When creating silences in remote Alertmanager instances, all 4xx errors were treated as 500s.
This change ensures that 4xx errors are properly surfaced as bad payload errors, allowing callers to handle them appropriately.
* Add delete and update hooks for roles/core roles
no need to capture non reference types
small cleanup on vars
* fix ticket priming in hooks
* fix ticket priming in hooks
* Revert "fix ticket priming in hooks"
This reverts commit f8e953ca09.
* use old testing blocks
* protect runtime obj in go func
* update test for correctness
* separate files for test correctness. fix leaking goroutines in go tests
* go workspace fixes
* attribute owner
* clean up go mod
* [API Server] Add Example App for reference use.
* Remove Printlns.
* Upgrade app-sdk to v0.46.0, update apps to handle breaking changes.
* Only start the reconciler for the example app if the v1alpha1 API version is enabled.
* Some comment doc updates.
* Run make update-workspace
* Set codeowner for /apps/example
* Run make gofmt and make update-workspace
* Run prettier on apps/example/README.md
* Add COPY apps/example to Dockerfile
* Add an authorizer to the example app.
* Fix import ordering.
* Update apps/example/kinds/manifest.cue
Co-authored-by: Owen Diehl <ow.diehl@gmail.com>
* Run make update-workspace
* Re-run make gen-go for enterprise import updates
* Run make update-workspace
---------
Co-authored-by: Owen Diehl <ow.diehl@gmail.com>
- Added gms_pure_go build tags to disable cgo - (cgo was added to GMS since we last updated it)
- Docs note on regex limitations
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com>
* Add enterprise hooks
* wip...
* undo
* update wire gen
* remove old hook thing
* move build info into seperate func
* align fs context middleware with grafana, setting SignedInUser
* Call IndexDataHooks to get modified build info
* update tests
* go workspace
* idk, reset workspace files or whatever
* conditionally mount license
* support loading decoupled plugins from cdn
---------
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* wip
* wip
* wip
(cherry picked from commit 8cedf25892)
* Search seems to be working, the validation is still wip
* Use keyword.Name analyzer for Filterable fields
* Only string fields should be indexed with keyword analyzer
* Change search query for email and login fields to use term query
* Remove unnecessary Exact from the resource protobuf definitions
Co-Authored-By: Ryan McKinley <ryantxu@gmail.com>
* Add legacy search support to the API
* Tests for legacy search, validate and integration tests for user
* Lint
* Add snapshot tests to userDocumentBuilder
* Address CodeQL issues
* Improvements, handle Mode2, tests should pass
* Change default limit from 0 to 1 for requests
* Cleanup
* Add fixme
* Update pkg/registry/apis/iam/register.go
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
* Update pkg/registry/apis/iam/user/legacy_search.go
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
* implement the update method for team bindings
* fix lint error
* add integration tests
* add integration test for non existing team binding
* try to fix lint error
As part of migrating Grafana's authorization system to Zanzana (OpenFGA), we need to ensure that role permissions defined in the IAM API are automatically synced to the authorization backend. Without this sync, roles created through the API would not be enforced by Zanzana, creating an inconsistency between defined permissions and actual authorization decisions.
This is a critical piece of the dual-write pattern during the migration to Zanzana, ensuring that:
Role permissions are immediately available for authorization checks
The legacy RBAC system and new Zanzana system remain in sync
Users experience consistent permission enforcement regardless of which backend is queried
safe to revert
* Skip informers if Provisioning disable controllers is enabled
* Hydrate requester correctly for Grafana Live
* revert to old code because eventualRestConfig provider issues
---------
Co-authored-by: Charandas Batra <charandas.batra@grafana.com>
* fix: SQLite truncate with retry/backoff on busy/locked errors
* fix: use retryer package for retrying SQLite TruncateDBTables
* fix: use dskit/backoff package to return last error
* fix: do not log number of attempts
Alexander Zobnin
Georges Chaudy
Ryan McKinley
Kyle Brandt
Moustafa Baiou
Jo
Austin Pond
Yuri Tseretyan
Gilles De Mey
Kevin Minehart
Mihai Turdean
Andreas Christou
Josh Hunt
Denis Vodopianov
Ieva
Matheus Macabu
Ashley Harrison
Todd Treece
Mihai Doarna
Gareth
Gábor Farkas
Costa Alexoglou
Misi
Selene
Rafael Bortolon Paulovic
Peter Štibraný
Tania
xavi
Serge Zaitsev
Andres Martinez Gotor
Hugo Häggmark
Roberto Jiménez Sánchez
Dave Henderson
Rafael Bortolon Paulovic