Commit Graph

450 Commits

Author SHA1 Message Date
Ryan McKinley
713970d00a
SQLStore: Cleanup migrationLocking (#85054) 2024-03-25 10:09:15 +03:00
Sofia Papagiannaki
33b653534e
SQLStore: Enable migration locking by default (#84983)
* Introduce new configuration for migration locking

* Remove feature toggle

* Fix test and turn it into an integration

* Fix docs
2024-03-22 21:22:29 +02:00
Timur Olzhabayev
e9db9106c1
Chore: Disable angular support by default (#84738)
* Flipping angular support to disabled by default
2024-03-22 17:09:53 +01:00
chalapat
65c0669f01
Server: Reload TLS certs without a server restart (#83589)
* server: reload of grafana server certs when renewed without restart.

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>

* server: reload of grafana server certs when renewed without restart.

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>

* Update http_server.go

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update http_server.go

Address the comments

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Dan Cech <dan@aussiedan.com>

* Update http_server.go

Align the spaces

* Update http_server.go

* Update http_server.go

* Update pkg/api/http_server.go

Co-authored-by: Dan Cech <dan@aussiedan.com>

---------

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
2024-03-22 17:13:22 +02:00
Eric Leijonmarck
bb792ff540
Auth: Remove oauth skip org role sync (#84972)
* remove oauth wide skip org role sync

* we are warning from config

* set it to false

* removed from config ini files and updated docs
2024-03-22 15:34:05 +01:00
Andreas Christou
6bb7ab261a
AzureMonitor: User authentication support (#81918)
* Stub out frontend user auth

* Stub out backend user auth

* Add context

* Reorganise files

* Refactor app registration form

* Alert for user auth service principal credentials

* AzureMonitor: Add flag for enabling/disabling fallback credentials for current user authentication (#82332)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Update azure-sdk

* Fix lint

* Update test

* Bump dependency

* Update configuration

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Docs review

* AzureMonitor: User authentication frontend updates (#83107)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Add alerts to query editor

- Add authenticatedBy property to grafana/data
- Update mocks
- Update query editor to disable it under certain circumstances
- Update tests

* Add separate FallbackCredentials component

- Reset AppRegistrationCredentials component to only handle clientsecret credentials
- Update AzureCredentialsForm
- Update selectors
- Update tests
- Update credentials utility functions logic

* Alert when fallback credentials disabled

* Update condition

* Update azure-sdk

* Fix lint

* Update test

* Remove unneeded conditions

* Set auth type correctly

* Legacy cloud options

* Fix client secret

* Remove accidental import

* Bump dependency

* Add tests

* Don't use VerticalGroup component

* Remove unused import

* Fix lint

* Appropriately set oAuthPassThru and disableGrafanaCache properties

* Clear azureCredentials on authType change

* Correctly retrieve secret

* Fix bug in authTypeOptions

* Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Update public/app/plugins/datasource/azuremonitor/components/QueryEditor/QueryEditor.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Add documentation links

* Fix broken link

---------

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* AzureMonitor: Update docs for current user authentication (#83440)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Add alerts to query editor

- Add authenticatedBy property to grafana/data
- Update mocks
- Update query editor to disable it under certain circumstances
- Update tests

* Add separate FallbackCredentials component

- Reset AppRegistrationCredentials component to only handle clientsecret credentials
- Update AzureCredentialsForm
- Update selectors
- Update tests
- Update credentials utility functions logic

* Alert when fallback credentials disabled

* Update condition

* Update azure-sdk

* Fix lint

* Update test

* Remove unneeded conditions

* Set auth type correctly

* Legacy cloud options

* Fix client secret

* Remove accidental import

* Bump dependency

* Add tests

* Don't use VerticalGroup component

* Remove unused import

* Update docs

* Fix lint

* Appropriately set oAuthPassThru and disableGrafanaCache properties

* Clear azureCredentials on authType change

* Correctly retrieve secret

* Feedback

* Spelling

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

---------

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Docs review

* Update docs with additional configuration information

* Fix to appropriately hide the query editor

* Typo

* Update isCredentialsComplete

* Update test

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>
2024-03-19 16:32:24 +00:00
William Wernert
97f37b2e6f
Alerting: Clamp Loki ASH range query to configured max_query_length (#83986)
* Clamp range in loki http client to configured max_query_length

Defaults to 721h to match Loki default
2024-03-15 18:59:45 +02:00
Gilles De Mey
8765c48389
Alerting: Remove legacy alerting (#83671)
Removes legacy alerting, so long and thanks for all the fish! 🐟

---------

Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Co-authored-by: Sonia Aguilar <soniaAguilarPeiron@users.noreply.github.com>
Co-authored-by: Armand Grillet <armandgrillet@users.noreply.github.com>
Co-authored-by: William Wernert <rwwiv@users.noreply.github.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
2024-03-14 15:36:35 +01:00
Sofia Papagiannaki
22d8258e48
Postgres: Allow disabling SNI on SSL-enabled connections (#83892)
* Postgres: Allow disabling SNI on SSL-enabled connections

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-03-12 12:03:24 +02:00
Misi
63f1c30313
Auth: Set the default org after User login (#83918)
* poc

* add logger, skip hook when user is not assigned to default org

* Add tests, move to hook folder

* docs

* Skip for OrgId < 1

* Address feedback

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* lint

* Move the hook to org_sync.go

* Update pkg/services/authn/authnimpl/sync/org_sync.go

* Handle the case when GetUserOrgList returns error

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2024-03-12 09:35:13 +01:00
Yuri Tseretyan
7147af6b8e
Alerting: Disable legacy alerting for ever (#83651)
* hard disable for legacy alerting
* remove alerting section from configuration file 
* update documentation to not refer to deleted section
* remove AlertingEnabled from usage in UA setting parsing
2024-03-07 16:01:11 -05:00
Xavi Lacasa
d1f8f7774d
Document verification_email_max_lifetime_duration config option (#84057) 2024-03-07 13:51:27 +01:00
linoman
b02ae375ba
Chore: Query oauth info from a new instance (#83229)
* query OAuth info from a new instance

* add `hd` validation flag

* add `disable_hd_validation` to settings map

* update documentation

---------

Co-authored-by: Jo <joao.guerreiro@grafana.com>
2024-02-29 16:48:32 +01:00
Yuri Tseretyan
6a11bee6af
Alerting: Deprecate max_annotations_to_keep and max_annotation_age in [alerting] configuration section (#83266)
* introduce new config section [unified_alerting.state_history.annotations] and deprecate settings in [alerting]

Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
2024-02-26 17:04:27 -05:00
linoman
ac84069071
Password policy (#82268)
* add password service interface

* add password service implementation

* add tests for password service

* add password service wiring

* add feature toggle

* Rework from service interface to static function

* Replace previous password validations

* Add codeowners to password service

* add error logs

* update config files


---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2024-02-16 04:58:05 -06:00
Alexander Weaver
99fa064576
Alerting: Emit warning when creating or updating unusually large groups (#82279)
* Add config for limit of rules per rule group

* Warn when editing big groups through normal API

* Warn on prov api writes for groups

* Wire up comp root, tests

* Also add warning to state manager warm

* Drop unnecessary conversion
2024-02-13 08:29:03 -06:00
Alexander Weaver
5bbe9c6e61
Alerting: Enable group-level rule evaluation jittering by default, remove feature toggle (#82212)
* remove jitter feature flag

* Add an out so users can manually disable jitter

* Pass in cfg

* Add TODO to remove knob in future
2024-02-09 15:53:58 -06:00
Jo
6f62d970e3
JWT Authentication: Add support for specifying groups in auth.jwt for teamsync (#82175)
* merge JSON search logic

* document public methods

* improve test coverage

* use separate JWT setting struct

* correct use of cfg.JWTAuth

* add group tests

* fix DynMap typing

* add settings to default ini

* add groups option to devenv path

* fix test

* lint

* revert jwt-proxy change

* remove redundant check

* fix parallel test
2024-02-09 16:35:58 +01:00
Isabella Siu
81da3ff753
CloudWatch: Remove dependencies on grafana/pkg/setting (#81208) 2024-02-05 13:59:32 -05:00
Jean-Philippe Quéméner
aa25776f81
Alerting: Add a feature flag to periodically save states (#80987) 2024-01-23 17:03:30 +01:00
Dave Henderson
e0402115ea
Notifications: Optional trace propagation through SMTP (#80481)
* Notifications: Optional trace propagation through SMTP

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

* fix failing test

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

* Add documentation

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

---------

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
2024-01-22 10:50:05 -05:00
Ashley Harrison
127decee1e
Release: Deprecate latest.json and replace with api call to grafana.com (#80537)
* remove latest.json and replace with api call to grafana.com

* remove latest.json

* Revert "remove latest.json"

This reverts commit bcff43d898.

* Revert "remove latest.json and replace with api call to grafana.com"

This reverts commit 02b867d84e.

* add deprecation message to latest.json
2024-01-16 11:19:32 +00:00
Agnès Toulet
fdaf6e3f2e
PublicDashboards: Add setting to disable the feature (#78894)
* Replace feature toggle with configuration setting

* Fix permission alert

* Update documentation

* Add back feature toggle

* revert unwanted commited changes

* fix tests

* run prettier

* Update SharePublicDashboard.test.tsx

* fix linter and frontend tests

* Update api.go

* Apply docs edit from code review

Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>

* Update index.md

* Update docs/sources/setup-grafana/configure-grafana/feature-toggles/index.md

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* add isPublicDashboardsEnabled + test

* fix test

* update ff description in registry

* move isPublicDashboardsEnabled

* revert getConfig() update

---------

Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-12-19 11:43:54 +01:00
owensmallwood
d5b9602a79
Config: Can add static headers to email messages (#79365)
* Can add allowed custom headers to an email Message. WIP.

* adds slug as a custom email header to all outgoing emails

* Headers are static - declared as key/value pairs in config. All static headers get added to emails.

* updates comment

* adds tests for parsing smtp static headers

* updates test to assert static headers are included when building email

* updates test to use multiple static headers

* updates test names

* fixes linting issue with error

* ignore gocyclo for loading config

* updates email headers in tests to be formatted properly

* add static headers first

* updates tests to assert that regular headers like From cant be overwritten

* ensures only the header is in a valid format for smtp and not the value

* updates comment and error message wording

* adds to docs and ini sample files

* updates smtp.static_headers docs examples formatting

* removes lines commented with semi colons

* prettier:write

* renames var
2023-12-14 12:59:43 -06:00
Bruno
58678f5879
Plugins: Add option to disable TLS in the socks proxy (#79246)
* Plugins: add option to disable TLS in the socks proxy

* fix allow_insecure docs

* upgrade github.com/grafana/grafana-plugin-sdk-go from v0.196.0 to v0.197.0

* fix conflicts
2023-12-14 12:16:32 -03:00
Andreas Christou
f3cdb44898
Plugins: Include Azure settings as a part of Grafana config sent in plugin requests (#79342)
* Add Azure settings and update tests

* Filter by plugin ID

* Add forward settings config variable

* Update line

* Add tests

* Update so that data sources are fully defined in config

* Update SDK and test

* Fix lint

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Remove unnecessary if

---------

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
2023-12-14 11:48:22 +00:00
gotjosh
0c9356a3c7
Unified Alerting: Set max_attempts to 1 by default (#79095)
* Unified Alerting: Set `max_attempts` to 1 by default

The retry logic for unified alerting has been broken as far as v9.4.x, rather than fixing it in one go and causing a headache to our users with rules putting extra load on their datasources - I think a better approach is to simply set 1 as a default and then let our users change it.

I see two cons with this approach:

- Configuration for legacy to unified alerting cannot be ported over automatically, users will have to manually set `max_attempts` to 3 when migrating.
- Users expecting to get any sort of retrying (as with legacy alerting) will not have it out of the box and will have to manually edit the configuration.

Signed-off-by: gotjosh <josue.abreu@gmail.com>
---------

Signed-off-by: gotjosh <josue.abreu@gmail.com>
2023-12-05 17:42:34 +00:00
Matthew Jacobson
5a80962de9
Alerting: Add clean_upgrade config and deprecate force_migration (#78324)
* Alerting: Add clean_upgrade config and deprecate force_migration

Upgrading to UA and rolling back will no longer delete any data by default. 
Instead, each set of tables will remain unchanged when switching between 
legacy and UA. As such, the force_migration config has been deprecated 
and no extra configuration is required to roll back to legacy anymore.

If clean_upgrade is set to true when upgrading from legacy alerting to Unified
Alerting, grafana will first delete all existing Unified Alerting resources,
thus re-upgrading all organizations from scratch. If false or unset,
organizations that have previously upgraded will not lose their existing Unified
 Alerting data when switching between legacy and Unified Alerting.

 Similar to force_migration, it should be kept false when not needed as it may
 cause unintended data-loss if left enabled.

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-11-30 11:01:11 -05:00
Karl Persson
21f94c5b78
Auth: id response header (#77871)
* Add config options for identity id response header

* Add feature to add identity id response header to all responses

* Use util.SplitString
2023-11-29 15:51:13 +01:00
venkatbvc
e152323a33
Auth: Split signout_redirect_url into per provider settings (#75269)
* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana/index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* Split signout_redirect_url into per provider settings

* update docs

* update devenvs

* add missing struct tag

---------

Co-authored-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: jguer <me@jguer.space>
2023-11-29 14:50:21 +01:00
William Assis
65a7bddcee
Analytics: Add option to pass destSDKBaseURL to rudderstack load method (#74926)
* Add option to pass destSDKBaseURL to rudderstack load method

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-10-23 12:43:33 +00:00
João Calisto
d5691e6dd1
Live: Allow setting the engine password (#76289) 2023-10-11 09:45:24 +01:00
Jo
cada1f040a
Auth: Add support for role mapping and allowed groups in Google OIDC (#76266)
* support google oauth allowed_groups. unify allowed groups logic

* add role mapping for google oauth

* add documentation

* add addendums

* remove extra isGroupMember

* add to sample ini

* Apply suggestions from code review

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-10-10 18:07:23 +02:00
Sergey Kostrukov
3ee40d3a5a
Azure: Settings for Azure AD Workload Identity (#75283)
* Settings for Azure AD Workload Identity

* Update dependency on Grafana Azure SDK

* Documentation

* Fix JS code

* Cleanup Prometheus backend code

* Making prettier happy
2023-09-28 12:05:16 +01:00
João Calisto
7e1b45ba31
Feature Toggles API: Trigger webhook call when updating (#75254)
* Feature Toggles API: Trigger webhook call when updating

* update status code error check

* lint - handle Close() error

* Rename update webhook config

* fix tests
2023-09-25 19:11:24 +01:00
Andres Martinez Gotor
96b55ea37c
Feature: Allow to skip plugin loading (#74840) 2023-09-14 12:58:12 +02:00
Dave Henderson
ce1169f8b7
Tracing: Support remote, rate-limited, and probabilistic sampling in tracing.opentelemetry config section (#73587)
* tracing: Support remote sampling server

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* Update docs/sources/setup-grafana/configure-grafana/_index.md

* Satisfying the doc-validator check

* satisfy prettier

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

* back out unnecessary change

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

---------

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-09-11 12:13:29 -04:00
Misi
2f22946f06
RBAC: Enable permission validation by default (#73804) 2023-08-25 14:07:40 +02:00
Michael Mandrus
779e0fe311
Feature Toggles: Create API for updating feature toggle state from the feature toggle admin page (#73022)
* create roles for writing feature toggles

* create update endpoint / handler

* api changes

* add feature toggle validations

* hide toggles based on their state

* make FlagFeatureToggle read only

* add username log

* add username string

* refactor for better readability

* refactor unit tests so we can do more validations

* some skeletoning for the set tests

* write unit tests for updater

* break helper functions out

* update sample ini to match defaults

* add more logic to ReadOnly label

* add user documentation

* fix lint issue

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: J Stickler <julie.stickler@grafana.com>

---------

Co-authored-by: IbrahimCSAE <ibrahim.mdev@gmail.com>
Co-authored-by: J Stickler <julie.stickler@grafana.com>
2023-08-09 11:32:28 -04:00
Sofia Papagiannaki
afb59af79b
Usage stats: Tune collector execution startup and interval (#72688)
* Do not update statistics at service collector startup

* Configurable collector interval

* Introduce initial random delay

* Prevent reporting metrics until the stats have been collected

* Apply suggestion from code review
2023-08-03 11:01:44 +03:00
Misi
bba11d04cb
Auth: Add key_id config param to auth.jwt (#72711)
* Specify keyID for public key provided in PEM format for JWT Auth

* Update docs

* Update sample.ini
2023-08-03 09:13:23 +02:00
Ieva
9ff193f692
Docs: update GitLab OAuth2 documentation (#71834)
* gitlab doc update and update the default scopes

* small fixes

* fix a reference

* update another reference

* PR feedback: fix numbering of bulletpoints, reorder config options

* linting
2023-07-25 19:46:46 +03:00
João Calisto
4ba83173ea
Feature toggles management: Define get feature toggles api (#72106)
* Feature Toggle Management: Define get feature toggles api

* lint
2023-07-24 16:12:59 -04:00
Michael Mandrus
e8093cb11a
Config: Add [aws][external_id] to ini files (#72026)
add mention of aws external id to ini files
2023-07-20 10:37:41 -04:00
Jo
0ffd359801
Auth: Enforce role sync except if skip org role sync is enabled (#70766)
* enforce role sync except if skip org role sync is enabled

* move errors to errors file and set codes

* fix docs and defaults

* remove legacy parameter

* support fall through token-api in generic oauth

* fix error handling for generic_oauth

* Update pkg/login/social/generic_oauth.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update pkg/login/social/gitlab_oauth_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update pkg/login/social/gitlab_oauth_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-07-17 15:58:16 +02:00
Ieva
cb695cef8e
Auth: update GitHub OAuth documentation (#70459)
* github oauth doc improvements

* add skip_org_role_sync to config for github provider

* update links and section headings

* update the docs based on the first PR

* update references
2023-07-12 15:25:46 +02:00
Michael Mandrus
ff6d6659fb
Query: Fix concurrency handling for mixed datasource queries (#70100)
* split queries and merge responses

* increase concurrency again

* update unit test to verify the headers are merged

* fix lint issue

* fix race condition in unit test

* Fix function name and add a bit more documentation about how the func should be used

* update function call after rename

* check for duplicate header vals

* make concurrent query limit configurable

* Update conf/sample.ini

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2023-07-06 17:15:43 +03:00
Esteban Beltran
d618bc46d1
Plugins: Add config option to exclude specific plugins from frontend sandbox (#70899) 2023-07-05 11:16:56 +02:00
Jo
11d196eb6e
Auth: Support google OIDC and group fetching (#70140)
* Auth: Update Google OAuth default configuration based on /.well-known/openid-configuration #69520

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>

* add id_token parsing

add legacy API distinction

use google auth oidc connectors

add group fetching support and tests

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* implement review feedback

* indent docs

---------

Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
Co-authored-by: junya koyama <arukiidou@yahoo.co.jp>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-06-26 09:44:57 +02:00
Jo
4821175d40
Auth: Add auth.azure_ad security improvements (#912)
* security improvements id_token

* add audience validation

* add allowOrganizations

* add allowOrganizations tests and documentation

* add log warn on no configuration

* anonymize tenant id

* Apply suggestions from code review

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update pkg/login/social/azuread_oauth_test.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Update pkg/login/social/azuread_oauth_test.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* optimize key validation and add mising fields

* fix missing key_id

* lint

* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>

* lint docs

---------

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-06-23 09:13:38 +02:00