* Return data in camelCase from the OAuth fb strategy
* changes
* wip
* Add defaults for oauth fb strategy
* revert other changes
* basic includeDefaults query param implementation
* basic secret removal and etag implementation
* correct imports
* rebase
* move default settings filter to models
* only replace ClientSecret value if set
* first GetForProvider test & use FNV for ETag to avoid Blocklisted import error
* add tests
* add annotation for the openapi spec & generate spec
* remove TODO
* use IsSecret, improve tests, remove DefaultOAuthSettings
* add comment explaining generateFNVETag
* add error handling for generateFNVETag
* run go generate
* Update pkg/services/ssosettings/api/api.go
Co-authored-by: Mihai Doarna <mihai.doarna@grafana.com>
* move isSecret to service, create GetForProviderWithRedactedSecrets func
* add unit test for GetForProviderWithRedactedSecrets & remove duplicated code
* regen openapi/swagger
* revert dependency bumps
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Mihai Doarna <mihai.doarna@grafana.com>
This PR has two steps that together create a functional dry-run capability for the migration.
By enabling the feature flag alertingPreviewUpgrade when on legacy alerting it will:
a. Allow all Grafana Alerting background services except for the scheduler to start (multiorg alertmanager, state manager, routes, …).
b. Allow the UI to show Grafana Alerting pages alongside legacy ones (with appropriate in-app warnings that UA is not actually running).
c. Show a new “Alerting Upgrade” page and register associated /api/v1/upgrade endpoints that will allow the user to upgrade their organization live without restart and present a summary of the upgrade in a table.
* extract get and save operations to a alertmanagerConfigStore. this removes duplicated code in service (currently only mute timings) and improves testing
* replace generic errors with errutils one with better messages.
* update provisioning services to use new store
---------
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
* Docs: Add table data in PDF
* fix lint issues
* Switch to public preview
* Apply suggestions from code review
Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>
---------
Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>
There were a few errors that prevented these endpoints (which are the most up-to-date ones) from being present in the openapi spec:
- The `enterprise` tag excluded the endpoints from being generated
- `okRespoonse` typo
- Invalid templating on the parameters
- Missing parameter structs
Some refactoring that will simplify next changes for dry-run PRs. This should be no-op as far as the created ngalert resources and database state, though it does change some logs.
The key change here is to modify migrateOrg to return pairs of legacy struct + ngalert struct instead of actually persisting the alerts and alertmanager config. This will allow us to capture error information during dry-run migration.
It also moves most persistence-related operations such as title deduplication and folder creation to the right before we persist. This will simplify eventual partial migrations (individual alerts, dashboards, channels, ...).
Additionally it changes channel code to deal with PostableGrafanaReceiver instead of PostableApiReceiver (integration instead of contact point).
* Separate overlapping legacy and UA alerting routes
api/alert-notifiers, alerting/list, and alerting/notifications existed in both
legacy and UA.
Rename legacy route paths and nav ids to be independent of UA ones.
Backend:
* Update the Grafana Alerting engine to provide feedback to HysteresisCommand. The feedback information is stored in state.Manager as a fingerprint of each state. The fingerprint is persisted to the database. Only fingerprints that belong to Pending and Alerting states are considered as "loaded" and provided back to the command.
- add ResultFingerprint to state.State. It's different from other fingerprints we store in the state because it is calculated from the result labels.
- add rule_fingerprint column to alert_instance
- update alerting evaluator to accept AlertingResultsReader via context, and update scheduler to provide it.
- add AlertingResultsFromRuleState that implements the new interface in eval package
- update getExprRequest to patch the hysteresis command.
* Only one "Recovery Threshold" query is allowed to be used in the alert rule and it must be the Condition.
Frontend:
* Add hysteresis option to Threshold in UI. It's called "Recovery Threshold"
* Add test for getUnloadEvaluatorTypeFromCondition
* Hide hysteresis in panel expressions
* Refactor isInvalid and add test for it
* Remove unnecesary React.memo
* Add tests for updateEvaluatorConditions
---------
Co-authored-by: Sonia Aguilar <soniaaguilarpeiron@gmail.com>
* chore: Bump google.golang.org/grpc from 1.59.0 to 1.60.1
* Bump google.golang.org/protobuf to v1.32.0
* Fix make protobuf failing with latest protoc and protoc-gen-go
* Re-generate protobuf files
* Re-generate protobuf files
* Bump grafana-plugin-sdk-go
* go mod tidy
* merge with system settings before storing them in the db
* add base for validating sso settings
* add unit tests for sso settings validation
* call Reload() from sso service upsert()
* remove actual validation because it was moved in a separate pr
* use constant to fix lint error
* check if provider is configurable in service Upsert() method
* add unit tests for update provider settings api method
* fix lint error
* Canvas: Add Zoom
* Scale selecto components based on zoom state
* Fix pan by reverting to 3.1.0 for zoom-pan
* Update to latest library that fixes pan regression
* Add mini map to canvas pan zoom
* Fix selecto and anchors on hover
* Update naming to be more clear
* Switch back to contentComponent
* Apply transformScale to drag and resize
* Update connection source and target scaling
* Add option to display mini map
* Update yarn lock
* Revert "Update yarn lock"
This reverts commit 3d1dd65d57.
* Set yarn lock to main
* Revert "Set yarn lock to main"
This reverts commit 64bc50557e.
* Update to Yarn 4
* Add react-zoom-pan-pinch
* Update react-zoom-pan checksum
* Revert changes to json files
* Remove last line of api merged
* Remove last lines of all impacted jsons
* Update home json
* Update coordinate calc function to include scale
* Fix types in coordinate calc function
* Fix util calculation for transform
* Fix arrow anchor shift behavior
* Fix scale offset when adding elements during zoom
* Fix drag of selected group during zoom
* Add feature flag for canvas pan zoom
* Revert "Add feature flag for canvas pan zoom"
This reverts commit b026e31d8d.
* Regenerate feature flag after merge
* Apply feature flag to enable pan zoom wrappers
* Add mini map toggle behind feature flag
* Simplify minimap behavior
* Update feature flag registry
* Set minimap to false by default
* fix gen-cue
* Set toggles gen to main
Add blank line to toggle gen csv
* Add canvas pan zoom to csv
* Remove old comment
* Change ref parameter to be more descriptive
* Rename visibleFun to be more descriptive
* Consolidate transformScale transformRef in util
* Remove non-null assertion on connection parentRect
* Consolidate parentRect null coalescing into object
* Remove minimap and change toggle
* Add controls inline help for pan and zoom
* Clean up mouse events
* Pull scale out of ref and isolate transform
* Remove transform ref from scene div
* Fix context menu visible behavior
* Fix connections and update util functions
* Move transform component instance to util
* fix backend test
* minor updates
* Clean up connections / fix minor bug where offset of arrow wasn't being calculated correctly
* missed connection code cleanup
* cleanup scene code a bit more
* actually fix backend test
* move eslint disable line closer to actual issue
---------
Co-authored-by: nmarrs <nathanielmarrs@gmail.com>
* Unified Storage: Add resource from/to entity tests
* fixup
* Remove GRN
* Update tests
* truncate timestamps to account for RFC3339, set Group and GroupVersion in k8s object
* Update tests
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
* (WIP) Alerting: Use the forked Alertmanager for remote secondary mode
* fall back to using internal AM in case of error
* remove TODOs, clean up .ini file, add orgId as part of remote AM config struct
* log warnings and errors, fall back to remoteSecondary, fall back to internal AM only
* extract logic to decide remote Alertmanager mode to a separate function, switch on mode
* tests
* make linter happy
* remove func to decide remote Alertmanager mode
* refactor factory function and options
* add default case to switch statement
* remove ineffectual assignment
* Add definition of external service registration
* Add style and tables for permissions needed
* Add external service registration to local without counterpart
* Add feature toggle check
* Add feature flag check in the backend as well
* Add the disclaimer for permissions
---------
Co-authored-by: Gabriel MABILLE <gabriel.mabille@grafana.com>
* In migration, create one label per channel
This PR changes how routing is done by the legacy alerting migration.
Previously, we created a single label on each alert rule that contained an array of contact point names. Ex: __contact__="slack legacy testing","slack legacy testing2"
This label was then routed against a series of regex-matching policies with continue=true. Ex: __contacts__ =~ .*"slack legacy testing".*
In the case of many contact points, this array could quickly become difficult to manage and difficult to grok at-a-glance.
This PR replaces the single __contact__ label with multiple __legacy_c_{contactname}__ labels and simple equality-matching policies. These channel-specific policies are nested in a single route under the top-level route which matches against __legacy_use_channels__ = true for ease of organization.
This should improve the experience for users wanting to keep the default migrated routing strategy but who also want to modify which contact points an alert sends to.
* Exclude mapped nodata transitions when nodata mapped to OK
* Fix processEvalResults test
* Don't check NoDataState when filtering transition
* Add comment to explain purpose of separate function
---------
Co-authored-by: William Wernert <william.wernert@grafana.com>
* Nested Folders: Fix /api/folders pagination
We used to check access to the root folders after fetching them from the DB with pagination.
This fix splits logic for fetching folders in:
- fetching subfolders
- fetching root folders
and refactors the query for the latter so that is filters by folders with permissions
* Add tests
* Update benchmarks
* Drop from API response
* Drop from swagger docs
* Drop from integration tests
* regenerate public swagger docs
* Drop from frontend
* Drop asserts for namespaceID field
* replace SSOSettings with SSOSettingsDTO
* fix database tests
* fix oauth strategy
* fix sso settings service tests
* add secrets encryption on update
* rename SSOSettingsDTO to SSOSettings
* remove extraKeys from strategy
* change back settings type from createOAuthConnector to OAuthInfo
* do not parse multi-value fields in oauth strategy
* Move moving average and cumulative sum to private preview
* update docs
* move formatString to private preview
* rebuild docs
* undo changes that don't belong to this commit
* undo cumulative/window featureflag
* fix case
* Configure SkipOrgRoleSync from OAuthInfo
* Remove skipOrgRoleSync from socialbase and connectors
* Add test to socialimpl.ProvideService
* Deprecate AuthSettings' fields
* clean up misleading init of frontendsettings.Auth
* Can add allowed custom headers to an email Message. WIP.
* adds slug as a custom email header to all outgoing emails
* Headers are static - declared as key/value pairs in config. All static headers get added to emails.
* updates comment
* adds tests for parsing smtp static headers
* updates test to assert static headers are included when building email
* updates test to use multiple static headers
* updates test names
* fixes linting issue with error
* ignore gocyclo for loading config
* updates email headers in tests to be formatted properly
* add static headers first
* updates tests to assert that regular headers like From cant be overwritten
* ensures only the header is in a valid format for smtp and not the value
* updates comment and error message wording
* adds to docs and ini sample files
* updates smtp.static_headers docs examples formatting
* removes lines commented with semi colons
* prettier:write
* renames var
* Plugins: add option to disable TLS in the socks proxy
* fix allow_insecure docs
* upgrade github.com/grafana/grafana-plugin-sdk-go from v0.196.0 to v0.197.0
* fix conflicts
* Chore: Bump k8s dependencies to v0.29.0
* update the openapi fork
* use post process spec
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* Add Azure settings and update tests
* Filter by plugin ID
* Add forward settings config variable
* Update line
* Add tests
* Update so that data sources are fully defined in config
* Update SDK and test
* Fix lint
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
* Remove unnecessary if
---------
Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
* Alerting: Send configuration and state to the remote Alertmanager on shutdown
* Alerting: Add a sync interval for ApplyConfig in remote secondary mode
* add routine to sync states and configs
* pass a cancellable context to syncRoutine(), remove tests for ApplyConfig, cache last config in memory
* extract logic to update config and state in the remote Alertmanager
* get latest config from the database
* avoid using separate goroutine for updating state and config
* clean up PR
* refactor, comments, tests
* update tests
* remove canceled context from calls to StopAndWait()
* create context with timeout and send config and state to remote Alertmanager
* update tests
* address code review comments
Swagger(ngalert): Add `X-Disable-Provenance` to missing operations
I added all functions that call the `determineProvenance` function
Schema changes are from:
`make` in `pkg/services/ngalert/api/tooling`
`make swagger-clean && make openapi3-gen` in root
* Alerting: Add a sync interval for ApplyConfig in remote secondary mode
* add routine to sync states and configs
* pass a cancellable context to syncRoutine(), remove tests for ApplyConfig, cache last config in memory
* extract logic to update config and state in the remote Alertmanager
* get latest config from the database
* avoid using separate goroutine for updating state and config
* clean up PR
* refactor, comments, tests
* update tests
* add config struct for remote secondary forked Alertmanager
* use errgroups for sync operations
* use waitgroup instead of errgroup
* remove helper method to sync AMs
* check for errors instead of bool syncErr
* Chore: Remove FolderID from Dashboard Import
* chore: regen specs
* Remove OrgID from DashboardImportRequest and DashboardImportResponse
* Remove OrdIDs from swagger and tests
---------
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
* bidirectional shared crosshair table WIP
* add shared crosshair to table panel
* lower around point threshold
* add feature toggle
* add index based verification
* add adaptive threshold
* switch to debounceTime
* lower debounce to 100
* raise debounce back to 200
* revert azure dashboard
* re-render only rows list on data hover event
* further break down table component
* refactor
* raise debounce time
* fix build
* Add Loki historian store stub
* Add composite store
* Use composite store if Loki historian enabled
* Split store interface into read/write
* Make composite + historian stores read only
* Use variadic constructor for composite
* Modify Loki store enable logic
* Use dskit.concurrency.ForEachJob for parallelism
* Alerting: Refactor readiness check
Moves the readiness check to the mimir client and removes the need to assert that we have senders - it already has a queue and can hold notifications until we're ready to send them.
---------
Signed-off-by: gotjosh <josue.abreu@gmail.com>
* `accesscontrol` swagger: Add `global` field to `RoleDTO` type
The field is currently added in the MarshalJSON function so it isn't reflected in the spec
This PR sets the "static" version of the RoleDTO, that has the global field, as the swagger model
* Revert the marshalling logic
* Anonymous: Add device limiter
* break auth if limit reached
* fix typo
* refactored const to make it clearer with expiration
* anon device limit for config
---------
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
* add GetCommandsFromPipeline
* refactor method GetCommandType to func GetExpressionCommandType
* add function to create fingerprint frames
* add function to determine whether raw query represents a hysteresis command and a function to patch it with loaded metrics
* remove GRN and switch tenant to namespace
* clean up remaining references
* simplify and remove inconsistency in With* parameters
* parse listing keys so we can use db index
* bump the schema version
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* Refactor to prevent cyclic dependencies
* Move list authorization to the API layer
* Init connectors using the SSO settings service in case the ssoSettingsApi feature toggle is enabled
* wip, need to handle the cyclic dep
* Remove cyclic dependency
* Align tests + refactor
* Move back OAuthInfo to social
* Delete pkg/login/social/constants
* Move reloadable registration to the social providers
* Rename connectors.Error to connectors.SocialError
* Send sanitized selectors to the Pyroscope backend for LabelNames and LabelValues
* Clean LabelNames response to remove already used labels
* Improve performance after major changes
* Fix import order
* Further improve rendering performance
* Fix frontend tests
* Fix fake pyroscope client signature
* Bump pyroscope/api dependency to include start/end in LabelNames/LabelValues
* Fix issue with old queries running when using the run button
* Add generated file
* Make code more readable, add a few comments
* Format with prettier
* Fix error when assigning data
* Revert "Add generated file"
This reverts commit c4f33727b8.
* Remove leftover code
* Simplify query editor internal state objects
* Move label selector validation up, improve label filtering
* Simplify query editor state, switch to debounce to reduce rerenders
* Revert cosmetic change
* Chore: Remove FolderID from DTO Folder
* chore: add OrgID field to an instance of SaveDashboardCommand
* chore: add another OrgID to pair with the FolderUID:
* chore: add OrgId to Folder struct and expectedParentOrgIDs to testCase struct, unsure if last part is necessary
* Fix folder test, add expected orgID
* chore: regen specs
---------
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
* Alerting: Attempt to retry retryable errors
Retrying has been broken for a good while now (at least since version 9.4) - this change attempts to re-introduce them in their simplest and safest form possible.
I first introduced #79095 to make sure we don't disrupt or put additional load on our customer's data sources with this change in a patch release. Paired with this change, retries can now work as expected.
There's two small differences between how retries work now and how they used to work in legacy alerting.
Retries only occur for valid alert definitions - if we suspect that that error comes from a malformed alert definition we skip retrying.
We have added a constant backoff of 1s in between retries.
---------
Signed-off-by: gotjosh <josue.abreu@gmail.com>
* first round of entityapi updates
- quote column names and clean up insert/update queries
- replace grn with guid
- streamline table structure
fixes
streamline entity history
move EntitySummary into proto
remove EntitySummary
add guid to json
fix tests
change DB_Uuid to DB_NVarchar
fix folder test
convert interface to any
more cleanup
start entity store under grafana-apiserver dskit target
CRUD working, kind of
rough cut of wiring entity api to kube-apiserver
fake grafana user in context
add key to entity
list working
revert unnecessary changes
move entity storage files to their own package, clean up
use accessor to read/write grafana annotations
implement separate Create and Update functions
* go mod tidy
* switch from Kind to resource
* basic grpc storage server
* basic support for grpc entity store
* don't connect to database unless it's needed, pass user identity over grpc
* support getting user from k8s context, fix some mysql issues
* assign owner to snowflake dependency
* switch from ulid to uuid for guids
* cleanup, rename Search to List
* remove entityListResult
* EntityAPI: remove extra user abstraction (#79033)
* remove extra user abstraction
* add test stub (but
* move grpc context setup into client wrapper, fix lint issue
* remove unused constants
* remove custom json stuff
* basic list filtering, add todo
* change target to storage-server, allow entityStore flag in prod mode
* fix issue with Update
* EntityAPI: make test work, need to resolve expected differences (#79123)
* make test work, need to resolve expected differences
* remove the fields not supported by legacy
* sanitize out the bits legacy does not support
* sanitize out the bits legacy does not support
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* update feature toggle generated files
* remove unused http headers
* update feature flag strategy
* devmode
* update readme
* spelling
* readme
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* Alerting: Attempt to retry retryable errors
Currently in a draft state, but this was the minimal diff I could put together to exemplify how could achieve this.
Signed-off-by: gotjosh <josue.abreu@gmail.com>
---------
Signed-off-by: gotjosh <josue.abreu@gmail.com>
* Have the first iteration
* Prepare bench testing
* rename the test files
* Remove unnecessary test file
* Introduce influxqlStreamingParser feature flag
* Apply streaming parser feature flag
* Add new tests
* More tests
* return executedQueryString only in first frame
* add frame meta and config
* Update golden json files
* Support tags/labels
* more tests
* more tests
* Don't change original response_parser.go
* provide context
* create util package
* don't pass the row
* update converter with formatted frameName
* add executedQueryString info only to first frame
* update golden files
* rename
* update test file
* use pointer values
* update testdata
* update parsing
* update converter for null values
* prepare converter for table response
* clean up
* return timeField in fields
* handle no time column responses
* better nil field handling
* refactor the code
* add table tests
* fix config for table
* table response format
* fix value
* if there is no time column set name
* linting
* refactoring
* handle the status code
* add tracing
* Update pkg/tsdb/influxdb/influxql/converter/converter_test.go
Co-authored-by: İnanç Gümüş <m@inanc.io>
* fix import
* update test data
* sanity
* sanity
* linting
* simplicity
* return empty rsp
* rename to prevent confusion
* nullableJson field type for null values
* better handling null values
* remove duplicate test file
* fix healthcheck
* use util for pointer
* move bench test to root
* provide fake feature manager
* add more tests
* partial fix for null values in table response format
* handle partial null fields
* comments for easy testing
* move frameName allocation in readSeries
* one less append operation
* performance improvement by making string conversion once
pkg: github.com/grafana/grafana/pkg/tsdb/influxdb/influxql
│ stream2.txt │ stream3.txt │
│ sec/op │ sec/op vs base │
ParseJson-10 314.4m ± 1% 303.9m ± 1% -3.34% (p=0.000 n=10)
│ stream2.txt │ stream3.txt │
│ B/op │ B/op vs base │
ParseJson-10 425.2Mi ± 0% 382.7Mi ± 0% -10.00% (p=0.000 n=10)
│ stream2.txt │ stream3.txt │
│ allocs/op │ allocs/op vs base │
ParseJson-10 7.224M ± 0% 6.689M ± 0% -7.41% (p=0.000 n=10)
* add comment lines
---------
Co-authored-by: İnanç Gümüş <m@inanc.io>
* Unified Alerting: Set `max_attempts` to 1 by default
The retry logic for unified alerting has been broken as far as v9.4.x, rather than fixing it in one go and causing a headache to our users with rules putting extra load on their datasources - I think a better approach is to simply set 1 as a default and then let our users change it.
I see two cons with this approach:
- Configuration for legacy to unified alerting cannot be ported over automatically, users will have to manually set `max_attempts` to 3 when migrating.
- Users expecting to get any sort of retrying (as with legacy alerting) will not have it out of the box and will have to manually edit the configuration.
Signed-off-by: gotjosh <josue.abreu@gmail.com>
---------
Signed-off-by: gotjosh <josue.abreu@gmail.com>
* Folders: Show folders user has access to at the root level
* Refactor
* Refactor
* Hide parent folders user has no access to
* Skip expensive computation if possible
* Fix tests
* Fix potential nil access
* Fix duplicated folders
* Fix linter error
* Fix querying folders if no managed permissions set
* Update benchmark
* Add special shared with me folder and fetch available non-root folders on demand
* Fix parents query
* Improve db query for folders
* Reset benchmark changes
* Fix permissions for shared with me folder
* Simplify dedup
* Add option to include shared folder permission to user's permissions
* Fix nil UID
* Remove duplicated folders from shared list
* Folders: Fix fetching empty folder
* Nested folders: Show dashboards with directly assigned permissions
* Fix slow dashboards fetch
* Refactor
* Fix cycle dependencies
* Move shared folder to models
* Fix shared folder links
* Refactor
* Use feature flag for permissions
* Use feature flag
* Review comments
* Expose shared folder UID through frontend settings
* Add frontend type for sharedWithMeFolderUID option
* Refactor: apply review suggestions
* Fix parent uid for shared folder
* Fix listing shared dashboards for users with access to all folders
* Prevent creating folder with "shared" UID
* Add tests for shared folders
* Add test for shared dashboards
* Fix linter
* Add metrics for shared with me folder
* Add metrics for shared with me dashboards
* Fix tests
* Tests: add metrics as a dependency
* Fix access control metadata for shared with me folder
* Use constant for shared with me
* Optimize parent folders access check, fetch all folders in one query.
* Use labels for metrics
* Export Notification Policy correctly (#78020)
The JSON version of an exported Notification Policy now
inline correctly the policy in the same way the Yaml version
does.
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
* ngalert `make`: Support GNU install on Darwin
Currently, the Makefile assumes that Darwin is using the Mac version of `sed`
I have the GNU version, so it failed. With this PR, it checks which version is installed
I also called `make` and there are some changes that came out of it
* swagger-gen
The definition for preferences is globally named `Spec` because that's the type that cue outputs
This adds a swagger annotation to rename the definition in the swagger schema to `Preferences`
This will be easier to use in generated clients
* Prepare the test files
* use json files everywhere
* update golden json files
* disable update
* update test file
* fix naming
* lint
* InfluxDB: Add metadata information to first frame only (#78664)
* executedString in first frame only
* lint
* fix tests
* update tests
* don't update
* linting
* update
* update again
* handle nil values
* append in the right array
* add comments
* remove redundant if condition
* update fixed annotation roles if FlagAnnotationPermissionUpdate is enabled
* add dashboard type scope back in the fixed roles to make the migration easier
* Return data in camelCase from the OAuth fb strategy
* changes
* wip
* Add defaults for oauth fb strategy
* revert other changes
* Add tests
* Add Defaults to cfg and use it in OAuthStrategy
* Return *OAuthInfo from OAuthStrategy
* lint
* Remove unnecessary Defaults
* Introduce const for fields, fix import order
* Align failing tests
* clean up
* Changes requested by @gamab
* Update pkg/services/ssosettings/strategies/oauth_strategy_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Load data on startup
* Rename + simplify
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Alerting: Only warm alert state cache if execute_alerts=true.
If the Grafana instance is not executing alerts, then Warm()-ing the state
manager is wasteful and could lead to misleading rule status queries, as the
status returned will be always based on the state loaded from the database at
startup, and not the most recent evaluation state.
* Move Warm() down to shared conditional.
* Alerting: Add clean_upgrade config and deprecate force_migration
Upgrading to UA and rolling back will no longer delete any data by default.
Instead, each set of tables will remain unchanged when switching between
legacy and UA. As such, the force_migration config has been deprecated
and no extra configuration is required to roll back to legacy anymore.
If clean_upgrade is set to true when upgrading from legacy alerting to Unified
Alerting, grafana will first delete all existing Unified Alerting resources,
thus re-upgrading all organizations from scratch. If false or unset,
organizations that have previously upgraded will not lose their existing Unified
Alerting data when switching between legacy and Unified Alerting.
Similar to force_migration, it should be kept false when not needed as it may
cause unintended data-loss if left enabled.
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Alerting: Keep track of individual org migration status
Save migration status per migrated org.
Change the meaning (and key/value) of the org_id=0 entry
to store the current (previous) config value used by alerting.
This is so we can know when to upgrade/downgrade by
comparing with the new config value in
UnifiedAlerting.IsEnabled.
* Chore: use errutil for pluginRepo errors
* Update pkg/util/errutil/status.go
* Use errutil helper functions
Co-Authored-By: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Forgot the log level
* Use entity
---------
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Alerting: Add a sync interval for ApplyConfig in remote secondary mode
* remove out of scope code
* remove parentheses after CleanUp for consistency in test comments
* Add comment to ApplyConfig
* Add error to surface for groups groups not valid
* Update pkg/login/social/azuread_oauth.go
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix timeout issues when gathering prometheus flavor stats
* workaround data race in sdk tracing middleware
* cap concurrency at 10
---------
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Add anonymous stats and user table
- anonymous users users page
- add feature toggle `anonymousAccess`
- remove check for enterprise for `Device-Id` header in request
- add anonusers/device count to stats
* promise all, review comments
* make use of promise all settled
* refactoring: devices instead of users
* review comments, moved countdevices to httpserver
* fakeAnonService for tests and generate openapi spec
* do not commit openapi3 and api-merged
* add openapi
* Apply suggestions from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* formatin
* precise anon devices to avoid confusion
---------
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: jguer <me@jguer.space>
* refactor SSOSettings to use types
* test struct
* refactor SSOSettings struct to use types
* fix database tests
* fix populateSSOSettings() to accept an SSOSettings param
* fix all tests from the database layer
* handle errors for converting to/from SSOSettings
* add json tag on OAuthInfo fields
* use continue instead of if/else
* add the source field to SSOSettingsDTO conversion
* remove omitempty from json tags in OAuthInfo struct
* Prepare the test files
* use json files everywhere
* update golden json files
* disable update
* update test file
* fix naming
* lint
* InfluxDB: Add metadata information to first frame only (#78664)
* executedString in first frame only
* lint
* fix tests
* update tests
* don't update
* linting
* update
* update again
* Alerting: In migration improve deduplication of title and group
This change improves alert titles generated in the legacy migration
that occur when we need to deduplicate titles. Now when duplicate
titles are detected we will first attempt to append a sequential index,
falling back to a random uid if none are unique within 10 attempts.
This should cause shorter and more easily readable deduplicated
titles in most cases.
In addition, groups are no longer deduplicated. Instead we set them
to a combination of truncated dashboard name and humanized alert
frequency. This way, alerts from the same dashboard share a group
if they have the same evaluation interval. In the event that truncation
causes overlap, it won't be a big issue as all alerts will still be in a
group with the correct evaluation interval.
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* update docs
* update devenvs
* add missing struct tag
---------
Co-authored-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: jguer <me@jguer.space>
* Alerting: Introduce a Mimir client as part of the Remote Alertmanager
Mimir client that understands the new APIs developed for mimir. Very much a WIP still.
* more wip
* appease the linter
* more linting
* add more code
* get state from kvstore, encode, send
* send state to the remote Alertmanager, extract fullstate logic into its own function
* pass kvstore to remote.NewAlertmanager()
* refactor
* add fake kvstore to tests
* tests
* use FileStore to get state
* always log 'completed state upload'
* refactor compareRemoteConfig
* base64-encode the state in the file store
* export silences and nflog filenames, refactor
* log 'completed state/config upload...' regardless of outcome
* add values to the state store in tests
* address code review comments
* log error from filestore
---------
Co-authored-by: gotjosh <josue.abreu@gmail.com>
* ExtSvcAuth: Assign roles locally
* Fix test
* HandlePluginStateChanged in the OrgID
* Remove Global from command
* Use AssignmentOrgID instead of OrgID
* Remove unecessary test case
* AuthN: Check API Key is not trying to access another organization
* Revert local change
* Add test
* Discussed with Kalle we should set r.OrgID
* Syntax sugar
* Suggestion org-mismatch
* Alerting: Apply query optimization to eval endpoints
Previously, query optimization was applied to alert queries when scheduled but
not when ran through `api/v1/eval` or `/api/v1/rule/test/grafana`. This could
lead to discrepancies between preview and scheduled alert results.
* Alerting: Add GetFullState method to FileStore
* make tests compile, create stateStore in NewAlertmanager
* return errors instead of logging, accept an arbitrary number of strings
* make NewAlertmanager() accept a stateStore
