Alerting: Fix persisting result fingerprint that is used by recovery threshold (#91224)
(cherry picked from commit 537f1fb857)
# Conflicts:
# pkg/services/ngalert/state/persister_sync.go
Snapshots: Fix panic when snapshot_remove_expired is true (#91232)
(cherry picked from commit bb5d2c83ef)
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Notifications: Do not log email address in error message (#89314)
Do not log email address in error message
(cherry picked from commit c2c30c25ed)
Co-authored-by: William Wernert <william.wernert@grafana.com>
Alerting: Fix rule storage to filter by group names using case-sensitive comparison (#88992)
* add test for the bug
* remove unused struct
* update db store to post process filters by group using go-lang's case-sensitive string comparison
--------
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
# Conflicts:
# pkg/services/ngalert/store/alert_rule.go
# pkg/services/ngalert/store/alert_rule_test.go
RBAC: List only the folders that the user has access to (#88599)
only check folder permissions when listing folders
(cherry picked from commit 095ca66d9f)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
User: add second migration for lowercasing login/email of users (#88915)
(cherry picked from commit 39bd13f877)
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
LibraryPanels/RBAC: Ignore old folder permission check when deleting/patching lib panel (#88422)
* LibraryPanels/RBAC: Ignore old folder permission check when deleting lib panel
* Same for patching
(cherry picked from commit 8f45003192)
Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com>
Dashboards: Correctly display Admin access to dashboards in the UI (#88439)
* include folder wildcard scope in dash permission inheritance
* Update pkg/services/accesscontrol/ossaccesscontrol/permissions_services.go
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
(cherry picked from commit 1c2ae2c72d)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Alerting/Annotations: Return nothing from historian store if filtering by tags and matchAny is false (#85488)
* Return nothing from historian store if filtering by tag
(cherry picked from commit cad8190a91)
Co-authored-by: William Wernert <william.wernert@grafana.com>
* Alerting: Fix scheduler to sort rules before evaluation (#88006)
sort rules scheduled for evaluation to make sure that the order is stable between evaluations.
This is especially important in HA mode.
(cherry picked from commit 05d6813a09)
* use old generators
---------
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Alerting: use logger with same context within rule scheduling loop (#87934)
(cherry picked from commit f410c7fca1)
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Alerting: Do not store series values from past evaluations in state manager for no reason (#87525)
Do not store previous execution results on states
(cherry picked from commit a6a9ab4008)
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
* AuthN: Fix signout redirect url (#87631)
* Add missing return
* Use sign out redirect url from auth config if configured
* remove option from auth.jwt that is not used
(cherry picked from commit 0f3080ecb8)
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Chore: Add login protection when user is trying different uppercase letters (#87588)
* add login protection when the user is trying different uppercase letters
(cherry picked from commit cd98aaf89b)
Co-authored-by: linoman <2051016+linoman@users.noreply.github.com>
Alerting: Add two sets of provisioning actions for rules and notifications (#87149)
(cherry picked from commit 356a29592b)
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Provisioning: Look up provisioned folders by UID when possible (#87465)
look up provisioned folders by uid when possible
(cherry picked from commit 1884b03511)
Co-authored-by: Dan Cech <dcech@grafana.com>
Alerting: Also fix HCL field name for MuteTimeIntervals (#87079)
* Correct HCL field name for MuteTimeIntervals
* Update test
(cherry picked from commit 93519f70ca)
Co-authored-by: William Wernert <william.wernert@grafana.com>
Auth: Force lowercase login/email for users (#86359)
* [WIP]: Force lowercase login/email for user CRUD
* warn and remove use of userCaseInsensitiveLogin check
* remove log warning
* reimplementation of the caseinsensitive
* need to decide if we want the conflict check or not
* remvoved the tests for conflict user by getEmail, getLogin
* added tests for user lowercase migration
* wip: emails next
* tests for email lowercasing
* review comments
* optimized login and email lookup before migrating
(cherry picked from commit e394e16073)
RBAC: Do not set permissions on data sources with wildcard UID in OSS (#87220)
do not set permissions on DS with wildcard UID
(cherry picked from commit 28dd1ddd8e)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Data source: Maintain the default data source permissions when switching from unlicensed to licensed Grafana (#87119)
set managed data source permissions upon resource creation for unlicensed Grafana, remove them on deletion
(cherry picked from commit 5e060d2d99)
* remove code for older version
---------
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Alerting: Use expected field name for receiver in HCL export (#87065)
* Use expected field name for receiver in hcl
Terraform provider expects `contact_point` instead of `receiver` in
notification settings on a rule.
(cherry picked from commit 70ff229bed)
Co-authored-by: William Wernert <william.wernert@grafana.com>
Alerting: Improve error when receiver or time interval used by rule is deleted (#86865)
* Alerting: Improve error when receiver used by rule is deleted
* Remove RuleUID from public error and data
* Improve fallback error in am config post
* Refactor to expand to time intervals
* Fix message on unchecked errors to be same as before
(cherry picked from commit 3397e8bf09)
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
SQLStore: Disable redundant create and drop unique index migrations on dashboard table (#86857)
SQLStore: Disable create and drop unique index migrations
(cherry picked from commit a5a3ee9fa3)
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
Alerting: Fix simplified routing group by override (#86552)
* Alerting: Fix simplified routing custom group by override
Custom group by overrides for simplified routing were missing required fields
GroupBy and GroupByAll normally set during upstream Route validation.
This fix ensures those missing fields are applied to the generated routes.
* Inline GroupBy and GroupByAll initialization instead of normalize after
(cherry picked from commit 71445002b7)
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Alerting: Fix simplified routes '...' groupBy creating invalid routes (#86006)
* Alerting: Fix simplified routes '...' groupBy creating invalid routes
There were a few ways to go about this fix:
1. Modifying our copy of upstream validation to allow this
2. Modify our notification settings validation to prevent this
3. Normalize group by on save
4. Normalized group by on generate
Option 4. was chosen as the others have a mix of the following cons:
- Generated routes risk being incompatible with upstream/remote AM
- Awkward FE UX when using '...'
- Rule definition changing after save and potential pitfalls with TF
With option 4. generated routes stay compatible with external/remote AMs, FE
doesn't need to change as we allow mixed '...' and custom label groupBys, and
settings we save to db are the same ones requested.
In addition, it has the slight benefit of allowing us to hide the internal
implementation details of `alertname, grafana_folder` from the user in the
future, since we don't need to send them with every FE or TF request.
* Safer use of DefaultNotificationSettingsGroupBy
* Fix missed API tests
(cherry picked from commit 533bed6d94)
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
CloudMigrations: Add instance metadata to auth token (#85381)
* update how tokens are passed around
* rename structs
(cherry picked from commit 5a5f76ae0a)
Co-authored-by: Michael Mandrus <41969079+mmandrus@users.noreply.github.com>
JWT: Find login and email claims with JMESPATH (#85305)
* add function to static function to static service
* find email and login claims with jmespath
* rename configuration files
* Replace JWTClaims struct for map
* check for subclaims error
(cherry picked from commit e4250a72db)
Co-authored-by: linoman <2051016+linoman@users.noreply.github.com>
User: email verification completion (#85259)
* TempUser: Include InvitedById in TempUserDTO
* Extract email verfication completion flow to service
(cherry picked from commit 73e426b081)
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Storage: GuaranteedUpdate fix & other improvements (#85206)
make GuaranteedUpdate work when ignoring not found errors, increase poll frequency, fix Delete
(cherry picked from commit ef26fe95dc)
Co-authored-by: Dan Cech <dcech@grafana.com>
AuthN: Add IsAuthenticatedBy to identity interface and replace checks (#85262)
Add IsAuthenticatedBy to identity interface and replace checks
(cherry picked from commit 152cb47692)
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Alerting: Reduce set of fields that could trigger alert state change (#83496)
We want to avoid too much change of alert state based on change on
alert's fields. For that we ignore some fields from the diff.
(cherry picked from commit 6f38ac6615)
Co-authored-by: Benoit Tigeot <benoittgt@users.noreply.github.com>
Auth: Improve org role sync debugging (#85146)
add login to the context of the logger
(cherry picked from commit da40158fed)
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Provisioning: Fix regression when dashboardProvisioner is accessed before being initialised (#85011)
* Provisioning: Fix regression when dashboardProvisioner is accessed before being initialized
* Set dashboard provisioner in the provider
(cherry picked from commit 5ebf2d08f6)
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
