Auth: Update saml go.mod (missing query sig verification) [9.3.x] (#712)

* update saml go.mod (missing query sig verification)

(cherry picked from commit 1e1dbd1a06455a451d722856dc619b2a7c78e2c0)

* fix sync

.betterer.ts

@@ -1,28 +1,18 @@
 import { regexp } from '@betterer/regexp';
-import { eslint } from '@betterer/eslint';
 import { BettererFileTest } from '@betterer/betterer';
+import { ESLint, Linter } from 'eslint';
+import { existsSync } from 'fs';
 
 export default {
   'no enzyme tests': () => regexp(/from 'enzyme'/g).include('**/*.test.*'),
-  'better eslint': () =>
-    eslint({
-      '@typescript-eslint/no-explicit-any': 'error',
-      '@typescript-eslint/consistent-type-assertions': [
-        'error',
-        {
-          assertionStyle: 'never',
-        },
-      ],
-    }).include('**/*.{ts,tsx}'),
-  'no undocumented stories': () => countUndocumentedStories().include('**/*.{story.tsx,mdx}'),
+  'better eslint': () => countEslintErrors().include('**/*.{ts,tsx}'),
+  'no undocumented stories': () => countUndocumentedStories().include('**/*.story.tsx'),
 };
 
 function countUndocumentedStories() {
   return new BettererFileTest(async (filePaths, fileTestResult) => {
-    const storyFilePaths = filePaths.filter((filePath) => filePath.endsWith('story.tsx'));
-    const mdxFilePaths = filePaths.filter((filePath) => filePath.endsWith('mdx'));
-    storyFilePaths.forEach((filePath) => {
-      if (!mdxFilePaths.includes(filePath.replace(/\.story.tsx$/, '.mdx'))) {
+    filePaths.forEach((filePath) => {
+      if (!existsSync(filePath.replace(/\.story.tsx$/, '.mdx'))) {
         // In this case the file contents don't matter:
         const file = fileTestResult.addFile(filePath, '');
         // Add the issue to the first character of the file:
@@ -31,3 +21,52 @@ function countUndocumentedStories() {
     });
   });
 }
+
+function countEslintErrors() {
+  return new BettererFileTest(async (filePaths, fileTestResult, resolver) => {
+    const { baseDirectory } = resolver;
+    const cli = new ESLint({ cwd: baseDirectory });
+
+    await Promise.all(
+      filePaths.map(async (filePath) => {
+        const linterOptions = (await cli.calculateConfigForFile(filePath)) as Linter.Config;
+
+        const rules: Partial<Linter.RulesRecord> = {
+          '@typescript-eslint/no-explicit-any': 'error',
+        };
+
+        const isTestFile =
+          filePath.endsWith('.test.tsx') || filePath.endsWith('.test.ts') || filePath.includes('__mocks__');
+
+        if (!isTestFile) {
+          rules['@typescript-eslint/consistent-type-assertions'] = [
+            'error',
+            {
+              assertionStyle: 'never',
+            },
+          ];
+        }
+
+        const runner = new ESLint({
+          baseConfig: {
+            ...linterOptions,
+            rules,
+          },
+          useEslintrc: false,
+          cwd: baseDirectory,
+        });
+
+        const lintResults = await runner.lintFiles([filePath]);
+        lintResults
+          .filter((lintResult) => lintResult.source)
+          .forEach((lintResult) => {
+            const { messages } = lintResult;
+            const file = fileTestResult.addFile(filePath, '');
+            messages.forEach((message, index) => {
+              file.addIssue(0, 0, message.message, `${index}`);
+            });
+          });
+      })
+    );
+  });
+}

.bingo/Variables.mk

@@ -1,4 +1,4 @@
-# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT.
+# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.7. DO NOT EDIT.
 # All tools are designed to be build inside $GOBIN.
 BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST)))
 GOPATH ?= $(shell go env GOPATH)
@@ -21,29 +21,35 @@ BRA := $(GOBIN)/bra-v0.0.0-20200517080246-1e3013ecaff8
 $(BRA): $(BINGO_DIR)/bra.mod
 	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
 	@echo "(re)installing $(GOBIN)/bra-v0.0.0-20200517080246-1e3013ecaff8"
-	@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=bra.mod -o=$(GOBIN)/bra-v0.0.0-20200517080246-1e3013ecaff8 "github.com/unknwon/bra"
+	@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=bra.mod -o=$(GOBIN)/bra-v0.0.0-20200517080246-1e3013ecaff8 "github.com/unknwon/bra"
 
 DRONE := $(GOBIN)/drone-v1.5.0
 $(DRONE): $(BINGO_DIR)/drone.mod
 	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
 	@echo "(re)installing $(GOBIN)/drone-v1.5.0"
-	@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=drone.mod -o=$(GOBIN)/drone-v1.5.0 "github.com/drone/drone-cli/drone"
+	@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=drone.mod -o=$(GOBIN)/drone-v1.5.0 "github.com/drone/drone-cli/drone"
 
-SWAGGER := $(GOBIN)/swagger-v0.29.0
-$(SWAGGER): $(BINGO_DIR)/swagger.mod
-	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
-	@echo "(re)installing $(GOBIN)/swagger-v0.29.0"
-	@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=swagger.mod -o=$(GOBIN)/swagger-v0.29.0 "github.com/go-swagger/go-swagger/cmd/swagger"
-
-GOLANGCI_LINT := $(GOBIN)/golangci-lint-v1.40.1
+GOLANGCI_LINT := $(GOBIN)/golangci-lint-v1.49.0
 $(GOLANGCI_LINT): $(BINGO_DIR)/golangci-lint.mod
 	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
-	@echo "(re)installing $(GOBIN)/golangci-lint-v1.40.1"
-	@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=golangci-lint.mod -o=$(GOBIN)/golangci-lint-v1.40.1 "github.com/golangci/golangci-lint/cmd/golangci-lint"
+	@echo "(re)installing $(GOBIN)/golangci-lint-v1.49.0"
+	@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=golangci-lint.mod -o=$(GOBIN)/golangci-lint-v1.49.0 "github.com/golangci/golangci-lint/cmd/golangci-lint"
+
+JB := $(GOBIN)/jb-v0.5.1
+$(JB): $(BINGO_DIR)/jb.mod
+	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
+	@echo "(re)installing $(GOBIN)/jb-v0.5.1"
+	@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=jb.mod -o=$(GOBIN)/jb-v0.5.1 "github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb"
+
+SWAGGER := $(GOBIN)/swagger-v0.30.2
+$(SWAGGER): $(BINGO_DIR)/swagger.mod
+	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
+	@echo "(re)installing $(GOBIN)/swagger-v0.30.2"
+	@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=swagger.mod -o=$(GOBIN)/swagger-v0.30.2 "github.com/go-swagger/go-swagger/cmd/swagger"
 
 WIRE := $(GOBIN)/wire-v0.5.0
 $(WIRE): $(BINGO_DIR)/wire.mod
 	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
 	@echo "(re)installing $(GOBIN)/wire-v0.5.0"
-	@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=wire.mod -o=$(GOBIN)/wire-v0.5.0 "github.com/google/wire/cmd/wire"
+	@cd $(BINGO_DIR) && GOWORK=off $(GO) build -mod=mod -modfile=wire.mod -o=$(GOBIN)/wire-v0.5.0 "github.com/google/wire/cmd/wire"
 

.bingo/bra.mod

@@ -2,6 +2,6 @@ module _ // Auto generated by https://github.com/bwplotka/bingo. DO NOT EDIT
 
 go 1.17
 
-require github.com/unknwon/bra v0.0.0-20200517080246-1e3013ecaff8
+replace golang.org/x/sys => golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c
 
-replace golang.org/x/sys => golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c
+require github.com/unknwon/bra v0.0.0-20200517080246-1e3013ecaff8

.bingo/golangci-lint.mod

@@ -1,5 +1,5 @@
 module _ // Auto generated by https://github.com/bwplotka/bingo. DO NOT EDIT
 
-go 1.17
+go 1.19
 
-require github.com/golangci/golangci-lint v1.40.1 // cmd/golangci-lint
+require github.com/golangci/golangci-lint v1.49.0 // cmd/golangci-lint

.bingo/jb.mod

@@ -0,0 +1,5 @@
+module _ // Auto generated by https://github.com/bwplotka/bingo. DO NOT EDIT
+
+go 1.18
+
+require github.com/jsonnet-bundler/jsonnet-bundler v0.5.1 // cmd/jb

.bingo/jb.sum

@@ -0,0 +1,50 @@
+github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM=
+github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc=
+github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
+github.com/campoy/embedmd v1.0.0/go.mod h1:oxyr9RCiSXg0M3VJ3ks0UGfp98BpSSGr0kpiX3MzVl8=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
+github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
+github.com/jsonnet-bundler/jsonnet-bundler v0.5.1 h1:eUd6EA1Qzz73Q4NLNLOrNkMb96+6NTTERbX9lqaxVwk=
+github.com/jsonnet-bundler/jsonnet-bundler v0.5.1/go.mod h1:Qrdw/7mOFS2SKCOALKFfEH8gdvXJi8XZjw9g5ilpf4I=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40=
+github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
+github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
+github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
+github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.4/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c h1:aFV+BgZ4svzjfabn8ERpuB4JI4N6/rdy1iusx77G3oU=
+golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc=
+gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

.bingo/swagger.mod

@@ -2,4 +2,4 @@ module _ // Auto generated by https://github.com/bwplotka/bingo. DO NOT EDIT
 
 go 1.18
 
-require github.com/go-swagger/go-swagger v0.29.0 // cmd/swagger
+require github.com/go-swagger/go-swagger v0.30.2 // cmd/swagger

.bingo/swagger.sum

@@ -1,48 +1,86 @@
+github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
+github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc=
+github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8=
 github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI=
 github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M=
 github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ=
 github.com/felixge/httpsnoop v1.0.2 h1:+nS9g82KMXccJ/wp0zyRW9ZBHFETmMGtkk+2CTTrW4o=
+github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
 github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI=
+github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI=
 github.com/go-openapi/analysis v0.21.2 h1:hXFrOYFHUAMQdu6zwAiKKJHJQ8kqZs1ux/ru1P1wLJU=
+github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GXrvIHc=
 github.com/go-openapi/errors v0.20.2 h1:dxy7PGTqEh94zj2E3h1cUmQQWiM1+aeCROfAr02EmK8=
+github.com/go-openapi/errors v0.20.3 h1:rz6kiC84sqNQoqrtulzaL/VERgkoCyB6WdEkc2ujzUc=
 github.com/go-openapi/inflect v0.19.0 h1:9jCH9scKIbHeV9m12SmPilScz6krDxKRasNNSNPXu/4=
 github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY=
 github.com/go-openapi/jsonreference v0.19.6 h1:UBIxjkht+AWIgYzCDSv2GN+E/togfwXUJFRTWhl2Jjs=
+github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA=
 github.com/go-openapi/loads v0.21.0 h1:jYtUO4wwP7psAweisP/MDoOpdzsYEESdoPcsWjHDR68=
+github.com/go-openapi/loads v0.21.2 h1:r2a/xFIYeZ4Qd2TnGpWDIQNcP80dIaZgf704za8enro=
 github.com/go-openapi/runtime v0.21.1 h1:/KIG00BzA2x2HRStX2tnhbqbQdPcFlkgsYCiNY20FZs=
+github.com/go-openapi/runtime v0.24.1 h1:Sml5cgQKGYQHF+M7yYSHaH1eOjvTykrddTE/KtQVjqo=
 github.com/go-openapi/spec v0.20.4 h1:O8hJrt0UMnhHcluhIdUgCLRWyM2x7QkBXRvOs7m+O1M=
+github.com/go-openapi/spec v0.20.7 h1:1Rlu/ZrOCCob0n+JKKJAWhNWMPW8bOZRg8FJaY+0SKI=
 github.com/go-openapi/strfmt v0.21.1 h1:G6s2t5V5kGCHLVbSdZ/6lI8Wm4OzoPFkc3/cjAsKQrM=
+github.com/go-openapi/strfmt v0.21.3 h1:xwhj5X6CjXEZZHMWy1zKJxvW9AfHC9pkyUjLvHtKG7o=
 github.com/go-openapi/swag v0.19.15 h1:D2NRCBzS9/pEY3gP9Nl8aDqGUcPFrwG2p+CNFrLyrCM=
+github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
 github.com/go-openapi/validate v0.20.3 h1:GZPPhhKSZrE8HjB4eEkoYAZmoWA4+tCemSgINH1/vKw=
+github.com/go-openapi/validate v0.22.0 h1:b0QecH6VslW/TxtpKgzpO1SNG7GU2FsaqKdP1E2T50Y=
 github.com/go-stack/stack v1.8.1 h1:ntEHSVwIt7PNXNpgPmVfMrNhLtgjlmnZha2kOpuRiDw=
 github.com/go-swagger/go-swagger v0.29.0 h1:z3YoZtLvS1Y8TE/PCat1VypcZxM0IgKLt0NvZxQyNl8=
 github.com/go-swagger/go-swagger v0.29.0/go.mod h1:Z4GJzI+bHKKkGB2Ji1rawpi3/ldXX8CkzGIa9HAC5EE=
+github.com/go-swagger/go-swagger v0.30.2 h1:23odPUyQZdkNFZZSBJ3mqYYcdh+LnuReEbdWN18OMRo=
+github.com/go-swagger/go-swagger v0.30.2/go.mod h1:neDPes8r8PCz2JPvHRDj8BTULLh4VJUt7n6MpQqxhHM=
+github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
 github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
+github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw=
+github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
 github.com/jessevdk/go-flags v1.5.0 h1:1jKYvbxEjfUl0fmqTCOfonvskHHXMjBySTLW4y9LFvc=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls=
+github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
+github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
 github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
 github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4=
 github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM=
+github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8=
+github.com/pelletier/go-toml/v2 v2.0.1 h1:8e3L2cCQzLFi2CR4g7vGFuFxX7Jl1kKX8gW+iV0GUKU=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg=
+github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
+github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
 github.com/spf13/afero v1.8.0 h1:5MmtuhAgYeU6qpa7w7bP0dv6MBYuup0vekhSpSkoq60=
+github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo=
 github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA=
+github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
 github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/viper v1.10.1 h1:nuJZuYpG7gTj/XqiUwg8bA0cp1+M2mC3J4g5luUYBKk=
+github.com/spf13/viper v1.12.0 h1:CZ7eSOd3kZoaYDLbXnmzgQI5RlciuXBMA+18HwHRfZQ=
 github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s=
+github.com/subosito/gotenv v1.3.0 h1:mjC+YW8QpAdXibNi+vNWgzmgBH4+5l5dCXv8cNysBLI=
 github.com/toqueteos/webbrowser v1.2.0 h1:tVP/gpK69Fx+qMJKsLE7TD8LuGWPnEV71wBN9rrstGQ=
 go.mongodb.org/mongo-driver v1.8.2 h1:8ssUXufb90ujcIvR6MyE1SchaNj0SFxsakiZgxIyrMk=
+go.mongodb.org/mongo-driver v1.10.1 h1:NujsPveKwHaWuKUer/ceo9DzEe7HIj1SlJ6uvXZG0S4=
+golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM=
 golang.org/x/mod v0.5.1 h1:OJxoQ/rynoF0dcCdI7cLPktw/hR2cueqYfjm43oqK38=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
 golang.org/x/net v0.0.0-20220121210141-e204ce36a2ba h1:6u6sik+bn/y7vILcYkK3iwTBWN7WtBvB0+SZswQnbf8=
 golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 h1:XfKQ4OlFl8okEOr5UvAqFRVj8pY/4yfcXrddB8qAbU0=
+golang.org/x/sys v0.0.0-20220829200755-d48e67d00261 h1:v6hYoSR9T5oet+pMXwUWkbiVqx/63mlHjefrHmxwfeY=
 golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
 golang.org/x/tools v0.1.8 h1:P1HhGGuLW4aAclzjtmJdf0mJOjVUZUzOTqkAkWL+l6w=
+golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 gopkg.in/ini.v1 v1.66.3 h1:jRskFVxYaMGAMUbN0UZ7niA9gzL9B49DOqE78vg0k3w=
+gopkg.in/ini.v1 v1.66.4 h1:SsAcf+mM7mRZo2nJNGt8mZCjG8ZRaNGMURJw7BsIST4=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

.bingo/variables.env

@@ -1,4 +1,4 @@
-# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT.
+# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.7. DO NOT EDIT.
 # All tools are designed to be build inside $GOBIN.
 # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk.
 GOBIN=${GOBIN:=$(go env GOBIN)}
@@ -12,9 +12,11 @@ BRA="${GOBIN}/bra-v0.0.0-20200517080246-1e3013ecaff8"
 
 DRONE="${GOBIN}/drone-v1.5.0"
 
-SWAGGER="${GOBIN}/swagger-v0.29.0"
+GOLANGCI_LINT="${GOBIN}/golangci-lint-v1.49.0"
 
-GOLANGCI_LINT="${GOBIN}/golangci-lint-v1.40.1"
+JB="${GOBIN}/jb-v0.5.1"
+
+SWAGGER="${GOBIN}/swagger-v0.30.2"
 
 WIRE="${GOBIN}/wire-v0.5.0"
 

.bra.toml

@@ -1,6 +1,7 @@
 [run]
 init_cmds = [
   ["make", "gen-go"],
+  ["make", "gen-jsonnet"],
   ["GO_BUILD_DEV=1", "make", "build-cli"],
   ["GO_BUILD_DEV=1", "make", "build-server"],
   ["./bin/grafana-server", "-packaging=dev", "cfg:app_mode=development"]
@@ -11,12 +12,14 @@ watch_dirs = [
   "$WORKDIR/pkg",
   "$WORKDIR/public/views",
   "$WORKDIR/conf",
+  "$WORKDIR/devenv/dev-dashboards",
 ]
 watch_exts = [".go", ".ini", ".toml", ".template.html"]
 ignore_files = [".*_gen.go"]
 build_delay = 1500
 cmds = [
   ["make", "gen-go"],
+  ["make", "gen-jsonnet"],
   ["GO_BUILD_DEV=1", "make", "build-server"],
   ["./bin/grafana-server", "-packaging=dev", "cfg:app_mode=development"]
 ]

.drone.star

@@ -4,18 +4,33 @@
 # 3. Run `make drone`
 # More information about this process here: https://github.com/grafana/deployment_tools/blob/master/docs/infrastructure/drone/signing.md
 
-load('scripts/drone/pipelines/pr.star', 'pr_pipelines')
-load('scripts/drone/pipelines/main.star', 'main_pipelines')
+load('scripts/drone/events/pr.star', 'pr_pipelines')
+load('scripts/drone/events/main.star', 'main_pipelines')
 load('scripts/drone/pipelines/docs.star', 'docs_pipelines')
-load('scripts/drone/pipelines/release.star', 'release_pipelines', 'publish_image_pipelines', 'publish_artifacts_pipelines', 'publish_npm_pipelines', 'publish_packages_pipeline')
+load('scripts/drone/events/release.star', 'release_pipelines', 'publish_artifacts_pipelines', 'publish_npm_pipelines', 'publish_packages_pipeline', 'artifacts_page_pipeline')
+load('scripts/drone/pipelines/publish_images.star', 'publish_image_pipelines_public', 'publish_image_pipelines_security')
+load('scripts/drone/pipelines/github.star', 'publish_github_pipeline')
 load('scripts/drone/version.star', 'version_branch_pipelines')
-load('scripts/drone/pipelines/cron.star', 'cronjobs')
+load('scripts/drone/events/cron.star', 'cronjobs')
 load('scripts/drone/vault.star', 'secrets')
 
+edition = 'oss'
+
 def main(ctx):
-    edition = 'oss'
-    return pr_pipelines(edition=edition) + main_pipelines(edition=edition) + release_pipelines() + \
-        publish_image_pipelines('public') + publish_image_pipelines('security') + \
-        publish_artifacts_pipelines('security') + publish_artifacts_pipelines('public') + \
-        publish_npm_pipelines('public') + publish_packages_pipeline() + \
-        version_branch_pipelines() + cronjobs(edition=edition) + secrets()
+    return (
+        pr_pipelines(edition=edition)
+        + main_pipelines(edition=edition)
+        + release_pipelines()
+        + publish_image_pipelines_public()
+        + publish_image_pipelines_security()
+        + publish_github_pipeline('public')
+        + publish_github_pipeline('security')
+        + publish_artifacts_pipelines('security')
+        + publish_artifacts_pipelines('public')
+        + publish_npm_pipelines('public')
+        + publish_packages_pipeline()
+        + artifacts_page_pipeline()
+        + version_branch_pipelines()
+        + cronjobs(edition=edition)
+        + secrets()
+    )

.eslintignore

@@ -17,7 +17,7 @@ vendor
 # TS generate from cue by cuetsy
 **/*.gen.ts
 
-# Auto-generated localisation files
+# Auto-generated internationalization files
 public/locales/_build/
 public/locales/**/*.js
 

.eslintrc

@@ -1,13 +1,15 @@
 {
   "extends": ["@grafana/eslint-config"],
   "root": true,
-  "plugins": ["@emotion", "lodash", "jest", "import"],
+  "plugins": ["@emotion", "lodash", "jest", "import", "jsx-a11y"],
   "settings": {
     "import/internal-regex": "^(app/)|(@grafana)",
     "import/external-module-folders": ["node_modules", ".yarn"]
   },
   "rules": {
     "react/prop-types": "off",
+    // need to ignore emotion's `css` prop, see https://github.com/jsx-eslint/eslint-plugin-react/blob/master/docs/rules/no-unknown-property.md#rule-options
+    "react/no-unknown-property": ["error", { "ignore": ["css"] }],
     "@emotion/jsx-import": "error",
     "lodash/import-scope": [2, "member"],
     "jest/no-focused-tests": "error",
@@ -18,9 +20,36 @@
         "newlines-between": "always",
         "alphabetize": { "order": "asc" }
       }
-    ]
+    ],
+    "no-restricted-imports": [
+      "error",
+      {
+        "paths": [
+          {
+            "name": "react-redux",
+            "importNames": ["useDispatch", "useSelector"],
+            "message": "Please import from app/types instead."
+          },
+          {
+            "name": "react-i18next",
+            "importNames": ["Trans", "t"],
+            "message": "Please import from app/core/internationalization instead"
+          }
+        ]
+      }
+    ],
+
+    // Use typescript's no-redeclare for compatibility with overrides
+    "no-redeclare": "off",
+    "@typescript-eslint/no-redeclare": ["error"]
   },
   "overrides": [
+    {
+      "files": ["public/app/features/scenes/**/*.{ts,tsx}"],
+      "rules": {
+        "@typescript-eslint/explicit-member-accessibility": ["error", { "accessibility": "explicit" }]
+      }
+    },
     {
       "files": ["packages/grafana-ui/src/components/uPlot/**/*.{ts,tsx}"],
       "rules": {
@@ -35,6 +64,35 @@
         "react/jsx-uses-react": "off",
         "react/react-in-jsx-scope": "off"
       }
+    },
+    {
+      "files": ["public/dashboards/scripted*.js"],
+      "rules": {
+        "no-redeclare": "error",
+        "@typescript-eslint/no-redeclare": "off"
+      }
+    },
+    {
+      "extends": ["plugin:jsx-a11y/recommended"],
+      "files": ["**/*"],
+      "excludedFiles": ["**/*.{spec,test}.{ts,tsx}"],
+      "rules": {
+        // rules marked "off" are those left in the recommended preset we need to fix
+        // we should remove the corresponding line and fix them one by one
+        // any marked "error" contain specific overrides we'll need to keep
+        "jsx-a11y/click-events-have-key-events": "off",
+        "jsx-a11y/no-autofocus": [
+          "error",
+          {
+            "ignoreNonDOM": true
+          }
+        ],
+        "jsx-a11y/no-static-element-interactions": "off",
+        "jsx-a11y/label-has-associated-control": [ "error", {
+          "controlComponents": ["NumberInput"],
+          "depth": 2
+        }]
+      }
     }
   ]
 }

.github/CODEOWNERS

@@ -11,12 +11,27 @@
 # In each subsection folders are ordered first by depth, then alphabetically.
 # This should make it easy to add new rules without breaking existing ones.
 
-# Documentation owner: Jita Chatterjee
+# Documentation
 /docs/ @grafana/docs-squad
-/contribute/ @marcusolsson @grafana/docs-squad
-/docs/sources/developers/plugins/ @marcusolsson @grafana/docs-squad @grafana/plugins-platform-frontend @grafana/plugins-platform-backend
-/docs/sources/developers/plugins/backend @marcusolsson @grafana/docs-squad @grafana/plugins-platform-backend
-/docs/sources/enterprise/ @osg-grafana @grafana/docs-squad
+/contribute/ @grafana/docs-squad
+/docs/sources/developers/plugins/ @grafana/docs-squad @grafana/plugins-platform-frontend @grafana/plugins-platform-backend
+/docs/sources/developers/plugins/backend @grafana/docs-squad @grafana/plugins-platform-backend
+# Set up, dashboards/visualization, best practices: Chris Moyer
+# Alerting: Brenda Muir
+/docs/sources/administration/ @Eve832 @GrafanaWriter
+/docs/sources/alerting @brendamuir
+/docs/sources/best-practices/ @chri2547
+/docs/sources/dashboards/ @chri2547
+/docs/sources/datasources/ @Eve832 @GrafanaWriter
+/docs/sources/enterprise/ @Eve832 @GrafanaWriter
+/docs/sources/explore/ @Eve832 @GrafanaWriter
+/docs/sources/getting-started/ @chri2547
+/docs/sources/old-alerting @brendamuir
+/docs/sources/panels/ @chri2547
+/docs/sources/release-notes/ @Eve832 @GrafanaWriter
+/docs/sources/setup-grafana/ @chri2547
+/docs/sources/visualization/ @chri2547
+/docs/sources/whatsnew/ @Eve832 @GrafanaWriter
 
 # Backend code
 *.go @grafana/backend-platform
@@ -24,6 +39,16 @@ go.mod @grafana/backend-platform
 go.sum @grafana/backend-platform
 /.bingo @grafana/backend-platform
 
+# Backend code, developers environment
+/devenv/docker/blocks/auth @grafana/grafana-authnz-team
+
+# Logs code, developers environment
+/devenv/docker/blocks/loki* @grafana/observability-logs
+/devenv/docker/blocks/elastic* @grafana/observability-logs
+
+# Performance tests
+/devenv/docker/loadtests-ts @grafana/grafana-edge-squad
+
 # Continuous Integration
 .drone.yml @grafana/grafana-release-eng
 .drone.star @grafana/grafana-release-eng
@@ -38,12 +63,12 @@ go.sum @grafana/backend-platform
 # Observability backend code
 /pkg/tsdb/prometheus @grafana/observability-metrics
 /pkg/tsdb/influxdb @grafana/observability-metrics
-/pkg/tsdb/elasticsearch @grafana/observability-logs-and-traces
+/pkg/tsdb/elasticsearch @grafana/observability-logs
 /pkg/tsdb/graphite @grafana/observability-metrics
-/pkg/tsdb/jaeger @grafana/observability-logs-and-traces
-/pkg/tsdb/loki @grafana/observability-logs-and-traces
-/pkg/tsdb/zipkin @grafana/observability-logs-and-traces
-/pkg/tsdb/tempo @grafana/observability-logs-and-traces
+/pkg/tsdb/jaeger @grafana/observability-traces-and-profiling
+/pkg/tsdb/loki @grafana/observability-logs
+/pkg/tsdb/zipkin @grafana/observability-traces-and-profiling
+/pkg/tsdb/tempo @grafana/observability-traces-and-profiling
 
 # BI backend code
 /pkg/tsdb/mysql @grafana/grafana-bi-squad
@@ -58,9 +83,10 @@ go.sum @grafana/backend-platform
 /pkg/services/live/ @grafana/grafana-edge-squad
 /pkg/services/searchV2/ @grafana/grafana-edge-squad
 /pkg/services/store/ @grafana/grafana-edge-squad
+/pkg/services/querylibrary/ @grafana/grafana-edge-squad
 /pkg/services/export/ @grafana/grafana-edge-squad
 /pkg/infra/filestore/ @grafana/grafana-edge-squad
-pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
+/pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
 
 # Alerting
 /pkg/services/ngalert @grafana/alerting-squad-backend
@@ -78,6 +104,7 @@ pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
 /pkg/plugins @grafana/plugins-platform-backend
 /pkg/services/datasourceproxy @grafana/plugins-platform-backend
 /pkg/services/datasources @grafana/plugins-platform-backend
+/pkg/plugins/pfs @grafana/plugins-platform-backend @grafana/grafana-as-code
 
 # Dashboard previews / crawler (behind feature flag)
 /pkg/services/thumbs @grafana/grafana-edge-squad
@@ -87,19 +114,24 @@ pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
 /contribute/architecture/backend @grafana/backend-platform
 /contribute/engineering/backend @grafana/backend-platform
 
+/crowdin.yml @grafana/user-essentials
+/public/locales @grafana/user-essentials
+/public/app/core/internationalization @grafana/user-essentials
 /e2e @grafana/user-essentials
+/e2e/cloud-plugins-suite @grafana/cloud-provider-plugins
 /packages @grafana/user-essentials @grafana/plugins-platform-frontend @grafana/grafana-bi-squad
 /packages/grafana-e2e-selectors @grafana/user-essentials
 /packages/grafana-e2e @grafana/user-essentials
 /packages/grafana-toolkit @grafana/plugins-platform-frontend
 /packages/grafana-ui/.storybook @grafana/plugins-platform-frontend
-/packages/grafana-ui/src/components/DateTimePickers @grafana/grafana-bi-squad
+/packages/grafana-ui/src/components/DateTimePickers @grafana/user-essentials
 /packages/grafana-ui/src/components/GraphNG @grafana/grafana-bi-squad
+/packages/grafana-ui/src/components/Logs @grafana/observability-logs
 /packages/grafana-ui/src/components/Table @grafana/grafana-bi-squad
 /packages/grafana-ui/src/components/TimeSeries @grafana/grafana-bi-squad
 /packages/grafana-ui/src/components/uPlot @grafana/grafana-bi-squad
 /packages/grafana-ui/src/utils/storybook @grafana/plugins-platform-frontend
-/packages/jaeger-ui-components/ @grafana/observability-logs-and-traces
+/packages/jaeger-ui-components/ @grafana/observability-traces-and-profiling
 /plugins-bundled @grafana/plugins-platform-frontend
 # public folder
 /public/app/core/components/TimePicker @grafana/grafana-bi-squad
@@ -108,6 +140,7 @@ pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
 /public/app/features/comments/ @grafana/grafana-edge-squad
 /public/app/features/dimensions/ @grafana/grafana-edge-squad
 /public/app/features/geo/ @grafana/grafana-edge-squad
+/public/app/features/storage/ @grafana/grafana-edge-squad
 /public/app/features/live/ @grafana/grafana-edge-squad
 /public/app/features/explore/ @grafana/observability-experience-squad
 /public/app/features/plugins @grafana/plugins-platform-frontend
@@ -116,8 +149,9 @@ pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
 /public/app/plugins/panel/barchart @grafana/grafana-bi-squad
 /public/app/plugins/panel/heatmap @grafana/grafana-bi-squad
 /public/app/plugins/panel/histogram @grafana/grafana-bi-squad
-/public/app/plugins/panel/logs @grafana/observability-logs-and-traces
-/public/app/plugins/panel/nodeGraph @grafana/observability-logs-and-traces
+/public/app/plugins/panel/logs @grafana/observability-logs
+/public/app/plugins/panel/nodeGraph @grafana/observability-traces-and-profiling
+/public/app/plugins/panel/traces @grafana/observability-traces-and-profiling
 /public/app/plugins/panel/piechart @grafana/grafana-bi-squad
 /public/app/plugins/panel/state-timeline @grafana/grafana-bi-squad
 /public/app/plugins/panel/status-history @grafana/grafana-bi-squad
@@ -130,8 +164,6 @@ pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
 /scripts/build/release-packages.sh @grafana/plugins-platform-frontend
 /scripts/circle-release-next-packages.sh @grafana/plugins-platform-frontend
 /scripts/ci-frontend-metrics.sh @grafana/user-essentials @grafana/plugins-platform-frontend @grafana/grafana-bi-squad
-/scripts/ci-reference-docs-build.sh @grafana/plugins-platform-frontend
-/scripts/ci-reference-docs-lint.sh @grafana/plugins-platform-frontend
 /scripts/grunt @grafana/frontend-ops
 /scripts/webpack @grafana/frontend-ops
 /scripts/generate-a11y-report.sh @grafana/user-essentials
@@ -143,26 +175,27 @@ lerna.json @grafana/frontend-ops
 .eslintrc @grafana/frontend-ops
 .pa11yci.conf.js @grafana/user-essentials
 .pa11yci-pr.conf.js @grafana/user-essentials
+.betterer.results @joshhunt
 
 # @grafana/ui component documentation
-*.mdx @marcusolsson @jessover9000 @grafana/plugins-platform-frontend
+*.mdx @grafana/plugins-platform-frontend
 
 # Core datasources
 /public/app/plugins/datasource/cloudwatch @grafana/aws-plugins
-/public/app/plugins/datasource/elasticsearch @grafana/observability-logs-and-traces
+/public/app/plugins/datasource/elasticsearch @grafana/observability-logs
 /public/app/plugins/datasource/grafana-azure-monitor-datasource @grafana/cloud-provider-plugins
 /public/app/plugins/datasource/graphite @grafana/observability-metrics
 /public/app/plugins/datasource/influxdb @grafana/observability-metrics
-/public/app/plugins/datasource/jaeger @grafana/observability-logs-and-traces
-/public/app/plugins/datasource/loki @grafana/observability-logs-and-traces
+/public/app/plugins/datasource/jaeger @grafana/observability-traces-and-profiling
+/public/app/plugins/datasource/loki @grafana/observability-logs
 /public/app/plugins/datasource/mssql @grafana/grafana-bi-squad
 /public/app/plugins/datasource/mysql @grafana/grafana-bi-squad
 /public/app/plugins/datasource/opentsdb @grafana/backend-platform
 /public/app/plugins/datasource/postgres @grafana/grafana-bi-squad
 /public/app/plugins/datasource/prometheus @grafana/observability-metrics
 /public/app/plugins/datasource/cloud-monitoring @grafana/cloud-provider-plugins
-/public/app/plugins/datasource/zipkin @grafana/observability-logs-and-traces
-/public/app/plugins/datasource/tempo @grafana/observability-logs-and-traces
+/public/app/plugins/datasource/zipkin @grafana/observability-traces-and-profiling
+/public/app/plugins/datasource/tempo @grafana/observability-traces-and-profiling
 /public/app/plugins/datasource/alertmanager @grafana/alerting-squad
 
 # Cloud middleware
@@ -181,3 +214,19 @@ lerna.json @grafana/frontend-ops
 /pkg/services/oauthtoken @grafana/grafana-authnz-team
 /pkg/services/teamguardian @grafana/grafana-authnz-team
 /pkg/services/serviceaccounts @grafana/grafana-authnz-team
+
+# Grafana Partnerships Team
+/pkg/infra/httpclient/httpclientprovider/sigv4_middleware.go @grafana/grafana-partnerships-team
+
+# Kind system and code generation
+embed.go @grafana/grafana-as-code
+/kinds/ @grafana/grafana-as-code
+/pkg/codegen @grafana/grafana-as-code
+/pkg/kindsys @grafana/grafana-as-code
+/pkg/kinds/*/*_gen.go @grafana/grafana-as-code
+/pkg/registry/corekind @grafana/grafana-as-code
+/public/app/plugins/*gen.go @grafana/grafana-as-code
+
+# Specific core kinds
+/kinds/raw/ @grafana/grafana-edge-squad
+/kinds/structured/dashboard @grafana/dashboards-squad

.github/PULL_REQUEST_TEMPLATE.md

@@ -14,11 +14,23 @@ Thank you for sending a pull request! Here are some tips:
 
 6. Name your PR as "<FeatureArea>: Describe your change", e.g. Alerting: Prevent race condition. If it's a fix or feature relevant for the changelog describe the user impact in the title. The PR title is used to auto-generate the changelog for issues marked with the "add to changelog" label.
 
+7. If your PR content should be added to the What's New document for the next major or minor release, add the **add to what's new** label to your PR. Note that you should add this label to the main PR that introduces the feature; do not add this label to smaller PRs for the feature.
+
 -->
 
-**What this PR does / why we need it**:
+**What is this feature?**
 
-**Which issue(s) this PR fixes**:
+[Add a brief description of what the feature or update does.]
+
+**Why do we need this feature?**
+
+[Add a description of the problem the feature is trying to solve.]
+
+**Who is this feature for?**
+
+[Add information on what kind of user the feature is for.]
+
+**Which issue(s) does this PR fix?**:
 
 <!--
 

.github/commands.json

@@ -41,6 +41,7 @@
     "type":"label",
     "name":"bot/no new info",
     "action":"close",
+    "removeLabel":"needs more info",
     "comment":"We've closed this issue since it needs more information and hasn't had any activity recently. We can re-open it after you you add more information. To avoid having your issue closed in the future, please read our [CONTRIBUTING](https://github.com/grafana/grafana/blob/main/CONTRIBUTING.md) guidelines.\n\nHappy graphing!"
   },
   {
@@ -79,7 +80,7 @@
     "name":"datasource/Azure",
     "action":"addToProject",
     "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/97"
+      "url":"https://github.com/orgs/grafana/projects/190"
     }
   },
   {
@@ -103,7 +104,7 @@
     "name":"datasource/GoogleCloudMonitoring",
     "action":"addToProject",
     "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/97"
+      "url":"https://github.com/orgs/grafana/projects/190"
     }
   },
   {
@@ -138,20 +139,12 @@
       "url":"https://github.com/orgs/grafana/projects/112"
     }
   },
-  {
-    "type":"label",
-    "name":"datasource/OpenSearch",
-    "action":"addToProject",
-    "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/110"
-    }
-  },
   {
     "type":"label",
     "name":"datasource/Loki",
     "action":"addToProject",
     "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/110"
+      "url":"https://github.com/orgs/grafana/projects/203"
     }
   },
   {
@@ -159,7 +152,7 @@
     "name":"datasource/Tempo",
     "action":"addToProject",
     "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/110"
+      "url":"https://github.com/orgs/grafana/projects/221"
     }
   },
   {
@@ -167,7 +160,7 @@
     "name":"datasource/Elasticsearch",
     "action":"addToProject",
     "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/110"
+      "url":"https://github.com/orgs/grafana/projects/203"
     }
   },
   {
@@ -175,7 +168,7 @@
     "name":"datasource/Jaeger",
     "action":"addToProject",
     "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/110"
+      "url":"https://github.com/orgs/grafana/projects/221"
     }
   },
   {
@@ -183,7 +176,7 @@
     "name":"datasource/Zipkin",
     "action":"addToProject",
     "addToProject":{
-      "url":"https://github.com/orgs/grafana/projects/110"
+      "url":"https://github.com/orgs/grafana/projects/221"
     }
   },
   {

.github/metrics-collector.json

@@ -16,6 +16,10 @@
       "name": "needs_more_info",
       "query": "label:\"needs more info\" is:open"
     },
+    {
+      "name": "triage_needs_confirmation",
+      "query": "label:\"triage/needs-confirmation\" is:open"
+    },
     {
       "name": "unlabeled",
       "query": "is:open is:issue no:label"
@@ -23,10 +27,6 @@
     {
       "name": "open_prs",
       "query": "is:open is:pr"
-    },
-    {
-      "name": "milestone_7_4_open",
-      "query": "is:open is:issue milestone:7.4"
     }
   ]
 }

.github/renovate.json5

@@ -4,29 +4,18 @@
   ],
   "enabledManagers": ["npm"],
   "ignoreDeps": [
-    "@grafana/slate-react", // should be updated when the `slate` package is updated
     "@types/systemjs",
-    "@types/d3-force", // we should bump this once we move to esm modules
-    "@types/d3-interpolate", // we should bump this once we move to esm modules
-    "@types/d3-scale-chromatic", // we should bump this once we move to esm modules
-    "@types/grafana__slate-react", // should be updated when the `slate` package is updated
     "@types/react-icons", // jaeger-ui-components is being refactored to use @grafana/ui icons instead
     "commander", // we are planning to remove this, so no need to update it
-    "d3",
-    "d3-force", // we should bump this once we move to esm modules
-    "d3-interpolate", // we should bump this once we move to esm modules
-    "d3-scale-chromatic", // we should bump this once we move to esm modules
     "execa", // we should bump this once we move to esm modules
     "history", // we should bump this together with react-router-dom
-    "@mdx-js/react", // storybook peer-depends on it's 1.x version, we should upgrade this when we upgrade storybook
+    "@mdx-js/react", // storybook peer-depends on its 1.x version, we should upgrade this when we upgrade storybook
     "monaco-editor", // due to us exposing this via @grafana/ui/CodeEditor's props bumping can break plugins
     "node-fetch", // we should bump this once we move to esm modules
     "react-hook-form", // due to us exposing these hooks via @grafana/ui form components bumping can break plugins
     "react-icons", // jaeger-ui-components is being refactored to use @grafana/ui icons instead
     "react-redux", // react-beautiful-dnd depends on react-redux 7.x, we need to update that one first
     "react-router-dom", // we should bump this together with history
-    "slate",
-    "slate-plain-serializer",
     "systemjs",
     "copy-webpack-plugin", // try to upgrade with newer yarn release. Not working with 3.1.1
     "ts-loader", // we should remove ts-loader and use babel-loader instead
@@ -54,7 +43,37 @@
       "matchPackagePatterns": ["@storybook"],
       "extends": ["schedule:monthly"],
       "groupName": "Storybook updates"
-    }
+    },
+    {
+      "groupName": "React Aria",
+      "matchPackagePrefixes": [
+        "@react-aria/",
+        "@react-stately/"
+      ]
+    },
+    {
+      "groupName": "Moveable",
+      "matchPackageNames": [
+        "moveable",
+        "react-moveable"
+      ]
+    },
+    {
+      "groupName": "Slate",
+      "matchPackageNames": [
+        "@types/slate",
+        "@types/slate-react",
+        "slate",
+        "slate-react"
+      ]
+    },
+    {
+      "groupName": "d3",
+      "matchPackagePrefixes": [
+        "d3",
+        "@types/d3"
+      ]
+    },
   ],
   "pin": {
     "enabled": false

.github/teams.yml

@@ -7,4 +7,5 @@ test:
 
 # Alerting team
 area/alerting:
+  github-board: 52
   channel-label: C02B9MXQE0J

.github/workflows/bump-version.yml

@@ -3,19 +3,8 @@ on:
   workflow_dispatch:
     inputs:
       version:
+        description: 'Needs to match, exactly, the name of a milestone. The version to be released please respect: major.minor.patch or major.minor.patch-beta<number> format. example: 7.4.3 or 7.4.3-beta1'
         required: true
-        default: '7.x.x'
-  workflow_call:
-    inputs:
-      version_call:
-        description: Needs to match, exactly, the name of a version
-        required: true
-        type: string
-    secrets:
-        token:
-          required: true
-        metricsWriteAPIKey:
-          required: true
 env:
     YARN_ENABLE_IMMUTABLE_INSTALLS: false
 jobs:
@@ -28,7 +17,7 @@ jobs:
         id: regex-match
         with:
           text: ${{ github.event.inputs.version }}
-          regex: '^(\d+.\d+).\d+(?:-beta.\d+)?$'
+          regex: '^(\d+.\d+).\d+(?:-beta\d+)?$'
       - uses: actions-ecosystem/action-regex-match@v2.0.2
         if: ${{ inputs.version_call != '' }}
         id: regex-match-version-call
@@ -40,7 +29,7 @@ jobs:
         run: |
           echo "The input version format is not correct, please respect:\
           major.minor.patch or major.minor.patch-beta.number format. \
-          example: 7.4.3 or 7.4.3-beta.1"
+          example: 7.4.3 or 7.4.3-beta1"
           exit 1
       - name: Validate input version call
         if: ${{ inputs.version_call != '' && steps.regex-match-version-call.outputs.match == '' }}
@@ -55,10 +44,10 @@ jobs:
       - name: Set intermedia variables
         id: intermedia
         run: |
-          echo "::set-output name=short_ref::${GITHUB_REF#refs/*/}"
-          echo "::set-output name=check_passed::false"
-          echo "::set-output name=branch_name::v${{steps.regex-match.outputs.group1}}"
-          echo "::set-output name=branch_exist::$(git ls-remote --heads https://github.com/grafana/grafana.git v${{ steps.regex-match.outputs.group1 }}.x | wc -l)"
+          echo "short_ref=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
+          echo "check_passed=false" >> $GITHUB_OUTPUT
+          echo "branch_name=v${{steps.regex-match.outputs.group1}}" >> $GITHUB_OUTPUT
+          echo "branch_exist=$(git ls-remote --heads https://github.com/grafana/grafana.git v${{ steps.regex-match.outputs.group1 }}.x | wc -l)" >> $GITHUB_OUTPUT
 
       - name: Check input version is aligned with branch(main)
         if: ${{ github.event.inputs.version != '' && steps.intermedia.outputs.branch_exist == '0' && !contains(steps.intermedia.outputs.short_ref, 'main') }}
@@ -74,21 +63,13 @@ jobs:
           repository: "grafana/grafana-github-actions"
           path: ./actions
           ref: main
-      - uses: actions/setup-node@v3.3.0
+      - uses: actions/setup-node@v3.5.1
         with:
           node-version: '16'
       - name: Install Actions
         run: npm install --production --prefix ./actions
-      - name: Run bump version (manually invoked)
-        if: ${{ github.event.inputs.version != '' }}
+      - name: Run bump version (manually invoked)        
         uses: ./actions/bump-version
         with:
           token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
           metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
-      - name: Run bump version (workflow invoked)
-        if: ${{ inputs.version_call != '' }}
-        uses: ./actions/bump-version
-        with:
-          version_call: ${{ inputs.version_call }}
-          token: ${{ secrets.token }}
-          metricsWriteAPIKey: ${{ secrets.metricsWriteAPIKey }}

.github/workflows/cloud-data-sources-code-coverage.yml

@@ -14,4 +14,7 @@ on:
 
 jobs:
   workflow-call:
-    uses: grafana/code-coverage/.github/workflows/code-coverage.yml@v0.1.2
+    uses: grafana/code-coverage/.github/workflows/code-coverage.yml@v0.1.12
+    with:
+      frontend-path-regexp: public\/app\/plugins\/datasource\/(grafana-azure-monitor-datasource|cloud-monitoring|cloudwatch)
+      backend-path-regexp: pkg\/tsdb\/(azuremonitor|cloudmonitoring|cloudwatch)

.github/workflows/codeql-analysis.yml

@@ -6,6 +6,7 @@
 name: "CodeQL"
 
 on:
+  workflow_dispatch:
   push:
     branches: [main, v1.8.x, v2.0.x, v2.1.x, v2.6.x, v3.0.x, v3.1.x, v4.0.x, v4.1.x, v4.2.x, v4.3.x, v4.4.x, v4.5.x, v4.6.x, v4.7.x, v5.0.x, v5.1.x, v5.2.x, v5.3.x, v5.4.x, v6.0.x, v6.1.x, v6.2.x, v6.3.x, v6.4.x, v6.5.x, v6.6.x, v6.7.x, v7.0.x, v7.1.x, v7.2.x]
     paths-ignore:
@@ -39,6 +40,12 @@ jobs:
         # a pull request then we can checkout the head.
         fetch-depth: 2
 
+    - if: matrix.language == 'go'
+      name: Set go version
+      uses: actions/setup-go@v3
+      with:
+        go-version: '1.19.2'
+
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v2
@@ -49,5 +56,11 @@ jobs:
         # Prefix the list here with "+" to use these queries and those in the config file.
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
+    - if: matrix.language == 'go'
+      name: Build go files
+      run: |
+        go mod verify
+        make build-go
+
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v2

.github/workflows/detect-breaking-changes-build-skip.yml

@@ -0,0 +1,34 @@
+# Workflow for skipping the Levitate detection
+# (This is needed because workflows that are skipped due to path filtering will show up as pending in Github.
+# As this has the same name as the one in detect-breaking-changes-build.yml it will take over in these cases and succeed quickly.)
+
+name: Levitate / Detect breaking changes
+
+on:
+  pull_request:
+    paths-ignore:
+      - "packages/**"
+    branches:
+      - 'main'
+
+jobs:
+  detect:
+    name: Detect breaking changes
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Skipping
+        run: echo "No modifications in the public API (packages/), skipping."
+
+        # Build and persist output as a JSON (we need to tell the report workflow that the check has been skipped)
+      - name: Persisting the check output
+        run: |
+          mkdir -p ./levitate
+          echo "{ \"shouldSkip\": true }" > ./levitate/result.json
+
+      # Upload artifact (so it can be used in the more privileged "report" workflow)
+      - name: Upload check output as artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: levitate
+          path: levitate/

.github/workflows/detect-breaking-changes-build.yml

@@ -1,6 +1,14 @@
+# Only runs if anything under the packages/ directory changes. 
+# (Otherwise detect-breaking-changes-build-skip.yml takes over)
+
 name: Levitate / Detect breaking changes
 
-on: pull_request
+on: 
+  pull_request:
+    paths:
+      - 'packages/**'
+    branches:
+      - 'main'
 
 jobs:
   buildPR:
@@ -12,30 +20,36 @@ jobs:
 
     steps:
     - uses: actions/checkout@v3
-      with: 
+      with:
         path: './pr'
+    - uses: actions/setup-node@v3.5.1
+      with:
+        node-version: 16.16.0
 
     - name: Get yarn cache directory path
       id: yarn-cache-dir-path
-      run: echo "::set-output name=dir::$(yarn config get cacheFolder)"
-    
+      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
+
     - name: Restore yarn cache
-      uses: actions/cache@v2
+      uses: actions/cache@v3.0.11
       id: yarn-cache
       with:
         path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
         key: yarn-cache-folder-${{ hashFiles('**/yarn.lock', '.yarnrc.yml') }}
         restore-keys: |
           yarn-cache-folder-
-      
+
     - name: Install dependencies
       run: yarn install --immutable
 
     - name: Build packages
       run: yarn packages:build
 
-    - name: Zip built packages
-      run: zip -r ./pr_built_packages.zip ./packages/**/dist
+    - name: Pack packages
+      run: yarn packages:pack --out ./%s.tgz
+
+    - name: Zip built tarballed packages
+      run: zip -r ./pr_built_packages.zip ./packages/**/*.tgz
 
     - name: Upload build output as artifact
       uses: actions/upload-artifact@v3
@@ -52,31 +66,38 @@ jobs:
 
     steps:
     - uses: actions/checkout@v3
-      with: 
+      with:
         path: './base'
         ref: ${{ github.event.pull_request.base.ref }}
 
+    - uses: actions/setup-node@v3.5.1
+      with:
+        node-version: 16.16.0
+
     - name: Get yarn cache directory path
       id: yarn-cache-dir-path
-      run: echo "::set-output name=dir::$(yarn config get cacheFolder)"
-    
+      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
+
     - name: Restore yarn cache
-      uses: actions/cache@v2
+      uses: actions/cache@v3.0.11
       id: yarn-cache
       with:
         path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
         key: yarn-cache-folder-${{ hashFiles('**/yarn.lock', '.yarnrc.yml') }}
         restore-keys: |
           yarn-cache-folder-
-      
+
     - name: Install dependencies
       run: yarn install --immutable
 
     - name: Build packages
       run: yarn packages:build
 
-    - name: Zip built packages
-      run: zip -r ./base_built_packages.zip ./packages/**/dist
+    - name: Pack packages
+      run: yarn packages:pack --out ./%s.tgz
+
+    - name: Zip built tarballed packages
+      run: zip -r ./base_built_packages.zip ./packages/**/*.tgz
 
     - name: Upload build output as artifact
       uses: actions/upload-artifact@v3
@@ -103,12 +124,12 @@ jobs:
         uses: actions/download-artifact@v3
         with:
           name: buildBase
-      
+
       - name: Unzip artifact from pr
-        run: unzip pr_built_packages.zip -d ./pr && rm pr_built_packages.zip
+        run: unzip -j pr_built_packages.zip -d ./pr && rm pr_built_packages.zip
 
       - name: Unzip artifact from base
-        run: unzip base_built_packages.zip -d ./base && rm base_built_packages.zip
+        run: unzip -j base_built_packages.zip -d ./base && rm base_built_packages.zip
 
       - name: Get link for the Github Action job
         id: job
@@ -120,7 +141,7 @@ jobs:
 
       - name: Detect breaking changes
         id: breaking-changes
-        run: ./scripts/check-breaking-changes.sh 
+        run: ./scripts/check-breaking-changes.sh
         env:
           FORCE_COLOR: 3
           GITHUB_JOB_LINK: ${{ steps.job.outputs.link }}
@@ -135,7 +156,7 @@ jobs:
         with:
           name: levitate
           path: levitate/
-        
+
       - name: Exit
         run: exit ${{ steps.breaking-changes.outputs.is_breaking }}
         shell: bash

.github/workflows/detect-breaking-changes-report.yml

@@ -10,12 +10,13 @@ jobs:
     name: Report
     runs-on: ubuntu-latest
     env:
-      ARTIFACT_FOLDER: '${{ github.workspace }}/tmp'
-      ARTIFACT_NAME: 'levitate'
+      ARTIFACT_NAME: 'levitate' # The name of the artifact that we would like to download
+      ARTIFACT_FOLDER: '${{ github.workspace }}/tmp' # The name of the folder where we will download the artifact to
 
     steps:
     - uses: actions/checkout@v3
-    
+
+    # Download artifact (as a .zip archive)
     - name: 'Download artifact'
       uses: actions/github-script@v6
       env:
@@ -49,9 +50,12 @@ jobs:
           fs.mkdirSync(artifactFolder, { recursive: true });
           fs.writeFileSync(`${ artifactFolder }/${ artifactName }.zip`, Buffer.from(download.data));
         
+    # Unzip artifact
     - name: Unzip artifact
       run: unzip "${ARTIFACT_FOLDER}/${ARTIFACT_NAME}.zip" -d "${ARTIFACT_FOLDER}"
     
+     # Parse the artifact and register fields as step output variables
+      # (All fields in the JSON will be available as ${{ steps.levitate-run.outputs.<field-name> }}
     - name: Parsing levitate result
       uses: actions/github-script@v6
       id: levitate-run
@@ -61,8 +65,15 @@ jobs:
           const script = require('./.github/workflows/scripts/json-file-to-job-output.js');
           await script({ core, filePath });
 
+    # Skip - print a message if the "Detect" workflow was skipped
+    - name: Check if the workflow should be skipped
+      if: steps.levitate-run.outputs.shouldSkip == 'true'
+      run: echo "Skipping."
+
+    # Check if label exists
     - name: Check if "levitate breaking change" label exists
       id: does-label-exist
+      if: steps.levitate-run.outputs.shouldSkip != 'true'
       uses: actions/github-script@v6
       env:
         PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0].number }}
@@ -78,8 +89,9 @@ jobs:
 
           return doesExist ? 1 : 0;
 
+    # Comment on the PR
     - name: Comment on PR
-      if: ${{ steps.levitate-run.outputs.exit_code == 1 }}
+      if: steps.levitate-run.outputs.exit_code == 1 && steps.levitate-run.outputs.shouldSkip != 'true'
       uses: marocchino/sticky-pull-request-comment@v2
       with:
         number: ${{ steps.levitate-run.outputs.pr_number }}
@@ -93,8 +105,9 @@ jobs:
           [Console output](${{ steps.levitate-run.outputs.job_link }})
           [Read our guideline](https://github.com/grafana/grafana/blob/main/contribute/breaking-changes-guide.md)
 
-    - name: Remove comment on PR
-      if: ${{ steps.levitate-run.outputs.exit_code == 0 }}
+    # Remove comment from the PR (no more breaking changes)
+    - name: Remove comment from PR
+      if: steps.levitate-run.outputs.exit_code == 0 && steps.levitate-run.outputs.shouldSkip != 'true'
       uses: marocchino/sticky-pull-request-comment@v2
       with:
         number: ${{ steps.levitate-run.outputs.pr_number }}
@@ -103,8 +116,8 @@ jobs:
     # Posts a notification to Slack if a PR has a breaking change and it did not have a breaking change before
     - name: Post to Slack
       id: slack
-      if: ${{ steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 }}
-      uses: slackapi/slack-github-action@v1.19.0
+      if: steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 && steps.levitate-run.outputs.shouldSkip != 'true'
+      uses: slackapi/slack-github-action@v1.23.0
       with:
         payload: |
           {
@@ -117,8 +130,9 @@ jobs:
       env:
         SLACK_WEBHOOK_URL: ${{ secrets.SLACK_LEVITATE_WEBHOOK_URL }}
 
+    # Add the label
     - name: Add "levitate breaking change" label
-      if: ${{ steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 }}
+      if: steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 && steps.levitate-run.outputs.shouldSkip != 'true'
       uses: actions/github-script@v6
       env:
         PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
@@ -132,8 +146,9 @@ jobs:
             labels: ['levitate breaking change']
           })
 
+    # Remove label (no more breaking changes)
     - name: Remove "levitate breaking change" label
-      if: ${{ steps.levitate-run.outputs.exit_code == 0 && steps.does-label-exist.outputs.result == 1 }}
+      if: steps.levitate-run.outputs.exit_code == 0 && steps.does-label-exist.outputs.result == 1 && steps.levitate-run.outputs.shouldSkip != 'true'
       uses: actions/github-script@v6
       env:
         PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
@@ -147,10 +162,11 @@ jobs:
             name: 'levitate breaking change'
           })
 
+    # Add reviewers
     # This is very weird, the actual request goes through (comes back with a 201), but does not assign the team.
     # Related issue: https://github.com/renovatebot/renovate/issues/1908
     - name: Add "grafana/plugins-platform-frontend" as a reviewer
-      if: ${{ steps.levitate-run.outputs.exit_code == 1 }}
+      if: steps.levitate-run.outputs.exit_code && steps.levitate-run.outputs.shouldSkip != 'true'
       uses: actions/github-script@v6
       env:
         PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
@@ -165,8 +181,9 @@ jobs:
             team_reviewers: ['grafana/plugins-platform-frontend']
           });
 
+    # Remove reviewers (no more breaking changes)
     - name: Remove "grafana/plugins-platform-frontend" from the list of reviewers
-      if: ${{ steps.levitate-run.outputs.exit_code == 0 }}
+      if: steps.levitate-run.outputs.exit_code == 0 && steps.levitate-run.outputs.shouldSkip != 'true'
       uses: actions/github-script@v6
       env:
         PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}

.github/workflows/doc-validator.yml

@@ -0,0 +1,16 @@
+name: "doc-validator"
+on:
+  pull_request:
+    paths: ["docs/sources/**"]
+  workflow_dispatch:
+jobs:
+  doc-validator:
+    runs-on: "ubuntu-latest"
+    container:
+      image: "grafana/doc-validator:v1.5.0"
+    steps:
+      - name: "Checkout code"
+        uses: "actions/checkout@v3"
+      - name: "Run doc-validator tool"
+        # Ensure that the CI always passes until all errors are resolved.
+        run: "doc-validator ./docs/sources || true"

.github/workflows/issue-labeled.yml

@@ -14,23 +14,37 @@ jobs:
       - name: "Determine which team to notify"
         run: |
           # Default to null values.
+          BOARD="null"
           CHANNEL="null"
 
           echo "${{ github.event.label.name }} label added"
           export CURRENT_LABEL="${{ github.event.label.name }}" # Enable the use of the label in yq evaluations
           # yq is installed by default in ubuntu-latest
           if [[ $(yq e 'keys | .[] | select(. == env(CURRENT_LABEL))' teams.yml ) ]]; then
+            # Check if we have a board set to use.
+            if [[ $(yq '.[env(CURRENT_LABEL)] | has("github-board")' teams.yml ) == true ]]; then
+              BOARD=$(yq '.[env(CURRENT_LABEL)].github-board' teams.yml)
+              echo "Ready to add issue to Grafana board ${BOARD}"
+            fi
             # Check if we have a channel set to notify on comments.
             if [[ $(yq '.[env(CURRENT_LABEL)] | has("channel-label")' teams.yml ) == true ]]; then
               CHANNEL=$(yq '.[env(CURRENT_LABEL)].channel-label' teams.yml)
+              echo "Ready to send issue to channel ID ${CHANNEL}"
             fi
           fi
 
           # set environment for next step
+          echo "BOARD=${BOARD}" >> $GITHUB_ENV
           echo "CHANNEL=${CHANNEL}" >> $GITHUB_ENV
 
-          # Debug logging
-          echo "Ready to send issue to channel ID ${CHANNEL}"
+      - name: "Add to GitHub board"
+        if: ${{ env.BOARD != 'null' }}
+        uses: leonsteinhaeuser/project-beta-automations@v1.3.0
+        with:
+          project_id: ${{ env.BOARD }}
+          organization: grafana
+          resource_node_id: ${{ github.event.issue.node_id }}
+          gh_token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: "Prepare payload"
         uses: frabert/replace-string-action@v2.0
@@ -43,7 +57,8 @@ jobs:
           flags: 'g'
 
       - name: "Send Slack notification"
-        uses: slackapi/slack-github-action@v1.14.0
+        if: ${{ env.CHANNEL != 'null' }}
+        uses: slackapi/slack-github-action@v1.23.0
         with:
           payload: >
             {

.github/workflows/ox-code-coverage.yml

@@ -0,0 +1,17 @@
+name: Observability Experience test code coverage
+on:
+  pull_request:
+    paths:
+      - 'pkg/services/queryhistory/**'
+      - 'public/app/features/explore/**'
+      - 'public/app/features/correlations/**'
+    branches-ignore:
+      - dependabot/**
+      - backport-*
+
+jobs:
+  workflow-call:
+    uses: grafana/code-coverage/.github/workflows/code-coverage.yml@v0.1.12
+    with:
+      frontend-path-regexp: public\/app\/features\/(explore|correlations)
+      backend-path-regexp: pkg\/services\/(queryhistory)

.github/workflows/pr-codeql-analysis-go.yml

@@ -1,6 +1,7 @@
 name: "CodeQL for PR / go"
 
 on:
+  workflow_dispatch:
   pull_request:
     branches: [main]
     paths:
@@ -19,11 +20,21 @@ jobs:
         # a pull request then we can checkout the head.
         fetch-depth: 2
 
+    - name: Set go version
+      uses: actions/setup-go@v3
+      with:
+        go-version: '1.19.2'
+
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v2
       with:
         languages: "go"
 
+    - name: Build go files
+      run: |
+        go mod verify
+        make build-go
+
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v2

.github/workflows/pr-codeql-analysis-javascript.yml

@@ -1,6 +1,7 @@
 name: "CodeQL for PR / javascript"
 
 on:
+  workflow_dispatch:
   pull_request:
     branches: [main]
     paths:

.github/workflows/pr-codeql-analysis-python.yml

@@ -1,6 +1,7 @@
 name: "CodeQL for PR / python"
 
 on:
+  workflow_dispatch:
   pull_request:
     branches: [main]
     paths:

.github/workflows/prepare-release.yml

@@ -1,23 +0,0 @@
-name: Prepare release
-on:
-  workflow_dispatch:
-    inputs:
-      version_input:
-        description: 'The version to be released please respect: major.minor.patch or major.minor.patch-beta<number> format. example: 7.4.3 or 7.4.3-beta1'
-        required: true
-jobs:
-  call-bump-version:
-    uses: grafana/grafana/.github/workflows/bump-version.yml@main
-    with:
-      version_call: ${{ github.event.inputs.version_input }}
-    secrets:
-      token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
-      metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
-  call-update-changelog:
-    uses: grafana/grafana/.github/workflows/update-changelog.yml@main
-    with:
-      version_call: ${{ github.event.inputs.version_input }}
-    secrets:
-      token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
-      metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
-    needs: call-bump-version

.github/workflows/publish-technical-documentation-next.yml

@@ -0,0 +1,34 @@
+name: "publish-technical-documentation-next"
+
+on:
+  push:
+    branches:
+      - "main"
+    paths:
+      - "docs/sources/**"
+  workflow_dispatch:
+jobs:
+  sync:
+    if: "github.repository == 'grafana/grafana'"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: "Checkout Grafana repo"
+        uses: "actions/checkout@v3"
+
+      - name: "Clone website-sync Action"
+        # WEBSITE_SYNC_GRAFANA is a fine-grained GitHub Personal Access Token that expires.
+        # It must be updated in the grafanabot GitHub account.
+        run: "git clone --single-branch --no-tags --depth 1 -b master https://grafanabot:${{ secrets.WEBSITE_SYNC_GRAFANA }}@github.com/grafana/website-sync ./.github/actions/website-sync"
+
+      - name: "Publish to website repository (next)"
+        uses: "./.github/actions/website-sync"
+        id: "publish-next"
+        with:
+          repository: "grafana/website"
+          branch: "master"
+          host: "github.com"
+          # PUBLISH_TO_WEBSITE_GRAFANA is a fine-grained GitHub Personal Access Token that expires.
+          # It must be updated in the grafanabot GitHub account.
+          github_pat: "grafanabot:${{ secrets.PUBLISH_TO_WEBSITE_GRAFANA }}"
+          source_folder: "docs/sources"
+          target_folder: "content/docs/grafana/next"

.github/workflows/publish-technical-documentation-release.yml

@@ -0,0 +1,64 @@
+name: "publish-technical-documentation-release"
+
+on:
+  push:
+    branches:
+      - v[0-9]+.[0-9]+.x
+    tags:
+      - v[0-9]+.[0-9]+.[0-9]+
+    paths:
+      - "docs/sources/**"
+  workflow_dispatch:
+jobs:
+  sync:
+    if: "github.repository == 'grafana/grafana'"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: "Checkout Grafana repo"
+        uses: "actions/checkout@v3"
+        with:
+          fetch-depth: 0
+
+      - name: "Checkout Actions library"
+        uses: "actions/checkout@v3"
+        with:
+          repository: "grafana/grafana-github-actions"
+          path: "./actions"
+
+      - name: "Install Actions from library"
+        run: "npm install --production --prefix ./actions"
+
+      - name: "Determine if there is a matching release tag"
+        id: "has-matching-release-tag"
+        uses: "./actions/has-matching-release-tag"
+        with:
+          ref_name: "${{ github.ref_name }}"
+          release_tag_regexp: "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$"
+          release_branch_regexp: "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.x$"
+
+      - name: "Determine technical documentation version"
+        if: "steps.has-matching-release-tag.outputs.bool == 'true'"
+        uses: "./actions/docs-target"
+        id: "target"
+        with:
+          ref_name: "${{ github.ref_name }}"
+
+      - name: "Clone website-sync Action"
+        if: "steps.has-matching-release-tag.outputs.bool == 'true'"
+        # WEBSITE_SYNC_GRAFANA is a fine-grained GitHub Personal Access Token that expires.
+        # It must be updated in the grafanabot GitHub account.
+        run: "git clone --single-branch --no-tags --depth 1 -b master https://grafanabot:${{ secrets.WEBSITE_SYNC_GRAFANA }}@github.com/grafana/website-sync ./.github/actions/website-sync"
+
+      - name: "Publish to website repository (release)"
+        if: "steps.has-matching-release-tag.outputs.bool == 'true'"
+        uses: "./.github/actions/website-sync"
+        id: "publish-release"
+        with:
+          repository: "grafana/website"
+          branch: "master"
+          host: "github.com"
+          # PUBLISH_TO_WEBSITE_GRAFANA is a fine-grained GitHub Personal Access Token that expires.
+          # It must be updated in the grafanabot GitHub account.
+          github_pat: "grafanabot:${{ secrets.PUBLISH_TO_WEBSITE_GRAFANA }}"
+          source_folder: "docs/sources"
+          target_folder: "content/docs/grafana/${{ steps.target.outputs.target }}"

.github/workflows/publish.yml

@@ -1,49 +0,0 @@
-name: publish_docs
-
-on:
-  push:
-    branches:
-    - main
-    paths:
-    - 'docs/sources/**'
-    - 'packages/grafana-*/**'
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v3
-    - run: git clone --single-branch --no-tags --depth 1 -b master https://grafanabot:${{ secrets.GH_BOT_ACCESS_TOKEN }}@github.com/grafana/website-sync ./.github/actions/website-sync
-    - name: generate-packages-docs
-      uses: actions/setup-node@v3.3.0
-      id: generate-docs
-      with:
-        node-version: '16'
-    - name: Get yarn cache directory path
-      id: yarn-cache-dir-path
-      run: echo "::set-output name=dir::$(yarn config get cacheFolder)"
-    - uses: actions/cache@v2.1.7
-      with:
-        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
-        key: yarn-${{ hashFiles('**/yarn.lock') }}
-        restore-keys: |
-            yarn-
-    - run: yarn install --immutable
-    - run: ./scripts/ci-reference-docs-build.sh
-    - name: publish-to-git
-      uses: ./.github/actions/website-sync
-      id: publish
-      with:
-        repository: grafana/website
-        branch: master
-        host: github.com
-        github_pat: '${{ secrets.GH_BOT_ACCESS_TOKEN }}'
-        source_folder: docs/sources
-        target_folder: content/docs/grafana/next
-        allow_no_changes: 'true'
-    - shell: bash
-      run: |
-        test -n "${{ steps.publish.outputs.commit_hash }}"
-        test -n "${{ steps.publish.outputs.working_directory }}"

.github/workflows/sbom-report.yml

@@ -0,0 +1,20 @@
+name: syft-sbom-ci
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  syft-sbom:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+        
+    - name: Anchore SBOM Action
+      uses: anchore/sbom-action@v0.12.0
+      with:
+         artifact-name: ${{ github.event.repository.name }}-spdx.json
+

.github/workflows/stale.yml

@@ -7,7 +7,7 @@ jobs:
   stale:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@v5
+      - uses: actions/stale@v6
         with:
           repo-token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
           # Number of days of inactivity before a stale Issue or Pull Request is closed.

.github/workflows/update-changelog.yml

@@ -4,18 +4,7 @@ on:
     inputs:
       version:
         required: true
-        description: Needs to match, exactly, the name of a milestone
-  workflow_call:
-    inputs:
-      version_call:
-        description: Needs to match, exactly, the name of a milestone
-        required: true
-        type: string
-    secrets:
-        token:
-          required: true
-        metricsWriteAPIKey:
-          required: true
+        description: 'Needs to match, exactly, the name of a milestone. The version to be released please respect: major.minor.patch or major.minor.patch-beta<number> format. example: 7.4.3 or 7.4.3-beta1'
 jobs:
   main:
     runs-on: ubuntu-latest
@@ -28,16 +17,8 @@ jobs:
           ref: main
       - name: Install Actions
         run: npm install --production --prefix ./actions
-      - name: Run update changelog (manually invoked)
-        if: ${{ github.event.inputs.version != '' }}
+      - name: Run update changelog (manually invoked)        
         uses: ./actions/update-changelog
         with:
           token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
           metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
-      - name: Run update changelog (workflow invoked)
-        if: ${{ inputs.version_call != '' }}
-        uses: ./actions/update-changelog
-        with:
-          version_call: ${{ inputs.version_call }}
-          token: ${{ secrets.token }}
-          metricsWriteAPIKey: ${{ secrets.metricsWriteAPIKey }}

.gitignore

@@ -40,6 +40,8 @@ tsconfig.tsbuildinfo
 # Enterprise devenv
 /devenv/docker/blocks/grafana-enterprise
 /devenv/docker/blocks/saml-enterprise
+# This is the new place of the block, but I leave the previous here for a while
+/devenv/docker/blocks/auth/saml-enterprise
 
 /tmp
 tools/phantomjs/phantomjs
@@ -59,6 +61,7 @@ public/css/*.min.css
 *.sublime-workspace
 *.swp
 .idea/
+.fleet/
 *.iml
 *.tmp
 .DS_Store
@@ -73,7 +76,9 @@ public/css/*.min.css
 
 # devenv
 /devenv/docker-compose.yaml
+/devenv/docker-compose.override.yaml
 /devenv/.env
+/devenv/docker/blocks/tempo/tempo-data/
 
 conf/custom.ini
 /conf/provisioning/**/custom.yaml
@@ -118,12 +123,21 @@ pkg/cmd/grafana-server/__debug_bin
 
 /scripts/build/release_publisher/release_publisher
 *.patch
+!.yarn/patches/*.patch
 
 # Ignoring frontend packages specifics
+/packages/grafana-ui/.yarn/.cache
 /packages/**/dist
 /packages/**/compiled
 /packages/**/.rpt2_cache
 /packages/**/tsdoc-metadata.json
+/packages/**/package.tgz
+/packages/grafana-toolkit/sass
+## CI places the packages in a different location
+/npm-artifacts/*.tgz
+
+# Ignore frontend build manifest
+manifest.json
 
 # Ignore go local build dependencies
 /scripts/go/bin/**
@@ -156,15 +170,13 @@ compilation-stats.json
 # auto generated frontend docs
 /docs/sources/packages_api
 
-# auto generated Go files
-*_gen.go
-!pkg/services/featuremgmt/toggles_gen.go
-!pkg/coremodel/**/*_gen.go
-!pkg/framework/**/*_gen.go
+# wire generated files
+**/wire_gen.go
 
-# Auto-generated localisation files
+# Auto-generated internationalization files
 public/locales/_build/
-public/locales/**/*.js
+public/locales/*/*.js
+public/locales/*/grafana_old.json
 
 deployment_tools_config.json
 

.golangci.toml

@@ -0,0 +1,145 @@
+[run]
+timeout = "10m"
+
+[linters-settings.goconst]
+min-len = 5
+min-occurrences = 5
+
+[linters-settings.exhaustive]
+default-signifies-exhaustive = true
+
+[linters-settings.revive]
+ignore-generated-header = false
+severity = "warning"
+confidence = 3
+
+[linters-settings.depguard]
+list-type = "blacklist"
+include-go-root = true
+packages = ["io/ioutil"]
+[[linters-settings.depguard.packages-with-error-message]]
+"io/ioutil" = "Deprecated: As of Go 1.16, the same functionality is now provided by package io or package os, and those implementations should be preferred in new code. See the specific function documentation for details."
+
+[linters-settings.gocritic]
+enabled-checks = ["ruleguard"]
+[linters-settings.gocritic.settings.ruleguard]
+rules = "pkg/ruleguard.rules.go"
+
+[linters]
+disable-all = true
+enable = [
+  "bodyclose",
+  "depguard",
+  "dogsled",
+  "errcheck",
+  # "gochecknoinits",
+  "goconst",
+  # "gocritic", # Temporarily disabled on 2022-09-09, running into weird bug "ruleguard: execution error: used Run() with an empty rule set; forgot to call Load() first?"
+  "goimports",
+  "goprintffuncname",
+  "gosec",
+  "gosimple",
+  "govet",
+  "ineffassign",
+  "misspell",
+  "nakedret",
+  "rowserrcheck",
+  "exportloopref",
+  "staticcheck",
+  "stylecheck",
+  "typecheck",
+  "unconvert",
+  "unused",
+  "whitespace",
+  "gocyclo",
+  "exhaustive",
+  "typecheck",
+  "asciicheck",
+  "errorlint",
+  "sqlclosecheck",
+  "revive",
+]
+
+# Disabled linters (might want them later)
+# "unparam"
+
+[issues]
+exclude-use-default = false
+
+# Enable when appropriate
+# Poorly chosen identifier
+[[issues.exclude-rules]]
+linters = ["stylecheck"]
+text = "ST1003"
+
+# Enable when appropriate
+# Dot imports that aren't in external test packages are discouraged.
+[[issues.exclude-rules]]
+linters = ["stylecheck"]
+text = "ST1001"
+
+# Enable when appropriate
+# strings.Title has been deprecated since Go 1.18 and an alternative has been available since Go 1.0: The rule Title uses for word boundaries does not handle Unicode punctuation properly.
+# Use golang.org/x/text/cases instead.
+[[issues.exclude-rules]]
+linters = ["staticcheck"]
+text = "SA1019"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "G108"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "G110"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "G201"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "G202"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "G306"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "401"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "402"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "501"
+
+[[issues.exclude-rules]]
+linters = ["gosec"]
+text = "404"
+
+[[issues.exclude-rules]]
+linters = ["misspell"]
+text = "Unknwon` is a misspelling of `Unknown"
+
+[[issues.exclude-rules]]
+linters = ["errorlint"]
+text = "non-wrapping format verb for fmt.Errorf"
+
+# TODO: Enable
+[[issues.exclude-rules]]
+linters = ["stylecheck"]
+text = "ST1000"
+
+# TODO: Enable
+[[issues.exclude-rules]]
+linters = ["stylecheck"]
+text = "ST1020"
+
+# TODO: Enable
+[[issues.exclude-rules]]
+linters = ["stylecheck"]
+text = "ST1021"

.linguirc

@@ -1,8 +1,8 @@
 {
   "locales": [
-    "en",
-    "fr",
-    "es",
+    "en-US",
+    "fr-FR",
+    "es-ES",
     "pseudo-LOCALE"
   ],
   "catalogs": [
@@ -20,11 +20,11 @@
     }
   ],
   "fallbackLocales": {
-    "pseudo-LOCALE": "en",
-    "default": "en"
+    "pseudo-LOCALE": "en-US",
+    "default": "en-US"
   },
   "pseudoLocale": "pseudo-LOCALE",
-  "sourceLocale": "en",
+  "sourceLocale": "en-US",
   "format": "po",
   "formatOptions": {
     "lineNumbers": false

.pa11yci-pr.conf.js

@@ -1,8 +1,54 @@
+var dashboardSettings = [
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=settings',
+    wait: 500,
+    rootElement: '.main-view',
+    threshold: 0,
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=annotations',
+    wait: 500,
+    rootElement: '.main-view',
+    threshold: 0,
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=templating',
+    wait: 500,
+    rootElement: '.main-view',
+    threshold: 0,
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=links',
+    wait: 500,
+    rootElement: '.main-view',
+    threshold: 0,
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=versions',
+    wait: 500,
+    rootElement: '.main-view',
+    threshold: 0,
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=permissions',
+    wait: 500,
+    rootElement: '.main-view',
+    threshold: 9,
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=dashboard_json',
+    wait: 500,
+    rootElement: '.main-view',
+    threshold: 2,
+  },
+];
+
 var config = {
   defaults: {
     concurrency: 1,
     runners: ['axe'],
     useIncognitoBrowserContext: false,
+    standard: 'WCAG2AA',
     chromeLaunchConfig: {
       args: ['--no-sandbox'],
     },
@@ -16,7 +62,7 @@ var config = {
       url: '${HOST}/login',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 12,
+      threshold: 13,
     },
     {
       url: '${HOST}/login',
@@ -28,7 +74,7 @@ var config = {
         "click element button[aria-label='Login button']",
         "wait for element [aria-label='Skip change password button'] to be visible",
       ],
-      threshold: 13,
+      threshold: 14,
       rootElement: '.main-view',
     },
     {
@@ -42,12 +88,7 @@ var config = {
       rootElement: '.main-view',
       threshold: 0,
     },
-    {
-      url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=settings',
-      wait: 500,
-      rootElement: '.main-view',
-      threshold: 0,
-    },
+    ...dashboardSettings,
     {
       url: '${HOST}/?orgId=1&search=open',
       wait: 500,
@@ -60,49 +101,49 @@ var config = {
       rootElement: '.main-view',
       // the unified alerting promotion alert's content contrast is too low
       // see https://github.com/grafana/grafana/pull/41829
-      threshold: 5,
+      threshold: 6,
     },
     {
       url: '${HOST}/datasources',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 0,
+      threshold: 1,
     },
     {
       url: '${HOST}/org/users',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 0,
+      threshold: 1,
     },
     {
       url: '${HOST}/org/teams',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 0,
+      threshold: 1,
     },
     {
       url: '${HOST}/plugins',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 0,
+      threshold: 1,
     },
     {
       url: '${HOST}/org',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 0,
+      threshold: 1,
     },
     {
       url: '${HOST}/org/apikeys',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 0,
+      threshold: 4,
     },
     {
       url: '${HOST}/dashboards',
       wait: 500,
       rootElement: '.main-view',
-      threshold: 0,
+      threshold: 1,
     },
   ],
 };

.pa11yci.conf.js

@@ -1,8 +1,46 @@
+var dashboardSettings = [
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=settings',
+    wait: 500,
+    rootElement: '.main-view',
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=annotations',
+    wait: 500,
+    rootElement: '.main-view',
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=templating',
+    wait: 500,
+    rootElement: '.main-view',
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=links',
+    wait: 500,
+    rootElement: '.main-view',
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=versions',
+    wait: 500,
+    rootElement: '.main-view',
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=permissions',
+    wait: 500,
+    rootElement: '.main-view',
+  },
+  {
+    url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=dashboard_json',
+    wait: 500,
+    rootElement: '.main-view',
+  },
+];
 var config = {
   defaults: {
     concurrency: 1,
     runners: ['axe'],
     useIncognitoBrowserContext: false,
+    standard: 'WCAG2AA',
     chromeLaunchConfig: {
       args: ['--no-sandbox'],
     },
@@ -38,11 +76,7 @@ var config = {
       wait: 500,
       rootElement: '.main-view',
     },
-    {
-      url: '${HOST}/d/O6f11TZWk/panel-tests-bar-gauge?orgId=1&editview=settings',
-      wait: 500,
-      rootElement: '.main-view',
-    },
+    ...dashboardSettings,
     {
       url: '${HOST}/?orgId=1&search=open',
       wait: 500,

.prettierignore

@@ -18,10 +18,15 @@ vendor
 # TS generate from cue by cuetsy
 **/*.gen.ts
 
-# Auto-generated localisation files
+# Auto-generated internationalization files
 public/locales/_build/
 public/locales/**/*.js
 
 # Auto-generated theme files
 theme.light.generated.json
 theme.dark.generated.json
+
+# Generated Swagger API specs
+public/api-spec.json
+public/api-merged.json
+public/openapi3.json

.vscode/launch.json

@@ -11,6 +11,13 @@
       "cwd": "${workspaceFolder}",
       "args": ["--homepath", "${workspaceFolder}", "--packaging", "dev"]
     },
+    {
+      "name": "Attach to Chrome",
+      "port": 9222,
+      "request": "attach",
+      "type": "chrome",
+      "webRoot": "${workspaceFolder}"
+    },
     {
       "name": "Debug Jest test",
       "type": "node",

.yarn/sdks/eslint/bin/eslint.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 if (existsSync(absPnpApiPath)) {
   if (!process.versions.pnp) {

.yarn/sdks/eslint/lib/api.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 if (existsSync(absPnpApiPath)) {
   if (!process.versions.pnp) {

.yarn/sdks/eslint/package.json

@@ -1,6 +1,6 @@
 {
   "name": "eslint",
-  "version": "8.17.0-sdk",
+  "version": "8.26.0-sdk",
   "main": "./lib/api.js",
   "type": "commonjs"
 }

.yarn/sdks/integrations.yml

@@ -2,5 +2,5 @@
 # Manual changes might be lost!
 
 integrations:
-  - vscode
   - vim
+  - vscode

.yarn/sdks/prettier/index.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 if (existsSync(absPnpApiPath)) {
   if (!process.versions.pnp) {

.yarn/sdks/prettier/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prettier",
-  "version": "2.6.2-sdk",
+  "version": "2.7.1-sdk",
   "main": "./index.js",
   "type": "commonjs"
 }

.yarn/sdks/typescript/bin/tsc

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 if (existsSync(absPnpApiPath)) {
   if (!process.versions.pnp) {

.yarn/sdks/typescript/bin/tsserver

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 if (existsSync(absPnpApiPath)) {
   if (!process.versions.pnp) {

.yarn/sdks/typescript/lib/tsc.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 if (existsSync(absPnpApiPath)) {
   if (!process.versions.pnp) {

.yarn/sdks/typescript/lib/tsserver.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 const moduleWrapper = tsserver => {
   if (!process.versions.pnp) {

.yarn/sdks/typescript/lib/tsserverlibrary.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 const moduleWrapper = tsserver => {
   if (!process.versions.pnp) {

.yarn/sdks/typescript/lib/typescript.js

@@ -1,13 +1,13 @@
 #!/usr/bin/env node
 
 const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
+const {createRequire} = require(`module`);
 const {resolve} = require(`path`);
 
 const relPnpApiPath = "../../../../.pnp.cjs";
 
 const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
+const absRequire = createRequire(absPnpApiPath);
 
 if (existsSync(absPnpApiPath)) {
   if (!process.versions.pnp) {

.yarn/sdks/typescript/package.json

@@ -1,6 +1,6 @@
 {
   "name": "typescript",
-  "version": "4.6.4-sdk",
+  "version": "4.8.4-sdk",
   "main": "./lib/typescript.js",
   "type": "commonjs"
 }

.yarnrc.yml

@@ -3,41 +3,39 @@ enableTelemetry: false
 nodeLinker: pnp
 
 packageExtensions:
-  "@grafana/slate-react@0.22.10-grafana":
+  '@storybook/addon-docs@6.5.12':
     peerDependencies:
-      slate-react: ">=0.22.0"
-  "@mdx-js/loader@1.6.22":
+      '@babel/core': ^7.0.0
+      '@storybook/manager-webpack5': 6.5.12
+      'webpack': 5.74.0
+  '@storybook/addon-essentials@6.5.12':
     peerDependencies:
-      react: 17.0.1
-  "@storybook/addon-docs@6.4.21":
+      '@storybook/components': 6.5.12
+      '@storybook/core-events': 6.5.12
+      '@storybook/manager-webpack5': 6.5.12
+      '@storybook/theming': 6.5.12
+  '@storybook/core-server@6.5.12':
     peerDependencies:
-      "@storybook/manager-webpack5": 6.4.21
-  "@storybook/addon-essentials@6.4.21":
+      '@babel/core': ^7.0.0
+  '@storybook/core@6.5.12':
     peerDependencies:
-      "@storybook/components": 6.4.21
-      "@storybook/core-events": 6.4.21
-      "@storybook/manager-webpack5": 6.4.21
-      "@storybook/theming": 6.4.21
-  "@storybook/core-server@6.4.21":
+      '@babel/core': ^7.0.0
+      '@storybook/manager-webpack5': 6.5.12
+  '@storybook/csf-tools@6.5.12':
     peerDependencies:
-      "@babel/core": ^7.0.0
-  "@storybook/core@6.4.21":
+      '@babel/core': ^7.0.0
+  '@storybook/mdx2-csf@0.0.3':
+    dependencies:
+      '@babel/types': ^7.14.8
+  '@storybook/react@6.5.12':
     peerDependencies:
-      "@babel/core": ^7.0.0
-      "@storybook/manager-webpack5": 6.4.21
-  "@storybook/csf-tools@6.4.21":
-    peerDependencies:
-      "@babel/core": ^7.0.0
-  "@storybook/react@6.4.21":
-    peerDependencies:
-      "@storybook/manager-webpack5": 6.4.21
+      '@storybook/manager-webpack5': 6.5.12
+  '@storybook/addon-knobs@6.4.0':
+    dependencies:
+      '@storybook/client-api': '*'
   doctrine@3.0.0:
     dependencies:
       assert: 2.0.0
-  moveable@0.30.0:
-    dependencies:
-      "@daybrush/utils": 1.7.0
-      framework-utils: ^1.1.0
   rc-time-picker@3.7.3:
     peerDependencies:
       react: 17.0.1
@@ -49,36 +47,19 @@ packageExtensions:
   react-compat-css-styled@1.0.8:
     dependencies:
       react-simple-compat: 1.2.2
-  react-compat-moveable@0.18.0:
-    dependencies:
-      "@egjs/agent": ^2.2.1
-      "@egjs/children-differ": ^1.0.1
-      "@scena/matrix": 1.1.1
-      css-to-mat: ^1.0.3
-      gesto: ^1.9.0
-      overlap-area: ^1.0.0
-      react-simple-compat: 1.2.2
-    peerDependencies:
-      framework-utils: ^1.1.0
-  react-docgen-typescript-loader@3.7.2:
-    peerDependencies:
-      webpack: 4.41.5
   react-icons@2.2.7:
     peerDependencies:
-      prop-types: "*"
+      prop-types: '*'
   react-resizable@3.0.4:
     peerDependencies:
       react-dom: 17.0.1
-  "@npmcli/run-script@4.1.3":
-    dependencies:
-      which: ^2.0.2
 
 plugins:
   - path: .yarn/plugins/@yarnpkg/plugin-typescript.cjs
-    spec: "@yarnpkg/plugin-typescript"
+    spec: '@yarnpkg/plugin-typescript'
   - path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
-    spec: "@yarnpkg/plugin-interactive-tools"
+    spec: '@yarnpkg/plugin-interactive-tools'
   - path: .yarn/plugins/@yarnpkg/plugin-outdated.cjs
-    spec: "https://mskelton.dev/yarn-outdated/v2"
+    spec: 'https://mskelton.dev/yarn-outdated/v2'
 
-yarnPath: .yarn/releases/yarn-3.2.1.cjs
+yarnPath: .yarn/releases/yarn-3.2.4.cjs

CONTRIBUTING.md

@@ -15,6 +15,8 @@ You can contribute to Grafana in several ways. Here are some examples:
 - Organize meetups and user groups in your local area.
 - Help others by answering questions about Grafana.
 
+**Please note:** We do not currently accept contributions for translations. Please do not submit pull requests for messages.po files - they will be rejected.
+
 For more ways to contribute, check out the [Open Source Guides](https://opensource.guide/how-to-contribute/).
 
 ### Report bugs

Dockerfile

@@ -20,14 +20,13 @@ COPY emails emails
 ENV NODE_ENV production
 RUN yarn build
 
-FROM golang:1.17.11-alpine3.15 as go-builder
+FROM golang:1.19.4-alpine3.15 as go-builder
 
 RUN apk add --no-cache gcc g++ make
 
 WORKDIR /grafana
 
 COPY go.mod go.sum embed.go Makefile build.go package.json ./
-COPY cue cue
 COPY packages/grafana-schema packages/grafana-schema
 COPY public/app/plugins public/app/plugins
 COPY public/api-spec.json public/api-spec.json
@@ -40,7 +39,7 @@ RUN go mod verify
 RUN make build-go
 
 # Final stage
-FROM alpine:3.15
+FROM alpine:3.15.6
 
 LABEL maintainer="Grafana team <hello@grafana.com>"
 
@@ -58,8 +57,6 @@ ENV PATH="/usr/share/grafana/bin:$PATH" \
 WORKDIR $GF_PATHS_HOME
 
 RUN apk add --no-cache ca-certificates bash tzdata musl-utils
-RUN apk add --no-cache openssl ncurses-libs ncurses-terminfo-base --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main
-RUN apk upgrade ncurses-libs ncurses-terminfo-base --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main
 RUN apk info -vv | sort
 
 COPY conf ./conf
@@ -76,6 +73,7 @@ RUN export GF_GID_NAME=$(getent group $GF_GID | cut -d':' -f1) && \
   "$GF_PATHS_PROVISIONING/notifiers" \
   "$GF_PATHS_PROVISIONING/plugins" \
   "$GF_PATHS_PROVISIONING/access-control" \
+  "$GF_PATHS_PROVISIONING/alerting" \
   "$GF_PATHS_LOGS" \
   "$GF_PATHS_PLUGINS" \
   "$GF_PATHS_DATA" && \

Dockerfile.ubuntu

@@ -21,7 +21,7 @@ COPY emails emails
 ENV NODE_ENV production
 RUN yarn build
 
-FROM golang:1.17.11 AS go-builder
+FROM golang:1.19.4 AS go-builder
 
 WORKDIR /src/grafana
 
@@ -29,7 +29,6 @@ COPY go.mod go.sum embed.go ./
 COPY Makefile build.go package.json ./
 COPY .bingo .bingo
 COPY pkg pkg/
-COPY cue cue/
 COPY cue.mod cue.mod/
 COPY packages/grafana-schema packages/grafana-schema/
 COPY public/app/plugins public/app/plugins/
@@ -69,6 +68,7 @@ RUN mkdir -p "$GF_PATHS_HOME/.aws" && \
              "$GF_PATHS_PROVISIONING/notifiers" \
              "$GF_PATHS_PROVISIONING/plugins" \
              "$GF_PATHS_PROVISIONING/access-control" \
+             "$GF_PATHS_PROVISIONING/alerting" \
              "$GF_PATHS_LOGS" \
              "$GF_PATHS_PLUGINS" \
              "$GF_PATHS_DATA" && \

LICENSING.md

@@ -17,10 +17,14 @@ packages/grafana-toolkit/
 packages/grafana-ui/
 packages/jaeger-ui-components/
 packaging/
-pkg/coremodel/
-pkg/framework/coremodel/
+kinds/
+pkg/kinds/
+pkg/kindsys/
+pkg/registry/corekind/
 grafana-mixin/
-cue/
+public/app/plugins/datasource/tempo
+public/img/icons/solid/
+public/img/icons/unicons/
 ```
 
 The following directories and their subdirectories are licensed under their original upstream licenses:

Makefile

@@ -12,7 +12,6 @@ include .bingo/Variables.mk
 GO = go
 GO_FILES ?= ./pkg/...
 SH_FILES ?= $(shell find ./scripts -name *.sh)
-API_DEFINITION_FILES = $(shell find ./pkg/api/docs/definitions -name '*.go' -print)
 GO_BUILD_FLAGS += $(if $(GO_BUILD_DEV),-dev)
 GO_BUILD_FLAGS += $(if $(GO_BUILD_TAGS),-build-tags=$(GO_BUILD_TAGS))
 
@@ -39,27 +38,36 @@ NGALERT_SPEC_TARGET = pkg/services/ngalert/api/tooling/api.json
 $(NGALERT_SPEC_TARGET):
 	+$(MAKE) -C pkg/services/ngalert/api/tooling api.json
 
-$(MERGED_SPEC_TARGET): $(SPEC_TARGET) $(NGALERT_SPEC_TARGET) ## Merge generated and ngalert API specs
-	go run pkg/api/docs/merge/merge_specs.go -o=$(MERGED_SPEC_TARGET) $(<) $(NGALERT_SPEC_TARGET)
+$(MERGED_SPEC_TARGET): $(SPEC_TARGET) $(NGALERT_SPEC_TARGET) $(SWAGGER) ## Merge generated and ngalert API specs
+	# known conflicts DsPermissionType, AddApiKeyCommand, Json, Duration (identical models referenced by both specs)
+	$(SWAGGER) mixin $(SPEC_TARGET) $(NGALERT_SPEC_TARGET) --ignore-conflicts -o $(MERGED_SPEC_TARGET)
 
---swagger-api-spec: $(API_DEFINITION_FILES) $(SWAGGER) ## Generate API Swagger specification
-	SWAGGER_GENERATE_EXTENSION=false $(SWAGGER) generate spec -m -w pkg/server -o public/api-spec.json \
+$(SPEC_TARGET): $(SWAGGER) ## Generate API Swagger specification
+	SWAGGER_GENERATE_EXTENSION=false $(SWAGGER) generate spec -m -w pkg/server -o $(SPEC_TARGET) \
 	-x "github.com/grafana/grafana/pkg/services/ngalert/api/tooling/definitions" \
 	-x "github.com/prometheus/alertmanager" \
-	-i pkg/api/docs/tags.json
+	-i pkg/api/swagger_tags.json \
+	--exclude-tag=alpha
 
-swagger-api-spec: gen-go --swagger-api-spec $(MERGED_SPEC_TARGET) validate-api-spec
+swagger-api-spec: gen-go $(SPEC_TARGET) $(MERGED_SPEC_TARGET) validate-api-spec
 
 validate-api-spec: $(MERGED_SPEC_TARGET) $(SWAGGER) ## Validate API spec
 	$(SWAGGER) validate $(<)
 
 clean-api-spec:
-	rm $(SPEC_TARGET) $(MERGED_SPEC_TARGET)
+	rm $(SPEC_TARGET) $(MERGED_SPEC_TARGET) $(OAPI_SPEC_TARGET)
+
+##@ OpenAPI 3
+OAPI_SPEC_TARGET = public/openapi3.json
+
+openapi3-gen: swagger-api-spec ## Generates OpenApi 3 specs from the Swagger 2 already generated
+	$(GO) run scripts/openapi3/openapi3conv.go $(MERGED_SPEC_TARGET) $(OAPI_SPEC_TARGET)
 
 ##@ Building
-
 gen-cue: ## Do all CUE/Thema code generation
 	@echo "generate code from .cue files"
+	go generate ./pkg/plugins/plugindef
+	go generate ./kinds/gen.go
 	go generate ./pkg/framework/coremodel
 	go generate ./public/app/plugins
 
@@ -67,6 +75,9 @@ gen-go: $(WIRE) gen-cue
 	@echo "generate go files"
 	$(WIRE) gen -tags $(WIRE_TAGS) ./pkg/server ./pkg/cmd/grafana-cli/runner
 
+gen-jsonnet:
+	go generate ./devenv/jsonnet
+
 build-go: $(MERGED_SPEC_TARGET) gen-go ## Build all Go binaries.
 	@echo "build go files"
 	$(GO) run build.go $(GO_BUILD_FLAGS) build
@@ -94,9 +105,30 @@ run-frontend: deps-js ## Fetch js dependencies and watch frontend for rebuild
 
 ##@ Testing
 
-test-go: ## Run tests for backend.
-	@echo "test backend"
-	$(GO) test -v ./pkg/...
+.PHONY: test-go
+test-go: test-go-unit test-go-integration
+
+.PHONY: test-go-unit
+test-go-unit: ## Run unit tests for backend with flags.
+	@echo "test backend unit tests"
+	$(GO) test -short -covermode=atomic -timeout=30m ./pkg/...
+
+.PHONY: test-go-integration
+test-go-integration: ## Run integration tests for backend with flags.
+	@echo "test backend integration tests"
+	$(GO) test -run Integration -covermode=atomic -timeout=30m ./pkg/...
+
+.PHONY: test-go-integration-postgres
+test-go-integration-postgres: devenv-postgres ## Run integration tests for postgres backend with flags.
+	@echo "test backend integration postgres tests"
+	$(GO) clean -testcache
+	$(GO) list './pkg/...' | xargs -I {} sh -c 'GRAFANA_TEST_DB=postgres go test -run Integration -covermode=atomic -timeout=2m {}'
+
+.PHONY: test-go-integration-mysql
+test-go-integration-mysql: devenv-mysql ## Run integration tests for mysql backend with flags.
+	@echo "test backend integration mysql tests"
+	$(GO) clean -testcache
+	$(GO) list './pkg/...' | xargs -I {} sh -c 'GRAFANA_TEST_DB=mysql go test -run Integration -covermode=atomic -timeout=2m {}'
 
 test-js: ## Run tests for frontend.
 	@echo "test frontend"
@@ -108,7 +140,7 @@ test: test-go test-js ## Run all tests.
 golangci-lint: $(GOLANGCI_LINT)
 	@echo "lint via golangci-lint"
 	$(GOLANGCI_LINT) run \
-		--config ./conf/.golangci.toml \
+		--config .golangci.toml \
 		$(GO_FILES)
 
 lint-go: golangci-lint ## Run all code checks for backend. You can use GO_FILES to specify exact files to check
@@ -132,7 +164,7 @@ build-docker-full-ubuntu: ## Build Docker image based on Ubuntu for development.
 ##@ Services
 
 # create docker-compose file with provided sources and start them
-# example: make devenv sources=postgres,openldap
+# example: make devenv sources=postgres,auth/openldap
 ifeq ($(sources),)
 devenv:
 	@printf 'You have to define sources for this command \nexample: make devenv sources=postgres,openldap\n'
@@ -153,6 +185,14 @@ devenv-down: ## Stop optional services.
 	test -f docker-compose.yaml && \
 	docker-compose down || exit 0;
 
+devenv-postgres:
+	@cd devenv; \
+	sources=postgres_tests
+
+devenv-mysql:
+	@cd devenv; \
+	sources=mysql_tests
+
 ##@ Helpers
 
 # We separate the protobuf generation because most development tasks on

README.md

@@ -18,7 +18,7 @@ Grafana allows you to query, visualize, alert on and understand your metrics no
 ## Get started
 
 - [Get Grafana](https://grafana.com/get)
-- [Installation guides](http://docs.grafana.org/installation/)
+- [Installation guides](https://grafana.com/docs/grafana/latest/setup-grafana/installation/)
 
 Unsure if Grafana is for you? Watch Grafana in action on [play.grafana.org](https://play.grafana.org/)!
 

api-extractor.json

@@ -1,38 +0,0 @@
-{
-  "$schema": "https://developer.microsoft.com/json-schemas/api-extractor/v7/api-extractor.schema.json",
-  "mainEntryPointFilePath": "<projectFolder>/dist/index.d.ts",
-  "bundledPackages": [],
-  "compiler": {},
-  "apiReport": {
-    "enabled": false
-  },
-  "docModel": {
-    "enabled": true,
-    "apiJsonFilePath": "<projectFolder>/../../reports/docs/<unscopedPackageName>.api.json"
-  },
-  "dtsRollup": {
-    "enabled": false
-  },
-  "tsdocMetadata": {},
-  "messages": {
-    "compilerMessageReporting": {
-      "default": {
-        "logLevel": "warning"
-      }
-    },
-    "extractorMessageReporting": {
-      "default": {
-        "logLevel": "warning"
-      },
-      "ae-internal-missing-underscore": {
-        "logLevel": "none",
-        "addToApiReportFile": false
-      }
-    },
-    "tsdocMessageReporting": {
-      "default": {
-        "logLevel": "warning"
-      }
-    }
-  }
-}

conf/.golangci.toml

@@ -1,134 +0,0 @@
-[run]
-timeout = "10m"
-
-[linters-settings.goconst]
-min-len = 5
-min-occurrences = 5
-
-[linters-settings.exhaustive]
-default-signifies-exhaustive = true
-
-[linters-settings.revive]
-ignore-generated-header = false
-severity = "warning"
-confidence = 3
-
-[linters-settings.gocritic]
-enabled-checks = ["ruleguard"]
-[linters-settings.gocritic.settings.ruleguard]
-rules = "pkg/ruleguard.rules.go"
-
-[linters]
-disable-all = true
-enable = [
-  "bodyclose",
-  "deadcode",
-  "depguard",
-  "dogsled",
-  "errcheck",
-  # "gochecknoinits",
-  "goconst",
-  "gocritic",
-  "goimports",
-  "goprintffuncname",
-  "gosec",
-  "gosimple",
-  "govet",
-  "ineffassign",
-  "misspell",
-  "nakedret",
-  "rowserrcheck",
-  "exportloopref",
-  "staticcheck",
-  "structcheck",
-  "stylecheck",
-  "typecheck",
-  "unconvert",
-  "unused",
-  "varcheck",
-  "whitespace",
-  "gocyclo",
-  "exhaustive",
-  "typecheck",
-  "asciicheck",
-  "errorlint",
-  "sqlclosecheck",
-  "revive",
-]
-
-# Disabled linters (might want them later)
-# "unparam"
-
-[issues]
-exclude-use-default = false
-
-# Enable when appropriate
-# Poorly chosen identifier
-[[issues.exclude-rules]]
-linters = ["stylecheck"]
-text = "ST1003"
-
-# Enable when appropriate
-# Dot imports that aren't in external test packages are discouraged.
-[[issues.exclude-rules]]
-linters = ["stylecheck"]
-text = "ST1001"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "G108"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "G110"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "G201"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "G202"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "G306"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "401"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "402"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "501"
-
-[[issues.exclude-rules]]
-linters = ["gosec"]
-text = "404"
-
-[[issues.exclude-rules]]
-linters = ["misspell"]
-text = "Unknwon` is a misspelling of `Unknown"
-
-[[issues.exclude-rules]]
-linters = ["errorlint"]
-text = "non-wrapping format verb for fmt.Errorf"
-
-# TODO: Enable
-[[issues.exclude-rules]]
-linters = ["stylecheck"]
-text = "ST1000"
-
-# TODO: Enable
-[[issues.exclude-rules]]
-linters = ["stylecheck"]
-text = "ST1020"
-
-# TODO: Enable
-[[issues.exclude-rules]]
-linters = ["stylecheck"]
-text = "ST1021"

conf/defaults.ini

@@ -66,6 +66,15 @@ enable_gzip = false
 cert_file =
 cert_key =
 
+# Unix socket gid
+# Changing the gid of a file without privileges requires that the target group is in the group of the process and that the process is the file owner
+# It is recommended to set the gid as http server user gid
+# Not set when the value is -1
+socket_gid = -1
+
+# Unix socket mode
+socket_mode = 0660
+
 # Unix socket path
 socket = /tmp/grafana.sock
 
@@ -125,9 +134,15 @@ path = grafana.db
 # For "sqlite3" only. cache mode setting used for connecting to the database
 cache_mode = private
 
-# For "mysql" only if lockingMigration feature toggle is set. How many seconds to wait before failing to lock the database for the migrations, default is 0.
+# For "mysql" only if migrationLocking feature toggle is set. How many seconds to wait before failing to lock the database for the migrations, default is 0.
 locking_attempt_timeout_sec = 0
 
+# For "sqlite" only. How many times to retry query in case of database is locked failures. Default is 0 (disabled).
+query_retries = 0
+
+# For "sqlite" only. How many times to retry transaction in case of database is locked failures. Default is 5.
+transaction_retries = 5
+
 #################################### Cache server #############################
 [remote_cache]
 # Either "redis", "memcached" or "database" default is "database"
@@ -212,6 +227,12 @@ check_for_plugin_updates = true
 # Google Analytics universal tracking code, only enabled if you specify an id here
 google_analytics_ua_id =
 
+# Google Analytics 4 tracking code, only enabled if you specify an id here
+google_analytics_4_id =
+
+# When Google Analytics 4 Enhanced event measurement is enabled, we will try to avoid sending duplicate events and let Google Analytics 4 detect navigation changes, etc.
+google_analytics_4_send_manual_page_views = false
+
 # Google Tag Manager ID, only enabled if you specify an id here
 google_tag_manager_id =
 
@@ -247,6 +268,9 @@ admin_user = admin
 # default admin password, can be changed before first start of grafana, or in profile settings
 admin_password = admin
 
+# default admin email, created on startup
+admin_email = admin@localhost
+
 # used for signing
 secret_key = SW2YcwTIb9zpOOhoPsMm
 
@@ -403,6 +427,9 @@ hidden_users =
 # Login cookie name
 login_cookie_name = grafana_session
 
+# Disable usage of Grafana build-in login solution.
+disable_login = false
+
 # The maximum lifetime (duration) an authenticated user can be inactive before being required to login at next visit. Default is 7 days (7d). This setting should be expressed as a duration, e.g. 5m (minutes), 6h (hours), 10d (days), 2w (weeks), 1M (month). The lifetime resets at each successful token rotation (token_rotation_interval_minutes).
 login_maximum_inactive_lifetime_duration =
 
@@ -440,6 +467,9 @@ sigv4_auth_enabled = false
 # Set to true to enable verbose logging of SigV4 request signing
 sigv4_verbose_logging = false
 
+# Set to true to enable Azure authentication option for HTTP-based datasources
+azure_auth_enabled = false
+
 #################################### Anonymous Auth ######################
 [auth.anonymous]
 # enable anonymous access
@@ -467,6 +497,9 @@ api_url = https://api.github.com/user
 allowed_domains =
 team_ids =
 allowed_organizations =
+role_attribute_path =
+role_attribute_strict = false
+allow_assign_grafana_admin = false
 
 #################################### GitLab Auth #########################
 [auth.gitlab]
@@ -482,6 +515,7 @@ allowed_domains =
 allowed_groups =
 role_attribute_path =
 role_attribute_strict = false
+allow_assign_grafana_admin = false
 
 #################################### Google Auth #########################
 [auth.google]
@@ -527,6 +561,8 @@ token_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
 allowed_domains =
 allowed_groups =
 role_attribute_strict = false
+allow_assign_grafana_admin = false
+force_use_graph_api = false
 
 #################################### Okta OAuth #######################
 [auth.okta]
@@ -544,6 +580,7 @@ allowed_domains =
 allowed_groups =
 role_attribute_path =
 role_attribute_strict = false
+allow_assign_grafana_admin = false
 
 #################################### Generic OAuth #######################
 [auth.generic_oauth]
@@ -576,7 +613,8 @@ tls_client_cert =
 tls_client_key =
 tls_client_ca =
 use_pkce = false
-auth_style = 
+auth_style =
+allow_assign_grafana_admin = false
 
 #################################### Basic Auth ##########################
 [auth.basic]
@@ -597,21 +635,27 @@ enable_login_token = false
 #################################### Auth JWT ##########################
 [auth.jwt]
 enabled = false
+enable_login_token = false
 header_name =
 email_claim =
 username_claim =
 jwk_set_url =
 jwk_set_file =
 cache_ttl = 60m
-expected_claims = {}
+expect_claims = {}
 key_file =
+role_attribute_path =
+role_attribute_strict = false
 auto_sign_up = false
+url_login = false
+allow_assign_grafana_admin = false
 
 #################################### Auth LDAP ###########################
 [auth.ldap]
 enabled = false
 config_file = /etc/grafana/ldap.toml
 allow_sign_up = true
+skip_org_role_sync = false
 
 # LDAP background sync (Enterprise only)
 # At 1 am every day
@@ -649,8 +693,7 @@ managed_identity_client_id =
 
 #################################### Role-based Access Control ###########
 [rbac]
-enabled = true
-# If enabled, cache permissions in a in memory cache (Enterprise only)
+# If enabled, cache permissions in a in memory cache
 permission_cache = true
 
 #################################### SMTP / Emailing #####################
@@ -762,7 +805,7 @@ instrumentations_console_enabled = false
 instrumentations_webvitals_enabled = false
 
 # Api Key, only applies to Grafana Javascript Agent provider
-api_key = 
+api_key =
 
 #################################### Usage Quotas ########################
 [quota]
@@ -805,6 +848,9 @@ global_session = -1
 # global limit of alerts
 global_alert_rule = -1
 
+# global limit of files uploaded to the SQL DB
+global_file = 1000
+
 #################################### Unified Alerting ####################
 [unified_alerting]
 # Enable the Unified Alerting sub-system and interface. When enabled we'll migrate all of your alert rules and notification channels to the new system. New alert rules will be created and your notification channels will be converted into an Alertmanager configuration. Previous data is preserved to enable backwards compatibility but new data is removed when switching. When this configuration section and flag are not defined, the state is defined at runtime. See the documentation for more details.
@@ -861,8 +907,8 @@ max_attempts = 3
 min_interval = 10s
 
 [unified_alerting.screenshots]
-# Enable screenshots in notifications. This option requires a remote HTTP image rendering service. Please
-# see [rendering] for further configuration options.
+# Enable screenshots in notifications. This option requires the Grafana Image Renderer plugin.
+# For more information on configuration options, refer to [rendering].
 capture = false
 
 # The maximum number of screenshots that can be taken at the same time. This option is different from
@@ -876,6 +922,11 @@ max_concurrent_screenshots = 5
 # screenshots will be persisted to disk for up to temp_data_lifetime.
 upload_external_image_storage = false
 
+[unified_alerting.reserved_labels]
+# Comma-separated list of reserved labels added by the Grafana Alerting engine that should be disabled.
+# For example: `disabled_labels=grafana_folder`
+disabled_labels =
+
 #################################### Alerting ############################
 [alerting]
 # Enable the legacy alerting sub-system and interface. If Unified Alerting is already enabled and you try to go back to legacy alerting, all data that is part of Unified Alerting will be deleted. When this configuration section and flag are not defined, the state is defined at runtime. See the documentation for more details.
@@ -918,6 +969,10 @@ max_annotations_to_keep =
 # Configures the batch size for the annotation clean-up job. This setting is used for dashboard, API, and alert annotations.
 cleanupjob_batchsize = 100
 
+# Enforces the maximum allowed length of the tags for any newly introduced annotations. It can be between 500 and 4096 inclusive (which is the respective's column length). Default value is 500.
+# Setting it to a higher value would impact performance therefore is not recommended.
+tags_length = 500
+
 [annotations.dashboard]
 # Dashboard annotations means that annotations are associated with the dashboard they are created on.
 
@@ -1015,6 +1070,11 @@ zipkin_propagation = false
 # Not disabling is the most common setting when using Zipkin elsewhere in your infrastructure.
 disable_shared_zipkin_spans = false
 
+[tracing.opentelemetry]
+
+# attributes that will always be included in when creating new spans. ex (key1:value1,key2:value2)
+custom_attributes =
+
 [tracing.opentelemetry.jaeger]
 # jaeger destination (ex http://localhost:14268/api/traces)
 address =
@@ -1061,6 +1121,7 @@ signed_url_expiration =
 account_name =
 account_key =
 container_name =
+sas_token_expiration_days =
 
 [external_image_storage.local]
 # does not require any configuration
@@ -1071,9 +1132,16 @@ container_name =
 server_url =
 # If the remote HTTP image renderer service runs on a different server than the Grafana server you may have to configure this to a URL where Grafana is reachable, e.g. http://grafana.domain/.
 callback_url =
+# An auth token that will be sent to and verified by the renderer. The renderer will deny any request without an auth token matching the one configured on the renderer side.
+renderer_token = -
 # Concurrent render request limit affects when the /render HTTP endpoint is used. Rendering many images at the same time can overload the server,
 # which this setting can help protect against by only allowing a certain amount of concurrent requests.
 concurrent_render_request_limit = 30
+# Determines the lifetime of the render key used by the image renderer to access and render Grafana.
+# This setting should be expressed as a duration. Examples: 10s (seconds), 5m (minutes), 2h (hours). 
+# Default is 5m. This should be more than enough for most deployments.
+# Change the value only if image rendering is failing and you see `Failed to get the render key from cache` in Grafana logs.
+render_key_lifetime = 5m
 
 [panels]
 # here for to support old env variables, can remove after a few months
@@ -1188,20 +1256,7 @@ license_path =
 # enable = feature1,feature2
 enable =
 
-# The new prometheus visual query builder
-promQueryBuilder = true
-
-# The new loki visual query builder
-lokiQueryBuilder = true
-
-# Experimental Explore to Dashboard workflow
-explore2Dashboard = true
-
-# Experimental Command Palette
-commandPalette = true
-
-# Use dynamic labels in CloudWatch datasource
-cloudWatchDynamicLabels = true
+internationalization = true
 
 # feature1 = true
 # feature2 = false
@@ -1255,3 +1310,47 @@ max_crawl_duration =
 # Minimum interval between two subsequent scheduler runs. Default is 12h.
 # This setting should be expressed as a duration. Examples: 10s (seconds), 1m (minutes).
 scheduler_interval =
+
+
+#################################### Storage ################################################
+
+[storage]
+# Allow uploading SVG files without sanitization.
+allow_unsanitized_svg_upload = false
+
+
+#################################### Search ################################################
+
+[search]
+# Defines the number of dashboards loaded at once in a batch during a full reindex.
+# This is a temporary settings that might be removed in the future.
+dashboard_loading_batch_size = 200
+
+# Defines the frequency of a full search reindex.
+# This is a temporary settings that might be removed in the future.
+full_reindex_interval = 5m
+
+# Defines the frequency of partial index updates based on recent changes such as dashboard updates.
+# This is a temporary settings that might be removed in the future.
+index_update_interval = 10s
+
+
+# Move an app plugin referenced by its id (including all its pages) to a specific navigation section
+# Dependencies: needs the `topnav` feature to be enabled
+# Format: <Plugin ID> = <Section ID> <Sort Weight>
+[navigation.app_sections]
+
+# Move a specific app plugin page (referenced by its `path` field) to a specific navigation section
+# Format: <Page URL> = <Section ID> <Sort Weight>
+[navigation.app_standalone_pages]
+
+
+#################################### Secure Socks5 Datasource Proxy #####################################
+[secure_socks_datasource_proxy]
+enabled = false
+root_ca_cert =
+client_key =
+client_cert =
+server_name =
+# The address of the socks5 proxy datasources should connect to
+proxy_address =

conf/ldap.toml

@@ -24,6 +24,11 @@ bind_dn = "cn=admin,dc=grafana,dc=org"
 # Search user bind password
 # If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
 bind_password = 'grafana'
+# We recommend using variable expansion for the bind_password, for more info https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#variable-expansion
+# bind_password = '$__env{LDAP_BIND_PASSWORD}'
+
+# Timeout in seconds (applies to each host specified in the 'host' entry (space separated))
+timeout = 10
 
 # User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(uid=%s)"
 search_filter = "(cn=%s)"
@@ -55,7 +60,7 @@ org_role = "Admin"
 # org_id = 1
 
 [[servers.group_mappings]]
-group_dn = "cn=users,ou=groups,dc=grafana,dc=org"
+group_dn = "cn=editors,ou=groups,dc=grafana,dc=org"
 org_role = "Editor"
 
 [[servers.group_mappings]]

conf/provisioning/access-control/sample.yaml

@@ -19,9 +19,9 @@
 #       # <string, required> action allowed.
 #       - action: 'users:read'
 #         #<string> scope it applies to.
-#         scope: 'users:*'
+#         scope: 'global.users:*'
 #       - action: 'users:write'
-#         scope: 'users:*'
+#         scope: 'global.users:*'
 #       - action: 'users:create'
 #   - name: 'custom:global:users:reader'
 #     # <bool> overwrite org id and creates a global role.
@@ -42,9 +42,9 @@
 #     # <list> list of the permissions to add/remove on top of the copied ones.
 #     permissions:
 #       - action: 'users:read'
-#         scope: 'users:*'
+#         scope: 'global.users:*'
 #       - action: 'users:write'
-#         scope: 'users:*'
+#         scope: 'global.users:*'
 #         # <string> state of the permission. Defaults to 'present'. If 'absent', the permission will be removed.
 #         state: absent
 

conf/provisioning/alerting/sample.yaml

@@ -0,0 +1,187 @@
+# # config file version
+apiVersion: 1
+
+# # List of rule groups to import or update
+# groups:
+#     # <int> organization ID, default = 1
+#   - orgId: 1
+#     # <string, required> name of the rule group
+#     name: my_rule_group
+#     # <string, required> name of the folder the rule group will be stored in
+#     folder: my_first_folder
+#     # <duration, required> interval of the rule group evaluation
+#     interval: 60s
+#     # <list, required> list of rules that are part of the rule group  
+#     rules:
+#       # <string, required> unique identifier for the rule
+#     - uid: my_id_1
+#       # <string, required> title of the rule, will be displayed in the UI
+#       title: my_first_rule
+#       # <string, required> query used for the condition
+#       condition: A
+#       # <list, required> list of query objects that should be executed on each
+#       #                  evaluation - should be obtained via the API
+#       data:
+#       - refId: A
+#         datasourceUid: "-100"
+#         model:
+#           conditions:
+#           - evaluator:
+#               params:
+#               - 3
+#               type: gt
+#             operator:
+#               type: and
+#             query:
+#               params:
+#               - A
+#             reducer:
+#               type: last
+#             type: query
+#           datasource:
+#             type: __expr__
+#             uid: "-100"
+#           expression: 1==0
+#           intervalMs: 1000
+#           maxDataPoints: 43200
+#           refId: A
+#           type: math
+#       # <string> UID of a dashboard that the alert rule should be linked to
+#       dashboardUid: my_dashboard
+#       # <int> ID of the panel that the alert rule should be linked to
+#       panelId: 123
+#       # <string> state of the alert rule when no data is returned
+#       #          possible values: "NoData", "Alerting", "OK", default = NoData
+#       noDataState: Alerting
+#       # <string> state of the alert rule when the query execution 
+#       #          fails - possible values: "Error", "Alerting", "OK"
+#       #          default = Alerting
+#       executionErrorState: Alerting
+#       # <duration, required> how long the alert condition should be breached before Firing. Before this time has elapsed, the alert is considered to be Pending
+#       for: 60s
+#       # <map<string, string>> map of strings to attach arbitrary custom data
+#       annotations:
+#         some_key: some_value
+#       # <map<string, string> map of strings to filter and 
+#       #                      route alerts
+#       labels:
+#         team: sre_team_1
+
+# # List of alert rule UIDs that should be deleted
+# deleteRules:
+#    # <int> organization ID, default = 1
+#  - orgId: 1
+#    # <string, required> unique identifier for the rule
+#    uid: my_id_1
+
+# # List of contact points to import or update
+# contactPoints:
+#     # <int> organization ID, default = 1
+#   - orgId: 1
+#     # <string, required> name of the contact point
+#     name: cp_1
+#     receivers:
+#       # <string, required> unique identifier for the receiver
+#     - uid: first_uid
+#       # <string, required> type of the receiver
+#       type: prometheus-alertmanager
+#       # <object, required> settings for the specific receiver type
+#       settings:
+#         url: http://test:9000
+
+# # List of receivers that should be deleted
+# deleteContactPoints:
+# - orgId: 1
+#   uid: first_uid
+
+# # List of notification policies to import or update
+# policies:
+#     # <int> organization ID, default = 1
+#   - orgId: 1
+#     # <string> name of the receiver that should be used for this route
+#     receiver: grafana-default-email
+#     # <list<string>> The labels by which incoming alerts are grouped together. For example,
+#     #        multiple alerts coming in for cluster=A and alertname=LatencyHigh would
+#     #        be batched into a single group.
+#     # 
+#     #        To aggregate by all possible labels, use the special value '...' as
+#     #        the sole label name, for example:
+#     #        group_by: ['...']
+#     #        This effectively disables aggregation entirely, passing through all
+#     #        alerts as-is. This is unlikely to be what you want, unless you have
+#     #        a very low alert volume or your upstream notification system performs
+#     #        its own grouping.
+#     group_by:
+#     - grafana_folder
+#     - alertname
+#     # <list> a list of matchers that an alert has to fulfill to match the node
+#     matchers:
+#     - alertname = Watchdog
+#     - severity =~ "warning|critical"
+#     # <list> Times when the route should be muted. These must match the name of a
+#     #        mute time interval.
+#     #        Additionally, the root node cannot have any mute times.
+#     #        When a route is muted it will not send any notifications, but
+#     #        otherwise acts normally (including ending the route-matching process
+#     #        if the `continue` option is not set)
+#     mute_time_intervals:
+#     - abc
+#     # <duration> How long to initially wait to send a notification for a group
+#     #            of alerts. Allows to collect more initial alerts for the same group. 
+#     #            (Usually ~0s to few minutes), default = 30s
+#     group_wait: 30s
+#     # <duration> How long to wait before sending a notification about new alerts that
+#     #            are added to a group of alerts for which an initial notification has
+#     #            already been sent. (Usually ~5m or more), default = 5m
+#     group_interval: 5m
+#     # <duration>  How long to wait before sending a notification again if it has already
+#     #             been sent successfully for an alert. (Usually ~3h or more), default = 4h
+#     repeat_interval: 4h
+#     # <list> Zero or more child routes
+#     routes: 
+#     ...
+
+# # List of orgIds that should be reset to the default policy
+# resetPolicies:
+# - 1
+
+# # List of templates to import or update
+# templates:
+#     # <int> organization ID, default = 1
+#   - orgID: 1
+#     # <string, required> name of the template, must be unique
+#     name: my_first_template
+#     # <string, required> content of the the template
+#     template: Alerting with a custome text template
+
+# # List of templates that should be deleted
+# deleteTemplates:
+#    # <int> organization ID, default = 1
+#  - orgId: 1
+#    # <string, required> name of the template, must be unique
+#    name: my_first_template
+
+
+# # List of mute time intervals to import or update
+# muteTimes:
+#   # <int> organization ID, default = 1
+# - orgId: 1
+#   # <string, required> name of the mute time interval, must be unique
+#   name: mti_1
+#   # <list> time intervals that should trigger the muting
+#            refer to https://prometheus.io/docs/alerting/latest/configuration/#time_interval-0
+#   time_intervals:
+#    - times:
+#      - start_time: '06:00'
+#        end_time: '23:59'
+#      weekdays: ['monday:wednesday','saturday', 'sunday']
+#      months: ['1:3', 'may:august', 'december']
+#      years: ['2020:2022', '2030']
+#      days_of_month: ['1:5', '-3:-1']
+
+# # List of mute time intervals that should be deleted
+# deleteMuteTimes:
+#   # <int> organization ID, default = 1
+# - orgId: 1
+#   # <string, required> name of the mute time interval, must be unique
+#   name: mti_1

conf/sample.ini

@@ -67,6 +67,15 @@
 ;cert_file =
 ;cert_key =
 
+# Unix socket gid
+# Changing the gid of a file without privileges requires that the target group is in the group of the process and that the process is the file owner
+# It is recommended to set the gid as http server user gid
+# Not set when the value is -1
+;socket_gid =
+
+# Unix socket mode
+;socket_mode =
+
 # Unix socket path
 ;socket =
 
@@ -94,7 +103,8 @@
 # Example: mysql://user:secret@host:port/database
 ;url =
 
-# For "postgres" only, either "disable", "require" or "verify-full"
+# For "postgres", use either "disable", "require" or "verify-full"
+# For "mysql", use either "true", "false", or "skip-verify".
 ;ssl_mode = disable
 
 # Database drivers may support different transaction isolation levels.
@@ -126,9 +136,15 @@
 # For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
 ;cache_mode = private
 
-# For "mysql" only if lockingMigration feature toggle is set. How many seconds to wait before failing to lock the database for the migrations, default is 0.
+# For "mysql" only if migrationLocking feature toggle is set. How many seconds to wait before failing to lock the database for the migrations, default is 0.
 ;locking_attempt_timeout_sec = 0
 
+# For "sqlite" only. How many times to retry query in case of database is locked failures. Default is 0 (disabled).
+;query_retries = 0
+
+# For "sqlite" only. How many times to retry transaction in case of database is locked failures. Default is 5.
+;transaction_retries = 5
+
 ################################### Data sources #########################
 [datasources]
 # Upper limit of data sources that Grafana will return. This limit is a temporary configuration and it will be deprecated when pagination will be introduced on the list data sources API.
@@ -218,6 +234,12 @@
 # Google Analytics universal tracking code, only enabled if you specify an id here
 ;google_analytics_ua_id =
 
+# Google Analytics 4 tracking code, only enabled if you specify an id here
+;google_analytics_4_id =
+
+# When Google Analytics 4 Enhanced event measurement is enabled, we will try to avoid sending duplicate events and let Google Analytics 4 detect navigation changes, etc.
+;google_analytics_4_send_manual_page_views = false
+
 # Google Tag Manager ID, only enabled if you specify an id here
 ;google_tag_manager_id =
 
@@ -247,6 +269,9 @@
 # default admin password, can be changed before first start of grafana,  or in profile settings
 ;admin_password = admin
 
+# default admin email, created on startup
+;admin_email = admin@localhost
+
 # used for signing
 ;secret_key = SW2YcwTIb9zpOOhoPsMm
 
@@ -403,6 +428,9 @@
 # Login cookie name
 ;login_cookie_name = grafana_session
 
+# Disable usage of Grafana build-in login solution.
+;disable_login = false
+
 # The maximum lifetime (duration) an authenticated user can be inactive before being required to login at next visit. Default is 7 days (7d). This setting should be expressed as a duration, e.g. 5m (minutes), 6h (hours), 10d (days), 2w (weeks), 1M (month). The lifetime resets at each successful token rotation.
 ;login_maximum_inactive_lifetime_duration =
 
@@ -440,6 +468,9 @@
 # Set to true to enable verbose logging of SigV4 request signing
 ;sigv4_verbose_logging = false
 
+# Set to true to enable Azure authentication option for HTTP-based datasources.
+;azure_auth_enabled = false
+
 #################################### Anonymous Auth ######################
 [auth.anonymous]
 # enable anonymous access
@@ -467,6 +498,9 @@
 ;allowed_domains =
 ;team_ids =
 ;allowed_organizations =
+;role_attribute_path =
+;role_attribute_strict = false
+;allow_assign_grafana_admin = false
 
 #################################### GitLab Auth #########################
 [auth.gitlab]
@@ -480,6 +514,9 @@
 ;api_url = https://gitlab.com/api/v4
 ;allowed_domains =
 ;allowed_groups =
+;role_attribute_path =
+;role_attribute_strict = false
+;allow_assign_grafana_admin = false
 
 #################################### Google Auth ##########################
 [auth.google]
@@ -516,6 +553,7 @@
 ;allowed_domains =
 ;allowed_groups =
 ;role_attribute_strict = false
+;allow_assign_grafana_admin = false
 
 #################################### Okta OAuth #######################
 [auth.okta]
@@ -532,6 +570,7 @@
 ;allowed_groups =
 ;role_attribute_path =
 ;role_attribute_strict = false
+;allow_assign_grafana_admin = false
 
 #################################### Generic OAuth ##########################
 [auth.generic_oauth]
@@ -564,6 +603,7 @@
 ;tls_client_ca =
 ;use_pkce = false
 ;auth_style =
+;allow_assign_grafana_admin = false
 
 #################################### Basic Auth ##########################
 [auth.basic]
@@ -592,15 +632,21 @@
 ;jwk_set_url = https://foo.bar/.well-known/jwks.json
 ;jwk_set_file = /path/to/jwks.json
 ;cache_ttl = 60m
-;expected_claims = {"aud": ["foo", "bar"]}
+;expect_claims = {"aud": ["foo", "bar"]}
 ;key_file = /path/to/key/file
+;role_attribute_path =
+;role_attribute_strict = false
 ;auto_sign_up = false
+;url_login = false
+;allow_assign_grafana_admin = false
 
 #################################### Auth LDAP ##########################
 [auth.ldap]
 ;enabled = false
 ;config_file = /etc/grafana/ldap.toml
 ;allow_sign_up = true
+# prevent synchronizing ldap users organization roles
+;skip_org_role_sync = false
 
 # LDAP background sync (Enterprise only)
 # At 1 am every day
@@ -635,8 +681,6 @@
 
 #################################### Role-based Access Control ###########
 [rbac]
-;enabled = true
-# If enabled, cache permissions in a in memory cache (Enterprise only)
 ;permission_cache = true
 #################################### SMTP / Emailing ##########################
 [smtp]
@@ -847,6 +891,11 @@
 # The interval string is a possibly signed sequence of decimal numbers, followed by a unit suffix (ms, s, m, h, d), e.g. 30s or 1m.
 ;min_interval = 10s
 
+[unified_alerting.reserved_labels]
+# Comma-separated list of reserved labels added by the Grafana Alerting engine that should be disabled.
+# For example: `disabled_labels=grafana_folder`
+;disabled_labels =
+
 #################################### Alerting ############################
 [alerting]
 # Disable legacy alerting engine & UI features
@@ -889,6 +938,10 @@
 # Configures the batch size for the annotation clean-up job. This setting is used for dashboard, API, and alert annotations.
 ;cleanupjob_batchsize = 100
 
+# Enforces the maximum allowed length of the tags for any newly introduced annotations. It can be between 500 and 4096 inclusive (which is the respective's column length). Default value is 500.
+# Setting it to a higher value would impact performance therefore is not recommended.
+;tags_length = 500
+
 [annotations.dashboard]
 # Dashboard annotations means that annotations are associated with the dashboard they are created on.
 
@@ -986,6 +1039,10 @@
 # Not disabling is the most common setting when using Zipkin elsewhere in your infrastructure.
 ;disable_shared_zipkin_spans = false
 
+[tracing.opentelemetry]
+# attributes that will always be included in when creating new spans. ex (key1:value1,key2:value2)
+;custom_attributes = key1:value1,key2:value2
+
 [tracing.opentelemetry.jaeger]
 # jaeger destination (ex http://localhost:14268/api/traces)
 ; address = http://localhost:14268/api/traces
@@ -1029,6 +1086,7 @@
 ;account_name =
 ;account_key =
 ;container_name =
+;sas_token_expiration_days =
 
 [external_image_storage.local]
 # does not require any configuration
@@ -1039,9 +1097,16 @@
 ;server_url =
 # If the remote HTTP image renderer service runs on a different server than the Grafana server you may have to configure this to a URL where Grafana is reachable, e.g. http://grafana.domain/.
 ;callback_url =
+# An auth token that will be sent to and verified by the renderer. The renderer will deny any request without an auth token matching the one configured on the renderer side.
+;renderer_token = -
 # Concurrent render request limit affects when the /render HTTP endpoint is used. Rendering many images at the same time can overload the server,
 # which this setting can help protect against by only allowing a certain amount of concurrent requests.
 ;concurrent_render_request_limit = 30
+# Determines the lifetime of the render key used by the image renderer to access and render Grafana.
+# This setting should be expressed as a duration. Examples: 10s (seconds), 5m (minutes), 2h (hours).
+# Default is 5m. This should be more than enough for most deployments.
+# Change the value only if image rendering is failing and you see `Failed to get the render key from cache` in Grafana logs.
+;render_key_lifetime = 5m
 
 [panels]
 # If set to true Grafana will allow script tags in text panels. Not recommended as it enable XSS vulnerabilities.
@@ -1193,3 +1258,24 @@
 
 # Enable or disable loading other base map layers
 ;enable_custom_baselayers = true
+
+# Move an app plugin referenced by its id (including all its pages) to a specific navigation section
+# Dependencies: needs the `topnav` feature to be enabled
+[navigation.app_sections]
+# The following will move an app plugin with the id of `my-app-id` under the `starred` section
+# my-app-id = admin
+
+# Move a specific app plugin page (referenced by its `path` field) to a specific navigation section
+[navigation.app_standalone_pages]
+# The following will move the page with the path "/a/my-app-id/starred-content" from `my-app-id` to the `starred` section
+# /a/my-app-id/starred-content = starred
+
+#################################### Secure Socks5 Datasource Proxy #####################################
+[secure_socks_datasource_proxy]
+; enabled = false
+; root_ca_cert =
+; client_key =
+; client_cert = 
+; server_name =
+# The address of the socks5 proxy datasources should connect to
+; proxy_address =

contribute/README.md

@@ -11,7 +11,6 @@ This directory contains guides for contributors to the Grafana project.
 The `style-guides` directory contains style guides for the Grafana software project and documentation.
 
 - [Backend style guide](style-guides/backend.md) for how to style and format backend functionality and code.
-- [Documentation style guide](style-guides/documentation-style-guide.md) for how to style and format documentation.
 - [Frontend style guide](style-guides/frontend.md) for how to style and format the user-facing functionality and code.
 - [Redux framework](style-guides/redux.md) for designing the Grafana redux framework.
 - [Themes style guide](style-guides/themes.md) for designing and updating Grafana themes.

contribute/architecture/backend/database.md

@@ -62,7 +62,7 @@ You can now make SQL queries in any of your [command handlers](communication.md#
 
 ```go
 func (s *MyService) DeleteDashboard(ctx context.Context, cmd *models.DeleteDashboardCommand) error {
-    if err := s.SQLStore.WithDbSession(ctx, func(sess *sqlstore.DBSession) error {
+    if err := s.SQLStore.WithDbSession(ctx, func(sess *db.Session) error {
         _, err := sess.Exec("DELETE FROM dashboards WHERE dashboard_id=?", cmd.DashboardID)
         return err
     })

contribute/architecture/backend/errors.md

@@ -29,11 +29,28 @@ Grafana (e.g. `StatusBadRequest` is generally speaking not as relevant
 as `StatusInternal`). All available status codes live in the `errutil`
 package and have names starting with `Status`.
 
-The messageID is constructed as `<servicename>.<error-identifier>` where
+The messageID is constructed as `<servicename>.<errorIdentifier>` where
 the `<servicename>` corresponds to the root service directory per
-[the package hierarchy](package-hierarchy.md) and `<error-identifier>`
-is a short identifier using dashes for word separation that identifies
-the specific category of errors within the service.
+[the package hierarchy](package-hierarchy.md) and `<errorIdentifier>`
+is a camelCased short identifier that identifies the specific category
+of errors within the service.
+
+Errors should be grouped together (i.e. share `errutil.Base`) based on
+their public facing properties, a single messageID should represent a
+translatable string and what metadata is carried with it.
+_service.MissingRequiredFields_ and _service.MessageTooLong_ are likely
+to be two different errors that are both validation failures, as their
+user-friendly expansions are likely different. This is the maximization
+rule of declaring as many `errutil.Error`s as you need public message
+structures.
+
+The other side of this is that even though a login service's
+"user is ratelimited", "user does not exist", "wrong username", and
+"wrong password" are reasonable errors to separate between internally,
+for security reasons the end-user should not be told which particular
+error they struck. This means that they should share the same base (such
+as _login.Failed_). This is the minimization rule of grouping together
+distinct logged errors that provide the same information via the API.
 
 To set a static message sent to the client when the error occurs, the
 `errutil.WithPublicMessage(message string)` option may be appended to
@@ -53,7 +70,7 @@ import (
   "example.org/thing"
 )
 
-var ErrBaseNotFound = errutil.NewBase(errutil.StatusNotFound, "main.not-found", errutil.WithPublicMessage("Thing not found"))
+var ErrBaseNotFound = errutil.NewBase(errutil.StatusNotFound, "main.notFound", errutil.WithPublicMessage("Thing not found"))
 
 func Look(id int) (*Thing, error) {
   t, err := thing.GetByID(id)
@@ -65,17 +82,22 @@ func Look(id int) (*Thing, error) {
 }
 ```
 
-Check out [errutil's GoDocs](https://pkg.go.dev/github.com/grafana/grafana@v0.0.0-20220621133844-0f4fc1290421/pkg/util/errutil)
-for details on how to construct and use Grafana style errors.
+Errors consider themselves to be both its `errutil.Base` or
+`errutil.Template` and whatever errors it wraps for the purposes of the
+`errors.Is` function.
+
+Check out the package and method documentation for
+github.com/grafana/grafana/pkg/util/errutil for details on how to
+construct and use Grafana style errors. This documentation is
+unfortunately not readily available on pkg.go.dev because Grafana is not
+fully Go modules compatible, but can be viewed using
+[godoc](https://go.dev/cmd/godoc/) from the Grafana directory.
 
 ### Handling errors in the API
 
 API handlers use the `github.com/grafana/grafana/pkg/api/response.Err`
-function to create responses based on `errutil.Error`s.
+or `github.com/grafana/grafana/pkg/api/response.ErrWithFallback`
+(same signature as `response.Error`) function to create responses based
+on `errutil.Error`.
 
-> **Note:** (@sakjur 2022-06) `response.Err` requires all errors to be
-> `errutil.Error` or it'll be considered an internal server error.
-> This is something that should be fixed in the near future to allow
-> fallback behavior to make it possible to correctly handle Grafana
-> style errors if they're present but allow fallback to a reasonable
-> default otherwise.
+Using `response.Err` requires all errors to be Grafana style errors.

contribute/architecture/backend/services.md

@@ -19,11 +19,11 @@ package example
 type Service struct {
     logger   log.Logger
     cfg      *setting.Cfg
-    sqlStore *sqlstore.SQLStore
+    sqlStore db.DB
 }
 
 // ProvideService provides Service as dependency for other services.
-func ProvideService(cfg *setting.Cfg, sqlStore *sqlstore.SQLStore) (*Service, error) {
+func ProvideService(cfg *setting.Cfg, sqlStore db.DB) (*Service, error) {
     s := &Service{
         logger:     log.New("service"),
         cfg:        cfg,
@@ -76,7 +76,7 @@ package server
 import (
 	"github.com/google/wire"
 	"github.com/grafana/grafana/pkg/example"
-    "github.com/grafana/grafana/pkg/services/sqlstore"
+    "github.com/grafana/grafana/pkg/infra/db"
 )
 
 var wireBasicSet = wire.NewSet(
@@ -98,7 +98,7 @@ func Initialize(cla setting.CommandLineArgs, opts Options, apiOpts api.ServerOpt
 	return &Server{}, nil
 }
 
-func InitializeForTest(cla setting.CommandLineArgs, opts Options, apiOpts api.ServerOptions, sqlStore *sqlstore.SQLStore) (*Server, error) {
+func InitializeForTest(cla setting.CommandLineArgs, opts Options, apiOpts api.ServerOptions, sqlStore db.DB) (*Server, error) {
 	wire.Build(wireExtsTestSet)
 	return &Server{}, nil
 }

contribute/architecture/frontend-data-requests.md

@@ -1,6 +1,6 @@
 # Data requests
 
-[BackendSrv](https://grafana.com/docs/grafana/latest/packages_api/runtime/backendsrv) handles all outgoing HTTP requests from Grafana. This document explains the high-level concepts used by `BackendSrv`.
+[BackendSrv](https://github.com/grafana/grafana/blob/main/packages/grafana-runtime/src/services/backendSrv.ts) handles all outgoing HTTP requests from Grafana. This document explains the high-level concepts used by `BackendSrv`.
 
 ## Canceling requests
 
@@ -14,7 +14,7 @@ Grafana uses a concept called _request cancellation_ to cancel any ongoing reque
 
 #### Before Grafana 7.2
 
-Before Grafana can cancel any data request, it has to identify that request. Grafana identifies a request using the property `requestId` [passed as options](https://github.com/grafana/grafana/blob/main/docs/sources/packages_api/runtime/backendsrvrequest.md) when you use [BackendSrv](https://grafana.com/docs/grafana/latest/packages_api/runtime/backendsrv).
+Before Grafana can cancel any data request, it has to identify that request. Grafana identifies a request using the property `requestId` [passed as options](https://github.com/grafana/grafana/blob/main/packages/grafana-runtime/src/services/backendSrv.ts#L47) when you use [BackendSrv](https://github.com/grafana/grafana/blob/main/packages/grafana-runtime/src/services/backendSrv.ts).
 
 The cancellation logic is as follows:
 
@@ -23,7 +23,7 @@ The cancellation logic is as follows:
 
 #### After Grafana 7.2
 
-Grafana 7.2 introduced an additional way of canceling requests using [RxJs](https://github.com/ReactiveX/rxjs). To support the new cancellation functionality, the data source needs to use the new `fetch` function in [BackendSrv](https://grafana.com/docs/grafana/latest/packages_api/runtime/backendsrv).
+Grafana 7.2 introduced an additional way of canceling requests using [RxJs](https://github.com/ReactiveX/rxjs). To support the new cancellation functionality, the data source needs to use the new `fetch` function in [BackendSrv](https://github.com/grafana/grafana/blob/main/packages/grafana-runtime/src/services/backendSrv.ts).
 
 Migrating the core data sources to the new `fetch` function [is an ongoing process that you can read about in this issue.](https://github.com/grafana/grafana/issues/27222)
 

contribute/create-pull-request.md

@@ -55,16 +55,9 @@ Pull requests that create new UI components or modify existing ones must adhere
 - Use the [Grafana theme palette](/contribute/style-guides/themes.md) for styling. It contains colors with good contrast which aids accessibility.
 - Use [RTL](https://testing-library.com/docs/dom-testing-library/api-accessibility/) for writing unit tests. It helps to create accessible components.
 
-Pull requests that introduce accessibility(a11y) errors:
+### Accessibility-specific guidelines
 
-We use [pa11y-ci](https://github.com/pa11y/pa11y-ci) to collect accessibility errors on [some URLs on the project](https://github.com/grafana/grafana/issues/36555), threshold errors are specified per URL.
-
-If the contribution introduces new a11y errors, our continuous integration will fail, preventing you to merge on the main branch. In those cases there are two alternatives for moving forward:
-
-- Check the error log on the pipeline step `test-a11y-frontend-pr`, identify what was the error, and fix it.
-- Locally run the command `yarn test:accessibility-report` that generates an HTML accessibility report, then go to the URL that contains your change, identify the error, and fix it. Keep in mind, a local e2e Grafana instance is going to be running on `http://localhost:3001`.
-
-You can also prevent introducing a11y errors by installing an a11y plugin in your browser, for example, axe DevTools, Accessibility Insights for Web among others.
+Pull requests that introduce accessibility(a11y) errors - please refer to the [accessibility guidelines](/contribute/style-guides/accessibility.md).
 
 ### Betterer
 

contribute/developer-guide.md

@@ -149,13 +149,13 @@ go test -covermode=atomic -tags=integration ./pkg/...
 To run PostgreSQL and MySQL integration tests locally, you need to start the docker blocks for MySQL and/or PostgreSQL test data sources by running `make devenv sources=mysql_tests,postgres_tests`. When your test data sources are running, you can execute integration tests by running:
 
 ```bash
-GRAFANA_TEST_DB=mysql go test -covermode=atomic -tags=integration ./pkg/...
+make test-go-integration-mysql
 ```
 
 and/or
 
 ```bash
-GRAFANA_TEST_DB=postgres go test -covermode=atomic -tags=integration ./pkg/...
+make test-go-integration-postgres
 ```
 
 ### Run end-to-end tests

contribute/documentation/README.md

@@ -1,235 +1,7 @@
 # Contribute to our documentation
 
-We provide these guidelines to help our contributors make additions or corrections to our documentation.
+Welcome. We're glad you're here to help make our technical documentation even better.
 
-## Welcome
+For our style guide and writing guidelines, see [Writers' Toolkit](https://grafana.com/docs/writers-toolkit/).
 
-Welcome. We're glad you're here to help make our technical documentation even better. We develop content that leads our users to success using Grafana products. Technical accuracy is our primary consideration, and we value the use of inclusive language. We regard your feedback as a gift - thanks for reading through these guidelines.
-
-### Intended audience
-
-We write these guidelines for contributors who are interested in improving our technical content.
-
-## Understanding the structure of Grafana documentation
-
-All Grafana Enterprise and OSS documentation is located in the [Grafana open source project](https://github.com/grafana/grafana) GitHub repository: https://github.com/grafana/grafana/tree/main/docs/sources.
-
-- The **sources** directory organizes content by topic areas, for example **administration** and **alerting**.
-- Topic directories include an `_index.md` file, which provides an overview of the topic, and optionally includes subtopics that provide more detail.
-
-> The `_index.md` file is required.
-
-### Writing in markdown
-
-We write technical documentation using [Markdown](https://en.wikipedia.org/wiki/Markdown). We've put together a short guide to help you how to structure and format your content.
-
-To access the markdown guide, refer to [Markdown style guide](documentation-markdown-guide.md).
-
-## Ways to contribute
-
-We're thrilled that you are considering contributing to the documentation. You can contribute content in the following ways:
-
-- [Request a change](#request-a-change)
-- [Edit a topic](#edit-a-topic)
-- [Write a topic](#write-a-topic)
-
-### Request a change
-
-Request a change when you want to make a suggestion about a topic, but don't want to provide an edit that generates a pull request. Requesting a change gives you the freedom to express your ideas without committing language. Your suggestion can reflect a small change to wording or can reflect larger, more substantive changes.
-
-GitHub captures your request as an **Issue** logged against the repository.
-
-Before you begin:
-
-- Create a GitHub account.
-
-To request a change, complete the following steps:
-
-1.  While viewing the topic, click **Request a change**.
-
-The Issue title auto-populates with the location of the file about which you are requesting a change.
-
-![Request a change](request-change.png)
-
-2. Enter a change request description.
-
-3. Add the **type/docs** label.
-
-4. Click **Submit new issue**.
-
-### Edit a topic
-
-If you want to recommend a small change, such as suggesting a correction to a topic, you can edit the topic directly in GitHub. You are not required to fork and clone the repo to use this approach.
-
-Other small changes might include:
-
-- Adding steps to a task
-- Adding clarifying language to a concept
-- Providing an example
-
-Before you begin:
-
-- Create a GitHub account.
-
-To edit a topic, complete the following steps:
-
-1. While viewing the topic you want to edit, click **Edit this page**.
-
-![Edit a topic](edit-file.png)
-
-2. Add your changes to the topic.
-
-3. Scroll to the bottom of the page and enter a branch name.
-
-   For example, enter `clarified dashboard panel definition`.
-
-4. Click **Commit**.
-
-   GitHub prompts you to create a PR.
-
-5. Complete the prompts provided in the body of the PR.
-
-6. Click **Create pull request**.
-
-### Write a topic
-
-At Grafana Labs, we use the principles of topic-based authoring when we write technical documentation. Topic-based authoring provides guidelines for writing three _types_ of technical documentation: concept, task, and reference. Before you begin writing, establish the topic type you want to write.
-
-#### Understanding topic types
-
-Technical content is divided into three topic types: concept, task, and reference.
-
-- **Concept**: A concept topic explains _what_ a feature (or idea) is, and why it is important.
-- **Task**: A task topic explains _how_ to complete an end user procedure in the system. Task topics contain steps.
-- **Reference** A reference topic contains lookup information that a user might consult when they complete a task. Documenting a list of values with descriptions is a common form of reference topic.
-
-**Example**
-
-Suppose you are writing content for a site called _Doggie handbook_. You might organize your topics like this:
-
-**Concepts**
-
-- What a dog is
-- Brief history of dogs
-- Why you might want a dog
-- Tasks dogs can be trained to do
-
-**Tasks**
-
-- Feed the dog
-- Groom the dog
-- Train the dog
-
-**References**
-
-- List of dog equipment you will need
-- Table of breeds that includes breed name, size range, short or long hair, and type of dog
-
-#### Prepare your environment
-
-Before you begin writing, we recommend that you fork and clone the Grafana repository so that you can use a text editor locally to create branches, commit your changes, and create a PR.
-
-While this document doesn't include git commands or descriptions of Github operations, you might find these links useful.
-
-- [Install git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git): We store all source code, including documentation, in Git repositories.
-- [Fork a repo](https://docs.github.com/en/get-started/quickstart/fork-a-repo): Locate the repo you want to clone, and fork it.
-- [Clone a repo](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository): Clone the repository to your local machine.
-- [Create a branch](https://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging): Before you make change, create a branch. Do not push changes against the `main` branch.
-- [Create a PR](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request): After you add, commit, and push your changes, create a PR in Github.
-
-#### Use a documentation template to contribute a topic
-
-We have provided documentation templates that align with each topic type:
-
-- [Concept](templates/doc-concept-template.md)
-- [Task](templates/doc-task-template.md)
-- [Reference](templates/doc-reference-template.md)
-
-Each template provides additional usage and formatting guidelines. We recommend that you make a copy of whichever template you are using, then add content.
-
-> Remove any unused content before you commit your changes.
-
-#### View a local build
-
-Prior to pushing your changes, you can view a local build of the documentation so that you can review your work.
-
-To view a local build:
-
-1. Install [Docker](https://www.docker.com/products/docker-desktop).
-
-1. Run Docker.
-
-1. Navigate to the **docs** root directory.
-
-1. Run `make build`.
-
-1. Open `localhost:3002` to review your changes.
-
-## Push changes and create a PR
-
-When you are ready for other people to review your work, perform the following tasks.
-
-1. [Add](https://git-scm.com/docs/git-add) your changes, which prepares your content for the next commit.
-
-1. [Commit](https://git-scm.com/docs/git-commit) your changes.
-
-1. [Push](https://git-scm.com/docs/git-push) your changes to Github.
-
-1. [Create a PR](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request) in Github.
-
-The docs build system automatically conducts a series of tests to ensure that the content doesn't conflict with other content in the docs repository.
-
-### Understanding the PR review and approval workflow
-
-When a PR is added to the repo with a label associated with `docs`, it will be reviewed by a member of the technical writing team. Depending on the size of the PR and the priority of other work, the PR will either be immediately reviewed and merged (minor fixes typically follow this pattern) or the PR will be triaged and placed in the backlog of work or moved into further development.
-
-## Join our community
-
-For general discussions on documentation, you’re welcome to join the `#docs` channel on our [public Grafana Slack](http://slack.raintank.io) team.
-
-## Reference: Top five writing tips
-
-While we don't provide a comprehensive style guide in this document, here's a few writing tips to help the writing process.
-
-### Consider the audience
-
-Write for an audience that is computer literate and has general technical knowledge, but is not necessarily familiar with Grafana or the finer points of observability.
-
-Pretend you are explaining your topic to a brand new Grafana user or developer.
-
-### Write clear and concise sentences and paragraphs
-
-Use the following sentence structure when you write: _subject_—_verb_—_object_. If you are telling a user to do something, write an imperative sentence. For example “Enter the refresh rate time interval and click Save.”
-
-- You can also start a sentence with an _if_ clause, which positions the condition before the action.
-- Limit the number of words in a sentence to 20..
-
-### Use active voice
-
-Active voice makes the performer of the action the subject
-of the sentence. When you write in passive voice, the recipient of the action (and not the performer) becomes the subject of the sentence.
-
-Active-voice sentences are more direct and clearly identify _who_ is doing _what_. Not all tasks are completed by a user; sometimes the system can also be a performer (and by extension, the subject of the sentence). When you write in active voice you clearly make that distinction, which results in more engaging and less wordy content.
-
-| Use (active)                                          | Avoid (passive)                                                      |
-| ----------------------------------------------------- | -------------------------------------------------------------------- |
-| After you upgrade the software, restart the computer. | After the software has been upgraded, the computer can be restarted. |
-| Click **OK** to save the dashboard.                   | The dashboard is saved when the **OK** button is clicked.            |
-| Create a dashboard.                                   | A dashboard is created by you.                                       |
-
-### Avoid obscure non-English words and abbreviations
-
-Users might be unfamiliar with some non-English words and abbreviations such as _per_, _vs_, and _via_. Latin abbreviations in particular, like _i.e._, _e.g._, and _etc._, are vague.
-
-| Use          | Don’t use   |
-| ------------ | ----------- |
-| through      | via         |
-| that is      | i.e.        |
-| according to | per, as per |
-| and so on    | etc.        |
-
-### Write self-contained topics
-
-Thanks to search engines, every page in the documentation might be a reader's entry point. This means that each page needs to be self-contained and make sense on its own. The reader should not need to read other topics in order to perform the task or understand the concept.
-
-However, try to be helpful and link to related information. Using the _Doggie handbook_ example, the concept topic that explains what dogs can be trained to do might link to the Train the dog task.
+If you're interested in contributing to the Writers' Toolkit, refer to the [Writers' Toolkit](https://github.com/grafana/writers-toolkit) repository.

contribute/documentation/documentation-markdown-guide.md

@@ -1,152 +0,0 @@
-# Markdown style guide
-
-This guide for Markdown style helps keep contributions consistent across all documentation created for Grafana products. Refer to the guide and update its sections as needed when a Subject Matter Expert answers a question on Markdown style, or a decision is made about how to apply Markdown.
-
-## Headers
-
-In Markdown, the number of "#" symbols creates different heading levels, similar to HTML heading levels:
-
-**Example**
-
-- \# is \<h1>.
-- \#\# is \<h2>.
-- \#\#\# is \<h3>.
-
-Start your document with a single `#` for the title of the page. Add the sub-headings with two `##`.
-
-## Bold and emphasis
-
-- Make text **bold** using two asterisks.
-
-**Example:** It is `**important**` to use GitHub-flavored Markdown emoji consistently.
-
-- Make text `_emphasized_` using single ` _underscores_`. Do not use the single asterisk, it can be easily confused with bold.
-
-**Example:** GitHub-flavored markdown emoji should _only_ appear in specific cases.
-
-## Links and references
-
-Create links to other website by wrapping the display text in square brackets, and the web URL in curved brackets.
-
-\[text to display](www.website.com)
-
-**Example:** For more information on including emoji in GitHub-flavored markdown, refer to the [webfx page on emoji](https://www.webfx.com/tools/emoji-cheat-sheet/) for a list of emoji.
-
-## Block quotes
-
-Include block quotes inside text using right-facing arrows:
-
-**Example**
-
-> Any important information
-> about emoji can be separated into
-> a blockquote.
-
-## Code blocks
-
-Code blocks written with markdown can show off syntax highlighting specific to different languages. Use three back tics to create a code block:
-
-```
-function testNum(a) {
-  if (a > 0) {
-    return "positive";
-  } else {
-    return "NOT positive";
-  }
-}
-```
-
-Write the name of the language after the first set of back tics, no spaces, to show specific syntax highlighting. For example; "\```javascript" produces the following:
-
-```javascript
-function testNum(a) {
-  if (a > 0) {
-    return 'positive';
-  } else {
-    return 'NOT positive';
-  }
-}
-```
-
-## Tables
-
-Construct a table by typing the table headings, and separating them with a "|" character. Then, add a second line of dashes ("-") separated by another "|" character. When constructing the table cells, separate each cell data with another "|".
-
-**Example**
-
-Heading one | Heading two
-
-\------------|------------
-
-Cell one data| Cell two data
-
-Will publish as:
-
-| Heading one   | Heading two   |
-| ------------- | ------------- |
-| Cell one data | Cell two data |
-
-## Lists
-
-### Numbered lists
-
-To avoid inconsistent list numbering, use repetitive list numbering:
-
-\1. First
-
-\1. Second
-
-\1. Third
-
-The list above will always display as:
-
-1. First
-2. Second
-3. Third
-
-### Unordered lists
-
-Build a list of points - an unordered or unnumbered list - by using "\-" (hyphen) characters.
-
-**Example**
-
-- First
-- Another item
-- The last list item
-
-## Images
-
-_Do not_ use image shortcodes at this time.
-
-Include images in a document using the following syntax:
-
-```
-![Alt text](link to image, starting with /static/img/docs/ if it is to an internal image "Title of image in sentence case")
-```
-
-> **Note:** Alt text does not appear when the user hovers the mouse over the image, but title text does.
-
-**Examples:**
-
-- \!\[Grafana logo](/link/to/grafanalogo/logo.png "Grafana logo")
-- \!\[Example](/static/img/docs/folder_name/alert_test_rule.png "Example title")
-
-This follows the format of "!", alt text wrapped in "[]" and the link URL wrapped in "()".
-
-You can also use HTML such as the following:
-
-```
-<img src="example.png"
-     alt="Example image"
-     style="float: left; margin-right: 5px;" />
-```
-
-In most cases, use the markdown syntax rather than the HTML syntax. Only use the HTML if you need to change the image in ways unsupported by Markdown.
-
-## Comments
-
-You can include comments that will not appear in published markdown using the following syntax:
-
-\[comment]: <> (Comment text to display)
-
-The word "comment" wrapped in "[]" followed by a ":", a space, "<>", and then the comment itself wrapped in "()".

contribute/documentation/templates/doc-concept-template.md

@@ -1,42 +0,0 @@
-DELETE THIS LINE: If draft = false, then the document will not be built in the doc site. If the date is earlier than the build date, than the document will not show in the build site. Use these settings to control whether future content is shown in the doc site.
-+++
-draft = "false"
-date = "yyyy-mm-dd"
-title = "Title in sentence case"
-description = "Description in title case"
-keywords = ["grafana", "enter", "keywords", "here"]
-type = "docs"
-[menu.docs]
-name = "Name of topic"
-identifier = "identifier"
-parent = "menu parent"
-weight = 100
-+++
-
-# Concept
-
-The title of the concept topic will generally be a noun or a gerund. Examples include Templates, Templating, Dashboards, and panels.
-
-Concepts are topic types for any information that doesn't involve task lists or reference information. Ideally you use concept elements to explain concepts, ideas, overviews, workflows, and the like. In the intro section, this first paragraph or two, you should explain to the user what to expect in this topic or section.
-
-[Permissions overview](https://grafana.com/docs/grafana/latest/permissions/overview/) is an example of a concept topic.
-
-## Idea
-
-Concept topics or sections explain _what_ and _why_. They do not explain _how_. If you are a new user, you might look for concept information to learn about what Grafana is, why it might be useful to you, and what the general workflow is.
-
-## Workflow
-
-Continuing the example in the previous section, here is a sample Grafana workflow.
-
-1. Install Grafana. <link to task for installing Grafana>
-1. Set up data sources. <link to data sources concept topic, which links to data source task topics>
-1. Create panels. <link to panel concept topic, which links to tasks>
-1. Create dashboards. <link to panel concept topic, which links to tasks>
-1. Enter queries. <link to query editor concept topic>
-1. Add users. <link to user management concept topic, which links to tasks>
-1. Create playlists. <link to Playlist topic that contains concept information and tasks>
-
-## Next steps
-
-Concept tasks often link to related information, including _tasks_ related to the concept and _reference_ topics related to the concept.

contribute/documentation/templates/doc-reference-template.md

@@ -1,75 +0,0 @@
-DELETE THIS LINE: If draft = false, then the document will not be built in the doc site. If the date is earlier than the build date, than the document will not show in the build site. Use these settings to control whether future content is shown in the doc site.
-+++
-draft = "false"
-date = "yyyy-mm-dd"
-title = "Title in sentence case"
-description = "Description in title case"
-keywords = ["grafana", "enter", "keywords", "here"]
-type = "docs"
-[menu.docs]
-name = "Name of topic"
-identifier = "identifier"
-parent = "menu parent"
-weight = 100
-+++
-
-# Reference
-
-The _reference_ topic type is for storing reference information, such as extensive tables, lists, or other information that is used as support for a task. Reference topics are also designed for API information.
-
-Often reference topics are linked from _task_ topics, because they contain information the user needs in order to perform a task.
-
-[Grafana CLI](https://grafana.com/docs/grafana/latest/administration/cli/) is one example of a reference topic.
-
-## Lists
-
-Lists of commands or parameters are often organized in reference topics. The information you need to present will dictate the format.
-
-- They might
-- be in
-- unordered lists.
-
-[Configuration](https://grafana.com/docs/grafana/latest/installation/configuration/) is an example of lists.
-
-## Tables
-
-If you have a large list of things to store in a table, then you are probably dealing with reference information. Hugo accepts either tables in Markdown or in HTML format, so use whichever is easier for you.
-
-The [Glossary](https://grafana.com/docs/grafana/latest/guides/glossary/) provides an example of reference data in a table.
-
-### Empty markdown table
-
-While you might not need a heading for each table, headings are a good way to chunk information if you have several tables. They also make the content easy to skim. Use headings or intro paragraphs like this one to explain to the reader what the information in the table is used for.
-
-|     |     |     |     |     |     |
-| :-- | :-- | :-: | :-: | --: | --: |
-|     |     |     |     |     |     |
-|     |     |     |     |     |     |
-|     |     |     |     |     |     |
-|     |     |     |     |     |     |
-
-### Empty HTML table
-
-And here is intro text, similar to the paragraph in the previous section. Do not add local styling to the table. The website CSS will take care of that for you.
-
-<table>
-  <tr>
-    <th>Firstname</th>
-    <th>Lastname</th> 
-    <th>Age</th>
-  </tr>
-  <tr>
-    <td>Jill</td>
-    <td>Smith</td> 
-    <td>50</td>
-  </tr>
-  <tr>
-    <td>Eve</td>
-    <td>Jackson</td> 
-    <td>94</td>
-  </tr>
-</table>
-
-## API documentation
-
-API documentation is always a reference topic rather than a task topic, but it has its own rules.

contribute/documentation/templates/doc-task-template.md

@@ -1,57 +0,0 @@
-+++
-draft = "false"
-date = "yyyy-mm-dd"
-title = "Title in sentence case"
-description = "Description in title case"
-keywords = ["grafana", "enter", "keywords", "here"]
-type = "docs"
-[menu.docs]
-name = "Name of topic"
-identifier = "identifier"
-parent = "menu parent"
-weight = 100
-+++
-
-# Task
-
-A _task_ topic is intended for a procedure that describes how to accomplish a task. It lists a series of steps that users follow to produce an intended outcome. It tells the reader _how_ to do something. [Install Grafana plugins](https://grafana.com/docs/grafana/latest/plugins/installation/) and [Playlist](https://grafana.com/docs/grafana/latest/reference/playlist/) are examples of task topics. Playlist includes a small amount of concept information in the introduction, which is appropriate.
-
-Always include an introduction of a short paragraph or two to explain what the task is for, perhaps give the reader an idea of what the outcome will be.
-
-In most cases, each topic should only contain one task. If you have several very short, related tasks, then you might combine them into one topic.
-
-In the case of a long task, then you probably won't need any headings except for the h1 at the top of the page.
-
-1. Start with step one.
-1. Use second-person imperative tense.
-1. Basically, "You, do this" with every sentence.
-1. Do not use the third-person "user" for steps you want the reader ("you") to perform.
-1. Write steps that contain one action, possibly two related actions, such as copy and paste a thing or save and quit the program.
-   If a sentence is not telling the reader to do something, then it is not a step. You can use nested images or paragraphs like this one to add information if necessary.
-
-In many cases, you should tell the reader what the outcome should be so that they know when they are done.
-
-## One-step task
-
-Some tasks are so short, they only contain one step.
-
-Write one-step tasks as simple sentences, not as unordered lists or numbered lists.
-
-## Short task
-
-Short tasks can be grouped. How short constitutes "short" is a judgment call based on number of steps and how long individual steps are.
-
-1. Use your judgment.
-1. Ask your coworkers or someone on the Comm team for advice if you aren't sure.
-
-## Next steps
-
-If the task you are writing leads naturally to one or more other tasks, then include links after the task to help the reader figure out where to go next.
-
-Thanks to internet search engines, every page in the documentation could be page one. Pretend you are explaining your task to a new Grafana user who just walked in off the street.
-
-## Testing
-
-It is a good practice to have someone else test the task you have written. If they can successfully complete the task using _only_ what the steps you have written, not guessing or using their inherent knowledge, then your task has passed the test. However, it is very common to find you have skipped steps, because _you_ are very familiar with Grafana and the topic you are explaining.
-
-New users or people from other teams are very helpful for these tests.

contribute/engineering/backend/instrumentation.md

@@ -0,0 +1,280 @@
+# Instrumenting Grafana
+
+Guidance, conventions and best practices for instrumenting Grafana using logs, metrics and traces.
+
+## Logs
+
+Logs are files that record events, warnings and errors as they occur within a software environment. Most logs include contextual information, such as the time an event occurred and which user or endpoint was associated with it.
+
+### Usage
+
+Use the _pkg/infra/log_ package to create a named structured logger. Example:
+
+```go
+import (
+  "fmt"
+
+  "github.com/grafana/grafana/pkg/infra/log"
+)
+
+logger := log.New("my-logger")
+logger.Debug("Debug msg")
+logger.Info("Info msg")
+logger.Warning("Warning msg")
+logger.Error("Error msg", "error", fmt.Errorf("BOOM"))
+```
+
+### Naming conventions
+
+Name the logger using lowercase characters, e.g. `log.New("my-logger")` using snake_case or kebab-case styling.
+
+Prefix the logger name with an area name when using different loggers across a feature or related packages, e.g. `log.New("plugin.loader")` and `log.New("plugin.client")`.
+
+Start the log message with a capital letter, e.g. `logger.Info("Hello world")` instead of `logger.Info("hello world")`. The log message should be an identifier for the log entry, avoid parameterization in favor of key-value pairs for additional data.
+
+Prefer using camelCase style when naming log keys, e.g. _remoteAddr_, to be consistent with Go identifiers.
+
+Use the key _error_ when logging Go errors, e.g. `logger.Error("Something failed", "error", fmt.Errorf("BOOM"))`.
+
+### Validate and sanitize input coming from user input
+
+If log messages or key/value pairs originates from user input they **should** be validated and sanitized.
+
+Be **careful** to not expose any sensitive information in log messages e.g. secrets, credentials etc. It's especially easy to do by mistake when including a struct as value.
+
+### Log levels
+
+When to use which log level?
+
+- **Debug:** Informational messages of high frequency and/or less-important messages during normal operations.
+- **Info:** Informational messages of low frequency and/or important messages.
+- **Warning:** Should in normal cases not be used/needed. If used should be actionable.
+- **Error:** Error messages indicating some operation failed (with an error) and the program didn't have a way of handle the error.
+
+### Contextual logging
+
+Use a contextual logger to include additional key/value pairs attached to `context.Context`, e.g. `traceID`, to allow correlating logs with traces and/or correlate logs with a common identifier.
+
+You must [Enable tracing in Grafana](#2-enable-tracing-in-grafana) to get a traceID
+
+Example:
+
+```go
+import (
+  "context"
+  "fmt"
+
+  "github.com/grafana/grafana/pkg/infra/log"
+)
+
+var logger = log.New("my-logger")
+
+func doSomething(ctx context.Context) {
+  ctxLogger := logger.FromContext(ctx)
+  ctxLogger.Debug("Debug msg")
+  ctxLogger.Info("Info msg")
+  ctxLogger.Warning("Warning msg")
+  ctxLogger.Error("Error msg", "error", fmt.Errorf("BOOM"))
+}
+```
+
+### Enable certain log levels for certain loggers
+
+During development it's convenient to enable certain log level, e.g. debug, for certain loggers to minimize the generated log output and make it easier to find things. See [[log.filters]](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#filters) for information how to configure this.
+
+It's also possible to configure multiple loggers:
+
+```ini
+[log]
+filters = rendering:debug \
+          ; alerting.notifier:debug \
+          oauth.generic_oauth:debug \
+          ; oauth.okta:debug \
+          ; tsdb.postgres:debug \
+          ; tsdb.mssql:debug \
+          ; provisioning.plugins:debug \
+          ; provisioning:debug \
+          ; provisioning.dashboard:debug \
+          ; provisioning.datasources:debug \
+          datasources:debug \
+          data-proxy-log:debug
+```
+
+## Metrics
+
+Metrics are quantifiable measurements that reflect the health and performance of applications or infrastructure.
+
+Consider using metrics to provide real-time insight into the state of resources. If you want to know how responsive your application is or identify anomalies that could be early signs of a performance issue, metrics are a key source of visibility.
+
+### Metric types
+
+See [Prometheus metric types](https://prometheus.io/docs/concepts/metric_types/) for a list and description of the different metric types you can use and when to use them.
+
+There are many possible types of metrics that can be tracked. One popular method for defining metrics is the [RED method](https://grafana.com/blog/2018/08/02/the-red-method-how-to-instrument-your-services/).
+
+### Naming conventions
+
+Use the namespace _grafana_ as that would prefix any defined metric names with `grafana_`. This will make it clear for operators that any metric named `grafana_*` belongs to Grafana.
+
+Use snake*case style when naming metrics, e.g. \_http_request_duration_seconds* instead of _httpRequestDurationSeconds_.
+
+Use snake*case style when naming labels, e.g. \_status_code* instead of _statusCode_.
+
+If metric type is a _counter_, name it with a `_total` suffix, e.g. _http_requests_total_.
+
+If metric type is a _histogram_ and you're measuring duration, name it with a `_<unit>` suffix, e.g. _http_request_duration_seconds_.
+
+If metric type is a _gauge_, name it to denote it's a value that can increase and decrease , e.g. _http_request_in_flight_.
+
+### Label values and high cardinality
+
+Be careful with what label values you add/accept. Using/allowing too many label values could result in [high cardinality problems](https://grafana.com/blog/2022/02/15/what-are-cardinality-spikes-and-why-do-they-matter/).
+
+If label values originates from user input they **should** be validated. Use `metricutil.SanitizeLabelName(<label value>`) from _pkg/infra/metrics/metricutil_ package to sanitize label names. Very **important** to only allow a pre-defined set of labels to minimize the risk of high cardinality problems.
+
+Be **careful** to not expose any sensitive information in label values, e.g. secrets, credentials etc.
+
+### Guarantee the existence of metrics
+
+If you want to guarantee the existence of metrics before any observations has happened there's a couple of helper methods available in the _pkg/infra/metrics/metricutil_ package.
+
+### How to collect and visualize metrics locally
+
+1. Start Prometheus
+
+   ```bash
+   make devenv sources=prometheus
+   ```
+
+2. Use Grafana Explore or dashboards to query any exported Grafana metrics
+
+## Traces
+
+A distributed trace is data that tracks an application request as it flows through the various parts of an application. The trace records how long it takes each application component to process the request and pass the result to the next component. Traces can also identify which parts of the application trigger an error.
+
+### Usage
+
+Grafana currently supports two tracing implementations, [OpenTelemetry](https://opentelemetry.io/) and [OpenTracing](https://opentracing.io/). OpenTracing is deprecated, but still supported until we remove it. The two different implementations implements the `Tracer` and `Span` interfaces, defined in the _pkg/infra/tracing_ package, which you can use to create traces and spans. To get a hold of a `Tracer` you would need to get it injected as dependency into your service, see [Services](../../architecture/backend/services.md) for more details.
+
+Example:
+
+```go
+import (
+   "fmt"
+
+   "github.com/grafana/grafana/pkg/infra/tracing"
+   "go.opentelemetry.io/otel/attribute"
+)
+
+type MyService struct {
+   tracer tracing.Tracer
+}
+
+func ProvideService(tracer tracing.Tracer) *MyService {
+   return &MyService{
+      tracer: tracer,
+   }
+}
+
+func (s *MyService) Hello(ctx context.Context, name string) (string, error) {
+   ctx, span := s.tracer.Start(ctx, "MyService.Hello")
+   // this make sure the span is marked as finished when this
+   // method ends to allow the span to be flushed and sent to
+   // storage backend.
+   defer span.End()
+
+   // Add some event to show Events usage
+   span.AddEvents(
+      []string{"message"},
+      []tracing.EventValue{
+         {Str: "checking name..."},
+      })
+
+   if name == "" {
+      err := fmt.Errorf("name cannot be empty")
+
+      // record err as an exception span event for this span
+      span.RecordError(err)
+      return "", err
+   }
+
+   // Add some other event to show Events usage
+   span.AddEvents(
+      []string{"message"},
+      []tracing.EventValue{
+         {Str: "name checked"},
+      })
+
+   // Add attribute to show Attributes usage
+   span.SetAttributes("my_service.name", name, attribute.Key("my_service.name").String(name))
+
+   return fmt.Sprintf("Hello %s", name), nil
+}
+
+```
+
+### Naming conventions
+
+Span names should follow the [guidelines from OpenTelemetry](https://opentelemetry.io/docs/reference/specification/trace/api/#span).
+
+| Span Name               | Guidance                                                 |
+| ----------------------- | -------------------------------------------------------- |
+| get                     | Too general                                              |
+| get_account/42          | Too specific                                             |
+| get_account             | Good, and account_id=42 would make a nice Span attribute |
+| get_account/{accountId} | Also good (using the “HTTP route”)                       |
+
+Span attribute and span event attributes should follow the [Attribute naming specification from OpenTelemetry](https://opentelemetry.io/docs/reference/specification/common/attribute-naming/). Good attribute key examples:
+
+- service.version
+- http.status_code
+
+See [Trace semantic conventions from OpenTelemetry](https://opentelemetry.io/docs/reference/specification/trace/semantic_conventions/) for additional conventions regarding well-known protocols and operations.
+
+### Span names and high cardinality
+
+Be careful with what span names you add/accept. Using/allowing too many span names could result in high cardinality problems.
+
+### Validate and sanitize input coming from user input
+
+If span names, attribute or event values originates from user input they **should** be validated and sanitized. It's very **important** to only allow a pre-defined set of span names to minimize the risk of high cardinality problems.
+
+Be **careful** to not expose any sensitive information in span names, attribute or event values, e.g. secrets, credentials etc.
+
+### How to collect, visualize and query traces (and correlate logs with traces) locally
+
+#### 1. Start Jaeger
+
+```bash
+make devenv sources=jaeger
+```
+
+#### 2. Enable tracing in Grafana
+
+To enable tracing in Grafana, you must set the address in your config.ini file
+
+opentelemetry tracing (recommended):
+
+```ini
+[tracing.opentelemetry.jaeger]
+address = http://localhost:14268/api/traces
+```
+
+opentracing tracing (deprecated/not recommended):
+
+```ini
+[tracing.jaeger]
+address = localhost:6831
+```
+
+#### 3. Search/browse collected logs and traces in Grafana Explore
+
+You need provisioned gdev-jaeger and gdev-loki datasources, see [developer dashboard and data sources](https://github.com/grafana/grafana/tree/main/devenv#developer-dashboards-and-data-sources) for setup instructions.
+
+Open Grafana explore and select gdev-loki datasource and use the query `{filename="/var/log/grafana/grafana.log"} | logfmt`.
+
+You can then inspect any log message that includes a `traceID` and from there click on `gdev-jaeger` to split view and inspect the trace in question.
+
+#### 4. Search/browse collected traces in Jaeger UI
+
+You can open http://localhost:16686 to use the Jaeger UI for browsing and searching traces.

contribute/internationalization.md

@@ -0,0 +1,179 @@
+# Internationalization
+
+Grafana uses the [i18next](https://www.i18next.com/) framework for managing translating phrases in the Grafana frontend.
+
+## tl;dr
+
+**Please note:** We do not currently accept contributions for translations. Please do not submit pull requests for grafana.json files - they will be rejected.
+
+- Use `<Trans i18nKey="search-results.panel-link">Go to {{ pageTitle }}</Trans>` in code to add a translatable phrase
+- Translations are stored in JSON files in `public/locales/{locale}/grafana.json`
+- If a particular phrase is not available in the a language then it will fall back to English
+- To update phrases in English, edit the default phrase in the component's source, then run `yarn i18n:extract`. Do not edit the `en-ES/grafana.json` or update the english phrase in Crowdin
+- To update phrases in any translated language, edit the phrase in Crowdin. Do not edit the `{locale}/grafana.json`
+
+## How to add a new translation phrase
+
+### JSX
+
+1. For JSX children, use the `<Trans />` component from `app/core/internationalization` with the `i18nKey`, ensuring it conforms to the guidelines below, with the default english translation. e.g.
+
+```jsx
+import { Trans } from 'app/core/internationalization';
+
+const SearchTitle = ({ term }) => (
+  <Trans i18nKey="search-page.results-title">
+    Results for <em>{{ term }}</em>
+  </Trans>
+);
+```
+
+Prefer using `<Trans />` for JSX children, and `t()` for props and other javascript usage.
+
+When translating in grafana-ui, use a relative path to import `<Trans />` and `t()` from `src/utils/i18n`.
+
+Note that our tooling must be able to statically analyse the code to extract the phrase, so the `i18nKey` can not be dynamic. e.g. the following will not work:
+
+```jsx
+const ErrorMessage = ({ id, message }) => <Trans i18nKey={`errors.${id}`}>There was an error: {{ message }}</Trans>;
+```
+
+2. Upon reload, the default English phrase will appear on the page.
+
+3. Before submitting your PR, run the `yarn i18n:extract` command to extract the messages you added into the `grafana.json` file and make them available for translation.
+
+### Plain JS usage
+
+Sometimes you may need to translate a string cannot be represented in JSX, such as `placeholder` props. Use the `t` macro for this.
+
+```jsx
+import { t } from "app/core/internationalization"
+
+const placeholder = t('form.username-placeholder','Username');
+
+return <input type="value" placeholder={placeholder}>
+```
+
+Interpolating phrases is a bit more verbose. Make sure the placeholders in the string match the values passed in the object - there's no type safety here!
+
+```jsx
+const placeholder = t('page.greeting', 'Hello {{ username }}', { username });
+```
+
+While the `t` function can technically be used outside of React functions (e.g, in actions/reducers), aim to keep all UI phrases within the React UI functions.
+
+## How to add a new language
+
+1. Add new locale in Crowdin and sync files to repo
+   1. Grafana OSS Crowdin project -> "dot dot dot" menu in top right -> Target languages
+   2. Grafana OSS Crowdin project -> Integrations -> Github -> Sync Now
+   3. If Crowdin's locale code is different from our IETF language tag, add a custom mapping in Project Settings -> Language mapping
+2. Update `public/app/core/internationalization/constants.ts` (add new constant, and add to `LOCALES`)
+3. Update `public/locales/i18next-parser.config.js` to add the new locale to `locales`
+4. Run `yarn i18n:extract` and commit the result
+
+## How translations work in Grafana
+
+Grafana uses the [i18next](https://www.i18next.com/) framework for managing translating phrases in the Grafana frontend. It:
+
+- Marks up phrases within our code for extraction
+- Extracts phrases into messages catalogues for translating in external systems
+- Manages the user's locale and putting the translated phrases in the UI
+
+English phrases remain in our Javascript bundle in the source components (as the `<Trans />` or `t()` default phrase). At runtime, we don't need to load any messages for en-US. If the user's language preference is set to another language, Grafana will load that translations's messages JSON before the initial render.
+
+### Phrase ID naming convention
+
+We set explicit IDs for phrases to make it easier to identify phrases out of context, and to track where they're used. IDs follow a naming scheme that includes _where_ the phrase is used. The exception is the rare case of single reoccuring words like "Cancel", but default to using a feature/phrase specific phrase.
+
+Message IDs are made of _up to_ three segments in the format `feature.area.phrase`. For example:
+
+- `dashboard.header.refresh-label`
+- `explore.toolbar.share-tooltip`
+
+For components used all over the site, use just two segments:
+
+- `footer.update`
+- `navigation.home`
+
+### I18next context
+
+We rely on a global i18next singleton (that lives inside the i18next) for storing the i18next config/context.
+
+## Examples
+
+See [i18next](https://www.i18next.com/) and [react-i18next](https://react.i18next.com/) documentation for more details.
+
+### Basic usage
+
+For fixed phrases:
+
+```jsx
+import { Trans } from 'app/core/internationalization';
+
+<Trans i18nKey="page.greeting">Hello user!</Trans>;
+```
+
+To interpolate variables, include it as an object child. It's weird syntax, but Trans will do it's magic to make it work:
+
+```jsx
+import { Trans } from 'app/core/internationalization';
+
+<Trans i18nKey="page.greeting">Hello {{ name: user.name }}!</Trans>;
+
+const userName = user.name;
+<Trans i18nKey="page.greeting">Hello {{ userName }}!</Trans>;
+```
+
+Variables must be strings (or, must support calling `.toString()`, which we almost never want).
+
+```jsx
+import { Trans } from 'app/core/internationalization';
+
+// This will not work
+const userName = <strong>user.name</strong>;
+<Trans i18nKey="page.greeting">Hello {{ userName }}!</Trans>;
+
+// Instead, put the JSX inside the phrase directly
+const userName = user.name;
+<Trans i18nKey="page.greeting">
+  Hello <strong>{{ userName }}</strong>!
+</Trans>;
+```
+
+### React components and HTML tags
+
+Both HTML tags and React components can be included in a phase. The Trans function will handle interpolating it's children properly
+
+```js
+import { Trans } from "app/core/internationalization"
+
+<Trans i18nKey="page.explainer">
+  Click <button>here</button> to <a href="https://grafana.com">learn more.</a>
+</Trans>
+
+// ↓ is in the grafana.json file like ↓
+{
+  "page": {
+    "explainer": "Click <0>here</0> to <1>learn more</1>"
+  }
+}
+```
+
+### Plurals
+
+Plurals require special handling to make sure they can be translating according to the rules of each locale (which may be more complex that you think!). Use the `<Trans />` component, with the `count` prop.
+
+```js
+import { Trans } from 'app/core/internationalization';
+
+<Trans i18nKey="newMessages" count={messages.length}>
+  You got {{ count: messages.length }} messages.
+</Trans>;
+```
+
+Once extracted with `yarn i18n:extract` you will need to manually fill in the grafana.json message catalogues with the additional plural forms. See the [react-i18next docs](https://react.i18next.com/latest/trans-component#plural) for more details.
+
+## Documentation
+
+[Grafana's documentation](https://grafana.com/docs/grafana/latest/) is not yet open for translation and should be authored in American English only.

contribute/localisation.md

@@ -1,194 +0,0 @@
-# Localisation
-
-Grafana uses the [LinguiJS](https://github.com/lingui/js-lingui) framework for managing translating phrases in the Grafana frontend.
-
-## tl;dr
-
-- Use `<Trans id="search-results.panel-link">Go to {panel.title}</Trans>` in code to add a translatable phrase
-- Translations are stored in .po files in `public/locales/{locale}/messages.po`
-- If a particular phrase is not available in the a language then it will fall back to English
-
-## How to add a new translation phrase
-
-1. Use one of `@lingui/macro`'s React components with the `id`, ensuring it conforms to the guidelines below, with the default english translation. e.g.
-
-```jsx
-import { Trans } from @lingui/macro
-
-const SearchTitle = ({term}) => (
-  <Trans id="search-page.results-title">
-    Results for {term}
-  </Trans>
-);
-```
-
-Prefer using the JSX components (compared to the plain javascript functions, see below) where possible for phrases. Many props can (and probably should) be changed to accept the `React.ReactNode` instead of `string` for phrases put into the DOM.
-
-Note that Lingui must be able to statically analyse the code to extract the phrase, so the `id` can not be dynamic. e.g. the following will not work:
-
-```jsx
-const ErrorMessage = ({ id, message }) => <Trans id={`errors.${id}`}>There was an error: {message}</Trans>;
-```
-
-2. Upon reload, the default English phrase will appear on the page.
-
-3. Before submitting your PR, run the `yarn i18n:extract` command to extract the messages you added into the `messages.po` file and make them available for translation.
-
-## How translations work in Grafana
-
-Grafana uses the [LinguiJS](https://github.com/lingui/js-lingui) framework for managing translating phrases in the Grafana frontend. It:
-
-- Marks up phrases within our code for extraction
-- Extracts phrases into messages catalogues for translating in external systems
-- "Compiles" the catalogues to a format that can be used in the website
-- Manages the user's locale and putting the translated phrases in the UI
-
-### Phrase ID naming convention
-
-We set explicit IDs for phrases to make it easier to identify phrases out of context, and to track where they're used. IDs follow a naming scheme that includes _where_ the phrase is used. The exception is the rare case of single reoccuring words like "Cancel", but default to using a feature/phrase specific phrase.
-
-Message IDs are made of _up to_ three segments in the format `feature.area.phrase`. For example:
-
-- `dashboard.header.refresh-label`
-- `explore.toolbar.share-tooltip`
-
-For components used all over the site, use just two segments:
-
-- `footer.update`
-- `navigation.home`
-
-### Top-level provider
-
-In [AppWrapper.tsx](/public/app/AppWrapper.tsx) the app is wrapped with `I18nProvider` from `public/app/core/localisation.tsx` where the Lingui instance is created with the user's preferred locale. This sets the appropriate context and allows any component from `@lingui/macro` to use the translations for the user's preferred locale.
-
-### Message format
-
-Lingui uses the [ICU MessageFormat](https://unicode-org.github.io/icu/userguide/format_parse/messages/) for the phrases in the .po catalogues. ICU has special syntax especially for describing plurals across multiple languages. For more details see the [Lingui docs](https://lingui.js.org/ref/message-format.html).
-
-### Plain JS usage
-
-See [Lingui Docs](https://lingui.js.org/ref/macro.html#t) for more details.
-
-Sometimes you may need to translate a string cannot be represented in JSX, such as `placeholder` props. Use the `t` macro for this.
-
-```jsx
-import { t } from "@lingui/macro"
-
-const placeholder = t({
-   id: 'form.username-placeholder',
-   message: `Username`
-});
-
-return <input type="value" placeholder={placeholder}>
-```
-
-While the `t` macro can technically be used outside of React functions (e.g, in actions/reducers), aim to keep all UI phrases within the React UI functions.
-
-## Examples
-
-See the [Lingui docs](https://lingui.js.org/ref/macro.html#usage) for more details.
-
-### Basic usage
-
-For fixed phrases:
-
-```jsx
-import { Trans } from '@lingui/macro';
-
-<Trans id="page.greeting">Hello user!</Trans>;
-```
-
-You can include variables, just like regular JSX. Prefer using "simple" variables to make the extracted phrase easier to read for translators
-
-```jsx
-import { Trans } from '@lingui/macro';
-
-// Bad - translators will see: Hello {0}
-<Trans id="page.greeting">Hello {user.name}!</Trans>;
-
-// Good - translators will see: Hello {userName}
-const userName = user.name;
-<Trans id="page.greeting">Hello {userName}!</Trans>;
-```
-
-Variables must be strings (or, must support calling `.toString()`, which we almost never want).
-
-```jsx
-import { Trans } from '@lingui/macro';
-
-// This will not work
-const userName = <strong>user.name</strong>;
-<Trans id="page.greeting">Hello {userName}!</Trans>;
-
-// Instead, put the JSX inside the phrase directly
-const userName = user.name;
-<Trans id="page.greeting">
-  Hello <strong>{userName}</strong>!
-</Trans>;
-```
-
-### React components and HTML tags
-
-Both HTML tags and React components can be included in a phase. The Lingui macro will replace them with placeholder tags for the translators
-
-```js
-import { Trans } from "@lingui/macro"
-
-const randomVariable = "variable"
-
-<Trans id="page.explainer">
-  Click <button>here</button> to <a href="https://grafana.com">learn more.</a>
-</Trans>
-
-// ↓ is transformed by macros into ↓
-<Trans
-  id="page.explainer"
-  defaults="Click <0>here</0> to <1>learn more</1>"
-  components={[
-    <button />,
-    <Text />
-  ]}
-/>
-
-// ↓ is in the messages.po file like ↓
-msgid "page.explainer"
-msgstr "Click <0>here</0> to <1>learn more</1>"
-```
-
-### Plurals
-
-See the [Lingui docs](https://lingui.js.org/ref/macro.html#id1) for more details.
-
-Plurals require special handling to make sure they can be translating according to the rules of each locale (which may be more complex that you think!). Use the `<Plural />` component and specify the plural forms for the default language (English). The message will be extracted into a form where translators can extend it with rules for other locales.
-
-```js
-import { Plural } from "@lingui/macro"
-
-<Plural
-  id="sharing.shared-with"
-  value={sharedCount}
-  none="Not shared with anyone"
-  one="Shared with one person"
-  other="Shared with # people"
-/>
-
-// ↓ is transformed by macros into ↓
-
-<Trans
-  id="example.plurals"
-  values={{ sharedCount }}
-  defaults="{sharedCount, plural, none {Not shared with anyone}, one {Shared with one person}, other {Shared with # people}"
-/>
-
-// sharedCount = 0 -> Not shared with anyone
-// sharedCount = 1 -> Shared with one person
-// sharedCount = 3 -> Shared with # people
-```
-
-### Date and time
-
-[Lingui has functions](https://lingui.js.org/ref/core.html#I18n.date) to format dates and times according to the convention to the user's preferred locale, based on the browser [Intl.DateTimeFormat](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Intl/DateTimeFormat) API. However, as displaying dates and times is fundamental to Grafana, guidelines have not been established for this yet.
-
-## Documentation
-
-[Grafana's documentation](https://grafana.com/docs/grafana/latest/) is not yet open for translation and should be authored in English only.

contribute/merge-pull-request.md

@@ -135,6 +135,14 @@ Some examples when backport is not required:
 
 - The change is supposed to be released in the next major/minor release, e.g. v8.0.0, but the release branch, e.g. v8.0.x, has not yet been created.
 
+#### Required labels
+
+To ensure that we don't backport pull requests that don't need to be backported, i.e. implement new features, and only backport pull requests that address bugs, have a product approval, or refer to docs changes, backport labels need to be followed by either:
+
+- `type/bug` label: Pull requests which address bugs,
+- `product-approved` label: Urgent fixes which need product approval, in order to get merged,
+- `type/docs` label: Docs changes`.
+
 > **Note:** You can still backport a pull request after it's been merged.
 
 ## Doing the actual merge

contribute/style-guides/accessibility.md

@@ -0,0 +1,77 @@
+# Accessibility at Grafana
+
+At Grafana we pay special attention to accessibility and that's why it's important that all components are written with it in
+mind.
+
+The goal of this document is to list best practices and recommendations when it comes to writing accessible components.
+
+### grafana/ui components
+
+Some grafana/ui components have specific mechanisms built-in that make it easier to write accessible components.
+
+#### Form elements
+
+One of the important accessibility considerations when working with form elements is to make sure form controls are
+properly labelled. For that a `label` element has to be associated with the respective form control. One way to
+do that is to provide `for` attribute to the label that matches the `id` attribute of the form control.
+
+The form components from grafana/ui provide an easier way to achieve that. The form elements, used inside `Field`
+components, will get the `label` properly associated with them given that the element has `id` (in case of `Select` the prop is `inputId`) specified.
+
+As an example, this code
+
+```tsx
+<Field label="Name">
+  <Input id="name" placeholder="Enter a name" />
+</Field>
+```
+
+will be rendered as (simplified)
+
+```html
+<div>
+  <label for="name"> Name </label>
+  <input name="name" type="text" id="name" placeholder="Enter a name" value="" />
+</div>
+```
+
+As long as the form element has a unique `id` attribute specified, it will be automatically accessible when rendered.
+
+### Writing tests with accessibility in mind
+
+We use [React Testing Library](https://testing-library.com/docs/react-testing-library/intro) (RTL) for writing unit tests.
+The library is built with accessibility in mind and makes it easier to ensure the written code is accessible to all users.
+When querying DOM elements with RTL prefer using `*ByRole` queries as they resemble closely how the users interact
+with the page - both using mouse/visual display and assistive technologies.
+As a rule of thumb, if code is written with the accessibility concerns in
+mind, `*ByRole` queries will be sufficient in most of the cases. There are certainly exceptions here, as not all the elements have defined [ARIA role](https://www.w3.org/TR/html-aria/#docconformance).
+
+As an example, for this code
+
+```tsx
+<Field label="Username">
+  <Input id="username" placeholder="Enter a name" value={'Test'} />
+</Field>
+```
+
+the test could case be as follows
+
+```tsx
+it('has username set', () => {
+  expect(screen.getByRole('textbox', { name: 'Username' })).toHaveValue('Test');
+});
+```
+
+Input with type `text` (default type value) has a role of `textbox` and the `name` option is not the name attribute
+given to the input elements but their [accessible name](https://www.tpgi.com/what-is-an-accessible-name/), which in this case is the text content of the associated with input label.
+
+### Pull requests that introduce accessibility(a11y) errors:
+
+We use [pa11y-ci](https://github.com/pa11y/pa11y-ci) to collect accessibility errors on [some URLs in the project](https://github.com/grafana/grafana/issues/36555), threshold errors are specified per URL.
+
+If the contribution introduces new a11y errors, our continuous integration will fail, preventing you to merge to the main branch. In those cases there are two alternatives for moving forward:
+
+- Check the error log on the pipeline step `test-a11y-frontend-pr`, identify what was the error, and fix it.
+- Locally run the command `yarn test:accessibility-report` that generates an HTML accessibility report, then go to the URL that contains your change, identify the error, and fix it. Keep in mind, a local e2e Grafana instance is going to be running on `http://localhost:3001`.
+
+You can also prevent introducing a11y errors by installing an a11y plugin in your browser, for example, axe DevTools, Accessibility Insights for Web among others.

contribute/style-guides/backend.md

@@ -40,6 +40,23 @@ The majority of our tests uses [GoConvey](http://goconvey.co/) but that's someth
 
 In the `sqlstore` package we do database operations in tests and while some might say that's not suited for unit tests. We think they are fast enough and provide a lot of value.
 
+### Integration Tests
+
+We run unit and integration tests separately, to help keep our CI pipeline running smoothly and provide a better developer experience.
+
+To properly mark a test as being an integration test, you must format your test function definition as follows, with the function name starting with `TestIntegration` and the check for `testing.Short()`:
+
+```
+func TestIntegrationFoo(t *testing.T) {
+    if testing.Short() {
+        t.Skip("skipping integration test")
+    }
+    // function body
+}
+```
+
+If you do not follow this convention, your integration test may be run twice or not run at all.
+
 ### Assertions
 
 Use respectively [`assert.*`](https://github.com/stretchr/testify#assert-package) functions to make assertions that