* declare new API and models GettableTimeIntervals, PostableTimeIntervals
* add new actions alert.notifications.time-intervals:read and alert.notifications.time-intervals:write.
* update existing alerting roles with the read action. Add to all alerting roles.
* add integration tests
* Create locking config store that mimics existing provisioning store
* Rename existing receivers(_test).go
* Introduce shared receiver group service
* Fix test
* Move query model to models package
* ReceiverGroup -> Receiver
* Remove locking config store
* Move convert methods to compat.go
* Cleanup
This commit prevents saving configurations containing inhibition
rules in Grafana Alertmanager. It does not reject inhibition
rules when using external Alertmanagers, such as Mimir. This meant
the validation had to be put in the MultiOrgAlertmanager instead of
in the validation of PostableUserConfig. We can remove this when
inhibition rules are supported in Grafana Managed Alerts.
* Add secureSocksDSProxyEnabled label to grafana_datasource_request_duration_seconds
* rename label from secureSocksDSProxyEnabled to secure_socks_ds_proxy_enabled
* DataSourceMetricsMiddleware: add secure_socks_ds_proxy_enabled label to every metric
* create the feature flag
* bring the concurrency in to the play
* Update feature flag
* Use concurrency number from settings
* update influxdb dependency
* use ConcurrentQueryCount from plugin-sdk-go
* use helper method for concurrent query count
* log the error
* add value guard
* add unit tests
* handle concurrency error
* use regex as templateSrv replace format
* use regex as templateSrv replace format for raw queries
* import path fix
* don't use regex formatter
* tag value escape
* tag value escape with wrappers
* polished interpolation logic
* update unit tests
* comments and more place to update
* unit test update
* fix escaping
* handle the string and array of string type separately
* update variable type
AM config applied via API would use the PostableUserConfig as the AM raw
config and also the hash used to decide when the AM config has changed.
However, when applied via the periodic sync the PostableApiAlertingConfig would
be used instead.
This leads to two issues:
- Inconsistent hash comparisons when modifying the AM causing redundant applies.
- GetStatus assumed the raw config was PostableUserConfig causing the endpoint
to return correctly after a new config is applied via API and then nothing once
the periodic sync runs.
Note: Technically, the upstream GrafanaAlertamanger GetStatus shouldn't be
returning PostableUserConfig or PostableApiAlertingConfig, but instead
GettableStatus. However, this issue required changes elsewhere and is out of
scope.
* add feature toggle
* add a middleware that appens headers for IP range AC
* sort imports
* sign IP range header and only append it if the request is going to allow listed data sources
* sign a random generated string instead of IP, also change the name of the middleware to make it more generic
* remove the DS IP range AC options from the config file; remove unwanted change
* add test
* sanitize the URLs when comparing
* cleanup and fixes
* check if X-Real-Ip is present, and set the internal request header if it is not present
* use split string function from the util package
* Add folder store method for fetching all folder descendants
* Modify GetDescendantCounts() to fetch folder descendants at once
* Reduce DB calls when counting library panels under dashboard
* Reduce DB calls when counting dashboards under folder
* Reduce DB calls during folder delete
* Modify folder registry to count/delete entities under multiple folders
* Reduce DB calls when counting
* Reduce DB calls when deleting
* Add test for create method
Co-authored-by: Tania B <10127682+undef1nd@users.noreply.github.com>
* Change structure of entity package to break import cycle
* Update wire file
---------
Co-authored-by: Tania B <10127682+undef1nd@users.noreply.github.com>
* Data query: Allo logging panel plugin id when executing queries
* Update tracing header middleware
* Test fix
* Add panelPluginType to query analytics
* Cleanup
- Feature Toggle is `promQLScope`.
- Query property is:
"scope": {
"matchers": "{job=~\".*\"}"
}
Misc:
- Also updates drone GO version to address ARM bug https://github.com/golang/go/issues/58425
- Also updates Swagger defs that were causing builds to fail
---------
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
* Reload after deletion of the current settings
* Add grafana_ssosettings_setting_reload_failure_total counter
* Returns successfully if data reload failed
* Plugin: handle colon character in path
url.Parse() does not handle the given input correctly when the input
contains a colon character. The user will see the following error
message when trying to use remote cluster in Elasticsearch:
```
level=warn msg="Failed for create plugin resource request" error="parse \"foo-*,*:foo-*/_mapping\": first path segment in URL cannot contain colon" traceID=
```
As far as I can tell, we only want to set the path here + rawquery so
avoid url.Parse() altogether.
* Add more tests
---------
Co-authored-by: Giuseppe Guerra <giuseppe@guerra.in>
* add annotation permissions to dashboard managed role and add migrations for annotation permissions
* fix a bug with conditional access level definitions
* add tests
* Update pkg/services/sqlstore/migrations/accesscontrol/dashboard_permissions.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* apply feedback
* add batching, fix tests and a typo
* add one more test
* undo unneeded change
* undo unwanted change
* only check the default basic permissions for non-OSS instances
* account for all wildcards and simplify the check a bit
* error handling and extra conditionals to avoid test failures
* fix a bug with admin permissions not appearing for folders
* fix the OSS check
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Remove folderID from service tests
* Remove folderID from ngalert migration tests
* Remove tests related to folderIDs
* Roll back change
Before removing FolderID from this test, we need to adjust the code
* Remove FolderID from publicdashboard pkg
* Add back annotations test
* RBAC: Search add user login filter
* Switch to a userService resolving instead
* Remove unused error
* Fallback to use the cache
* account for userID filter
* Account for the error
* snake case
* Add test cases
* Add api tests
* Fix return on error
* Re-order imports
* Folders: Expose function for getting all org folders with specific UIDs
* lint
* Fix test
* fixup
* Apply suggestion from code review
* Remove changes in alerting scheduler
* fixup
* fixup after merge with main
* Add batching
* Use strings.Builder
* Return all org folders if UIDs is empty
* Filter out not accessible folders by the user
* Remove comment
* Fix batching when count is zero
* Do not include dashboard permissions
* Add some tests
* fix test
* Use batch request for folders
* Use batch request to deduplicate folders
* Refactor
* Fix after merging main
* Refactor
---------
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Check the value type before casting it to the string
* set visualization as table by default
* append all values for show diagnostics
* golangci-lint
* append metadata only to first frame
* Add API test
* Add move tests
* Fix create folder
* Fix move
* Fix test
* Drop and re-create index so that allows a folder to contain a dashboard and a subfolder with same name
* Get folder by title defaults to root folder and optionally fetches folder by provided parent folder
* Apply suggestions from code review
* Folders: Expose function for getting all org folders with specific UIDs
* Return all org folders if UIDs is empty
* Filter out not accessible folders by the user
* Modify query to optionally returning a string that contains the UIDs of all parent folders separated by slash.
* Alerting: Add action, scope, role_id to permission table
The existing role_id, action, scope index has the wrong ordering to be most
effectively used in dashboard/folder permission requests.
On a large tests set, the slow database calls were on the order of ~30-40ms, so
when performed individually they don't have that large of a latency impact.
However, when done in bulk in the migration this adds up to some very slow
requests.
After the index is added these same database calls are reduced to ~4-5ms
* Change index to action, scope, role_id
* Make new index unique and drop [role_id, action, scope] index
* Alerting: During legacy migration reduce the number of created silences
During legacy migration every migrated rule was given a label rule_uid=<uid>.
This was used to silence DatasourceError/DatasourceNoData alerts for
migrated rules that had either ExecutionErrorState/NoDataState set to
keep_state, respectively.
This could potentially create a large amount of silences and a high cardinality
label. Both of these scenarios have poor outcomes for CPU load and latency in
unified alerting.
Instead, this change creates one label per ExecutionErrorState/NoDataState when
they are set to keep_state as well as two silence rules, if rules with said
labels were created during migration. These silence rules are:
- __legacy_silence_error_keep_state__ = true
- __legacy_silence_nodata_keep_state__ = true
This will drastically reduce the number of created silence rules in most cases
as well as not create the potentially high cardinality label `rule_uid`.
