OAuth: Make sub claim required for generic oauth behind feature toggle (#85065)
* Add feature toggle for sub claims requirement
* OAuth: require valid auth id
* Fix feature toggle description
(cherry picked from commit 2f3a01f79f)
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Chore: Vendor wire into pkg/build (#84637)
* vendor latest wire into pkg/build
* use vendored wire in builds
* fix wire import path
* remove wire from bingo
* also support google/wire import
* make prettier happy
* change package in tess
* add debug walk for drone
* add wire_gen in tests
* remove debug walk
* restore imports
(cherry picked from commit 4d4c06b480)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
samlsettings: api integration (#84300)
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* Move SAML strategy to ssosettings service
* Update codeowners file
* reload from settings provider
* add saml as configurable provider
* Add new SAML strategy
* rename old saml settings interface
* update saml string references
* use OSS license
* validate saml provider depends on license for List
* add tests for list rendering including saml
* change the licensing validation to service init
* replace service struct for provider
(cherry picked from commit fc205db466)
Co-authored-by: linoman <2051016+linoman@users.noreply.github.com>
Alerting: Fix evaluation metrics to not count retries (#85873)
* Change evaluation metrics to only count once per eval, and add new metrics.
* Cosmetic: Move eval total Inc() to orginal place.
(cherry picked from commit ad7f804255)
Co-authored-by: Steve Simpson <steve.simpson@grafana.com>
InfluxDB: Fix panic when reading concurrency count during influxql health check (#85771)
fix panic when reading concurrency count during influxql health check
(cherry picked from commit 96f49bfaee)
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
PostgreSQL: Fix the verify-ca mode (#85530)
postgres: fix the verify-ca problem
(cherry picked from commit 8a15ed42ae)
Co-authored-by: Gábor Farkas <gabor.farkas@gmail.com>
Loki: Remove API restrictions on resource calls (#85191)
Loki: Remove API restrictions
(cherry picked from commit c80b31a0d4)
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
Revert "Postgres: Switch the datasource plugin from lib/pq to pgx (#8… (#85509)
Revert "Postgres: Switch the datasource plugin from lib/pq to pgx (#83768)"
This reverts commit ecd6de826a.
(cherry picked from commit 8159e1db3a)
Co-authored-by: Gábor Farkas <gabor.farkas@gmail.com>
RBAC: Fix slow user permission search query on MySQL (#85058)
* Bench testing search user perm
* Add BenchmarkSearchUsersPermissions_1K_1K
* Clarify benchmark searches by action prefix
* Make MySQL more efficient
* Move all filter options
* Expand after assignments union
* update comments
(cherry picked from commit 5e48804364)
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Plugins: Send PDC file paths and contents for backwards compatibility (#85287)
* send paths and contents
* go work sync
(cherry picked from commit 1a0ac381eb)
Alerting: Fix receiver inheritance when provisioning a notification policy (#82007)
Terraform Issue: grafana/terraform-provider-grafana#1007
Nested routes should be allowed to inherit the contact point from the root (or direct parent) route but this fails in the provisioning API (it works in the UI)
(cherry picked from commit 2188516a21)
Co-authored-by: Julien Duchesne <julien.duchesne@grafana.com>
SQLEngine: Use `debug` method instead of custom implementation (#85118)
Use debug method instead of custom implementation
(cherry picked from commit 19159a89a2)
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
* add feature toggle usePrometheusFrontendPackage
* add feature toggle logic to Prometheus module
* use config editor with package and remove configOverhaul feature toggle
* update betterer because we will be removing other files as we replace with files from @grafana/prometheus
* fix exemplar ds picker selector
* add more description to ts-ignore
* remove go.work.sum change
* copy go.work.sum from main
* update go.work.sum after talking with ismail
* put back the promlib entry
---------
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
Public dashboards: fix public dashboard permissions so that annotations are displayed (#85091)
* fix public dashboard anonymous user permissions so they include the new annotation permissions
* test fix
(cherry picked from commit df40e13333)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* allow users with regular actions access provisioning API paths
* update methods that read rules
skip new authorization logic if user CanReadAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* create deltas for single rul e
* update modify methods
skip new authorization logic if user CanWriteAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* implement RuleAccessControlService in provisioning
* update file provisioning user to have all permissions to bypass authz
* update provisioning API to return errutil errors correctly
---------
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
* Prometheus: remove scope dependency
temp workaround
* depguard
* comment
* remove rules since they need a newer version of golangci-lint
---------
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
* server: reload of grafana server certs when renewed without restart.
Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
* server: reload of grafana server certs when renewed without restart.
Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
* Update http_server.go
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update http_server.go
Address the comments
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Dan Cech <dan@aussiedan.com>
* Update http_server.go
Align the spaces
* Update http_server.go
* Update http_server.go
* Update pkg/api/http_server.go
Co-authored-by: Dan Cech <dan@aussiedan.com>
---------
Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
* Alerting: Implement ApplyConfig for remote primary mode (forked AM)
* add TODO for saving the config hash in other config-related methods
* fix bad method receiver name (m -> am)
* tests
* add mutex
* remove sync loop
grafana-delivery-bot[bot]
Andreas Christou
Darren Janeczek
Misi
Marcus Efraimsson
Will Browne
Karl Persson
Ryan McKinley
Charandas
Brendan O'Handley
Matthew Jacobson
Yuri Tseretyan
Sofia Papagiannaki
Ezequiel Victorero
ismail simsek
Tristan
Timur Olzhabayev
Kyle Brandt
Eric Leijonmarck
Leon Sorokin
chalapat
Juan Cabanas
Jean-Philippe Quéméner
Santiago