Commit Graph

646 Commits

Author SHA1 Message Date
Adela Almasan
f64b121ddb
Canvas: Allow API calls to grafana origin (#91822)
* allow post URL
* check for config
* allow relative paths
* add allowed internal pattern; add checks for method
* update defaults.ini
* add custom header
* update config comment
* use globbing, switch to older middleware - deprecated call
* add codeowner
* update to use current api, add test
* update fall through logic

* Update pkg/middleware/validate_action_url.go

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update pkg/middleware/validate_action_url.go

Co-authored-by: Dan Cech <dcech@grafana.com>

* add more tests

* Update pkg/middleware/validate_action_url_test.go

Co-authored-by: Dan Cech <dcech@grafana.com>

* fix request headers

* add additional tests for all verbs

* fix request headers++

* throw error when method is unknown

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Brian Gann <bkgann@gmail.com>
Co-authored-by: Brian Gann <briangann@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
2024-09-10 10:45:27 -04:00
Tom Ratcliffe
aec73f3501
Alerting/Chore: Mock API (MSW) in browser (#89223)
Co-authored-by: joshhunt <josh@trtr.co>
2024-09-04 10:22:03 +01:00
Andres Martinez Gotor
a990b77c70
Add preinstall feature to defaults.ini (#92347) 2024-08-23 10:32:23 +02:00
Alexander Weaver
ac5ebe6e4d
Alerting: Add enablement flag for recording rules (#92032)
* Add enablement flag

* Disable if toggle not enabled
2024-08-19 12:01:00 -05:00
Dan Cech
9020eb4b17
Auth: Update oauthtoken service to use remote cache and server lock (#90572)
* update oauthtoken service to use remote cache and server lock

* remove token cache

* retry is lock is held by an in-flight refresh

* refactor token renewal to avoid race condition

* re-add refresh token expiry cache, but in SyncOauthTokenHook

* Add delta to the cache ttl

* Fix merge

* Change lockTimeConfig

* Always set the token from within the server lock

* Improvements

* early return when user is not authed by OAuth or refresh is disabled

* Allow more time for token refresh, tracing

* Retry on Mysql Deadlock error 1213

* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go

Co-authored-by: Dan Cech <dcech@grafana.com>

* Add settings for configuring min wait time between retries

* Add docs for the new setting

* Clean up

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-08-19 18:57:37 +02:00
Tom Ratcliffe
8136fbef1f
Chore: Add capability for overriding local development behaviour using env vars (#85603) 2024-08-13 13:07:42 +01:00
lean.dev
b5e32b31b1
Grafana: Enables use of encrypted certificates with password for https (#91418) 2024-08-06 19:18:32 -03:00
Josh Hunt
e55b438f14
E2C: Reduce UI poll interval and make configurable (#91386)
* E2C: Reduce UI poll interval and make configurable

* fix default
2024-08-02 10:46:41 +01:00
Josh Hunt
a547b38643
Docs: Update defaults.ini for new faro option (#91384) 2024-08-01 13:54:39 +03:00
Ryan McKinley
68f1a0619d
Snapshots: Remove deprecated option snapshot_remove_expired (#91231) 2024-07-31 08:47:15 +03:00
Michael Mandrus
c0af387766
CloudMigrations: Add a default feedback url (#91018)
add default url
2024-07-26 11:26:18 +01:00
Santiago
b79b38f02c
Alertmanager: Support limits for silences (#90826)
* Alertmanager: support limits for silences

* update grafana/alerting to latest main
2024-07-24 14:22:29 +02:00
Michael Mandrus
ee90cd3031
CloudMigrations: Send local events to gms during the migration process (#90637)
* add gms client function

* add timeout config for endpoint

* report events to gms

* fix lint error

* clean up report calls and make sure reports all have local ids

* extra validation

* improve error logging and fix url
2024-07-20 07:02:31 +03:00
Kristina
6eb695b258
Explore: Add setting for default time offset (#90401)
* Add setting for explore for a different time offset

* fix linter

* Add validation for duration value
2024-07-17 11:47:49 -05:00
Michael Mandrus
9b7e9d992b
CloudMigrations: Query GMS for a presigned upload url at upload time (#90505)
query GMS for an upload url at upload time
2024-07-17 11:53:21 -04:00
lean.dev
7839903fef
CloudMigrations: Sets default grafana domain to prod (#90526) 2024-07-17 10:48:23 -03:00
Andrew Hackmann
319a874033
MSSQL: Password auth for Azure AD (#89746)
* Password auth for Azure AD

* rename auth fields

* add azure flag for client password cred enabled

* prettier

* rename flag

* Update go.mod

* Update public/app/plugins/datasource/mssql/azureauth/AzureCredentialsForm.tsx

Co-authored-by: Andreas Christou <andreas.christou@grafana.com>

* Apply suggestions from code review

Co-authored-by: Andreas Christou <andreas.christou@grafana.com>

* update package

* go mod

* prettier

* remove password

* gowork

* remove unused env test

* linter

---------

Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
2024-07-16 14:08:51 -05:00
Michael Mandrus
542a1bf3ac
CloudMigrations: Query Grafana Migration Status for status while the snapshot is in the cloud (#90314)
* implement querying gms for snapshot status

* add some documentation

* provide snapshot resources after snapshot is created

* add rate limiting to backend

* fix compilation error

* fix typo

* add unit tests

* finish merge

* lint

* swagger gen

* more testing

* remove duplicate test

* address a couple PR comments

* update switch statement to a map

* add timeouts to gms client through the http client

* remove extra whitespace

* put method back where it was so the PR is less confusing

* fix tests

* add todo

* fix final unit test
2024-07-15 09:22:57 -04:00
Stephanie Hingtgen
bb187ce4b1
K8s: Match status codes from single tenant (#90153)
Co-authored-by: Jean-Philippe Quémémer <jeanphilippe.quemener@grafana.com>
2024-07-10 20:48:02 +02:00
Timur Olzhabayev
f763f2085b
Feat: Extending report interaction with static context that can be appended to all interaction events (#88927)
* Extending report interaction with static context that can be appended to all requests
2024-07-08 16:37:45 +02:00
Bruno
d1952bb681
Cloud migrations: create snapshot files (#89693)
* Cloud migrations: create snapshot and store it on disk

* fix merge conflicts

* implement StartSnapshot for gms client

* pass snapshot directory as argument to snapshot builder

* ensure snapshot folder is set

* make swagger-gen

* remove Test_ExecuteAsyncWorkflow

* pass signed in user to buildSnapshot method / use github.com/grafana/grafana-cloud-migration-snapshot to create snapshot files

* fix FakeServiceImpl.CreateSnapshot

* remove new line
2024-07-03 10:38:26 -03:00
Alexander Akhmetov
68691c9386
Alerting: Add setting for maximum allowed rule evaluation results (#89468)
* Alerting: Add setting for maximum allowed rule evaluation results

Added a new configuration setting `quota.alerting_rule_evaluation_results` to set the maximum number of alert rule evaluation results per rule. If the limit is exceeded, the evaluation will result in an error.
2024-06-27 09:45:15 +02:00
Yuri Tseretyan
4a5aab54a5
Alerting: Add max limit for Loki query size in state history API (#89646)
* add setting for query limit

* update BuildLogQuery to return error if limit is exceeded

* move tests for BuildLogQuery to separate suite
2024-06-25 09:20:38 -04:00
Rajguru
1b2f110664
Users: Add config option to control how often last_seen is updated (#88721)
Users: Add config option to control how often last_seen is updated

Co-authored-by: Karl Persson <kalle.persson92@gmail.com>
2024-06-24 16:54:56 +02:00
Matthew Jacobson
3228b64fe6
Alerting: Resend resolved notifications for ResolvedRetention duration (#88938)
* Simple replace of State.Resolved with State.ResolvedAt

* Retain ResolvedAt time between Normal->Normal transition

* Introduce ResolvedRetention to keep sending recently resolved alerts

* Make ResolvedRetention configurable with resolved_alert_retention

* Tick-based LastSentAt for testing of ResendDelay and ResolvedRetention

* Do not reset ResolvedAt during Normal->Pending transition

Initially this was done to be inline with Prom ruler. However, Prom ruler
doesn't keep track of Inactive->Pending/Alerting using the same alert instance,
so it's more understandable that they choose not to retain ResolvedAt. In our
case, since we use the same cached instance to represent the transition, it
makes more sense to retain it.

This should help alleviate some odd situations where temporarily entering
Pending will stop future resolved notifications that would have happened
because of ResolvedRetention.

* Pointers for ResolvedAt & LastSentAt

To avoid awkward time.Time{}.Unix() defaults on persist
2024-06-20 16:33:03 -04:00
William Wernert
c62cc25513
Alerting: Configure recording rule writer from config.ini (#89056) 2024-06-12 16:04:46 -04:00
Jacob Valdemar
eb76ea47a0
Alerting: Add ha_reconnect_timeout configuration option (#88823)
* Docs: Update "Configure high availability" guide with ha_reconnect_timeout configuration

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-06-11 13:25:48 -04:00
Misi
9a44296bc2
Auth: Add org to role mappings support to AzureAD/Entra integration (#88861)
* Added implementation and tests

* Add docs, simplify implementation

* Remove unused func

* Update docs
2024-06-10 12:08:30 +02:00
Karl Persson
f3efd95bb4
Auth: Add org to role mappings support to Google integration (#88891)
* Auth: Implement org role mapping for google oauth provider

* Update docs

* Remove unused function

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
2024-06-07 14:07:35 +02:00
Misi
4f2a9a47f3
Auth: Add org to role mappings support to Okta integration (#88770)
* Add org mapping support to Okta

* Update docs and configs

* Prettier docs

* Apply suggestions from code review

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Improve tests

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-06-06 10:35:06 +02:00
Fayzal Ghantiwala
80f54778f3
Alerting: Add option to use Redis in cluster mode for Alerting HA (#88696)
* Add config option to use Redis in cluster mode

* Use UniversalOptions
2024-06-05 17:02:25 +01:00
Karl Persson
f28905f8c4
Auth: Add org to role mappings support to Gitlab integration (#88751)
* Conf: Add org_mapping and org_attribute_path to github and gitlab conf

* Gitlab: Implement org role mapping

* Update docs
---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-06-05 16:15:53 +02:00
Fayzal Ghantiwala
67b9e3b269
Alerting: Update HA Redis TLS docs (#88538)
* Update HA Redis TLS doc

* Add test for regular TLS

* Update docs

* Update prom registry
2024-05-31 13:23:45 +01:00
Misi
ed6b3e9e7c
Auth: Introduce pre-logout hooks + add GCOM LogoutHook (#88475)
* Introduce preLogoutHooks in authn service

* Add gcom_logout_hook

* Config the api token from the Grafana config file

* Simplify

* Add tests for logout hook

* Clean up

* Update

* Address PR comment

* Fix
2024-05-30 15:52:16 +02:00
Jon Cole
67b90ceba5
Azure: Load custom clouds from ini file (#87667)
* Load custom clouds from config file

* Update docs

* Use the correct list of clouds, add test, fix error condition handling

* Remove on custom cloud from sample.ini and docs

* Remove unnecessary else block

* Use cached json instead of serializing with each request

* Update grafana-azure-sdk-go version to v2.0.4

* update configure-grafana entry for clouds_config

* fix lint errors

* fix lint errors

---------

Co-authored-by: Jeremy Angel (from Dev Box) <jeremyangel@microsoft.com>
2024-05-24 17:40:04 +01:00
Mathieu Parent
b8c9ae0eb7
OIDC: Support Generic OAuth org to role mappings (#87394)
* Social: link to OrgRoleMapper

* OIDC: support Generic Oauth org to role mappings

Fixes: #73448
Signed-off-by: Mathieu Parent <math.parent@gmail.com>

* Handle when getAllOrgs fails in the org_role_mapper

* Add more tests

* OIDC: ensure orgs are evaluated from API when not from token

Signed-off-by: Mathieu Parent <math.parent@gmail.com>

* OIDC: ensure AutoAssignOrg is applied with OrgMapping without RoleAttributeStrict

Signed-off-by: Mathieu Parent <math.parent@gmail.com>

* Extend docs

* Fix test, lint

---------

Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
2024-05-23 09:55:45 +02:00
Andreas Christou
edae5fc791
Azure: Fix for username assertion (#87853)
Fix for username assertion

- Allow setting username assertion in INI
- Correctly set the azsettings value
- Update tests
2024-05-16 11:50:02 -05:00
Fayzal Ghantiwala
7a2fbad0c8
Alerting: Add options to configure TLS for HA using Redis (#87567)
* Add Alerting HA Redis Client TLS configs

* Add test to ping miniredis with mTLS

* Update .ini files and docs

* Add tests for unified alerting ha redis TLS settings

* Fix malformed go.sum

* Add modowner

* Fix lint error

* Update docs and use dstls config
2024-05-14 14:21:42 +01:00
Karl Persson
0f3080ecb8
AuthN: Fix signout redirect url (#87631)
* Add missing return

* Use sign out redirect url from auth config if configured

* remove option from auth.jwt that is not used
2024-05-12 19:53:19 +02:00
Laura Benz
f806b9749d
refactor: replace static placeholders with translatable ones (#87130)
* refactor: replace static placeholders with translatable ones

* refactor

* refactor: keep default option

* refactor: improve expression

* refactor: run extraction after merging fix
2024-05-01 13:17:53 +02:00
Steve Simpson
5c89b8fe12
gRPC Server: Make message size limits configurable. (#86982)
* gRPC Server: Make message size limits configurable.

* Fix mistake, don't add opts twice

* Apply suggestions from code review

Co-authored-by: Todd Treece <360020+toddtreece@users.noreply.github.com>

---------

Co-authored-by: Todd Treece <360020+toddtreece@users.noreply.github.com>
2024-04-30 16:18:03 +02:00
Kristina
2247d6c415
Short Links: Add setting for changing expiration time (#86003)
* Add setting for changing shortlink expiration time

* Add docs, add better language

* put all the numbers in the duration 🤷

* 🙄

* update language to be correct and clear

* Add max limit and more documentation
2024-04-22 07:39:24 -05:00
Michael Mandrus
45a7f649fe
CMS: Create local implementation of cloud migration for dev use (#86637)
* add developer mode property to config

* create cms stub

* cleanup

* implement and wire up gcom stub

* fix errors

* don't document the flag
2024-04-20 23:51:58 -04:00
owensmallwood
8c8885ef23
Storage Api: Adds traces (#85391)
- adds traces and improved logging to the unified storage server
- add a configurable logger to the gRPC server service
2024-04-16 08:30:51 -06:00
Sofia Papagiannaki
ebf68f34fe
Chore: Fix spelling (#85435)
Fix spelling
2024-04-08 11:08:43 +03:00
Santiago
c7573bb0f7
Alerting: Make retention period configurable for the notification log (#85605)
* Alerting: Make retention period configurable for the notification log

* update sample.ini

* fix outdated comment (on disk -> kvstore)

* skip checking cyclomatic complexity for ReadUnifiedAlertingSettings
2024-04-05 12:25:43 +02:00
idafurjes
b885da09da
CloudMigrations: Implement migrations API (#85348)
* Implement run migration endpoint

* Refactor RunMigration method into separate methods

* Save migration runs fix lint

* Minor changes

* Refactor how to use cms endpoint

* fix interface

* complete merge

* add individual items

* adds tracing to getMigration

* linter

* updated swagger definition with the latest changes

* CloudMigrations: Implement core API handlers for cloud migrations and migration runs (#85407)

* implement delete

* add auth token encryption

* implement token validation

* call token validation during migration creation

* implement get migration status

* implement list migration runs

* fix bug

* finish parse domain func

* fix urls

* fix typo

* fix encoding and decoding

* remove double decryption

* add missing slash

* fix id returned by create function

* inject missing services

* finish implementing (as far as I can tell right now) data migration and response handling

* comment out broken test, needs a rewrite

* add a few final touches

* get dashboard migration to work properly

* changed runMigration to a POST

* swagger

* swagger

* swagger

---------

Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Michael Mandrus <41969079+mmandrus@users.noreply.github.com>
2024-04-03 13:36:13 +02:00
linoman
e4250a72db
JWT: Find login and email claims with JMESPATH (#85305)
* add function to static function to static service

* find email and login claims with jmespath

* rename configuration files

* Replace JWTClaims struct for map

* check for subclaims error
2024-03-28 17:25:26 +01:00
Bruno
a2e21eac8c
Cloud migrations: create endpoint to create an access token (#84690)
* fix merge conflicts

* make token expiration configurable
2024-03-25 12:43:28 -03:00
Sofia Papagiannaki
33b653534e
SQLStore: Enable migration locking by default (#84983)
* Introduce new configuration for migration locking

* Remove feature toggle

* Fix test and turn it into an integration

* Fix docs
2024-03-22 21:22:29 +02:00