Auth: Introduce authn.SSOClientConfig to get client config from SSOSettings service (#94618)
* wip
* possible solution
* Separate interface for SSO settings clients
* Rename interface
* Fix tests
* Rename
* Change GetClientConfig to comma ok idiom
(cherry picked from commit 50a635bc7e)
Chore: Revert golangci PR + bump golangic version (#96326)
* Chore: Clean up some excludes and fix makefile (#96052)
clean up some excludes and fix makefile
* Chore: Enable cache on golangci linter (#95471)
* try to enable cache on golangci linter
* bump version
* exclude G115
* reduce timeout
* remove deprecated linter
* bump linter version in bingo
* try a different syntax for workspace modules
* try another command
* add apps to linter path
* try disabling cue codegen
* skip some linting in devenv
* exclude dirs and try again
* try workaround for pkg
* try path instead of dir
* make it one line
* replace package prefix
* exclude xorm
* exclude wire
* file-based aproach to nolint in workspaces
* missing quote
* simplify command line
* change ownership
* upgrade linter
* revert bingo readme
* revert devenv changes
* upgrade golint
* use dashes to stay consistent with other workflows
* also change name in its own workflow file
* rename in codeowners
(cherry picked from commit 3dbd3a7a81)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
* Alerting: Re-encrypt existing contact points before get and patch in legacy config API (#101263)
* Test covering Get+Save interaction for newly secret fields
* Alerting: Re-encrypt existing contact points before get and patch
(cherry picked from commit b73c59547c)
* googlechat url test fix
(cherry picked from commit 0f4af56177)
* Service Accounts: Don't show error pop-ups for Service Account and Renderer UI flows (#101679)
don't show error pop-ups for SAs and renderer
(cherry picked from commit f0d260ba5b)
* Service Accounts: Don't show error pop-ups for Service Account and Renderer UI flows (#101776)
* don't show error pop-ups for SAs and renderer
* only hide non 4xx error pop'ups
* linting
(cherry picked from commit 392124de00)
* [release-11.4.2] Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1
Backport from #95807
(cherry picked from commit ec33c739a8)
* Run make update-workspace
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com>
CI: Remove unused release_publisher scripts (#101019)
* Remove the unused `release_publisher` script.
* Remove the "whats new check" in Drone.
* Automatically set the What's New URL in releases based on the tagged version.
(cherry picked from commit 49e5f77dd1)
Plugin Metrics: Eliminate data race in plugin metrics middleware (#99396)
fix: eliminate data race in plugin metrics middleware
A data race was detected when multiple goroutines accessed the `MetricsMiddleware`
simultaneously. The race occurred because a single `MetricsMiddleware` instance
was being shared across goroutines while its `BaseHandler` field was being
modified during middleware chain setup.
Fix by creating a new `MetricsMiddleware` instance for each middleware chain,
while safely sharing the thread-safe Prometheus metrics and plugin registry.
This maintains proper metrics collection while eliminating the mutable shared
state that caused the race condition.
Original error was detected here:
```
WARNING: DATA RACE
Read at 0x00c0039c0790 by goroutine 4486:
github.com/grafana/grafana-plugin-sdk-go/backend.(*ErrorSourceMiddleware).CallResource()
/Users/clord/src/grafana/irm-devstack/.devenv/state/go/pkg/mod/github.com/grafana/grafana-plugin-sdk-go@v0.261.0/backend/error_source_middleware.go:93 +0x40
github.com/grafana/grafana-plugin-sdk-go/backend.BaseHandler.CallResource()
...
```
(cherry picked from commit e74cf72d99)
Co-authored-by: Christopher Lord <christopher.lord@grafana.com>
MSSQL: Correctly type `UDPConnectionLimit` (#99011)
* Correctly type UDPConnectionLimit
* Update tests
* Handle legacy case
(cherry picked from commit cc09f38421)
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
* feat: update to Go 1.23.5
* chore: make drone
* chore: make update-workspace
* CI: Force re-build
* build: update mariadb connection
The new Alpine base that the Golang images are built on no longer trust the CA of MySQL.
This is a backport of: https://github.com/grafana/grafana/pull/98857
(cherry picked from commit e1bb8ccb79)
* Azure Monitor: Add a feature flag to toggle user auth for Azure Monitor only (#96858)
* Azure Monitor: Add a feature flag to toggle user auth for Azure Monitor only
* Fix condition for userIdentityEnabled
* Re-add removed test
* Remove unused prop
* Refactor onAuthTypeChange in AzureCredentialsForm
* Add frontend unit tests
* Lint
(cherry picked from commit b898a4540d)
# Conflicts:
# docs/sources/setup-grafana/configure-grafana/feature-toggles/index.md
# packages/grafana-data/src/types/featureToggles.gen.ts
# pkg/services/featuremgmt/registry.go
# pkg/services/featuremgmt/toggles_gen.csv
# pkg/services/featuremgmt/toggles_gen.go
# pkg/services/featuremgmt/toggles_gen.json
* Update test
* Fix lint
---------
Co-authored-by: Adam Yeats <16296989+adamyeats@users.noreply.github.com>
* Azure/GCM: Improve error display (#96921)
Improve handling of errors
(cherry picked from commit 9f75a448d4)
* Update import and var name
---------
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
Unified Storage: Use tls preferred when grafana db using ssl (#97378)
When unified storage is using the grafana db (default case for on-prem), if the db is using ssl then set tls=preferred. This fixes an on-prem bug in 11.3.1.
(cherry picked from commit 9642eedce6)
Co-authored-by: owensmallwood <owen.smallwood@grafana.com>
* Alerting: Update state manager to have immutable state in cache (#95985)
* create a new state and set at the end
* propagate labels datasource_uid and ref_id from current state if it's error
* copy the state when apply to all
(cherry picked from commit 420db99d16)
* Remove unused states variables
---------
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Alerting: Fix per-receiver RBAC for receivers with long names (#95084)
* Implement uidToResourceID
* add middleware
* Move uidToResourceID to alerting package
* Only hash uid if it's too long
* Use hashed uid in access control
* Move ReceiverUidToResourceId to ScopeProvider
* resolve uid in middleware only if param exists
* Tests
* Linting
---------
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
(cherry picked from commit 4aad44e848)
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Alerting: Fix saving advanced mode toggle state in the alert rule editor (#95924)
(cherry picked from commit 4ce1abc6f9)
Co-authored-by: Alexander Akhmetov <me@alx.cx>
Unified Storage: Use ssl_mode instead of sslmode (#95658)
change unistore to use ssl_mode instead of sslmode
(cherry picked from commit 76b43267c8)
Co-authored-by: Georges Chaudy <chaudyg@gmail.com>
Migration: Remove table aliasing in delete statement to make it work for mariadb (#95226)
Migration: remove table aliasing in delete statement to make it work in mariadb
(cherry picked from commit 6f7528f896)
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Service Accounts: Run service account creation in transaction (#94744)
* run service account creation DB queries in transaction
* extract the signed in user from the context
* undo unneeded change
* don't error out if a user is not found
* Update pkg/services/serviceaccounts/manager/service.go
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Update pkg/services/serviceaccounts/manager/service.go
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
---------
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
(cherry picked from commit ca1fd028a2)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Folders: Add admin permissions upon creation of a folder w. SA (#95072)
* add admin permissions upon creation of a folder w. SA
* Update pkg/services/folder/folderimpl/folder.go
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Grant service account permissions for creation of dashboards
* Grant service account admin permissions upon creating a datasource
* fetch user using the userservice with the userid
* Revert "fetch user using the userservice with the userid"
This reverts commit 23cba78752.
* revert back to original datasource creation
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
(cherry picked from commit 9ab064bfc5)
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Auth: Increase name_id and session_id length to 1024 in user_external_session (#95352)
Increase name_id and session_id length to 1024
(cherry picked from commit b8b7c7901c)
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Azure: Fix duplicated traces in multi-resource trace query (#95156)
Use first resource as base resource for query
(cherry picked from commit 8bb7475e4f)
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
Chore: Fix population of details when converting from errutil errors to K8s error (#94996)
(cherry picked from commit 672d5f92f2)
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Alerting: Fix time-interval conversion to return bad request if payload is incorrect (#94995)
(cherry picked from commit 00bb3215cb)
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Misi
Karl Persson
Denis Vodopianov
Jack Baldry
Matthew Jacobson
Ieva
Matheus Macabu
Witek Bedyk
Kevin Minehart
xavi
Jev Forsberg
github-actions[bot]
Todd Treece
grafana-delivery-bot[bot]
Yuri Tseretyan
Mariell Hoversholm
Andreas Christou
Alexander Akhmetov
lean.dev
Fayzal Ghantiwala
Sam Jewell