Commit Graph

632 Commits

Author SHA1 Message Date
Torkel Ödegaard
2b9e46d1f8
Angular: Option to disable angular support and isolate angular dependencies (#45421)
* Angular: Initial setting that disables angular, load angular support in separate chunk

* Load angular panels on demand

* Load alerting in separate chunk only when angularSupportEnabled

* progress, do not export core_module if angular disabled

* Progress

* Update public/app/features/plugins/built_in_plugins.ts

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>

* Removing remaining usage of angular from outside angular app (not counting plugins)

* Update config and docs

* Fix sample.ini

* Update public/app/features/alerting/AlertTab.tsx

Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>

* Fixing prettier issue

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-02-16 17:14:33 +01:00
Sofia Papagiannaki
d718ee1918
SQLStore: Prevent concurrent migrations (#44101)
* SQLStore: Prevent concurrent migrations

* Hide behind a feature toggle

* Configurable locking attempt timeout

* Update docs/sources/administration/configuration.md

Co-authored-by: Igor Suleymanov <radiohead@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2022-02-15 18:54:27 +02:00
Will Browne
fc42dfe396
Auth: Guarantee consistency of signed SigV4 headers (#45054)
* use latest sigv4 changes

* update configuration docs

* lint

* reformat lint ignore

* specific version for docs
2022-02-08 14:48:17 +01:00
Ivana Huckova
4e37a53a1c
Query history: Create API to add query to query history (#44479)
* Create config to enable/disable query history

* Create add to query history functionality

* Add documentation

* Add test

* Refactor

* Add test

* Fix built errors and linting errors

* Refactor

* Remove old tests

* Refactor, adjust based on feedback, add new test

* Update default value
2022-01-28 17:55:09 +01:00
Alex Vandiver
844b194f5b
Middleware: Don't require HTTPS for HSTS headers to be emitted (#35147)
Grafana itself may not be serving content over HTTPS, but it may be
behind a transparent proxy which does.

Fixes #26770.  Based on #26868.
2022-01-28 07:23:28 +01:00
Dan Cech
1e89fc157d
update snapshots server url (#44563)
* update snapshots server url
* update all old references to snapshot.raintank.io
2022-01-27 16:11:20 -05:00
Emil Tullstedt
25736b6afb
Auth: implement auto_sign_up for auth.jwt (#43502)
Co-authored-by: James Brown <jbrown@easypost.com>
2022-01-13 17:15:22 +01:00
Joan López de la Franca Beltran
532e71554f
Usage Stats: Add metrics to count enabled kms providers per kind (#43640)
* Usage Insights: Add metrics to count enabled kms providers per kind

* Add backwards compatibility
2022-01-07 13:52:28 +01:00
Alex Khomenko
3b4a4be3c6
Feature highlights: add setting toggle (#43394)
* Feature highlights: add toggle setting

* Settings: Use provider for 'feature_highlights' section

* Fix frontendsettings API tests

* Document the toggle

Co-authored-by: Joan López de la Franca Beltran <5459617+joanlopez@users.noreply.github.com>
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
2021-12-24 10:49:52 +02:00
Carl Bergquist
f373588810
setting: configure toggles as true/false instead of array (#43326)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2021-12-20 15:33:11 +01:00
William Assis
eab0ba8716
Analytics: RudderStack custom URLs to fetch SDK and Config (#41988)
* Add config options to provide custom URL to fetch Rudderstack SDK and Config

* Add new entries to defaults.ini

* Update docs
2021-12-06 09:42:29 -05:00
idafurjes
d993b12415
Add interface Tracer, add Opentelemetry (#41963)
* Add interface Tracer, add Opentelemetry

* Fix lint

* Fix failing tests and return error if config not parsed fo opentelemetry

* Update defaults.ini

Add comment with jaeger url

* go mod tidy

* Remove comments that are not needed

* Move OpentracingSpan to tracing.go

* Add opentelemetry to sample.ini
2021-12-01 17:05:08 +01:00
Armand Grillet
6523486122
Alerting: Make Unified Alerting enabled by default for those who do not use legacy alerting (#42200)
* update AlertingEnabled and UnifiedAlertingSettings.Enabled to be pointers
* add a pseudo migration to fix the AlertingEnabled and UnifiedAlertingSettings.Enabled if the latter is not defined
* update the default configuration file to make default value for both 'enabled' flags be undefined

Misc
* update Migrator to expose DB engine. This is needed for a ualert migration to access the database while the list of migrations is created.
* add more verbose failure when migrations do not match

Co-authored-by: gotjosh <josue@grafana.com>
Co-authored-by: Yuriy Tseretyan <yuriy.tseretyan@grafana.com>
Co-authored-by: gillesdemey <gilles.de.mey@gmail.com>
2021-11-24 14:56:07 -05:00
Tania B
3af36b7e23
Encryption: Add settings to ini files (#42057)
* Encryption: Add settings to ini files

* Rename a setting
2021-11-23 20:29:35 +02:00
Levente Balogh
35c2c95fdc
Plugins: remove deprecated code (components) (#41686)
* refactor(plugins): use routes specific to the new plugins/admin

* refactor(plugins): remove unused pages (PluginList, PluginItem)

* refactor(plugins): remove PluginPage

* refactor(plugins): remove UpdatePluginModal

* refactor(plugins): move AppConfigWrapper under plugins/admin

* refactor(plugins): move PluginDashboards under plugins/admin

* refactor(plugins): rename the "specs" folder to "tests"

* refactor(plugins): move test files to /tests folder

* refactor(plugins): move AppRootPage into a /components folder

* refactor(plugins): move PluginsErrorsInfo into a /plugins folder

* refactor(plugins): move PluginSettingsCache into a /components folder

* refactor(plugins): move PluginStateInfo into a /plugins folder

* refactor(plugins): move AppRootPage.test.tsx next to the tested component

* refactor(plugins): remove old snapshot tests

* fix(plugins): fix tests

* refactor(plugins/admin): move & rename PluginSettingsCache

* fix(plugins): fix a few rebase issues

* Plugins: remove deprecated code (state handling) (#41739)

* refactor(plugins): use the plugins/admin reducer only

* refactor(plugins): remove tests for the deprecated plugins reducer

* refactor(plugins): remove tests for the deprecated plugins selectors

* refactor(plugins/state): add a short comment note to selectors

* feat(plugins/state): add a selector for selecting errors

* feat(plugins/state): add a hook for getting plugin errors

* refactor(plugins): udpate the PluginsErrorsInfo component to use the new state selectors

* refactor(plugins/state): remove the old (deprecated) selectors

* refactor(plugins/state): use the new actions under /admin

* refactor(plugins/state): remove old (deprecated) reducers and actions

* refactor(plugins): update component definition

* fix(plugins): remove unnecessary {children} prop for PluginsErrorsInfo

* Plugins: show / hide install controls based on the `pluginAdminEnabled` flag (#41749)

* docs(plugins): update documentation for the `plugin_admin_enabled` flag

* refactor(InstallControls): move the main component to a named module

* feat(plugins): use the `pluginAdminEnable` flag to hide / show install controls in the UI

* test(plugins): add tests for enabling/disabling install controls
2021-11-19 13:42:26 +01:00
Agnès Toulet
e904f423e4
Docs: Add configuration option for the image renderer (#41798)
* Docs: add configuration option for the image renderer

* Apply review feedback
2021-11-18 18:09:08 +01:00
Marcus Efraimsson
b88d21a6cb
PluginsCatalog: Add backend support for hiding plugins in plugins catalog (#41563)
Add backend support for hiding plugins in plugins catalog. 

Ref #41074
2021-11-15 10:53:35 +01:00
Tania B
e81d434edf
Encryption: Extend secrets service to support registering key providers (#40626)
* Draft adding kms providers

* Rename defaultProvider to currentProvider

* Add getting current provider from config

* Remove comments

* Make current provider service struct field

* Add methods to secrets service

* Test getting current provider

* Implements missing methods for fake secrets service

* Remove accidental changes

* Fix linter issue

* Update configuration examples

* Rename CurrentProvider method

* Split service interface

* Update wire

Co-authored-by: spinillos <selenepinillos@gmail.com>
2021-11-04 19:25:01 +02:00
Emil Tullstedt
e73cd2fdeb
OAuth: Support PKCE (#39948) 2021-10-13 16:45:15 +02:00
Levente Balogh
c2754eb9cc
Plugins Catalog: Make the catalog the default way to interact with plugins (#39779)
* chore(Plugins/Admin): make the Plugins Catalog the default way to interact with plugins

* chore(defaults.ini): change the default value for `plugin_admin_enabled`

* test(Plugins): make the tests pass
2021-09-30 08:34:03 +02:00
Sofia Papagiannaki
012d4f0905
Alerting: Remove ngalert feature toggle and introduce two new settings for enabling Grafana 8 alerts and disabling them for specific organisations (#38746)
* Remove `ngalert` feature toggle

* Update frontend

Remove all references of ngalert feature toggle

* Update docs

* Disable unified alerting for specific orgs

* Add backend tests

* Apply suggestions from code review

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Disabled unified alerting by default

* Ensure backward compatibility with old ngalert feature toggle

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
2021-09-29 16:16:40 +02:00
Sofia Papagiannaki
eead8cd8e1
Docs: alerting fixes (#39717)
* Docs: alerting fixes
2021-09-28 16:37:07 +03:00
Sofia Papagiannaki
f6f3a54742
Alerting: tune rule evaluation via configuration (#35623)
* Alerting: Configure max evaluation retries

* Alerting: Enforce minimum rule evaluation interval

* Alerting: Disable rule evaluation from configuration

* Update docs

* Alerting: Configure rule evaluation timeout

* Move options on unified_alerting config section

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
2021-09-28 13:00:16 +03:00
gotjosh
7db97097c9
Alerting: Support Unified Alerting with Grafana HA (#37920)
* Alerting: Support Unified Alerting in Grafana's HA mode.
2021-09-16 15:33:51 +01:00
Erik Sundell
9d3f4f5983
Analytics: Instrument Azure Application Insights (#38553)
* add backend

* read config and pass to backend

* update config docs

* change var name

* use connection string instead of instrumentation key

* add config for endpoint url. update docs

* update default ini

* add spaces

* remove space

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-09-15 13:00:38 +02:00
Marcus Efraimsson
1c892a2fc4
Postgres/MySQL/MSSQL: Add setting to limit maximum amount of rows processed (#38986)
Adds a new setting dataproxy.row_limit that allows an operator to limit the 
amount of rows being processed/accepted in response to database queries 
originating from SQL data sources.

Closes #38975
Ref #39095

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-09-13 15:27:51 +02:00
Dimitris Sotirakis
ba9d5540b8
Datasources: Introduce response_limit for datasource responses (#38962)
* Introduce response_limit for datasource responses

* Fix lint

* Fix tests

* Add case where limit <= 0 - added parametrized tests

* Add max_bytes_reader.go

* Use new httpclient.MaxBytesReader instead of net/http one

* Fixes according to reviewer's comments

* Add tests for max_bytes_reader

* Add small piece in configuration.md

* Further fixes according to reviewer's comments

* Fix linting - fix test
2021-09-10 16:51:06 +03:00
Djairho Geuens
0383becc46
OAuth: Make generic teams URL and JMES path configurable (#37233)
OAuth: Make generic teams URL and JMES path configurable
2021-09-07 19:57:20 -05:00
gotjosh
f3f3fcc727
Alerting: Introduces /api/v1/ngalert/alertmanagers to expose discovered and dropped Alertmanager(s) (#37632)
* Alerting: Expose discovered and dropped Alertmanagers

Exposes the API for discovered and dropped Alertmanagers.

* make admin config poll interval configurable

* update after rebase

* wordsmith

* More wordsmithing

* change name of the config

* settings package too
2021-08-13 13:14:36 +01:00
Alexander Emelin
6b2d33dc14
fix sample.ini (#37106) 2021-07-22 16:50:27 +02:00
Ryan McKinley
e604e69d93
Geomap: default basemap config cleanup (#37069) 2021-07-21 13:48:20 -07:00
Eunice Kim
3b0d7fc00b
Geomap: Base layer server configuration (#37041) 2021-07-21 17:54:05 +02:00
Djairho Geuens
4cadbba686
Email: Allow configuration of content types for email notifications (#34530)
* Alerting: Allow configuration of content types for email notifications

* Fix lint error

* Improves email templates

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve code comments

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve email template

* Remove unnecessary predeclaration

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Adds handling for unrecognized content type

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Move utility function outside of util package

* Fixes syntax

* Remove unused package

* Fix lint error

* improve email templates

* Fix test

* Alerting: Allow configuration of content types for email notifications

* Fix lint error

* Improves email templates

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve code comments

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve email template

* Remove unnecessary predeclaration

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Adds handling for unrecognized content type

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Move utility function outside of util package

* Fixes syntax

* Remove unused package

* Fix lint error

* improve email templates

* Fix test

* Fix comment style

Co-authored-by: Ganesh Vernekar <15064823+codesome@users.noreply.github.com>

* Fix template formatting

* Add test and improve error handling

* Fix test

* Fix formatting

* Fix formatting

* Improve documentation and regenerates txt template

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: Djairho Geuens <djairho.geuens@ae.be>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Ganesh Vernekar <15064823+codesome@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-07-19 13:31:51 +03:00
Dominik Prokop
663a8935f7
User analytics: Add Rudderstack integration (#36567)
* Replace analytics service with Echo backend

* Add Rudderstack integration and general pageview and interaction Echo events

* Update conf/defaults.ini

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update packages/grafana-runtime/src/types/analytics.ts

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update conf/defaults.ini

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update tests

* Force cla check

Co-authored-by: Dan Cech <dcech@grafana.com>
2021-07-09 11:45:25 +02:00
Dimitris Sotirakis
069fb0cf38
HTTP Client: Introduce dataproxy_max_idle_connections config variable (#35864)
* Introduce dataproxy_max_idle_connections config var

* Fix according to reviewer's comments

* Fix according to reviewer's comments - round 2

* Remove unused const

* Bring back MaxIdleConnsPerHost

* Fixes according to reviewer's comments
2021-07-07 13:13:53 +03:00
Alexander Emelin
354789edc9
update option description to only commit to wildcard symbol for now (#36341)
(cherry picked from commit 012ee1fc28)
2021-07-03 00:46:48 +03:00
Ward Bekker
b255f3db3f
Team Sync: Add group mapping to support team sync in the Generic OAuth provider (#36307)
Added group mapping to support team sync in the Generic OAuth provider.

Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2021-07-01 22:40:46 +02:00
Alexander Emelin
483418dbb0
live: add allowed_origins option (#36318) 2021-07-01 09:30:09 +03:00
Alexander Emelin
98893c0420
Live: experimental HA with Redis (#34851) 2021-06-24 11:07:09 +03:00
Will Browne
89d8dedece
Plugins: Improve wording around allow_loading_unsigned_plugins configuration (#35731)
* improve wording

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update conf/sample.ini

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-06-15 18:53:11 +02:00
Javier Palomo
6531424c72
Datasource: Add support for max_conns_per_host in dataproxy settings (#35520)
Allow configuring dataproxy.max_conns_per_host for HTTP data sources.

Ref #35519
Ref #35257
2021-06-11 14:18:08 +02:00
Gabriel MABILLE
134dba5101
Provisioning: Update accesscontrol sample file 2021-06-02 17:22:34 +02:00
kay delaney
8143991b94
Security: Update default CSP template and fix firefox CSP issues (#34836)
* Security: Update default content_security_policy_template
- Add 'strict-dynamic' back to script-src
- Add ws(s)://$ROOT_PATH to connect-src
- Change onEvent to on-event in angular templates to fix CSP issues in firefox.
- Add blob: to style-src
2021-05-28 17:01:10 +02:00
Alexander Emelin
6d750c000e
Live: max_connections option with strict default (#34634)
this should help Live to be enabled by default but still
do not affect setups with lots of simultenious users. To
properly handle many WS connections Grafana administrators
should tune infrastructure a bit - for example increase a
number of open files for a process. Will be in more details
in documentation.
2021-05-27 22:03:18 +03:00
Will Browne
c7b58fe186
Plugins: Enable catalog management link to gcom (#34673)
* click out to gcom when config enabled

* set to false

* fix styling for uninstall

* remove advertising config + simplify callout URL

* add entry to configuration.md

* update config name

* update lingo
2021-05-27 12:45:06 +02:00
Dimitris Sotirakis
91657dad18
HTTP Client: Make ResponseHeaderTimeout default timeout in http client (#34597)
* HTTP Client: Add `ResponseHeaderTimeout` - split from `DialContext` timeout

* Fixes according to reviewer's comments

* Use grafana-plugin-sdk-go v0.100.0
2021-05-25 11:32:41 +03:00
Ryan McKinley
a91edd7267
Plugin Admin App: make the catalog look like internal component (#34341)
* Allow Route component usage in app plugins

* i tried

* fix catalog app

* fix catalog app

* fix catalog app

* cleanup imports

* plugin catalog enabled to plugin admin

* rename plugin catalog to plugin admin

* expose catalog url

* update text

* import from react-router-dom

* fix imports -- add logging

* merge changes

* avoid onNavUpdate

* Fixed onNavChange issues

* fix library imports

* more links

Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2021-05-20 10:42:26 +02:00
Gabriel MABILLE
d56a653e73
AccessControl: Add provisioning folder to the packaging process (#34398)
* AccessControl: Add provisioning folder to the packaging process
2021-05-20 09:41:39 +02:00
Marcus Efraimsson
348e76fc8e
Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy (#33439)
Uses new httpclient package from grafana-plugin-sdk-go introduced 
via grafana/grafana-plugin-sdk-go#328. 
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined 
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the 
SDK contracts and using httpclient.Provider for creating HTTP clients and such.

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-19 23:53:41 +02:00
Arve Knudsen
aed1c013c0
CSP: Relax default template wrt. loading of scripts, due to nonces not working (#34363)
* CSP: Relax default template, due to nonces not working

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* CSP: Add back data: to img-src

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-19 11:37:14 +02:00
Arve Knudsen
d1a9044171
CSP: Allow all image sources by default (#34265)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-18 13:41:55 +02:00
Ryan McKinley
edcefe1c8e
Chore: Rename "marketplace" app to "catalog" (#34149) 2021-05-17 08:27:56 -07:00
Will Browne
c39d6ad97d
Plugins: Enable plugin runtime install/uninstall capabilities (#33836)
* add uninstall flow

* add install flow

* small cleanup

* smaller-footprint solution

* cleanup + make bp start auto

* fix interface contract

* improve naming

* accept version arg

* ensure use of shared logger

* make installer a field

* add plugin decommissioning

* add basic error checking

* fix api docs

* making initialization idempotent

* add mutex

* fix comment

* fix test

* add test for decommission

* improve existing test

* add more test coverage

* more tests

* change test func to use read lock

* refactoring + adding test asserts

* improve purging old install flow

* improve dupe checking

* change log name

* skip over dupe scanned

* make test assertion more flexible

* remove trailing line

* fix pointer receiver name

* update comment

* add context to API

* add config flag

* add base http api test + fix update functionality

* simplify existing check

* clean up test

* refactor tests based on feedback

* add single quotes to errs

* use gcmp in tests + fix logo issue

* make plugin list testing more flexible

* address feedback

* fix API test

* fix linter

* undo preallocate

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* fix linting issue in test

* add docs placeholder

* update install notes

* Update docs/sources/plugins/marketplace.md

Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>

* update access wording

* add more placeholder docs

* add link to more info

* PR feedback - improved errors, refactor, lock fix

* improve err details

* propagate plugin version errors

* don't autostart renderer

* add H1

* fix imports

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>
2021-05-12 20:05:16 +02:00
Sergey Kostrukov
81ad9769fa
AzureMonitor: Azure settings in Grafana server config (#33728)
* Azure cloud settings

* Fix typos

* Grouped Azure settings

* Doc fixes

* Some settings are not needed

* Updated cloud name aliases
2021-05-12 16:23:37 +02:00
jvoeller
0d044285a9
OAuth: Add support for empty scopes (#32129)
* add parameter empty_scopes to override scope parameter with empty value and thus be able to authenticate against IdPs without scopes. Issue #27503

Update docs/sources/auth/generic-oauth.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* updated check according to feedback

* Update generic-oauth.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-05-10 13:07:30 -04:00
Serge Zaitsev
7367cfc0a3
Add isolation level db configuration parameter (#33830)
* add isolation level db configuration parameter

* add isolation_level to default.ini and sample.ini

* add note that only mysql supports isolation levels for now

* mention isolation_level in the documentation

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-05-10 17:54:13 +02:00
Sofia Papagiannaki
540f110220
[Alerting]: Extend quota service to optionally set limits on alerts (#33283)
* Quota: Extend service to set limit on alerts

* Add test for applying quota to alert rules

* Apply suggestions from code review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Get used alert quota only if naglert is enabled

* Set alert limit to zero if nglalert is not enabled
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2021-05-04 19:16:28 +03:00
Arve Knudsen
7f53dfad88
CSP: Set nonce attribute on Webpack injected bundles (#33298)
* CSP: Set __webpack_nonce__

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-26 11:38:24 +02:00
Kristian Klausen
4fc0d42470
OAuth: Add optional strict parsing of role_attribute_path (#28021)
* OAuth: Add strict role mapping

By default the user is assigned the role Viewer if role_attribute_path
doesn't return a role, which is not always desirable. This commit adds a
strict mode, which deny the user access if a role isn't returned.

Fix #26626

* Update docs/sources/auth/generic-oauth.md

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Update docs/sources/auth/generic-oauth.md

* Update .gitignore file with WAN

* Removed WAN from .gitignore

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <aparajita.chatterjee@grafana.com>
2021-04-14 15:14:27 -04:00
Jack Westbrook
bd74953f0d
Plugins: Allow a non-dashboard page to be the default home page (#32926)
* feat: introduce home page redirect if default dashboard

* style: clean up

* Apply suggestions from code review

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>

* chore(dashboard): remove obsolete setting import

* docs(config): add home_page description

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
2021-04-13 15:27:51 +02:00
Vladimir Kochnev
39a3b0d0b0
Auth: support JWT Authentication (#29995) 2021-03-31 08:40:44 -07:00
Carl Bergquist
862cd473eb
HttpServer: Make read timeout configurable but disabled by default (#31575)
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-03-19 11:21:52 +01:00
Erik Sundell
d512c5a1b4
Cloudwatch: ListMetrics API page limit (#31788)
* add list metrics api page limit

* Update docs/sources/datasources/cloudwatch.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-03-10 07:41:22 +01:00
Erik Sundell
2d660ee502
CloudWatch: Restrict auth provider and assume role usage according to Grafana configuration (#31805)
* restrict usage of providers and assume role according to grafana config

* update docs

* Update docs/sources/datasources/cloudwatch.md

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/tsdb/cloudwatch/cloudwatch.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/tsdb/cloudwatch/session_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* pr feedback

* fix failing test

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-09 21:20:59 +01:00
Carl Bergquist
3b36636318
Annotations: Make the annotation clean up batch size configurable (#31487)
Signed-off-by: bergquist <carl.bergquist@gmail.com>

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2021-03-08 14:16:07 +01:00
Erik Sundell
1b149523ed
AWS: Add aws plugin configuration (#31312)
* add new conf and make sure its passed to frontend

* change auth provider name

* goimports

* fixed after feedback

* more updates after feedback

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update conf/sample.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* updates after pr feedback

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/sample.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-02-24 18:08:13 +01:00
Carl Bergquist
d1b9fddb4f
Usage stats: Adds source/distributor setting (#31039)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2021-02-10 10:07:32 +01:00
Torkel Ödegaard
c04bc805b5
CDN: Adds support for serving assets over a CDN (#30691)
* CDN: Initial poc support for serving assets over a CDN

* Minor fix

* added build path and test

* fix lint error

* Added edition to cdn path

* Move master builds to a separate path

* Added error handling for the url parsing, changed setting name, and added docs

* Updated sample.ini

* Some property renames

* updated

* Minor update to html

* index template improvements

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Added ContentDeliveryPrefix to Licence service

* updated docs

* Updated test mock

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-02-01 10:13:09 +01:00
Sofia Papagiannaki
94a29759ab
Docs: Fix expressions enabled description (#30589) 2021-01-26 18:49:58 +02:00
Sofia Papagiannaki
9ada4b6052
Expressions: Add option to disable feature (#30541)
* Expressions: Add option to disable feature

* Apply suggestions from code review

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-01-22 19:27:33 +02:00
Arve Knudsen
50b649a869
Middleware: Add CSP support (#29740)
* Middleware: Add support for CSP

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored by @iOrcohen
2021-01-12 07:42:32 +01:00
Peter Toft
de563bfaa4
Fix two ini-file typos regarding LDAP (#29843) 2020-12-30 11:09:17 +01:00
ying-jeanne
375e8e4fd0
SQLStore: customise the limit of retrieved datasources per organisation (#29358)
* SQLStore: customise the limit of retrieved datasources per organisation

* update all suggestions regarding nil or 0 as default

* Apply suggestions from code review

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* correct default.ini description + adding unittest

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

* modify unittest name

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-12-28 12:24:42 +01:00
Emil Tullstedt
3ea1fd035f
LDAP: Update use_ssl documentation (#29964) 2020-12-23 09:14:02 +01:00
Domas
7d9a528184
Logging: rate limit fronted logging endpoint (#29272)
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2020-12-09 16:22:24 +01:00
Agnès Toulet
22788d1d86
Add an option to hide certain users in the UI (#28942)
* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
2020-11-24 12:10:32 +01:00
Domas
76df096791
Logging: Log frontend errors (#28073)
* basic frontend  Sentry integration

* backend endpoint to capture sentry events

* WIP!

* log user email for frontend logs

* remove debug logging

* lint fixes

* Fix type exports & property names

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* additional struct naming fix

* rename log endpoint, config section & interface

* add sentry sample rate to config

* refac to use EchoSrv

* log user id

* backend tests

* tests for SentryEchoBackend

* sentry echo backend tests

* CustomEndpointTransport tests

* Update pkg/api/frontend_logging_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/frontend_logging_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* don't export unnecesasrily

* update go.sum

* get rid of Convey in tests, use stdlib

* add sentry config to sample.ini

* cleanup to set orig logging handler in test

* Apply suggestions from code review

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* PR feedback changes

* lock sentry version

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-12 12:29:43 +01:00
Carl Bergquist
e3c7d66324
Tracing: Add setting for sampling server (#29011)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-11-11 10:21:52 +01:00
Alex Khomenko
9b90ff2961
Disable selecting enterprise plugins with no license (#28758)
* Add unlicensed property to plugins

* Disable selecting unlicensed plugin

* Add customizable plugin market place url

* License: workaround enabled only in enterprise

* linter

* Move licensing info to front end

* Update pkg/services/licensing/oss.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/licensing/oss.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/frontendsettings.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update sample.ini

* Update docs

* Update packages/grafana-runtime/src/config.ts

Co-authored-by: Torkel Ödegaard <torkel@grafana.org>

* Update public/app/features/datasources/state/buildCategories.ts

Co-authored-by: Torkel Ödegaard <torkel@grafana.org>

* Update pkg/api/frontendsettings.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix spelling

Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.org>
2020-11-05 12:55:40 +02:00
Alexander Zobnin
8032b43838
OAuth: configurable user name attribute (#28286)
* OAuth: more user-frienly logging

* OAuth: custom user name attribute

* OAuth: remove deprecated nameAttributeName option

* OAuth: nameAttributePath tests

* OAuth: add name_attribute_path config option

* OAuth: docs for name_attribute_path option

* move docs to the separate branch
2020-10-20 09:56:48 +03:00
Carl Bergquist
89ebb97fca
Instrumentation: Adds environment_info metric (#28355)
Signed-off-by: bergquist <carl.bergquist@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-19 16:58:16 +02:00
Will Browne
a189cd1832
Users: Expire old user invites (#27361)
* expire with existng cleanup service

* expire with new temp user service

* make Drone happy :)

* add expiry status

* remove other approach

* cleanup

* add test for idempotency

* add migration from datetime to unix ts

* update cmd names

* change lifetime config to duration

* remove unnecessart formatting

* add comment

* update docs

* remove max bound and introduce min error

* simplify sql

* remove comment

* allow any outstanding to exist for at least 24 hours

* revert created ts change

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* add extra state check to cleanup step

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-10-13 12:30:09 +02:00
Kyle Hinton
92c2a6c239
Fix: Add additional settings for dataproxy to help with network proxy timeouts (#27841)
* adding additional settings for datasource cache transport

* added documentation for the new changes

* fixing small typo in defaults.ini comment

* fixing small typo in configuration.md comment

* Update conf/defaults.ini keepalive comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Update conf/defaults.ini idle conn comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Update conf/defaults.ini anon user comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Update docs/sources/administration/configuration.md idle conn comment per review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* adding suggestions from papagian

* fixing configuration.md

* fixing configuration.md typo

* Apply suggestions from code review aknuds1

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* updating sample.ini

* Apply suggestions for docs from code review papagian

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

* Update docs/sources/administration/configuration.md fix typo

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-10-12 11:36:47 +03:00
Will Browne
7d63b2c473
Auth: Add Sigv4 auth option to datasources (#27552)
* create transport chain

* add frontend

* remove log

* inline field updates

* allow ARN, Credentials + Keys auth in frontend

* configure credentials

* add tests and refactor

* update frontend json field names

* fix tests

* fix comment

* add app config flag

* refactor tests

* add return field for tests

* add flag for UI display

* update comment

* move logic

* fix config

* pass config through props

* update docs

* pr feedback and add docs coverage

* shorten settings filename

* fix imports

* revert docs changes

* remove log line

* wrap up next as round tripper

* only propagate required config

* remove unused import

* remove ARN option and replace with default chain

* make ARN role assume as supplemental

* update docs

* refactor flow

* sign body when necessary

* remove unnecessary wrapper

* remove newline

* Apply suggestions from code review

* PR fixes

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-08 10:03:20 +02:00
Wouter Smeenk
39eba5065b
Dashboard: Support configuring default timezone via config file (#27404)
Add a default timezone that the administrator can set in the settings. 
This setting is be used as default for the users timezone preference.
Can be used when creating Grafana instances without administrator 
intervention, in order to give user the correct default timezone.

Fixes #25654
2020-09-15 15:20:53 +02:00
Hansuuuuuuuuuu
8d971ab2f2
Auth: Replace maximum inactive/lifetime settings of days to duration (#27150)
Allows login_maximum_inactive_lifetime_duration and 
login_maximum_lifetime_duration to be configured using 
time.Duration-compatible values while retaining backward compatibility.

Fixes #17554

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-09-14 15:57:38 +02:00
Marcos Mendez
4e94c0959a
Image Store: Add support for using signed URLs when uploading images to GCS (#26840)
Enables creating signed URLs when uploading images to Google Cloud Storage. 
By using signed urls, not only is the public URL expiration configurable but the 
images in the bucket are not publicly accessible.

Fixes #26773

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-09-07 19:10:14 +02:00
Torkel Ödegaard
61bd33c241
System: Date formating options (#27216)
* Add support for local time formats in graph panel

* Enfore 24h format for backward compatibility

* Use existing Intl.DateTimeFormatOptions

* Pre-generate time scale, add tests

* Move localTimeFormat, add local format to units

* updated default fallback

* #25602, use navigator.languages to enforce locale in formatting

* Making options

* Worked new system settings

* things are working

* Local browser time formats working

* Support parsing dates in different formats

* settings updated

* Settings starting to work

* Fixed graph issue

* Logs fix

* refactored settings a bit

* Updated and name change

* Progress

* Changed config names

* Updated

* Updated

* Updated test

* Synced description

* fixed ts issue

* Added version notice

* Ts fix

* Updated heatmap and test

* Updated snapshot

* Updated

* fixed ts issue

* Fixes

Co-authored-by: Alex Shpak <alex-shpak@users.noreply.github.com>
2020-09-07 16:19:33 +02:00
Carl Bergquist
20747015f6
Annotation: Add clean up job for old annotations (#26156)
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-09-02 08:07:31 +02:00
Carl Bergquist
8faaa1a520
OAuth: Increase state cookie max age (#27258)
60s can be too short if the oauth provider is slow
for some reason and its defintly too slow if the
OAuth provider requires 2FA.

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-09-01 10:57:43 +02:00
Alexander Zobnin
df11cdad62
Generic OAuth: customize login and id_token attributes (#26577)
* OAuth: add login_attribute_path to generic oauth

* OAuth: remove default client_secret values (able to use empty client_secret)

* OAuth: allow to customize id_token attribute name

* Docs: describe how login_attribute_path and id_token_attribute_name params work

* Docs: review fixes

* Docs: review fixes

* Chore: fix go linter error

* Tests: fix test code style
2020-08-03 17:33:27 +03:00
Josh Soref
7d08a8497a
Chore: fix spelling of GitHub (#26182)
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-07-22 08:12:50 -07:00
Marcus Efraimsson
460b01f1fe
Datasource: Make sure data proxy timeout applies to HTTP client (#25865)
For backend data sources executing in the backend (not through data proxy) make 
sure that the timeout applies to cached HTTP client.

Fixes #25863

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-06-29 11:22:49 +02:00
Carl Bergquist
383aa21ab6
docs: removes invalid comment (#25883) 2020-06-29 09:26:08 +02:00
Carl Bergquist
703f728c0c
Dashboards: Make path to default dashboard configurable (#25595)
Closes #25463

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-06-22 18:00:39 +02:00
Marcus Efraimsson
cc95754e0d
Provisioning: Adds support for enabling app plugins (#25649)
Adds support for enabling app plugins using provisioning. 

Ref #11409

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-06-22 17:49:13 +02:00
Emil Tullstedt
80e9546cec
Settings: Add setting for hiding version number for anonymous users (#24919)
* Settings: Add setting for hiding version number for anonymous users

Fixes #12925

* Hide version string from footer when unavailable

* Settings: Test frontend settings with hide version for anonymous users

* Settings: Add hide version variable to frontend settings

* Make AnonymousHideVersion non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Settings: Improve test neighbor friendliness, reset state before and after

* Settings: Use T.Cleanup

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-17 07:39:50 +02:00
Josh Soref
ed92b41d47
Chore: spelling - misc (#24438)
* Chore: spelling - misc

* fix master merge
2020-06-04 06:51:30 +02:00
Carl Bergquist
328ea80cca
switches default value for security settings (#25175)
closes #25163
2020-05-28 10:38:22 +02:00
thameezb
16297da298
Email Notifications: Add StartTLSPolicy config flag (#24574) 2020-05-13 16:33:40 +02:00
Arve Knudsen
96ffcaa134
Plugins: Require signing of external back-end plugins (#24075)
* PluginManager: Require signing of external plugins

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-05-04 10:57:55 +02:00
Marcus Efraimsson
76650e60e4
Image Rendering: New setting to control render request concurrency (#23950)
Fixes #23806

Co-Authored-By: Torkel Ödegaard <torkel@grafana.com>
Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-27 17:25:08 +02:00
Marcus Efraimsson
854085dbc6
Dashboard: Enforce min dashboard refresh interval to 5 seconds per default (#23929)
Fixes #22493
2020-04-27 16:51:54 +02:00
Marcus Efraimsson
871ad73414
Backend plugins: Renderer v2 plugin (#23625)
grafana-plugin-model is legacy and is replaced by new backend 
plugins SDK and architecture. Renderer is not part of SDK and 
we want to keep it that way for now since it's highly unlikely there 
will be more than one kind of renderer plugin.
So this PR adds support for renderer plugin v2.
Also adds support sending a Device Scale Factor parameter to the 
plugin v2 remote rendering service and by that replaces #22474.
Adds support sending a Headers parameter to the plugin v2 and
remote rendering service which for now only include 
Accect-Language header (the user locale in browser when using 
Grafana), ref grafana/grafana-image-renderer#45.
Fixes health check json details response.
Adds image renderer plugin configuration settings in defaults.ini 
and sample.ini.

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-21 16:16:41 +02:00
Andrej Ocenas
97bb3dcf2d
Remove file (#23741) 2020-04-21 15:52:08 +02:00
Alexander Zobnin
f023e7a399
SAML Role and Team sync (open source part) (#23391)
* SAML: add default params for role and team sync

* SAML: add org_mapping option

* SAML: support allowed_organizations option

* Chore: expose RedirectWithError from HTTPServer

* Chore: return RedirectResponse (fix superfluous response.writeheader message)

* HTTPServer: expose ValidateRedirectTo() and CookieOptionsFromCfg()

* Config: move SAML section to the enterprise
2020-04-17 10:48:37 +03:00
Andrej Ocenas
1864807b15
Tracing: Performance optimization (#23474)
* Add integration with Jeager
Add Jaeger datasource and modify derived fields in loki to allow for opening a trace in Jager in separate split.
Modifies build so that this branch docker images are pushed to docker hub
Add a traceui dir with docker-compose and provision files for demoing.:wq

* Enable docker logger plugin to send logs to loki

* Add placeholder zipkin datasource

* Fixed rebase issues, added enhanceDataFrame to non-legacy code path

* Trace selector for jaeger query field

* Fix logs default mode for Loki

* Fix loading jaeger query field services on split

* Updated grafana image in traceui/compose file

* Fix prettier error

* Hide behind feature flag, clean up unused code.

* Fix tests

* Fix tests

* Cleanup code and review feedback

* Remove traceui directory

* Remove circle build changes

* Fix feature toggles object

* Fix merge issues

* Add trace ui in Explore

* WIP

* WIP

* WIP

* Make jaeger datasource return trace data instead of link

* Allow js in jest tests

* Return data from Jaeger datasource

* Take yarn.lock from master

* Fix missing component

* Update yarn lock

* Fix some ts and lint errors

* Fix merge

* Fix type errors

* Make tests pass again

* Add tests

* Fix es5 compatibility

* Add header with minimap

* Fix sizing issue due to column resizer handle

* Fix issues with sizing, search functionality, duplicate react, tests

* Refactor TraceView component, fix tests

* Fix type errors

* Add dark theme styling

* Add tests for hooks

* More color changes

* Fix tests to deal with additional theme wrappers.

* Add memoization

* Fix duplicate identifier

Co-authored-by: David Kaltschmidt <david.kaltschmidt@gmail.com>
2020-04-15 16:04:01 +02:00
Andrej Ocenas
008bee8f27
Tracing: Adds header and minimap (#23315)
* Add integration with Jeager
Add Jaeger datasource and modify derived fields in loki to allow for opening a trace in Jager in separate split.
Modifies build so that this branch docker images are pushed to docker hub
Add a traceui dir with docker-compose and provision files for demoing.:wq

* Enable docker logger plugin to send logs to loki

* Add placeholder zipkin datasource

* Fixed rebase issues, added enhanceDataFrame to non-legacy code path

* Trace selector for jaeger query field

* Fix logs default mode for Loki

* Fix loading jaeger query field services on split

* Updated grafana image in traceui/compose file

* Fix prettier error

* Hide behind feature flag, clean up unused code.

* Fix tests

* Fix tests

* Cleanup code and review feedback

* Remove traceui directory

* Remove circle build changes

* Fix feature toggles object

* Fix merge issues

* Add trace ui in Explore

* WIP

* WIP

* WIP

* Make jaeger datasource return trace data instead of link

* Allow js in jest tests

* Return data from Jaeger datasource

* Take yarn.lock from master

* Fix missing component

* Update yarn lock

* Fix some ts and lint errors

* Fix merge

* Fix type errors

* Make tests pass again

* Add tests

* Fix es5 compatibility

* Add header with minimap

* Fix sizing issue due to column resizer handle

* Fix issues with sizing, search functionality, duplicate react, tests

* Refactor TraceView component, fix tests

* Fix type errors

* Add tests for hooks

Co-authored-by: David Kaltschmidt <david.kaltschmidt@gmail.com>
2020-04-08 17:16:22 +02:00
Alexander Zobnin
7afdfd2ef4
Okta OAuth provider (team sync support) (#22972)
* Okta OAuth support

* Chore: fix linter error

* Chore: move IsEmailAllowed to SocialBase

* Chore: move IsSignupAllowed to SocialBase

* Chore: review fixes

* Okta: support allowed_groups

* Okta: default config

* Chore: move extractEmail() to OktaClaims struct

* Chore: review fixes

* generic_oauth_test: Handle error cases

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* generic_oauth_test: Handle error cases

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Docs: Okta OAuth

* Chore: don't return expected errors from searchJSONForAttr

* Docs: role mapping

* Chore: review fixes (searchJSONForAttr)

* Docs: review fixes

* Update docs/sources/auth/okta.md

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* Update docs/sources/auth/okta.md

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: log error if searchJSONForAttr failed

* Docs: add Okta login link

* Docs: review fixes

* Docs: add reference to the org roles

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-02 17:35:48 +03:00
rtrompier
474dac1501
OAuth : Introduce new setting for configuring max age of OAuth state cookie (#23195)
* Cookie : Increase duration to avoid error

When using oauth2 authentication with multifactor, the 60s delay may be too short

* Introduce new setting for OAuth state cookie max age

Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-03-30 17:44:58 +03:00
lfroment
72628c8ea0
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416)
This feature would provide a way for administrators to limit the minimum 
dashboard refresh interval globally.
Filters out the refresh intervals available in the time picker that are lower 
than the set minimum refresh interval in the configuration .ini file
Adds the minimum refresh interval as available in the time picker.
If the user tries to enter a refresh interval that is lower than the minimum 
in the URL, defaults to the minimum interval.
When trying to update the JSON via the API, rejects the update if the 
dashboard's refresh interval is lower than the minimum.
When trying to update a dashboard via provisioning having a lower 
refresh interval than the minimum, defaults to the minimum interval 
and logs a warning. 

Fixes #3356

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 14:32:01 +01:00
Alexander Zobnin
f2fc7aa3aa
Azure OAuth: enable teamsync (#22160)
* Azure OAuth: extract groups from token for teamsync

* Docs: changed some headers

* Azure OAuth: fix tests

* Azure OAuth: fix linter error (simplify)

* Azure OAuth: add allowed_groups option

* Azure OAuth: docs for team sync and allowed_groups

* Azure OAuth: tests for allowed_groups

* Update docs/sources/auth/azuread.md

Co-Authored-By: Leonard Gram <leo@xlson.com>

Co-authored-by: Leonard Gram <leo@xlson.com>
2020-02-14 14:03:00 +03:00
twendt
ff6a082e23
Auth: Azure AD OAuth (#20030)
* Implement Azure AD oauth

* Use go-jose and cleanup

* Update go-jose in go.mod

* cleanup

* Add unit tests

* Fix scopes

* Add documentation page

* Improve documentation

* Convert extract_role into function.

* Do not use upn and replace unique_name with preferred_username

* Configure login button

* Use official microsoft icon and color from branding guideline.

* Add Azure AD config section in sample.ini.
2020-02-13 12:12:25 +03:00
Marcus Efraimsson
a1579283a6
Add disabled option for cookie samesite attribute (#21472)
Breaking change: If disabled the cookie samesite cookie attribute
will not be set, but if none the attribute will be set and is a
breaking change compared to before where none did not render the
attribute. This was due to a known issue in Safari.

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
Co-Authored-By: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

Fixes #19847
2020-01-14 17:41:54 +01:00
Sofia Papagiannaki
d135f1229d
Alerting: new min_interval_seconds options to enforce a minimum eval frequency (#21188)
* add min_interval_seconds setting to alerting config

It will let operator enforce a minimum time for the scheduler to enqueue evaluations

* Introduce UI modifications

* Update docs

Co-authored-by: Martin <uepoch@users.noreply.github.com>
2020-01-14 11:13:34 +02:00
Paul Emmerich
42032f6c03 ImgUploader: add support for non-amazon S3 (#20354)
* imguploader: add support for non-Amazon S3 endpoints and forcing of path-style S3 addressing

fixes #11240

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-01-02 15:10:20 +01:00
Alexander Morozov
06bf7e8ef1 OAuth: Removes send_client_credentials_via_post setting (#20044)
Removes send_client_credentials_via_post oauth setting and 
use auto-detect mechanism instead.
By these changes also fixes statichcheck errors

Ref #8968
2019-12-12 20:00:56 +01:00
Sofia Papagiannaki
21fed8c5f1
OAuth: Add missing setting from defaults.ini (#20691) 2019-11-27 11:08:08 +02:00
Marcus Efraimsson
4a2104a1de
Chore: Sync defaults.ini with sample.ini (#20645)
Make sure that configuration sections/keys from defaults.ini 
is mirrored in the sample.ini.

Fixes #20622
2019-11-26 17:14:26 +01:00
Thomas Casteleyn
9fa18a2df5 Configuration: Update root_url to reflect the default value (#20278) 2019-11-11 10:05:32 +01:00
Shavonn Brown
3e5abe7c21 Admin: Adds setting to disable creating initial admin user (#19505)
Adds a new setting disable_admin_user and when true the default 
admin user will not be created when Grafana starts for the first 
time (or no users exists in the system).

Closes #19038
2019-11-08 11:11:03 +01:00
Jon Gyllenswärd
3111c3620b AuthProxy: additions to ttl config change (#20249)
* fixes according to feedback

* additions to config and docs
2019-11-08 10:51:15 +01:00
Torkel Ödegaard
be2bf1a297
AuthProxy: Can now login with auth proxy and get a login token (#20175)
* AuthProxy: Can now login with auth proxy and get a login token

* added unit tests

* renamed setting and updated docs

* AuthProxy: minor tweak

* Fixed tests and namings

* spellfix

* fix

* remove unused setting, probably from merge conflict

* fix
2019-11-07 17:48:56 +01:00
Jon Gyllenswärd
53f8088316
Auth Proxy: replace ini setting ldap_sync_ttl with sync_ttl (#20191)
* Renamed ttl config in code to be more consistent with behaviour
* Introduced new setting `sync_ttl` in .ini file
* Keeping the old setting `ldap_sync_ttl` in the .ini file as fallback and compatibility.
2019-11-07 11:24:54 +01:00
Martin Reinhardt
7a3d1c0e4b OAuth: Generic OAuth role mapping support (#17149)
Adds support for Generic OAuth role mapping. A new 
configuration setting for generic oauth is added named 
role_attribute_path which accepts a JMESPath expression.
Only Grafana roles named Viewer, Editor or Admin are
accepted.

Closes #9766
2019-11-05 21:56:42 +01:00
Scott Brenner
aa87f62c3a Quick typo fix (#19759) 2019-10-11 14:57:29 +01:00
Marcus Efraimsson
75bf31b5c7
docs: image rendering (#19183)
Adds a new "Image Rendering" page in Administration section.
Updates configuration page with rendering settings and also 
default.ini and sample.ini.
Updates and cleanup pages that referencing image rendering.

Ref #18914
2019-09-17 19:24:03 +02:00
Marcus Efraimsson
80592e3361
Metrics: Adds setting for turning off total stats metrics (#19142)
Don't update total stats metrics if reporting is disabled.
New setting disable_total_stats for turning off update 
of total stats (stat_totals_*) metrics.

Ref #19137
2019-09-17 09:32:24 +02:00
Ryan McKinley
7d32caeac2 Transformers: configure result transformations after query(alpha) (#18740) 2019-09-09 08:58:57 +02:00
Marcus Efraimsson
964c2e722f
Snapshot: Fix http api (#18830)
(cherry picked from commit be2e2330f5)
2019-09-02 15:15:46 +02:00
Bob Shannon
056dbc7012 OAuth: Support JMES path lookup when retrieving user email (#14683)
Add support for fetching e-mail with JMES path

Signed-off-by: Bob Shannon <bobs@dropbox.com>
2019-08-26 18:11:40 +02:00
kay delaney
fb0cec5591
Backend: Adds support for HTTP/2 (#18358)
* Backend: Adds support for HTTP/2

* Adds mozilla recommended ciphers

* Updates sample.ini and config documentation
2019-08-16 16:06:54 +01:00
Kyle Brandt
f689b60426
remotecache: support SSL with redis (#18511)
* update go-redis lib from v2 -> v5
* add ssl option to the redis connection string
fixes #18498
2019-08-13 06:51:13 -04:00
Torkel Ödegaard
f68b8b73f0
LDAP: Align ldap example with the devenv testdata (#18343) 2019-08-02 12:00:13 +02:00
gotjosh
87a794fe0a
Docs: Update documentation with new SAML features (#18163)
* Update defaults.ini and sample.ini with the SAML assertion mapping
fields

* Document Grafana's ability to map ACS attributes while a Grafana user is created
2019-07-23 09:20:07 +01:00
Alexander Zobnin
e47546d529
Docs: SAML idp_metadata_url option (#18181) 2019-07-18 18:45:59 +03:00
gotjosh
d006f7c916
Docs: SAML (#18069)
* docs: Link to SAML docs and document configuration options

- Document configuration options `defaults.ini` and `sample.ini`
- Add the SAML documentation
- Link to the SAML documentation from "what's new in 6.3"
2019-07-17 13:46:51 +01:00
Oleg Gaidarenko
e2cf7c9698
LDAP: finishing touches (#17945)
* LDAP:Docs: `active_sync_enabled` setting

Mention `active_sync_enabled` setting and enable it by default

* LDAP: move "disableExternalUser" method

Idea behind new design of the LDAP module is to minimise conflation
between other parts of the system, so it would decoupled as much as
possible from stuff like database, HTTP transport and etc.

Following "Do One Thing and Do It Well" Unix philosophy principal, other things
could be better fitted on the consumer side of things.

Which what this commit trying to archive

* LDAP: correct user/admin binding

The second binding was not happening, so if the admin login/password
in LDAP configuration was correct, anyone could had login as anyone using
incorrect password
2019-07-05 17:49:00 +03:00
gotjosh
e6b8a1529b
SAML: Configuration defaults, examples and dependencies (#17954)
* Add SAML configuration options

* Add crewjam/saml as a depdency

Needed as part of the enterprise SAML integration.

* Vendor github.com/stretchr/testify/require

The package require implements the same assertions as the `assert` package but stops test execution when a test fails.
2019-07-05 11:27:14 +01:00
Torkel Ödegaard
57c220c93d
Docs: added version notice to new ldap feature docs (#17929) 2019-07-04 14:39:11 +02:00
Sofia Papagiannaki
dc9ec7dc91
Auth: Allow expiration of API keys (#17678)
* Modify backend to allow expiration of API Keys

* Add middleware test for expired api keys

* Modify frontend to enable expiration of API Keys

* Fix frontend tests

* Fix migration and add index for `expires` field

* Add api key tests for database access

* Substitude time.Now() by a mock for test usage

* Front-end modifications

* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip

* Modify AddApiKey api call response

Expiration should be *time.Time instead of string

* Present expiration date in the selected timezone

* Use kbn for transforming intervals to seconds

* Use `assert` library for tests

* Frontend fixes

Add checks for empty/undefined/null values

* Change expires column from datetime to integer

* Restrict api key duration input

It should be interval not number

* AddApiKey must complain if SecondsToLive is negative

* Declare ErrInvalidApiKeyExpiration

* Move configuration to auth section

* Update docs

* Eliminate alias for models in modified files

* Omit expiration from api response if empty

* Eliminate Goconvey from test file

* Fix test

Do not sleep, use mocked timeNow() instead

* Remove index for expires from api_key table

The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.

* Use getTimeZone function

* Minor change in api key listing

The frontend should display a message instead of empty string
if the key does not expire.
2019-06-26 09:47:03 +03:00
Oleg Gaidarenko
31d2905490 LDAP:Docs: add information on LDAP sync feature and update LDAP sync default (#17689)
* Docs: for LDAP active sync feature
2019-06-25 12:54:13 +02:00
Sergey Goppikov
dda8b731e8 Settings: Fix typo in defaults.ini (#17707)
`backround` -> `backGround`
2019-06-23 17:38:30 +02:00
Kyle Brandt
49f0f0e89e
config: fix connstr for remote_cache (#17675)
fixes #17643 and adds test to check for commented out lines (but will only catch `;`, not `#`).
2019-06-20 10:15:21 -04:00
Oleg Gaidarenko
1c08e58605
LDAP: small improvements to various LDAP parts (#17662)
* Add multildap config example

* Publicize mocks for multildap module
2019-06-19 15:46:04 +02:00
Kyle Brandt
599514ad68
middleware: add security related HTTP(S) response headers (#17522)
* x_xss_protection
  * strict_transport_security (HSTS)
  * x_content_type_options

these are currently defaulted to false (off) until the next minor release.

fixes #17509
2019-06-12 13:15:50 +02:00
Kyle Brandt
c09fe3c3b4
remote_cache: Fix redis (#17483)
* wip: fix remote cache for redis
connstr parsing and non-negative expires for #17377
TODO: finish parse, check zero case, find out why negative duration in the first place

* finish parse.
Still TODO, find out negative value, and decide if would be better to make database specific entries in the .ini file

* update ini files

* remove accidental uncomment in defaults.ini

* auth_proxy: expiration non-negative so expiration is not in the past

* fix test, revert neg in redis

* review: use errutil
2019-06-10 15:27:08 +02:00
Tom McClellan
34f314552d Config: Add comment before log_queries in sample ini file (#17462) 2019-06-06 11:13:27 +02:00
Jonathan Rockway
02975256d1 Tracing: allow propagation with Zipkin headers (#17009)
Closes #17006
2019-06-05 13:12:05 +02:00
Abhilash Gnan
04d473b3e5 HTTP Server: Serve Grafana with a custom URL path prefix (#17048)
Adds a new [server] setting `serve_from_sub_path`. By enabling 
this setting and using a subpath in `root_url` setting, e.g.
`root_url = http://localhost:3000/grafana`, Grafana will be accessible 
on `http://localhost:3000/grafana`. By default it is set to `false` 
for compatibility reasons.

Closes #16623
2019-05-27 17:47:29 +02:00