Look for 'caused_by.reason' in ES error response
When the ES response does not contain `reason` or `root_cause[0].reason`
is empty, there is no information for the user to know what is going
wrong.
An example of the error message after this change:
```
Failed to evaluate queries and expressions: failed to execute query A: Trying to create too many buckets. Must be less than or equal to: [65536] but this number of buckets was exceeded. This limit can be set by changing the [search.max_buckets] cluster level setting.
```
Related to https://github.com/grafana/grafana/issues/61246
* New pfs impl
* Reached codegen parity with old system
* Update all models.cue inputs
* Rename all models.cue files
* Remove unused prefixfs
* Changes Queries->DataQuery schema interface
* Recodegen
* All tests passing, nearly good now
* Add SchemaInterface to kindsys props
* Add pascal name deriver
* Relocate plugin cue files again
* Clarify use of injected fields
* Remove unnecessary aliasing
* Move DataQuery into mudball
* Allow forcing ExpandReferences on go type generation
* Move DataQuery def into kindsys, add generator to copy it to common
* Fix copy generator to replace package name correctly
* Fix duplicate type, test failure
* Fix linting issues
* remove placeholder image
* improve http client options
* add http clients options for webhook notifier
* ensure http is only used in dev mode
* cleanup errors
* Return errors from data parsing
* Better error handling
* Fix the tests
* When there is no frame add empty frame to get metadata attached to it
* Fix tests
* Update testdata
This commit renames "Message templates" to "Notification templates"
in the user interface as it suggests that these templates cannot
be used to template anything other than the message. However, message
templates are much more general and can be used to template other fields
too such as the subject of an email, or the title of a Slack message.
* feat: add a new modal for displaying no-access info
* feat(CardGrid): add an onClick handler for items
* feat: open a no-access modal when clicking on a connection in the catlog
* feat: update permissions
Open a "No access" modal when the user clicks a connection type but has no permissions creating a datasource out of it
* test: add tests for opening the No Access modal
* test: fix the user permissions in tests
* Wip
* Revert "Wip"
This reverts commit 7f080c7f77.
* Add new config option
* Add frontend control
* Condition new auth broker with config option
* Condition old auth broker with config option
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Create loki client type and ping method
* Expose TestConnection on client
* Configure and ping Loki URL
* Close response body reader if present
* Add 30 second timeout
* Remove duplicate close
* AUthN: Add last seen sync hooks for user / service account and move api
key last seen to own hook
* ContextHandler: only run sync for last seen if auth.Service is not
enabled
* AuthN: set up boilerplate for proxy client
* AuthN: Implement Test for proxy client
* AuthN: parse accept list in constructor
* AuthN: add proxy client interface
* AuthN: handle error
* AuthN: Implement the proxy client interface for ldap
* AuthN: change reciever name
* AuthN: add grafana as a proxy client
* AuthN: for error returned
* AuthN: add tests for grafana proxy auth
* AuthN: swap order of grafan and ldap auth
* AuthN: Parse additional proxy headers in proxy client and pass down
* AuthN: Create password client wrapper and use that on in basic auth
client
* AuthN: fix basic auth client test
* AuthN: Add tests for form authentication
* API: Inject authn service
* Login: If authnService feature flag is enabled use authn login
* Login: Handle token creation errors
* Config: Separate lists either by spaces or by commas.
* Simplify space separation
* use separate function for the config strings
* Change behavior only if string contains quotes
* add test for invalid string
* Use JSON list syntax
* ignore leading spaces when process list
* Add notes about using JSON lists into the docs
* Fix typo
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Add docs generator
* Add json-to-md conversion
* Fix lint issues
* Remove check for kind type
* Disable prettier for generated docs
* Use schema ref names as identifiers for links & headers
* Display the default value (if so) in the description
* Undo 'draft:false' introduced by mistake
* Update pkg/codegen/jenny_docs.go
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Undraft and unlist kinds documentation (#61476)
* Support running containers without root daemon
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Use section shortcode to automatically list child pages
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Undraft and unlist kinds documentation
This page and child pages are directly accessible but are not listed
in the table of contents.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Add docs-preview to browse drafted pages
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Replace end of line and pipe characters in table codegen
* Remove draft status from generated docs
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Robert Horvath <robert.horvath@grafana.com>
* [WIP] Auth: add backend skipOrgRoleSync to AzureAD OAuth
- add: skipOrgRoleSync
- rename: skipOrgRoleSync to skipOrgRoleSyncBase (to make it clear that
it is the base version of SocialBase)
- add: tests for skipOrgRoleSync in AzureAD
TODO:
- [ ] frontend changes
* add: docs
* refactor: remove role from basicinfo
* add: settings for grafanacom
* add: settigns for frontend
* add: logic for azureAD user skip org role
* add: docs for skip_org_role_sync
* refactor: docs a bit
* add: tests for userinfo
* refactor: to only extract if skiporgrolesync false
* refactor: based on review comments
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* add feature flag `alertingNoNormalState`
* update instance database to support exclusion of state in list operation
* do not save normal state and delete transitions to normal
* update get methods to filter out normal state
* API: Rewrite legacy access control and rbac tests for current org
endpoint
* API: Rewrite legacy and rbac endpoint tests for update current and
target org
* API: rewrite access control tests for create org
* API: Rewrite delete org api access control tests
* API: rewrite search org access control tests to not use mocked access
control
* API: Rewrite get org and get org by name access control tests to not use
mocked access control
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* AuthN: add the ability to register post login hooks
* AuthN: add a guard for the user id
* AuthN: Add helper to create external user info from identity
* AuthN: Pass auth request to password clients
* AuthN: set auth module and username in metadata
* Chore: Move team models to models pkg
* Fix ACL tests
* More ACL tests
* Change Id to ID in conflict user command test
* Remove team from models
* Fix ac test lint
* Alerting: Improve legacy migration to include send reminder & frequency
Legacy channel frequency is migrated to the channel's migrated route's
repeat interval if send reminder is true. If send reminder is false, we
pseudo-disable the repeat interval by setting it to a large value (1y).
If there were no default channels, the root notification policy is still
created with the default 4h repeat interval.
This pull request re-applies the refactoring of ConditionsCmd from a
reverted fix#56812 for mathexp.noData. It does not add the fix, or
tests for the fix, because those were added in #56816. We use the
additional test coverage added in #56816 and #58650 to avoid the
reoccurrence of regressions that caused us to revert #56812 the
first time.
* use new log group picker also for non cross-account queries
* cleanup and add comment
* remove not used code
* remove not used test
* add error message when trying to set log groups before saving
* fix bugs from pr feedback
* add more tests
* fix broken test
* PermissionFilter: Handle all search type and only check one action for dashboards
* PermissionFilter: Still handle multiple action but take short cut when
only one action is required
* Add auth labels and access control metadata to org users search results
* Fix search result JSON model
* Org users: Use API for pagination
* Fix default page size
* Refactor: UsersListPage to functional component
* Refactor: update UsersTable component code style
* Add pagination to the /orgs/{org_id}/users endpoint
* Use pagination on the AdminEditOrgPage
* Add /orgs/{org_id}/users/search endpoint to prevent breaking API
* Use existing search store method
* Remove unnecessary error
* Remove unused
* Add query param to search endpoint
* Fix endpoint docs
* Minor refactor
* Fix number of pages calculation
* Use SearchOrgUsers for all org users methods
* Refactor: GetOrgUsers as a service method
* Minor refactor: rename orgId => orgID
* Fix integration tests
* Fix tests
* Use preferred package header for generated code
> To convey to humans and machine tools that code is generated, generated source should have a line that matches the following regular expression (in Go syntax):
> `^// Code generated .* DO NOT EDIT\.$`
https://pkg.go.dev/cmd/go#hdr-Generate_Go_files_by_processing_source
Co-authored-by: sam boyer <sdboyer@grafana.com>
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Regenerate files with updated header
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: sam boyer <sdboyer@grafana.com>
* protect /connection url paths with permissions
These permissions match the original ones at /datasources and /plugins
* add Connections section to navtree only if user has permissions
This commit works only when the easystart plugin is not present.
I'll see what I can do when it is present in the next commit(s).
* update datasources page permissions
The datasources page have Explore buttons on datasource entries,
therefore it makes sense to show this page for those, who can't edit or
create datasources but have explore permissions.
This applies for the traditional Editor role.
* DataSourcesList: link to edit page only if has right to write
If the user doesn't have rights to write datasources, then it's better
to not create a link from cards to the edit page. This way they won't
see the configuration of the data sources either, which is a desirable
outcome.
Also, I moved the query for DataSourcesExplore permission out from the
DataSourcesListView component in the DataSourcesList component, next to
the other permission queries - for the sake of consistency.
* fix permissions for connect data
This way it matches the permissions of the "Plugins" page.
* fix applinks test
* Remove Raw references
* Remove more raws
* Re-generate files
* Remove raw folder from veneer
* Fix import
* Fix lint
* Bring back raw folder in grafana-schema
* Another lint
* Remove use of "Structured" word in kinds
* Delete unused function and remove some structured words
* Bunch more removals of structured name
Co-authored-by: sam boyer <sdboyer@grafana.com>
This commit adds a customizable timeout for screenshots called
capture_timeout. The default value is 10 seconds, and the maximum
value is 30 seconds. This timeout should be less than the minimum
Interval of all Evaluation Groups to avoid back pressure on alert
rule evaluation.
* Update config store to split between active and history tables
* Migrations to fix up indexes
* Implement migration from old format to new
* Move add migrations call
* Delete duplicated rows
* Explicitly map fields
* Quote the column name because it's a reserved word
* Lift migrations to top
* Use XORM for nearly everything, avoid any non trivial raw SQL
* Touch up indexes and zero out IDs on move
* Drop TODO that's already completed
* Fix assignment of IDs
* AuthN: Add boilderplate for render auth client
* AuthN: Implement test function for render auth client
* AuthN: Implement Authenticate for render arender auth client
* ContextHandler: Perform render auth if flag is enabled
* refactor(pluginhelp): rewrite as functional component with useAsync
* mimic old behaviour
* feat(pluginhelp): display message if backend returned an empty string
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* AuthN: Add basic auth client boilerplate
* AuthN: Implement test function for basic auth client
* AuthN: Implement the authentication method for basic auth
* AuthN: Add tests for basic auth authentication
* ContextHandler: perform basic auth authentication through authn service
if feature toggle is enabled
* AuthN: Add providers for sync services and pass required dependencies
* Alerting: Prevent short uid collision in legacy migration when db is case-insensitive
Two factors come into play that cause sporadic uid conflicts during legacy alert migration:
- MySQL and MySQL-compatible backends use case-insensitive collation.
- Our short uid generator is not a uniform RNG and generates uids in such a way that generations in quick succession have a higher probability of creating similar uids.
Normally we would be guaranteed unique short uid generation, however if the source alphabet contains
duplicate characters (for example, if we use case-insensitive comparison) this guarantee is void.
Generating even ~1000 uids in quick succession is nearly guaranteed to create a case-insensitive
duplicate.
chore (dashboardversion service): remove (one) join from store implementations
We return the userID from the dashboardservice store; the service (or api) layer can use that to get the user's login when needed.
