* serviceaccounts/secretscan: test Service more thoroughly
* middleware/cookies: add tests for CookieOptions
* anonymous/anonimpl: cover a couple more methods
* components/imguploader: Implement WebDAV integration tests
* components/apikeygen: also check IsValid method
* bus: cover invalid callback signature cases
* cloudmigration/objectstorage: add basic unit tests
* login/social/connectors: add test case for GitHub OAuth fetch emails+orgs
* expr/classic: cover more evaluator types in tests
* feat(featuremgmt): introduce feature toggle for enabling sri checks
* feat(frontend): use assetSriChecks feature toggle to inject integrity hash into script tags
* chore(webpack): align sri algorithms across dev and prod builds
* docs(featuremgmt): update assetSriChecks to pass CI
* docs(featuremgmt): fix more spelling complaints with assetSriChecks
* Add crossorigin attribute
* chore(webpack): add subresource-integrity plugin
* build(webpack): wrap webpack jsonp loader integrity checks in feature flag checks
* revert(index.html): remove crossorigin attribute if assertSriChecks is disabled
---------
Co-authored-by: Kristian Bremberg <kristian.bremberg@grafana.com>
What is this feature?
Allows the creation of alert rules with mimirtool in a specified folder.
Why do we need this feature?
Currently, the APIs for mimirtool create namespaces and rule groups in the root folder without the ability to set a custom folder. For example, it could be a special "Imported" folder, etc.
This PR makes it possible with a special header: mimirtool ... --extra-headers="X-Grafana-Alerting-Folder-UID=123". If it's not present, the root folder is used, otherwise, the specified one is used.
mimirtool does not support nested folder structures, while Grafana allows folder nesting. To keep compatibility, we return only direct child folders of the working folder (as namespaces) with rule groups and rules that are directly in these child folders as if there are no nested folders.
For example, given this folder structure in Grafana:
```
grafana/
├── production/
│ ├── service1/
│ │ └── alerts/
│ └── service2/
└── testing/
└── service3/
```
If the working folder is "grafana":
Only namespaces "production" and "testing" are returned
Only rule groups directly within these folders are included
If the working folder is "production":
- Only namespaces "service1" and "service2" are returned
Only rule groups directly within these folders are included
* Add isProvisioned field to model
* Add new isProvisioned column to migration
* Disable auto assignment to organization if the user is provisioned
* add annotation to user model
* add annotation to user models
* Remove IsProvisioned field from Identity
* Move new field assignenment and add default value
* Update annotations for user query results
* Remove isProvisioned from identity
* Add new column to test
* Resolve user from identity at SyncOrgHook
* make it build and start
* run some migrations
* add build tags, remove log
* remove unused code
* revert go.mod changes
* move initialisation into dialect file
* update workspace
* update workspace once again
* clean up dependencies
* further cleanup
* Address some review feedback.
* Fix go.sum.
---------
Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
* login/social/socialimpl: add assertions for usage stats, support bundle and oauthinfo methods
* accesscontrol/acimpl: add tests for GetRoleByName
* anonymous/sortopts: add tests for Sorter
* cloudmigration/gmsclient: add basic test cases for all methods
* shorturls/shorturlimpl: add more edge test cases
* tag/tagimpl: add test to cover duplicate tag kv and nil pairs
* updatechecker: add test cases for module
* feat(auth/JWTAuth): add support for the TlsSkipVerify parameter
* feat(auth/JWTAuth): add param to default.ini and sample.ini
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Expand template testing to try additional scopes if the root scope fails.
This mitigates errors for definitions like pagerduty.default.instances,
which require the .Alerts scope. Added support for .Alerts and .Alert
scopes.
* add column guid to alert rule table and rule_guid to rule version table
+ populate the new field with UUID
* update storage and domain models
* patch GUID
* ignore GUID in fingerprint tests
* move prometheus.register for unified storage metrics into metrics.go and do most of the plumbing to get it to work
* convert StorageApiMetrics to pointer and check for nil before using it
* rename type and variables to something more sensible
---------
Co-authored-by: Jean-Philippe Quéméner <jeanphilippe.quemener@grafana.com>
* Restore feature: wip
* Refactor modal to separate component
* fix restoring from the drawer
* rename components folder to version-history, and move version-utils.file there
* skip fetching rule when uid is empty, add returnTo when restoring manually
* Fix drawer fetching infinitely
* Move drawer to separate file
* add tracking for restore success and restore failure
* Fix name of error interaction
* Add `compare` to each row in version history
* Add warning when manually restoring and trigger form validation
* Fix initial validation for contact point selector
* Wait for successful fetch before potential error
* Add disabled state when loading
* Fix loading check for contact point selector
* Fix typo
* Move hook to separate file and move other method into utils
* Update imports and remove manual state management
* Fix infinite render
* Remove onError from dep array
* Use separate flag for showing manual restore alert
* Rename to createdAt
* add and use ability to restore to check if retore is allowed
* Fix test and add isGrafanaManagedAlertRule to the ability check
* Address PR feedback
* Change to isManualRestore for trigger check
* udpate AlertRuleAction.Restore ability
* make the alertingRuleVersionHistoryRestore ff , enabled by default
* fix ff
---------
Co-authored-by: Tom Ratcliffe <tom.ratcliffe@grafana.com>
Initially, Metadata had only the EditorSettings, and HasMetadata was used to understand if the incoming update request had metadata in the body because it could be omitted if it was empty. For example, when the rule is updated via the provisioning API or has only false values. If it was in the request, we used that; if not, we used the metadata from the existing rule from the database. If the rule was updated via the AlertRuleService, we didn't change Metadata at all if the rule already existed.
But now, Metadata also has the Prometheus rule definition, and we always need to update it with the new version of the AlertRuleService when the rule exists in the DB and has the same UID. HasMetadata is renamed to HasEditorSettings to keep the old behaviour only for EditorSettings.
Now, the provisioning API and the conversion API will overwrite everything except EditorSettings with the new data.
When you use a math expression with out any operators, the dataFrame pointer is identical between the expression result and the input query/expression.
This was resulting in the values returned from an evaluation overshadowing each other, depending on the order of the processing of the result map.
For example:
```
A: some_metric
B: reduce of A
C: math expression -> "${B}"
D: Threshold evaluation of C -> "C > 0"
```
With a value of 1 for `some_metric`, might result in a evaluation result of one of the following (somewhat at random):
1. { B: 1, D: 1 }
2. { C: 1, D: 1}
While you would expect to see:
{ B: 1, C: 1, D: 1 }
