* Add a CI step for checking app SDK codegen status
What
This commit adds a CI step for checking the status of code generated
with Grafana App SDK. The step fails if there is a git diff as a result
of the codegen step.
It also updates generated code to make sure we're starting from a
correct state.
Why
This ensures that when the schemas or the SDK version are updated, the
codegen mismatch is caught early at the PR stage.
Signed-off-by: Igor Suleymanov <igor.suleymanov@grafana.com>
* Format generated code
Signed-off-by: Igor Suleymanov <igor.suleymanov@grafana.com>
---------
Signed-off-by: Igor Suleymanov <igor.suleymanov@grafana.com>
* fix path
* fetch depth
* fix missing env var
* limit fetch depth to just 100 commits
* specify version env var
* fix path
* set versions var
* update npm
* Initial npm-publish workflow
* Validate version type and version match, typecheck packages before building, set npm tag
* quote GITHUB_OUTPUT
* codeowners
* fix syntax in release-build
* only tag the latest version with latest
* don't require NPM_TOKEN env var to be set if using OIDC
* put comment back
* tighten script
* Codeowners
* Use workflow_call for canaries, Rename workflow to match release-build
* codeowners
* get trace-view-scrolling working in playwright
* almost fix frontend-sandbox-datasource test
* properly fix frontend-sandbox-datasource tests
* convert migrate-to-cloud to playwright
* prometheus-variable-editor tests in playwright
* enable prometheus-config tests in playwright
* run on frontend changes
* skip test
* remove various-suite
* make cgo optional for sqlite
* update go.mod; check error code differently
* reduce api surface even more
* move test errors into sqlite package
* CGO_ENABLED=0 in unit tests
* disable for enterprise, too
* add driver name constant
* remove unused constants
* make test an integration one
* try integration tests without cgo
* implement error codes for modernc sqlite driver
* typo fix
* missing return
* use error pointer as an interface
* alias the driver
* update workspace, check for test errors too
* check error properly
* add missing driver after rebase
* fix missing import after rebase
* debugging, lets try again
* properly parse options, revert many previous changes
* remove another log
* better url parsing
* revert test rename, leave it for later
* revert reusedSession in unistore
* revert more code
* remove driver name
* revert formatting
* add integration test without cgo for sqlite
* remove tracing and logging
* bring driver alias back
* fix type
* wrong package
* remove build size from ci scripts, test adding a github action step
* generate pa11y results file
* setup node
* don't need grabpl
* get key from vault
* doublequote env var
* write node script for publishing
* update CODEOWNERS
* add some logging
* yarn install...
* tidy up
* only on main branch
* add api client verification to lint step
* separate steps, clearer error messages
* make same change to non-enterprise version
* double-quote
* ignore conf
* update generated apis
* add names for steps
* fix comment
* GHA: Use equivalent self-hosted runners for BE unit tests Enterprise
* GHA: Use standard runners for BE unit tests OSS
* GHA: Use equivalent self-hosted runner for ephemeral env action
* GHA: Use self-hosted runners and adjust shards for BE integration tests
* GHA: Upgrade BE integration test Postgres from 12 to 17
* GHA: Upgrade BE integration test MySQL from 8.0.32 to 8.0.43
* add github workflow scaffolding
* update comments
* Add image and resource commands
* Add secrets paths
* Block workflow run for forks
* ignore via package.json, update CODEOWNERS
* fix workflow path
* remove old azure monitor test
* pull docker image first
* add permissions for docker pull step
* checkout first
* keep creds file
* try all in one job
* with creds...
* add cloud: 'azure'
* pass CLOUD to docker
* add -playwright
* actually use the env vars
* don't need to pass CLOUD env var
* remove commented out code and tidy up
* kick CI
* Update container names and set PLAYWRIGHT_CI
* Update path
* fix zizmor violation
* use bigger runner, add double quoting
* add separate command and increase timeout
* remove timeout
* parameterise the e2e command in CI
* move cloud-plugins-e2e-tests into normal e2e test workflow
* fix detect changes
* pass creds into dagger
* try remove quotes
* add a debug log
* exec playwright command after mounting file
* reassign e2eContainer, add change to check the tests fail correctly
* fix test
---------
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
Fix reusable workflow reference in release-comms
Use full repository path for create-security-branch workflow
to resolve linter errors about unable to find reusable workflow.
Replace github.actor with github.event.pull_request.user.login to prevent
actor context spoofing in pull requests from forks. This ensures only
genuine Dependabot PRs can trigger the workspace update workflow.
Fixes zizmor security finding with Medium confidence level.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
