Compare commits
184 Commits
jackw/rspa
...
v11.5.5+se
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
71b11a7023 | ||
|
|
4fc33647a8 | ||
|
|
40ed88fe86 | ||
|
|
59fc4b9e98 | ||
|
|
8c4f33102e | ||
|
|
00d84f1364 | ||
|
|
7c114b2ee0 | ||
|
|
c0e2889cea | ||
|
|
f4ad2eb9ec | ||
|
|
2aa89a90a2 | ||
|
|
2ba6cf30cd | ||
|
|
63cec3fe7d | ||
|
|
919f46426c | ||
|
|
fad9b13312 | ||
|
|
2e24578a72 | ||
|
|
2b3ef62855 | ||
|
|
e3cbeb5e1e | ||
|
|
e30143305f | ||
|
|
74099d4ba9 | ||
|
|
3a028ac25c | ||
|
|
7b1be85980 | ||
|
|
64a3a01892 | ||
|
|
9d6c9b7503 | ||
|
|
4042e67bfd | ||
|
|
684227f7a5 | ||
|
|
2b8c8d45d1 | ||
|
|
ea4c33d7cb | ||
|
|
6c64b04c39 | ||
|
|
df9f37a726 | ||
|
|
5492a58f54 | ||
|
|
754e62bae0 | ||
|
|
1db6d349a7 | ||
|
|
22c0856880 | ||
|
|
58457c9eff | ||
|
|
35a4ee70b7 | ||
|
|
1d58728936 | ||
|
|
684fbc089e | ||
|
|
9d02fa97b1 | ||
|
|
d4b6dc2a86 | ||
|
|
32e85d3c25 | ||
|
|
4df6c9085a | ||
|
|
c32b2f5655 | ||
|
|
a61bf0d1f1 | ||
|
|
63ba7b6c34 | ||
|
|
0b6f023cd7 | ||
|
|
268d873715 | ||
|
|
bf3f23b558 | ||
|
|
c348917df2 | ||
|
|
3ab43f8b7c | ||
|
|
370ff7992d | ||
|
|
10fe463e6f | ||
|
|
a23127a8b4 | ||
|
|
34ffd0934c | ||
|
|
4fe2194305 | ||
|
|
f21553e925 | ||
|
|
7b6424516e | ||
|
|
797c085005 | ||
|
|
ce334f8eaf | ||
|
|
4f00a8817e | ||
|
|
c93a59f478 | ||
|
|
6ebb9eb01d | ||
|
|
0f4c28b024 | ||
|
|
6932c6af7e | ||
|
|
c6d3c1e489 | ||
|
|
81b2e00f25 | ||
|
|
5eaeb7f6aa | ||
|
|
c98bb442fd | ||
|
|
4c88576d4b | ||
|
|
510b8b66ff | ||
|
|
46a2949ceb | ||
|
|
28b0f2d2e4 | ||
|
|
b4eb5f1304 | ||
|
|
be1aa19642 | ||
|
|
4da21c2a61 | ||
|
|
4aa5ea2ea6 | ||
|
|
c85946bee0 | ||
|
|
ab8e58e805 | ||
|
|
45316fdd04 | ||
|
|
1bcc80daa7 | ||
|
|
dcb1180f28 | ||
|
|
7abc79cb2e | ||
|
|
ff47af1fba | ||
|
|
96d15d9091 | ||
|
|
fe4442a7fb | ||
|
|
3c7cdb103a | ||
|
|
cd63f38f47 | ||
|
|
e166f06bfa | ||
|
|
c80a182e3c | ||
|
|
29d35ec39c | ||
|
|
596b3e42f5 | ||
|
|
027524dd98 | ||
|
|
2ece5c261b | ||
|
|
9db9662213 | ||
|
|
478ab85845 | ||
|
|
e79330dc08 | ||
|
|
b4da2b9b2d | ||
|
|
3c71bd0a5c | ||
|
|
61fbc0310f | ||
|
|
6aee3a5c75 | ||
|
|
5a8f3398bf | ||
|
|
6700924913 | ||
|
|
7905703627 | ||
|
|
75e6ca56f4 | ||
|
|
9fdf70bf90 | ||
|
|
9e4537fe03 | ||
|
|
68e70b4c5a | ||
|
|
d732324f53 | ||
|
|
a6fb0f44ba | ||
|
|
9e942dcb9a | ||
|
|
f16a6dc98c | ||
|
|
25e6d2780b | ||
|
|
880e5fecb9 | ||
|
|
62b5a147fd | ||
|
|
75890ecc58 | ||
|
|
50a0247c22 | ||
|
|
9908a78c5c | ||
|
|
4683c0f157 | ||
|
|
72e8b57597 | ||
|
|
b774d0d569 | ||
|
|
0faf11835b | ||
|
|
7776a6c1af | ||
|
|
6c3e9e5976 | ||
|
|
327ca47f51 | ||
|
|
a957c28316 | ||
|
|
b321585bde | ||
|
|
cfa529295f | ||
|
|
3881a173fe | ||
|
|
5533f62a71 | ||
|
|
49a32d71be | ||
|
|
d3cab8217f | ||
|
|
e8887275ae | ||
|
|
b8d8a94ebc | ||
|
|
c30b9bd0bb | ||
|
|
fb0d6be79e | ||
|
|
2728e5cf14 | ||
|
|
822e5fb1a1 | ||
|
|
f433b8c240 | ||
|
|
676599ad7a | ||
|
|
34cdea5bb5 | ||
|
|
b857272fa2 | ||
|
|
6d67738b5f | ||
|
|
f73c2fdf7a | ||
|
|
100c91ca14 | ||
|
|
7beb0a1ff6 | ||
|
|
9bdd480326 | ||
|
|
273a9b17c9 | ||
|
|
b11b012240 | ||
|
|
234d3d16e4 | ||
|
|
ed62b50def | ||
|
|
967a5d3fc3 | ||
|
|
6b4c70d6a3 | ||
|
|
d75d140554 | ||
|
|
cbfb776273 | ||
|
|
b45af3e8a0 | ||
|
|
9c48b9420a | ||
|
|
e0aadb4dab | ||
|
|
eb2b19186c | ||
|
|
6d9d0d7748 | ||
|
|
6cc10d30df | ||
|
|
5acb12be61 | ||
|
|
7617fa1d1f | ||
|
|
d788e8d44e | ||
|
|
9c7139ee7a | ||
|
|
86194faffd | ||
|
|
70f5e59d94 | ||
|
|
b547440a1e | ||
|
|
5400abfac2 | ||
|
|
148fd6fa7c | ||
|
|
51f2ae7936 | ||
|
|
86fcf80315 | ||
|
|
c055d03d00 | ||
|
|
85379b8f2d | ||
|
|
df7987a6b8 | ||
|
|
56e82b7a1c | ||
|
|
41e7cd2c02 | ||
|
|
6167aac263 | ||
|
|
6ee1bfb736 | ||
|
|
e0d8318caa | ||
|
|
842179916d | ||
|
|
d7d80d2634 | ||
|
|
fb0204c8df | ||
|
|
5f7f04518b | ||
|
|
5e369c6709 | ||
|
|
940d71250b |
@@ -86,10 +86,6 @@ module.exports = [
|
||||
importNames: ['Layout', 'HorizontalGroup', 'VerticalGroup'],
|
||||
message: 'Use Stack component instead.',
|
||||
},
|
||||
{
|
||||
group: ['@grafana/ui/src/*', '@grafana/runtime/src/*', '@grafana/data/src/*'],
|
||||
message: 'Import from the public export instead.',
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
|
||||
1476
.betterer.results
1476
.betterer.results
File diff suppressed because it is too large
Load Diff
@@ -5,10 +5,6 @@ GOPATH ?= $(shell go env GOPATH)
|
||||
GOBIN ?= $(firstword $(subst :, ,${GOPATH}))/bin
|
||||
GO ?= $(shell which go)
|
||||
|
||||
# Add this near the top of the file, after the initial variable definitions
|
||||
ifndef VARIABLES_MK
|
||||
VARIABLES_MK := 1
|
||||
|
||||
# Below generated variables ensure that every time a tool under each variable is invoked, the correct version
|
||||
# will be used; reinstalling only if needed.
|
||||
# For example for bra variable:
|
||||
@@ -27,12 +23,6 @@ $(BRA): $(BINGO_DIR)/bra.mod
|
||||
@echo "(re)installing $(GOBIN)/bra-v0.0.0-20200517080246-1e3013ecaff8"
|
||||
@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=bra.mod -o=$(GOBIN)/bra-v0.0.0-20200517080246-1e3013ecaff8 "github.com/unknwon/bra"
|
||||
|
||||
COG := $(GOBIN)/cog-v0.0.15
|
||||
$(COG): $(BINGO_DIR)/cog.mod
|
||||
@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
|
||||
@echo "(re)installing $(GOBIN)/cog-v0.0.15"
|
||||
@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=cog.mod -o=$(GOBIN)/cog-v0.0.15 "github.com/grafana/cog/cmd/cli"
|
||||
|
||||
CUE := $(GOBIN)/cue-v0.5.0
|
||||
$(CUE): $(BINGO_DIR)/cue.mod
|
||||
@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
|
||||
@@ -69,4 +59,3 @@ $(SWAGGER): $(BINGO_DIR)/swagger.mod
|
||||
@echo "(re)installing $(GOBIN)/swagger-v0.30.6-0.20240310114303-db51e79a0e37"
|
||||
@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=swagger.mod -o=$(GOBIN)/swagger-v0.30.6-0.20240310114303-db51e79a0e37 "github.com/go-swagger/go-swagger/cmd/swagger"
|
||||
|
||||
endif
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
module _ // Auto generated by https://github.com/bwplotka/bingo. DO NOT EDIT
|
||||
|
||||
go 1.23.4
|
||||
|
||||
require github.com/grafana/cog v0.0.15 // cmd/cli
|
||||
@@ -10,8 +10,6 @@ fi
|
||||
|
||||
BRA="${GOBIN}/bra-v0.0.0-20200517080246-1e3013ecaff8"
|
||||
|
||||
COG="${GOBIN}/cog-v0.0.15"
|
||||
|
||||
CUE="${GOBIN}/cue-v0.5.0"
|
||||
|
||||
DRONE="${GOBIN}/drone-v1.5.0"
|
||||
|
||||
407
.drone.yml
407
.drone.yml
File diff suppressed because it is too large
Load Diff
68
.github/CODEOWNERS
vendored
68
.github/CODEOWNERS
vendored
@@ -57,6 +57,7 @@
|
||||
/go.work @grafana/grafana-app-platform-squad
|
||||
/go.work.sum @grafana/grafana-app-platform-squad
|
||||
/.bingo/ @grafana/grafana-backend-group
|
||||
/.citools @grafana/grafana-developer-enablement-squad
|
||||
/pkg/README.md @grafana/grafana-backend-group
|
||||
/pkg/ruleguard.rules.go @grafana/grafana-backend-group
|
||||
/.bra.toml @grafana/grafana-backend-group
|
||||
@@ -67,9 +68,12 @@
|
||||
/hack/ @grafana/grafana-app-platform-squad
|
||||
|
||||
/pkg/apis/provisioning @grafana/grafana-git-ui-sync-team
|
||||
/public/app/features/provisioning @grafana/grafana-git-ui-sync-team
|
||||
/pkg/registry/apis/provisioning @grafana/grafana-git-ui-sync-team
|
||||
|
||||
/apps/alerting/ @grafana/alerting-backend
|
||||
/apps/dashboard/ @grafana/grafana-app-platform-squad @grafana/dashboards-squad
|
||||
/apps/folder/ @grafana/grafana-app-platform-squad
|
||||
/apps/playlist/ @grafana/grafana-app-platform-squad
|
||||
/apps/investigations/ @fcjack @matryer @svennergr
|
||||
/apps/advisor/ @grafana/plugins-platform-backend
|
||||
@@ -77,6 +81,7 @@
|
||||
/pkg/apis/ @grafana/grafana-app-platform-squad
|
||||
/pkg/apis/query @grafana/grafana-datasources-core-services
|
||||
/pkg/apis/userstorage @grafana/grafana-app-platform-squad @grafana/plugins-platform-backend
|
||||
/pkg/apis/secret @grafana/grafana-operator-experience-squad
|
||||
/pkg/bus/ @grafana/grafana-search-and-storage
|
||||
/pkg/cmd/ @grafana/grafana-backend-group
|
||||
/pkg/cmd/grafana-cli/commands/install_command.go @grafana/plugins-platform-backend
|
||||
@@ -122,6 +127,7 @@
|
||||
/pkg/apimachinery/errutil/ @grafana/grafana-backend-group
|
||||
/pkg/promlib @grafana/oss-big-tent
|
||||
/pkg/storage/ @grafana/grafana-search-and-storage
|
||||
/pkg/storage/secret/ @grafana/grafana-operator-experience-squad
|
||||
/pkg/services/annotations/ @grafana/grafana-search-and-storage
|
||||
/pkg/services/apikey/ @grafana/identity-squad
|
||||
/pkg/services/cleanup/ @grafana/grafana-backend-group
|
||||
@@ -132,6 +138,7 @@
|
||||
/pkg/services/dashboardversion/ @grafana/grafana-backend-group
|
||||
/pkg/services/encryption/ @grafana/grafana-operator-experience-squad
|
||||
/pkg/services/folder/ @grafana/grafana-search-and-storage
|
||||
/pkg/services/frontend/ @grafana/grafana-frontend-platform
|
||||
/pkg/services/apiserver @grafana/grafana-app-platform-squad
|
||||
/pkg/services/hooks/ @grafana/grafana-backend-group
|
||||
/pkg/services/kmsproviders/ @grafana/grafana-operator-experience-squad
|
||||
@@ -312,6 +319,7 @@
|
||||
/Makefile @grafana/grafana-developer-enablement-squad
|
||||
/scripts/build/ @grafana/grafana-developer-enablement-squad
|
||||
/scripts/list-release-artifacts.sh @grafana/grafana-developer-enablement-squad
|
||||
/scripts/releasefinder.sh @baldm0mma
|
||||
/.trivyignore @grafana/grafana-backend-services-squad
|
||||
|
||||
# OSS Plugin Partnerships backend code
|
||||
@@ -380,12 +388,9 @@
|
||||
|
||||
|
||||
/crowdin.yml @grafana/grafana-frontend-platform
|
||||
/public/locales/ @grafana/grafana-frontend-platform
|
||||
/public/locales/de-DE @grafanabot
|
||||
/public/locales/es-ES @grafanabot
|
||||
/public/locales/fr-FR @grafanabot
|
||||
/public/locales/pt-BR @grafanabot
|
||||
/public/locales/zh-Hans @grafanabot
|
||||
/public/locales/ @grafanabot
|
||||
/public/locales/i18next-parser.config.cjs @grafana/grafana-frontend-platform
|
||||
/public/locales/i18next-parser-enterprise.config.cjs @grafana/grafana-frontend-platform
|
||||
/public/app/core/internationalization/ @grafana/grafana-frontend-platform
|
||||
/e2e/ @grafana/grafana-frontend-platform
|
||||
/e2e/cloud-plugins-suite/ @grafana/partner-datasources
|
||||
@@ -420,7 +425,7 @@
|
||||
/packages/grafana-ui/src/components/PluginSignatureBadge/ @grafana/plugins-platform-frontend
|
||||
/packages/grafana-ui/src/components/Sparkline/ @grafana/grafana-frontend-platform @grafana/app-o11y-visualizations
|
||||
/packages/grafana-ui/src/components/Table/ @grafana/dataviz-squad
|
||||
/packages/grafana-ui/src/components/Table/SparklineCell.tsx @grafana/dataviz-squad @grafana/app-o11y-visualizations
|
||||
/packages/grafana-ui/src/components/Table/Cells/SparklineCell.tsx @grafana/dataviz-squad @grafana/app-o11y-visualizations
|
||||
/packages/grafana-ui/src/components/uPlot/ @grafana/dataviz-squad
|
||||
/packages/grafana-ui/src/components/ValuePicker/ @grafana/dataviz-squad
|
||||
/packages/grafana-ui/src/components/VizLayout/ @grafana/dataviz-squad
|
||||
@@ -431,6 +436,7 @@
|
||||
/packages/grafana-ui/src/graveyard/GraphNG/ @grafana/dataviz-squad
|
||||
/packages/grafana-ui/src/graveyard/TimeSeries/ @grafana/dataviz-squad
|
||||
/packages/grafana-ui/src/utils/storybook/ @grafana/grafana-frontend-platform
|
||||
/packages/grafana-alerting/ @grafana/alerting-frontend
|
||||
|
||||
# root files, mostly frontend
|
||||
/.browserslistrc @grafana/frontend-ops
|
||||
@@ -458,7 +464,6 @@
|
||||
/stylelint.config.js @grafana/frontend-ops
|
||||
/tools/ @grafana/frontend-ops
|
||||
/lefthook.yml @grafana/frontend-ops
|
||||
/lefthook.rc @grafana/frontend-ops
|
||||
/.husky/pre-commit @grafana/frontend-ops
|
||||
/cypress.config.js @grafana/grafana-frontend-platform
|
||||
/.levignore.js @grafana/plugins-platform-frontend
|
||||
@@ -500,9 +505,8 @@ playwright.config.ts @grafana/plugins-platform-frontend
|
||||
/public/app/features/dimensions/ @grafana/dataviz-squad
|
||||
/public/app/features/dataframe-import/ @grafana/dataviz-squad
|
||||
/public/app/features/explore/ @grafana/observability-traces-and-profiling
|
||||
/public/app/features/expressions/ @grafana/observability-metrics
|
||||
/public/app/features/expressions/ @grafana/grafana-datasources-core-services
|
||||
/public/app/features/folders/ @grafana/grafana-frontend-platform
|
||||
/public/app/features/iam/ @grafana/grafana-frontend-platform
|
||||
/public/app/features/inspector/ @grafana/dashboards-squad
|
||||
/public/app/features/invites/ @grafana/grafana-frontend-platform
|
||||
/public/app/features/library-panels/ @grafana/dashboards-squad
|
||||
@@ -540,7 +544,6 @@ playwright.config.ts @grafana/plugins-platform-frontend
|
||||
/public/app/plugins/panel/datagrid/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/gauge/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/gettingstarted/ @grafana/grafana-frontend-platform
|
||||
/public/app/plugins/panel/graph/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/heatmap/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/histogram/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/logs/ @grafana/observability-logs
|
||||
@@ -553,7 +556,6 @@ playwright.config.ts @grafana/plugins-platform-frontend
|
||||
/public/app/plugins/panel/status-history/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/table/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/table/cells/SparklineCellOptionsEditor.tsx @grafana/dataviz-squad @grafana/app-o11y-visualizations
|
||||
/public/app/plugins/panel/table-old/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/timeseries/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/trend/ @grafana/dataviz-squad
|
||||
/public/app/plugins/panel/geomap/ @grafana/dataviz-squad
|
||||
@@ -565,12 +567,12 @@ playwright.config.ts @grafana/plugins-platform-frontend
|
||||
/public/app/plugins/panel/text/ @grafana/grafana-frontend-platform
|
||||
/public/app/plugins/panel/welcome/ @grafana/grafana-frontend-platform
|
||||
/public/app/plugins/panel/xychart/ @grafana/dataviz-squad
|
||||
/public/app/plugins/sdk.ts @grafana/plugins-platform-frontend
|
||||
/public/app/routes/ @grafana/grafana-frontend-platform
|
||||
/public/app/store/ @grafana/grafana-frontend-platform
|
||||
/public/app/types/ @grafana/grafana-frontend-platform
|
||||
/public/app/types/alerting.ts @grafana/alerting-frontend
|
||||
/public/app/types/unified-alerting-dto.ts @grafana/alerting-frontend
|
||||
/public/app/types/unified-alerting.ts @grafana/alerting-frontend
|
||||
/public/dashboards/ @grafana/dashboards-squad
|
||||
/public/gazetteer/ @ryantxu
|
||||
/public/img/ @grafana/grafana-frontend-platform
|
||||
@@ -598,7 +600,6 @@ playwright.config.ts @grafana/plugins-platform-frontend
|
||||
/public/api-merged.json @grafana/grafana-backend-group
|
||||
/public/api-enterprise-spec.json @grafana/grafana-backend-group
|
||||
/public/openapi3.json @grafana/grafana-backend-group
|
||||
/public/app/angular/ @torkelo
|
||||
/public/app/app.ts @grafana/frontend-ops
|
||||
/public/app/dev.ts @grafana/frontend-ops
|
||||
/public/app/core/utils/metrics.ts @grafana/plugins-platform-frontend
|
||||
@@ -620,7 +621,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
|
||||
/scripts/import_many_dashboards.sh @torkelo
|
||||
/scripts/mixin-check.sh @bergquist
|
||||
/scripts/openapi3/ @grafana/grafana-operator-experience-squad
|
||||
/scripts/prepare-packagejson.js @grafana/frontend-ops
|
||||
/scripts/prepare-npm-package.js @grafana/frontend-ops
|
||||
/scripts/protobuf-check.sh @grafana/plugins-platform-backend
|
||||
/scripts/stripnulls.sh @grafana/grafana-as-code
|
||||
/scripts/tag_release.sh @grafana/grafana-developer-enablement-squad
|
||||
@@ -733,6 +734,7 @@ embed.go @grafana/grafana-as-code
|
||||
/pkg/registry/apis/ @grafana/grafana-app-platform-squad
|
||||
/pkg/registry/apis/alerting @grafana/grafana-app-platform-squad @grafana/alerting-backend
|
||||
/pkg/registry/apis/query @grafana/grafana-datasources-core-services
|
||||
/pkg/registry/apis/secret @grafana/grafana-operator-experience-squad
|
||||
/pkg/registry/apis/userstorage @grafana/grafana-app-platform-squad @grafana/plugins-platform-backend
|
||||
/pkg/registry/apps/advisor @grafana/plugins-platform-backend
|
||||
/pkg/codegen/ @grafana/grafana-as-code
|
||||
@@ -754,13 +756,18 @@ embed.go @grafana/grafana-as-code
|
||||
/.github/pr-checks.json @tolzhabayev
|
||||
/.github/pr-commands.json @tolzhabayev
|
||||
/.github/renovate.json5 @grafana/frontend-ops
|
||||
/.github/actions/setup-enterprise/action.yml @grafana/grafana-backend-group
|
||||
/.github/actions/test-coverage-processor/action.yml @grafana/grafana-backend-group
|
||||
/.github/actions/setup-grafana-bench/ @Proximyst
|
||||
/.github/workflows/add-to-whats-new.yml @grafana/docs-tooling
|
||||
/.github/workflows/auto-triager/ @grafana/plugins-platform-frontend
|
||||
/.github/workflows/alerting-swagger-gen.yml @grafana/alerting-backend
|
||||
/.github/workflows/alerting-update-module.yml @grafana/alerting-backend
|
||||
/.github/workflows/auto-milestone.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/backend-code-checks.yml @grafana/grafana-backend-group
|
||||
/.github/workflows/backend-unit-tests.yml @grafana/grafana-backend-group
|
||||
/.github/workflows/backport.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/bump-version.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/close-milestone.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/release-pr.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/release-comms.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/migrate-prs.yml @grafana/grafana-developer-enablement-squad
|
||||
@@ -771,26 +778,25 @@ embed.go @grafana/grafana-as-code
|
||||
/.github/workflows/community-release.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/detect-breaking-changes-* @grafana/plugins-platform-frontend
|
||||
/.github/workflows/documentation-ci.yml @grafana/docs-tooling
|
||||
/.github/workflows/doc-validator.yml @grafana/docs-tooling
|
||||
/.github/workflows/deploy-pr-preview.yml @grafana/docs-tooling
|
||||
/.github/workflows/epic-add-to-platform-ux-parent-project.yml @meanmina
|
||||
/.github/workflows/feature-toggles-ci.yml @grafana/docs-tooling
|
||||
/.github/workflows/github-release.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/issue-opened.yml @grafana/grafana-community-support
|
||||
/.github/workflows/lint-build-docs.yml @grafana/docs-tooling
|
||||
/.github/workflows/metrics-collector.yml @torkelo
|
||||
/.github/workflows/milestone.yml @tolzhabayev
|
||||
/.github/workflows/pr-checks.yml @tolzhabayev
|
||||
/.github/workflows/pr-codeql-analysis-go.yml @DanCech
|
||||
/.github/workflows/pr-codeql-analysis-javascript.yml @DanCech
|
||||
/.github/workflows/pr-codeql-analysis-python.yml @DanCech
|
||||
/.github/workflows/pr-commands.yml @tolzhabayev
|
||||
/.github/workflows/pr-patch-check.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/sync-mirror.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/pr-patch-check-event.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/pr-test-integration.yml @grafana/grafana-backend-group
|
||||
/.github/workflows/pr-backend-coverage.yml @grafana/grafana-backend-group
|
||||
/.github/workflows/sync-mirror-event.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/publish-technical-documentation-next.yml @grafana/docs-tooling
|
||||
/.github/workflows/publish-technical-documentation-release.yml @grafana/docs-tooling
|
||||
/.github/workflows/remove-milestone.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/scripts/json-file-to-job-output.js @grafana/plugins-platform-frontend
|
||||
/.github/workflows/stale.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/update-changelog.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/storybook-verification.yml @grafana/grafana-frontend-platform
|
||||
/.github/workflows/update-make-docs.yml @grafana/docs-tooling
|
||||
/.github/workflows/scripts/kinds/verify-kinds.go @grafana/platform-monitoring
|
||||
/.github/workflows/publish-kinds-next.yml @grafana/platform-monitoring
|
||||
@@ -798,18 +804,29 @@ embed.go @grafana/grafana-as-code
|
||||
/.github/workflows/verify-kinds.yml @grafana/platform-monitoring
|
||||
/.github/workflows/dashboards-issue-add-label.yml @grafana/dashboards-squad
|
||||
/.github/workflows/run-schema-v2-e2e.yml @grafana/dashboards-squad
|
||||
/.github/workflows/run-dashboard-search-e2e.yml @grafana/grafana-search-and-storage
|
||||
/.github/workflows/trigger-dashboard-search-e2e.yml @grafana/grafana-search-and-storage
|
||||
/.github/workflows/ephemeral-instances-pr-comment.yml @grafana/grafana-backend-services-squad
|
||||
/.github/workflows/create-security-patch-from-security-mirror.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/core-plugins-build-and-release.yml @grafana/plugins-platform-frontend @grafana/plugins-platform-backend
|
||||
/.github/workflows/i18n-crowdin-upload.yml @grafana/grafana-frontend-platform
|
||||
/.github/workflows/i18n-crowdin-download.yml @grafana/grafana-frontend-platform
|
||||
/.github/workflows/i18n-crowdin-create-tasks.yml @grafana/grafana-frontend-platform
|
||||
/.github/workflows/scripts/crowdin/create-tasks.js @grafana/grafana-frontend-platform
|
||||
/.github/workflows/pr-go-workspace-check.yml @grafana/grafana-app-platform-squad
|
||||
/.github/workflows/pr-dependabot-update-go-workspace.yml @grafana/grafana-app-platform-squad
|
||||
/.github/workflows/pr-k8s-codegen-check.yml @grafana/grafana-app-platform-squad
|
||||
/.github/workflows/go-lint.yml @grafana/grafana-backend-services-squad
|
||||
/.github/workflows/trivy-scan.yml @grafana/grafana-backend-services-squad
|
||||
/.github/workflows/changelog.yml @zserge
|
||||
/.github/workflows/actions/changelog @zserge
|
||||
/.github/actions/changelog @zserge
|
||||
/.github/workflows/pr-frontend-unit-tests.yml @grafana/grafana-frontend-platform
|
||||
/.github/workflows/frontend-lint.yml @grafana/grafana-frontend-platform
|
||||
/.github/workflows/analytics-events-report.yml @grafana/grafana-frontend-platform
|
||||
/.github/workflows/pr-e2e-tests.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/run-e2e-suite.yml @grafana/grafana-developer-enablement-squad
|
||||
/.github/workflows/skye-add-to-project.yml @grafana/grafana-frontend-platform
|
||||
/.github/zizmor.yml @grafana/grafana-developer-enablement-squad
|
||||
|
||||
# Generated files not requiring owner approval
|
||||
/packages/grafana-data/src/types/featureToggles.gen.ts @grafanabot
|
||||
@@ -828,3 +845,4 @@ embed.go @grafana/grafana-as-code
|
||||
/conf/provisioning/dashboards/ @grafana/dashboards-squad
|
||||
/conf/provisioning/datasources/ @grafana/plugins-platform-backend
|
||||
/conf/provisioning/plugins/ @grafana/plugins-platform-backend
|
||||
/conf/provisioning/sample/ @grafana/grafana-git-ui-sync-team
|
||||
|
||||
48
.github/actions/setup-enterprise/action.yml
vendored
Normal file
48
.github/actions/setup-enterprise/action.yml
vendored
Normal file
@@ -0,0 +1,48 @@
|
||||
name: 'Setup Grafana Enterprise'
|
||||
description: 'Clones and sets up Grafana Enterprise repository for testing'
|
||||
|
||||
inputs:
|
||||
github-app-name:
|
||||
description: 'Name of the GitHub App in Vault'
|
||||
required: false
|
||||
default: 'grafana-ci-bot'
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Retrieve GitHub App secrets
|
||||
id: get-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@get-vault-secrets-v1.0.1 # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
repo_secrets: |
|
||||
APP_ID=${{ inputs.github-app-name }}:app-id
|
||||
APP_INSTALLATION_ID=${{ inputs.github-app-name }}:app-installation-id
|
||||
PRIVATE_KEY=${{ inputs.github-app-name }}:private-key
|
||||
|
||||
- name: Generate GitHub App token
|
||||
id: generate_token
|
||||
uses: actions/create-github-app-token@v1
|
||||
with:
|
||||
app-id: ${{ env.APP_ID }}
|
||||
private-key: ${{ env.PRIVATE_KEY }}
|
||||
repositories: "grafana-enterprise"
|
||||
owner: "grafana"
|
||||
|
||||
- name: Setup Enterprise
|
||||
shell: bash
|
||||
env:
|
||||
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
run: |
|
||||
git clone https://x-access-token:${GH_TOKEN}@github.com/grafana/grafana-enterprise.git ../grafana-enterprise;
|
||||
|
||||
cd ../grafana-enterprise
|
||||
|
||||
if git checkout ${GITHUB_HEAD_REF}; then
|
||||
echo "checked out ${GITHUB_HEAD_REF}"
|
||||
elif git checkout ${GITHUB_BASE_REF}; then
|
||||
echo "checked out ${GITHUB_BASE_REF}"
|
||||
else
|
||||
git checkout main
|
||||
fi
|
||||
|
||||
./build.sh
|
||||
45
.github/actions/setup-grafana-bench/action.yml
vendored
Normal file
45
.github/actions/setup-grafana-bench/action.yml
vendored
Normal file
@@ -0,0 +1,45 @@
|
||||
name: 'Setup Grafana Bench'
|
||||
description: 'Sets up and installs Grafana Bench'
|
||||
|
||||
inputs:
|
||||
github-app-name:
|
||||
description: 'Name of the GitHub App in Vault'
|
||||
required: false
|
||||
default: 'grafana-ci-bot'
|
||||
branch:
|
||||
description: 'The branch to install from'
|
||||
required: false
|
||||
default: 'main'
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Retrieve GitHub App secrets
|
||||
id: get-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@get-vault-secrets-v1.0.1 # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
repo_secrets: |
|
||||
APP_ID=${{ inputs.github-app-name }}:app-id
|
||||
APP_INSTALLATION_ID=${{ inputs.github-app-name }}:app-installation-id
|
||||
PRIVATE_KEY=${{ inputs.github-app-name }}:private-key
|
||||
|
||||
- name: Generate GitHub App token
|
||||
id: generate_token
|
||||
uses: actions/create-github-app-token@v1
|
||||
with:
|
||||
app-id: ${{ env.APP_ID }}
|
||||
private-key: ${{ env.PRIVATE_KEY }}
|
||||
repositories: "grafana-bench"
|
||||
owner: "grafana"
|
||||
|
||||
- name: Setup Bench
|
||||
shell: bash
|
||||
env:
|
||||
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
BRANCH: ${{ inputs.branch }}
|
||||
run: |
|
||||
git clone https://x-access-token:${GH_TOKEN}@github.com/grafana/grafana-bench.git ../grafana-bench
|
||||
|
||||
cd ../grafana-bench
|
||||
git switch "$BRANCH"
|
||||
go install .
|
||||
50
.github/actions/test-coverage-processor/action.yml
vendored
Normal file
50
.github/actions/test-coverage-processor/action.yml
vendored
Normal file
@@ -0,0 +1,50 @@
|
||||
name: 'Go Coverage Processor'
|
||||
description: 'Process Go test coverage files and generate reports'
|
||||
|
||||
inputs:
|
||||
test-type:
|
||||
description: 'Type of test (e.g., be-unit, be-integration)'
|
||||
required: true
|
||||
type: string
|
||||
coverage-file:
|
||||
description: 'Path to the Go coverage file (.cov)'
|
||||
required: true
|
||||
type: string
|
||||
codecov-token:
|
||||
description: 'Token for CodeCov (required for CodeCov reporting)'
|
||||
required: false
|
||||
default: ''
|
||||
codecov-flag:
|
||||
description: 'Flag to categorize the upload to CodeCov'
|
||||
required: false
|
||||
default: ''
|
||||
codecov-name:
|
||||
description: 'Custom name for the upload to CodeCov'
|
||||
required: false
|
||||
default: ''
|
||||
|
||||
runs:
|
||||
using: 'composite'
|
||||
steps:
|
||||
- name: Process Go coverage output
|
||||
shell: bash
|
||||
env:
|
||||
COVERAGE_FILE: ${{ inputs.coverage-file }}
|
||||
run: |
|
||||
# Ensure valid coverage file even if empty
|
||||
if [ ! -s "$COVERAGE_FILE" ]; then
|
||||
echo "Coverage file is empty, creating a minimal valid file"
|
||||
echo "mode: set" > "$COVERAGE_FILE"
|
||||
fi
|
||||
|
||||
- name: Report coverage to CodeCov
|
||||
uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5
|
||||
if: inputs.codecov-token != ''
|
||||
with:
|
||||
files: ${{ inputs.coverage-file }}
|
||||
flags: ${{ inputs.codecov-flag || inputs.test-type }}
|
||||
name: ${{ inputs.codecov-name || inputs.test-type }}
|
||||
slug: grafana/grafana
|
||||
# This URL doesn't use the Google auth, but is much more locked down. As such, it requires OIDC or a CodeCov-provided token to do anything.
|
||||
url: https://codecov-webhook.grafana-dev.net
|
||||
token: ${{ inputs.codecov-token }}
|
||||
2
.github/dependabot.yml
vendored
2
.github/dependabot.yml
vendored
@@ -8,7 +8,7 @@ updates:
|
||||
directories:
|
||||
- "/"
|
||||
- "/apps/playlist"
|
||||
- "/apps/investigations"
|
||||
- "/apps/investigation"
|
||||
- "/pkg/aggregator"
|
||||
- "/pkg/apimachinery"
|
||||
- "/pkg/apiserver"
|
||||
|
||||
6
.github/pr-commands.json
vendored
6
.github/pr-commands.json
vendored
@@ -14,6 +14,7 @@
|
||||
"public/**/*",
|
||||
"packages/**/*",
|
||||
"e2e/**/*",
|
||||
"plugins-bundled/**/*",
|
||||
"scripts/build/release-packages.sh",
|
||||
"scripts/circle-release-next-packages.sh",
|
||||
"scripts/ci-frontend-metrics.sh",
|
||||
@@ -247,8 +248,7 @@
|
||||
"/pkg/services/sqlstore/migrations/ualert/**/*",
|
||||
"/pkg/services/alerting/**/*",
|
||||
"/public/app/features/alerting/**/*",
|
||||
"/pkg/tests/api/alerting/**/*",
|
||||
"/pkg/tests/alertmanager/**/*"
|
||||
"/pkg/tests/api/alerting/**/*"
|
||||
],
|
||||
"action": "updateLabel",
|
||||
"addLabel": "area/alerting"
|
||||
@@ -437,4 +437,4 @@
|
||||
"action": "updateLabel",
|
||||
"addLabel": "area/panel/table"
|
||||
}
|
||||
]
|
||||
]
|
||||
3
.github/renovate.json5
vendored
3
.github/renovate.json5
vendored
@@ -13,12 +13,13 @@
|
||||
"slate-react", // we don't want to continue using this on the long run, use Monaco editor instead of Slate
|
||||
"@types/slate-react", // we don't want to continue using this on the long run, use Monaco editor instead of Slate
|
||||
"@types/slate", // we don't want to continue using this on the long run, use Monaco editor instead of Slate
|
||||
"storybook-dark-mode", // 4.0.2 causes storybook 8.4 to break with react hooks errors
|
||||
// Temporarily pause updating lerna and nx until we resolve build issues
|
||||
"lerna",
|
||||
"nx"
|
||||
],
|
||||
includePaths: ["package.json", "packages/**", "public/app/plugins/**"],
|
||||
ignorePaths: ["emails/**", "**/mocks/**"],
|
||||
ignorePaths: ["emails/**", "plugins-bundled/**", "**/mocks/**"],
|
||||
labels: ["area/frontend", "dependencies", "no-changelog"],
|
||||
postUpdateOptions: ["yarnDedupeHighest"],
|
||||
packageRules: [
|
||||
|
||||
6
.github/workflows/alerting-swagger-gen.yml
vendored
6
.github/workflows/alerting-swagger-gen.yml
vendored
@@ -13,15 +13,16 @@ jobs:
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 2
|
||||
persist-credentials: false
|
||||
- name: Set go version
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
- name: Build swagger
|
||||
run: |
|
||||
make -C pkg/services/ngalert/api/tooling post.json api.json
|
||||
- name: Open Pull Request
|
||||
uses: peter-evans/create-pull-request@v5
|
||||
uses: peter-evans/create-pull-request@4e1beaa7521e8b457b572c090b25bd3db56bf1c5
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
commit-message: "chore: update alerting swagger spec"
|
||||
@@ -34,4 +35,3 @@ jobs:
|
||||
labels: 'area/alerting,type/docs,no-changelog'
|
||||
team-reviewers: 'grafana/alerting-backend'
|
||||
draft: false
|
||||
|
||||
|
||||
137
.github/workflows/alerting-update-module.yml
vendored
Normal file
137
.github/workflows/alerting-update-module.yml
vendored
Normal file
@@ -0,0 +1,137 @@
|
||||
name: Update Alerting Module
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
update-grafana:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4 # 4.2.2
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Check if update branch exists
|
||||
run: |
|
||||
if git ls-remote --heads origin update-alerting-module | grep -q 'update-alerting-module'; then
|
||||
echo "Branch 'update-alerting-module' already exists. There might be an open PR with Grafana updates."
|
||||
echo "Please review and merge/close the existing PR before running this workflow again."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # 5.3.0
|
||||
with:
|
||||
"go-version-file": "go.mod"
|
||||
|
||||
- name: Extract current commit hash of alerting module
|
||||
id: current-commit
|
||||
run: |
|
||||
FROM_COMMIT=$(go list -m -json github.com/grafana/alerting | jq -r '.Version' | grep -oP '(?<=-)[a-f0-9]+$')
|
||||
echo "from_commit=$FROM_COMMIT" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Get current branch name
|
||||
id: current-branch-name
|
||||
run: echo "name=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Get latest commit
|
||||
id: latest-commit
|
||||
env:
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
run: |
|
||||
BRANCH="${{ steps.current-branch-name.outputs.name }}"
|
||||
TO_COMMIT=$(gh api repos/grafana/alerting/commits/$BRANCH --jq '.sha')
|
||||
if [ -z "$TO_COMMIT" ]; then
|
||||
echo "Branch $BRANCH not found in alerting repo, falling back to main branch"
|
||||
exit 1
|
||||
fi
|
||||
echo "to_commit=$TO_COMMIT" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Compare commit hashes
|
||||
run: |
|
||||
FROM_COMMIT="${{ steps.current-commit.outputs.from_commit }}"
|
||||
TO_COMMIT="${{ steps.latest-commit.outputs.to_commit }}"
|
||||
|
||||
# Compare just the length of the shorter hash
|
||||
SHORT_TO_COMMIT="${TO_COMMIT:0:${#FROM_COMMIT}}"
|
||||
|
||||
if [ "$FROM_COMMIT" = "$SHORT_TO_COMMIT" ]; then
|
||||
echo "Current version ($FROM_COMMIT) is already at latest ($SHORT_TO_COMMIT). No update needed."
|
||||
exit 0
|
||||
fi
|
||||
echo "Updates available: $FROM_COMMIT -> $TO_COMMIT"
|
||||
|
||||
- name: Check for commit history
|
||||
id: check-commits
|
||||
env:
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
run: |
|
||||
# get all commits that contains 'Alerting:' in the message
|
||||
ALERTING_COMMITS=$(gh api repos/grafana/alerting/compare/${{ steps.current-commit.outputs.from_commit }}...${{ steps.latest-commit.outputs.to_commit }} \
|
||||
--jq '.commits[].commit.message | split("\n")[0]') || true
|
||||
|
||||
# Use printf instead of echo -e for better multiline handling
|
||||
printf "%s\n" "$ALERTING_COMMITS"
|
||||
|
||||
# make the list for markdown and replace PR numbers with links
|
||||
ALERTING_COMMITS_FORMATTED=$(echo "$ALERTING_COMMITS" | while read -r line; do echo "- $line" | sed -E 's/\(#([0-9]+)\)/[#\1](https:\/\/github.com\/grafana\/grafana\/pull\/\1)/g'; done)
|
||||
|
||||
echo "alerting_commits<<EOF" >> $GITHUB_OUTPUT
|
||||
echo "$ALERTING_COMMITS_FORMATTED" >> $GITHUB_OUTPUT
|
||||
echo "EOF" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Update alerting module
|
||||
env:
|
||||
GOSUMDB: off
|
||||
run: |
|
||||
go get github.com/grafana/alerting@${{ steps.latest-commit.outputs.to_commit }}
|
||||
make update-workspace
|
||||
|
||||
- id: get-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
repo_secrets: |
|
||||
GITHUB_APP_ID=alerting-team:app-id
|
||||
GITHUB_APP_PRIVATE_KEY=alerting-team:private-key
|
||||
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: actions/create-github-app-token@0d564482f06ca65fa9e77e2510873638c82206f2 # 1.11.5
|
||||
with:
|
||||
app-id: ${{ env.GITHUB_APP_ID }}
|
||||
private-key: ${{ env.GITHUB_APP_PRIVATE_KEY }}
|
||||
|
||||
- name: Create Pull Request
|
||||
uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # 7.0.6
|
||||
id: create-pr
|
||||
with:
|
||||
token: '${{ steps.generate_token.outputs.token }}'
|
||||
title: 'Alerting: Update alerting module to ${{ steps.latest-commit.outputs.to_commit }}'
|
||||
branch: alerting/update-alerting-module
|
||||
delete-branch: true
|
||||
body: |
|
||||
Updates Grafana Alerting module to latest version.
|
||||
|
||||
Compare changes: https://github.com/grafana/alerting/compare/${{ steps.current-commit.outputs.from_commit }}...${{ steps.latest-commit.outputs.to_commit }}
|
||||
<details>
|
||||
<summary>Commits</summary>
|
||||
|
||||
${{ steps.check-commits.outputs.alerting_commits }}
|
||||
|
||||
</details>
|
||||
|
||||
Created by: [GitHub Action Job](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
|
||||
- name: Add PR URL to Summary
|
||||
if: steps.create-pr.outputs.pull-request-url != ''
|
||||
run: |
|
||||
echo "## Pull Request Created" >> $GITHUB_STEP_SUMMARY
|
||||
echo "🔗 [View Pull Request](${{ steps.create-pr.outputs.pull-request-url }})" >> $GITHUB_STEP_SUMMARY
|
||||
25
.github/workflows/analytics-events-report.yml
vendored
Normal file
25
.github/workflows/analytics-events-report.yml
vendored
Normal file
@@ -0,0 +1,25 @@
|
||||
name: Analytics Events Report
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
generate-report:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
|
||||
- name: Install dependencies
|
||||
run: yarn install --frozen-lockfile
|
||||
|
||||
- name: Generate analytics report
|
||||
run: yarn analytics-report
|
||||
2
.github/workflows/auto-milestone.yml
vendored
2
.github/workflows/auto-milestone.yml
vendored
@@ -21,7 +21,7 @@ jobs:
|
||||
# Note: Github will not trigger other actions from this because it uses
|
||||
# the GITHUB_TOKEN token
|
||||
- name: Run auto-milestone
|
||||
uses: grafana/grafana-github-actions-go/auto-milestone@main
|
||||
uses: grafana/grafana-github-actions-go/auto-milestone@d4c452f92ed826d515dccf1f62923e537953acd8 # main
|
||||
with:
|
||||
pr: ${{ github.event.pull_request.number }}
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
3
.github/workflows/auto-triager/labels.txt
vendored
3
.github/workflows/auto-triager/labels.txt
vendored
@@ -32,9 +32,7 @@ area/dashboard/tv
|
||||
area/dashboard/variable
|
||||
area/dashboards/panel
|
||||
area/data/export
|
||||
area/editor
|
||||
area/explore
|
||||
area/exploremetrics
|
||||
area/expressions
|
||||
area/field/overrides
|
||||
area/frontend/library-panels
|
||||
@@ -43,6 +41,7 @@ area/image-rendering
|
||||
area/internationalization
|
||||
area/legend
|
||||
area/library-panel
|
||||
area/metricsdrilldown
|
||||
area/navigation
|
||||
area/panel/annotation-list
|
||||
area/panel/barchart
|
||||
|
||||
73
.github/workflows/backend-code-checks.yml
vendored
Normal file
73
.github/workflows/backend-code-checks.yml
vendored
Normal file
@@ -0,0 +1,73 @@
|
||||
name: Backend Code Checks
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
paths-ignore:
|
||||
- '*.md'
|
||||
- 'docs/**'
|
||||
- 'latest.json'
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths-ignore:
|
||||
- '*.md'
|
||||
- 'docs/**'
|
||||
- 'latest.json'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
|
||||
jobs:
|
||||
validate-configs:
|
||||
name: Validate Backend Configs
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
# Explicitly set Go version to 1.24.1 to ensure consistent OpenAPI spec generation
|
||||
# The crypto/x509 package has additional fields in Go 1.24.1 that affect the generated specs
|
||||
# This ensures the GHAs environment matches what we use in the Drone pipeline
|
||||
go-version: 1.24.1
|
||||
cache: true
|
||||
|
||||
- name: Verify code generation
|
||||
run: |
|
||||
CODEGEN_VERIFY=1 make gen-cue
|
||||
CODEGEN_VERIFY=1 make gen-jsonnet
|
||||
|
||||
- name: Validate go.mod
|
||||
run: go run scripts/modowners/modowners.go check go.mod
|
||||
|
||||
# Enterprise setup is needed for complete OpenAPI spec generation
|
||||
# We only do this for internal PRs
|
||||
- name: Setup Grafana Enterprise
|
||||
if: github.event.pull_request.head.repo.fork == false
|
||||
uses: ./.github/actions/setup-enterprise
|
||||
|
||||
- name: Generate and Validate OpenAPI Specs
|
||||
run: |
|
||||
# For PRs from forks, we'll just run the basic swagger-gen without validation
|
||||
if [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.fork }}" == "true" ]]; then
|
||||
echo "PR is from a fork, skipping enterprise-based validation"
|
||||
make swagger-gen
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Clean and regenerate OpenAPI specs
|
||||
make swagger-clean && make openapi3-gen
|
||||
|
||||
# Check if the generated specs differ from what's in the repository
|
||||
for f in public/api-merged.json public/openapi3.json; do git add $f; done
|
||||
if [ -z "$(git diff --name-only --cached)" ]; then
|
||||
echo "OpenAPI specs are up to date!"
|
||||
else
|
||||
echo "OpenAPI specs are OUT OF DATE!"
|
||||
git diff --cached
|
||||
echo "Please ensure the branch is up-to-date, then regenerate the specification by running make swagger-clean && make openapi3-gen"
|
||||
exit 1
|
||||
fi
|
||||
71
.github/workflows/backend-unit-tests.yml
vendored
Normal file
71
.github/workflows/backend-unit-tests.yml
vendored
Normal file
@@ -0,0 +1,71 @@
|
||||
name: Backend Unit Tests
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
paths-ignore:
|
||||
- 'docs/**'
|
||||
- '**/*.md'
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- release-*.*.*
|
||||
paths-ignore:
|
||||
- 'docs/**'
|
||||
- '**/*.md'
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: ${{ startsWith(github.ref, 'refs/pull/') }}
|
||||
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
grafana:
|
||||
# Run this workflow only for PRs from forks; if it gets merged into `main` or `release-*`,
|
||||
# the `pr-backend-unit-tests-enterprise` workflow will run instead
|
||||
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true
|
||||
name: Grafana
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
continue-on-error: true
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
- name: Generate Go code
|
||||
run: make gen-go
|
||||
- name: Run unit tests
|
||||
run: make test-go-unit
|
||||
|
||||
grafana-enterprise:
|
||||
# Run this workflow for non-PR events (like pushes to `main` or `release-*`) OR for internal PRs (PRs not from forks)
|
||||
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false
|
||||
name: Grafana Enterprise
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
- name: Setup Enterprise
|
||||
uses: ./.github/actions/setup-enterprise
|
||||
with:
|
||||
github-app-name: 'grafana-ci-bot'
|
||||
- name: Generate Go code
|
||||
run: make gen-go
|
||||
- name: Run unit tests
|
||||
run: make test-go-unit
|
||||
27
.github/workflows/backport.yml
vendored
27
.github/workflows/backport.yml
vendored
@@ -5,23 +5,28 @@ on:
|
||||
- closed
|
||||
- labeled
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
main:
|
||||
if: github.repository == 'grafana/grafana'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
uses: actions/checkout@v4 # 4.2.2
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- run: git config --global user.email '132647405+grafana-delivery-bot[bot]@users.noreply.github.com'
|
||||
- run: git config --global user.name 'grafana-delivery-bot[bot]'
|
||||
- run: git remote set-url origin "https://grafana-delivery-bot:${{ steps.generate_token.outputs.token }}@github.com/grafana/grafana.git"
|
||||
persist-credentials: false
|
||||
- run: git config --local user.name "github-actions[bot]"
|
||||
- run: git config --local user.email "github-actions[bot]@users.noreply.github.com"
|
||||
- run: git config --local --add --bool push.autoSetupRemote true
|
||||
- name: Set remote URL
|
||||
env:
|
||||
GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: |
|
||||
git remote set-url origin "https://grafana-delivery-bot:$GIT_TOKEN@github.com/grafana/grafana.git"
|
||||
- name: Run backport
|
||||
uses: grafana/grafana-github-actions-go/backport@main
|
||||
uses: grafana/grafana-github-actions-go/backport@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
30
.github/workflows/bump-version.yml
vendored
30
.github/workflows/bump-version.yml
vendored
@@ -11,33 +11,37 @@ on:
|
||||
dry_run:
|
||||
default: false
|
||||
required: false
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
main:
|
||||
bump-version:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Grafana
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Update package.json versions
|
||||
uses: ./pkg/build/actions/bump-version
|
||||
with:
|
||||
version: ${{ inputs.version }}
|
||||
- if: ${{ inputs.push }}
|
||||
name: Generate token
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- if: ${{ inputs.push }}
|
||||
name: Push & Create PR
|
||||
env:
|
||||
VERSION: ${{ inputs.version }}
|
||||
DRY_RUN: ${{ inputs.dry_run }}
|
||||
REF_NAME: ${{ github.ref_name }}
|
||||
RUN_ID: ${{ github.run_id }}
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: |
|
||||
git config --local user.name "github-actions[bot]"
|
||||
git config --local user.email "github-actions[bot]@users.noreply.github.com"
|
||||
git config --local --add --bool push.autoSetupRemote true
|
||||
git checkout -b "bump-version/${{ github.run_id }}/${{ inputs.version }}"
|
||||
git checkout -b "bump-version/${RUN_ID}/${VERSION}"
|
||||
git add .
|
||||
git commit -m "bump version ${{ inputs.version }}"
|
||||
git commit -m "bump version ${VERSION}"
|
||||
git push
|
||||
gh pr create --dry-run=${{ inputs.dry_run }} -l "type/ci" -l "no-changelog" -B "${{ github.ref_name }}" --title "Release: Bump version to ${{ inputs.version }}" --body "Updated version to ${{ inputs.version }}"
|
||||
env:
|
||||
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
gh pr create --dry-run=$DRY_RUN -l "type/ci" -l "no-changelog" -B "$REF_NAME" --title "Release: Bump version to ${VERSION}" --body "Updated version to ${VERSION}"
|
||||
|
||||
43
.github/workflows/changelog.yml
vendored
43
.github/workflows/changelog.yml
vendored
@@ -51,15 +51,21 @@ on:
|
||||
default: false
|
||||
type: boolean
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
main:
|
||||
env:
|
||||
RUN_ID: ${{ github.run_id }}
|
||||
VERSION: ${{ inputs.version }}
|
||||
PREVIOUS_VERISON: ${{ inputs.previous_version }}
|
||||
TARGET: ${{ inputs.target }}
|
||||
DRY_RUN: ${{ inputs.dry_run }}
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
pull-requests: write
|
||||
steps:
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
@@ -79,6 +85,7 @@ jobs:
|
||||
.prettierrc.js
|
||||
fetch-depth: 0
|
||||
fetch-tags: true
|
||||
persist-credentials: false
|
||||
- name: Setup nodejs environment
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
@@ -89,10 +96,10 @@ jobs:
|
||||
git config --local user.email "github-actions[bot]@users.noreply.github.com"
|
||||
git config --local --add --bool push.autoSetupRemote true
|
||||
- name: "Create branch"
|
||||
run: git checkout -b "changelog/${{ github.run_id }}/${{ inputs.version }}"
|
||||
run: git checkout -b "changelog/${RUN_ID}/${VERSION}"
|
||||
- name: "Generate changelog"
|
||||
id: changelog
|
||||
uses: ./.github/workflows/actions/changelog
|
||||
uses: ./.github/actions/changelog
|
||||
with:
|
||||
previous: ${{ inputs.previous_version }}
|
||||
github_token: ${{ steps.generate_token.outputs.token }}
|
||||
@@ -103,24 +110,24 @@ jobs:
|
||||
# Prepare CHANGELOG.md content with version delimiters
|
||||
(
|
||||
echo
|
||||
echo "# ${{ inputs.version}} ($(date '+%F'))"
|
||||
echo "# ${VERSION} ($(date '+%F'))"
|
||||
echo
|
||||
cat changelog_items.md
|
||||
) > CHANGELOG.part
|
||||
|
||||
# Check if a version exists in the changelog
|
||||
if grep -q "<!-- ${{ inputs.version}} START" CHANGELOG.md ; then
|
||||
if grep -q "<!-- ${VERSION} START" CHANGELOG.md ; then
|
||||
# Replace the content between START and END delimiters
|
||||
echo "Version ${{ inputs.version }} is found in the CHANGELOG.md, patching contents..."
|
||||
sed -i -e '/${{ inputs.version }} START/,/${{ inputs.version }} END/{//!d;}' \
|
||||
-e '/${{ inputs.version }} START/r CHANGELOG.part' CHANGELOG.md
|
||||
echo "Version ${VERSION} is found in the CHANGELOG.md, patching contents..."
|
||||
sed -i -e "/${VERSION} START/,/${VERSION} END/{//!d;}" \
|
||||
-e "/${VERSION} START/r CHANGELOG.part" CHANGELOG.md
|
||||
else
|
||||
# Prepend changelog part to the main changelog file
|
||||
echo "Version ${{ inputs.version }} not found in the CHANGELOG.md"
|
||||
echo "Version $VERSION not found in the CHANGELOG.md"
|
||||
(
|
||||
echo "<!-- ${{ inputs.version }} START -->"
|
||||
echo "<!-- ${VERSION} START -->"
|
||||
cat CHANGELOG.part
|
||||
echo "<!-- ${{ inputs.version }} END -->"
|
||||
echo "<!-- ${VERSION} END -->"
|
||||
cat CHANGELOG.md
|
||||
) > CHANGELOG.tmp
|
||||
mv CHANGELOG.tmp CHANGELOG.md
|
||||
@@ -138,11 +145,11 @@ jobs:
|
||||
- name: "Create changelog PR"
|
||||
run: >
|
||||
gh pr create \
|
||||
--dry-run=${{ inputs.dry_run }} \
|
||||
--dry-run=${DRY_RUN} \
|
||||
--label "no-backport" \
|
||||
--label "no-changelog" \
|
||||
-B "${{ inputs.target }}" \
|
||||
--title "Release: update changelog for ${{ inputs.version }}" \
|
||||
--body "Changelog changes for release ${{ inputs.version }}"
|
||||
-B "${TARGET}" \
|
||||
--title "Release: update changelog for ${VERSION}" \
|
||||
--body "Changelog changes for release ${VERSION}"
|
||||
env:
|
||||
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
44
.github/workflows/close-milestone.yml
vendored
44
.github/workflows/close-milestone.yml
vendored
@@ -1,44 +0,0 @@
|
||||
name: Close milestone
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
version:
|
||||
required: true
|
||||
description: Needs to match, exactly, the name of a milestone
|
||||
workflow_call:
|
||||
inputs:
|
||||
version_call:
|
||||
description: Needs to match, exactly, the name of a milestone
|
||||
required: true
|
||||
type: string
|
||||
|
||||
jobs:
|
||||
main:
|
||||
if: github.repository == 'grafana/grafana'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Actions
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: "grafana/grafana-github-actions"
|
||||
path: ./actions
|
||||
ref: main
|
||||
- name: Install Actions
|
||||
run: npm install --production --prefix ./actions
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: Close milestone (manually invoked)
|
||||
if: ${{ github.event.inputs.version != '' }}
|
||||
uses: ./actions/close-milestone
|
||||
with:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
- name: Close milestone (workflow invoked)
|
||||
if: ${{ inputs.version_call != '' }}
|
||||
uses: ./actions/close-milestone
|
||||
with:
|
||||
version_call: ${{ inputs.version_call }}
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
4
.github/workflows/codeowners-validator.yml
vendored
4
.github/workflows/codeowners-validator.yml
vendored
@@ -10,8 +10,10 @@ jobs:
|
||||
steps:
|
||||
# Checks-out your repository, which is validated in the next step
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: GitHub CODEOWNERS Validator
|
||||
uses: mszostok/codeowners-validator@v0.7.4
|
||||
uses: mszostok/codeowners-validator@7f3f5e28c6d7b8dfae5731e54ce2272ca384592f
|
||||
# input parameters
|
||||
with:
|
||||
# ==== GitHub Auth ====
|
||||
|
||||
13
.github/workflows/codeql-analysis.yml
vendored
13
.github/workflows/codeql-analysis.yml
vendored
@@ -3,18 +3,19 @@
|
||||
#
|
||||
# You may wish to alter this file to override the set of languages analyzed,
|
||||
# or to provide custom queries or build logic.
|
||||
name: "CodeQL"
|
||||
name: "CodeQL checks"
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches: [main, v1.8.x, v2.0.x, v2.1.x, v2.6.x, v3.0.x, v3.1.x, v4.0.x, v4.1.x, v4.2.x, v4.3.x, v4.4.x, v4.5.x, v4.6.x, v4.7.x, v5.0.x, v5.1.x, v5.2.x, v5.3.x, v5.4.x, v6.0.x, v6.1.x, v6.2.x, v6.3.x, v6.4.x, v6.5.x, v6.6.x, v6.7.x, v7.0.x, v7.1.x, v7.2.x]
|
||||
branches: ['**'] # run on all branches
|
||||
paths-ignore:
|
||||
- '**/*.cue'
|
||||
- '**/*.json'
|
||||
- '**/*.md'
|
||||
- '**/*.txt'
|
||||
- '**/*.yml'
|
||||
- pkg/storage/unified/sql/db/dbimpl/db.go # Ignoring warnings on the whole file for now while inline comments is not supported in Go (https://github.com/github/codeql/issues/11427)
|
||||
schedule:
|
||||
- cron: '0 4 * * 6'
|
||||
|
||||
@@ -25,6 +26,7 @@ jobs:
|
||||
analyze:
|
||||
name: Analyze
|
||||
runs-on: ubuntu-latest
|
||||
continue-on-error: true # doesn't block PRs from being merged if this fails
|
||||
if: github.repository == 'grafana/grafana'
|
||||
|
||||
strategy:
|
||||
@@ -43,16 +45,17 @@ jobs:
|
||||
# We must fetch at least the immediate parents so that if this is
|
||||
# a pull request then we can checkout the head.
|
||||
fetch-depth: 2
|
||||
persist-credentials: false
|
||||
|
||||
- if: matrix.language == 'go'
|
||||
name: Set go version
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
uses: github/codeql-action/init@v3
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||
@@ -67,4 +70,4 @@ jobs:
|
||||
make build-go
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
uses: github/codeql-action/analyze@v3
|
||||
|
||||
12
.github/workflows/commands.yml
vendored
12
.github/workflows/commands.yml
vendored
@@ -12,9 +12,7 @@ on:
|
||||
concurrency:
|
||||
group: issue-commands-${{ github.event.issue.number }}
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
config:
|
||||
@@ -34,10 +32,13 @@ jobs:
|
||||
needs: config
|
||||
if: needs.config.outputs.has-secrets
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
steps:
|
||||
- name: "Get vault secrets"
|
||||
id: vault-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
# Secrets placed in the ci/repo/grafana/grafana/plugins_platform_issue_commands_github_bot path in Vault
|
||||
repo_secrets: |
|
||||
@@ -52,11 +53,12 @@ jobs:
|
||||
private_key: ${{ env.GH_APP_PEM }}
|
||||
|
||||
- name: Checkout Actions
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v4 # v4.2.2
|
||||
with:
|
||||
repository: "grafana/grafana-github-actions"
|
||||
path: ./actions
|
||||
ref: main
|
||||
persist-credentials: false
|
||||
|
||||
- name: Install Actions
|
||||
run: npm install --production --prefix ./actions
|
||||
|
||||
2
.github/workflows/community-release.yml
vendored
2
.github/workflows/community-release.yml
vendored
@@ -36,7 +36,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Run community-release (manually invoked)
|
||||
uses: grafana/grafana-github-actions-go/community-release@main
|
||||
uses: grafana/grafana-github-actions-go/community-release@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
version: ${{ inputs.version }}
|
||||
|
||||
@@ -33,6 +33,8 @@ permissions:
|
||||
|
||||
jobs:
|
||||
build-and-publish:
|
||||
env:
|
||||
PLUGIN_ID: ${{ inputs.plugin_id }}
|
||||
name: Build and publish ${{ inputs.plugin_id }}
|
||||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
@@ -42,11 +44,13 @@ jobs:
|
||||
steps:
|
||||
- name: checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Verify inputs
|
||||
run: |
|
||||
if [ -z ${{ inputs.plugin_id }} ]; then echo "Missing plugin ID"; exit 1; fi
|
||||
if [ -z $PLUGIN_ID ]; then echo "Missing plugin ID"; exit 1; fi
|
||||
- id: get-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
# Secrets placed in the ci/repo/grafana/<repo>/<path> path in Vault
|
||||
repo_secrets: |
|
||||
@@ -54,11 +58,11 @@ jobs:
|
||||
PLUGINS_GRAFANA_API_KEY=core-plugins-build-and-release:PLUGINS_GRAFANA_API_KEY
|
||||
PLUGINS_GCOM_TOKEN=core-plugins-build-and-release:PLUGINS_GCOM_TOKEN
|
||||
- name: 'Authenticate to Google Cloud'
|
||||
uses: 'google-github-actions/auth@v2'
|
||||
uses: 'google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f'
|
||||
with:
|
||||
credentials_json: '${{ env.PLUGINS_GOOGLE_CREDENTIALS }}'
|
||||
- name: 'Set up Cloud SDK'
|
||||
uses: 'google-github-actions/setup-gcloud@v2'
|
||||
uses: 'google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a'
|
||||
- name: Setup nodejs environment
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
@@ -70,7 +74,7 @@ jobs:
|
||||
run: |
|
||||
dir=$(dirname \
|
||||
$(egrep -lir --include=plugin.json --exclude-dir=dist \
|
||||
'"id": "${{ inputs.plugin_id }}"' \
|
||||
'"id": "${PLUGIN_ID}"' \
|
||||
public/app/plugins \
|
||||
) \
|
||||
)
|
||||
@@ -85,19 +89,19 @@ jobs:
|
||||
working-directory: ${{ steps.get_dir.outputs.dir }}
|
||||
run: |
|
||||
[ ! -d ./bin ] && mkdir -pv ./bin || true
|
||||
curl -fL -o ./bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v${{ env.GRABPL_VERSION }}/grabpl
|
||||
curl -fL -o ./bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v$GRABPL_VERSION/grabpl
|
||||
chmod 0755 ./bin/grabpl
|
||||
- name: Check backend
|
||||
id: check_backend
|
||||
shell: bash
|
||||
run: |
|
||||
if egrep -qr --include=main.go 'datasource.Manage\("${{ inputs.plugin_id }}"' pkg/tsdb; then
|
||||
if egrep -qr --include=main.go 'datasource.Manage\("$PLUGIN_ID"' pkg/tsdb; then
|
||||
echo "has_backend=true" >> $GITHUB_OUTPUT
|
||||
else
|
||||
echo "has_backend=false" >> $GITHUB_OUTPUT
|
||||
fi
|
||||
- name: Setup golang environment
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639
|
||||
if: steps.check_backend.outputs.has_backend == 'true'
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
@@ -151,7 +155,7 @@ jobs:
|
||||
# Release branch, do not add commit hash to version
|
||||
command="plugin:build"
|
||||
fi
|
||||
yarn $command --scope="@grafana-plugins/${{ inputs.plugin_id }}"
|
||||
yarn $command --scope="@grafana-plugins/$PLUGIN_ID"
|
||||
version=$(cat ${{ steps.get_dir.outputs.dir }}/dist/plugin.json | jq -r .info.version)
|
||||
echo "version=${version}" >> $GITHUB_OUTPUT
|
||||
- name: build:backend
|
||||
@@ -160,7 +164,7 @@ jobs:
|
||||
env:
|
||||
VERSION: ${{ steps.build_frontend.outputs.version }}
|
||||
run: |
|
||||
make build-plugin-go PLUGIN_ID=${{ inputs.plugin_id }}
|
||||
make build-plugin-go PLUGIN_ID=$PLUGIN_ID
|
||||
- name: package
|
||||
working-directory: ${{ steps.get_dir.outputs.dir }}
|
||||
run: |
|
||||
@@ -175,7 +179,7 @@ jobs:
|
||||
VERSION: ${{ steps.build_frontend.outputs.version }}
|
||||
run: |
|
||||
api_res=$(curl -X 'GET' -H "Authorization: Bearer $GCOM_TOKEN" \
|
||||
'${{ env.GCOM_API}}/api/plugins/${{ inputs.plugin_id }}?version=$VERSION' \
|
||||
'${{ env.GCOM_API}}/api/plugins/$PLUGIN_ID?version=$VERSION' \
|
||||
-H 'accept: application/json')
|
||||
api_res_code=$(echo $api_res | jq -r .code)
|
||||
if [ "$api_res_code" = "NotFound" ]; then
|
||||
@@ -197,10 +201,10 @@ jobs:
|
||||
run: |
|
||||
echo "Publish release to Google Cloud Storage:"
|
||||
touch ci/packages/windows ci/packages/darwin ci/packages/linux ci/packages/any
|
||||
gsutil -m cp -r ci/packages/*windows* gs://${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/windows
|
||||
gsutil -m cp -r ci/packages/*linux* gs://${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/linux
|
||||
gsutil -m cp -r ci/packages/*darwin* gs://${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/darwin
|
||||
gsutil -m cp -r ci/packages/*any* gs://${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/any
|
||||
gsutil -m cp -r ci/packages/*windows* gs://${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/windows
|
||||
gsutil -m cp -r ci/packages/*linux* gs://${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/linux
|
||||
gsutil -m cp -r ci/packages/*darwin* gs://${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/darwin
|
||||
gsutil -m cp -r ci/packages/*any* gs://${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/any
|
||||
- name: Publish new plugin version on grafana.com
|
||||
if: steps.check_backend.outputs.has_backend == 'true'
|
||||
working-directory: ${{ steps.get_dir.outputs.dir }}
|
||||
@@ -214,27 +218,27 @@ jobs:
|
||||
\"url\": \"https://github.com/grafana/grafana/tree/main/${{ steps.get_dir.outputs.dir }}\",
|
||||
\"download\": {
|
||||
\"linux-amd64\": {
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/linux/${{ inputs.plugin_id }}-${VERSION}.linux_amd64.zip\",
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/linux/$PLUGIN_ID-${VERSION}.linux_amd64.zip\",
|
||||
\"md5\": \"$(cat ci/packages/info-linux_amd64.json | jq -r .plugin.md5)\"
|
||||
},
|
||||
\"linux-arm64\": {
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/linux/${{ inputs.plugin_id }}-${VERSION}.linux_arm64.zip\",
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/linux/$PLUGIN_ID-${VERSION}.linux_arm64.zip\",
|
||||
\"md5\": \"$(cat ci/packages/info-linux_arm64.json | jq -r .plugin.md5)\"
|
||||
},
|
||||
\"linux-arm\": {
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/linux/${{ inputs.plugin_id }}-${VERSION}.linux_arm.zip\",
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/linux/$PLUGIN_ID-${VERSION}.linux_arm.zip\",
|
||||
\"md5\": \"$(cat ci/packages/info-linux_arm.json | jq -r .plugin.md5)\"
|
||||
},
|
||||
\"windows-amd64\": {
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/windows/${{ inputs.plugin_id }}-${VERSION}.windows_amd64.zip\",
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/windows/$PLUGIN_ID-${VERSION}.windows_amd64.zip\",
|
||||
\"md5\": \"$(cat ci/packages/info-windows_amd64.json | jq -r .plugin.md5)\"
|
||||
},
|
||||
\"darwin-amd64\": {
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/darwin/${{ inputs.plugin_id }}-${VERSION}.darwin_amd64.zip\",
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/darwin/$PLUGIN_ID-${VERSION}.darwin_amd64.zip\",
|
||||
\"md5\": \"$(cat ci/packages/info-darwin_amd64.json | jq -r .plugin.md5)\"
|
||||
},
|
||||
\"darwin-arm64\": {
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/darwin/${{ inputs.plugin_id }}-${VERSION}.darwin_arm64.zip\",
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/darwin/$PLUGIN_ID-${VERSION}.darwin_arm64.zip\",
|
||||
\"md5\": \"$(cat ci/packages/info-darwin_arm64.json | jq -r .plugin.md5)\"
|
||||
}
|
||||
}
|
||||
@@ -257,7 +261,7 @@ jobs:
|
||||
\"url\": \"https://github.com/grafana/grafana/tree/main/${{ steps.get_dir.outputs.dir }}\",
|
||||
\"download\": {
|
||||
\"any\": {
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/${{ inputs.plugin_id }}/release/${VERSION}/any/${{ inputs.plugin_id }}-${VERSION}.any.zip\",
|
||||
\"url\": \"https://storage.googleapis.com/${{ env.GCP_BUCKET }}/$PLUGIN_ID/release/${VERSION}/any/$PLUGIN_ID-${VERSION}.any.zip\",
|
||||
\"md5\": \"$(cat ci/packages/info-any.json | jq -r .plugin.md5)\"
|
||||
}
|
||||
}
|
||||
|
||||
18
.github/workflows/create-next-release-branch.yml
vendored
18
.github/workflows/create-next-release-branch.yml
vendored
@@ -11,7 +11,9 @@ on:
|
||||
type: string
|
||||
required: true
|
||||
secrets:
|
||||
token:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID:
|
||||
required: true
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM:
|
||||
required: true
|
||||
outputs:
|
||||
branch:
|
||||
@@ -26,7 +28,9 @@ on:
|
||||
type: string
|
||||
required: true
|
||||
secrets:
|
||||
token:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID:
|
||||
required: true
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM:
|
||||
required: true
|
||||
jobs:
|
||||
main:
|
||||
@@ -34,10 +38,16 @@ jobs:
|
||||
outputs:
|
||||
branch: ${{ steps.branch.outputs.branch }}
|
||||
steps:
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: Create release branch
|
||||
id: branch
|
||||
uses: grafana/grafana-github-actions-go/bump-release@main
|
||||
uses: grafana/grafana-github-actions-go/bump-release@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
ownerRepo: ${{ inputs.ownerRepo }}
|
||||
source: ${{ inputs.source }}
|
||||
token: ${{ secrets.token }}
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
|
||||
@@ -17,7 +17,7 @@ on:
|
||||
jobs:
|
||||
trigger_downstream_create_security_patch:
|
||||
concurrency: create-patch-${{ github.ref_name }}
|
||||
uses: grafana/security-patch-actions/.github/workflows/create-patch.yml@main
|
||||
uses: grafana/security-patch-actions/.github/workflows/create-patch.yml@main # zizmor: ignore[unpinned-uses]
|
||||
if: github.repository == 'grafana/grafana-security-mirror'
|
||||
with:
|
||||
repo: "${{ github.repository }}"
|
||||
@@ -25,5 +25,4 @@ jobs:
|
||||
patch_ref: "${{ github.base_ref }}" # this is the target branch name, Ex: "main"
|
||||
patch_repo: "grafana/grafana-security-patches"
|
||||
patch_prefix: "${{ github.event.pull_request.number }}"
|
||||
secrets: inherit
|
||||
|
||||
secrets: inherit # zizmor: ignore[secrets-inherit]
|
||||
|
||||
15
.github/workflows/dashboards-issue-add-label.yml
vendored
15
.github/workflows/dashboards-issue-add-label.yml
vendored
@@ -22,7 +22,7 @@ jobs:
|
||||
steps:
|
||||
- name: "Get vault secrets"
|
||||
id: vault-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
# Secrets placed in the ci/repo/grafana/grafana/plugins_platform_issue_commands_github_bot path in Vault
|
||||
repo_secrets: |
|
||||
@@ -38,11 +38,13 @@ jobs:
|
||||
- name: Check if issue is in target project
|
||||
env:
|
||||
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
ISSUE_NUMBER: ${{ github.event.issue.number }}
|
||||
TARGET_PROJECT: ${{ env.TARGET_PROJECT }}
|
||||
run: |
|
||||
gh api graphql -f query='
|
||||
query($org: String!, $repo: String!) {
|
||||
repository(name: $repo, owner: $org) {
|
||||
issue (number: ${{ github.event.issue.number }}) {
|
||||
issue (number: $ISSUE_NUMBER) {
|
||||
id
|
||||
projectItems(first:20) {
|
||||
nodes {
|
||||
@@ -55,12 +57,14 @@ jobs:
|
||||
}
|
||||
}' -f org=$ORGANIZATION -f repo=$REPO > projects_data.json
|
||||
|
||||
echo 'IN_TARGET_PROJ='$(jq '.data.repository.issue.projectItems.nodes[] | select(.project.number==${{ env.TARGET_PROJECT }}) | .project != null' projects_data.json) >> $GITHUB_ENV
|
||||
echo 'IN_TARGET_PROJ='$(jq '.data.repository.issue.projectItems.nodes[] | select(.project.number=='"$TARGET_PROJECT"') | .project != null' projects_data.json) >> $GITHUB_ENV
|
||||
echo 'ITEM_ID='$(jq '.data.repository.issue.id' projects_data.json) >> $GITHUB_ENV
|
||||
- name: Set up label array
|
||||
if: env.IN_TARGET_PROJ
|
||||
env:
|
||||
LABEL_IDS: ${{ env.LABEL_IDS }}
|
||||
run: |
|
||||
IFS=',' read -ra LABEL_IDs <<< "${{ env.LABEL_IDs }}"
|
||||
IFS=',' read -ra LABEL_IDs <<< "$LABEL_IDS"
|
||||
for item in "${LABEL_IDs[@]}"; do
|
||||
echo "Item: $item"
|
||||
done
|
||||
@@ -68,6 +72,7 @@ jobs:
|
||||
if: env.IN_TARGET_PROJ
|
||||
env:
|
||||
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
LABEL_IDS: ${{ env.LABEL_IDS }}
|
||||
run: |
|
||||
gh api graphql -f query='
|
||||
mutation ($labelableId: ID!, $labelIds: [ID!]!) {
|
||||
@@ -76,4 +81,4 @@ jobs:
|
||||
) {
|
||||
clientMutationId
|
||||
}
|
||||
}' -f labelableId=$ITEM_ID -f labelIds=${{ env.LABEL_IDs }}
|
||||
}' -f labelableId=$ITEM_ID -f labelIds=$LABEL_IDS
|
||||
|
||||
21
.github/workflows/deploy-pr-preview.yml
vendored
21
.github/workflows/deploy-pr-preview.yml
vendored
@@ -11,14 +11,21 @@ on:
|
||||
|
||||
jobs:
|
||||
deploy-pr-preview:
|
||||
if: ${{ ! github.event.pull_request.head.repo.fork }}
|
||||
uses: grafana/writers-toolkit/.github/workflows/deploy-preview.yml@main
|
||||
if: "!github.event.pull_request.head.repo.fork"
|
||||
uses: grafana/writers-toolkit/.github/workflows/deploy-preview.yml@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
sha: ${{ github.event.pull_request.head.sha }}
|
||||
branch: ${{ github.head_ref }}
|
||||
event_number: ${{ github.event.number }}
|
||||
title: ${{ github.event.pull_request.title }}
|
||||
repo: grafana
|
||||
website_directory: content/docs/grafana/latest
|
||||
relative_prefix: /docs/grafana/latest/
|
||||
index_file: true
|
||||
sha: ${{ github.event.pull_request.head.sha }}
|
||||
sources: |
|
||||
[
|
||||
{
|
||||
"index_file": "content/docs/grafana/_index.md",
|
||||
"relative_prefix": "/docs/grafana/latest/",
|
||||
"repo": "grafana",
|
||||
"source_directory": "docs/sources",
|
||||
"website_directory": "content/docs/grafana/latest"
|
||||
}
|
||||
]
|
||||
title: ${{ github.event.pull_request.title }}
|
||||
|
||||
@@ -6,9 +6,7 @@ concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
permissions: {}
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
@@ -24,11 +22,15 @@ jobs:
|
||||
defaults:
|
||||
run:
|
||||
working-directory: './pr'
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
path: './pr'
|
||||
persist-credentials: false
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: 22.11.0
|
||||
@@ -67,6 +69,9 @@ jobs:
|
||||
buildBase:
|
||||
name: Build Base packages artifacts
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
defaults:
|
||||
run:
|
||||
working-directory: './base'
|
||||
@@ -145,14 +150,14 @@ jobs:
|
||||
run: unzip -j base_built_packages.zip -d ./base && rm base_built_packages.zip
|
||||
|
||||
- id: 'auth'
|
||||
uses: 'google-github-actions/auth@v2'
|
||||
uses: 'google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f'
|
||||
with:
|
||||
workload_identity_provider: ${{ secrets.WIF_PROVIDER }}
|
||||
service_account: ${{ secrets.LEVITATE_SA }}
|
||||
project_id: 'grafanalabs-global'
|
||||
|
||||
- name: 'Set up Cloud SDK'
|
||||
uses: 'google-github-actions/setup-gcloud@v2'
|
||||
uses: 'google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a'
|
||||
with:
|
||||
version: '>= 363.0.0'
|
||||
project_id: 'grafanalabs-global'
|
||||
@@ -180,6 +185,9 @@ jobs:
|
||||
name: Report breaking changes in PR comment
|
||||
runs-on: ubuntu-latest
|
||||
needs: ['Detect']
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
- name: "Generate token"
|
||||
@@ -238,7 +246,7 @@ jobs:
|
||||
# Comment on the PR
|
||||
- name: Comment on PR
|
||||
if: steps.levitate-run.outputs.exit_code == 1
|
||||
uses: marocchino/sticky-pull-request-comment@v2
|
||||
uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728
|
||||
with:
|
||||
header: levitate-breaking-change-comment
|
||||
number: ${{ github.event.pull_request.number }}
|
||||
@@ -255,7 +263,7 @@ jobs:
|
||||
# Remove comment from the PR (no more breaking changes)
|
||||
- name: Remove comment from PR
|
||||
if: steps.levitate-run.outputs.exit_code == 0
|
||||
uses: marocchino/sticky-pull-request-comment@v2
|
||||
uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728
|
||||
with:
|
||||
header: levitate-breaking-change-comment
|
||||
number: ${{ github.event.pull_request.number }}
|
||||
|
||||
26
.github/workflows/doc-validator.yml
vendored
26
.github/workflows/doc-validator.yml
vendored
@@ -1,26 +0,0 @@
|
||||
name: "doc-validator"
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
include:
|
||||
description: |
|
||||
Regular expression that matches paths to include in linting.
|
||||
|
||||
For example: docs/sources/(?:alerting|fundamentals)/.+\.md
|
||||
required: true
|
||||
jobs:
|
||||
doc-validator:
|
||||
runs-on: "ubuntu-latest"
|
||||
container:
|
||||
image: "grafana/doc-validator:v5.2.0"
|
||||
steps:
|
||||
- name: "Checkout code"
|
||||
uses: "actions/checkout@v4"
|
||||
- name: "Run doc-validator tool"
|
||||
# Only run doc-validator on specific directories.
|
||||
run: >
|
||||
doc-validator
|
||||
'--include=${{ inputs.include }}'
|
||||
'--skip-checks=^(?:image.+|canonical-does-not-match-pretty-URL)$'
|
||||
./docs/sources
|
||||
/docs/grafana/latest
|
||||
4
.github/workflows/documentation-ci.yml
vendored
4
.github/workflows/documentation-ci.yml
vendored
@@ -13,7 +13,7 @@ jobs:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- uses: grafana/writers-toolkit/vale-action@vale-action/v1
|
||||
- uses: grafana/writers-toolkit/vale-action@vale-action/v1 # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
filter: '.Name in ["Grafana.WordList", "Grafana.Spelling", "Grafana.ProductPossessives"]'
|
||||
filter: '.Name in ["Grafana.GrafanaCom", "Grafana.WordList", "Grafana.Spelling", "Grafana.ProductPossessives"]'
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
@@ -47,6 +47,7 @@ jobs:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
ref: main
|
||||
path: ephemeral
|
||||
persist-credentials: false
|
||||
|
||||
- name: build and deploy ephemeral instance
|
||||
uses: ./ephemeral
|
||||
|
||||
@@ -1,149 +0,0 @@
|
||||
name: When epic issues changed in Platform UX squad projects, check if epic is part of specified child projects and update on Platform UX parent project
|
||||
|
||||
on:
|
||||
issues:
|
||||
types: [opened, closed, edited, reopened, assigned, unassigned, labeled, unlabeled]
|
||||
labels:
|
||||
- 'type/epic'
|
||||
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GH_BOT_PROJECTS_ACCESS_TOKEN }}
|
||||
ORGANIZATION: ${{ github.repository_owner }}
|
||||
REPO: ${{ github.event.repository.name }}
|
||||
PARENT_PROJECT: 304
|
||||
CHILD_PROJECT_1: 78
|
||||
CHILD_PROJECT_2: 111
|
||||
CHILD_PROJECT_3: 202
|
||||
|
||||
concurrency:
|
||||
group: issue-add-to-parent-project-${{ github.event.number }}
|
||||
jobs:
|
||||
config:
|
||||
runs-on: "ubuntu-latest"
|
||||
outputs:
|
||||
has-secrets: ${{ steps.check.outputs.has-secrets }}
|
||||
steps:
|
||||
- name: "Check for secrets"
|
||||
id: check
|
||||
shell: bash
|
||||
run: |
|
||||
if [ -n "${{ (secrets.GH_BOT_PROJECTS_ACCESS_TOKEN != '') || '' }}" ]; then
|
||||
echo "has-secrets=1" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
main:
|
||||
needs: config
|
||||
if: needs.config.outputs.has-secrets && contains(github.event.issue.labels.*.name, 'type/epic')
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Check if issue is in child or parent projects
|
||||
run: |
|
||||
gh api graphql -f query='
|
||||
query($org: String!, $repo: String!) {
|
||||
repository(name: $repo, owner: $org) {
|
||||
issue (number: ${{ github.event.issue.number }}) {
|
||||
projectItems(first:20) {
|
||||
nodes {
|
||||
id,
|
||||
project {
|
||||
number,
|
||||
title
|
||||
},
|
||||
fieldValueByName(name:"Status") {
|
||||
... on ProjectV2ItemFieldSingleSelectValue {
|
||||
optionId
|
||||
name
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}' -f org=$ORGANIZATION -f repo=$REPO > projects_data.json
|
||||
|
||||
echo 'IN_PARENT_PROJ='$(jq '.data.repository.issue.projectItems.nodes[] | select(.project.number==${{ env.PARENT_PROJECT }}) | .project != null' projects_data.json) >> $GITHUB_ENV
|
||||
echo 'PARENT_PROJ_STATUS_ID='$(jq '.data.repository.issue.projectItems.nodes[] | select(.project.number==${{ env.PARENT_PROJECT }}) | select(.fieldValueByName != null) | .fieldValueByName.optionId' projects_data.json) >> $GITHUB_ENV
|
||||
echo 'ITEM_ID='$(jq '.data.repository.issue.projectItems.nodes[] | select(.project.number==${{ env.PARENT_PROJECT }}) | .id' projects_data.json) >> $GITHUB_ENV
|
||||
echo 'IN_CHILD_PROJ='$(jq 'first(.data.repository.issue.projectItems.nodes[] | select(.project.number==${{ env.CHILD_PROJECT_1 }} or .project.number==${{ env.CHILD_PROJECT_2 }} or .project.number==${{ env.CHILD_PROJECT_3 }}) | .project != null)' projects_data.json) >> $GITHUB_ENV
|
||||
echo 'CHILD_PROJ_STATUS='$(jq -r '.data.repository.issue.projectItems.nodes[] | select(.project.number==${{ env.CHILD_PROJECT_1 }} or .project.number==${{ env.CHILD_PROJECT_2 }} or .project.number==${{ env.CHILD_PROJECT_3 }}) | select(.fieldValueByName != null) | .fieldValueByName.name' projects_data.json) >> $GITHUB_ENV
|
||||
- name: Get parent project project data
|
||||
if: env.IN_CHILD_PROJ
|
||||
run: |
|
||||
gh api graphql -f query='
|
||||
query($org: String!, $number: Int!) {
|
||||
organization(login: $org){
|
||||
projectV2(number: $number) {
|
||||
id
|
||||
fields(first:20) {
|
||||
nodes {
|
||||
... on ProjectV2Field {
|
||||
id
|
||||
name
|
||||
}
|
||||
... on ProjectV2SingleSelectField {
|
||||
id
|
||||
name
|
||||
options {
|
||||
id
|
||||
name
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}' -f org=$ORGANIZATION -F number=$PARENT_PROJECT > project_data.json
|
||||
|
||||
echo 'PROJECT_ID='$(jq '.data.organization.projectV2.id' project_data.json) >> $GITHUB_ENV
|
||||
echo 'STATUS_FIELD_ID='$(jq '.data.organization.projectV2.fields.nodes[] | select(.name== "Status") | .id' project_data.json) >> $GITHUB_ENV
|
||||
echo 'TODO_OPTION_ID='$(jq '.data.organization.projectV2.fields.nodes[] | select(.name== "Status") | .options[] | select(.name=="Todo") |.id' project_data.json) >> $GITHUB_ENV
|
||||
echo 'PROGRESS_OPTION_ID='$(jq '.data.organization.projectV2.fields.nodes[] | select(.name== "Status") | .options[] | select(.name=="In Progress") |.id' project_data.json) >> $GITHUB_ENV
|
||||
echo 'DONE_OPTION_ID='$(jq '.data.organization.projectV2.fields.nodes[] | select(.name== "Status") | .options[] | select(.name=="Done") |.id' project_data.json) >> $GITHUB_ENV
|
||||
- name: Add issue to parent project
|
||||
if: env.IN_CHILD_PROJ && !env.IN_PARENT_PROJ
|
||||
run: |
|
||||
item_id="$( gh api graphql -f query='
|
||||
mutation($project:ID!, $issue:ID!) {
|
||||
addProjectV2ItemById(input: {projectId: $project, contentId: $issue}) {
|
||||
item {
|
||||
id
|
||||
}
|
||||
}
|
||||
}' -f project=$PROJECT_ID -f issue=${{ github.event.issue.node_id }} --jq '.data.addProjectV2ItemById.item.id')"
|
||||
|
||||
echo 'ITEM_ID='$item_id >> $GITHUB_ENV
|
||||
- name: Set parent project status Done
|
||||
if: contains(env.CHILD_PROJ_STATUS, 'Done')
|
||||
run: |
|
||||
echo 'OPTION_ID='$DONE_OPTION_ID >> $GITHUB_ENV
|
||||
- name: Set parent project status In Progress
|
||||
if: contains(env.CHILD_PROJ_STATUS, 'In ') || contains(env.CHILD_PROJ_STATUS, 'Blocked')
|
||||
run: |
|
||||
echo 'OPTION_ID='$PROGRESS_OPTION_ID >> $GITHUB_ENV
|
||||
- name: Set parent project status To do
|
||||
if: env.CHILD_PROJ_STATUS && !contains(env.CHILD_PROJ_STATUS, 'In ') && !contains(env.CHILD_PROJ_STATUS, 'Blocked') && ! contains(env.CHILD_PROJ_STATUS, 'Done')
|
||||
run: |
|
||||
echo 'OPTION_ID='$TODO_OPTION_ID >> $GITHUB_ENV
|
||||
- name: Set issue status in parent project
|
||||
if: env.OPTION_ID && (env.OPTION_ID != env.PARENT_PROJ_STATUS_ID)
|
||||
run: |
|
||||
gh api graphql -f query='
|
||||
mutation (
|
||||
$project: ID!
|
||||
$item: ID!
|
||||
$status_field: ID!
|
||||
$status_value: String!
|
||||
) {
|
||||
set_status: updateProjectV2ItemFieldValue(input: {
|
||||
projectId: $project
|
||||
itemId: $item
|
||||
fieldId: $status_field
|
||||
value: {
|
||||
singleSelectOptionId: $status_value
|
||||
}
|
||||
}) {
|
||||
projectV2Item {
|
||||
id
|
||||
}
|
||||
}
|
||||
}' -f project=$PROJECT_ID -f item=$ITEM_ID -f status_field=$STATUS_FIELD_ID -f status_value=${{ env.OPTION_ID }} --silent
|
||||
25
.github/workflows/feature-toggles-ci.yml
vendored
Normal file
25
.github/workflows/feature-toggles-ci.yml
vendored
Normal file
@@ -0,0 +1,25 @@
|
||||
name: Feature toggles CI
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- 'pkg/services/featuremgmt/toggles_gen_test.go'
|
||||
- 'pkg/services/featuremgmt/registry.go'
|
||||
- 'docs/sources/setup-grafana/configure-grafana/feature-toggles/index.md'
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: 'go.mod'
|
||||
cache: true
|
||||
|
||||
- name: Run feature toggle tests
|
||||
run: go test -v -run TestFeatureToggleFiles ./pkg/services/featuremgmt/
|
||||
133
.github/workflows/frontend-lint.yml
vendored
Normal file
133
.github/workflows/frontend-lint.yml
vendored
Normal file
@@ -0,0 +1,133 @@
|
||||
name: Lint Frontend
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- release-*.*.*
|
||||
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
lint-frontend-verify-i18n:
|
||||
name: Verify i18n
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: |
|
||||
extract_error_message='::error::Extraction failed. Make sure that you have no dynamic translation phrases, such as "t(`preferences.theme.{themeID}`, themeName)" and that no translation key is used twice. Search the output for '[warning]' to find the offending file.'
|
||||
make i18n-extract || (echo "${extract_error_message}" && false)
|
||||
- run: |
|
||||
uncommited_error_message="::error::Translation extraction has not been committed. Please run 'make i18n-extract', commit the changes and push again."
|
||||
file_diff=$(git diff --dirstat public/locales)
|
||||
if [ -n "$file_diff" ]; then
|
||||
echo $file_diff
|
||||
echo "${uncommited_error_message}"
|
||||
exit 1
|
||||
fi
|
||||
lint-frontend-prettier:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
# Run this workflow only for PRs from forks; if it gets merged into `main` or `release-*`,
|
||||
# the `lint-frontend-prettier-enterprise` workflow will run instead
|
||||
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true
|
||||
name: Lint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: yarn run prettier:check
|
||||
- run: yarn run lint
|
||||
lint-frontend-prettier-enterprise:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
# Run this workflow for non-PR events (like pushes to `main` or `release-*`) OR for internal PRs (PRs not from forks)
|
||||
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false
|
||||
name: Lint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- name: Setup Enterprise
|
||||
uses: ./.github/actions/setup-enterprise
|
||||
with:
|
||||
github-app-name: 'grafana-ci-bot'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: yarn run prettier:check
|
||||
- run: yarn run lint
|
||||
lint-frontend-typecheck:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
# Run this workflow only for PRs from forks; if it gets merged into `main` or `release-*`,
|
||||
# the `lint-frontend-typecheck-enterprise` workflow will run instead
|
||||
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true
|
||||
name: Typecheck
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: yarn run typecheck
|
||||
lint-frontend-typecheck-enterprise:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
# Run this workflow for non-PR events (like pushes to `main` or `release-*`) OR for internal PRs (PRs not from forks)
|
||||
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false
|
||||
name: Typecheck
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- name: Setup Enterprise
|
||||
uses: ./.github/actions/setup-enterprise
|
||||
with:
|
||||
github-app-name: 'grafana-ci-bot'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: yarn run typecheck
|
||||
lint-frontend-betterer:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
name: Betterer
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: yarn run betterer:ci
|
||||
2
.github/workflows/github-release.yml
vendored
2
.github/workflows/github-release.yml
vendored
@@ -40,7 +40,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Create GitHub release (manually invoked)
|
||||
uses: grafana/grafana-github-actions-go/github-release@main
|
||||
uses: grafana/grafana-github-actions-go/github-release@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
version: ${{ inputs.version }}
|
||||
|
||||
6
.github/workflows/go-lint.yml
vendored
6
.github/workflows/go-lint.yml
vendored
@@ -17,14 +17,16 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: ./go.mod
|
||||
- run: make gen-go
|
||||
- name: golangci-lint
|
||||
uses: golangci/golangci-lint-action@v6
|
||||
uses: golangci/golangci-lint-action@1481404843c368bc19ca9406f87d6e0fc97bdcfd
|
||||
with:
|
||||
version: v1.62.0
|
||||
version: v2.0.2
|
||||
args: |
|
||||
--verbose $(go list -m -f '{{.Dir}}' | xargs -I{} sh -c 'test ! -f {}/.nolint && echo {}/...')
|
||||
install-mode: binary
|
||||
|
||||
27
.github/workflows/i18n-crowdin-create-tasks.yml
vendored
Normal file
27
.github/workflows/i18n-crowdin-create-tasks.yml
vendored
Normal file
@@ -0,0 +1,27 @@
|
||||
name: Crowdin Create Tasks
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
# schedule:
|
||||
# - cron: "0 0 * * *"
|
||||
|
||||
jobs:
|
||||
create-tasks-in-crowdin:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
|
||||
- name: Create tasks
|
||||
env:
|
||||
CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
|
||||
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
|
||||
run: node ./.github/workflows/scripts/crowdin/create-tasks.js
|
||||
11
.github/workflows/i18n-crowdin-download.yml
vendored
11
.github/workflows/i18n-crowdin-download.yml
vendored
@@ -26,10 +26,11 @@ jobs:
|
||||
with:
|
||||
ref: ${{ github.head_ref }}
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
persist-credentials: false
|
||||
|
||||
- name: Download sources
|
||||
id: crowdin-download
|
||||
uses: crowdin/github-action@v2
|
||||
uses: crowdin/github-action@b8012bd5491b8aa8578b73ab5b5f5e7c94aaa6e2
|
||||
with:
|
||||
upload_sources: false
|
||||
upload_translations: false
|
||||
@@ -72,7 +73,7 @@ jobs:
|
||||
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
|
||||
- name: Get project board ID
|
||||
uses: octokit/graphql-action@v2.x
|
||||
uses: octokit/graphql-action@51bf543c240dcd14761320e2efc625dc32ec0d32
|
||||
id: get-project-id
|
||||
if: steps.crowdin-download.outputs.pull_request_url
|
||||
with:
|
||||
@@ -92,7 +93,7 @@ jobs:
|
||||
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
|
||||
- name: Add to project board
|
||||
uses: octokit/graphql-action@v2.x
|
||||
uses: octokit/graphql-action@51bf543c240dcd14761320e2efc625dc32ec0d32
|
||||
if: steps.crowdin-download.outputs.pull_request_url
|
||||
with:
|
||||
projectid: ${{ fromJson(steps.get-project-id.outputs.data).organization.projectV2.id }}
|
||||
@@ -109,7 +110,7 @@ jobs:
|
||||
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
|
||||
- name: Run auto-milestone
|
||||
uses: grafana/grafana-github-actions-go/auto-milestone@main
|
||||
uses: grafana/grafana-github-actions-go/auto-milestone@main # zizmor: ignore[unpinned-uses]
|
||||
if: steps.crowdin-download.outputs.pull_request_url
|
||||
with:
|
||||
pr: ${{ steps.crowdin-download.outputs.pull_request_number }}
|
||||
@@ -117,7 +118,7 @@ jobs:
|
||||
|
||||
- name: Get vault secrets
|
||||
id: vault-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
# Secrets placed in ci/repo/grafana/grafana/grafana-pr-approver
|
||||
repo_secrets: |
|
||||
|
||||
4
.github/workflows/i18n-crowdin-upload.yml
vendored
4
.github/workflows/i18n-crowdin-upload.yml
vendored
@@ -15,9 +15,11 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Upload sources
|
||||
uses: crowdin/github-action@v2
|
||||
uses: crowdin/github-action@b8012bd5491b8aa8578b73ab5b5f5e7c94aaa6e2
|
||||
with:
|
||||
upload_sources: true
|
||||
upload_sources_args: '--dest=public/locales/en-US/grafana.json'
|
||||
|
||||
23
.github/workflows/issue-opened.yml
vendored
23
.github/workflows/issue-opened.yml
vendored
@@ -10,22 +10,24 @@ on:
|
||||
concurrency:
|
||||
group: issue-opened-${{ github.event.issue.number }}
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
main:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'grafana/grafana'
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
steps:
|
||||
|
||||
- name: Checkout Actions
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v4 # v4.2.2
|
||||
with:
|
||||
repository: "grafana/grafana-github-actions"
|
||||
path: ./actions
|
||||
ref: main
|
||||
persist-credentials: false
|
||||
|
||||
- name: Install Actions
|
||||
run: npm install --production --prefix ./actions
|
||||
@@ -37,7 +39,7 @@ jobs:
|
||||
|
||||
- name: "Get vault secrets"
|
||||
id: vault-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
# Secrets placed in the ci/repo/grafana/grafana/plugins_platform_issue_commands_github_bot path in Vault
|
||||
repo_secrets: |
|
||||
@@ -60,13 +62,16 @@ jobs:
|
||||
|
||||
auto-triage:
|
||||
needs: [main]
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
if: github.repository == 'grafana/grafana' && github.event.issue.author_association != 'MEMBER' && github.event.issue.author_association != 'OWNER'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
- name: "Get vault secrets"
|
||||
id: vault-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
# Secrets placed in the ci/repo/grafana/grafana/plugins_platform_issue_triager path in Vault
|
||||
repo_secrets: |
|
||||
@@ -83,11 +88,11 @@ jobs:
|
||||
private_key: ${{ env.GH_APP_PEM }}
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v4 # v4.2.2
|
||||
|
||||
- name: Send issue to the auto triager action
|
||||
id: auto_triage
|
||||
uses: grafana/auto-triager@main
|
||||
uses: grafana/auto-triager@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
issue_number: ${{ github.event.issue.number }}
|
||||
@@ -99,7 +104,7 @@ jobs:
|
||||
|
||||
- name: "Send Slack notification"
|
||||
if: ${{ steps.auto_triage.outputs.triage_labels != '' }}
|
||||
uses: slackapi/slack-github-action@v1.27.0
|
||||
uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
|
||||
with:
|
||||
payload: >
|
||||
{
|
||||
|
||||
62
.github/workflows/lint-build-docs.yml
vendored
Normal file
62
.github/workflows/lint-build-docs.yml
vendored
Normal file
@@ -0,0 +1,62 @@
|
||||
name: Documentation
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- '*.md'
|
||||
- 'docs/**'
|
||||
- 'packages/**/*.md'
|
||||
- 'latest.json'
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- '*.md'
|
||||
- 'docs/**'
|
||||
- 'packages/**/*.md'
|
||||
- 'latest.json'
|
||||
|
||||
jobs:
|
||||
docs:
|
||||
name: Build & Verify Docs
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: '22.11.0'
|
||||
cache: 'yarn'
|
||||
|
||||
- name: Install dependencies
|
||||
run: yarn install --immutable
|
||||
|
||||
- name: Lint docs
|
||||
run: yarn run prettier:checkDocs
|
||||
env:
|
||||
# Increase memory for prettier due to large number of files
|
||||
NODE_OPTIONS: --max_old_space_size=8192
|
||||
|
||||
- name: Build docs website
|
||||
run: |
|
||||
# Create and start a container from the docs-base image in detached mode
|
||||
docker run -d --name docs-builder grafana/docs-base:latest tail -f /dev/null
|
||||
|
||||
# Create the directory structure inside the container
|
||||
docker exec docs-builder mkdir -p /hugo/content/docs/grafana/latest
|
||||
|
||||
# Create the _index.md file
|
||||
docker exec docs-builder /bin/sh -c "echo -e '---\nredirectURL: /docs/grafana/latest/\ntype: redirect\nversioned: true\n---\n' > /hugo/content/docs/grafana/_index.md"
|
||||
|
||||
# Copy the docs sources from the host to the container
|
||||
docker cp docs/sources/. docs-builder:/hugo/content/docs/grafana/latest/
|
||||
|
||||
# Run the make prod command inside the container
|
||||
docker exec -w /hugo docs-builder make prod || echo "Build completed with warnings"
|
||||
|
||||
# Clean up the container
|
||||
docker rm -f docs-builder
|
||||
6
.github/workflows/metrics-collector.yml
vendored
6
.github/workflows/metrics-collector.yml
vendored
@@ -15,6 +15,9 @@ on:
|
||||
issues:
|
||||
types: [opened, closed]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
config:
|
||||
runs-on: "ubuntu-latest"
|
||||
@@ -35,11 +38,12 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Actions
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v4 # v4.2.2
|
||||
with:
|
||||
repository: "grafana/grafana-github-actions"
|
||||
path: ./actions
|
||||
ref: main
|
||||
persist-credentials: false
|
||||
- name: Install Actions
|
||||
run: npm install --production --prefix ./actions
|
||||
- name: Run metrics collector
|
||||
|
||||
20
.github/workflows/migrate-prs.yml
vendored
20
.github/workflows/migrate-prs.yml
vendored
@@ -16,7 +16,9 @@ on:
|
||||
required: true
|
||||
type: string
|
||||
secrets:
|
||||
token:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID:
|
||||
required: true
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM:
|
||||
required: true
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
@@ -33,17 +35,25 @@ on:
|
||||
required: true
|
||||
type: string
|
||||
secrets:
|
||||
token:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID:
|
||||
required: true
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM:
|
||||
required: true
|
||||
|
||||
jobs:
|
||||
main:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Migrate PRs
|
||||
uses: grafana/grafana-github-actions-go/migrate-open-prs@main
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
token: ${{ secrets.token }}
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: Migrate PRs
|
||||
uses: grafana/grafana-github-actions-go/migrate-open-prs@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
ownerRepo: ${{ inputs.ownerRepo }}
|
||||
from: ${{ inputs.from }}
|
||||
to: ${{ inputs.to }}
|
||||
|
||||
19
.github/workflows/milestone.yml
vendored
19
.github/workflows/milestone.yml
vendored
@@ -1,19 +0,0 @@
|
||||
name: Close Milestone
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
version_input:
|
||||
description: 'The version to be released please respect: major.minor.patch, major.minor.patch-preview or major.minor.patch-preview<number> format. example: 7.4.3, 7.4.3-preview or 7.4.3-preview1'
|
||||
required: true
|
||||
jobs:
|
||||
call-remove-milestone:
|
||||
uses: grafana/grafana/.github/workflows/remove-milestone.yml@main
|
||||
with:
|
||||
version_call: ${{ github.event.inputs.version_input }}
|
||||
secrets: inherit
|
||||
call-close-milestone:
|
||||
uses: grafana/grafana/.github/workflows/close-milestone.yml@main
|
||||
with:
|
||||
version_call: ${{ github.event.inputs.version_input }}
|
||||
secrets: inherit
|
||||
needs: call-remove-milestone
|
||||
71
.github/workflows/pr-backend-coverage.yml
vendored
Normal file
71
.github/workflows/pr-backend-coverage.yml
vendored
Normal file
@@ -0,0 +1,71 @@
|
||||
name: Coverage
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths-ignore:
|
||||
- 'docs/**'
|
||||
- '**/*.md'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
|
||||
env:
|
||||
EDITION: 'oss'
|
||||
WIRE_TAGS: 'oss'
|
||||
|
||||
jobs:
|
||||
main:
|
||||
name: Backend Unit Tests
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
cache: true
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y build-essential shared-mime-info
|
||||
go install github.com/mfridman/tparse@c1754a1f484ac5cd422697b0fec635177ddc8507 # v0.17.0
|
||||
- name: Generate Go code
|
||||
run: make gen-go
|
||||
- name: Run unit tests
|
||||
run: COVER_OPTS="-coverprofile=be-unit.cov -coverpkg=github.com/grafana/grafana/..." GO_TEST_OUTPUT="/tmp/unit.log" make test-go-unit-cov
|
||||
- name: Process and upload coverage
|
||||
uses: ./.github/actions/test-coverage-processor
|
||||
with:
|
||||
test-type: 'be-unit'
|
||||
# Needs to be named 'unit.cov' based on the Makefile command `make test-go-unit`
|
||||
coverage-file: 'unit.cov'
|
||||
codecov-token: ${{ secrets.CODECOV_TOKEN }}
|
||||
codecov-flag: 'be-unit'
|
||||
codecov-name: 'be-unit'
|
||||
|
||||
- name: Install Grafana Bench
|
||||
# We can't allow forks here, as we need secret access.
|
||||
if: ${{ github.event_name != 'pull_request' }}
|
||||
uses: ./.github/actions/setup-grafana-bench
|
||||
|
||||
- name: Process output for Bench
|
||||
if: ${{ github.event_name != 'pull_request' }}
|
||||
run: |
|
||||
grafana-bench report \
|
||||
--trigger pr-backend-unit-tests-oss \
|
||||
--report-input go \
|
||||
--report-output log \
|
||||
--grafana-version "$(git rev-parse HEAD)" \
|
||||
--suite-name grafana-oss-unit-tests \
|
||||
/tmp/unit.log || true
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: false
|
||||
3
.github/workflows/pr-checks.yml
vendored
3
.github/workflows/pr-checks.yml
vendored
@@ -31,11 +31,12 @@ jobs:
|
||||
if: github.event.pull_request.draft == false
|
||||
steps:
|
||||
- name: Checkout Actions
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v4 # v4.2.2
|
||||
with:
|
||||
repository: "grafana/grafana-github-actions"
|
||||
path: ./actions
|
||||
ref: main
|
||||
persist-credentials: false
|
||||
- name: Install Actions
|
||||
run: npm install --production --prefix ./actions
|
||||
- name: Run PR Checks
|
||||
|
||||
53
.github/workflows/pr-codeql-analysis-go.yml
vendored
53
.github/workflows/pr-codeql-analysis-go.yml
vendored
@@ -1,53 +0,0 @@
|
||||
name: "CodeQL for PR / go"
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
pull_request:
|
||||
branches: [main]
|
||||
paths:
|
||||
- '**/*.go'
|
||||
|
||||
permissions:
|
||||
security-events: write
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'grafana/grafana'
|
||||
|
||||
steps:
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
continue-on-error: true
|
||||
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
# We must fetch at least the immediate parents so that if this is
|
||||
# a pull request then we can checkout the head.
|
||||
fetch-depth: 2
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
|
||||
- name: Set go version
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
with:
|
||||
languages: "go"
|
||||
|
||||
- name: Build go files
|
||||
run: |
|
||||
go mod verify
|
||||
make build-go
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
@@ -25,12 +25,13 @@ jobs:
|
||||
# We must fetch at least the immediate parents so that if this is
|
||||
# a pull request then we can checkout the head.
|
||||
fetch-depth: 2
|
||||
persist-credentials: false
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
uses: github/codeql-action/init@v3
|
||||
with:
|
||||
languages: "javascript"
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
uses: github/codeql-action/analyze@v3
|
||||
|
||||
@@ -23,12 +23,13 @@ jobs:
|
||||
# We must fetch at least the immediate parents so that if this is
|
||||
# a pull request then we can checkout the head.
|
||||
fetch-depth: 2
|
||||
persist-credentials: false
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
uses: github/codeql-action/init@v3
|
||||
with:
|
||||
languages: "python"
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
uses: github/codeql-action/analyze@v3
|
||||
|
||||
3
.github/workflows/pr-commands.yml
vendored
3
.github/workflows/pr-commands.yml
vendored
@@ -30,11 +30,12 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Actions
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v4 # v4.2.2
|
||||
with:
|
||||
repository: "grafana/grafana-github-actions"
|
||||
path: ./actions
|
||||
ref: main
|
||||
persist-credentials: false
|
||||
- name: Install Actions
|
||||
run: npm install --production --prefix ./actions
|
||||
- name: "Generate token"
|
||||
|
||||
@@ -22,7 +22,7 @@ jobs:
|
||||
steps:
|
||||
- name: Retrieve GitHub App secrets
|
||||
id: get-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@get-vault-secrets-v1.0.1
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@get-vault-secrets-v1.0.1 # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
repo_secrets: |
|
||||
APP_ID=grafana-go-workspace-bot:app-id
|
||||
@@ -42,9 +42,10 @@ jobs:
|
||||
repository: ${{ github.event.pull_request.head.repo.full_name }}
|
||||
ref: ${{ github.event.pull_request.head.ref }}
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set go version
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
|
||||
@@ -65,4 +66,4 @@ jobs:
|
||||
echo "Committing and pushing workspace changes"
|
||||
git commit -a -m "update workspace"
|
||||
git push origin $BRANCH_NAME
|
||||
fi
|
||||
fi
|
||||
|
||||
72
.github/workflows/pr-e2e-tests.yml
vendored
Normal file
72
.github/workflows/pr-e2e-tests.yml
vendored
Normal file
@@ -0,0 +1,72 @@
|
||||
name: End-to-end tests
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- release-*.*.*
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: ${{ startsWith(github.ref, 'refs/pull/') }}
|
||||
|
||||
jobs:
|
||||
build-grafana:
|
||||
name: Build & Package Grafana
|
||||
runs-on: ubuntu-latest-16-cores
|
||||
outputs:
|
||||
artifact: ${{ steps.artifact.outputs.artifact }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
repository: 'grafana/grafana-build'
|
||||
ref: 'main'
|
||||
persist-credentials: false
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
path: ./grafana
|
||||
- run: echo "GRAFANA_GO_VERSION=$(grep "go 1." grafana/go.work | cut -d\ -f2)" >> "$GITHUB_ENV"
|
||||
- uses: dagger/dagger-for-github@e47aba410ef9bb9ed81a4d2a97df31061e5e842e
|
||||
with:
|
||||
verb: run
|
||||
args: go run ./cmd artifacts -a targz:grafana:linux/amd64 --grafana-dir=grafana --go-version=${GRAFANA_GO_VERSION} > out.txt
|
||||
- run: mv $(cat out.txt) grafana.tar.gz
|
||||
- run: echo "artifact=grafana-e2e-${{github.run_number}}" >> "$GITHUB_OUTPUT"
|
||||
id: artifact
|
||||
- uses: actions/upload-artifact@v4
|
||||
id: upload
|
||||
with:
|
||||
retention-days: 1
|
||||
name: ${{ steps.artifact.outputs.artifact }}
|
||||
path: grafana.tar.gz
|
||||
e2e-matrix:
|
||||
name: ${{ matrix.suite }}
|
||||
strategy:
|
||||
matrix:
|
||||
suite:
|
||||
- various-suite
|
||||
- dashboards-suite
|
||||
- smoke-tests-suite
|
||||
- panels-suite
|
||||
needs:
|
||||
- build-grafana
|
||||
uses: ./.github/workflows/run-e2e-suite.yml
|
||||
with:
|
||||
package: ${{ needs.build-grafana.outputs.artifact }}
|
||||
suite: ${{ matrix.suite }}
|
||||
e2e-matrix-old-arch:
|
||||
name: ${{ matrix.suite }} (old arch)
|
||||
strategy:
|
||||
matrix:
|
||||
suite:
|
||||
- old-arch/various-suite
|
||||
- old-arch/dashboards-suite
|
||||
- old-arch/smoke-tests-suite
|
||||
- old-arch/panels-suite
|
||||
needs:
|
||||
- build-grafana
|
||||
uses: ./.github/workflows/run-e2e-suite.yml
|
||||
with:
|
||||
package: ${{ needs.build-grafana.outputs.artifact }}
|
||||
suite: ${{ matrix.suite }}
|
||||
69
.github/workflows/pr-frontend-unit-tests.yml
vendored
Normal file
69
.github/workflows/pr-frontend-unit-tests.yml
vendored
Normal file
@@ -0,0 +1,69 @@
|
||||
name: Frontend tests
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- release-*.*.*
|
||||
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
frontend-unit-tests:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
# Run this workflow only for PRs from forks; if it gets merged into `main` or `release-*`,
|
||||
# the `frontend-unit-tests-enterprise` workflow will run instead
|
||||
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
name: "Unit tests (${{ matrix.chunk }} / 8)"
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
chunk: [1, 2, 3, 4, 5, 6, 7, 8]
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: yarn run test:ci
|
||||
env:
|
||||
TEST_MAX_WORKERS: 2
|
||||
TEST_SHARD: ${{ matrix.chunk }}
|
||||
TEST_SHARD_TOTAL: 8
|
||||
|
||||
frontend-unit-tests-enterprise:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
# Run this workflow for non-PR events (like pushes to `main` or `release-*`) OR for internal PRs (PRs not from forks)
|
||||
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
name: "Unit tests (${{ matrix.chunk }} / 8)"
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
chunk: [1, 2, 3, 4, 5, 6, 7, 8]
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: '.nvmrc'
|
||||
cache: 'yarn'
|
||||
cache-dependency-path: 'yarn.lock'
|
||||
- name: Setup Enterprise
|
||||
uses: ./.github/actions/setup-enterprise
|
||||
with:
|
||||
github-app-name: 'grafana-ci-bot'
|
||||
- run: yarn install --immutable --check-cache
|
||||
- run: yarn run test:ci
|
||||
env:
|
||||
TEST_MAX_WORKERS: 2
|
||||
TEST_SHARD: ${{ matrix.chunk }}
|
||||
TEST_SHARD_TOTAL: 8
|
||||
7
.github/workflows/pr-go-workspace-check.yml
vendored
7
.github/workflows/pr-go-workspace-check.yml
vendored
@@ -22,10 +22,13 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set go version
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639
|
||||
with:
|
||||
cache: false
|
||||
go-version-file: go.mod
|
||||
|
||||
- name: Update workspace
|
||||
@@ -41,4 +44,4 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
- name: Ensure Dockerfile contains submodule COPY commands
|
||||
run: ./scripts/go-workspace/validate-dockerfile.sh
|
||||
run: ./scripts/go-workspace/validate-dockerfile.sh
|
||||
|
||||
7
.github/workflows/pr-k8s-codegen-check.yml
vendored
7
.github/workflows/pr-k8s-codegen-check.yml
vendored
@@ -9,6 +9,7 @@ on:
|
||||
- "pkg/aggregator/apis/**"
|
||||
- "pkg/apimachinery/apis/**"
|
||||
- "hack/**"
|
||||
- "apps/**"
|
||||
- "*.sum"
|
||||
|
||||
jobs:
|
||||
@@ -19,9 +20,11 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set go version
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
|
||||
@@ -35,4 +38,4 @@ jobs:
|
||||
git diff
|
||||
echo "Please run './hack/update-codegen.sh' and commit the changes."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
63
.github/workflows/pr-patch-check-event.yml
vendored
Normal file
63
.github/workflows/pr-patch-check-event.yml
vendored
Normal file
@@ -0,0 +1,63 @@
|
||||
# Owned by grafana-delivery-squad
|
||||
# Intended to be dropped into the base repo Ex: grafana/grafana
|
||||
name: Dispatch check for patch conflicts
|
||||
run-name: dispatch-check-patch-conflicts-${{ github.base_ref }}-${{ github.head_ref }}
|
||||
on:
|
||||
pull_request_target:
|
||||
types:
|
||||
- opened
|
||||
- reopened
|
||||
- synchronize
|
||||
branches:
|
||||
- "main"
|
||||
- "v*.*.*"
|
||||
- "release-*"
|
||||
|
||||
permissions: {}
|
||||
|
||||
# Since this is run on a pull request, we want to apply the patches intended for the
|
||||
# target branch onto the source branch, to verify compatibility before merging.
|
||||
jobs:
|
||||
dispatch-job:
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: read
|
||||
actions: write
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
BASE_REF: ${{ github.base_ref }}
|
||||
REPO: ${{ github.repository }}
|
||||
SENDER: ${{ github.event.sender.login }}
|
||||
SHA: ${{ github.sha }}
|
||||
PR_COMMIT_SHA: ${{ github.event.pull_request.head.sha }}
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a
|
||||
with:
|
||||
# App needs Actions: Read/Write for the grafana/security-patch-actions repo
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: "Dispatch job"
|
||||
uses: actions/github-script@v7
|
||||
with:
|
||||
github-token: ${{ steps.generate_token.outputs.token }}
|
||||
script: |
|
||||
const {HEAD_REF, BASE_REF, REPO, SENDER, SHA, PR_COMMIT_SHA} = process.env;
|
||||
|
||||
await github.rest.actions.createWorkflowDispatch({
|
||||
owner: 'grafana',
|
||||
repo: 'security-patch-actions',
|
||||
workflow_id: 'test-patches-event.yml',
|
||||
ref: 'main',
|
||||
inputs: {
|
||||
src_repo: REPO,
|
||||
src_ref: HEAD_REF,
|
||||
src_merge_sha: SHA,
|
||||
src_pr_commit_sha: PR_COMMIT_SHA,
|
||||
patch_repo: REPO + '-security-patches',
|
||||
patch_ref: BASE_REF,
|
||||
triggering_github_handle: SENDER
|
||||
}
|
||||
})
|
||||
27
.github/workflows/pr-patch-check.yml
vendored
27
.github/workflows/pr-patch-check.yml
vendored
@@ -1,27 +0,0 @@
|
||||
# Owned by grafana-release-guild
|
||||
# Intended to be dropped into the base repo Ex: grafana/grafana
|
||||
name: Check for patch conflicts
|
||||
run-name: check-patch-conflicts-${{ github.base_ref }}-${{ github.head_ref }}
|
||||
on:
|
||||
pull_request:
|
||||
types:
|
||||
- opened
|
||||
- reopened
|
||||
- synchronize
|
||||
branches:
|
||||
- "main"
|
||||
- "v*.*.*"
|
||||
- "release-*"
|
||||
|
||||
# Since this is run on a pull request, we want to apply the patches intended for the
|
||||
# target branch onto the source branch, to verify compatibility before merging.
|
||||
jobs:
|
||||
trigger_downstream_patch_check:
|
||||
uses: grafana/security-patch-actions/.github/workflows/test-patches.yml@main
|
||||
if: github.repository == 'grafana/grafana'
|
||||
with:
|
||||
src_repo: "${{ github.repository }}"
|
||||
src_ref: "${{ github.head_ref }}" # this is the source branch name, Ex: "feature/newthing"
|
||||
patch_repo: "${{ github.repository }}-security-patches"
|
||||
patch_ref: "${{ github.base_ref }}" # this is the target branch name, Ex: "main"
|
||||
secrets: inherit
|
||||
89
.github/workflows/pr-test-integration.yml
vendored
Normal file
89
.github/workflows/pr-test-integration.yml
vendored
Normal file
@@ -0,0 +1,89 @@
|
||||
name: Integration Tests
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- release-*.*.*
|
||||
pull_request:
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: ${{ startsWith(github.ref, 'refs/pull/') }}
|
||||
|
||||
jobs:
|
||||
sqlite:
|
||||
name: Sqlite
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
cache: true
|
||||
- run: |
|
||||
make gen-go
|
||||
go test -tags=sqlite -timeout=5m -run '^TestIntegration' $(find ./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+' | grep -o '\(.*\)/' | sort -u)
|
||||
mysql:
|
||||
name: MySQL
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
env:
|
||||
GRAFANA_TEST_DB: mysql
|
||||
MYSQL_HOST: 127.0.0.1
|
||||
services:
|
||||
mysql:
|
||||
image: mysql:8.0.32
|
||||
env:
|
||||
MYSQL_ROOT_PASSWORD: rootpass
|
||||
MYSQL_DATABASE: grafana_tests
|
||||
MYSQL_USER: grafana
|
||||
MYSQL_PASSWORD: password
|
||||
options: --health-cmd="mysqladmin ping --silent" --health-interval=10s --health-timeout=5s --health-retries=3
|
||||
ports:
|
||||
- 3306:3306
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
cache: true
|
||||
- run: |
|
||||
sudo apt-get update -yq && sudo apt-get install mariadb-client
|
||||
cat devenv/docker/blocks/mysql_tests/setup.sql | mariadb -h 127.0.0.1 -P 3306 -u root -prootpass --disable-ssl-verify-server-cert
|
||||
make gen-go
|
||||
go test -tags=mysql -p=1 -timeout=5m -run '^TestIntegration' $(find ./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+' | grep -o '\(.*\)/' | sort -u)
|
||||
postgres:
|
||||
name: Postgres
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:12.3-alpine
|
||||
env:
|
||||
POSTGRES_USER: grafanatest
|
||||
POSTGRES_PASSWORD: grafanatest
|
||||
POSTGRES_DB: grafanatest
|
||||
ports:
|
||||
- 5432:5432
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
- name: Setup Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
cache: true
|
||||
- env:
|
||||
GRAFANA_TEST_DB: postgres
|
||||
PGPASSWORD: grafanatest
|
||||
POSTGRES_HOST: 127.0.0.1
|
||||
run: |
|
||||
sudo apt-get update -yq && sudo apt-get install postgresql-client
|
||||
psql -p 5432 -h 127.0.0.1 -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
|
||||
make gen-go
|
||||
go test -p=1 -tags=postgres -timeout=5m -run '^TestIntegration' $(find ./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+' | grep -o '\(.*\)/' | sort -u)
|
||||
3
.github/workflows/publish-kinds-next.yml
vendored
3
.github/workflows/publish-kinds-next.yml
vendored
@@ -32,9 +32,10 @@ jobs:
|
||||
uses: "actions/checkout@v4"
|
||||
with:
|
||||
fetch-depth: 0
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Setup Go"
|
||||
uses: "actions/setup-go@v4"
|
||||
uses: "actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639"
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
|
||||
|
||||
3
.github/workflows/publish-kinds-release.yml
vendored
3
.github/workflows/publish-kinds-release.yml
vendored
@@ -35,9 +35,10 @@ jobs:
|
||||
with:
|
||||
# required for the `grafana/grafana-github-actions/has-matching-release-tag` action to work
|
||||
fetch-depth: 0
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Setup Go"
|
||||
uses: "actions/setup-go@v4"
|
||||
uses: "actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639"
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
|
||||
|
||||
@@ -16,6 +16,6 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: grafana/writers-toolkit/publish-technical-documentation@publish-technical-documentation/v1
|
||||
- uses: grafana/writers-toolkit/publish-technical-documentation@publish-technical-documentation/v1 # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
website_directory: content/docs/grafana/next
|
||||
|
||||
@@ -20,7 +20,8 @@ jobs:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: grafana/writers-toolkit/publish-technical-documentation-release@publish-technical-documentation-release/v2
|
||||
persist-credentials: false
|
||||
- uses: grafana/writers-toolkit/publish-technical-documentation-release@publish-technical-documentation-release/v2 # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
release_tag_regexp: "^v(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)$"
|
||||
release_branch_regexp: "^release-(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)$"
|
||||
|
||||
55
.github/workflows/release-comms.yml
vendored
55
.github/workflows/release-comms.yml
vendored
@@ -19,7 +19,7 @@ on:
|
||||
- closed
|
||||
branches:
|
||||
- 'main'
|
||||
- 'v*.*.*'
|
||||
- 'release-*.*.*'
|
||||
|
||||
jobs:
|
||||
setup:
|
||||
@@ -30,25 +30,16 @@ jobs:
|
||||
release_branch: ${{ steps.output.outputs.release_branch }}
|
||||
dry_run: ${{ steps.output.outputs.dry_run }}
|
||||
latest: ${{ steps.output.outputs.latest }}
|
||||
token: ${{ steps.output.outputs.token }}
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
DRY_RUN: ${{ inputs.dry_run }}
|
||||
LATEST: ${{ inputs.latest && '1' || '0' }}
|
||||
VERSION: ${{ inputs.version }}
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
# The github-release action expects a `LATEST` value of a string of either '1' or '0'
|
||||
- if: ${{ github.event_name == 'workflow_dispatch' }}
|
||||
run: |
|
||||
echo setting up GITHUB_ENV for ${{ github.event_name }}
|
||||
echo "VERSION=${{ inputs.version }}" >> $GITHUB_ENV
|
||||
echo "DRY_RUN=${{ inputs.dry_run }}" >> $GITHUB_ENV
|
||||
echo "LATEST=${{ inputs.latest && '1' || '0' }}" >> $GITHUB_ENV
|
||||
- if: ${{ github.event.pull_request.merged == true && startsWith(github.head_ref, 'release/') }}
|
||||
run: |
|
||||
echo "VERSION=$(echo ${{ github.head_ref }} | sed -e 's/release\/.*\///g')" >> $GITHUB_ENV
|
||||
echo "VERSION=$(echo ${HEAD_REF} | sed -e 's/release\/.*\//v/g')" >> $GITHUB_ENV
|
||||
echo "DRY_RUN=${{ contains(github.event.pull_request.labels.*.name, 'release/dry-run') }}" >> $GITHUB_ENV
|
||||
echo "LATEST=${{ contains(github.event.pull_request.labels.*.name, 'release/latest') && '1' || '0' }}" >> $GITHUB_ENV
|
||||
- id: output
|
||||
@@ -58,7 +49,6 @@ jobs:
|
||||
echo "version: $VERSION"
|
||||
|
||||
echo "release_branch=$(echo $VERSION | sed -s 's/^v/release-/g')" >> "$GITHUB_OUTPUT"
|
||||
echo "token=${{ steps.generate_token.outputs.token }}" >> "$GITHUB_OUTPUT"
|
||||
echo "dry_run=$DRY_RUN" >> "$GITHUB_OUTPUT"
|
||||
echo "latest=$LATEST" >> "$GITHUB_OUTPUT"
|
||||
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
|
||||
@@ -66,42 +56,46 @@ jobs:
|
||||
name: Create next release branch (Grafana)
|
||||
needs: setup
|
||||
uses: ./.github/workflows/create-next-release-branch.yml
|
||||
secrets:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
with:
|
||||
ownerRepo: 'grafana/grafana'
|
||||
source: ${{ needs.setup.outputs.release_branch }}
|
||||
secrets:
|
||||
token: ${{ needs.setup.outputs.token }}
|
||||
create_next_release_branch_enterprise:
|
||||
name: Create next release branch (Grafana Enterprise)
|
||||
needs: setup
|
||||
uses: ./.github/workflows/create-next-release-branch.yml
|
||||
with:
|
||||
ownerRepo: 'grafana/grafana'
|
||||
source: ${{ needs.setup.outputs.release_branch }}
|
||||
secrets:
|
||||
token: ${{ needs.setup.outputs.token }}
|
||||
GRAFANA_DELIVERY_BOT_APP_ID: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
with:
|
||||
ownerRepo: 'grafana/grafana-enterprise'
|
||||
source: ${{ needs.setup.outputs.release_branch }}
|
||||
migrate_prs_grafana:
|
||||
needs:
|
||||
- setup
|
||||
- create_next_release_branch_grafana
|
||||
uses: ./.github/workflows/migrate-prs.yml
|
||||
secrets:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
with:
|
||||
ownerRepo: 'grafana/grafana'
|
||||
from: ${{ needs.setup.outputs.release_branch }}
|
||||
to: ${{ needs.create_next_release_branch_grafana.outputs.branch }}
|
||||
secrets:
|
||||
token: ${{ needs.setup.outputs.token }}
|
||||
migrate_prs_enterprise:
|
||||
needs:
|
||||
- setup
|
||||
- create_next_release_branch_enterprise
|
||||
uses: ./.github/workflows/migrate-prs.yml
|
||||
secrets:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
with:
|
||||
ownerRepo: 'grafana/grafana-enterprise'
|
||||
from: ${{ needs.setup.outputs.release_branch }}
|
||||
to: ${{ needs.create_next_release_branch_enterprise.outputs.branch }}
|
||||
secrets:
|
||||
token: ${{ needs.setup.outputs.token }}
|
||||
post_changelog_on_forum:
|
||||
needs: setup
|
||||
uses: ./.github/workflows/community-release.yml
|
||||
@@ -124,7 +118,10 @@ jobs:
|
||||
post_on_slack:
|
||||
needs: setup
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
DRY_RUN: ${{ needs.setup.outputs.dry_run }}
|
||||
VERSION: ${{ needs.setup.outputs.version }}
|
||||
steps:
|
||||
- run: |
|
||||
echo announce on slack that ${{ needs.setup.outputs.version }} has been released
|
||||
echo dry run: ${{ needs.setup.outputs.dry_run }}
|
||||
echo announce on slack that $VERSION has been released
|
||||
echo dry run: $DRY_RUN
|
||||
|
||||
111
.github/workflows/release-pr.yml
vendored
111
.github/workflows/release-pr.yml
vendored
@@ -33,12 +33,13 @@ on:
|
||||
default: false
|
||||
type: boolean
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
push-changelog-to-main:
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
name: Create PR to main to update the changelog
|
||||
uses: ./.github/workflows/changelog.yml
|
||||
with:
|
||||
@@ -50,30 +51,33 @@ jobs:
|
||||
secrets:
|
||||
GRAFANA_DELIVERY_BOT_APP_ID: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
|
||||
create-prs:
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
name: Create Release PR
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'grafana/grafana'
|
||||
env:
|
||||
VERSION: ${{ inputs.version }}
|
||||
LATEST: ${{ inputs.latest }}
|
||||
DRY_RUN: ${{ inputs.dry_run }}
|
||||
steps:
|
||||
- name: Generate bot token
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: Get release branch
|
||||
id: branch
|
||||
uses: grafana/grafana-github-actions-go/latest-release-branch@main
|
||||
uses: grafana/grafana-github-actions-go/latest-release-branch@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
ownerRepo: 'grafana/grafana'
|
||||
pattern: ${{ inputs.target }}
|
||||
- name: Checkout Grafana
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ steps.branch.outputs.branch }}
|
||||
fetch-depth: 0
|
||||
fetch-tags: true
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
persist-credentials: false
|
||||
- name: Checkout Grafana (main)
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
@@ -81,6 +85,8 @@ jobs:
|
||||
fetch-depth: '0'
|
||||
fetch-tags: 'false'
|
||||
path: .grafana-main
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
persist-credentials: false
|
||||
- name: Setup nodejs environment
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
@@ -92,37 +98,43 @@ jobs:
|
||||
git config --local --add --bool push.autoSetupRemote true
|
||||
|
||||
- name: Create branch
|
||||
run: git checkout -b "release/${{ github.run_id }}/${{ inputs.version }}"
|
||||
run: git checkout -b "release/${{ github.run_id }}/$VERSION"
|
||||
- name: Generate changelog token
|
||||
id: generate_changelog_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: Generate changelog
|
||||
id: changelog
|
||||
uses: ./.grafana-main/.github/workflows/actions/changelog
|
||||
uses: ./.grafana-main/.github/actions/changelog
|
||||
with:
|
||||
github_token: ${{ steps.generate_token.outputs.token }}
|
||||
target: v${{ inputs.version }}
|
||||
github_token: ${{ steps.generate_changelog_token.outputs.token }}
|
||||
target: v${{ env.VERSION }}
|
||||
output_file: changelog_items.md
|
||||
- name: Patch CHANGELOG.md
|
||||
run: |
|
||||
# Prepare CHANGELOG.md content with version delimiters
|
||||
(
|
||||
echo
|
||||
echo "# ${{ inputs.version}} ($(date '+%F'))"
|
||||
echo "# $VERSION ($(date '+%F'))"
|
||||
echo
|
||||
cat changelog_items.md
|
||||
) > CHANGELOG.part
|
||||
|
||||
# Check if a version exists in the changelog
|
||||
if grep -q "<!-- ${{ inputs.version}} START" CHANGELOG.md ; then
|
||||
if grep -q "<!-- $VERSION START" CHANGELOG.md ; then
|
||||
# Replace the content between START and END delimiters
|
||||
echo "Version ${{ inputs.version }} is found in the CHANGELOG.md, patching contents..."
|
||||
sed -i -e '/${{ inputs.version }} START/,/${{ inputs.version }} END/{//!d;}' \
|
||||
-e '/${{ inputs.version }} START/r CHANGELOG.part' CHANGELOG.md
|
||||
echo "Version $VERSION is found in the CHANGELOG.md, patching contents..."
|
||||
sed -i -e "/$VERSION START/,/$VERSION END/{//!d;}" \
|
||||
-e "/$VERSION START/r CHANGELOG.part" CHANGELOG.md
|
||||
else
|
||||
# Prepend changelog part to the main changelog file
|
||||
echo "Version ${{ inputs.version }} not found in the CHANGELOG.md"
|
||||
echo "Version $VERSION not found in the CHANGELOG.md"
|
||||
(
|
||||
echo "<!-- ${{ inputs.version }} START -->"
|
||||
echo "<!-- $VERSION START -->"
|
||||
cat CHANGELOG.part
|
||||
echo "<!-- ${{ inputs.version }} END -->"
|
||||
echo "<!-- $VERSION END -->"
|
||||
cat CHANGELOG.md
|
||||
) > CHANGELOG.tmp
|
||||
mv CHANGELOG.tmp CHANGELOG.md
|
||||
@@ -143,36 +155,47 @@ jobs:
|
||||
|
||||
- name: Add package.json changes
|
||||
run: |
|
||||
git add package.json lerna.json yarn.lock packages public e2e/test-plugins
|
||||
git commit -m "Update version to ${{ inputs.version }}"
|
||||
git add package.json lerna.json yarn.lock packages public
|
||||
test -e e2e/test-plugins && git add e2e/test-plugins
|
||||
git commit -m "Update version to $VERSION"
|
||||
|
||||
- name: Git push
|
||||
if: ${{ inputs.dry_run }} != true
|
||||
run: git push --set-upstream origin release/${{ github.run_id }}/${{ inputs.version }}
|
||||
run: git push --set-upstream origin "release/${{ github.run_id }}/$VERSION"
|
||||
|
||||
- name: Create PR without backports
|
||||
if: "${{ inputs.backport == '' }}"
|
||||
run: >
|
||||
gh pr create \
|
||||
$( [ "x${{ inputs.latest }}" == "xtrue" ] && printf %s '-l "release/latest"') \
|
||||
-l "no-changelog" \
|
||||
--dry-run=${{ inputs.dry_run }} \
|
||||
-B "${{ steps.branch.outputs.branch }}" \
|
||||
--title "Release: ${{ inputs.version }}" \
|
||||
--body "These code changes must be merged after a release is complete"
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
BRANCH: ${{ steps.branch.outputs.branch }}
|
||||
run: |
|
||||
LATEST_FLAG=""
|
||||
if [ "$LATEST" = "true" ]; then
|
||||
LATEST_FLAG='-l "release/latest"'
|
||||
fi
|
||||
gh pr create \
|
||||
$LATEST_FLAG \
|
||||
-l "no-changelog" \
|
||||
--dry-run="$DRY_RUN" \
|
||||
-B "$BRANCH" \
|
||||
--title "Release: $VERSION" \
|
||||
--body "These code changes must be merged after a release is complete"
|
||||
|
||||
- name: Create PR with backports
|
||||
if: "${{ inputs.backport != '' }}"
|
||||
run: >
|
||||
gh pr create \
|
||||
$( [ "x${{ inputs.latest }}" == "xtrue" ] && printf %s '-l "release/latest"') \
|
||||
-l "product-approved" \
|
||||
-l "no-changelog" \
|
||||
--dry-run=${{ inputs.dry_run }} \
|
||||
-B "${{ steps.branch.outputs.branch }}" \
|
||||
--title "Release: ${{ inputs.version }}" \
|
||||
--body "These code changes must be merged after a release is complete"
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
BRANCH: ${{ steps.branch.outputs.branch }}
|
||||
run: |
|
||||
LATEST_FLAG=""
|
||||
if [ "$LATEST" = "true" ]; then
|
||||
LATEST_FLAG='-l "release/latest"'
|
||||
fi
|
||||
gh pr create \
|
||||
$LATEST_FLAG \
|
||||
-l "product-approved" \
|
||||
-l "no-changelog" \
|
||||
--dry-run="$DRY_RUN" \
|
||||
-B "$BRANCH" \
|
||||
--title "Release: $VERSION" \
|
||||
--body "These code changes must be merged after a release is complete"
|
||||
|
||||
60
.github/workflows/remove-milestone.yml
vendored
60
.github/workflows/remove-milestone.yml
vendored
@@ -1,60 +0,0 @@
|
||||
name: Remove milestone
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
version:
|
||||
required: true
|
||||
description: Needs to match, exactly, the name of a milestone
|
||||
workflow_call:
|
||||
inputs:
|
||||
version_call:
|
||||
description: Needs to match, exactly, the name of a milestone
|
||||
required: true
|
||||
type: string
|
||||
|
||||
jobs:
|
||||
config:
|
||||
runs-on: "ubuntu-latest"
|
||||
outputs:
|
||||
has-secrets: ${{ steps.check.outputs.has-secrets }}
|
||||
steps:
|
||||
- name: "Check for secrets"
|
||||
id: check
|
||||
shell: bash
|
||||
run: |
|
||||
if [ -n "${{ (secrets.GRAFANA_DELIVERY_BOT_APP_ID != '' && secrets.GRAFANA_DELIVERY_BOT_APP_PEM != '') || '' }}" ]; then
|
||||
echo "has-secrets=1" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
main:
|
||||
needs: config
|
||||
if: needs.config.outputs.has-secrets
|
||||
permissions:
|
||||
issues: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Actions
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: "grafana/grafana-github-actions"
|
||||
path: ./actions
|
||||
ref: main
|
||||
- name: Install Actions
|
||||
run: npm install --production --prefix ./actions
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: Remove milestone from open issues (manually invoked)
|
||||
if: ${{ github.event.inputs.version != '' }}
|
||||
uses: ./actions/remove-milestone
|
||||
with:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
- name: Remove milestone from open issues (workflow invoked)
|
||||
if: ${{ inputs.version_call != '' }}
|
||||
uses: ./actions/remove-milestone
|
||||
with:
|
||||
version_call: ${{ inputs.version_call }}
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
130
.github/workflows/run-dashboard-search-e2e.yml
vendored
Normal file
130
.github/workflows/run-dashboard-search-e2e.yml
vendored
Normal file
@@ -0,0 +1,130 @@
|
||||
name: run-dashboard-search-e2e
|
||||
|
||||
on:
|
||||
workflow_run:
|
||||
workflows:
|
||||
- trigger-dashboard-search-e2e
|
||||
types:
|
||||
- completed
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
ARCH: linux-amd64
|
||||
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
setup:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.event.pull_request.draft == false
|
||||
outputs:
|
||||
ini_files: ${{ steps.get_files.outputs.ini_files }}
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Pin Go version to mod file
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: 'go.mod'
|
||||
cache: true
|
||||
- run: go version
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: 20
|
||||
cache: 'yarn'
|
||||
- name: Cache Node Modules
|
||||
id: cache-node-modules
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
node_modules
|
||||
/home/runner/.cache/Cypress
|
||||
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
|
||||
- name: Install dependencies
|
||||
if: steps.cache-node-modules.outputs.cache-hit != 'true'
|
||||
run: yarn install --immutable
|
||||
- name: Install Cypress dependencies
|
||||
if: steps.cache-node-modules.outputs.cache-hit != 'true'
|
||||
uses: cypress-io/github-action@108b8684ae52e735ff7891524cbffbcd4be5b19f
|
||||
with:
|
||||
runTests: false
|
||||
- name: Cache Grafana Build and Dependencies
|
||||
id: cache-grafana
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
bin/
|
||||
scripts/grafana-server/
|
||||
tools/
|
||||
public/
|
||||
conf/
|
||||
e2e/test-plugins/
|
||||
devenv/
|
||||
key: ${{ runner.os }}-grafana-${{ hashFiles('go.mod', 'package-lock.json', 'Makefile', 'pkg/storage/**/*.go', 'public/app/features/search/**/*.ts', 'public/app/features/search/**/*.tsx') }}
|
||||
# only rebuild grafana if search files have changed ( or dependencies )
|
||||
- name: Build Grafana (Runs Only If Not Cached)
|
||||
if: steps.cache-grafana.outputs.cache-hit != 'true'
|
||||
run: make build
|
||||
|
||||
- name: Get list of .ini files
|
||||
id: get_files
|
||||
run: |
|
||||
INI_FILES=$(ls ${{ github.workspace }}/e2e/dashboards-search-suite/*.ini | jq -R -s -c 'split("\n")[:-1]')
|
||||
echo "ini_files=$INI_FILES" >> $GITHUB_OUTPUT
|
||||
shell: bash
|
||||
|
||||
run_tests:
|
||||
needs: setup
|
||||
runs-on: ubuntu-latest
|
||||
continue-on-error: true
|
||||
if: github.event.pull_request.draft == false
|
||||
strategy:
|
||||
matrix:
|
||||
ini_file: ${{ fromJson(needs.setup.outputs.ini_files) }}
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Restore Cached Node Modules
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
node_modules
|
||||
/home/runner/.cache/Cypress
|
||||
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
|
||||
|
||||
- name: Restore Cached Grafana Build and Dependencies
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
bin/
|
||||
scripts/grafana-server/
|
||||
tools/
|
||||
public/
|
||||
conf/
|
||||
e2e/test-plugins/
|
||||
devenv/
|
||||
key: ${{ runner.os }}-grafana-${{ hashFiles('go.mod', 'package-lock.json', 'Makefile', 'pkg/storage/**/*.go', 'public/app/features/search/**/*.ts', 'public/app/features/search/**/*.tsx') }}
|
||||
- name: Set the step name
|
||||
id: set_file_name
|
||||
env:
|
||||
INI_NAME: ${{ matrix.ini_file }}
|
||||
run: |
|
||||
FILE_NAME=$(basename "$env.INI_NAME" .ini)
|
||||
echo "FILE_NAME=$FILE_NAME" >> $GITHUB_OUTPUT
|
||||
- name: Run tests for ${{ steps.set_file_name.outputs.FILE_NAME }}
|
||||
env:
|
||||
INI_NAME: ${{ matrix.ini_file }}
|
||||
run: |
|
||||
cp -rf $INI_NAME ${{ github.workspace }}/scripts/grafana-server/custom.ini
|
||||
yarn e2e:dashboards-search || echo "Test failed but marking as success since unified search is behind a feature flag and should not block PRs"
|
||||
39
.github/workflows/run-e2e-suite.yml
vendored
Normal file
39
.github/workflows/run-e2e-suite.yml
vendored
Normal file
@@ -0,0 +1,39 @@
|
||||
name: e2e suite
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
package:
|
||||
type: string
|
||||
required: true
|
||||
suite:
|
||||
type: string
|
||||
required: true
|
||||
|
||||
jobs:
|
||||
main:
|
||||
runs-on: ubuntu-latest-8-cores
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- uses: actions/download-artifact@v4
|
||||
with:
|
||||
name: ${{ inputs.package }}
|
||||
- uses: dagger/dagger-for-github@e47aba410ef9bb9ed81a4d2a97df31061e5e842e
|
||||
with:
|
||||
verb: run
|
||||
args: go run ./pkg/build/e2e --package=grafana.tar.gz --suite=${{ inputs.suite }}
|
||||
- name: Set suite name
|
||||
id: set-suite-name
|
||||
if: always()
|
||||
env:
|
||||
SUITE: ${{ inputs.suite }}
|
||||
run: |
|
||||
echo "suite=$(echo $SUITE | sed 's/\//-/g')" >> $GITHUB_OUTPUT
|
||||
- uses: actions/upload-artifact@v4
|
||||
if: always()
|
||||
with:
|
||||
name: e2e-${{ steps.set-suite-name.outputs.suite }}-${{github.run_number}}
|
||||
path: videos
|
||||
retention-days: 1
|
||||
6
.github/workflows/run-schema-v2-e2e.yml
vendored
6
.github/workflows/run-schema-v2-e2e.yml
vendored
@@ -19,6 +19,8 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Pin Go version to mod file
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
@@ -33,7 +35,7 @@ jobs:
|
||||
- name: Build grafana
|
||||
run: make build
|
||||
- name: Install Cypress dependencies
|
||||
uses: cypress-io/github-action@v6
|
||||
uses: cypress-io/github-action@108b8684ae52e735ff7891524cbffbcd4be5b19f
|
||||
with:
|
||||
runTests: false
|
||||
- name: Run dashboard scenes e2e
|
||||
@@ -41,4 +43,4 @@ jobs:
|
||||
|
||||
- name: Always succeed # This is a workaround to make the job pass even if the previous step fails
|
||||
if: failure()
|
||||
run: exit 0
|
||||
run: exit 0
|
||||
|
||||
84
.github/workflows/scripts/crowdin/create-tasks.js
vendored
Normal file
84
.github/workflows/scripts/crowdin/create-tasks.js
vendored
Normal file
@@ -0,0 +1,84 @@
|
||||
const crowdin = require('@crowdin/crowdin-api-client');
|
||||
const TRANSLATED_CONNECTOR_DESCRIPTION = '{{tos_service_type: premium}}';
|
||||
|
||||
const API_TOKEN = process.env.CROWDIN_PERSONAL_TOKEN;
|
||||
if (!API_TOKEN) {
|
||||
console.error('Error: CROWDIN_PERSONAL_TOKEN environment variable is not set');
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
const PROJECT_ID = process.env.CROWDIN_PROJECT_ID;
|
||||
if (!PROJECT_ID) {
|
||||
console.error('Error: CROWDIN_PROJECT_ID environment variable is not set');
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
const { tasksApi, projectsGroupsApi, sourceFilesApi } = new crowdin.default({
|
||||
token: API_TOKEN,
|
||||
organization: 'grafana'
|
||||
});
|
||||
|
||||
const languages = await getLanguages();
|
||||
const fileIds = await getFileIds();
|
||||
console.log('Languages: ', languages);
|
||||
console.log('File IDs: ', fileIds);
|
||||
|
||||
// for (const language of languages) {
|
||||
// const { name, id } = language;
|
||||
// await createTask(`Translate to ${name}`, id, fileIds);
|
||||
// }
|
||||
|
||||
async function getLanguages() {
|
||||
try {
|
||||
const project = await projectsGroupsApi.getProject(PROJECT_ID);
|
||||
const languages = project.data.targetLanguages;
|
||||
return languages;
|
||||
} catch (error) {
|
||||
console.error('Failed to fetch languages: ', error.message);
|
||||
if (error.response && error.response.data) {
|
||||
console.error('Error details: ', JSON.stringify(error.response.data, null, 2));
|
||||
}
|
||||
process.exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
async function getFileIds() {
|
||||
try {
|
||||
const response = await sourceFilesApi.listProjectFiles(PROJECT_ID);
|
||||
const files = response.data;
|
||||
const fileIds = files.map(file => file.data.id);
|
||||
return fileIds;
|
||||
} catch (error) {
|
||||
console.error('Failed to fetch file IDs: ', error.message);
|
||||
if (error.response && error.response.data) {
|
||||
console.error('Error details: ', JSON.stringify(error.response.data, null, 2));
|
||||
}
|
||||
process.exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
async function createTask(title, languageId, fileIds) {
|
||||
try {
|
||||
const taskParams = {
|
||||
title,
|
||||
description: TRANSLATED_CONNECTOR_DESCRIPTION,
|
||||
languageId,
|
||||
type: 2, // Translation by vendor
|
||||
workflowStepId: 78, // Translation step ID
|
||||
skipAssignedStrings: true,
|
||||
fileIds,
|
||||
};
|
||||
|
||||
console.log(`Creating Crowdin task: "${title}" for language ${languageId}`);
|
||||
|
||||
const response = await tasksApi.addTask(PROJECT_ID, taskParams);
|
||||
console.log(`Task created successfully! Task ID: ${response.data.id}`);
|
||||
return response.data;
|
||||
} catch (error) {
|
||||
console.error('Failed to create Crowdin task: ', error.message);
|
||||
if (error.response && error.response.data) {
|
||||
console.error('Error details: ', JSON.stringify(error.response.data, null, 2));
|
||||
}
|
||||
process.exit(1);
|
||||
}
|
||||
}
|
||||
106
.github/workflows/skye-add-to-project.yml
vendored
Normal file
106
.github/workflows/skye-add-to-project.yml
vendored
Normal file
@@ -0,0 +1,106 @@
|
||||
name: Add issues and PRs to Skye project board
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
manual_issue_number:
|
||||
description: 'Issue/PR number to add to project'
|
||||
required: false
|
||||
type: number
|
||||
issues:
|
||||
types: [opened]
|
||||
pull_request:
|
||||
types: [opened]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
|
||||
env:
|
||||
ORGANIZATION: grafana
|
||||
REPO: grafana
|
||||
PROJECT_ID: "PVT_kwDOAG3Mbc4AxfcI" # Retrieved manually from GitHub GraphQL Explorer
|
||||
|
||||
concurrency:
|
||||
group: skye-add-to-project-${{ github.event.number }}
|
||||
|
||||
jobs:
|
||||
main:
|
||||
if: github.repository == 'grafana/grafana'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: "Get vault secrets"
|
||||
id: vault-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
# Vault secret paths:
|
||||
# - ci/repo/grafana/grafana/grafana_pr_automation_app
|
||||
# - ci/repo/grafana/grafana/frontend_platform_skye_usernames (comma separated list of usernames)
|
||||
repo_secrets: |
|
||||
GH_APP_ID=grafana_pr_automation_app:app_id
|
||||
GH_APP_PEM=grafana_pr_automation_app:app_pem
|
||||
ALLOWED_USERS=frontend_platform_skye_usernames:allowed_users
|
||||
|
||||
- name: Generate token
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ env.GH_APP_ID }}
|
||||
private_key: ${{ env.GH_APP_PEM }}
|
||||
|
||||
# Check if the user is in the list from the secret
|
||||
- name: Check if user is allowed
|
||||
id: check_user
|
||||
env:
|
||||
ALLOWED_USERS: ${{ env.ALLOWED_USERS }}
|
||||
USERNAME: ${{ github.event.sender.login }}
|
||||
run: |
|
||||
# Convert the comma-separated list to an array
|
||||
IFS=',' read -ra ALLOWED_USERS <<< "$ALLOWED_USERS"
|
||||
|
||||
# Check if user is in the allowed list
|
||||
for allowed_user in "${ALLOWED_USERS[@]}"; do
|
||||
if [ "$allowed_user" = "$USERNAME" ]; then
|
||||
echo "user_allowed=true" >> $GITHUB_OUTPUT
|
||||
exit 0
|
||||
fi
|
||||
done
|
||||
echo "user_allowed=false" >> $GITHUB_OUTPUT
|
||||
|
||||
# Convert the issue/PR number to a node ID for the GraphQL API
|
||||
- name: Get node ID for item
|
||||
if: steps.check_user.outputs.user_allowed == 'true'
|
||||
id: get_node_id
|
||||
uses: octokit/graphql-action@51bf543c240dcd14761320e2efc625dc32ec0d32
|
||||
with:
|
||||
query: |
|
||||
query getNodeId($owner: String!, $repo: String!, $number: Int!) {
|
||||
repository(owner: $owner, name: $repo) {
|
||||
issueOrPullRequest(number: $number) {
|
||||
... on Issue { id }
|
||||
... on PullRequest { id }
|
||||
}
|
||||
}
|
||||
}
|
||||
variables: |
|
||||
owner: ${{ env.ORGANIZATION }}
|
||||
repo: ${{ env.REPO }}
|
||||
number: ${{ github.event.number || github.event.inputs.manual_issue_number }}
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
|
||||
# Finally, add the issue/PR to the project board
|
||||
- name: Add to project board
|
||||
if: steps.check_user.outputs.user_allowed == 'true'
|
||||
uses: octokit/graphql-action@51bf543c240dcd14761320e2efc625dc32ec0d32
|
||||
with:
|
||||
query: |
|
||||
mutation addItem($projectid: ID!, $itemid: ID!) {
|
||||
addProjectV2ItemById(input: {projectId: $projectid, contentId: $itemid}) {
|
||||
item { id }
|
||||
}
|
||||
}
|
||||
variables: |
|
||||
projectid: ${{ env.PROJECT_ID }}
|
||||
itemid: ${{ fromJSON(steps.get_node_id.outputs.data).repository.issueOrPullRequest.id }}
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
|
||||
48
.github/workflows/storybook-verification.yml
vendored
Normal file
48
.github/workflows/storybook-verification.yml
vendored
Normal file
@@ -0,0 +1,48 @@
|
||||
name: Verify Storybook
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- 'packages/grafana-ui/**'
|
||||
- '!docs/**'
|
||||
- '!*.md'
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'packages/grafana-ui/**'
|
||||
- '!docs/**'
|
||||
- '!*.md'
|
||||
|
||||
jobs:
|
||||
verify-storybook:
|
||||
name: Verify Storybook
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version-file: 'package.json'
|
||||
cache: 'yarn'
|
||||
|
||||
- name: Install dependencies
|
||||
run: yarn install --immutable
|
||||
|
||||
- name: Run Storybook and E2E tests
|
||||
uses: cypress-io/github-action@108b8684ae52e735ff7891524cbffbcd4be5b19f
|
||||
with:
|
||||
browser: chrome
|
||||
start: yarn storybook --quiet
|
||||
wait-on: 'http://localhost:9001'
|
||||
wait-on-timeout: 60
|
||||
command: yarn e2e:storybook
|
||||
install: false
|
||||
env:
|
||||
HOST: localhost
|
||||
PORT: 9001
|
||||
63
.github/workflows/sync-mirror-event.yml
vendored
Normal file
63
.github/workflows/sync-mirror-event.yml
vendored
Normal file
@@ -0,0 +1,63 @@
|
||||
# Owned by grafana-delivery-squad
|
||||
# Intended to be dropped into the base repo, Ex: grafana/grafana
|
||||
name: Dispatch sync to mirror
|
||||
run-name: dispatch-sync-to-mirror-${{ github.ref_name }}
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- "main"
|
||||
- "v*.*.*"
|
||||
- "release-*"
|
||||
|
||||
permissions: {}
|
||||
|
||||
# This is run after the pull request has been merged, so we'll run against the target branch
|
||||
jobs:
|
||||
dispatch-job:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: read
|
||||
actions: write
|
||||
env:
|
||||
REF_NAME: ${{ github.ref_name }}
|
||||
REPO: ${{ github.repository }}
|
||||
SHA: ${{ github.sha }}
|
||||
steps:
|
||||
- name: "Get vault secrets"
|
||||
id: vault-secrets
|
||||
uses: grafana/shared-workflows/actions/get-vault-secrets@main
|
||||
with:
|
||||
# Secrets placed in the ci/data/repo/grafana/grafana/delivery-bot-app path in Vault
|
||||
repo_secrets: |
|
||||
GRAFANA_DELIVERY_BOT_APP_PEM=delivery-bot-app:PRIVATE_KEY
|
||||
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a
|
||||
with:
|
||||
# App needs Actions: Read/Write for the grafana/security-patch-actions repo
|
||||
app_id: ${{ vars.DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ env.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
|
||||
- uses: actions/github-script@v7
|
||||
if: github.repository == 'grafana/grafana'
|
||||
with:
|
||||
github-token: ${{ steps.generate_token.outputs.token }}
|
||||
script: |
|
||||
const {REF_NAME, REPO, SHA} = process.env;
|
||||
|
||||
await github.rest.actions.createWorkflowDispatch({
|
||||
owner: 'grafana',
|
||||
repo: 'security-patch-actions',
|
||||
workflow_id: 'mirror-branch-and-apply-patches-event.yml',
|
||||
ref: 'main',
|
||||
inputs: {
|
||||
src_ref: REF_NAME,
|
||||
src_repo: REPO,
|
||||
src_sha: SHA,
|
||||
dest_repo: REPO + "-security-mirror",
|
||||
patch_repo: REPO + "-security-patches"
|
||||
}
|
||||
})
|
||||
25
.github/workflows/sync-mirror.yml
vendored
25
.github/workflows/sync-mirror.yml
vendored
@@ -1,25 +0,0 @@
|
||||
# Owned by grafana-release-guild
|
||||
# Intended to be dropped into the base repo, Ex: grafana/grafana
|
||||
name: Sync to mirror
|
||||
run-name: sync-to-mirror-${{ github.ref_name }}
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- "main"
|
||||
- "v*.*.*"
|
||||
- "release-*"
|
||||
|
||||
# This is run after the pull request has been merged, so we'll run against the target branch
|
||||
jobs:
|
||||
trigger_downstream_patch_mirror:
|
||||
concurrency: patch-mirror-${{ github.ref_name }}
|
||||
uses: grafana/security-patch-actions/.github/workflows/mirror-branch-and-apply-patches.yml@main
|
||||
if: github.repository == 'grafana/grafana'
|
||||
with:
|
||||
ref: "${{ github.ref_name }}" # this is the target branch name, Ex: "main"
|
||||
src_repo: "${{ github.repository }}"
|
||||
dest_repo: "${{ github.repository }}-security-mirror"
|
||||
patch_repo: "${{ github.repository }}-security-patches"
|
||||
secrets: inherit
|
||||
|
||||
28
.github/workflows/trigger-dashboard-search-e2e.yml
vendored
Normal file
28
.github/workflows/trigger-dashboard-search-e2e.yml
vendored
Normal file
@@ -0,0 +1,28 @@
|
||||
name: trigger-dashboard-search-e2e
|
||||
# triggers the dashboard search e2e tests which runs async
|
||||
# doesn't block prs, allows setting up notifications from grafana
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- public/app/features/search/**/*.ts
|
||||
- public/app/features/search/**/*.tsx
|
||||
- pkg/storage/**/*.go
|
||||
pull_request:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- public/app/features/search/**/*.ts
|
||||
- public/app/features/search/**/*.tsx
|
||||
- pkg/storage/**/*.go
|
||||
env:
|
||||
ARCH: linux-amd64
|
||||
|
||||
jobs:
|
||||
trigger-search-e2e:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.event.pull_request.draft == false
|
||||
steps:
|
||||
- name: Trigger Dashboard Search E2E
|
||||
run: echo "Triggered Dashboard Search e2e..."
|
||||
4
.github/workflows/trivy-scan.yml
vendored
4
.github/workflows/trivy-scan.yml
vendored
@@ -17,8 +17,10 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Install Trivy
|
||||
uses: aquasecurity/setup-trivy@v0.2.2
|
||||
uses: aquasecurity/setup-trivy@9ea583eb67910444b1f64abf338bd2e105a0a93d
|
||||
with:
|
||||
version: v0.56.2
|
||||
cache: true
|
||||
|
||||
52
.github/workflows/update-changelog.yml
vendored
52
.github/workflows/update-changelog.yml
vendored
@@ -1,52 +0,0 @@
|
||||
name: Update changelog
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
version:
|
||||
required: true
|
||||
description: 'Needs to match, exactly, the name of a milestone. The version to be released please respect: major.minor.patch, major.minor.patch-preview or major.minor.patch-preview<number> format. example: 7.4.3, 7.4.3-preview or 7.4.3-preview1'
|
||||
skip_pr:
|
||||
required: false
|
||||
default: "0"
|
||||
skip_community_post:
|
||||
required: false
|
||||
default: "0"
|
||||
jobs:
|
||||
config:
|
||||
runs-on: "ubuntu-latest"
|
||||
outputs:
|
||||
has-secrets: ${{ steps.check.outputs.has-secrets }}
|
||||
steps:
|
||||
- name: "Check for secrets"
|
||||
id: check
|
||||
shell: bash
|
||||
run: |
|
||||
if [ -n "${{ (secrets.GRAFANA_DELIVERY_BOT_APP_ID != '' &&
|
||||
secrets.GRAFANA_DELIVERY_BOT_APP_PEM != '' &&
|
||||
secrets.GRAFANA_MISC_STATS_API_KEY != '' &&
|
||||
secrets.GRAFANABOT_FORUM_KEY != ''
|
||||
) || '' }}" ]; then
|
||||
echo "has-secrets=1" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
main:
|
||||
needs: config
|
||||
if: needs.config.outputs.has-secrets
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: "Generate token"
|
||||
id: generate_token
|
||||
uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
|
||||
with:
|
||||
app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
|
||||
private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
|
||||
- name: Run update changelog (manually invoked)
|
||||
uses: grafana/grafana-github-actions-go/update-changelog@main
|
||||
with:
|
||||
token: ${{ steps.generate_token.outputs.token }}
|
||||
version: ${{ inputs.version }}
|
||||
metrics_api_key: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
|
||||
community_api_key: ${{ secrets.GRAFANABOT_FORUM_KEY }}
|
||||
community_api_username: grafanabot
|
||||
skip_pr: ${{ inputs.skip_pr }}
|
||||
skip_community_post: ${{ inputs.skip_community_post }}
|
||||
4
.github/workflows/update-make-docs.yml
vendored
4
.github/workflows/update-make-docs.yml
vendored
@@ -9,7 +9,9 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: grafana/writers-toolkit/update-make-docs@update-make-docs/v1
|
||||
with:
|
||||
persist-credentials: false
|
||||
- uses: grafana/writers-toolkit/update-make-docs@update-make-docs/v1 # zizmor: ignore[unpinned-uses]
|
||||
with:
|
||||
pr_options: >
|
||||
--label 'backport v10.1.x'
|
||||
|
||||
3
.github/workflows/verify-kinds.yml
vendored
3
.github/workflows/verify-kinds.yml
vendored
@@ -14,9 +14,10 @@ jobs:
|
||||
uses: "actions/checkout@v4"
|
||||
with:
|
||||
fetch-depth: 0
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Setup Go"
|
||||
uses: "actions/setup-go@v4"
|
||||
uses: "actions/setup-go@19bb51245e9c80abacb2e91cc42b33fa478b8639"
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
|
||||
|
||||
31
.github/zizmor.yml
vendored
Normal file
31
.github/zizmor.yml
vendored
Normal file
@@ -0,0 +1,31 @@
|
||||
rules:
|
||||
unpinned-uses:
|
||||
config:
|
||||
policies:
|
||||
"*": hash-pin
|
||||
actions/*: any
|
||||
github/*: any
|
||||
grafana/*: any
|
||||
forbidden-uses:
|
||||
config:
|
||||
deny:
|
||||
# Policy-banned by our security team due to CVE-2025-30066 & CVE-2025-30154.
|
||||
# https://www.cisa.gov/news-events/alerts/2025/03/18/supply-chain-compromise-third-party-tj-actionschanged-files-cve-2025-30066-and-reviewdogaction
|
||||
# https://nvd.nist.gov/vuln/detail/cve-2025-30066
|
||||
# https://nvd.nist.gov/vuln/detail/cve-2025-30154
|
||||
- reviewdog/*
|
||||
cache-poisoning:
|
||||
ignore:
|
||||
- backend-unit-tests.yml
|
||||
- frontend-lint.yml
|
||||
- pr-frontend-unit-tests.yml
|
||||
- pr-test-integration.yml
|
||||
- publish-kinds-release.yml
|
||||
dangerous-triggers:
|
||||
ignore:
|
||||
- auto-milestone.yml
|
||||
- backport.yml
|
||||
- pr-checks.yml
|
||||
- pr-commands.yml
|
||||
- pr-patch-check-event.yml
|
||||
- run-dashboard-search-e2e.yml
|
||||
17
.gitignore
vendored
17
.gitignore
vendored
@@ -40,7 +40,6 @@ __debug_bin*
|
||||
# This is the new place of the block, but I leave the previous here for a while
|
||||
/devenv/docker/blocks/auth/saml-enterprise
|
||||
/devenv/docker/blocks/auth/signer
|
||||
/devenv/docker/blocks/spanner_tests
|
||||
|
||||
/tmp
|
||||
tools/phantomjs/phantomjs
|
||||
@@ -104,18 +103,14 @@ profile.cov
|
||||
/pkg/cmd/grafana-cli/grafana-cli
|
||||
/pkg/cmd/grafana-server/grafana-server
|
||||
/pkg/cmd/grafana-server/debug
|
||||
|
||||
# Extensions
|
||||
/pkg/cmd/grafana-cli/runner/wireexts_enterprise.go
|
||||
/pkg/server/wireexts_enterprise.go
|
||||
/pkg/build/cmd/enterprise.go
|
||||
/pkg/extensions/*
|
||||
!/pkg/extensions/.keep
|
||||
/pkg/build/cmd/artifactspage.go
|
||||
/pkg/build/cmd/artifactspage.tmpl.html
|
||||
/pkg/build/cmd/exportversion.go
|
||||
/pkg/server/wireexts_enterprise.go
|
||||
/pkg/cmd/grafana-cli/runner/wireexts_enterprise.go
|
||||
!/pkg/extensions/main.go
|
||||
/public/app/extensions
|
||||
!/public/app/extensions/.keep
|
||||
|
||||
|
||||
debug.test
|
||||
/examples/*/dist
|
||||
/packaging/**/*.rpm
|
||||
@@ -175,13 +170,13 @@ compilation-stats.json
|
||||
/e2e/benchmarks/**/results
|
||||
/e2e/build_results.zip
|
||||
/e2e/extensions
|
||||
!/e2e/extensions/.keep
|
||||
/e2e/extensions-suite
|
||||
/test-results/
|
||||
/playwright-report/
|
||||
/blob-report/
|
||||
/playwright/.cache/
|
||||
/playwright/.auth/
|
||||
|
||||
# grafana server
|
||||
/scripts/grafana-server/server.log
|
||||
|
||||
|
||||
@@ -191,10 +191,10 @@ linters-settings:
|
||||
allow: []
|
||||
deny:
|
||||
- pkg: github.com/grafana/grafana/pkg
|
||||
desc: apps/investigations is not allowed to import grafana core
|
||||
desc: apps/investigation is not allowed to import grafana core
|
||||
files:
|
||||
- ./apps/investigations/*
|
||||
- ./apps/investigations/**/*
|
||||
- ./apps/investigation/*
|
||||
- ./apps/investigation/**/*
|
||||
gocritic:
|
||||
enabled-checks:
|
||||
- ruleguard
|
||||
|
||||
22
.ignore
22
.ignore
@@ -1,22 +0,0 @@
|
||||
# This is a trick to ignore files only by git but not by other tools
|
||||
!/public/app/extensions
|
||||
!/pkg/extensions/*
|
||||
!/pkg/cmd/grafana-cli/runner/wireexts_enterprise.go
|
||||
!/pkg/server/wireexts_enterprise.go
|
||||
!/pkg/build/cmd/enterprise.go
|
||||
!/pkg/extensions/*
|
||||
|
||||
# Enterprise emails
|
||||
!/emails/templates/enterprise_*
|
||||
!/public/emails/enterprise_*
|
||||
|
||||
# Enterprise reporting fonts
|
||||
!/public/fonts/dejavu
|
||||
|
||||
# Enterprise devenv
|
||||
!/devenv/docker/blocks/grafana-enterprise
|
||||
!/devenv/docker/blocks/saml-enterprise
|
||||
# This is the new place of the block, but I leave the previous here for a while
|
||||
!/devenv/docker/blocks/auth/saml-enterprise
|
||||
!/devenv/docker/blocks/auth/signer
|
||||
!/devenv/docker/blocks/spanner_tests
|
||||
@@ -1,5 +0,0 @@
|
||||
MinAlertLevel = warning
|
||||
|
||||
[*]
|
||||
BasedOnStyles = Grafana
|
||||
TokenIgnores = (<http[^\n]+>+?), \*\*[^\n]+\*\*
|
||||
28
.vscode/launch.json
vendored
28
.vscode/launch.json
vendored
@@ -9,7 +9,12 @@
|
||||
"program": "${workspaceFolder}/pkg/cmd/grafana/",
|
||||
"env": {},
|
||||
"cwd": "${workspaceFolder}",
|
||||
"args": ["server", "--homepath", "${workspaceFolder}", "--packaging", "dev", "cfg:app_mode=development"]
|
||||
"args": [
|
||||
"server",
|
||||
"--homepath", "${workspaceFolder}",
|
||||
"--packaging", "dev",
|
||||
"cfg:app_mode=development",
|
||||
]
|
||||
},
|
||||
{
|
||||
"name": "Attach to Test Process",
|
||||
@@ -18,7 +23,7 @@
|
||||
"mode": "remote",
|
||||
"host": "127.0.0.1",
|
||||
"port": 50480,
|
||||
"apiVersion": 2
|
||||
"apiVersion": 2,
|
||||
},
|
||||
{
|
||||
"name": "Run API Server (testdata)",
|
||||
@@ -67,16 +72,6 @@
|
||||
"cwd": "${workspaceFolder}",
|
||||
"args": ["server", "target", "--homepath", "${workspaceFolder}", "--packaging", "dev"]
|
||||
},
|
||||
{
|
||||
"name": "Run Authz server",
|
||||
"type": "go",
|
||||
"request": "launch",
|
||||
"mode": "auto",
|
||||
"program": "${workspaceFolder}/pkg/cmd/grafana/",
|
||||
"env": { "GF_DEFAULT_TARGET": "zanzana-server", "GF_SERVER_HTTP_PORT": "3001" },
|
||||
"cwd": "${workspaceFolder}",
|
||||
"args": ["server", "target", "--homepath", "${workspaceFolder}", "--packaging", "dev"]
|
||||
},
|
||||
{
|
||||
"name": "Attach to Chrome",
|
||||
"port": 9222,
|
||||
@@ -96,15 +91,6 @@
|
||||
"NODE_ENV": "test"
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "Debug ESLint",
|
||||
"type": "node",
|
||||
"request": "launch",
|
||||
"runtimeExecutable": "yarn",
|
||||
"runtimeArgs": ["run", "eslint", "${file}"],
|
||||
"console": "integratedTerminal",
|
||||
"internalConsoleOptions": "neverOpen"
|
||||
},
|
||||
{
|
||||
"name": "Debug Go test",
|
||||
"type": "go",
|
||||
|
||||
@@ -13,6 +13,10 @@ packageExtensions:
|
||||
doctrine@3.0.0:
|
||||
dependencies:
|
||||
assert: 2.0.0
|
||||
rc-time-picker@3.7.3:
|
||||
peerDependencies:
|
||||
react: 17.0.1
|
||||
react-dom: 17.0.1
|
||||
rc-trigger@2.6.5:
|
||||
peerDependencies:
|
||||
react: 17.0.1
|
||||
|
||||
185
CHANGELOG.md
185
CHANGELOG.md
@@ -1,3 +1,73 @@
|
||||
<!-- 11.5.4 START -->
|
||||
|
||||
# 11.5.4 (2025-04-23)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Azure Monitor:** Filter namespaces by resource group [#103654](https://github.com/grafana/grafana/pull/103654), [@alyssabull](https://github.com/alyssabull)
|
||||
- **Azure:** Add support for custom namespace and custom metrics variable queries [#103650](https://github.com/grafana/grafana/pull/103650), [@aangelisc](https://github.com/aangelisc)
|
||||
- **Azure:** Resource picker improvements [#103638](https://github.com/grafana/grafana/pull/103638), [@aangelisc](https://github.com/aangelisc)
|
||||
- **Azure:** Support more complex variable interpolation [#103651](https://github.com/grafana/grafana/pull/103651), [@aangelisc](https://github.com/aangelisc)
|
||||
- **Azure:** Variable editor and resource picker improvements [#103657](https://github.com/grafana/grafana/pull/103657), [@aangelisc](https://github.com/aangelisc)
|
||||
- **Chore:** Update CVE-affected dependencies [#102709](https://github.com/grafana/grafana/pull/102709), [@grambbledook](https://github.com/grambbledook)
|
||||
- **DashboardScenePage:** Correct slug in self referencing data links [#103853](https://github.com/grafana/grafana/pull/103853), [@Sergej-Vlasov](https://github.com/Sergej-Vlasov)
|
||||
- **Dependencies:** Bump github.com/redis/go-redis/v9 to 9.6.3 to address CVE-2025-29923 [#102865](https://github.com/grafana/grafana/pull/102865), [@macabu](https://github.com/macabu)
|
||||
- **Go:** Bump to 1.24.2 [#103525](https://github.com/grafana/grafana/pull/103525), [@Proximyst](https://github.com/Proximyst)
|
||||
- **Go:** Bump to 1.24.2 (Enterprise)
|
||||
- **Prometheus:** Add support for cloud partners Prometheus data sources [#103942](https://github.com/grafana/grafana/pull/103942), [@kevinwcyu](https://github.com/kevinwcyu)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **InfluxDB:** Fix nested variable interpolation [#104095](https://github.com/grafana/grafana/pull/104095), [@aangelisc](https://github.com/aangelisc)
|
||||
- **LDAP test:** Fix page crash [#102683](https://github.com/grafana/grafana/pull/102683), [@ashharrison90](https://github.com/ashharrison90)
|
||||
- **Security:** Fix CVE-2025-3454
|
||||
- **Security:** Fix CVE-2025-2703
|
||||
|
||||
<!-- 11.5.4 END -->
|
||||
<!-- 11.5.3 START -->
|
||||
|
||||
# 11.5.3 (2025-03-25)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Chore:** Bump Go to 1.23.7 [#101581](https://github.com/grafana/grafana/pull/101581), [@macabu](https://github.com/macabu)
|
||||
- **Chore:** Bump Go to 1.23.7 (Enterprise)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Alerting:** Fix token-based Slack image upload to work with channel names [#101078](https://github.com/grafana/grafana/pull/101078), [@JacobsonMT](https://github.com/JacobsonMT)
|
||||
- **Auth:** Fix AzureAD config UI's ClientAuthentication dropdown [#100869](https://github.com/grafana/grafana/pull/100869), [@mgyongyosi](https://github.com/mgyongyosi)
|
||||
- **Dashboard:** Fix the unintentional time range and variables updates on saving [#101671](https://github.com/grafana/grafana/pull/101671), [@harisrozajac](https://github.com/harisrozajac)
|
||||
- **Dashboards:** Fix missing `v/e/i` keybindings to return back to dashboard [#102365](https://github.com/grafana/grafana/pull/102365), [@mdvictor](https://github.com/mdvictor)
|
||||
- **InfluxDB:** Improve handling of template variables contained in regular expressions (InfluxQL) [#100977](https://github.com/grafana/grafana/pull/100977), [@aangelisc](https://github.com/aangelisc)
|
||||
- **Org redirection:** Fix linking between orgs [#102089](https://github.com/grafana/grafana/pull/102089), [@ashharrison90](https://github.com/ashharrison90)
|
||||
|
||||
<!-- 11.5.3 END -->
|
||||
<!-- 11.5.2 START -->
|
||||
|
||||
# 11.5.2 (2025-02-18)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Docker:** Use our own glibc 2.40 binaries [#99918](https://github.com/grafana/grafana/pull/99918), [@DanCech](https://github.com/DanCech)
|
||||
- **TransformationFilter:** Include transformation outputs in transformation filtering options [#99878](https://github.com/grafana/grafana/pull/99878), [@Sergej-Vlasov](https://github.com/Sergej-Vlasov)
|
||||
- **grafana-ui:** Update InlineField error prop type to React.ReactNode [#100373](https://github.com/grafana/grafana/pull/100373), [@Clarity-89](https://github.com/Clarity-89)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Alerting:** Allow specifying uid for new rules added to groups [#100450](https://github.com/grafana/grafana/pull/100450), [@yuri-tceretian](https://github.com/yuri-tceretian)
|
||||
- **Alerting:** Allow specifying uid for new rules added to groups [#100450](https://github.com/grafana/grafana/pull/100450), [@yuri-tceretian](https://github.com/yuri-tceretian)
|
||||
- **Alerting:** Call RLock() before reading sendAlertsTo map [#99880](https://github.com/grafana/grafana/pull/99880), [@santihernandezc](https://github.com/santihernandezc)
|
||||
- **Auth:** Fix redirect with JWT auth URL login [#100355](https://github.com/grafana/grafana/pull/100355), [@mgyongyosi](https://github.com/mgyongyosi)
|
||||
- **AuthN:** Refetch user on "ErrUserAlreadyExists" [#100582](https://github.com/grafana/grafana/pull/100582), [@kalleep](https://github.com/kalleep)
|
||||
- **Azure:** Correctly set application insights resource values [#99599](https://github.com/grafana/grafana/pull/99599), [@aangelisc](https://github.com/aangelisc)
|
||||
- **CodeEditor:** Fix cursor alignment [#99863](https://github.com/grafana/grafana/pull/99863), [@ashharrison90](https://github.com/ashharrison90)
|
||||
- **DashboardList:** Throttle the re-renders [#100046](https://github.com/grafana/grafana/pull/100046), [@bfmatei](https://github.com/bfmatei)
|
||||
- **Dashboards:** Bring back scripted dashboards [#100633](https://github.com/grafana/grafana/pull/100633), [@dprokop](https://github.com/dprokop)
|
||||
- **Plugin Metrics:** Eliminate data race in plugin metrics middleware [#100078](https://github.com/grafana/grafana/pull/100078), [@clord](https://github.com/clord)
|
||||
- **RBAC:** Don't check folder access if `annotationPermissionUpdate` FT is enabled [#100117](https://github.com/grafana/grafana/pull/100117), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
|
||||
|
||||
<!-- 11.5.2 END -->
|
||||
<!-- 11.5.1 START -->
|
||||
|
||||
# 11.5.1 (2025-02-03)
|
||||
@@ -176,121 +246,6 @@
|
||||
- **Grafana UI:** Re-add react-router-dom as a dependency [#97540](https://github.com/grafana/grafana/pull/97540), [@leventebalogh](https://github.com/leventebalogh)
|
||||
|
||||
<!-- 11.5.0 END -->
|
||||
<!-- 11.4.1 START -->
|
||||
|
||||
# 11.4.1 (2025-01-28)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Security:** Update to Go 1.23.5 - Backport to v11.4.x [#99123](https://github.com/grafana/grafana/pull/99123), [@Proximyst](https://github.com/Proximyst)
|
||||
- **Security:** Update to Go 1.23.5 - Backport to v11.4.x (Enterprise)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Alerting:** AlertingQueryRunner should skip descendant nodes of invalid queries [#97830](https://github.com/grafana/grafana/pull/97830), [@gillesdemey](https://github.com/gillesdemey)
|
||||
- **Alerting:** Fix alert rules unpausing after moving rule to different folder [#97583](https://github.com/grafana/grafana/pull/97583), [@santihernandezc](https://github.com/santihernandezc)
|
||||
- **Alerting:** Fix label escaping in rule export [#98649](https://github.com/grafana/grafana/pull/98649), [@moustafab](https://github.com/moustafab)
|
||||
- **Alerting:** Fix slack image uploading to use new api [#98066](https://github.com/grafana/grafana/pull/98066), [@moustafab](https://github.com/moustafab)
|
||||
- **Azure/GCM:** Improve error display [#97594](https://github.com/grafana/grafana/pull/97594), [@aangelisc](https://github.com/aangelisc)
|
||||
- **Dashboards:** Fix issue where filtered panels would not react to variable changes [#98734](https://github.com/grafana/grafana/pull/98734), [@oscarkilhed](https://github.com/oscarkilhed)
|
||||
- **Dashboards:** Fixes issue with panel header showing even when hide time override was enabled [#98747](https://github.com/grafana/grafana/pull/98747), [@torkelo](https://github.com/torkelo)
|
||||
- **Dashboards:** Fixes week relative time ranges when weekStart was changed [#98269](https://github.com/grafana/grafana/pull/98269), [@torkelo](https://github.com/torkelo)
|
||||
- **Dashboards:** Panel react for `timeFrom` and `timeShift` changes using variables [#98659](https://github.com/grafana/grafana/pull/98659), [@Sergej-Vlasov](https://github.com/Sergej-Vlasov)
|
||||
- **DateTimePicker:** Fixes issue with date picker showing invalid date [#97971](https://github.com/grafana/grafana/pull/97971), [@torkelo](https://github.com/torkelo)
|
||||
- **Fix:** Add support for datasource variable queries [#98119](https://github.com/grafana/grafana/pull/98119), [@sunker](https://github.com/sunker)
|
||||
- **InfluxDB:** Adhoc filters can use template vars as values [#98786](https://github.com/grafana/grafana/pull/98786), [@bossinc](https://github.com/bossinc)
|
||||
- **LibraryPanel:** Fallback to panel title if library panel title is not set [#99410](https://github.com/grafana/grafana/pull/99410), [@ivanortegaalba](https://github.com/ivanortegaalba)
|
||||
|
||||
### Plugin development fixes & changes
|
||||
|
||||
- **Grafana UI:** Re-add react-router-dom as a dependency [#98422](https://github.com/grafana/grafana/pull/98422), [@leventebalogh](https://github.com/leventebalogh)
|
||||
|
||||
<!-- 11.4.1 END -->
|
||||
<!-- 11.3.3 START -->
|
||||
|
||||
# 11.3.3 (2025-01-28)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Azure Monitor:** Add a feature flag to toggle user auth for Azure Monitor only [#97576](https://github.com/grafana/grafana/pull/97576), [@adamyeats](https://github.com/adamyeats)
|
||||
- **Security:** Update to Go 1.23.5 - Backport to v11.3.x [#99124](https://github.com/grafana/grafana/pull/99124), [@Proximyst](https://github.com/Proximyst)
|
||||
- **Security:** Update to Go 1.23.5 - Backport to v11.3.x (Enterprise)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Alerting:** AlertingQueryRunner should skip descendant nodes of invalid queries [#97829](https://github.com/grafana/grafana/pull/97829), [@gillesdemey](https://github.com/gillesdemey)
|
||||
- **Azure/GCM:** Improve error display [#97593](https://github.com/grafana/grafana/pull/97593), [@aangelisc](https://github.com/aangelisc)
|
||||
- **Dashboard:** Fixes issue with compatability of old DashboardModel.annotations [#97467](https://github.com/grafana/grafana/pull/97467), [@torkelo](https://github.com/torkelo)
|
||||
- **Dashboards:** Fix issue where filtered panels would not react to variable changes [#98733](https://github.com/grafana/grafana/pull/98733), [@oscarkilhed](https://github.com/oscarkilhed)
|
||||
- **Dashboards:** Fixes issue with panel header showing even when hide time override was enabled [#97389](https://github.com/grafana/grafana/pull/97389), [@torkelo](https://github.com/torkelo)
|
||||
- **Dashboards:** Fixes week relative time ranges when weekStart was changed [#98268](https://github.com/grafana/grafana/pull/98268), [@torkelo](https://github.com/torkelo)
|
||||
- **DateTimePicker:** Fixes issue with date picker showing invalid date [#97970](https://github.com/grafana/grafana/pull/97970), [@torkelo](https://github.com/torkelo)
|
||||
- **Fix:** Add support for datasource variable queries [#98118](https://github.com/grafana/grafana/pull/98118), [@sunker](https://github.com/sunker)
|
||||
- **InfluxDB:** Adhoc filters can use template vars as values [#98785](https://github.com/grafana/grafana/pull/98785), [@bossinc](https://github.com/bossinc)
|
||||
- **Unified Storage:** Use tls preferred when grafana db using ssl [#97379](https://github.com/grafana/grafana/pull/97379), [@owensmallwood](https://github.com/owensmallwood)
|
||||
|
||||
### Plugin development fixes & changes
|
||||
|
||||
- **Grafana UI:** Re-add react-router-dom as a dependency [#98421](https://github.com/grafana/grafana/pull/98421), [@leventebalogh](https://github.com/leventebalogh)
|
||||
|
||||
<!-- 11.3.3 END -->
|
||||
<!-- 11.2.6 START -->
|
||||
|
||||
# 11.2.6 (2025-01-28)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Azure Monitor:** Add a feature flag to toggle user auth for Azure Monitor only [#97565](https://github.com/grafana/grafana/pull/97565), [@adamyeats](https://github.com/adamyeats)
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v11.2.x [#99125](https://github.com/grafana/grafana/pull/99125), [@Proximyst](https://github.com/Proximyst)
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v11.2.x (Enterprise)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Azure/GCM:** Improve error display [#97591](https://github.com/grafana/grafana/pull/97591), [@aangelisc](https://github.com/aangelisc)
|
||||
|
||||
<!-- 11.2.6 END -->
|
||||
<!-- 11.1.11 START -->
|
||||
|
||||
# 11.1.11 (2025-01-28)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v11.1.x [#99126](https://github.com/grafana/grafana/pull/99126), [@Proximyst](https://github.com/Proximyst)
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v11.1.x (Enterprise)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Azure/GCM:** Improve error display [#97595](https://github.com/grafana/grafana/pull/97595), [@aangelisc](https://github.com/aangelisc)
|
||||
|
||||
<!-- 11.1.11 END -->
|
||||
<!-- 11.0.10 START -->
|
||||
|
||||
# 11.0.10 (2025-01-28)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v11.0.x [#99127](https://github.com/grafana/grafana/pull/99127), [@Proximyst](https://github.com/Proximyst)
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v11.0.x (Enterprise)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Azure/GCM:** Improve error display [#97592](https://github.com/grafana/grafana/pull/97592), [@aangelisc](https://github.com/aangelisc)
|
||||
|
||||
<!-- 11.0.10 END -->
|
||||
<!-- 10.4.15 START -->
|
||||
|
||||
# 10.4.15 (2025-01-28)
|
||||
|
||||
### Features and enhancements
|
||||
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v10.4.x [#99128](https://github.com/grafana/grafana/pull/99128), [@Proximyst](https://github.com/Proximyst)
|
||||
- **Security:** Update to Go 1.22.11 - Backport to v10.4.x (Enterprise)
|
||||
|
||||
### Bug fixes
|
||||
|
||||
- **Azure/GCM:** Improve error display [#97590](https://github.com/grafana/grafana/pull/97590), [@aangelisc](https://github.com/aangelisc)
|
||||
|
||||
<!-- 10.4.15 END -->
|
||||
<!-- 11.4.0 START -->
|
||||
|
||||
# 11.4.0 (2024-12-05)
|
||||
|
||||
36
Dockerfile
36
Dockerfile
@@ -3,10 +3,10 @@
|
||||
# to maintain formatting of multiline commands in vscode, add the following to settings.json:
|
||||
# "docker.languageserver.formatter.ignoreMultilineInstructions": true
|
||||
|
||||
ARG BASE_IMAGE=alpine:3.20
|
||||
ARG BASE_IMAGE=alpine:3.21
|
||||
ARG JS_IMAGE=node:22-alpine
|
||||
ARG JS_PLATFORM=linux/amd64
|
||||
ARG GO_IMAGE=golang:1.23.5-alpine
|
||||
ARG GO_IMAGE=golang:1.24.3-alpine
|
||||
|
||||
# Default to building locally
|
||||
ARG GO_SRC=go-builder
|
||||
@@ -22,6 +22,7 @@ WORKDIR /tmp/grafana
|
||||
COPY package.json project.json nx.json yarn.lock .yarnrc.yml ./
|
||||
COPY .yarn .yarn
|
||||
COPY packages packages
|
||||
COPY plugins-bundled plugins-bundled
|
||||
COPY public public
|
||||
COPY LICENSE ./
|
||||
COPY conf/defaults.ini ./conf/defaults.ini
|
||||
@@ -62,24 +63,23 @@ COPY go.* ./
|
||||
COPY .bingo .bingo
|
||||
|
||||
# Include vendored dependencies
|
||||
COPY pkg/util/xorm pkg/util/xorm
|
||||
COPY pkg/apiserver pkg/apiserver
|
||||
COPY pkg/apimachinery pkg/apimachinery
|
||||
COPY pkg/build pkg/build
|
||||
COPY pkg/build/wire pkg/build/wire
|
||||
COPY pkg/promlib pkg/promlib
|
||||
COPY pkg/storage/unified/resource pkg/storage/unified/resource
|
||||
COPY pkg/storage/unified/apistore pkg/storage/unified/apistore
|
||||
COPY pkg/semconv pkg/semconv
|
||||
COPY pkg/aggregator pkg/aggregator
|
||||
COPY apps/playlist apps/playlist
|
||||
COPY apps/investigations apps/investigations
|
||||
COPY apps/advisor apps/advisor
|
||||
COPY pkg/util/xorm/go.* pkg/util/xorm/
|
||||
COPY pkg/apiserver/go.* pkg/apiserver/
|
||||
COPY pkg/apimachinery/go.* pkg/apimachinery/
|
||||
COPY pkg/build/go.* pkg/build/
|
||||
COPY pkg/build/wire/go.* pkg/build/wire/
|
||||
COPY pkg/promlib/go.* pkg/promlib/
|
||||
COPY pkg/storage/unified/resource/go.* pkg/storage/unified/resource/
|
||||
COPY pkg/storage/unified/apistore/go.* pkg/storage/unified/apistore/
|
||||
COPY pkg/semconv/go.* pkg/semconv/
|
||||
COPY pkg/aggregator/go.* pkg/aggregator/
|
||||
COPY apps/playlist/go.* apps/playlist/
|
||||
COPY apps/investigation/go.* apps/investigation/
|
||||
COPY apps apps
|
||||
COPY kindsv2 kindsv2
|
||||
COPY apps/alerting/notifications apps/alerting/notifications
|
||||
COPY pkg/codegen pkg/codegen
|
||||
COPY pkg/plugins/codegen pkg/plugins/codegen
|
||||
COPY apps/alerting/notifications/go.* apps/alerting/notifications/
|
||||
COPY pkg/codegen/go.* pkg/codegen/
|
||||
COPY pkg/plugins/codegen/go.* pkg/plugins/codegen/
|
||||
|
||||
RUN go mod download
|
||||
RUN if [[ "$BINGO" = "true" ]]; then \
|
||||
|
||||
@@ -8,4 +8,4 @@
|
||||
- @davkal
|
||||
- Docs:
|
||||
- @chri2547
|
||||
- @JohnnyK-Grafana
|
||||
- @brendamuir
|
||||
|
||||
14
Makefile
14
Makefile
@@ -8,7 +8,7 @@ WIRE_TAGS = "oss"
|
||||
include .bingo/Variables.mk
|
||||
|
||||
GO = go
|
||||
GO_VERSION = 1.23.5
|
||||
GO_VERSION = 1.24.3
|
||||
GO_LINT_FILES ?= $(shell ./scripts/go-workspace/golangci-lint-includes.sh)
|
||||
GO_TEST_FILES ?= $(shell ./scripts/go-workspace/test-includes.sh)
|
||||
SH_FILES ?= $(shell find ./scripts -name *.sh)
|
||||
@@ -149,7 +149,7 @@ gen-cue: ## Do all CUE/Thema code generation
|
||||
.PHONY: gen-cuev2
|
||||
gen-cuev2: ## Do all CUE code generation
|
||||
@echo "generate code from .cue files (v2)"
|
||||
@$(MAKE) -C ./kindsv2 all
|
||||
go generate ./kindsv2/gen.go
|
||||
|
||||
.PHONY: gen-feature-toggles
|
||||
gen-feature-toggles:
|
||||
@@ -211,6 +211,7 @@ build-cli: ## Build Grafana CLI application.
|
||||
build-js: ## Build frontend assets.
|
||||
@echo "build frontend"
|
||||
yarn run build
|
||||
yarn run plugins:build-bundled
|
||||
|
||||
PLUGIN_ID ?=
|
||||
|
||||
@@ -271,14 +272,6 @@ test-go-integration-alertmanager: ## Run integration tests for the remote alertm
|
||||
AM_URL=http://localhost:8080 AM_TENANT_ID=test \
|
||||
$(GO) test $(GO_RACE_FLAG) -count=1 -run "^TestIntegrationRemoteAlertmanager" -covermode=atomic -timeout=5m ./pkg/services/ngalert/...
|
||||
|
||||
.PHONY: test-go-integration-grafana-alertmanager
|
||||
test-go-integration-grafana-alertmanager: ## Run integration tests for the grafana alertmanager
|
||||
@echo "test grafana alertmanager integration tests"
|
||||
@export GRAFANA_VERSION=11.5.0-81938; \
|
||||
$(GO) run tools/setup_grafana_alertmanager_integration_test_images.go; \
|
||||
$(GO) clean -testcache; \
|
||||
$(GO) test $(GO_RACE_FLAG) -count=1 -run "^TestAlertmanagerIntegration" -covermode=atomic -timeout=10m ./pkg/tests/alertmanager/...
|
||||
|
||||
.PHONY: test-go-integration-postgres
|
||||
test-go-integration-postgres: devenv-postgres ## Run integration tests for postgres backend with flags.
|
||||
@echo "test backend integration postgres tests"
|
||||
@@ -429,7 +422,6 @@ protobuf: ## Compile protobuf definitions
|
||||
buf generate pkg/plugins/backendplugin/secretsmanagerplugin --template pkg/plugins/backendplugin/secretsmanagerplugin/buf.gen.yaml
|
||||
buf generate pkg/storage/unified/resource --template pkg/storage/unified/resource/buf.gen.yaml
|
||||
buf generate pkg/services/authz/proto/v1 --template pkg/services/authz/proto/v1/buf.gen.yaml
|
||||
buf generate pkg/services/ngalert/store/proto/v1 --template pkg/services/ngalert/store/proto/v1/buf.gen.yaml
|
||||
|
||||
.PHONY: clean
|
||||
clean: ## Clean up intermediate build artifacts.
|
||||
|
||||
@@ -43,7 +43,7 @@ If you're interested in contributing to the Grafana project:
|
||||
- If you have a specific question, check out our [discussion forums](https://community.grafana.com/).
|
||||
- For general discussions, join us on the [official Slack](https://slack.grafana.com) team.
|
||||
|
||||
This project is tested with [BrowserStack](https://www.browserstack.com/).
|
||||
This project is tested with [BrowserStack](https://www.browserstack.com/)
|
||||
|
||||
## License
|
||||
|
||||
|
||||
1
apps/advisor/.gitignore
vendored
1
apps/advisor/.gitignore
vendored
@@ -1 +0,0 @@
|
||||
plugin/src
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user