public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,926 Commits 655 Branches 650 Tags
c33a53a47a8a2bb582cd42ed954d892369e2ea13
Commit Graph

994 Commits

Author SHA1 Message Date
Mariell Hoversholm 07bfa602f2 App Platform: Pin bleve to fix CVE-2022-31022 (#102513) 
This pins Bleve to a soon-to-be v2.5.0 commit.

Fixes CVE-2022-31022. We can unpin when v2.5.0 releases (likely March 25th).
We do not need any new features or similar, though there are some fixes that are nice to receive.

We will **not** backport this fix as we aren't actually vulnerable to anything via CVE-2022-31022; we never use its code, nor does Bleve. The reason we are fixing this is to get Trivy to stop complaining.

Fixes: #97439
 2025-03-20 11:19:57 +01:00
Matthew Jacobson 371ea5cda7 Alerting: Fix loss of TimeInterval location on remote AM apply (#102510) 
* Alerting: Fix loss of TimeInterval location on remote AM apply

deepcopy.Copy does not correctly copy PostableUserConfig because it ignores
unexported fields. As a result, TimeInterval locations default to UTC instead
of retaining their original values.

* make update-workspace
 2025-03-20 09:54:33 +01:00
Matheus Macabu 3aba5cb2b7 SecretsManager: Bootstrap API service (#102444) 
Co-authored-by: Dana Axinte <53751979+dana-axinte@users.noreply.github.com>
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
 2025-03-19 13:41:29 +01:00
Ryan McKinley 261d7db0e6 Live: Update centrifuge and remove unreleased "gitops" (#102256) 2025-03-17 18:55:00 +02:00
Igor Suleymanov 424a178d96 Update dependencies for Grafana submodules (#102296) 
* Update dependencies for Grafana submodules

Signed-off-by: Igor Suleymanov <igor.suleymanov@grafana.com>

* Update workspace

Signed-off-by: Igor Suleymanov <igor.suleymanov@grafana.com>

* Update owners

* Fix code owners of the dependency

Signed-off-by: Igor Suleymanov <igor.suleymanov@grafana.com>

---------

Signed-off-by: Igor Suleymanov <igor.suleymanov@grafana.com>
Co-authored-by: leonorfmartins <leonorfmartins@gmail.com>
 2025-03-17 16:23:57 +02:00
Will Browne 8d839780d6 Plugins: Update to latest go plugin SDK version (0.272.0) (#102090) 
update go plugin sdk to latest
 2025-03-13 10:23:30 +00:00
Selene e128c36127 Codegen: Cog and go fixes (#101408) 
* Update to latest cog version and update workspaces

* Update generated go files

* Try to avoid concurrency issues

* Update workspaces

* Try to remove the sync...

* Remove grafana dependency from xorm go.mod file
 2025-03-12 10:12:56 +01:00
Will Browne 510c76df49 Chore: Update to latest go plugin SDK (#101939) 
* update to latest go plugin SDK

* add missing changes
 2025-03-11 14:57:19 +00:00
Tito Lins 8c51af49e5 Alertmanager: upgrade alerting (#101870) 2025-03-10 16:59:21 +01:00
Karl Persson 9a3864e603 Auth: Update to authlib (#101863) 
Update to latest authlib
 2025-03-10 11:08:40 +01:00
Ezequiel Victorero 1c7f9d4333 Chore: Bump gofpdf (#101823) 2025-03-07 17:40:22 -03:00
Matthew Jacobson 19b878ce66 Alerting: Include time range in template dashboard and panel urls (#101095) 
Alerting: Include time range in templated dashboard and panel urls

Time range:
from=Alert.StartsAt-1hr

Firing Alerts: to=Current Timestamp
Resolved Alerts: to=Alert.EndsAt
 2025-03-07 15:28:56 -05:00
Ryan McKinley f52b6a5a42 Provisioning: Update spec and dependencies (#101746) 
Co-authored-by: Clarity-89 <homes89@ukr.net>
 2025-03-07 10:57:13 +03:00
Lucy Chen 5996e102af Image Render: Propagate traces in HTTP mode (#100559) 
* Rendering: Propagate traces in HTTP mode

* update ini file

* update docs

* update doc

* fix imports

* fix go files

* fix CI

* update ini config

* remove servicename

---------

Co-authored-by: AgnesToulet <35176601+AgnesToulet@users.noreply.github.com>
Co-authored-by: nmarrs <nathanielmarrs@gmail.com>
 2025-03-06 12:02:00 -05:00
Peter Štibraný 9e690bd620 Spanner support enhancements (#101634) 
* Adds ability to run integration tests against spanner (by using GRAFANA_TEST_DB=spanner env variable. SPANNER_DB variable then specifies database to use: spannertest, emulator or string like /projects/<project>/instances/<instance>/databases/<db>)
* Adds feature to migration dialects to create database from a snapshot, instead of running individual migrations.
* Adds first version of Spanner snapshot, prepared from "OSS" migrations.
* Uses generated bit-reversed-positive values instead of auto_increment. (As an experiment)
 2025-03-06 16:11:20 +01:00
Tania c9ab1142e1 Add OpenFeature providers (#101071) 
* Add OpenFeature provider

* Simplify static provider

* Linting

* Apply review feedback

* Codeowner for deps

* Update pkg/services/featuremgmt/openfeature.go

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

* Apply review comments part2

* Remove from sample.ini for now

* fixup! Apply review comments part2

* Add example of context config

* Resolve conflict

* Run update workspaces

---------

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
 2025-03-06 15:09:26 +01:00
Matheus Macabu caabb06cd8 Chore: Bump dependencies to address security issues (#101620) 
* Chore: Bump golang.org/x/net to v0.36.0

* Chore: Use github.com/moby/moby version 27.5.1 instead of 26.0.0

* Chore: Bump github.com/ua-parser/uap-go to v0.0.0-20250213224047-9c035f085b90

* Chore: Bump github.com/grpc-ecosystem/go-grpc-middleware/v2 to fix 32-bit overflow issue
 2025-03-06 10:12:05 +01:00
alerting-team[bot] 8ef37ea5c1 Alerting: Update alerting module to aae4827ec0610058810f2bbc69800ce377a33376 (#101623) 
[create-pull-request] automated change

Co-authored-by: grobinson-grafana <85952834+grobinson-grafana@users.noreply.github.com>
 2025-03-05 16:45:20 -05:00
Matheus Macabu 61eb837dd6 Chore: Bump Go to 1.23.7 (#101576) 2025-03-05 14:55:36 +01:00
Matheus Macabu 7426ddff94 Chore: Downgrade go-grpc-middleware to fix build in 32-bit systems (#101615) 2025-03-05 14:04:55 +01:00
Alexander Zobnin 01899d761e Zanzana: Upgrade to OpenFGA v1.8.6 (#101553) 
* Zanzana: Upgrade to OpenFGA v1.8.6

* upgrade openfga
 2025-03-05 11:58:31 +01:00
alerting-team[bot] d9538fd5dc Alerting: Update alerting module to bb85a58ec8975d91b49d746dbd11d312f0485ecc (#101537) 
[create-pull-request] automated change

Co-authored-by: yuri-tceretian <25988953+yuri-tceretian@users.noreply.github.com>
 2025-03-03 18:10:15 -05:00
Charandas cedb4ef9c1 fix: testutil blocking PR checks from passing (#101527) 2025-03-03 10:56:30 -08:00
Serge Zaitsev 165bca6417 Chore: Add initial/experimental xorm spanner driver (#101398) 
* make it build and start

* run some migrations

* add build tags, remove log

* remove unused code

* revert go.mod changes

* move initialisation into dialect file

* update workspace

* update workspace once again

* clean up dependencies

* further cleanup

* Address some review feedback.

* Fix go.sum.

---------

Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
 2025-03-03 17:02:10 +01:00
dependabot[bot] d1b20c652d Bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 (#101385) 
* Bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4

Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.3...v3.0.4)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* update workspace

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-03 12:11:08 +01:00
Matthew Jacobson 2466685a41 Alerting: Improve template testing by trying non-root scopes (#101471) 
Expand template testing to try additional scopes if the root scope fails.
This mitigates errors for definitions like pagerduty.default.instances,
which require the .Alerts scope. Added support for .Alerts and .Alert
scopes.
 2025-02-28 20:27:27 +02:00
ismail simsek b16904651f Chore: Bump grafana-plugin-sdk-go to v0.267.0 (#101376) 
* bump grafana-plugin-sdk-go to v0.267.0

* make update-workspace
 2025-02-27 11:13:58 +01:00
Georges Chaudy 4391fac135 unistore: add spanner to go.mod (#101143) 
* Add spanner dependency
* Update go.mod, go.sum.
* Assign owner to spanner dependency, clean up directives.
* Rerun go mod tidy.

---------

Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
 2025-02-26 13:34:50 +02:00
Karl Persson fa74d1c36d Authn: Sync authlib and update how we construct authn client interceptor (#101124) 
* Sync authlib and update how we construct authn client interceptor

* Remove namespace from checker
 2025-02-26 09:22:09 +01:00
Alexander Akhmetov 03e94e7a3e Alerting: Update grafana/alerting (#101215) 
* Update grafana/alerting from 9d7e00921e44 to 2acbeef29642

* Change the package for the TLSClient

* Fix TestContactPointFromContactPointExports test
 2025-02-25 11:32:28 +01:00
Matheus Macabu 3aedb9159e Chore: Update golang.org/x/crypto and golang.org/x/ouath2 to address security issues (#101268) 
- CVE-2025-22869 and Go issue https://go.dev/issue/71931.
- CVE-2025-22868 and Go issue https://go.dev/issue/71490.
 2025-02-25 11:15:41 +01:00
William Wernert c33e908baf Alerting: Update alerting package to include SNS fix (#101177) 
* Update alerting package to include sns fix

* Update workspace
 2025-02-21 16:02:39 -05:00
Dave Henderson 9f9c248766 chore(deps): Remove unreferenced goavro dependency (#101171) 
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
 2025-02-21 21:10:38 +02:00
dependabot[bot] bfc2347799 Bump github.com/go-sourcemap/sourcemap from 2.1.3+incompatible to 2.1.4+incompatible (#98639) 
Bump github.com/go-sourcemap/sourcemap

Bumps [github.com/go-sourcemap/sourcemap](https://github.com/go-sourcemap/sourcemap) from 2.1.3+incompatible to 2.1.4+incompatible.
- [Commits](https://github.com/go-sourcemap/sourcemap/compare/v2.1.3...v2.1.4)

---
updated-dependencies:
- dependency-name: github.com/go-sourcemap/sourcemap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-21 13:04:21 -05:00
Yuri Tseretyan d1dfa0576b Alerting: Support Jira Integration (#100480) 2025-02-21 12:51:38 -05:00
Todd Treece 2313eca636 Chore: Update local go dependencies (#101088) 2025-02-20 12:55:28 -05:00
Matthew Jacobson b78a63b0ad Alerting: Use new image TokenProvider and send image url in annotation (#99989) 
* Send new annotation containing image url

* Use new image TokenProvider with TokenStore

New abstraction GetImage no longer needs to support parsing both token and
url from annotations, as remote AM will use the new URLProvider. Instead, we
use the new generic TokenProvider and give it a TokenStore backed by the
grafana database.

That means we revert back to always using token simplifying code and security
considerations.

* Upgrade grafana/alerting to merged commit SHA
 2025-02-20 12:47:40 -05:00
Matthew Jacobson b1b5b4766c Alerting: Sanitize Slack image upload comment labels (#101084) 
* Alerting: Sanitize Slack image upload comment labels

upgrades grafana/alerting to d43046
 2025-02-20 12:22:04 -05:00
Jean-Philippe Quéméner e83f4fca1e feat(unified-storage): add some basic retry logic for the grpc client (#101001) 2025-02-20 16:17:50 +01:00
Matthew Jacobson 68ce949fff Alerting: Fix token-based Slack image upload to work with channel names (#100988) 
Upgrades grafana/alerting to 00d6703 which includes the fix.
 2025-02-20 09:17:52 -05:00
Jean-Philippe Quéméner 5897024dfe feat(unified-storage): enhance gRPC client with dskit (#101035) 2025-02-20 12:34:52 +01:00
Matthew Jacobson 75c4c5ca0f Alerting: Upgrade grafana/alerting to 92d5f29 (#100982) 
* Alerting: Upgrade grafana/alerting to 92d5f29

Includes:
- Add more context to log in PipelineAndStateTimestampCoordinationStage (#277)
- Update Alertmanager fork to latest commit (#279)
- Copy http client from Grafana (#281)

* Satisfy signature change from grafana/alerting #281 (http client)
 2025-02-19 18:49:46 +02:00
Karl Persson a897ec3426 Authn: grpc errors (#100951) 
* update authlib

* Map to grpc status
 2025-02-19 11:46:48 +01:00
Ieva e93ff154df Chore: bump authlib version (#100879) 
* bump authlib version

* update other authlib deps
 2025-02-19 08:37:32 +00:00
Robert Goltz 8577958edb Bump github.com/crewjam/saml from 0.4.13 to 0.4.14 (#100784) 
chore: bump github.com/crewjam/saml from 0.4.13 to 0.4.14
 2025-02-19 09:28:31 +01:00
Karl Persson 4df398c084 Authz: Sync authlib and update authz client setup code (#100817) 
* Sync authlib and update setup code for authz client
 2025-02-18 09:09:20 +01:00
Matheus Macabu aceda85a4d Chore: Regenerate go.work.sum (#100816) 2025-02-17 22:44:02 +02:00
Mat Ryer ff7ba54cbc Investigations: Add experimental app platform backend (#100584) 
* add investigations group?

* Investigations: Add experimental app platform backend

* change `grafana-app-sdk/logging` version

* investigations: add feature flag to test

---------

Co-authored-by: Sven Grossmann <svennergr@gmail.com>
 2025-02-17 19:19:22 +01:00
Agnès Toulet 37ee1c427d Plugins: Upgrade grafana-plugin-sdk to 0.266.0 (#100727) 2025-02-14 16:33:45 +01:00
Tito Lins ae9837b793 Alerting: Add alertmanager integration tests (#100106) 2025-02-13 11:36:45 +01:00