Commit Graph

435 Commits

Author SHA1 Message Date
Vardan Torosyan
962bf8a906
RBAC: Remove the flag from the config which states that you can disable RBAC (#53730) 2022-08-15 14:22:04 +02:00
Andres Martinez Gotor
a31d96d20a
Prometheus: Promote Azure auth flag to configuration (#53447) 2022-08-11 16:12:57 +02:00
Dave Henderson
19cf9fa87d
Docs: Correct references to 'lockingMigration' (#51678)
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
2022-07-14 15:42:24 -04:00
Matthew Jacobson
28dd413c1d
Alerting: Add config disabled_labels to disable reserved labels (#51832)
* Alerting: Add config disabled_labels to disable reserved labels

[unified_alerting.reserved_labels]
disabled_labels

* Replace IsGrafanaFolderDisabled with more generic IsReservedLabelDisabled

* Simplify SchedulerCfg by including UnifiedAlertingSettings
2022-07-11 12:41:40 -04:00
Ieva
31e8e17d2f
allow specifying auth style (#51233) 2022-06-30 10:27:31 +01:00
Timur Olzhabayev
7c886fb6f9
Frontend Logging: Integrate grafana javascript agent (#50801)
Add Grafana Javascript Agent integration to Grafana
2022-06-28 03:25:30 -04:00
Josh Hunt
dcf786f3a9
I18n: Add default locale server config option (#51035)
* I18n: Set default locale in server config and expose in grafanaBootData

* put default locale behind feature flag

* update tests now that default locale is behind feature flag

* little bit of PR feedback

* update sample.ini
2022-06-21 11:12:49 +01:00
Eric Leijonmarck
b5615a1a18
Docs: CSRF add configuration options and documentation for additional headers and origins (#50473)
* added troubleshooting for "origin not allowed" messages

* include in configuration.ini

* moved doc to security

* removed enterprise congiruation

* Update conf/sample.ini

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2022-06-09 09:13:08 +02:00
idafurjes
24c6a73095
Tracing: Deprecate opentracing (#50058)
* Deprecate opentracing

* Fix comment

* Adjust comment

* Fix docs for opentelemetry

* Add deprecated to sample.ini
2022-06-02 14:13:00 +02:00
Torkel Ödegaard
e1909fe74b
AngularSupport: Update description for angular_support_enabled config option (#49569)
* AngularSupport: Update description for angular_support_enabled config option

* Update angular deprecration plan doc

* Update

* Update article

* Updated
2022-05-25 11:49:12 +02:00
Piotr Jamróz
5a3cd45f79
Query History: Enable new query history by default (#49407)
* Enable new Query History

* Update docs and sample.ini
2022-05-23 16:53:36 +02:00
Karl Persson
2dc45e3e72
AccessControl: Add enterprise only setting for rbac permission cache (#49006)
* Add enterprise only setting for RBAC permission cache

Co-authored-by: Jguer <joao.guerreiro@grafana.com>
2022-05-16 17:52:10 +02:00
Ieva
f256f625d8
AccessControl: Enable RBAC by default (#48813)
* Add RBAC section to settings

* Default to RBAC enabled settings to true

* Update tests to respect RBAC

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-05-16 12:45:41 +02:00
idafurjes
abb1618291
Add OTLP exporter for OpenTelemetry (#47987)
* Add OTLP exporter for OpenTelemtry

* Fix lint

* Refactore parse settings

* Add configuration for propagation + fix tests

* Fix tests and lint

* Fix alerting tests

* Add coments to config

* Add propagation to custom.ini
2022-05-05 10:37:26 +02:00
Jean-Philippe Quéméner
0a87ef06af
Alerting: add safeguard for migrations that might cause dataloss (#48526)
* Alerting: add safeguard for migrations that might cause dataloss

* add test for panic

* add documentation
2022-05-02 10:38:42 +02:00
Jguer
8126331f66
Update cron library for ldap sync (#47983)
* ldap: update cron library

* Update docs/sources/enterprise/enhanced_ldap.md
2022-04-26 14:14:48 +02:00
Torkel Ödegaard
057ff5bcf5
Prometheus: Query builder UX tweaks and feedback link (#47655)
* Prometheus: Query builder UX tweaks and feedback link

* Remove .

* Fixed link

* added option to hide feedback links

* feedback link setting name change

* move config check

* fixed ts issue
2022-04-14 15:18:03 +02:00
Will Browne
f3c1448b57
Analytics: Enable grafana and plugin update checks to be operated independently (#46352)
* add separate cfg for controlling plugin update checks

* https

* add specific version note to docs

* pr feedback

* fixup
2022-04-06 10:50:21 +02:00
Cameron Waterman
8426cfe400
Profile/Help: Expose option to disable profile section and help menu (#46308)
* Expose option to disable help menu

* Expose option to disable profile menu

* Add Profile FeatureTogglePage

* Update public/app/features/profile/FeatureTogglePage.tsx

Uptake PR wording suggestion.

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Fix front end lint issue

* Fix back end lint issue

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2022-03-29 16:27:53 +01:00
Marcus Efraimsson
9eb2cd537d
Plugins: Make backend plugin metrics endpoints available with optional authentication (#46467)
* add new endpoint without auth+config

* add cfg check

* fit lint issue

* Add basic auth support

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>

* WIP docs

* Update docs/sources/administration/view-server/internal-metrics.md

Co-authored-by: Dave Henderson <dhenderson@gmail.com>

* update instructions

Co-authored-by: Will Browne <will.browne@grafana.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Dave Henderson <dhenderson@gmail.com>
2022-03-29 11:18:26 +02:00
sivamu
6c468daabc
AzureAD OAuth: Add optional strict parsing of role_attribute_path for Azure AD (#42157)
* AzureAD OAuth: Add optional strict parsing of role_attribute_path for Azure AD

Fix casting issues

modify unit tests

Unit test fix

Add proper test args

* Return empty role when using strict attribute mode

* Raise error on empty role

* Fix UT for latest case
2022-03-18 10:34:16 +00:00
Joan López de la Franca Beltran
2081f37e95
Encryption: Make DEKs cache TTL & cleanup interval configurable (#46042)
* Make DEKs cache TTL & cleanup interval configurable

* Improve 'data_keys_cache_ttl' setting description

* Fix test
2022-03-16 20:05:13 +01:00
Sergey Kostrukov
1dca39fb91
Auth Proxy: encoding of non-ASCII headers (#44797)
* Decode auth proxy headers using URL encoding

* Header encoding configuration via settings file

* Rename configuration setting to headers_encoded

* Quoted-printable encoding

* Tests for AuthProxy

* Fix encoding name

* Remove authproxy init
2022-03-04 04:58:27 -05:00
baez90
6beba5a049
Chore: add setting to skip org assignment for external users (#34834)
* Chore: add setting to skip org assignment for external users

Introduce 'skip_org_role_update_sync' setting to skip any kind of org assignment during the login of external users.
As a consequence manual organization assignments won't be overridden during the upsert of an external user.

Part of #22605

* Chore: Rename skip_org_role_update_sync to oauth_skip_org_role_update_sync and relocate it to auth section

* Chore: replace global setting access where possible
2022-02-21 17:34:47 +01:00
Torkel Ödegaard
2b9e46d1f8
Angular: Option to disable angular support and isolate angular dependencies (#45421)
* Angular: Initial setting that disables angular, load angular support in separate chunk

* Load angular panels on demand

* Load alerting in separate chunk only when angularSupportEnabled

* progress, do not export core_module if angular disabled

* Progress

* Update public/app/features/plugins/built_in_plugins.ts

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>

* Removing remaining usage of angular from outside angular app (not counting plugins)

* Update config and docs

* Fix sample.ini

* Update public/app/features/alerting/AlertTab.tsx

Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>

* Fixing prettier issue

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-02-16 17:14:33 +01:00
Sofia Papagiannaki
d718ee1918
SQLStore: Prevent concurrent migrations (#44101)
* SQLStore: Prevent concurrent migrations

* Hide behind a feature toggle

* Configurable locking attempt timeout

* Update docs/sources/administration/configuration.md

Co-authored-by: Igor Suleymanov <radiohead@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2022-02-15 18:54:27 +02:00
Will Browne
fc42dfe396
Auth: Guarantee consistency of signed SigV4 headers (#45054)
* use latest sigv4 changes

* update configuration docs

* lint

* reformat lint ignore

* specific version for docs
2022-02-08 14:48:17 +01:00
Ivana Huckova
4e37a53a1c
Query history: Create API to add query to query history (#44479)
* Create config to enable/disable query history

* Create add to query history functionality

* Add documentation

* Add test

* Refactor

* Add test

* Fix built errors and linting errors

* Refactor

* Remove old tests

* Refactor, adjust based on feedback, add new test

* Update default value
2022-01-28 17:55:09 +01:00
Alex Vandiver
844b194f5b
Middleware: Don't require HTTPS for HSTS headers to be emitted (#35147)
Grafana itself may not be serving content over HTTPS, but it may be
behind a transparent proxy which does.

Fixes #26770.  Based on #26868.
2022-01-28 07:23:28 +01:00
Dan Cech
1e89fc157d
update snapshots server url (#44563)
* update snapshots server url
* update all old references to snapshot.raintank.io
2022-01-27 16:11:20 -05:00
Emil Tullstedt
25736b6afb
Auth: implement auto_sign_up for auth.jwt (#43502)
Co-authored-by: James Brown <jbrown@easypost.com>
2022-01-13 17:15:22 +01:00
Joan López de la Franca Beltran
532e71554f
Usage Stats: Add metrics to count enabled kms providers per kind (#43640)
* Usage Insights: Add metrics to count enabled kms providers per kind

* Add backwards compatibility
2022-01-07 13:52:28 +01:00
Carl Bergquist
f373588810
setting: configure toggles as true/false instead of array (#43326)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2021-12-20 15:33:11 +01:00
William Assis
eab0ba8716
Analytics: RudderStack custom URLs to fetch SDK and Config (#41988)
* Add config options to provide custom URL to fetch Rudderstack SDK and Config

* Add new entries to defaults.ini

* Update docs
2021-12-06 09:42:29 -05:00
idafurjes
d993b12415
Add interface Tracer, add Opentelemetry (#41963)
* Add interface Tracer, add Opentelemetry

* Fix lint

* Fix failing tests and return error if config not parsed fo opentelemetry

* Update defaults.ini

Add comment with jaeger url

* go mod tidy

* Remove comments that are not needed

* Move OpentracingSpan to tracing.go

* Add opentelemetry to sample.ini
2021-12-01 17:05:08 +01:00
Armand Grillet
6523486122
Alerting: Make Unified Alerting enabled by default for those who do not use legacy alerting (#42200)
* update AlertingEnabled and UnifiedAlertingSettings.Enabled to be pointers
* add a pseudo migration to fix the AlertingEnabled and UnifiedAlertingSettings.Enabled if the latter is not defined
* update the default configuration file to make default value for both 'enabled' flags be undefined

Misc
* update Migrator to expose DB engine. This is needed for a ualert migration to access the database while the list of migrations is created.
* add more verbose failure when migrations do not match

Co-authored-by: gotjosh <josue@grafana.com>
Co-authored-by: Yuriy Tseretyan <yuriy.tseretyan@grafana.com>
Co-authored-by: gillesdemey <gilles.de.mey@gmail.com>
2021-11-24 14:56:07 -05:00
Tania B
3af36b7e23
Encryption: Add settings to ini files (#42057)
* Encryption: Add settings to ini files

* Rename a setting
2021-11-23 20:29:35 +02:00
Levente Balogh
35c2c95fdc
Plugins: remove deprecated code (components) (#41686)
* refactor(plugins): use routes specific to the new plugins/admin

* refactor(plugins): remove unused pages (PluginList, PluginItem)

* refactor(plugins): remove PluginPage

* refactor(plugins): remove UpdatePluginModal

* refactor(plugins): move AppConfigWrapper under plugins/admin

* refactor(plugins): move PluginDashboards under plugins/admin

* refactor(plugins): rename the "specs" folder to "tests"

* refactor(plugins): move test files to /tests folder

* refactor(plugins): move AppRootPage into a /components folder

* refactor(plugins): move PluginsErrorsInfo into a /plugins folder

* refactor(plugins): move PluginSettingsCache into a /components folder

* refactor(plugins): move PluginStateInfo into a /plugins folder

* refactor(plugins): move AppRootPage.test.tsx next to the tested component

* refactor(plugins): remove old snapshot tests

* fix(plugins): fix tests

* refactor(plugins/admin): move & rename PluginSettingsCache

* fix(plugins): fix a few rebase issues

* Plugins: remove deprecated code (state handling) (#41739)

* refactor(plugins): use the plugins/admin reducer only

* refactor(plugins): remove tests for the deprecated plugins reducer

* refactor(plugins): remove tests for the deprecated plugins selectors

* refactor(plugins/state): add a short comment note to selectors

* feat(plugins/state): add a selector for selecting errors

* feat(plugins/state): add a hook for getting plugin errors

* refactor(plugins): udpate the PluginsErrorsInfo component to use the new state selectors

* refactor(plugins/state): remove the old (deprecated) selectors

* refactor(plugins/state): use the new actions under /admin

* refactor(plugins/state): remove old (deprecated) reducers and actions

* refactor(plugins): update component definition

* fix(plugins): remove unnecessary {children} prop for PluginsErrorsInfo

* Plugins: show / hide install controls based on the `pluginAdminEnabled` flag (#41749)

* docs(plugins): update documentation for the `plugin_admin_enabled` flag

* refactor(InstallControls): move the main component to a named module

* feat(plugins): use the `pluginAdminEnable` flag to hide / show install controls in the UI

* test(plugins): add tests for enabling/disabling install controls
2021-11-19 13:42:26 +01:00
Agnès Toulet
e904f423e4
Docs: Add configuration option for the image renderer (#41798)
* Docs: add configuration option for the image renderer

* Apply review feedback
2021-11-18 18:09:08 +01:00
Marcus Efraimsson
b88d21a6cb
PluginsCatalog: Add backend support for hiding plugins in plugins catalog (#41563)
Add backend support for hiding plugins in plugins catalog. 

Ref #41074
2021-11-15 10:53:35 +01:00
Tania B
e81d434edf
Encryption: Extend secrets service to support registering key providers (#40626)
* Draft adding kms providers

* Rename defaultProvider to currentProvider

* Add getting current provider from config

* Remove comments

* Make current provider service struct field

* Add methods to secrets service

* Test getting current provider

* Implements missing methods for fake secrets service

* Remove accidental changes

* Fix linter issue

* Update configuration examples

* Rename CurrentProvider method

* Split service interface

* Update wire

Co-authored-by: spinillos <selenepinillos@gmail.com>
2021-11-04 19:25:01 +02:00
Emil Tullstedt
e73cd2fdeb
OAuth: Support PKCE (#39948) 2021-10-13 16:45:15 +02:00
Sofia Papagiannaki
012d4f0905
Alerting: Remove ngalert feature toggle and introduce two new settings for enabling Grafana 8 alerts and disabling them for specific organisations (#38746)
* Remove `ngalert` feature toggle

* Update frontend

Remove all references of ngalert feature toggle

* Update docs

* Disable unified alerting for specific orgs

* Add backend tests

* Apply suggestions from code review

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Disabled unified alerting by default

* Ensure backward compatibility with old ngalert feature toggle

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
2021-09-29 16:16:40 +02:00
Sofia Papagiannaki
eead8cd8e1
Docs: alerting fixes (#39717)
* Docs: alerting fixes
2021-09-28 16:37:07 +03:00
Sofia Papagiannaki
f6f3a54742
Alerting: tune rule evaluation via configuration (#35623)
* Alerting: Configure max evaluation retries

* Alerting: Enforce minimum rule evaluation interval

* Alerting: Disable rule evaluation from configuration

* Update docs

* Alerting: Configure rule evaluation timeout

* Move options on unified_alerting config section

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
2021-09-28 13:00:16 +03:00
gotjosh
7db97097c9
Alerting: Support Unified Alerting with Grafana HA (#37920)
* Alerting: Support Unified Alerting in Grafana's HA mode.
2021-09-16 15:33:51 +01:00
Marcus Efraimsson
1c892a2fc4
Postgres/MySQL/MSSQL: Add setting to limit maximum amount of rows processed (#38986)
Adds a new setting dataproxy.row_limit that allows an operator to limit the 
amount of rows being processed/accepted in response to database queries 
originating from SQL data sources.

Closes #38975
Ref #39095

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-09-13 15:27:51 +02:00
Dimitris Sotirakis
ba9d5540b8
Datasources: Introduce response_limit for datasource responses (#38962)
* Introduce response_limit for datasource responses

* Fix lint

* Fix tests

* Add case where limit <= 0 - added parametrized tests

* Add max_bytes_reader.go

* Use new httpclient.MaxBytesReader instead of net/http one

* Fixes according to reviewer's comments

* Add tests for max_bytes_reader

* Add small piece in configuration.md

* Further fixes according to reviewer's comments

* Fix linting - fix test
2021-09-10 16:51:06 +03:00
Djairho Geuens
0383becc46
OAuth: Make generic teams URL and JMES path configurable (#37233)
OAuth: Make generic teams URL and JMES path configurable
2021-09-07 19:57:20 -05:00
gotjosh
f3f3fcc727
Alerting: Introduces /api/v1/ngalert/alertmanagers to expose discovered and dropped Alertmanager(s) (#37632)
* Alerting: Expose discovered and dropped Alertmanagers

Exposes the API for discovered and dropped Alertmanagers.

* make admin config poll interval configurable

* update after rebase

* wordsmith

* More wordsmithing

* change name of the config

* settings package too
2021-08-13 13:14:36 +01:00
Alexander Emelin
6b2d33dc14
fix sample.ini (#37106) 2021-07-22 16:50:27 +02:00
Ryan McKinley
e604e69d93
Geomap: default basemap config cleanup (#37069) 2021-07-21 13:48:20 -07:00
Eunice Kim
3b0d7fc00b
Geomap: Base layer server configuration (#37041) 2021-07-21 17:54:05 +02:00
Djairho Geuens
4cadbba686
Email: Allow configuration of content types for email notifications (#34530)
* Alerting: Allow configuration of content types for email notifications

* Fix lint error

* Improves email templates

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve code comments

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve email template

* Remove unnecessary predeclaration

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Adds handling for unrecognized content type

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Move utility function outside of util package

* Fixes syntax

* Remove unused package

* Fix lint error

* improve email templates

* Fix test

* Alerting: Allow configuration of content types for email notifications

* Fix lint error

* Improves email templates

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve code comments

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve email template

* Remove unnecessary predeclaration

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Adds handling for unrecognized content type

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Move utility function outside of util package

* Fixes syntax

* Remove unused package

* Fix lint error

* improve email templates

* Fix test

* Fix comment style

Co-authored-by: Ganesh Vernekar <15064823+codesome@users.noreply.github.com>

* Fix template formatting

* Add test and improve error handling

* Fix test

* Fix formatting

* Fix formatting

* Improve documentation and regenerates txt template

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: Djairho Geuens <djairho.geuens@ae.be>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Ganesh Vernekar <15064823+codesome@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-07-19 13:31:51 +03:00
Dimitris Sotirakis
069fb0cf38
HTTP Client: Introduce dataproxy_max_idle_connections config variable (#35864)
* Introduce dataproxy_max_idle_connections config var

* Fix according to reviewer's comments

* Fix according to reviewer's comments - round 2

* Remove unused const

* Bring back MaxIdleConnsPerHost

* Fixes according to reviewer's comments
2021-07-07 13:13:53 +03:00
Alexander Emelin
354789edc9
update option description to only commit to wildcard symbol for now (#36341)
(cherry picked from commit 012ee1fc28)
2021-07-03 00:46:48 +03:00
Ward Bekker
b255f3db3f
Team Sync: Add group mapping to support team sync in the Generic OAuth provider (#36307)
Added group mapping to support team sync in the Generic OAuth provider.

Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2021-07-01 22:40:46 +02:00
Alexander Emelin
483418dbb0
live: add allowed_origins option (#36318) 2021-07-01 09:30:09 +03:00
Alexander Emelin
98893c0420
Live: experimental HA with Redis (#34851) 2021-06-24 11:07:09 +03:00
Will Browne
89d8dedece
Plugins: Improve wording around allow_loading_unsigned_plugins configuration (#35731)
* improve wording

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update conf/sample.ini

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-06-15 18:53:11 +02:00
Javier Palomo
6531424c72
Datasource: Add support for max_conns_per_host in dataproxy settings (#35520)
Allow configuring dataproxy.max_conns_per_host for HTTP data sources.

Ref #35519
Ref #35257
2021-06-11 14:18:08 +02:00
kay delaney
8143991b94
Security: Update default CSP template and fix firefox CSP issues (#34836)
* Security: Update default content_security_policy_template
- Add 'strict-dynamic' back to script-src
- Add ws(s)://$ROOT_PATH to connect-src
- Change onEvent to on-event in angular templates to fix CSP issues in firefox.
- Add blob: to style-src
2021-05-28 17:01:10 +02:00
Alexander Emelin
6d750c000e
Live: max_connections option with strict default (#34634)
this should help Live to be enabled by default but still
do not affect setups with lots of simultenious users. To
properly handle many WS connections Grafana administrators
should tune infrastructure a bit - for example increase a
number of open files for a process. Will be in more details
in documentation.
2021-05-27 22:03:18 +03:00
Will Browne
c7b58fe186
Plugins: Enable catalog management link to gcom (#34673)
* click out to gcom when config enabled

* set to false

* fix styling for uninstall

* remove advertising config + simplify callout URL

* add entry to configuration.md

* update config name

* update lingo
2021-05-27 12:45:06 +02:00
Dimitris Sotirakis
91657dad18
HTTP Client: Make ResponseHeaderTimeout default timeout in http client (#34597)
* HTTP Client: Add `ResponseHeaderTimeout` - split from `DialContext` timeout

* Fixes according to reviewer's comments

* Use grafana-plugin-sdk-go v0.100.0
2021-05-25 11:32:41 +03:00
Ryan McKinley
a91edd7267
Plugin Admin App: make the catalog look like internal component (#34341)
* Allow Route component usage in app plugins

* i tried

* fix catalog app

* fix catalog app

* fix catalog app

* cleanup imports

* plugin catalog enabled to plugin admin

* rename plugin catalog to plugin admin

* expose catalog url

* update text

* import from react-router-dom

* fix imports -- add logging

* merge changes

* avoid onNavUpdate

* Fixed onNavChange issues

* fix library imports

* more links

Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2021-05-20 10:42:26 +02:00
Marcus Efraimsson
348e76fc8e
Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy (#33439)
Uses new httpclient package from grafana-plugin-sdk-go introduced 
via grafana/grafana-plugin-sdk-go#328. 
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined 
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the 
SDK contracts and using httpclient.Provider for creating HTTP clients and such.

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-19 23:53:41 +02:00
Arve Knudsen
aed1c013c0
CSP: Relax default template wrt. loading of scripts, due to nonces not working (#34363)
* CSP: Relax default template, due to nonces not working

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* CSP: Add back data: to img-src

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-19 11:37:14 +02:00
Arve Knudsen
d1a9044171
CSP: Allow all image sources by default (#34265)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-18 13:41:55 +02:00
Ryan McKinley
edcefe1c8e
Chore: Rename "marketplace" app to "catalog" (#34149) 2021-05-17 08:27:56 -07:00
Will Browne
c39d6ad97d
Plugins: Enable plugin runtime install/uninstall capabilities (#33836)
* add uninstall flow

* add install flow

* small cleanup

* smaller-footprint solution

* cleanup + make bp start auto

* fix interface contract

* improve naming

* accept version arg

* ensure use of shared logger

* make installer a field

* add plugin decommissioning

* add basic error checking

* fix api docs

* making initialization idempotent

* add mutex

* fix comment

* fix test

* add test for decommission

* improve existing test

* add more test coverage

* more tests

* change test func to use read lock

* refactoring + adding test asserts

* improve purging old install flow

* improve dupe checking

* change log name

* skip over dupe scanned

* make test assertion more flexible

* remove trailing line

* fix pointer receiver name

* update comment

* add context to API

* add config flag

* add base http api test + fix update functionality

* simplify existing check

* clean up test

* refactor tests based on feedback

* add single quotes to errs

* use gcmp in tests + fix logo issue

* make plugin list testing more flexible

* address feedback

* fix API test

* fix linter

* undo preallocate

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* fix linting issue in test

* add docs placeholder

* update install notes

* Update docs/sources/plugins/marketplace.md

Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>

* update access wording

* add more placeholder docs

* add link to more info

* PR feedback - improved errors, refactor, lock fix

* improve err details

* propagate plugin version errors

* don't autostart renderer

* add H1

* fix imports

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>
2021-05-12 20:05:16 +02:00
Sergey Kostrukov
81ad9769fa
AzureMonitor: Azure settings in Grafana server config (#33728)
* Azure cloud settings

* Fix typos

* Grouped Azure settings

* Doc fixes

* Some settings are not needed

* Updated cloud name aliases
2021-05-12 16:23:37 +02:00
jvoeller
0d044285a9
OAuth: Add support for empty scopes (#32129)
* add parameter empty_scopes to override scope parameter with empty value and thus be able to authenticate against IdPs without scopes. Issue #27503

Update docs/sources/auth/generic-oauth.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* updated check according to feedback

* Update generic-oauth.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-05-10 13:07:30 -04:00
Serge Zaitsev
7367cfc0a3
Add isolation level db configuration parameter (#33830)
* add isolation level db configuration parameter

* add isolation_level to default.ini and sample.ini

* add note that only mysql supports isolation levels for now

* mention isolation_level in the documentation

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-05-10 17:54:13 +02:00
Sofia Papagiannaki
540f110220
[Alerting]: Extend quota service to optionally set limits on alerts (#33283)
* Quota: Extend service to set limit on alerts

* Add test for applying quota to alert rules

* Apply suggestions from code review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Get used alert quota only if naglert is enabled

* Set alert limit to zero if nglalert is not enabled
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2021-05-04 19:16:28 +03:00
Arve Knudsen
7f53dfad88
CSP: Set nonce attribute on Webpack injected bundles (#33298)
* CSP: Set __webpack_nonce__

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-26 11:38:24 +02:00
Kristian Klausen
4fc0d42470
OAuth: Add optional strict parsing of role_attribute_path (#28021)
* OAuth: Add strict role mapping

By default the user is assigned the role Viewer if role_attribute_path
doesn't return a role, which is not always desirable. This commit adds a
strict mode, which deny the user access if a role isn't returned.

Fix #26626

* Update docs/sources/auth/generic-oauth.md

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Update docs/sources/auth/generic-oauth.md

* Update .gitignore file with WAN

* Removed WAN from .gitignore

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <aparajita.chatterjee@grafana.com>
2021-04-14 15:14:27 -04:00
Jack Westbrook
bd74953f0d
Plugins: Allow a non-dashboard page to be the default home page (#32926)
* feat: introduce home page redirect if default dashboard

* style: clean up

* Apply suggestions from code review

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>

* chore(dashboard): remove obsolete setting import

* docs(config): add home_page description

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
2021-04-13 15:27:51 +02:00
Vladimir Kochnev
39a3b0d0b0
Auth: support JWT Authentication (#29995) 2021-03-31 08:40:44 -07:00
Carl Bergquist
862cd473eb
HttpServer: Make read timeout configurable but disabled by default (#31575)
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-03-19 11:21:52 +01:00
Erik Sundell
2d660ee502
CloudWatch: Restrict auth provider and assume role usage according to Grafana configuration (#31805)
* restrict usage of providers and assume role according to grafana config

* update docs

* Update docs/sources/datasources/cloudwatch.md

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/tsdb/cloudwatch/cloudwatch.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/tsdb/cloudwatch/session_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* pr feedback

* fix failing test

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-09 21:20:59 +01:00
Carl Bergquist
3b36636318
Annotations: Make the annotation clean up batch size configurable (#31487)
Signed-off-by: bergquist <carl.bergquist@gmail.com>

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2021-03-08 14:16:07 +01:00
Erik Sundell
1b149523ed
AWS: Add aws plugin configuration (#31312)
* add new conf and make sure its passed to frontend

* change auth provider name

* goimports

* fixed after feedback

* more updates after feedback

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update conf/sample.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* updates after pr feedback

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/sample.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-02-24 18:08:13 +01:00
Carl Bergquist
d1b9fddb4f
Usage stats: Adds source/distributor setting (#31039)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2021-02-10 10:07:32 +01:00
Torkel Ödegaard
c04bc805b5
CDN: Adds support for serving assets over a CDN (#30691)
* CDN: Initial poc support for serving assets over a CDN

* Minor fix

* added build path and test

* fix lint error

* Added edition to cdn path

* Move master builds to a separate path

* Added error handling for the url parsing, changed setting name, and added docs

* Updated sample.ini

* Some property renames

* updated

* Minor update to html

* index template improvements

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Added ContentDeliveryPrefix to Licence service

* updated docs

* Updated test mock

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-02-01 10:13:09 +01:00
Sofia Papagiannaki
94a29759ab
Docs: Fix expressions enabled description (#30589) 2021-01-26 18:49:58 +02:00
Sofia Papagiannaki
9ada4b6052
Expressions: Add option to disable feature (#30541)
* Expressions: Add option to disable feature

* Apply suggestions from code review

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-01-22 19:27:33 +02:00
Arve Knudsen
50b649a869
Middleware: Add CSP support (#29740)
* Middleware: Add support for CSP

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored by @iOrcohen
2021-01-12 07:42:32 +01:00
Peter Toft
de563bfaa4
Fix two ini-file typos regarding LDAP (#29843) 2020-12-30 11:09:17 +01:00
ying-jeanne
375e8e4fd0
SQLStore: customise the limit of retrieved datasources per organisation (#29358)
* SQLStore: customise the limit of retrieved datasources per organisation

* update all suggestions regarding nil or 0 as default

* Apply suggestions from code review

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* correct default.ini description + adding unittest

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

* modify unittest name

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-12-28 12:24:42 +01:00
Domas
7d9a528184
Logging: rate limit fronted logging endpoint (#29272)
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2020-12-09 16:22:24 +01:00
Agnès Toulet
22788d1d86
Add an option to hide certain users in the UI (#28942)
* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
2020-11-24 12:10:32 +01:00
Domas
76df096791
Logging: Log frontend errors (#28073)
* basic frontend  Sentry integration

* backend endpoint to capture sentry events

* WIP!

* log user email for frontend logs

* remove debug logging

* lint fixes

* Fix type exports & property names

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* additional struct naming fix

* rename log endpoint, config section & interface

* add sentry sample rate to config

* refac to use EchoSrv

* log user id

* backend tests

* tests for SentryEchoBackend

* sentry echo backend tests

* CustomEndpointTransport tests

* Update pkg/api/frontend_logging_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/frontend_logging_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* don't export unnecesasrily

* update go.sum

* get rid of Convey in tests, use stdlib

* add sentry config to sample.ini

* cleanup to set orig logging handler in test

* Apply suggestions from code review

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* PR feedback changes

* lock sentry version

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-12 12:29:43 +01:00
Carl Bergquist
e3c7d66324
Tracing: Add setting for sampling server (#29011)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-11-11 10:21:52 +01:00
Alex Khomenko
9b90ff2961
Disable selecting enterprise plugins with no license (#28758)
* Add unlicensed property to plugins

* Disable selecting unlicensed plugin

* Add customizable plugin market place url

* License: workaround enabled only in enterprise

* linter

* Move licensing info to front end

* Update pkg/services/licensing/oss.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/licensing/oss.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/frontendsettings.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update sample.ini

* Update docs

* Update packages/grafana-runtime/src/config.ts

Co-authored-by: Torkel Ödegaard <torkel@grafana.org>

* Update public/app/features/datasources/state/buildCategories.ts

Co-authored-by: Torkel Ödegaard <torkel@grafana.org>

* Update pkg/api/frontendsettings.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix spelling

Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.org>
2020-11-05 12:55:40 +02:00
Alexander Zobnin
8032b43838
OAuth: configurable user name attribute (#28286)
* OAuth: more user-frienly logging

* OAuth: custom user name attribute

* OAuth: remove deprecated nameAttributeName option

* OAuth: nameAttributePath tests

* OAuth: add name_attribute_path config option

* OAuth: docs for name_attribute_path option

* move docs to the separate branch
2020-10-20 09:56:48 +03:00
Carl Bergquist
89ebb97fca
Instrumentation: Adds environment_info metric (#28355)
Signed-off-by: bergquist <carl.bergquist@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-19 16:58:16 +02:00
Will Browne
a189cd1832
Users: Expire old user invites (#27361)
* expire with existng cleanup service

* expire with new temp user service

* make Drone happy :)

* add expiry status

* remove other approach

* cleanup

* add test for idempotency

* add migration from datetime to unix ts

* update cmd names

* change lifetime config to duration

* remove unnecessart formatting

* add comment

* update docs

* remove max bound and introduce min error

* simplify sql

* remove comment

* allow any outstanding to exist for at least 24 hours

* revert created ts change

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* add extra state check to cleanup step

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-10-13 12:30:09 +02:00
Kyle Hinton
92c2a6c239
Fix: Add additional settings for dataproxy to help with network proxy timeouts (#27841)
* adding additional settings for datasource cache transport

* added documentation for the new changes

* fixing small typo in defaults.ini comment

* fixing small typo in configuration.md comment

* Update conf/defaults.ini keepalive comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Update conf/defaults.ini idle conn comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Update conf/defaults.ini anon user comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Update docs/sources/administration/configuration.md idle conn comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* adding suggestions from papagian

* fixing configuration.md

* fixing configuration.md typo

* Apply suggestions from code review aknuds1

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* updating sample.ini

* Apply suggestions for docs from code review papagian

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

* Update docs/sources/administration/configuration.md fix typo

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-10-12 11:36:47 +03:00
Will Browne
7d63b2c473
Auth: Add Sigv4 auth option to datasources (#27552)
* create transport chain

* add frontend

* remove log

* inline field updates

* allow ARN, Credentials + Keys auth in frontend

* configure credentials

* add tests and refactor

* update frontend json field names

* fix tests

* fix comment

* add app config flag

* refactor tests

* add return field for tests

* add flag for UI display

* update comment

* move logic

* fix config

* pass config through props

* update docs

* pr feedback and add docs coverage

* shorten settings filename

* fix imports

* revert docs changes

* remove log line

* wrap up next as round tripper

* only propagate required config

* remove unused import

* remove ARN option and replace with default chain

* make ARN role assume as supplemental

* update docs

* refactor flow

* sign body when necessary

* remove unnecessary wrapper

* remove newline

* Apply suggestions from code review

* PR fixes

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-08 10:03:20 +02:00
Wouter Smeenk
39eba5065b
Dashboard: Support configuring default timezone via config file (#27404)
Add a default timezone that the administrator can set in the settings. 
This setting is be used as default for the users timezone preference.
Can be used when creating Grafana instances without administrator 
intervention, in order to give user the correct default timezone.

Fixes #25654
2020-09-15 15:20:53 +02:00
Hansuuuuuuuuuu
8d971ab2f2
Auth: Replace maximum inactive/lifetime settings of days to duration (#27150)
Allows login_maximum_inactive_lifetime_duration and 
login_maximum_lifetime_duration to be configured using 
time.Duration-compatible values while retaining backward compatibility.

Fixes #17554

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-09-14 15:57:38 +02:00
Torkel Ödegaard
61bd33c241
System: Date formating options (#27216)
* Add support for local time formats in graph panel

* Enfore 24h format for backward compatibility

* Use existing Intl.DateTimeFormatOptions

* Pre-generate time scale, add tests

* Move localTimeFormat, add local format to units

* updated default fallback

* #25602, use navigator.languages to enforce locale in formatting

* Making options

* Worked new system settings

* things are working

* Local browser time formats working

* Support parsing dates in different formats

* settings updated

* Settings starting to work

* Fixed graph issue

* Logs fix

* refactored settings a bit

* Updated and name change

* Progress

* Changed config names

* Updated

* Updated

* Updated test

* Synced description

* fixed ts issue

* Added version notice

* Ts fix

* Updated heatmap and test

* Updated snapshot

* Updated

* fixed ts issue

* Fixes

Co-authored-by: Alex Shpak <alex-shpak@users.noreply.github.com>
2020-09-07 16:19:33 +02:00
Carl Bergquist
20747015f6
Annotation: Add clean up job for old annotations (#26156)
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-09-02 08:07:31 +02:00
Carl Bergquist
8faaa1a520
OAuth: Increase state cookie max age (#27258)
60s can be too short if the oauth provider is slow
for some reason and its defintly too slow if the
OAuth provider requires 2FA.

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-09-01 10:57:43 +02:00
Alexander Zobnin
df11cdad62
Generic OAuth: customize login and id_token attributes (#26577)
* OAuth: add login_attribute_path to generic oauth

* OAuth: remove default client_secret values (able to use empty client_secret)

* OAuth: allow to customize id_token attribute name

* Docs: describe how login_attribute_path and id_token_attribute_name params work

* Docs: review fixes

* Docs: review fixes

* Chore: fix go linter error

* Tests: fix test code style
2020-08-03 17:33:27 +03:00
Josh Soref
7d08a8497a
Chore: fix spelling of GitHub (#26182)
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-07-22 08:12:50 -07:00
Marcus Efraimsson
460b01f1fe
Datasource: Make sure data proxy timeout applies to HTTP client (#25865)
For backend data sources executing in the backend (not through data proxy) make 
sure that the timeout applies to cached HTTP client.

Fixes #25863

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-06-29 11:22:49 +02:00
Carl Bergquist
383aa21ab6
docs: removes invalid comment (#25883) 2020-06-29 09:26:08 +02:00
Carl Bergquist
703f728c0c
Dashboards: Make path to default dashboard configurable (#25595)
Closes #25463

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-06-22 18:00:39 +02:00
Emil Tullstedt
80e9546cec
Settings: Add setting for hiding version number for anonymous users (#24919)
* Settings: Add setting for hiding version number for anonymous users

Fixes #12925

* Hide version string from footer when unavailable

* Settings: Test frontend settings with hide version for anonymous users

* Settings: Add hide version variable to frontend settings

* Make AnonymousHideVersion non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Settings: Improve test neighbor friendliness, reset state before and after

* Settings: Use T.Cleanup

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-17 07:39:50 +02:00
Josh Soref
ed92b41d47
Chore: spelling - misc (#24438)
* Chore: spelling - misc

* fix master merge
2020-06-04 06:51:30 +02:00
Carl Bergquist
328ea80cca
switches default value for security settings (#25175)
closes #25163
2020-05-28 10:38:22 +02:00
thameezb
16297da298
Email Notifications: Add StartTLSPolicy config flag (#24574) 2020-05-13 16:33:40 +02:00
Arve Knudsen
96ffcaa134
Plugins: Require signing of external back-end plugins (#24075)
* PluginManager: Require signing of external plugins

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-05-04 10:57:55 +02:00
Marcus Efraimsson
76650e60e4
Image Rendering: New setting to control render request concurrency (#23950)
Fixes #23806

Co-Authored-By: Torkel Ödegaard <torkel@grafana.com>
Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-27 17:25:08 +02:00
Marcus Efraimsson
854085dbc6
Dashboard: Enforce min dashboard refresh interval to 5 seconds per default (#23929)
Fixes #22493
2020-04-27 16:51:54 +02:00
Marcus Efraimsson
871ad73414
Backend plugins: Renderer v2 plugin (#23625)
grafana-plugin-model is legacy and is replaced by new backend 
plugins SDK and architecture. Renderer is not part of SDK and 
we want to keep it that way for now since it's highly unlikely there 
will be more than one kind of renderer plugin.
So this PR adds support for renderer plugin v2.
Also adds support sending a Device Scale Factor parameter to the 
plugin v2 remote rendering service and by that replaces #22474.
Adds support sending a Headers parameter to the plugin v2 and
remote rendering service which for now only include 
Accect-Language header (the user locale in browser when using 
Grafana), ref grafana/grafana-image-renderer#45.
Fixes health check json details response.
Adds image renderer plugin configuration settings in defaults.ini 
and sample.ini.

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-21 16:16:41 +02:00
Alexander Zobnin
f023e7a399
SAML Role and Team sync (open source part) (#23391)
* SAML: add default params for role and team sync

* SAML: add org_mapping option

* SAML: support allowed_organizations option

* Chore: expose RedirectWithError from HTTPServer

* Chore: return RedirectResponse (fix superfluous response.writeheader message)

* HTTPServer: expose ValidateRedirectTo() and CookieOptionsFromCfg()

* Config: move SAML section to the enterprise
2020-04-17 10:48:37 +03:00
Alexander Zobnin
7afdfd2ef4
Okta OAuth provider (team sync support) (#22972)
* Okta OAuth support

* Chore: fix linter error

* Chore: move IsEmailAllowed to SocialBase

* Chore: move IsSignupAllowed to SocialBase

* Chore: review fixes

* Okta: support allowed_groups

* Okta: default config

* Chore: move extractEmail() to OktaClaims struct

* Chore: review fixes

* generic_oauth_test: Handle error cases

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* generic_oauth_test: Handle error cases

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Docs: Okta OAuth

* Chore: don't return expected errors from searchJSONForAttr

* Docs: role mapping

* Chore: review fixes (searchJSONForAttr)

* Docs: review fixes

* Update docs/sources/auth/okta.md

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* Update docs/sources/auth/okta.md

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: log error if searchJSONForAttr failed

* Docs: add Okta login link

* Docs: review fixes

* Docs: add reference to the org roles

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-02 17:35:48 +03:00
rtrompier
474dac1501
OAuth : Introduce new setting for configuring max age of OAuth state cookie (#23195)
* Cookie : Increase duration to avoid error

When using oauth2 authentication with multifactor, the 60s delay may be too short

* Introduce new setting for OAuth state cookie max age

Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-03-30 17:44:58 +03:00
lfroment
72628c8ea0
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416)
This feature would provide a way for administrators to limit the minimum 
dashboard refresh interval globally.
Filters out the refresh intervals available in the time picker that are lower 
than the set minimum refresh interval in the configuration .ini file
Adds the minimum refresh interval as available in the time picker.
If the user tries to enter a refresh interval that is lower than the minimum 
in the URL, defaults to the minimum interval.
When trying to update the JSON via the API, rejects the update if the 
dashboard's refresh interval is lower than the minimum.
When trying to update a dashboard via provisioning having a lower 
refresh interval than the minimum, defaults to the minimum interval 
and logs a warning. 

Fixes #3356

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 14:32:01 +01:00
Alexander Zobnin
f2fc7aa3aa
Azure OAuth: enable teamsync (#22160)
* Azure OAuth: extract groups from token for teamsync

* Docs: changed some headers

* Azure OAuth: fix tests

* Azure OAuth: fix linter error (simplify)

* Azure OAuth: add allowed_groups option

* Azure OAuth: docs for team sync and allowed_groups

* Azure OAuth: tests for allowed_groups

* Update docs/sources/auth/azuread.md

Co-Authored-By: Leonard Gram <leo@xlson.com>

Co-authored-by: Leonard Gram <leo@xlson.com>
2020-02-14 14:03:00 +03:00
twendt
ff6a082e23
Auth: Azure AD OAuth (#20030)
* Implement Azure AD oauth

* Use go-jose and cleanup

* Update go-jose in go.mod

* cleanup

* Add unit tests

* Fix scopes

* Add documentation page

* Improve documentation

* Convert extract_role into function.

* Do not use upn and replace unique_name with preferred_username

* Configure login button

* Use official microsoft icon and color from branding guideline.

* Add Azure AD config section in sample.ini.
2020-02-13 12:12:25 +03:00
Marcus Efraimsson
a1579283a6
Add disabled option for cookie samesite attribute (#21472)
Breaking change: If disabled the cookie samesite cookie attribute
will not be set, but if none the attribute will be set and is a
breaking change compared to before where none did not render the
attribute. This was due to a known issue in Safari.

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
Co-Authored-By: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

Fixes #19847
2020-01-14 17:41:54 +01:00
Sofia Papagiannaki
d135f1229d
Alerting: new min_interval_seconds options to enforce a minimum eval frequency (#21188)
* add min_interval_seconds setting to alerting config

It will let operator enforce a minimum time for the scheduler to enqueue evaluations

* Introduce UI modifications

* Update docs

Co-authored-by: Martin <uepoch@users.noreply.github.com>
2020-01-14 11:13:34 +02:00
Paul Emmerich
42032f6c03 ImgUploader: add support for non-amazon S3 (#20354)
* imguploader: add support for non-Amazon S3 endpoints and forcing of path-style S3 addressing

fixes #11240

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-01-02 15:10:20 +01:00
Alexander Morozov
06bf7e8ef1 OAuth: Removes send_client_credentials_via_post setting (#20044)
Removes send_client_credentials_via_post oauth setting and 
use auto-detect mechanism instead.
By these changes also fixes statichcheck errors

Ref #8968
2019-12-12 20:00:56 +01:00
Sofia Papagiannaki
21fed8c5f1
OAuth: Add missing setting from defaults.ini (#20691) 2019-11-27 11:08:08 +02:00
Marcus Efraimsson
4a2104a1de
Chore: Sync defaults.ini with sample.ini (#20645)
Make sure that configuration sections/keys from defaults.ini 
is mirrored in the sample.ini.

Fixes #20622
2019-11-26 17:14:26 +01:00
Thomas Casteleyn
9fa18a2df5 Configuration: Update root_url to reflect the default value (#20278) 2019-11-11 10:05:32 +01:00
Shavonn Brown
3e5abe7c21 Admin: Adds setting to disable creating initial admin user (#19505)
Adds a new setting disable_admin_user and when true the default 
admin user will not be created when Grafana starts for the first 
time (or no users exists in the system).

Closes #19038
2019-11-08 11:11:03 +01:00
Jon Gyllenswärd
3111c3620b AuthProxy: additions to ttl config change (#20249)
* fixes according to feedback

* additions to config and docs
2019-11-08 10:51:15 +01:00
Torkel Ödegaard
be2bf1a297
AuthProxy: Can now login with auth proxy and get a login token (#20175)
* AuthProxy: Can now login with auth proxy and get a login token

* added unit tests

* renamed setting and updated docs

* AuthProxy: minor tweak

* Fixed tests and namings

* spellfix

* fix

* remove unused setting, probably from merge conflict

* fix
2019-11-07 17:48:56 +01:00
Martin Reinhardt
7a3d1c0e4b OAuth: Generic OAuth role mapping support (#17149)
Adds support for Generic OAuth role mapping. A new 
configuration setting for generic oauth is added named 
role_attribute_path which accepts a JMESPath expression.
Only Grafana roles named Viewer, Editor or Admin are
accepted.

Closes #9766
2019-11-05 21:56:42 +01:00
Scott Brenner
aa87f62c3a Quick typo fix (#19759) 2019-10-11 14:57:29 +01:00
Marcus Efraimsson
75bf31b5c7
docs: image rendering (#19183)
Adds a new "Image Rendering" page in Administration section.
Updates configuration page with rendering settings and also 
default.ini and sample.ini.
Updates and cleanup pages that referencing image rendering.

Ref #18914
2019-09-17 19:24:03 +02:00
Marcus Efraimsson
80592e3361
Metrics: Adds setting for turning off total stats metrics (#19142)
Don't update total stats metrics if reporting is disabled.
New setting disable_total_stats for turning off update 
of total stats (stat_totals_*) metrics.

Ref #19137
2019-09-17 09:32:24 +02:00
Marcus Efraimsson
964c2e722f
Snapshot: Fix http api (#18830)
(cherry picked from commit be2e2330f5)
2019-09-02 15:15:46 +02:00
Bob Shannon
056dbc7012 OAuth: Support JMES path lookup when retrieving user email (#14683)
Add support for fetching e-mail with JMES path

Signed-off-by: Bob Shannon <bobs@dropbox.com>
2019-08-26 18:11:40 +02:00
kay delaney
fb0cec5591
Backend: Adds support for HTTP/2 (#18358)
* Backend: Adds support for HTTP/2

* Adds mozilla recommended ciphers

* Updates sample.ini and config documentation
2019-08-16 16:06:54 +01:00
Kyle Brandt
f689b60426
remotecache: support SSL with redis (#18511)
* update go-redis lib from v2 -> v5
* add ssl option to the redis connection string
fixes #18498
2019-08-13 06:51:13 -04:00
gotjosh
87a794fe0a
Docs: Update documentation with new SAML features (#18163)
* Update defaults.ini and sample.ini with the SAML assertion mapping
fields

* Document Grafana's ability to map ACS attributes while a Grafana user is created
2019-07-23 09:20:07 +01:00
Alexander Zobnin
e47546d529
Docs: SAML idp_metadata_url option (#18181) 2019-07-18 18:45:59 +03:00
gotjosh
d006f7c916
Docs: SAML (#18069)
* docs: Link to SAML docs and document configuration options

- Document configuration options `defaults.ini` and `sample.ini`
- Add the SAML documentation
- Link to the SAML documentation from "what's new in 6.3"
2019-07-17 13:46:51 +01:00
Oleg Gaidarenko
e2cf7c9698
LDAP: finishing touches (#17945)
* LDAP:Docs: `active_sync_enabled` setting

Mention `active_sync_enabled` setting and enable it by default

* LDAP: move "disableExternalUser" method

Idea behind new design of the LDAP module is to minimise conflation
between other parts of the system, so it would decoupled as much as
possible from stuff like database, HTTP transport and etc.

Following "Do One Thing and Do It Well" Unix philosophy principal, other things
could be better fitted on the consumer side of things.

Which what this commit trying to archive

* LDAP: correct user/admin binding

The second binding was not happening, so if the admin login/password
in LDAP configuration was correct, anyone could had login as anyone using
incorrect password
2019-07-05 17:49:00 +03:00
gotjosh
e6b8a1529b
SAML: Configuration defaults, examples and dependencies (#17954)
* Add SAML configuration options

* Add crewjam/saml as a depdency

Needed as part of the enterprise SAML integration.

* Vendor github.com/stretchr/testify/require

The package require implements the same assertions as the `assert` package but stops test execution when a test fails.
2019-07-05 11:27:14 +01:00
Torkel Ödegaard
57c220c93d
Docs: added version notice to new ldap feature docs (#17929) 2019-07-04 14:39:11 +02:00
Kyle Brandt
599514ad68
middleware: add security related HTTP(S) response headers (#17522)
* x_xss_protection
  * strict_transport_security (HSTS)
  * x_content_type_options

these are currently defaulted to false (off) until the next minor release.

fixes #17509
2019-06-12 13:15:50 +02:00
Kyle Brandt
c09fe3c3b4
remote_cache: Fix redis (#17483)
* wip: fix remote cache for redis
connstr parsing and non-negative expires for #17377
TODO: finish parse, check zero case, find out why negative duration in the first place

* finish parse.
Still TODO, find out negative value, and decide if would be better to make database specific entries in the .ini file

* update ini files

* remove accidental uncomment in defaults.ini

* auth_proxy: expiration non-negative so expiration is not in the past

* fix test, revert neg in redis

* review: use errutil
2019-06-10 15:27:08 +02:00