* Add update methods for the dual writer
* improve errors
* [WIP] add tests for the update method
* Move example package to its own package so it can be used by the rest package. Finish tests
* Add codeowners
* Use Pod as a dummy resource
* :int
* Lint
* [REVIEW] rename var
* [REVIEW] don't rely on legacy storage at all in mode4
* Update pkg/apiserver/rest/dualwriter_mode2.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* [REVIEW] improve comment
* Update pkg/apiserver/rest/dualwriter_mode1.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* [REVIEW] improve mode3
* Lint
* Move test files
* Update pkg/apiserver/rest/dualwriter_mode2.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Lint
* Update pkg/apiserver/rest/dualwriter_mode4_test.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Fix error
* Lint
* Update pkg/apiserver/rest/dualwriter_mode2.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Don't set the flag to true as updatedObj creates an object in case it's not found
* Lint
* Lint
* Add tests on update
* Lint
---------
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
* IAM: fix many error messages in access-related code to provide more information
* Remove debug statement
* Refactor resourcepermissions package to use errutil
* Replace a few more errors with errutil and wrap errors found in users and teams services
* Apply diff of openAPI spec
sqlstore: improve recursive CTE support detection
Vitess returns a not supported error, not a parse error
Co-authored-by: Derek Perkins <derek@nozzle.io>
* WIP: add mocks for dual writer
* Test dualwriter mode1
* Re-add non implementation errors
* Use testify assert
* Write tests for mode2.
* Lint
* Remove comment
* Update pkg/apiserver/rest/dualwriter_mode2_test.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* [REVIEW improve readability and call fn legacy fn
* [REVIEW] rename mocks and setupFns
* [REVIEW add missing test case
* [REVIEW] add test case with getting object from storage and not legacy
* Add deleteCollection
* Test deleteCollection
* Rename file
---------
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Alerting: Fix simplified routes '...' groupBy creating invalid routes
There were a few ways to go about this fix:
1. Modifying our copy of upstream validation to allow this
2. Modify our notification settings validation to prevent this
3. Normalize group by on save
4. Normalized group by on generate
Option 4. was chosen as the others have a mix of the following cons:
- Generated routes risk being incompatible with upstream/remote AM
- Awkward FE UX when using '...'
- Rule definition changing after save and potential pitfalls with TF
With option 4. generated routes stay compatible with external/remote AMs, FE
doesn't need to change as we allow mixed '...' and custom label groupBys, and
settings we save to db are the same ones requested.
In addition, it has the slight benefit of allowing us to hide the internal
implementation details of `alertname, grafana_folder` from the user in the
future, since we don't need to send them with every FE or TF request.
* Safer use of DefaultNotificationSettingsGroupBy
* Fix missed API tests
* only users with Grafana Admin role can grant/revoke Grafana Admin role
* check permissions to user amdin endpoints globally
* allow checking global permissions for service accounts
* use a middleware for checking whether the caller is Grafana Admin
* User: remove unused function
* User: Remove UpdatePermissions and support IsGrafanaAdmin flag in Update function instead
* User: Remove Disable function and use Update instead
* add history links for monaco completion provider folder
* add history links for monaco query field folder
* add history links for components folder
* add history links for configuration folder
* add history links for dashboard json folder
* add history links for gcopypaste folder
* add history link for variableMigration
* add history link for querybuilder/components/metrics-modal folder
* add history link for querybuilder/components/promqail folder
* add history links for querybuilder/components folder
* add history links for querybuilder/hooks folder
* add history links for querybuilder/shared folder
* add history links for querybuilder folder
* add history links for querycache folder
* add history links for src folder
* use frontend package and custom auth in module.ts
* remove files and fix import issues
* remove usePrometheusFrontendPackage
* remove extra files
* update betterer
* remove extra files after rebase
* fix betterer for rebase
* fix e2e flakiness
* Add `Service. IsClientEnabled` and `Client.IsEnabled` functions
* Implement `IsEnabled` function for authn clients
* Implement `IsClientEnabled` function for authn services
* copied files
* add copy of Pointer
* fix the API
* forward resample to the namespaced code
* moved the aligning-code to the parent
* call namespaced resample directly
* lint fix
* lint fix
* switch to plugin-sdk-go resample
* adjusted import path
* AuthN: Add NamespaceID struct. We should replace the usage of encoded namespaceID with this one
* AuthN: Add optional interface that clients can implement to be able to resolve identity for a namespace
* Authn: Implement IdentityResolverClient for api keys
* AuthN: use idenity resolvers
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* added pkg/util/rinq package to handle queueing of notifications
* fix linters
* Fix typo in comment
Co-authored-by: Dan Cech <dcech@grafana.com>
* improve allocation strategy for Enqueue; remove unnecessary clearing of slice
* Update pkg/util/ringq/dyn_chan_bench_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/util/ringq/ringq.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* refactor to move stats and shrinking into Ring
* add missing error assertions in tests
* add missing error assertions in tests and linting issues
* simplify controller closed check
* improve encapsulation of internal state in Ring
* use (*Ring).Len for clarity instead of stats
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
Fixes so that auth middleware trace/span doesn't wrap the next handlers.
Allow tracing service name to be overridden in standalone apiserver.
Change k8s api tracing operation name to KubernetesAPI from
grafana-apiserver (which is the service name)
* Making versioncheck url rely on config instead of being hardcoded
* Update pkg/services/updatechecker/plugins.go
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* making the names a bit more generic and using url.url library
* fixing tests
* fixing linting
---------
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Authn: Resolve authenticate by and auth id when fethcing signed in user
* Change logout client interface to only take Requester interface
* Session: Fetch external auth info when authenticating sessions
* Use authenticated by from identity
* Move call to get auth-info into session client and use GetAuthenticatedBy in various places
* Alerting: Persist silence state immediately on Create/Delete
Persists the silence state to the kvstore immediately instead of waiting for the
next maintenance run. This is used after Create/Delete to prevent silences from
being lost when a new Alertmanager is started before the state has persisted.
This can happen, for example, in a rolling deployment scenario.
* Fix test that requires real data
* Don't error if silence state persist fails, maintenance will correct
* Add Get method in dual writer
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Actually run the tests
* no need for t.Run()
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/apiserver/rest/dualwriter_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Log improvements
* Fix method name
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
* Revert "Revert "Add FolderUID for library elements" (#83776)"
This reverts commit 0dfdb2ae47.
* Fix bug, dashboard id and library element fodler_id are the corresponding values
Dashboard table hold both dahboards and tables
* Make Legacy a public field
* Remove duplicated Create method
* Add logger to dualwriter
* Use klog
* Add comment about selecting the dual writer
* Update pkg/apiserver/rest/dualwriter_mode1.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode2.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode3.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Update pkg/apiserver/rest/dualwriter_mode2.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* Create error var
* Lint
---------
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* extract genericService from RuleService just to reuse it later
* implement silence service
---------
Co-authored-by: William Wernert <william.wernert@grafana.com>
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* Storage server runs own instrumentation server if its the sole target. Starts adding some sample metrics for now.
* adds metric for failed optimistic locks
* refactors metrics registration to own method on service for testability. Adds tests.
* Register sql storage server metrics from within the service
* fixes test
* troubleshooting drone test failures. Maybe timing when starting instrumentation server?
* Waits until instrumentation server has started. Updates tests.
* defer wont get called unless theres an error. removing.
* wait for instrumentation server to be running
* linter - close res body
* use port 3000 for metrics and removes test metric inc() call
* fixes test - updates port
* refactors module server to provide an instrumentation server module when there is no ALL or CORE target provided and running as single target
* make instrumentation server a dependency of all modules that do not run their own http server
* adds module server test
* adds tests for instrumentation service and removes old tests that aren't needed
* ignore error in test
* uses helper to start and run service
* when running wait on ctx done or http server err
* wait for http server
* removes println
* updates module server test to be integration test
* require no error in goroutine
* skips integration test when GRAFANA_TEST_DB not defined
* move http server start into start, verify returned content
* make test error when run fails
* try waiting longer and see if drone tests pass
* update integration test mysql creds to match drone
* go back to only waiting half second
* debug log drone mysql connection string
* use same db connection config as drone
* try using same hostname as drone
* cant use localhost as mysql hostname in drone tests. Need to parse it from the cfg db connection string
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
* support continue at specified resource version
* detect whether list continue pages need to use entity_history, remove BatchRead, expand selectQuery helper
* refactor continue token handling
* fix tests, increase history chunk size
* lint fix
* Alerting: Make retention period configurable for the notification log
* update sample.ini
* fix outdated comment (on disk -> kvstore)
* skip checking cyclomatic complexity for ReadUnifiedAlertingSettings
* Add email and email_verified to id token if identity is a user
* Add endpoint to trigger email verification for user
* Add function to clear stored id tokens and use it when email verification is completed
* E2C: Resources table refactor
* update swagger spec with enums
* use native resource item type, rather than our mock type
* unit tests for resources table
* update spec
* Feature Flags: use FeatureToggles interface where possible
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* Replace TestFeatureToggles with existing WithFeatures
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* replace sqlstore with db interface in a few packages
* remove from stats
* remove sqlstore in admin test
* remove sqlstore from api plugin tests
* fix another createUser
* remove sqlstore in publicdashboards
* remove sqlstore from orgs
* clean up orguser test
* more clean up in sso
* clean up service accounts
* further cleanup
* more cleanup in accesscontrol
* last cleanup in accesscontrol
* clean up teams
* more removals
* split cfg from db in testenv
* few remaining fixes
* fix test with bus
* pass cfg for testing inside db as an option
* set query retries when no opts provided
* revert golden test data
* rebase and rollback
* Add feature toggle
* Add filters and group by variables by default to all new dashboards
* Nits
* Tests
* Rename feature toggle to newDashboardWithFiltersAndGroupBy
* E2C: Start connecting on-prem to real apis
* actually run the migration
* show resources
* basic dashboards resources
* show dashboard title
* remove console logs
* cleanup 1
* i18n
* disconnect
* i18n
* restore type
* use fixed format
* fix
* Implement run migration endpoint
* Refactor RunMigration method into separate methods
* Save migration runs fix lint
* Minor changes
* Refactor how to use cms endpoint
* fix interface
* complete merge
* add individual items
* adds tracing to getMigration
* linter
* updated swagger definition with the latest changes
* CloudMigrations: Implement core API handlers for cloud migrations and migration runs (#85407)
* implement delete
* add auth token encryption
* implement token validation
* call token validation during migration creation
* implement get migration status
* implement list migration runs
* fix bug
* finish parse domain func
* fix urls
* fix typo
* fix encoding and decoding
* remove double decryption
* add missing slash
* fix id returned by create function
* inject missing services
* finish implementing (as far as I can tell right now) data migration and response handling
* comment out broken test, needs a rewrite
* add a few final touches
* get dashboard migration to work properly
* changed runMigration to a POST
* swagger
* swagger
* swagger
---------
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Michael Mandrus <41969079+mmandrus@users.noreply.github.com>
* reenable ext-jwt-client
* fixup settings struct
* add user and service auth
* lint up
* add user auth to grafana ext
* fixes
* Populate token permissions
Co-authored-by: jguer <joao.guerreiro@grafana.com>
* fix tests
* fix lint
* small prealloc
* small prealloc
* use special namespace for access policies
* fix access policy auth
* fix tests
* fix uncalled settings expander
* add feature toggle
* small feedback fixes
* rename entitlements to permissions
* add authlibn
* allow viewing the signed in user info for non user namespace
* fix invalid namespacedID
* use authlib as verifier for tokens
* Update pkg/services/authn/clients/ext_jwt.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update pkg/services/authn/clients/ext_jwt_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix parameter names
* change asserts to normal package
* add rule for assert
* fix ownerships
* Local diff
* test and lint
* Fix test
* Fix ac test
* Fix pluginproxy test
* Revert testdata changes
* Force revert on test data
---------
Co-authored-by: gamab <gabriel.mabille@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* add function to static function to static service
* find email and login claims with jmespath
* rename configuration files
* Replace JWTClaims struct for map
* check for subclaims error
* don't iterate over first column as it is a time column already
* don't iterate over first column as it was handled earlier
* add more flexibility to run the commands
* Update pkg/tsdb/influxdb/influxql/converter/converter.go
Co-authored-by: Nick Richmond <5732000+NWRichmond@users.noreply.github.com>
---------
Co-authored-by: Nick Richmond <5732000+NWRichmond@users.noreply.github.com>
Terraform Issue: grafana/terraform-provider-grafana#1007
Nested routes should be allowed to inherit the contact point from the root (or direct parent) route but this fails in the provisioning API (it works in the UI)
* Bench testing search user perm
* Add BenchmarkSearchUsersPermissions_1K_1K
* Clarify benchmark searches by action prefix
* Make MySQL more efficient
* Move all filter options
* Expand after assignments union
* update comments
* Add cloud migration endpoints
* Built auth into creating a migration.
* Added more detail to the migration result model
* goimports
* Update pkg/services/cloudmigration/api/api.go
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
* Update pkg/services/cloudmigration/api/api.go
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
---------
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
* vendor latest wire into pkg/build
* use vendored wire in builds
* fix wire import path
* remove wire from bingo
* also support google/wire import
* make prettier happy
* change package in tess
* add debug walk for drone
* add wire_gen in tests
* remove debug walk
* restore imports
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* Move SAML strategy to ssosettings service
* Update codeowners file
* reload from settings provider
* add saml as configurable provider
* Add new SAML strategy
* rename old saml settings interface
* update saml string references
* use OSS license
* validate saml provider depends on license for List
* add tests for list rendering including saml
* change the licensing validation to service init
* replace service struct for provider
* add feature toggle usePrometheusFrontendPackage
* add feature toggle logic to Prometheus module
* use config editor with package and remove configOverhaul feature toggle
* update betterer because we will be removing other files as we replace with files from @grafana/prometheus
* fix exemplar ds picker selector
* add more description to ts-ignore
* remove go.work.sum change
* copy go.work.sum from main
* update go.work.sum after talking with ismail
* put back the promlib entry
---------
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
* allow users with regular actions access provisioning API paths
* update methods that read rules
skip new authorization logic if user CanReadAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* create deltas for single rul e
* update modify methods
skip new authorization logic if user CanWriteAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* implement RuleAccessControlService in provisioning
* update file provisioning user to have all permissions to bypass authz
* update provisioning API to return errutil errors correctly
---------
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
* Prometheus: remove scope dependency
temp workaround
* depguard
* comment
* remove rules since they need a newer version of golangci-lint
---------
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
* server: reload of grafana server certs when renewed without restart.
Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
* server: reload of grafana server certs when renewed without restart.
Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
* Update http_server.go
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update http_server.go
Address the comments
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Dan Cech <dan@aussiedan.com>
* Update http_server.go
Align the spaces
* Update http_server.go
* Update http_server.go
* Update pkg/api/http_server.go
Co-authored-by: Dan Cech <dan@aussiedan.com>
---------
Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
* Alerting: Implement ApplyConfig for remote primary mode (forked AM)
* add TODO for saving the config hash in other config-related methods
* fix bad method receiver name (m -> am)
* tests
* add mutex
* remove sync loop
* Enable nestedFolders by default
* Make nestedFolders GA
Co-authored-by: Timur Olzhabayev <timur.olzhabayev@grafana.com>
* regenerate files
* also update docs
* skip failing test
---------
Co-authored-by: Timur Olzhabayev <timur.olzhabayev@grafana.com>
* Chore: Remove unused dependenices in plugin client middlewares
* refactor logger middleware to remove cfg dependency
* hack to make tracing work in api group builders
* display teams to team reader if they also have the access to list team permissions
* fix a typo in the docs
* enable annotationPermissionUpdate by default
* update wording
Adds support for logs (specify level), metrics (enable metrics and Prometheus /metrics endpoint
and traces (jaeger or otlp) for standalone API server. This will allow any grafana core service
part of standalone apiserver to use logging, metrics and traces as normal.
* Move some thema code inside grafana
* Use new codegen instead of thema for core kinds
* Replace TS generator
* Use new generator for go types
* Remove thema from oapi generator
* Remove thema from generators
* Don't use kindsys/thema for core kinds
* Remove kindsys/thema from plugins
* Remove last thema related
* Remove most of cuectx and move utils_ts into codegen. It also deletes wire dependency
* Merge plugins generators
* Delete thema dependency 🎉
* Fix CODEOWNERS
* Fix package name
* Fix TS output names
* More path fixes
* Fix mod codeowners
* Use original plugin's name
* Remove kindsys dependency 🎉
* Modify oapi schema and create an apply function to fix elasticsearch errors
* cue.mod was deleted by mistake
* Fix TS panels
* sort imports
* Fixing elasticsearch output
* Downgrade oapi-codegen library
* Update output ts files
* More fixes
* Restore old elasticsearch generated file and skip its generation. Remove core imports into plugins
* More lint fixes
* Add codeowners
* restore embed.go file
* Fix embed.go
* mssql: Add Kerberos/Windows AD auth
* need username for cache file
* account for no port in cc file
* add tests around constring
* remove un-needed port
* add docs
* remove comments
* move defer to same locale as where it begins
* fix linting and spelling
* fix gosec linter
* note lack of grafana cloud support
* require "folders:read" and "alert.rules:read" in all rules API requests (write and read).
* add check for permissions "folders:read" and "alert.rules:read" to AuthorizeAccessToRuleGroup and HasAccessToRuleGroup
* check only access to datasource in rule testing API
---------
Co-authored-by: William Wernert <william.wernert@grafana.com>
* (WIP) Alerting: Decrypt secrets before sending configuration to the remote Alertmanager
* refactor, fix tests
* test decrypting secrets
* tidy up
* test SendConfiguration, quote keys, refactor tests
* make linter happy
* decrypt configuration before comparing
* copy configuration struct before decrypting
* reduce diff in TestCompareAndSendConfiguration
* clean up remote/alertmanager.go
* make linter happy
* avoid serializing into JSON to copy struct
* codeowners
* Adds color and stroke-dasharray support for node graph edges
Adds support for providing color, highlighted color, and visual display of node graph edges as dashed lines via stroke-dasharray.
* Updates node graph documentation
* Updates documentation
Adds default for `highlightedColor`
* Update docs/sources/panels-visualizations/visualizations/node-graph/index.md
Co-authored-by: Fabrizio <135109076+fabrizio-grafana@users.noreply.github.com>
* Update packages/grafana-data/src/utils/nodeGraph.ts
Co-authored-by: Fabrizio <135109076+fabrizio-grafana@users.noreply.github.com>
* Update docs/sources/panels-visualizations/visualizations/node-graph/index.md
Co-authored-by: Isabel Matwawana <76437239+imatwawana@users.noreply.github.com>
* Removes highlightedColor; deprecates highlighted
Per [request](https://github.com/grafana/grafana/pull/83855#issuecomment-1999810826), deprecates `highlighted` in code and documentation, and removes `highlightedColor` as an additional property. `highlighted` will continue to be supported in its original state (makes the edge red), but is superseded if `color` is provided.
* Update types.ts
Missed a file in my last commit. Removes `highlightedColor` and deprecates `highlighted`.
* Add test scenario in test data source
---------
Co-authored-by: Fabrizio <135109076+fabrizio-grafana@users.noreply.github.com>
Co-authored-by: Isabel Matwawana <76437239+imatwawana@users.noreply.github.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
