grafana/pkg/api
Ryan McKinley 41e523bde7
K8s/FeatureFlags: Add an apiserver to manage feature flags (dev only) (#80501)
* add deployment registry API cloud only

* update versions

* add feature flag endpoints

* use helpers

* merge main

* update AllowSelfServie and re-run code gen

* fix package name

* add allowselfserve flag to payload

* remove config

* update list api to return the full registry including states

* change enabled check

* fix compile error

* add feature toggle and split path in frontend

* changes

* with status

* add more status/state

* add back config thing

* add back config thing

* merge main

* merge main

* now on the /current api endpoint

* now on the /current api endpoint

* drop frontend changes

* change group name to featuretoggle (singular)

* use the same settings

* now with patch

* more common refs

* more common refs

* WIP actually do the webhook

* fix comment

* fewer imports

* registe standalone

* one less file

* fix singular name

---------

Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
2024-01-17 21:32:44 -08:00
..
apierrors Alerting: Fix deleting rules in a folder with matching UID in another organization (#78258) 2023-12-04 11:34:38 +02:00
avatar Chore: Fix goimports grouping in pkg/api (#62419) 2023-01-30 08:18:26 +00:00
datasource mssql: prepare logs-handling for decouple-datasource changes (#79214) 2023-12-11 09:14:06 +01:00
dtos K8s: Add dashboard service (requires dev mode) (#78565) 2024-01-11 01:20:30 +02:00
frontendlogging Chore: use any rather than interface{} (#74066) 2023-08-30 18:46:47 +03:00
pluginproxy RBAC: Cover plugin routes (#80578) 2024-01-17 16:32:23 +01:00
response Errors: Make errors the same in dev as prod (#77366) 2023-10-30 14:06:26 -04:00
routing Chore: Move ReqContext to contexthandler service (#62102) 2023-01-27 08:50:36 +01:00
static API: Extract OpenAPI specification from source code using go-swagger (#40528) 2022-02-08 13:38:43 +01:00
webassets Frontend: Reload the browser when backend configuration/assets change (#79057) 2024-01-04 08:00:07 +01:00
accesscontrol.go RBAC: change annotation scopes back (#79330) 2023-12-12 09:51:08 +02:00
admin_encryption.go Config: Add configuration option to define custom user-facing general error message for certain error types (#70023) 2023-06-16 10:46:47 -05:00
admin_provisioning_test.go RBAC: Rewrite provisioning rbac tests (#61752) 2023-01-19 13:49:57 +01:00
admin_provisioning.go Chore: Move ReqContext to contexthandler service (#62102) 2023-01-27 08:50:36 +01:00
admin_test.go Auth: Add anonymous users view and stats (#78685) 2023-11-29 17:58:41 +01:00
admin_users_test.go Chore: Configure SkipOrgRoleSync from OAuthInfo for OAuth connectors (#79443) 2023-12-15 10:58:08 +01:00
admin_users.go User: Verify external user status for accessing certain user routes (#79909) 2023-12-29 14:23:05 +01:00
admin.go Anonymous: Add device limits to stats (#79494) 2023-12-18 09:32:57 +01:00
alerting.go Alerting: Separate overlapping legacy and UA alerting routes (#76517) 2024-01-04 18:01:57 -05:00
annotations_test.go Annotations: Remove dashboard permission checks for annotations (#78352) 2023-11-23 10:47:37 +00:00
annotations.go FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
api.go Alerting: Separate overlapping legacy and UA alerting routes (#76517) 2024-01-04 18:01:57 -05:00
apikey.go Chore: Port user services to identity.Requester (#73851) 2023-08-28 10:42:24 +02:00
basic_auth_test.go Macaron: remove custom Request type (#37874) 2021-09-01 11:18:30 +02:00
basic_auth.go Macaron: remove custom Request type (#37874) 2021-09-01 11:18:30 +02:00
common_test.go FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
dashboard_permission_test.go authz: Clean up acl endpoints and dashboard guardian (#73746) 2023-08-24 15:37:54 +02:00
dashboard_permission.go Authz: Remove use of SignedInUser copy for permission evaluation (#78448) 2023-11-22 14:20:22 +01:00
dashboard_snapshot_test.go Authz: fix snapshot tests legacy guardian (#73823) 2023-08-28 09:49:10 +02:00
dashboard_snapshot.go Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112) 2023-10-09 16:07:28 +02:00
dashboard_test.go Remove deprecated FolderID from api tests (#79466) 2023-12-20 15:12:05 +01:00
dashboard.go K8s: Add dashboard service (requires dev mode) (#78565) 2024-01-11 01:20:30 +02:00
dataproxy.go Chore: use any rather than interface{} (#74066) 2023-08-30 18:46:47 +03:00
datasources_test.go Team LBAC: Limit access to data source (#78376) 2023-12-05 13:45:40 +02:00
datasources.go FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
fakes.go Plugins: Make renderer service load renderer plugin (#77854) 2023-12-14 17:33:29 +01:00
featuremgmt_test.go K8s/FeatureFlags: Add an apiserver to manage feature flags (dev only) (#80501) 2024-01-17 21:32:44 -08:00
featuremgmt.go K8s/FeatureFlags: Add an apiserver to manage feature flags (dev only) (#80501) 2024-01-17 21:32:44 -08:00
folder_bench_test.go FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
folder_permission_test.go Remove deprecated FolderID from api tests (#79466) 2023-12-20 15:12:05 +01:00
folder_permission.go Authz: Remove use of SignedInUser copy for permission evaluation (#78448) 2023-11-22 14:20:22 +01:00
folder_test.go FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
folder.go Chore: Remove extra loop over folders in GetFolders handler (#79933) 2024-01-16 12:35:10 +01:00
frontend_logging_test.go Chore: use any rather than interface{} (#74066) 2023-08-30 18:46:47 +03:00
frontend_logging.go Plugins: Add context to StaticRouteResolver and ErrorResolver interfaces (#73121) 2023-08-10 10:32:12 +02:00
frontend_metrics.go Chore: Move ReqContext to contexthandler service (#62102) 2023-01-27 08:50:36 +01:00
frontendsettings_test.go FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
frontendsettings.go Auth: Hide forgot password if grafana auth is disabled (#79895) 2024-01-04 10:46:55 +01:00
grafana_com_proxy.go API: don't re-add /api suffix to grafana.com API URL (#62280) 2023-01-27 10:20:55 +01:00
health_test.go HealthCheck: show enterprise commit (#75242) 2023-09-22 08:17:10 -03:00
health.go Chore: Remove Store interface and use db.DB instead (#60160) 2022-12-13 11:03:36 +01:00
http_server_test.go Chore: Fix goimports grouping in pkg/api (#62419) 2023-01-30 08:18:26 +00:00
http_server.go FeatureFlags: Use interface rather than manager (#80000) 2024-01-09 10:38:06 -08:00
index.go index: Fetch auth module and provide it to front-end (#80345) 2024-01-11 11:37:52 +01:00
login_oauth_test.go Auth: Remove auth broker flag and clean up login handlers (#73109) 2023-08-10 09:56:04 +02:00
login_oauth.go Auth: Remove unused Authenticator service (#73143) 2023-08-10 11:02:32 +02:00
login_test.go Frontend: Reload the browser when backend configuration/assets change (#79057) 2024-01-04 08:00:07 +01:00
login.go Authn: Handle logout logic in auth broker (#79635) 2023-12-19 10:17:28 +01:00
metrics_test.go Errors: Make errors the same in dev as prod (#77366) 2023-10-30 14:06:26 -04:00
metrics.go FeatureToggles: Add context and and an explicit global check (#78081) 2023-11-14 12:50:27 -08:00
org_invite_test.go Chore: Fix goimports grouping in pkg/api (#62419) 2023-01-30 08:18:26 +00:00
org_invite.go Chore: use any rather than interface{} (#74066) 2023-08-30 18:46:47 +03:00
org_test.go Access: Fetch fresh permissions for target GlobalOrgID in AuthorizeInOrgMiddleware (#76569) 2023-10-13 21:01:47 +03:00
org_users_test.go Chore: Configure SkipOrgRoleSync from OAuthInfo for OAuth connectors (#79443) 2023-12-15 10:58:08 +01:00
org_users.go Chore: Configure SkipOrgRoleSync from OAuthInfo for OAuth connectors (#79443) 2023-12-15 10:58:08 +01:00
org.go Chore: Port user services to identity.Requester (#73851) 2023-08-28 10:42:24 +02:00
password.go User: Verify external user status for accessing certain user routes (#79909) 2023-12-29 14:23:05 +01:00
playlist.go K8s: Add resource type helper to avoid so many hardcoded names (#79344) 2023-12-11 22:03:48 +02:00
plugin_checks_test.go Chore: Evaluate if an app is disabled for API requests (#79564) 2023-12-15 16:37:39 +01:00
plugin_checks.go Chore: Evaluate if an app is disabled for API requests (#79564) 2023-12-15 16:37:39 +01:00
plugin_dashboards_test.go Chore: Evaluate if an app is disabled for API requests (#79564) 2023-12-15 16:37:39 +01:00
plugin_dashboards.go Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108) 2023-10-06 11:34:36 +02:00
plugin_metrics_test.go Chore: Refactor backend plugin errors (#74928) 2023-09-25 11:56:03 +02:00
plugin_metrics.go Chore: Refactor backend plugin errors (#74928) 2023-09-25 11:56:03 +02:00
plugin_proxy_test.go Plugins: Handle app plugin proxy routes per request (#51835) 2022-08-23 13:05:31 +02:00
plugin_proxy.go RBAC: Cover plugin routes (#80578) 2024-01-17 16:32:23 +01:00
plugin_resource_test.go Plugins: Add Grafana config to app plugin context (#79439) 2023-12-13 10:28:24 +01:00
plugin_resource.go Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108) 2023-10-06 11:34:36 +02:00
plugins_test.go Plugins: Rename externalServiceAuthentication to iam (#78686) 2023-12-04 13:14:21 +01:00
plugins.go Plugins: Display plugin permissions required (#78355) 2023-12-20 16:29:13 +01:00
preferences_test.go Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112) 2023-10-09 16:07:28 +02:00
preferences.go Teams: Move team API to own service (#76347) 2023-10-12 10:10:54 +02:00
quota_test.go MESA: Allow using synced permissions (#71377) 2023-07-12 13:28:04 +03:00
quota.go Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108) 2023-10-06 11:34:36 +02:00
README.md Chore: Update OpenAPI generation README to include bingo instructions (#79104) 2024-01-02 12:48:10 +01:00
render.go Export: Remove no-store headers in pdf and image previews (#78844) 2023-12-18 09:21:57 -03:00
search.go Authz: Remove use of SignedInUser copy for permission evaluation (#78448) 2023-11-22 14:20:22 +01:00
short_url_test.go Chore: Fix goimports grouping in pkg/api (#62419) 2023-01-30 08:18:26 +00:00
short_url.go Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108) 2023-10-06 11:34:36 +02:00
signup.go Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112) 2023-10-09 16:07:28 +02:00
swagger_responses.go PublicDashboards: Add swagger documentation (#75318) 2023-10-30 10:32:07 -03:00
swagger_tags.json Browse Dashboards: Update docs to remove reference to General folder (#74528) 2023-09-08 03:57:16 +01:00
swagger.go Swagger: Show k8s APIs (#78091) 2023-11-15 06:42:35 -08:00
user_test.go Chore: Configure SkipOrgRoleSync from OAuthInfo for OAuth connectors (#79443) 2023-12-15 10:58:08 +01:00
user_token_test.go AuthToken: client token rotation fix (#65709) 2023-03-31 16:44:08 +02:00
user_token.go Auth: Add more context to logs around token rotation, revocation (#78600) 2023-11-23 16:48:54 +01:00
user.go User: Verify external user status for accessing certain user routes (#79909) 2023-12-29 14:23:05 +01:00
utils.go authz: Clean up acl endpoints and dashboard guardian (#73746) 2023-08-24 15:37:54 +02:00

OpenAPI specifications

Since version 8.4, HTTP API details are specified using OpenAPI v2. Starting from version 9.1, there is also an OpenAPI v3 specification (generated by the v2 one using this script).

OpenAPI annotations

The OpenAPI v2 specification is generated automatically from the annotated Go code using go-swagger which scans the source code for annotation rules. Refer to this getting started guide for getting familiar with the toolkit.

Developers modifying the HTTP API endpoints need to make sure to add the necessary annotations so that their changes are reflected into the generated specifications.

Example of endpoint annotation

The following route defines a PATCH endpoint under the /serviceaccounts/{serviceAccountId} path with tag service_accounts (used for grouping together several routes) and operation ID updateServiceAccount (used for uniquely identifying routes and associate parameters and response with them).


// swagger:route PATCH /serviceaccounts/{serviceAccountId} service_accounts updateServiceAccount
//
// # Update service account
//
// Required permissions (See note in the [introduction](https://grafana.com/docs/grafana/latest/developers/http_api/serviceaccount/#service-account-api) for an explanation):
// action: `serviceaccounts:write` scope: `serviceaccounts:id:1` (single service account)
//
// Responses:
// 200: updateServiceAccountResponse
// 400: badRequestError
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError

The go-swagger can discover such annotations by scanning any code imported by pkg/server but by convention we place the endpoint annotations above the endpoint definition.

Example of endpoint parameters

The following struct defines the route parameters for the updateServiceAccount endpoint. The route expects:

  • a path parameter denoting the service account identifier and
  • a body parameter with the new values for the specific service account

// swagger:parameters updateServiceAccount
type UpdateServiceAccountParams struct {
	// in:path
	ServiceAccountId int64 `json:"serviceAccountId"`
	// in:body
	Body serviceaccounts.UpdateServiceAccountForm
}

Example of endpoint response

The following struct defines the response for the updateServiceAccount endpoint in case of a successful 200 response.


// swagger:response updateServiceAccountResponse
type UpdateServiceAccountResponse struct {
	// in:body
	Body struct {
		Message        string                                    `json:"message"`
		ID             int64                                     `json:"id"`
		Name           string                                    `json:"name"`
		ServiceAccount *serviceaccounts.ServiceAccountProfileDTO `json:"serviceaccount"`
	}
}

OpenAPI generation

Developers can re-create the OpenAPI v2 and v3 specifications using the following command:

make swagger-clean && make openapi3-gen

They can observe its output into the public/api-merged.json and public/openapi3.json files.

Finally, they can browser and try out both the OpenAPI v2 and v3 via the Swagger UI editor (served by the grafana server) by navigating to /swagger.

If there are any issues generating the specifications (e.g., diff containing unrelated changes to your PR or unusually large diff), please run the following two commands to ensure your Swagger version is up to date, then re-run the make commands.

  • go install github.com/bwplotka/bingo@latest
  • bingo get swagger