grafana/pkg
Gabriel MABILLE 30fae33f66
RBAC: Allow role registration for plugins (#57387)
* Picking role registration from OnCall POC branch

* Fix test

* Remove include actions from this PR

* Removing unused permission

* Adding test to DeclarePluginRoles

* Add testcase to RegisterFixed role

* Additional test case

* Adding tests to validate plugins roles

* Add test to plugin loader

* Nit.

* Scuemata validation

* Changing the design to decouple accesscontrol from plugin management

Co-authored-by: Kalle Persson <kalle.persson@grafana.com>

* Fixing tests

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Add missing files

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Remove feature toggle check from loader

* Remove feature toggleimport

* Feedback

Co-Authored-By: marefr <marcus.efraimsson@gmail.com>

* Fix test'

* Make plugins.RoleRegistry interface typed

* Remove comment question

* No need for json tags anymore

* Nit. log

* Adding the schema validation

* Remove group to take plugin Name instead

* Revert sqlstore -> db

* Nit.

* Nit. on tests

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Update pkg/services/accesscontrol/plugins.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Log message

Co-Authored-By: marefr <marcus.efraimsson@gmail.com>

* Log message

Co-Authored-By: marefr <marcus.efraimsson@gmail.com>

* Remove unecessary method. Update test name.

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Fix linting

* Update cue descriptions

* Fix test

Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
Co-authored-by: marefr <marcus.efraimsson@gmail.com>
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
2022-11-07 11:30:45 +01:00
..
api RBAC: Allow role registration for plugins (#57387) 2022-11-07 11:30:45 +01:00
build DEB/RPM Packages: Remove old package publishing steps (#58071) 2022-11-02 18:42:01 +00:00
bus Chore: remove busmock (#57170) 2022-10-18 13:31:56 +00:00
cmd metrics: expose when the binary was built as an gauge (#57951) 2022-11-01 13:00:47 +01:00
codegen coremodels: Update to latest Thema with generics (#56602) 2022-10-11 09:45:07 +01:00
components Alerting: Linking external images securely - Azure Blob (#1) (#56598) 2022-11-01 13:02:17 +01:00
coremodel RBAC: Allow role registration for plugins (#57387) 2022-11-07 11:30:45 +01:00
cuectx coremodels: Update to latest Thema with generics (#56602) 2022-10-11 09:45:07 +01:00
events Alerting: Update rules version when folder title is updated (#53013) 2022-08-01 19:28:38 -04:00
expr Alerting: Contextual log provider for rule key (#57476) 2022-10-26 19:16:02 -04:00
extensions Dependencies: Clean up gofrs/uuid (#51615) 2022-06-30 10:55:33 -08:00
framework/coremodel coremodels: Always take runtime arg for NewBase() (#56677) 2022-10-11 05:39:29 -04:00
ifaces/gcsifaces Chore: Upgrade Go to 1.19.1 (#54902) 2022-09-12 12:03:49 +02:00
infra GRN: minor cleanup (#57924) 2022-11-01 11:09:39 -04:00
login Auth: Validate Azure ID token version on login is not v1 (#58088) 2022-11-03 09:47:44 +01:00
middleware Auth: Write the redirect cookie if denied - do not write a blank redirect (#57381) 2022-10-21 09:53:17 -05:00
mocks/mock_gcsifaces
models Storage: add support for snapshots, dataframes, and raw json objects (#57934) 2022-11-01 08:28:13 -07:00
plugins RBAC: Allow role registration for plugins (#57387) 2022-11-07 11:30:45 +01:00
registry Chore: Add Usage stats providers registry (#48357) 2022-04-28 13:06:49 +04:00
server RBAC: Allow role registration for plugins (#57387) 2022-11-07 11:30:45 +01:00
services RBAC: Allow role registration for plugins (#57387) 2022-11-07 11:30:45 +01:00
setting Rendering: Add configuration options for renderKey lifetime (#57339) 2022-11-03 12:06:55 +01:00
tests Alerting: Remove duplicate Slack notification title (#58107) 2022-11-04 17:09:24 +01:00
tsdb Build: clean up and document integration test convention (#58170) 2022-11-04 10:14:21 -04:00
util Nested Folders: Add tests for store methods (#57662) 2022-11-03 14:21:41 +01:00
web pkg/web: remove Router and Logger from Context (#53765) 2022-08-16 12:25:27 +02:00
README.md
ruleguard.rules.go

Backend

This directory contains the code for the Grafana backend. This document gives an overview of the directory structure, and ongoing refactorings.

For more information on developing for the backend:

Central folders of Grafana's backend

folder description
/pkg/api HTTP handlers and routing. Almost all handler funcs are global which is something we would like to improve in the future. Handlers should be associated with a struct that refers to all dependencies.
/pkg/cmd The binaries that we build: grafana-server and grafana-cli.
/pkg/components A mix of third-party packages and packages we have implemented ourselves. Includes our packages that have out-grown the util package and don't naturally belong somewhere else.
/pkg/infra Packages in infra should be packages that are used in multiple places in Grafana without knowing anything about the Grafana domain.
/pkg/services Packages in services are responsible for persisting domain objects and manage the relationship between domain objects. Services should communicate with each other using DI when possible. Most of Grafana's codebase still relies on global state for this. Any new features going forward should use DI.
/pkg/tsdb All backend implementations of the data sources in Grafana. Used by both Grafana's frontend and alerting.
/pkg/util Small helper functions that are used in multiple parts of the codebase. Many functions are placed directly in the util folders which is something we want to avoid. Its better to give the util function a more descriptive package name. Ex errutil.

Central components of Grafana's backend

package description
/pkg/bus The bus is described in more details under Communication
/pkg/models This is where we keep our domain model. This package should not depend on any package outside standard library. It does contain some references within Grafana but that is something we should avoid going forward.
/pkg/registry Package for managing services.
/pkg/services/alerting Grafana's alerting services. The alerting engine runs in a separate goroutine and shouldn't depend on anything else within Grafana.
/pkg/services/sqlstore Currently where the database logic resides.
/pkg/setting Anything related to Grafana global configuration should be dealt with in this package.

Dependency management

Refer to UPGRADING_DEPENDENCIES.md.

Ongoing refactoring

These issues are not something we want to address all at once but something we will improve incrementally. Since Grafana is released at a regular schedule the preferred approach is to do this in batches. Not only is it easier to review, but it also reduces the risk of conflicts when cherry-picking fixes from main to release branches. Please try to submit changes that span multiple locations at the end of the release cycle. We prefer to wait until the end because we make fewer patch releases at the end of the release cycle, so there are fewer opportunities for complications.

Global state

Global state makes testing and debugging software harder and it's something we want to avoid when possible. Unfortunately, there is quite a lot of global state in Grafana.

We want to migrate away from this by using the inject package to wire up all dependencies either in pkg/cmd/grafana-server/main.go or self-registering using registry.RegisterService ex https://github.com/grafana/grafana/blob/main/pkg/services/cleanup/cleanup.go#L25.

Limit the use of the init() function

Only use the init() function to register services/implementations.

Settings refactoring

The plan is to move all settings to from package level vars in settings package to the setting.Cfg struct. To access the settings, services and components can inject this setting.Cfg struct:

Cfg struct Injection example

Reduce the use of GoConvey

We want to migrate away from using GoConvey. Instead, we want to use stdlib testing, because it's the most common approach in the Go community and we think it will be easier for new contributors. Read more about how we want to write tests in the style guide.

Refactor SqlStore

The sqlstore handlers all use a global xorm engine variable. Refactor them to use the SqlStore instance.

Avoid global HTTP handler functions

Refactor HTTP handlers so that the handler methods are on the HttpServer instance or a more detailed handler struct. E.g (AuthHandler). This ensures they get access to HttpServer service dependencies (and Cfg object) and can avoid global state.

Date comparison

Store newly introduced date columns in the database as epochs if they require date comparison. This permits a unified approach for comparing dates against all the supported databases instead of handling dates differently for each database. Also, by comparing epochs, we no longer need error pruning transformations to and from other time zones.

Avoid use of the simplejson package

Use of the simplejson package (pkg/components/simplejson) in place of types (Go structs) results in code that is difficult to maintain. Instead, create types for objects and use the Go standard library's encoding/json package.

Provisionable*

All new features that require state should be possible to configure using config files. For example:

Today its only possible to provision data sources and dashboards but this is something we want to support all over Grafana.

Use context.Context "everywhere"

The package context should be used and propagated through all the layers of the code. For example the context.Context of an incoming API request should be propagated to any other layers being used such as the bus, service and database layers. Utility functions/methods normally doesn't need context.Context To follow best practices, any function/method that receives a context.Context argument should receive it as its first argument.

To be able to solve certain problems and/or implement and support certain features making sure that context.Context is passed down through all layers of the code is vital. Being able to provide contextual information for the full life-cycle of an API request allows us to use contextual logging, provide contextual information about the authenticated user, create multiple spans for a distributed trace of service calls and database queries etc.

Code should use context.TODO when it's unclear which Context to use or it is not yet available (because the surrounding function has not yet been extended to accept a context.Context argument).

More details in Services, Communication and Database.

Original design doc.