add context

* Reorganise files

* Refactor app registration form

* Alert for user auth service principal credentials

* AzureMonitor: Add flag for enabling/disabling fallback credentials for current user authentication (#82332)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Update azure-sdk

* Fix lint

* Update test

* Bump dependency

* Update configuration

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Docs review

* AzureMonitor: User authentication frontend updates (#83107)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Add alerts to query editor

- Add authenticatedBy property to grafana/data
- Update mocks
- Update query editor to disable it under certain circumstances
- Update tests

* Add separate FallbackCredentials component

- Reset AppRegistrationCredentials component to only handle clientsecret credentials
- Update AzureCredentialsForm
- Update selectors
- Update tests
- Update credentials utility functions logic

* Alert when fallback credentials disabled

* Update condition

* Update azure-sdk

* Fix lint

* Update test

* Remove unneeded conditions

* Set auth type correctly

* Legacy cloud options

* Fix client secret

* Remove accidental import

* Bump dependency

* Add tests

* Don't use VerticalGroup component

* Remove unused import

* Fix lint

* Appropriately set oAuthPassThru and disableGrafanaCache properties

* Clear azureCredentials on authType change

* Correctly retrieve secret

* Fix bug in authTypeOptions

* Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Update public/app/plugins/datasource/azuremonitor/components/QueryEditor/QueryEditor.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Add documentation links

* Fix broken link

---------

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* AzureMonitor: Update docs for current user authentication (#83440)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Add alerts to query editor

- Add authenticatedBy property to grafana/data
- Update mocks
- Update query editor to disable it under certain circumstances
- Update tests

* Add separate FallbackCredentials component

- Reset AppRegistrationCredentials component to only handle clientsecret credentials
- Update AzureCredentialsForm
- Update selectors
- Update tests
- Update credentials utility functions logic

* Alert when fallback credentials disabled

* Update condition

* Update azure-sdk

* Fix lint

* Update test

* Remove unneeded conditions

* Set auth type correctly

* Legacy cloud options

* Fix client secret

* Remove accidental import

* Bump dependency

* Add tests

* Don't use VerticalGroup component

* Remove unused import

* Update docs

* Fix lint

* Appropriately set oAuthPassThru and disableGrafanaCache properties

* Clear azureCredentials on authType change

* Correctly retrieve secret

* Feedback

* Spelling

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

---------

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Docs review

* Update docs with additional configuration information

* Fix to appropriately hide the query editor

* Typo

* Update isCredentialsComplete

* Update test

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>
2024-03-19 16:32:24 +00:00
William Wernert
97f37b2e6f
Alerting: Clamp Loki ASH range query to configured max_query_length (#83986)
* Clamp range in loki http client to configured max_query_length

Defaults to 721h to match Loki default
2024-03-15 18:59:45 +02:00
Gilles De Mey
8765c48389
Alerting: Remove legacy alerting (#83671)
Removes legacy alerting, so long and thanks for all the fish! 🐟

---------

Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Co-authored-by: Sonia Aguilar <soniaAguilarPeiron@users.noreply.github.com>
Co-authored-by: Armand Grillet <armandgrillet@users.noreply.github.com>
Co-authored-by: William Wernert <rwwiv@users.noreply.github.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
2024-03-14 15:36:35 +01:00
Sofia Papagiannaki
22d8258e48
Postgres: Allow disabling SNI on SSL-enabled connections (#83892)
* Postgres: Allow disabling SNI on SSL-enabled connections

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-03-12 12:03:24 +02:00
Misi
63f1c30313
Auth: Set the default org after User login (#83918)
* poc

* add logger, skip hook when user is not assigned to default org

* Add tests, move to hook folder

* docs

* Skip for OrgId < 1

* Address feedback

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* lint

* Move the hook to org_sync.go

* Update pkg/services/authn/authnimpl/sync/org_sync.go

* Handle the case when GetUserOrgList returns error

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2024-03-12 09:35:13 +01:00
Josh Hunt
1ab8857e48
E2C: Add cloud migration is_target server config option (#83419) 2024-03-11 14:29:44 +02:00
Yuri Tseretyan
7147af6b8e
Alerting: Disable legacy alerting for ever (#83651)
* hard disable for legacy alerting
* remove alerting section from configuration file 
* update documentation to not refer to deleted section
* remove AlertingEnabled from usage in UA setting parsing
2024-03-07 16:01:11 -05:00
Xavi Lacasa
d1f8f7774d
Document verification_email_max_lifetime_duration config option (#84057) 2024-03-07 13:51:27 +01:00
Jo
36a19bfa83
AuthProxy: Allow disabling Auth Proxy cache (#83755)
* extract auth proxy settings

* simplify auth proxy methods

* add doc mentions
2024-03-01 11:31:06 +01:00
Misi
75b020c19d
Cfg: Add a setting to configure if the local file system is available (#83616)
* Introduce environment.local_filesystem_available

* Only show TLS client cert, client key, client ca when local_filesystem_available is true

* Rename LocalFSAvailable to LocalFileSystemAvailable
2024-03-01 10:39:50 +01:00
linoman
b02ae375ba
Chore: Query oauth info from a new instance (#83229)
* query OAuth info from a new instance

* add `hd` validation flag

* add `disable_hd_validation` to settings map

* update documentation

---------

Co-authored-by: Jo <joao.guerreiro@grafana.com>
2024-02-29 16:48:32 +01:00
Yuri Tseretyan
6a11bee6af
Alerting: Deprecate max_annotations_to_keep and max_annotation_age in [alerting] configuration section (#83266)
* introduce new config section [unified_alerting.state_history.annotations] and deprecate settings in [alerting]

Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
2024-02-26 17:04:27 -05:00
Khushi Jain
d02de5ddb9
Image Rendering: Add settings for default width, height and scale (#82040)
* Add Image width & height

* ability to change default width, height and scale

* default ini

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/setting/setting.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/setting/setting.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Added docs, changed frontend

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/api/dtos/frontend_settings.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/api/frontendsettings.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/api/render.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* add query float 64

* Update packages/grafana-runtime/src/config.ts

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update public/app/features/dashboard/components/ShareModal/utils.ts

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* spacing

* fix tests

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-02-26 13:27:34 +01:00
linoman
ac84069071
Password policy (#82268)
* add password service interface

* add password service implementation

* add tests for password service

* add password service wiring

* add feature toggle

* Rework from service interface to static function

* Replace previous password validations

* Add codeowners to password service

* add error logs

* update config files


---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2024-02-16 04:58:05 -06:00
Yuri Tseretyan
1eebd2a4de
Alerting: Support for simplified notification settings in rule API (#81011)
* Add notification settings to storage\domain and API models. Settings are a slice to workaround XORM mapping
* Support validation of notification settings when rules are updated

* Implement route generator for Alertmanager configuration. That fetches all notification settings.
* Update multi-tenant Alertmanager to run the generator before applying the configuration.

* Add notification settings labels to state calculation
* update the Multi-tenant Alertmanager to provide validation for notification settings

* update GET API so only admins can see auto-gen
2024-02-15 09:45:10 -05:00
Alexander Weaver
99fa064576
Alerting: Emit warning when creating or updating unusually large groups (#82279)
* Add config for limit of rules per rule group

* Warn when editing big groups through normal API

* Warn on prov api writes for groups

* Wire up comp root, tests

* Also add warning to state manager warm

* Drop unnecessary conversion
2024-02-13 08:29:03 -06:00
Alexander Weaver
5bbe9c6e61
Alerting: Enable group-level rule evaluation jittering by default, remove feature toggle (#82212)
* remove jitter feature flag

* Add an out so users can manually disable jitter

* Pass in cfg

* Add TODO to remove knob in future
2024-02-09 15:53:58 -06:00
Jo
6f62d970e3
JWT Authentication: Add support for specifying groups in auth.jwt for teamsync (#82175)
* merge JSON search logic

* document public methods

* improve test coverage

* use separate JWT setting struct

* correct use of cfg.JWTAuth

* add group tests

* fix DynMap typing

* add settings to default ini

* add groups option to devenv path

* fix test

* lint

* revert jwt-proxy change

* remove redundant check

* fix parallel test
2024-02-09 16:35:58 +01:00
Isabella Siu
81da3ff753
CloudWatch: Remove dependencies on grafana/pkg/setting (#81208) 2024-02-05 13:59:32 -05:00