Commit Graph

1916 Commits

Author SHA1 Message Date
Marcus Efraimsson
6768c6c059
Chore: Remove public vars in setting package (#81018)
Removes the public variable setting.SecretKey plus some other ones. 
Introduces some new functions for creating setting.Cfg.
2024-01-23 12:36:22 +01:00
idafurjes
cb419e799b
Remove folderid service test (#80433)
* Remove FolderID from service tests

* Add models

* Add folderID pack to publicdashboard tests

* Remove folderID from dashboard tests

* Remove folderID from folders

* Remove folderID from ngalert tests

* Remove nolint comment

* Add back some tests after rebase
2024-01-12 16:43:39 +01:00
Matthew Jacobson
5ecc7dd2fa
Alerting: Increase size of kvstore value type for MySQL to LONGTEXT (#80331)
* Alerting: Increase size of kvstore value type for MySQL to LONGTEXT

alertmanager uses the kvstore to persist its notification log and the current
column limit for MySQL (16.7mb) puts the maximum entries at a level that is
potentially achievable for heavy alerting users (~40-80k entries).

In comparison, the current type for PSQL (TEXT) is effectively unlimited and
I believe SQLIte defaults to 2gb which is also plenty of leeway.
2024-01-11 22:51:36 +02:00
Arati R
ca9d147a44
Give dialects control over how insert and update queries are performed (#79946)
* Refactor insert, update
* Add separate insert, update methods
* Refactor Insert, Update signatures
2024-01-11 19:55:45 +01:00
Gabriel MABILLE
c9ac069076
RBAC: Add origin column to seed_assignment (#80326)
* RBAC: Add origin column to seed_assignment

* Add OnCall permission migration
2024-01-11 18:43:43 +01:00
Ryan McKinley
1caaa56de0
FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
Charandas
48612063dd
Grafana app platform: an aggregator cmd and package (#79948) 2024-01-08 22:33:42 +02:00
Yuri Tseretyan
f6a46744a6
Alerting: Support hysteresis command expression (#75189)
Backend: 

* Update the Grafana Alerting engine to provide feedback to HysteresisCommand. The feedback information is stored in state.Manager as a fingerprint of each state. The fingerprint is persisted to the database. Only fingerprints that belong to Pending and Alerting states are considered as "loaded" and provided back to the command.
   - add ResultFingerprint to state.State. It's different from other fingerprints we store in the state because it is calculated from the result labels.
  -  add rule_fingerprint column to alert_instance
   - update alerting evaluator to accept AlertingResultsReader via context, and update scheduler to provide it.
   - add AlertingResultsFromRuleState that implements the new interface in eval package
   - update getExprRequest to patch the hysteresis command.

* Only one "Recovery Threshold" query is allowed to be used in the alert rule and it must be the Condition.


Frontend:

* Add hysteresis option to Threshold in UI. It's called "Recovery Threshold"
* Add test for getUnloadEvaluatorTypeFromCondition
* Hide hysteresis in panel expressions

* Refactor isInvalid and add test for it
* Remove unnecesary React.memo
* Add tests for updateEvaluatorConditions

---------

Co-authored-by: Sonia Aguilar <soniaaguilarpeiron@gmail.com>
2024-01-04 11:47:13 -05:00
Serge Zaitsev
06d2ae3ada
Chore: Move folder sync logic into one-shot migration (#78985)
Chore: move folder sync code into one-shot migration
2023-12-12 17:13:47 +01:00
Dan Cech
c4c9bfaf2e
Storage: Unified Storage based on Entity API (#71977)
* first round of entityapi updates

- quote column names and clean up insert/update queries
- replace grn with guid
- streamline table structure

fixes

streamline entity history

move EntitySummary into proto

remove EntitySummary

add guid to json

fix tests

change DB_Uuid to DB_NVarchar

fix folder test

convert interface to any

more cleanup

start entity store under grafana-apiserver dskit target

CRUD working, kind of

rough cut of wiring entity api to kube-apiserver

fake grafana user in context

add key to entity

list working

revert unnecessary changes

move entity storage files to their own package, clean up

use accessor to read/write grafana annotations

implement separate Create and Update functions

* go mod tidy

* switch from Kind to resource

* basic grpc storage server

* basic support for grpc entity store

* don't connect to database unless it's needed, pass user identity over grpc

* support getting user from k8s context, fix some mysql issues

* assign owner to snowflake dependency

* switch from ulid to uuid for guids

* cleanup, rename Search to List

* remove entityListResult

* EntityAPI: remove extra user abstraction (#79033)

* remove extra user abstraction

* add test stub (but

* move grpc context setup into client wrapper, fix lint issue

* remove unused constants

* remove custom json stuff

* basic list filtering, add todo

* change target to storage-server, allow entityStore flag in prod mode

* fix issue with Update

* EntityAPI: make test work, need to resolve expected differences (#79123)

* make test work, need to resolve expected differences

* remove the fields not supported by legacy

* sanitize out the bits legacy does not support

* sanitize out the bits legacy does not support

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>

* update feature toggle generated files

* remove unused http headers

* update feature flag strategy

* devmode

* update readme

* spelling

* readme

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2023-12-06 15:21:21 -05:00
Alexander Zobnin
959ebf82da
Folders: Show dashboards and folders with directly assigned permissions in "Shared" folder (#78465)
* Folders: Show folders user has access to at the root level

* Refactor

* Refactor

* Hide parent folders user has no access to

* Skip expensive computation if possible

* Fix tests

* Fix potential nil access

* Fix duplicated folders

* Fix linter error

* Fix querying folders if no managed permissions set

* Update benchmark

* Add special shared with me folder and fetch available non-root folders on demand

* Fix parents query

* Improve db query for folders

* Reset benchmark changes

* Fix permissions for shared with me folder

* Simplify dedup

* Add option to include shared folder permission to user's permissions

* Fix nil UID

* Remove duplicated folders from shared list

* Folders: Fix fetching empty folder

* Nested folders: Show dashboards with directly assigned permissions

* Fix slow dashboards fetch

* Refactor

* Fix cycle dependencies

* Move shared folder to models

* Fix shared folder links

* Refactor

* Use feature flag for permissions

* Use feature flag

* Review comments

* Expose shared folder UID through frontend settings

* Add frontend type for sharedWithMeFolderUID option

* Refactor: apply review suggestions

* Fix parent uid for shared folder

* Fix listing shared dashboards for users with access to all folders

* Prevent creating folder with "shared" UID

* Add tests for shared folders

* Add test for shared dashboards

* Fix linter

* Add metrics for shared with me folder

* Add metrics for shared with me dashboards

* Fix tests

* Tests: add metrics as a dependency

* Fix access control metadata for shared with me folder

* Use constant for shared with me

* Optimize parent folders access check, fetch all folders in one query.

* Use labels for metrics
2023-12-05 16:13:31 +01:00
Dan Cech
318f51eaee
Chore: Remove unused CacheService dependency from sqlstore (#78507)
remove unused CacheService dependency from sqlstore
2023-12-04 10:00:45 -05:00
Matthew Jacobson
6644e5e676
Alerting: Fix migration that is brittle to version downgrades (#78976) 2023-12-01 15:18:41 -05:00
Matthew Jacobson
cdad712547
Alerting: Keep track of individual org migration status (#78369)
* Alerting: Keep track of individual org migration status

Save migration status per migrated org.

Change the meaning (and key/value) of the org_id=0 entry 
to store the current (previous) config value used by alerting. 
This is so we can know when to upgrade/downgrade by 
comparing with the new config value in 
UnifiedAlerting.IsEnabled.
2023-11-30 10:25:59 -05:00
Ieva
791881f910
RBAC: Change annotation filter to use dashboard based annotation scopes (#78635)
change annotation filter to use dash based annotation scopes
2023-11-29 05:34:44 -05:00
Jo
0de66a8099
Authz: Remove use of SignedInUser copy for permission evaluation (#78448)
* remove use of SignedInUserCopies

* add extra safety to not cross assign permissions

unwind circular dependency

dashboardacl->dashboardaccess

fix missing import

* correctly set teams for permissions

* fix missing inits

* nit: check err

* exit early for api keys
2023-11-22 14:20:22 +01:00
Kat Yang
d090dab138
Chore: Deprecate FolderID from SaveDashboardCommand (#77813) 2023-11-15 11:21:02 -05:00
Kat Yang
3a2e96b0db
Chore: Deprecate FolderID from Dashboard (#77823)
* Chore: Deprecate FolderID from Dashboard

* chore: add two missing nolint comments
2023-11-15 10:28:50 -05:00
Ryan McKinley
f69fd3726b
FeatureToggles: Add context and and an explicit global check (#78081) 2023-11-14 12:50:27 -08:00
Ryan McKinley
a221c1d754
Chore: Remvoe newDBLibrary feature flag (#78074) 2023-11-14 06:51:35 -08:00
Ryan McKinley
dec9a07738
Settings: Actually deprecate access to feature flags (#78073) 2023-11-13 11:39:01 -08:00
Ryan McKinley
3509a5abb9
FeatureFlags: Cleanup usage of cfg.IsFeatureToggleEnabled (#78014) 2023-11-13 07:55:15 -08:00
Misi
5285e9503b
Auth: SSO settings foundations (#77724)
* inital changes, db migration

* changes

* Implement basic GetAll, Delete

* Add first batch of tests

* Add more tests

* Add service tests for GetForProvider, List

* Update http_server.go + wire.go

* Lint + update fixed role

* Update CODEOWNERS

* Change API init

* Change roles, rename

* Review with @kalleep

* Revert a mistakenly changed part

* Updates based on @dmihai 's feedback

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2023-11-08 10:50:01 +01:00
Sofia Papagiannaki
f999fe3d12
Search: Modify query for better performance (#77576)
* Add missing `org_id` in query condition

* Update benchmarks
2023-11-06 15:16:23 +02:00
Dan Cech
67b2972052
Chore: add/update sqlstore-related helper functions (#77408)
* add/update sqlstore-related helper functions

* add documentation & tests for InsertQuery and UpdateQuery, make generated SQL deterministic by sorting columns

* remove old log line
2023-11-03 10:30:52 -04:00
Ryan McKinley
5d5f8dfc52
Chore: Upgrade Go to 1.21.3 (#77304) 2023-11-01 09:17:38 -07:00
Ieva
159bb3c032
RBAC: Allow scoping access to root level dashboards (#76987)
* correctly check permissions to list dashboards on the root

* correctly display the access inherited from general folder for dashboards

* Update pkg/services/sqlstore/permissions/dashboard.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update dashboard_filter_no_subquery.go

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-10-24 11:55:38 +03:00
Sofia Papagiannaki
03a626f1d6
Search: Fix empty folder details for nested folder items (#76504)
* Introduce dashboard.folder_uid column

* Add data migration

* Search: Fix empty folder details for nested folders

* Set `dashboard.folder_uid` and update tests

* Add unique index

* lint

Ignore cyclomatic complexity of func
`(*DashboardServiceImpl).BuildSaveDashboardCommand

* Fix search by folder UID
2023-10-24 10:04:45 +03:00
Matthew Jacobson
82f3127e23
Alerting: Move legacy alert migration from sqlstore migration to service (#72702) 2023-10-12 13:43:10 +01:00
kay delaney
a12cb8cbf3
LibraryPanels: Add RBAC support (#73475) 2023-10-12 00:30:50 +01:00
Alexander Weaver
f6649d7a97
Revert "Alerting: Remove vendored models in migration service" (#76387)
Revert "Alerting: Remove vendored models in migration service (#74503)"

This reverts commit 6a8649d544.
2023-10-11 14:21:21 -05:00
Matthew Jacobson
6a8649d544
Alerting: Remove vendored models in migration service (#74503)
This PR replaces the vendored models in the migration with their equivalent ngalert models. It also replaces the raw SQL selects and inserts with service calls.

It also fills in some gaps in the testing suite around:

    - Migration of alert rules: verifying that the actual data model (queries, conditions) are correct 9a7cfa9
    - Secure settings migration: verifying that secure fields remain encrypted for all available notifiers and certain fields migrate from plain text to encrypted secure settings correctly e7d3993

Replacing the checks for custom dashboard ACLs will be replaced in a separate targeted PR as it will be complex enough alone.
2023-10-11 17:22:09 +01:00
Ryan McKinley
c26e3d80e3
Playlist: Add create+update timestamps to the database (#76295) 2023-10-10 12:46:12 -07:00
Jo
44fa0697ce
Auth: Signing Key persistence (#75487)
* signing key wip

use db keyset storage

add signing_key table

add testing for key storage

add ES256 key tests

Remove caching and implement UpdateOrCreate

Stabilize interfaces

* Encrypt private keys

* Fixup signer

* Fixup ext_jwt

* Add GetOrCreatePrivate with automatic key rotation

* use GetOrCreate for ext_jwt

* use GetOrCreate in id

* catch invalid block type

* fix broken test

* remove key generator

* reduce public interface of signing service
2023-10-04 10:37:27 +02:00
Marcus Efraimsson
e4c1a7a141
Tracing: Standardize on otel tracing (#75528) 2023-10-03 14:54:20 +02:00
George Robinson
ed7d29f2b9
Alerting: Migrate old alerting templates to Go templates (#62911)
* Migrate old alerting templates to use $labels

* Fix imports

* Add test coverage and separate rewriting to Go templates

* Fix lint

* Check for additional closing braces

* Add logging of invalid message templates

* Fix tests

* Small fixes

* Update comments

* Panic on empty token

* Use logtest.Fake

* Fix lint

* Allow for spaces in variable names by not tokenizing spaces

* Add template function to deduplicate Labels in a Value map

* Fix behavior of mapLookupString

* Reference deduplicated labels in migrated message template

* Fix behavior of deduplicateLabelsFunc

* Don't create variable for parent logger

* Add more tests for deduplicateLabelsFunc

* Remove unused function

* Apply suggestions from code review

Co-authored by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>

* Give label val merge function better name

* Extract template migration and escape literal tokens

* Consolidate + simplify template migration

---------

Co-authored-by: William Wernert <william.wernert@grafana.com>
2023-10-02 11:25:33 -04:00
Ryan McKinley
0af7247612
Chore: cleanup old dashboardPreviews files (#75682) 2023-09-28 13:31:07 -07:00
Gabriel MABILLE
96cbe70b14
User: Support sort query param for user and org user, search endpoints (#75229)
* User: Add sort option to user search

* Switch to an approach that uses the dashboard search options

* Cable user sort on the org endpoint

* Alias user table with u in org store

* Add test and cover orgs/:orgID/users/search endpoint

* Add test to userimpl store

* Simplify the store_test with sortopts.ParseSortQueryParam

* Account for PR feedback

* Positive check

* Update docs

* Update docs

* Switch to ErrOrFallback

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2023-09-28 10:16:18 +02:00
Jo
40a1f8434d
Anon: Scaffold anon service (#74744)
* remove API tagging method and authed tagging

* add anonstore

move debug to after cache

change test order

fix issue where mysql trims to second

* add old device cleanup

lint

utc-ize everything

trim whitespace

* remove dangling setting

* Add delete devices

* Move anonymous authnclient to anonimpl

* Add simple post login hook

* move registration of Background Service

cleanup

* add updated_at index

* do not untag device if login err

* add delete device integration test
2023-09-25 16:25:29 +02:00
George Robinson
15f6e8a500
SQLStore: Fix race condition in RecursiveQueriesAreSupported (#75274) 2023-09-22 11:30:14 +01:00
Piotr Jamróz
946da57b6a
Correlations: Allow creating correlations for provisioned data sources (#73737)
* Allow creating correlations for provisioned data sources

* Update docs

* Fix linting

* Add missing props

* Add missing props

* Fix linting

* Fix linting

* Clarify error name

* Removed error handling for a non-existing use case

* Create a list of deleted data datasources based on all configs

* Add org_id to correlations

* Add tests

* Allow org_id to be null in case org_id=0 is used

* Create organization to ensure stable id is generated

* Fix linting

* Ensure backwards compatibility

* Add deprecation information

* Update comments

* Override existing datasSource variable so the UID is retrieved correctly

* Migrate correlations indices

* Default org_id when migrating

* Remove redundant default

* Make PK non-nullable

* Post merge fixes

* Separate data sources / correlations provisioning

* Adjust comments

* Store new data sources in spy store so it can be used to test correlations as well

* Fix linting

* Update tests

* Ensure response is closed

* Avoid creating duplicates during provisioning

* Fix updating provisioned column and update tests

* Rename error message

* Fix linting errors

* Fix linting errors and rename variable

* Update test

* Update pkg/services/sqlstore/migrations/correlations_mig.go

Co-authored-by: Giordano Ricci <me@giordanoricci.com>

* Remove unused error

* Fix lining

---------

Co-authored-by: Giordano Ricci <me@giordanoricci.com>
2023-09-13 15:10:09 +02:00
Eric Leijonmarck
b00f3216c1
Auth: Refactor for revoking user tokens within last hours (#74616)
* fix: revoked tokens within last hours

adds check for unlimited sessions out of index
adds a function for specifing the hours to look back when revoking users tokens, otherwise we "assume" the clean up takes care of them adds a index for the `user_auth_token` - `revoked_at` for faster queries when using `revoked_at`

* fix: sqllite datetime conversion with unixtimestamps

* fix: postgres dialect

* fix: mysql dialect

* fix: mysql dialect missing closing )

* refactor: delete revoked tokens directly

* fix: tests for sqlite

* AuthToken: Simplify DeleteUserRevokedTokens and add test

* fix: linting newline

* Reset get time after test

* fix: test order by revoked

* fix: order by different db

* ascending

* test with seen at

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2023-09-13 10:24:37 +01:00
Marcus Efraimsson
edc34fc836
Instrumentation: Improve instrumentation for database migrations (#74659) 2023-09-11 14:10:21 +03:00
linoman
13f4382214
Auth: Implement requester interface in access control module (#74289)
* Implement requester interface in the access control module
2023-09-06 11:16:10 +02:00
Serge Zaitsev
7197ed9fbb
Fix: avoid panics on duplicate metrics registration (#74359) 2023-09-05 10:02:11 +02:00
Serge Zaitsev
58f6648505
Chore: capitalise messages for alerting (#74335) 2023-09-04 18:46:34 +02:00
Ryan McKinley
025b2f3011
Chore: use any rather than interface{} (#74066) 2023-08-30 18:46:47 +03:00
Kristin Laemmert
3e272d2bda
Bug(sqlstore): fix issue with postgres unable to find existing main organization (#73789)
* SQLStore: fix issue where postgres would not find the existing org

Grafana using a postgres databases would fail to find the created org when the CreatedAt and UpdatedAt times are (inaccurately) populated. This issue only occurs in postgres, and only shows up when getOrCreateOrg run to create the admin user AND the organization already exists. See https://github.com/grafana/grafana/issues/71781 for more information and a reproduction.

* add an integration test
2023-08-30 11:45:20 -04:00
Piotr Jamróz
b30e0aa5aa
Correlations: Add organization id (#72258)
* Add org_id to correlations

* Add tests

* Allow org_id to be null in case org_id=0 is used

* Create organization to ensure stable id is generated

* Fix linting

* Ensure backwards compatibility

* Add deprecation information

* Migrate correlations indices

* Default org_id when migrating

* Remove redundant default

* Make PK non-nullable
2023-08-24 09:39:30 +02:00
Marcus Efraimsson
040b7d2571
Chore: Add errutils helpers (#73577)
Add helpers for the errutil package in favor of errutil.NewBase.
2023-08-22 12:52:24 +02:00