* expr: Add row limit to SQL expressions
Adds a configurable row limit to SQL expressions to prevent memory issues with large
result sets. The limit is configured via the `sql_expression_row_limit` setting in
the `[expressions]` section of grafana.ini, with a default of 100,000 rows.
The limit is enforced by checking the total number of rows across all input tables
before executing the SQL query. If the total exceeds the limit, the query fails
with an error message indicating the limit was exceeded.
* revert addition of newline
* Switch to table-driven tests
* Remove single-frame test-cases.
We only need to test for the multi frame case. Single frame is a subset
of the multi-frame case
* Add helper function
Simplify the way tests are set up and written
* Support convention, that limit: 0 is no limit
* Set the row-limit in one place only
* Update default limit to 20k rows
As per some discussion here:
https://raintank-corp.slack.com/archives/C071A5XCFST/p1741611647001369?thread_ts=1740047619.804869&cid=C071A5XCFST
* Test row-limit is applied from config
Make sure we protect this from regressions
This is perhaps a brittle test, somewhat coupled to the code here. But
it's good enough to prevent regressions at least.
* Add public documentation for the limit
* Limit total number of cells instead of rows
* Use named-return for totalRows
As @kylebrandt requested during review of #101700
* Leave DF cells as zero values during limits tests
When testing the cell limit we don't interact with the cell values at
all, so we leave them at their zero values both to speed up tests, and
to simplify and clarify that their values aren't used.
* Set SQLCmd limit at object creation - don't mutate
* Test that SQL node receives limit when built
And that it receives it from the Grafana config
* Improve TODO message for new Expression Parser
* Fix failing test by always creating config on the Service
The remote write path differs based on whether the data source is actually
Prometheus, Mimir, Cortex, or an older version of Cortex. We do not want
users to have to specify the path, so this change determines the path as
best it can.
It may be in the future we have to make this configurable per-datasource
to cater for setups where it's impossible to determine the correct path.
* Alerting: Allow selection of recording rule write target on per-rule basis.
Introduces a new feature flag (`grafanaManagedRecordingRulesDatasources`),
disabled by default, to enable the ability to write recording rules data using
data source settings, and selecting the data source to use on a per-rule basis.
To cope with the scenario of users upgrading, a configuration file option
allows setting the default data source to use, if none is specified in the rule,
emulating the behaviour of recording rules without the flag enabled.
* Lint
* Update conf/sample.ini
Co-authored-by: Alexander Akhmetov <me@alx.cx>
---------
Co-authored-by: Alexander Akhmetov <me@alx.cx>
* feat(auth/JWTAuth): add support for the TlsSkipVerify parameter
* feat(auth/JWTAuth): add param to default.ini and sample.ini
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
* Auth: Add IP address login attempt validation
* LoginAttempt struct IpAddress field must be camelCase to match db ip_address column
* add setting DisableIPAddressLoginProtection
* lint
* add DisableIPAddressLoginProtection setting to tests
* add request object to authenticate password test
* nit suggestions & rename tests
* add login attempt on failed password authentication
* dont need to reset login attempts if successful
* don't change error message
* revert go.work.sum
* Update pkg/services/authn/clients/password.go
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
---------
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Explore: Add `disableLogsDownload` and hide button to download logs
* change copy
* Explore: Change `disableLogsDownload` to `hide_logs_download`
* change casing in frontend
* also hide from inspector
* add test
* lint
* WIP benchmark dashboard rendering
* Script
* Benchmark with variable and a panel
* Add one more benchmark
* Explicitely enable profiling
* Playwright tests
* update scenes
* Report measurement to faro when config set
* Let user enable metrics reporting in UI
* Fix logging
* Change how performance metrics is enabled per dashboard, now in config file only
* add benchmark run option
* Fix benchmark runs
* fix description for performance config
* remove console.log
* update codeowners
* add back crashDetection init that was lost in merge
* fix yarn.lock
* restore custom.ini
* fix import
* Make sure we have the echoSrv
* fix config type
* Try to limit changes to e2e runs
* remove benchmark
* Fix lint issue
* fix codeowners
---------
Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
Co-authored-by: Sergej-Vlasov <sergej.s.vlasov@gmail.com>
* added changes for rebase
* ran go mod tidy and ran a build
* ran a build
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* updated go.work.sum to upstream
* added newline to match upstream
* added more specificity in documentation
---------
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Zanzana: Setup GRPC authentication in client/server mode
* don't use grpcutils
* refactor
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Add a namespace stub for in-proc mode
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Read parameters from config
* authorize server requests
* add namespace to the tests context
* use stack id from config
* simplify authorize func
* properly format namespace
* return Unauthenticated if namespace is empty
* use insecure cred only in dev env
* check request namespace
* Use CallCredentials API for client auth
* provide config
* fail if stack id is missing
* improve error message
* use insecure connection by default
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Datasources: Add toggle to control default behaviour of 'Manage alerts via Alerts UI' toggle
* Update documentation with suggestions
Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>
* Wire up sprinkles to oss and enterprise. Fetching sprinkles not implemented yet.
* Adds wireset for initializing document builders. Had to init it when creating the service to avoid cyclical imports.
* updates to int64 for stats
* adds config for sprinklesApiServer and gets sprinkles from there when its present
* add comment for later
* adds feature toggle for sprinkles. returns empty results when flag not enabled.
* adds unified storage config setting for sprinkles apiserver page limit
* fixes bug where dashboard uid was not getting set
* when creating dashboard summary, use metadata.name as the dashboard uid
* cleans up wire. use existing oss and enterprise sets to generate doc builders
* remove old wireset
* fix linter - adds missing arg for doc builders
* update dashboard stats in tests
* updates test-data dashboards
* log a warning instead of returning an error if we can't get sprinkles for a namespace
* dont read uid from dashboard json
Currently the default is 1, this means that by default users will see transient
query errors reflected as alert evaluation failures, when often an immediate
retry is sufficient to evaluate the rule successfully.
Enabling retries by default leads to a better experience out of the box.
* Adds back indexer metrics. Uses config values instead of hardcoded ones.
* cast to int64
* remove unused func
* Index metrics impl doesn't depend on Bleve. Adds a TotalDocs func to SearchBackend interface.
* adds config setting for index_min_count
* rename arg
* rename metric label to namespace instead of slug
* adds default "do nothing" case to satisfy linter
* moves bleve index metrics to search package
* make bleve backend private, dont need to pass in prom reg
* imports
* adds bleve metrics to resource package to avoid circular deps
* Add setting to adjust number of login attempts before user login gets locked
* Ensure at least one attempt can be made
* Update documentation with new setting
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
* Initial streamed version of list
* instantiate openfga client to use StreamedListObjects
* Add config option for using streamed version
* Use caching
* fix cache init
* Fix hashing
* refactor
* initial passwordless client
* passwordless login page
* Working basic e2e flow
* Add todo comments
* Improve the passwordless login flow
* improved passwordless login, backend for passwordless signup
* add expiration to emails
* update email templates & render username & name fields on signup
* improve email templates
* change login page text while awaiting passwordless code
* fix merge conflicts
* use claims.TypeUser
* add initial passwordless tests
* better error messages
* simplified error name
* remove completed TODOs
* linting & minor test improvements & rename passwordless routes
* more linting fixes
* move code generation to its own func, use locationService to get query params
* fix ampersand in email templates & use passwordless api routes in LoginCtrl
* txt emails more closely match html email copy
* move passwordless auth behind experimental feature toggle
* fix PasswordlessLogin property failing typecheck
* make update-workspace
* user correct placeholder
* Update emails/templates/passwordless_verify_existing_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_existing_user.mjml
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.mjml
Co-authored-by: Dan Cech <dcech@grafana.com>
* use & in email templates
* Update emails/templates/passwordless_verify_existing_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove IP address validation
* struct for passwordless settings
* revert go.work.sum changes
* mock locationService.getSearch in failing test
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
* Improves initial indexing speed. Makes params configurable.
* fix linter errors
* removes kind param
* updates index test
* remove println from test
* removes error check in test
* adds log for high index latency ands updates max goroutine var with workers config var
* fix test timing out - set worker limit
* set the batch size
---------
Co-authored-by: Scott Lepper <scott.lepper@gmail.com>
* Remove SettingProvider settings from SSO interactions
* Mock Settings Provider for SSO Settings test
* Ignore error from SettingsProvider
* Add test for backend
* Use a enable configuration to enable frontend sandbox
* Modify settings to load enableFrontendSandbox
* Check for signature type
* Update commment
* Fix e2e tests for the frontend sandbox
* Modify logic so a custom check function is used instead of a list of checks
* Fixes flaky test
* fix comment
* Update comment
* Empty commit
* Empty commit
