Commit Graph

564 Commits

Author SHA1 Message Date
owensmallwood
d5b9602a79
Config: Can add static headers to email messages (#79365)
* Can add allowed custom headers to an email Message. WIP.

* adds slug as a custom email header to all outgoing emails

* Headers are static - declared as key/value pairs in config. All static headers get added to emails.

* updates comment

* adds tests for parsing smtp static headers

* updates test to assert static headers are included when building email

* updates test to use multiple static headers

* updates test names

* fixes linting issue with error

* ignore gocyclo for loading config

* updates email headers in tests to be formatted properly

* add static headers first

* updates tests to assert that regular headers like From cant be overwritten

* ensures only the header is in a valid format for smtp and not the value

* updates comment and error message wording

* adds to docs and ini sample files

* updates smtp.static_headers docs examples formatting

* removes lines commented with semi colons

* prettier:write

* renames var
2023-12-14 12:59:43 -06:00
Bruno
58678f5879
Plugins: Add option to disable TLS in the socks proxy (#79246)
* Plugins: add option to disable TLS in the socks proxy

* fix allow_insecure docs

* upgrade github.com/grafana/grafana-plugin-sdk-go from v0.196.0 to v0.197.0

* fix conflicts
2023-12-14 12:16:32 -03:00
Andreas Christou
f3cdb44898
Plugins: Include Azure settings as a part of Grafana config sent in plugin requests (#79342)
* Add Azure settings and update tests

* Filter by plugin ID

* Add forward settings config variable

* Update line

* Add tests

* Update so that data sources are fully defined in config

* Update SDK and test

* Fix lint

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Remove unnecessary if

---------

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
2023-12-14 11:48:22 +00:00
Giuseppe Guerra
0d1d437c86
Plugins: Add forward_host_env_vars setting (#79333)
* Plugins: Add forward_host_env_vars_plugins setting

* Renamed forward_host_env_vars_plugins to forward_host_env_vars

* Add readPluginIDsList

* refactoring

* lint

* Use util.SplitString
2023-12-13 11:25:17 +02:00
Giuseppe Guerra
f76b9f266e
Plugins: Add hide_angular_deprecation setting (#79296)
* Add plugins.hide_angular_deprecation config ini

* Add more tests

* Remove the ability to use [plugins.*] hide_angular_deprecation
2023-12-12 11:20:21 +02:00
gotjosh
0c9356a3c7
Unified Alerting: Set max_attempts to 1 by default (#79095)
* Unified Alerting: Set `max_attempts` to 1 by default

The retry logic for unified alerting has been broken as far as v9.4.x, rather than fixing it in one go and causing a headache to our users with rules putting extra load on their datasources - I think a better approach is to simply set 1 as a default and then let our users change it.

I see two cons with this approach:

- Configuration for legacy to unified alerting cannot be ported over automatically, users will have to manually set `max_attempts` to 3 when migrating.
- Users expecting to get any sort of retrying (as with legacy alerting) will not have it out of the box and will have to manually edit the configuration.

Signed-off-by: gotjosh <josue.abreu@gmail.com>
---------

Signed-off-by: gotjosh <josue.abreu@gmail.com>
2023-12-05 17:42:34 +00:00
Matthew Jacobson
5a80962de9
Alerting: Add clean_upgrade config and deprecate force_migration (#78324)
* Alerting: Add clean_upgrade config and deprecate force_migration

Upgrading to UA and rolling back will no longer delete any data by default. 
Instead, each set of tables will remain unchanged when switching between 
legacy and UA. As such, the force_migration config has been deprecated 
and no extra configuration is required to roll back to legacy anymore.

If clean_upgrade is set to true when upgrading from legacy alerting to Unified
Alerting, grafana will first delete all existing Unified Alerting resources,
thus re-upgrading all organizations from scratch. If false or unset,
organizations that have previously upgraded will not lose their existing Unified
 Alerting data when switching between legacy and Unified Alerting.

 Similar to force_migration, it should be kept false when not needed as it may
 cause unintended data-loss if left enabled.

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-11-30 11:01:11 -05:00
Karl Persson
21f94c5b78
Auth: id response header (#77871)
* Add config options for identity id response header

* Add feature to add identity id response header to all responses

* Use util.SplitString
2023-11-29 15:51:13 +01:00
venkatbvc
e152323a33
Auth: Split signout_redirect_url into per provider settings (#75269)
* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* update docs

* update devenvs

* add missing struct tag

---------

Co-authored-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: jguer <me@jguer.space>
2023-11-29 14:50:21 +01:00
Agnès Toulet
41713353eb
Doc: Update image rendering configuration (#77042)
* Doc: Update image rendering configuration

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/image-rendering/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-11-23 15:03:13 +01:00
Esteban Beltran
e4d41e878f
Sandbox: Exclude incidents app (#78204)
* Exclude incident app from sandbox

* Revert js changes. use config
2023-11-15 16:40:07 +02:00
Hugo Kiyodi Oshiro
dfc1875061
Plugins: Add managed instance installation resources (#76767)
* Plugins: Add configs to allow managed install

* Expose methods to use with cloud plugin installer

* Change plugins installer bind to OSS
2023-10-24 16:21:37 +02:00
William Assis
65a7bddcee
Analytics: Add option to pass destSDKBaseURL to rudderstack load method (#74926)
* Add option to pass destSDKBaseURL to rudderstack load method

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-10-23 12:43:33 +00:00
João Calisto
d5691e6dd1
Live: Allow setting the engine password (#76289) 2023-10-11 09:45:24 +01:00
Jo
cada1f040a
Auth: Add support for role mapping and allowed groups in Google OIDC (#76266)
* support google oauth allowed_groups. unify allowed groups logic

* add role mapping for google oauth

* add documentation

* add addendums

* remove extra isGroupMember

* add to sample ini

* Apply suggestions from code review

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-10-10 18:07:23 +02:00
Sergey Kostrukov
3ee40d3a5a
Azure: Settings for Azure AD Workload Identity (#75283)
* Settings for Azure AD Workload Identity

* Update dependency on Grafana Azure SDK

* Documentation

* Fix JS code

* Cleanup Prometheus backend code

* Making prettier happy
2023-09-28 12:05:16 +01:00
João Calisto
7e1b45ba31
Feature Toggles API: Trigger webhook call when updating (#75254)
* Feature Toggles API: Trigger webhook call when updating

* update status code error check

* lint - handle Close() error

* Rename update webhook config

* fix tests
2023-09-25 19:11:24 +01:00
Andres Martinez Gotor
96b55ea37c
Feature: Allow to skip plugin loading (#74840) 2023-09-14 12:58:12 +02:00
Dave Henderson
ce1169f8b7
Tracing: Support remote, rate-limited, and probabilistic sampling in tracing.opentelemetry config section (#73587)
* tracing: Support remote sampling server

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* Satisfying the doc-validator check

* satisfy prettier

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

* back out unnecessary change

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

---------

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-09-11 12:13:29 -04:00
Santiago
7a34cdb3a2
Alerting: Add configuration options to migrate to an external Alertmanager (#71318)
* add configuration options to .ini file and parse them

* updates on config options, add external AM config to the main config struct

* separate external AM configs from general alerting configs, naming

* comments about usage of tenantID in basic auth & not using config options yet
2023-09-05 11:24:35 -03:00
Alexander Weaver
dfba94e052
Alerting: Limit redis pool size to 5 and make configurable (#74057)
* Limit redis pool size to 5 and expose it in config ini

* Coerce negative pool sizes to the default
2023-08-29 14:59:12 -05:00
Misi
2f22946f06
RBAC: Enable permission validation by default (#73804) 2023-08-25 14:07:40 +02:00
Michael Mandrus
779e0fe311
Feature Toggles: Create API for updating feature toggle state from the feature toggle admin page (#73022)
* create roles for writing feature toggles

* create update endpoint / handler

* api changes

* add feature toggle validations

* hide toggles based on their state

* make FlagFeatureToggle read only

* add username log

* add username string

* refactor for better readability

* refactor unit tests so we can do more validations

* some skeletoning for the set tests

* write unit tests for updater

* break helper functions out

* update sample ini to match defaults

* add more logic to ReadOnly label

* add user documentation

* fix lint issue

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

---------

Co-authored-by: IbrahimCSAE <ibrahim.mdev@gmail.com>
Co-authored-by: J Stickler <julie.stickler@grafana.com>
2023-08-09 11:32:28 -04:00
Sofia Papagiannaki
afb59af79b
Usage stats: Tune collector execution startup and interval (#72688)
* Do not update statistics at service collector startup

* Configurable collector interval

* Introduce initial random delay

* Prevent reporting metrics until the stats have been collected

* Apply suggestion from code review
2023-08-03 11:01:44 +03:00
Misi
bba11d04cb
Auth: Add key_id config param to auth.jwt (#72711)
* Specify keyID for public key provided in PEM format for JWT Auth

* Update docs

* Update sample.ini
2023-08-03 09:13:23 +02:00
Ieva
9ff193f692
Docs: update GitLab OAuth2 documentation (#71834)
* gitlab doc update and update the default scopes

* small fixes

* fix a reference

* update another reference

* PR feedback: fix numbering of bulletpoints, reorder config options

* linting
2023-07-25 19:46:46 +03:00
João Calisto
4ba83173ea
Feature toggles management: Define get feature toggles api (#72106)
* Feature Toggle Management: Define get feature toggles api

* lint
2023-07-24 16:12:59 -04:00
Michael Mandrus
e8093cb11a
Config: Add [aws][external_id] to ini files (#72026)
add mention of aws external id to ini files
2023-07-20 10:37:41 -04:00
Jo
0ffd359801
Auth: Enforce role sync except if skip org role sync is enabled (#70766)
* enforce role sync except if skip org role sync is enabled

* move errors to errors file and set codes

* fix docs and defaults

* remove legacy parameter

* support fall through token-api in generic oauth

* fix error handling for generic_oauth

* Update pkg/login/social/generic_oauth.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update pkg/login/social/gitlab_oauth_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update pkg/login/social/gitlab_oauth_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-07-17 15:58:16 +02:00
Misi
dcf26564db
OAuth: Introduce user_refresh_token setting and make it default for the selected providers (#71533)
* First changes

* WIP docs

* Align current tests

* Add test for UseRefreshToken

* Update docs

* Fix

* Remove unnecessary AuthCodeURL from generic_oauth

* Change GitHub to disable use_refresh_token by default
2023-07-14 14:03:01 +02:00
Ieva
cb695cef8e
Auth: update GitHub OAuth documentation (#70459)
* github oauth doc improvements

* add skip_org_role_sync to config for github provider

* update links and section headings

* update the docs based on the first PR

* update references
2023-07-12 15:25:46 +02:00
Michael Mandrus
ff6d6659fb
Query: Fix concurrency handling for mixed datasource queries (#70100)
* split queries and merge responses

* increase concurrency again

* update unit test to verify the headers are merged

* fix lint issue

* fix race condition in unit test

* Fix function name and add a bit more documentation about how the func should be used

* update function call after rename

* check for duplicate header vals

* make concurrent query limit configurable

* Update conf/sample.ini

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2023-07-06 17:15:43 +03:00
Esteban Beltran
d618bc46d1
Plugins: Add config option to exclude specific plugins from frontend sandbox (#70899) 2023-07-05 11:16:56 +02:00
Eric Leijonmarck
e313db386a
Auth: adds missing default in [auth.azuread] skip_org_role_sync config (#70690)
adds default false skip org role sync
2023-06-26 17:54:32 +03:00
Jo
11d196eb6e
Auth: Support google OIDC and group fetching (#70140)
* Auth: Update Google OAuth default configuration based on /.well-known/openid-configuration #69520

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

* add id_token parsing

add legacy API distinction

use google auth oidc connectors

add group fetching support and tests

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* implement review feedback

* indent docs

---------

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
Co-authored-by: junya koyama <arukiidou@yahoo.co.jp>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-06-26 09:44:57 +02:00
George Robinson
7edbe72483
Alerting: Support concurrent queries for saving alert instances (#70525)
This commit adds support for concurrent queries when saving alert
instances to the database. This is an experimental feature in
response to some customers experiencing delays between rule evaluation
and sending alerts to Alertmanager, resulting in flapping. It is
disabled by default.
2023-06-23 11:36:07 +01:00
Jo
4821175d40
Auth: Add auth.azure_ad security improvements (#912)
* security improvements id_token

* add audience validation

* add allowOrganizations

* add allowOrganizations tests and documentation

* add log warn on no configuration

* anonymize tenant id

* Apply suggestions from code review

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update pkg/login/social/azuread_oauth_test.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update pkg/login/social/azuread_oauth_test.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* optimize key validation and add mising fields

* fix missing key_id

* lint

* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>

* lint docs

---------

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-06-23 09:13:38 +02:00
Vardan Torosyan
87b127e073
Add and document option for enabling email lookup (#913)
* Docs: Document option for enabling email lookup

* Add the new config in the config files

* Apply suggestions from code review

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Don't capitalize identity providers

* Apply suggestions from code review

Co-authored-by: Jo <joao.guerreiro@grafana.com>

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-06-23 09:08:04 +02:00
Michael Mandrus
66d2214c3b
Config: Add configuration option to define custom user-facing general error message for certain error types (#70023)
---------

Co-authored-by: Summer Wollin <summer.wollin@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
2023-06-16 10:46:47 -05:00
Andres Martinez Gotor
7c1c196031
Plugins: Periodically update public signing key (#70080) 2023-06-16 11:20:30 +02:00
Stephanie Hingtgen
936e62ca43
Secure socks proxy: update show_ui default in default.ini (#69417) 2023-06-02 07:23:05 -06:00
Stephanie Hingtgen
29a4e3d7da
Secure socks proxy: allow for UI to be disabled (#69408) 2023-06-01 12:58:51 -06:00
Ashley Harrison
778963849e
News: Expose config option to disable News feed (#69365)
* customize news feed

* remove url customisation
2023-06-01 13:35:05 +01:00
MichaelKo
e7e70dbac6
Chore: Adding "allowed_groups" Configuration Parameter to Generic OAuth Method (#69025)
* feat: add allowed_groups for Generic OAuth

* docs: add allowed_groups more docs for Generic OAuth
2023-05-30 11:07:04 +02:00
arukiidou
d208bf3345
Auth: Add tls_client_cert to OAuth section in defaults.ini. #64746 (#68228)
* Auth: Add tls_client_cert to defaults.ini #64746

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

* Auth: Add tls_client_cert to docs #64746

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

* Auth: Add more `tls_client_cert` for docs

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/gitlab/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Revert "Update docs/sources/setup-grafana/configure-security/configure-authentication/gitlab/index.md"

This reverts commit f4f1fda7526bf4af05507bc0dc26e808687514eb.

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

---------

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-05-26 14:15:19 +02:00
Sergey Kostrukov
eafba8fa69
Azure: Configuration for user identity authentication in datasources (Experimental) (#50277)
* Configuration for user identity authentication

* Use token endpoint form Azure AD settings

* Documentation update

* Update Grafana Azure SDK

* Fix secret override

* Fix lint

* Fix doc wording
2023-05-15 18:00:54 +01:00
arukiidou
f79654feb3
Auth: Use PKCE by default (If OAuth provider supports PKCE) (#68095)
OAuth: change use_pkce = true to defaults.ini/sample.ini #68073

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
2023-05-12 09:37:29 +02:00
Jean-Philippe Quéméner
8bb62a8316
Alerting: Add option for memberlist label (#67982) 2023-05-09 10:32:23 +02:00
venkatbvc
b9e53f628f
HTTP: Add TLS version configurability for Grafana server (#67482)
Co-authored-by: Rao B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-05-08 17:11:36 +02:00
Jo
3644ea6556
ServiceAccounts: Add secret scan service docs (#57926)
* add secret scanning docs

* update docs

* fix merge

* add revoke to docs

* add revoke to docs

* typo fix

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* add step by step instructions

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* prettier

* Update docs/sources/setup-grafana/configure-security/secret-scan.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* feedback

* Update docs/sources/setup-grafana/configure-security/secret-scan.md

* Update docs/sources/setup-grafana/configure-security/secret-scan.md

* Update docs/sources/setup-grafana/configure-security/secret-scan.md

Co-authored-by: Victor Cinaglia <victor@grafana.com>

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Victor Cinaglia <victor@grafana.com>
2023-05-04 10:36:51 +02:00