* feat(featuremgmt): introduce feature toggle for enabling sri checks
* feat(frontend): use assetSriChecks feature toggle to inject integrity hash into script tags
* chore(webpack): align sri algorithms across dev and prod builds
* docs(featuremgmt): update assetSriChecks to pass CI
* docs(featuremgmt): fix more spelling complaints with assetSriChecks
* Add crossorigin attribute
* chore(webpack): add subresource-integrity plugin
* build(webpack): wrap webpack jsonp loader integrity checks in feature flag checks
* revert(index.html): remove crossorigin attribute if assertSriChecks is disabled
---------
Co-authored-by: Kristian Bremberg <kristian.bremberg@grafana.com>
What is this feature?
Allows the creation of alert rules with mimirtool in a specified folder.
Why do we need this feature?
Currently, the APIs for mimirtool create namespaces and rule groups in the root folder without the ability to set a custom folder. For example, it could be a special "Imported" folder, etc.
This PR makes it possible with a special header: mimirtool ... --extra-headers="X-Grafana-Alerting-Folder-UID=123". If it's not present, the root folder is used, otherwise, the specified one is used.
mimirtool does not support nested folder structures, while Grafana allows folder nesting. To keep compatibility, we return only direct child folders of the working folder (as namespaces) with rule groups and rules that are directly in these child folders as if there are no nested folders.
For example, given this folder structure in Grafana:
```
grafana/
├── production/
│ ├── service1/
│ │ └── alerts/
│ └── service2/
└── testing/
└── service3/
```
If the working folder is "grafana":
Only namespaces "production" and "testing" are returned
Only rule groups directly within these folders are included
If the working folder is "production":
- Only namespaces "service1" and "service2" are returned
Only rule groups directly within these folders are included
* Add isProvisioned field to model
* Add new isProvisioned column to migration
* Disable auto assignment to organization if the user is provisioned
* add annotation to user model
* add annotation to user models
* Remove IsProvisioned field from Identity
* Move new field assignenment and add default value
* Update annotations for user query results
* Remove isProvisioned from identity
* Add new column to test
* Resolve user from identity at SyncOrgHook
* make it build and start
* run some migrations
* add build tags, remove log
* remove unused code
* revert go.mod changes
* move initialisation into dialect file
* update workspace
* update workspace once again
* clean up dependencies
* further cleanup
* Address some review feedback.
* Fix go.sum.
---------
Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
* login/social/socialimpl: add assertions for usage stats, support bundle and oauthinfo methods
* accesscontrol/acimpl: add tests for GetRoleByName
* anonymous/sortopts: add tests for Sorter
* cloudmigration/gmsclient: add basic test cases for all methods
* shorturls/shorturlimpl: add more edge test cases
* tag/tagimpl: add test to cover duplicate tag kv and nil pairs
* updatechecker: add test cases for module
* feat(auth/JWTAuth): add support for the TlsSkipVerify parameter
* feat(auth/JWTAuth): add param to default.ini and sample.ini
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Expand template testing to try additional scopes if the root scope fails.
This mitigates errors for definitions like pagerduty.default.instances,
which require the .Alerts scope. Added support for .Alerts and .Alert
scopes.
* add column guid to alert rule table and rule_guid to rule version table
+ populate the new field with UUID
* update storage and domain models
* patch GUID
* ignore GUID in fingerprint tests
* Restore feature: wip
* Refactor modal to separate component
* fix restoring from the drawer
* rename components folder to version-history, and move version-utils.file there
* skip fetching rule when uid is empty, add returnTo when restoring manually
* Fix drawer fetching infinitely
* Move drawer to separate file
* add tracking for restore success and restore failure
* Fix name of error interaction
* Add `compare` to each row in version history
* Add warning when manually restoring and trigger form validation
* Fix initial validation for contact point selector
* Wait for successful fetch before potential error
* Add disabled state when loading
* Fix loading check for contact point selector
* Fix typo
* Move hook to separate file and move other method into utils
* Update imports and remove manual state management
* Fix infinite render
* Remove onError from dep array
* Use separate flag for showing manual restore alert
* Rename to createdAt
* add and use ability to restore to check if retore is allowed
* Fix test and add isGrafanaManagedAlertRule to the ability check
* Address PR feedback
* Change to isManualRestore for trigger check
* udpate AlertRuleAction.Restore ability
* make the alertingRuleVersionHistoryRestore ff , enabled by default
* fix ff
---------
Co-authored-by: Tom Ratcliffe <tom.ratcliffe@grafana.com>
Initially, Metadata had only the EditorSettings, and HasMetadata was used to understand if the incoming update request had metadata in the body because it could be omitted if it was empty. For example, when the rule is updated via the provisioning API or has only false values. If it was in the request, we used that; if not, we used the metadata from the existing rule from the database. If the rule was updated via the AlertRuleService, we didn't change Metadata at all if the rule already existed.
But now, Metadata also has the Prometheus rule definition, and we always need to update it with the new version of the AlertRuleService when the rule exists in the DB and has the same UID. HasMetadata is renamed to HasEditorSettings to keep the old behaviour only for EditorSettings.
Now, the provisioning API and the conversion API will overwrite everything except EditorSettings with the new data.
When you use a math expression with out any operators, the dataFrame pointer is identical between the expression result and the input query/expression.
This was resulting in the values returned from an evaluation overshadowing each other, depending on the order of the processing of the result map.
For example:
```
A: some_metric
B: reduce of A
C: math expression -> "${B}"
D: Threshold evaluation of C -> "C > 0"
```
With a value of 1 for `some_metric`, might result in a evaluation result of one of the following (somewhat at random):
1. { B: 1, D: 1 }
2. { C: 1, D: 1}
While you would expect to see:
{ B: 1, C: 1, D: 1 }
update scheduler's aler rule to accept regular Evaluation in update channel
This makes it accept the full rule definition, which is required in reset state.
* RBAC: Remove accessControlOnCall feature toggle
* Leave the other one in place
* Tests
* frontend
* Readd empty ft to frontend test
* Remove legacy RBAC check
* Fix test
* no need for context
* Remove unused variable
* Remove unecessary param
* remove unecessary param from tests
* More tests :D
What is this feature?
Adds an API endpoint to create alert rules with mimirtool:
- POST /convert/prometheus/config/v1/rules/{NamespaceTitle} - Accepts a single rule group in a Prometheus YAML format and creates or updates a Grafana rule group from it.
The endpoint uses the conversion package from #100224.
Key parts
The API works similarly to the provisioning API. If the rule does not exist, it will be created, otherwise updated. Any rules not present in the new group will be deleted, ensuring the group is fully synchronized with the provided configuration.
Since the API works with namespace titles (folders), the handler automatically creates a folder in the root based on the provided title if it does not exist. It also requires a special header, X-Grafana-Alerting-Datasource-UID. This header specifies which datasource to use for the new rules.
If the rule group's evaluation interval is not specified, it uses the DefaultRuleEvaluationInterval from settings.
* add alertUID to annotations API query parameter
* update state history UI to fetch rule by UID
---------
Signed-off-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Jack Westbrook
Alexander Akhmetov
Stephanie Hingtgen
Ryan McKinley
Ieva
Charandas
linoman
Serge Zaitsev
Matheus Macabu
Filip "Ret2Me" Poplewski
Matthew Jacobson
Yuri Tseretyan
Todd Treece
Sonia Aguilar
Moustafa Baiou
Leonor Oliveira
Karl Persson
Adela Almasan
Sven Grossmann
Gabriel MABILLE
Eric Leijonmarck
maicon
Will Assis
Pepe Cano
Santiago
Agnès Toulet