* Docs: Add admonition in PDF export docs about newPDFRendering feature toggle (#106182)
* Docs: Add admonition in PDF export docs about newpdfrendering feature toggle
* adjusting some wording
(cherry picked from commit 9acdb9572e)
* Update docs/sources/dashboards/create-reports/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Alerting: Ensure field validators return the proper type (#104050)
* Ensure field validators return the proper type
This ensures correct error propagation through services up to
the API layer.
* Move error wrapping up to call site
(cherry picked from commit 820c338414)
* CI: Use docker creds from ci/common (#104827)
Use docker creds from ci/common
(cherry picked from commit fd4afdbd2c)
* CI: move `grafana-delivery-bot` path in Drone (#104886)
* move delivery bot creds to vault
* format-drone
(cherry picked from commit ec35e861e0)
Docs: xy chart visualization refactor (#103558)
* Added config options heading and bumped other heading levels
* Restructured xy options section
* Fixed links
* Formatted xy chart options using tabs
* Finalized structure of xy chart options section
* Corrected and restructured tooltip options
* Made to do note
* Added to do note
* Replaced screenshots
* Replaced axis options with shared file
* moved transform section
* Moved non-config sections and fixed heading level
* Removed incorrect options from xy chart and commented out image in shared axis file
* Wording edits
* Updated axis options
* Fixed wording
* Added Value mappings and thresholds and other minor edits
* Fixed table
(cherry picked from commit 27e9422f24)
Docs: candlestick visualization refactor (#103310)
* Added config options heading and bumped other heading levels
* Reordered headings and added missing ones
* Nested candlestick options under heading
* Added graph styles and axis content
* Added candlestick options to table
* Refactored and edited candlestick options section
* Replaced shared file with manual tooltip section
* Added missing intro sentences to candlestick options section
* Added a graph styles shared file
* Replaced body text with graph styles shared file in candlestick and time series files
* Added content from time series file to shared axis options file
* replaced shared file in candlestick file with axis content
* Updated option descriptions in axis options shared file
* Updated axis options section of candlestick
* Fixed typos
* Ran prettier
* Replaced some screenshots with higher res, up to date versions
* Wording edits
* Added contributor notes and a missing command
* Fixed typo
* Fixed typo
* Ran prettier
* Removed note from axis options all file
* Renamed axis options file
* Renamed shared file adn updated link in time series page
* Added axix options file and renamed another one, updated links in other files
* Ran prettier
(cherry picked from commit 31ecb5d0b5)
Docs: dashboard list visualization refactor (#103211)
* Added configuration options heading and bumped other heading levels
* Moved dashboard list options into table
* Further restructured dashboard list options and made wording edits
* Added semantic line breaks
* Replaced screenshot with high res image
* Wording edits
(cherry picked from commit ac39141021)
Docs: status history visualization refactor (#103027)
* Added config options section and bumped heading levels
* Added level offset
* Restructured Status history options and removed screenshot from Value mappings section
* Replaced screenshot and updated example text
* Fixed heading level in legend options 2 shared file
(cherry picked from commit 4c2790c41b)
Docs: text visualization refactor (#102939)
* Added Config options section, bumped heading levels, added missing options, and restructured Text options section
* Moved variables content
* Replaced screenshot
* Moved sentence
* Used previous wording
* test commit
* Revert test commit
* Ran prettier
(cherry picked from commit 608a2a7535)
Auth: Introduce authn.SSOClientConfig to get client config from SSOSettings service (#94618)
* wip
* possible solution
* Separate interface for SSO settings clients
* Rename interface
* Fix tests
* Rename
* Change GetClientConfig to comma ok idiom
(cherry picked from commit 50a635bc7e)
commit dfa73676c9bfc9adadbffd17299a1e858143017c
Author: oscarkilhed <oscar.kilhed@grafana.com>
Date: Fri Feb 28 16:32:58 2025 +0100
Limit number of characters in the title
Chore: Revert golangci PR + bump golangic version (#96326)
* Chore: Clean up some excludes and fix makefile (#96052)
clean up some excludes and fix makefile
* Chore: Enable cache on golangci linter (#95471)
* try to enable cache on golangci linter
* bump version
* exclude G115
* reduce timeout
* remove deprecated linter
* bump linter version in bingo
* try a different syntax for workspace modules
* try another command
* add apps to linter path
* try disabling cue codegen
* skip some linting in devenv
* exclude dirs and try again
* try workaround for pkg
* try path instead of dir
* make it one line
* replace package prefix
* exclude xorm
* exclude wire
* file-based aproach to nolint in workspaces
* missing quote
* simplify command line
* change ownership
* upgrade linter
* revert bingo readme
* revert devenv changes
* upgrade golint
* use dashes to stay consistent with other workflows
* also change name in its own workflow file
* rename in codeowners
(cherry picked from commit 3dbd3a7a81)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
* Alerting: Re-encrypt existing contact points before get and patch in legacy config API (#101263)
* Test covering Get+Save interaction for newly secret fields
* Alerting: Re-encrypt existing contact points before get and patch
(cherry picked from commit b73c59547c)
* googlechat url test fix
(cherry picked from commit 0f4af56177)
Docs: traces visualization refactor (#101476)
* Added Config options heading, bumped heading levels, and changed heading
* Updated task sub-heading and added to do notes
* Moved span filter options into a table and moved sentences after table
* Removed image
* Replaced captions with alt text
* Updated image path for main screenshot
* Fixed image path
* Updated screenshot and made to do notes
* Updated link to new heading
* Removed comments
(cherry picked from commit b26fdf8f5e)
* Service Accounts: Don't show error pop-ups for Service Account and Renderer UI flows (#101679)
don't show error pop-ups for SAs and renderer
(cherry picked from commit f0d260ba5b)
* Service Accounts: Don't show error pop-ups for Service Account and Renderer UI flows (#101776)
* don't show error pop-ups for SAs and renderer
* only hide non 4xx error pop'ups
* linting
(cherry picked from commit 392124de00)
* [release-11.4.2] Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1
Backport from #95807
(cherry picked from commit ec33c739a8)
* Run make update-workspace
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com>
CI: Remove unused release_publisher scripts (#101019)
* Remove the unused `release_publisher` script.
* Remove the "whats new check" in Drone.
* Automatically set the What's New URL in releases based on the tagged version.
(cherry picked from commit 49e5f77dd1)
CI: release comms should trigger on merges to release- branches (#100901)
release comms should trigger on merges to release- branches
(cherry picked from commit 14477a7fe9)
Auth: Add early return if `auth_token` is in the URL for JWT auth (#100539)
* Add early return
* Update public/app/app.ts
Co-authored-by: Victor Cinaglia <victor@grafana.com>
---------
Co-authored-by: Victor Cinaglia <victor@grafana.com>
(cherry picked from commit 5a6d2f2e49)
Chore: pin tonistiigi/binfmt version (#100510)
* Chore: pin tonistiigi/binfmt version
* change version to qemu-v7.0.0-28
* uninstall first, log version
* uninstall first, log version
* uninstall first, log version
(cherry picked from commit a9b4b1e5be)
Docs: Updating manual installation instructions (#98834)
* Docs: adding additional installation steps to Grafana on openSUSE docs
* Docs: Adding systemd service info for grafana manual install
* Finalizing first edit with tested steps
* spacing adjustment and adding steps to RHEL/Fedora
* Adding a note based on Marins feedback
* A slight adjustment based on feedback from Marin and adding steps to Debian installation
* adjusting some wording
* adjusting naming conventions for Debian instructions
* changing "open-source" to "open source"
* vale and review edits
* deleting erroneous character in shortcode
* updating some shortcodes
---------
Co-authored-by: Isabel Matwawana <76437239+imatwawana@users.noreply.github.com>
(cherry picked from commit b6ea06f259)
Plugin Metrics: Eliminate data race in plugin metrics middleware (#99396)
fix: eliminate data race in plugin metrics middleware
A data race was detected when multiple goroutines accessed the `MetricsMiddleware`
simultaneously. The race occurred because a single `MetricsMiddleware` instance
was being shared across goroutines while its `BaseHandler` field was being
modified during middleware chain setup.
Fix by creating a new `MetricsMiddleware` instance for each middleware chain,
while safely sharing the thread-safe Prometheus metrics and plugin registry.
This maintains proper metrics collection while eliminating the mutable shared
state that caused the race condition.
Original error was detected here:
```
WARNING: DATA RACE
Read at 0x00c0039c0790 by goroutine 4486:
github.com/grafana/grafana-plugin-sdk-go/backend.(*ErrorSourceMiddleware).CallResource()
/Users/clord/src/grafana/irm-devstack/.devenv/state/go/pkg/mod/github.com/grafana/grafana-plugin-sdk-go@v0.261.0/backend/error_source_middleware.go:93 +0x40
github.com/grafana/grafana-plugin-sdk-go/backend.BaseHandler.CallResource()
...
```
(cherry picked from commit e74cf72d99)
Co-authored-by: Christopher Lord <christopher.lord@grafana.com>
MSSQL: Correctly type `UDPConnectionLimit` (#99011)
* Correctly type UDPConnectionLimit
* Update tests
* Handle legacy case
(cherry picked from commit cc09f38421)
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
DashboardScenes: Fix issue where relative time does not pass properly (#99282)
fix issue where relative time does not pass properly
(cherry picked from commit bf1a0837af)
* feat: update to Go 1.23.5
* chore: make drone
* chore: make update-workspace
* CI: Force re-build
* build: update mariadb connection
The new Alpine base that the Golang images are built on no longer trust the CA of MySQL.
This is a backport of: https://github.com/grafana/grafana/pull/98857
(cherry picked from commit e1bb8ccb79)
setDashboardPanelContext: Allow to add filters from the table with the same key (#99004)
* always add filters for elastic seach ds when filtering table value
* simplify update filter logic and restore behaviour from old arch
* remove unnecessary modifications
* adjust namig
(cherry picked from commit 3df1fa86ae)
Co-authored-by: Sergej-Vlasov <37613182+Sergej-Vlasov@users.noreply.github.com>
Docs: MySQL data source updates/revamp (#98652)
* made initial edits
* continued updates
* finished initial config doc updates
* updates
* updates to query editor
* edits to query editor
* final edits prior to PR
* more final edits :-)
* edits based on feedback meeting
* fixed some spelling and grammar issues
* final edits
* ran prettier
* minor change to intro description
* Fix prettier
* Update docs/sources/datasources/mysql/query-editor/_index.md
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
* Update docs/sources/datasources/mysql/query-editor/_index.md
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
* Update docs/sources/datasources/mysql/query-editor/_index.md
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
* edits based on feedback
* fixed mistake
* Fix prettier
* fixed ref UIs, edits based on feedback
* one minor change
* ran prettier again
---------
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
(cherry picked from commit ab6d82a33c)
Grafana UI: Re-add react-router-dom as a dependency (#97540)
* chore(grafana/ui): add react-router-dom v5 as a dependency
* chore(grafana-ui): align version of react-router with core
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
(cherry picked from commit 7e4b05c268)
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Dashboards: Fix issue where filtered panels would not react to variable changes (#98718)
* Make sure we activate the parent and tree even if current panel is active
* force activate full scene object tree
---------
Co-authored-by: Sergej-Vlasov <sergej.s.vlasov@gmail.com>
(cherry picked from commit 56be39ed4f)
* Fix bad merge
OptionsPicker: Fix matching non-latin template vars in filter (#98416)
(cherry picked from commit e43e86376e)
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Docs: Updated Grafana Enterprise page with missing data sources (#98286)
added 5 missing data sources, changed one name
(cherry picked from commit c172bbba50)
Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>
Dashboards: Fixes week relative time ranges when weekStart was changed (#98167)
* Dashborads: Fixes week relative time ranges when weekStart was changed
* Fix
* Update
(cherry picked from commit 02aded2743)
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Fix: Show organization attribute path only for GrafanaAdmins on the UI (#98002)
* Show organization attribute path only for GrafanaAdmins
* prettier
(cherry picked from commit 7b24c4404d)
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
DateTimePicker: Fixes issue with date picker showing invalid date (#97888)
* DateTimePicker: Fixes issue with date picker showing invalid date
* Fix lint
(cherry picked from commit d93a5a7c53)
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
GrafanaData: Add now parameter to dateMath.parse to subsitute now string (#97151)
* Add now parameter to dateMath.parse to subsitute now string
* Create new function, deprecate the old
* Add docstring
* Typo
(cherry picked from commit e3e7086a91)
Co-authored-by: Oscar Kilhed <oscar.kilhed@grafana.com>
* Azure Monitor: Add a feature flag to toggle user auth for Azure Monitor only (#96858)
* Azure Monitor: Add a feature flag to toggle user auth for Azure Monitor only
* Fix condition for userIdentityEnabled
* Re-add removed test
* Remove unused prop
* Refactor onAuthTypeChange in AzureCredentialsForm
* Add frontend unit tests
* Lint
(cherry picked from commit b898a4540d)
# Conflicts:
# docs/sources/setup-grafana/configure-grafana/feature-toggles/index.md
# packages/grafana-data/src/types/featureToggles.gen.ts
# pkg/services/featuremgmt/registry.go
# pkg/services/featuremgmt/toggles_gen.csv
# pkg/services/featuremgmt/toggles_gen.go
# pkg/services/featuremgmt/toggles_gen.json
* Update test
* Fix lint
---------
Co-authored-by: Adam Yeats <16296989+adamyeats@users.noreply.github.com>
Dashboards: Fixes issue with panel header showing even when hide time override was enabled (#95814)
* Dashboards: Fixes issue with panel header showing even when hide time override was enabled
* fixes
* fixed test
(cherry picked from commit 6fd3620d50)
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
DashboardScenes: Fix panel links to update on variable or timerange change (#94865)
* Fix panel links to update on variable or timerange change
* refactor
---------
Co-authored-by: alexandra vargas <alexa1866@gmail.com>
(cherry picked from commit beac7de4df)
Co-authored-by: Victor Marin <36818606+mdvictor@users.noreply.github.com>
* Azure/GCM: Improve error display (#96921)
Improve handling of errors
(cherry picked from commit 9f75a448d4)
* Update import and var name
---------
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
Docs: Updating ldd example command for image renderer troubleshooting (#97443)
(cherry picked from commit 0025876659)
Co-authored-by: Jacob Valdez <jacob.valdez@grafana.com>
Dashboard: Fixes issue with compatability of old DashboardModel.annotations (#97328)
* Dashboard: Fixes issue with compatability of old DashboardModel.annotations
* let's lint this thing
---------
Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
(cherry picked from commit 53cdbd8a2d)
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
removing outdated versioning info from GCM data source docs (#96854)
* removing outdated versioning info from GCM data source docs
* deleting missed admonition closure
(cherry picked from commit 3724ffd858)
Co-authored-by: Jacob Valdez <jacob.valdez@grafana.com>
* Update changelog
* Update version to 11.3.2
* bump @grafana/plugin-configs to 11.3.2 in grafana-extensionstest-app/package.json
---------
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Kevin Yu <kevinwcyu@users.noreply.github.com>
Unified Storage: Use tls preferred when grafana db using ssl (#97378)
When unified storage is using the grafana db (default case for on-prem), if the db is using ssl then set tls=preferred. This fixes an on-prem bug in 11.3.1.
(cherry picked from commit 9642eedce6)
Co-authored-by: owensmallwood <owen.smallwood@grafana.com>
Packaging: Remove sysvinit references / support from rhel packaging (#97068)
Remove sysvinit references / support from rhel packaging
(cherry picked from commit 3448384e0d)
Co-authored-by: Kevin Minehart <5140827+kminehart@users.noreply.github.com>
Chore: Remove verification steps for deb/rpm in drone (#96991)
remove verification steps for deb/rpm in drone
(cherry picked from commit feeb2c6ce0)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Fix: Do not fetch Orgs if the user is authenticated by apikey/sa or render key (#97162)
* Do not fetch Orgs if the user is authenticated by apikey/sa or render svc
* Lint
(cherry picked from commit fa634e1476)
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
[DOC] Remove simple configuration in Tempo data source docs (#96932)
* Remove simple configuration from Tempo data source docs
* Change deprecation to 11.5 for aggregate by
* Update docs/sources/shared/datasources/tempo-search-traceql.md
(cherry picked from commit 18c8ed3088)
Co-authored-by: Kim Nylander <104772500+knylander-grafana@users.noreply.github.com>
* Alerting: Update state manager to have immutable state in cache (#95985)
* create a new state and set at the end
* propagate labels datasource_uid and ref_id from current state if it's error
* copy the state when apply to all
(cherry picked from commit 420db99d16)
* Remove unused states variables
---------
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
CI: Add github app token generation in pipelines that use GITHUB_TOKEN (#96646)
* Add github app token generation in pipelines that use GITHUB_TOKEN
* ci?
* clone gh repo using x-access-token user
* address linting issues
* use mounted volume for exporting token
* remove unused github_token env var swagger gen step
* replace pat on release_pr pipepline
* cleanup GH PAT references
* linting
* Update scripts/drone/steps/lib.star
* make drone
---------
Co-authored-by: Matheus Macabu <macabu.matheus@gmail.com>
(cherry picked from commit 2400483d6c)
Scenes: Fix angular migrations that are using the targets property on the old panel model (#96626)
Fix angular migrations using target
(cherry picked from commit 5986b03a8f)
Co-authored-by: Oscar Kilhed <oscar.kilhed@grafana.com>
* Update changelog
* Update version to 11.3.1
* Update version
---------
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
Docs: Plugin Installation - reorganize and add air-gapped environments (#96437)
* rewriting installation docs and including info about airgapped environments
* Changing example to lokieexplore app
* run prettier
* adding corrections
* running prettier
---------
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
(cherry picked from commit 0f4517df98)
Co-authored-by: Timur Olzhabayev <timur.olzhabayev@grafana.com>
Alerting: Fix per-receiver RBAC for receivers with long names (#95084)
* Implement uidToResourceID
* add middleware
* Move uidToResourceID to alerting package
* Only hash uid if it's too long
* Use hashed uid in access control
* Move ReceiverUidToResourceId to ScopeProvider
* resolve uid in middleware only if param exists
* Tests
* Linting
---------
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
(cherry picked from commit 4aad44e848)
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Docs/adding information on using variable expansion and env variable for TLS certs when provisioning data sources (#96400)
Docs/adding information on using variable expansion and env variables for TLS certs when provisioning data sources
(cherry picked from commit 28ad9684e9)
Co-authored-by: Jacob Valdez <jacob.valdez@grafana.com>
Docs/removing outdated versioning info in OSS data source docs (#96351)
docs/removing outdated versioning info in oss data source docs
(cherry picked from commit f83f7332a1)
Co-authored-by: Jacob Valdez <jacob.valdez@grafana.com>
Alerting: Fix setting datasource uid, when datasource is string in old version (#96085)
fix setting datasource uid, when datasource is string in old versions rules
(cherry picked from commit 2f58311eea)
Co-authored-by: Sonia Aguilar <33540275+soniaAguilarPeiron@users.noreply.github.com>
Alerting docs: Introduction - brief overview of notification messages. (#95987)
* Intro: simplify `Architecture`. Add a new guideline
* Define `Notification policies` as an advanced option
* Intro: include about "Notification messages"
* Minor copy changes
(cherry picked from commit ff2f612412)
Co-authored-by: Pepe Cano <825430+ppcano@users.noreply.github.com>
Alerting: Fix saving advanced mode toggle state in the alert rule editor (#95924)
(cherry picked from commit 4ce1abc6f9)
Co-authored-by: Alexander Akhmetov <me@alx.cx>
Alerting docs: specify using multiple contact point integrations in the UI and HTTP API (#95890)
* Sort list of contact points on the sidebar
* Update `Configure contact points` to clarify contact point integrations
* Alerting HTTP API: fix `EmbeddedContactPoint` properties table
* HTTP Alerting API: clarify how `ContactPoint.name` groups contact points
* Update docs/sources/alerting/configure-notifications/manage-contact-points/_index.md
Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
---------
Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
(cherry picked from commit 290612e366)
Co-authored-by: Pepe Cano <825430+ppcano@users.noreply.github.com>
Docs: Updating steps for pulling Grafana metrics into Prometheus (#95913)
* Docs: Updating steps for pulling Grafana metrics into Prometheus
* slight update based on review
(cherry picked from commit 9a1e7de79d)
Co-authored-by: Jacob Valdez <jacob.valdez@grafana.com>
Azure: Handle namespace request rejection (#95574)
Handle rejection and add test
(cherry picked from commit da1a5426d0)
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
Alerting docs: Update `Create alert rules from panels` (#95566)
* Alerting docs: Update `Create alert rules from panels`
* Remove screenshots except when the panel displays alert status
* Further changes sync with Brenda
* minor changes
* Relocate admonition
* Specify `dashboardUId` and `panelId` must be set together
* Update docs/sources/alerting/alerting-rules/link-alert-rules-to-dashboards.md
Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
* change title
* change URL
* fix spell error
---------
Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
(cherry picked from commit facca37f4d)
Co-authored-by: Pepe Cano <825430+ppcano@users.noreply.github.com>
Timeseries: Utilize min/max on stacking percentage (#95581)
* Bring in defined min/max into stacking range
* simplify logic
* different approach
---------
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
(cherry picked from commit 68aefc73b6)
Co-authored-by: Kristina <kristina.durivage@grafana.com>
Alerting: Fix contact points secrets validation (#95651)
Add new condition to the determineRequired function
(cherry picked from commit e43bec2cd8)
Co-authored-by: Konrad Lalik <konrad.lalik@grafana.com>
Unified Storage: Use ssl_mode instead of sslmode (#95658)
change unistore to use ssl_mode instead of sslmode
(cherry picked from commit 76b43267c8)
Co-authored-by: Georges Chaudy <chaudyg@gmail.com>
Migration: Remove table aliasing in delete statement to make it work for mariadb (#95226)
Migration: remove table aliasing in delete statement to make it work in mariadb
(cherry picked from commit 6f7528f896)
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Folders: Don't show error pop-up if the user can't fetch the root folder (#95569)
don't show error pop-up if the user can't read general folder
(cherry picked from commit 092a1813ef)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Service Accounts: Run service account creation in transaction (#94744)
* run service account creation DB queries in transaction
* extract the signed in user from the context
* undo unneeded change
* don't error out if a user is not found
* Update pkg/services/serviceaccounts/manager/service.go
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
* Update pkg/services/serviceaccounts/manager/service.go
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
---------
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
(cherry picked from commit ca1fd028a2)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
CI: Remove drone steps for building windows because it's done in grafana-… (#95373)
Remove drone steps for building windows because it's done in grafana-build now
(cherry picked from commit 67b3848fd9)
Folders: Add admin permissions upon creation of a folder w. SA (#95072)
* add admin permissions upon creation of a folder w. SA
* Update pkg/services/folder/folderimpl/folder.go
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Grant service account permissions for creation of dashboards
* Grant service account admin permissions upon creating a datasource
* fetch user using the userservice with the userid
* Revert "fetch user using the userservice with the userid"
This reverts commit 23cba78752.
* revert back to original datasource creation
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
(cherry picked from commit 9ab064bfc5)
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Auth: Increase name_id and session_id length to 1024 in user_external_session (#95352)
Increase name_id and session_id length to 1024
(cherry picked from commit b8b7c7901c)
Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Azure: Fix duplicated traces in multi-resource trace query (#95156)
Use first resource as base resource for query
(cherry picked from commit 8bb7475e4f)
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
* Update changelog
* Update version to 11.3.0
* bump @grafana/plugin-configs from 11.3.0-pre to 11.3.0
* update changelog
---------
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Kevin Yu <kevinwcyu@users.noreply.github.com>
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Loki query editor: update CompletionDataProvider time range when it changes (#94905)
* Loki query editor: update CompletionDataProvider time range when it changes
* CompletionDataProvider: update test and add regression
* Formatting
* Completion Data Provider: clear cache when the time range changes
* Completion Data Provider: specifically test for undefined values vs empty string
(cherry picked from commit 89c215a9ff)
Co-authored-by: Matias Chomicki <matyax@gmail.com>
Chore: Fix population of details when converting from errutil errors to K8s error (#94996)
(cherry picked from commit 672d5f92f2)
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
CloudWatch: Interpolate region in log context query (#94930)
CloudWatch: interpolate region in log context query
(cherry picked from commit fd5f351a6f)
Co-authored-by: Isabella Siu <Isabella.siu@grafana.com>
Alerting: Fix time-interval conversion to return bad request if payload is incorrect (#94995)
(cherry picked from commit 00bb3215cb)
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
Dashboards: Links to explore should respect subpath (#94525)
* Links to explore should respect subpath
* Change to using assureBaseUrl
* Change back to normal single quotes
(cherry picked from commit 315778227b)
Co-authored-by: Oscar Kilhed <oscar.kilhed@grafana.com>
Alerting: Update texts for gm rr in the form (#94844)
* Update texts for gm rr in the form
* fix translations
* Fix test
* address review comments
* address review comments - part2
* translations
* update docs for new term: output
(cherry picked from commit 1860737117)
Co-authored-by: Sonia Aguilar <33540275+soniaAguilarPeiron@users.noreply.github.com>
Geomap: Fix tooltip positioning when screen is scrolled (#94827)
* account for y-scrolling when positioning geomap tooltip
* remove config import
(cherry picked from commit 241dca57cf)
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
GCM: Time field naming (#94548)
* Name time field correctly
* Update tests
* Lint
(cherry picked from commit 7c79f8f7a5)
Co-authored-by: Andreas Christou <andreas.christou@grafana.com>
CI: Support more version formats in publishing (#94575)
* cleanup dead code
* add tests and rewrite publish grafanacom steps to reuse
* add pkg/build tests; don't upload CDN assets on grafana releases
(cherry picked from commit 7a2edd35d5)
Folders: Correctly show new folder button under root folder (#94687)
show new folder button under root folder if nested folders are disabled and user has the right perms
(cherry picked from commit 284c2d6f71)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Alerting: Use advanced options when query params are not transformable (#94588)
* Use advanced options when query params are not transformable
* Update public/app/features/alerting/unified/components/rule-editor/query-and-alert-condition/QueryAndExpressionsStep.tsx
Co-authored-by: Konrad Lalik <konrad.lalik@grafana.com>
---------
Co-authored-by: Konrad Lalik <konrad.lalik@grafana.com>
(cherry picked from commit fb5fb76ad1)
Co-authored-by: Sonia Aguilar <33540275+soniaAguilarPeiron@users.noreply.github.com>
SSO: Fix client side validations for LDAP (#94561)
* fix client side validations for LDAP
* add translations for new messages
* simplify code in isInvalidField()
(cherry picked from commit 0bd3ad1d5a)
Co-authored-by: Mihai Doarna <mihai.doarna@grafana.com>
Explore metrics: set options directly because of scenes error when options not set (#94284)
* scenes error when options not set
* add all of the options that are updated in onOptionsChange
* add options to all the other places we are building timeseries panels
* Update public/app/features/trails/AutomaticMetricQueries/graph-builders/percentiles.ts
Co-authored-by: Nick Richmond <5732000+NWRichmond@users.noreply.github.com>
* remove activation handlers and unused code
* Update public/app/features/trails/AutomaticMetricQueries/graph-builders/simple.ts
Co-authored-by: Nick Richmond <5732000+NWRichmond@users.noreply.github.com>
* Update public/app/features/trails/AutomaticMetricQueries/graph-builders/percentiles.ts
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
---------
Co-authored-by: Nick Richmond <5732000+NWRichmond@users.noreply.github.com>
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
(cherry picked from commit ce857c2680)
Co-authored-by: Brendan O'Handley <brendan.ohandley@grafana.com>
* Add parents field to folder DTO
* Allow subfolder creation when folder flag is enabled
* Update UnstructuredToLegacyFolder
* Include parents field when creating folder
* add limit for adhoc filters in providers functions
* add comments to describe function
* return early if filtersVariable is not an instance of AdHocFiltersVariable
* update function comments
* add tests to confirm the providers are limited to 10000
CloudMigrations: create onPremToCloudMigrationsAlerts feature toggle in experimental stage
This feature toggle requires the `onPremToCloudMigrations` toggle to be enabled in order to work.
Given migration of Alerts (and child resources) is more critical, this flag was separated from
the main one.
* use name in fe
* store parent folder name in local db
* clean up
* tiny test
* trial react
* rename to parent name
* go lint
* generate api and ts
* go tests
* rearrange
* clean
* update with suggestions from josh
* make library elements work
* updates from comments
* global migration types
* parent name for alter table
* Revert "Revert "Unistore : Ensure Watch works in HA mode." (#94097)"
This reverts commit 7c3fc2f261.
* make previous_resource_version nullable
* handle nil case
* Generate options for variables through TemplateSrv
* Add refresh when object changes
* Remove unnecesary static function
* Extract logic
* Add extra test case when variable changes and refresh event is triggered
* bring back old logic, query options should not live in the dashboard json
* add missing change
* Add support to keep variable options in query
* tests
* move refreshEvent to DashboardVariableDependency
---------
Co-authored-by: alexandra vargas <alexa1866@gmail.com>
Co-authored-by: Victor Marin <victor.marin@grafana.com>
* add data provider when switching from non data panel
* handle adding and cleaning up data provider in panel editor on panel switch
* add data provider check sin panel editor tests
* Update dependency @grafana/experimental to v2
* add data-testid to old save button so it works properly in e2e test
* fix azure monitor e2e tests
* use raw selectors
* remove .only
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* Plugins: Pass hashes for SRI to frontend
* Add SRI hashes to frontendsettings DTOs
* Add docstring
* TestSriHashes
* Fix typo
* Changed SriHashes to ModuleHash
* update loader_test compareOpts
* update ModuleHash error message
* Add TestModuleHash/no_module.js
* Add omitEmpty to moduleHash
* Add ModuleHash to api/plugins/${pluginId}/settings
* moved ModuleHash field
* feat(plugins): add moduleHash to bootData and plugin types
* feat(plugins): if moduleHash is available apply it to systemjs importmap
* Calculate ModuleHash for CDN provisioned plugins
* Add ModuleHash tests for TestCalculate
* adjust test case name
* removed .envrc
* Fix signature verification failing for internal plugins
* fix tests
* Add pluginsFilesystemSriChecks feature togglemk
* renamed FilesystemSriChecksEnabled
* refactor(plugin_loader): prefer extending type declaration over ts-error
* added a couple more tests
* Removed unused features
* Removed unused argument from signature.DefaultCalculator call
* Removed unused argument from bootstrap.DefaultConstructFunc
* Moved ModuleHash to pluginassets service
* update docstring
* lint
* Removed cdn dependency from manifest.Signature
* add tests
* fix extra parameters in tests
* "fix" tests
* removed outdated test
* removed unused cdn dependency in signature.DefaultCalculator
* reduce diff
* Cache returned values
* Add support for deeply nested plugins (more than 1 hierarchy level)
* simplify cache usage
* refactor TestService_ModuleHash_Cache
* removed unused testdata
* re-generate feature toggles
* use version for module hash cache
* Renamed feature toggle to pluginsSriChecks and use it for both cdn and filesystem
* Removed app/types/system-integrity.d.ts
* re-generate feature toggles
* re-generate feature toggles
* feat(plugins): put systemjs integrity hash behind feature flag
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* Reuse MySQL and Postgres Grafana config instead of the object
- Only reuse the Grafana DB object for SQLite. Support for SQLite will be added in a different PR
- Fail when reusing the Grafana DB object if it is using DB instrumentation
- In the case that we have to reuse a Grafana DB with its instrumentation, fail with an error that describes a workaround
- Add regression tests to reproduce incident 2144
* remove temp file
* fix linter
* fix linter x2
* fix linter x3
* Service account: clean up permissions related to service accounts when deleted
* Add migration for deleting orphaned service account permissions
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* feat: add extensions to the backend plugin model
* feat: update the frontend plugin types
* feat(pluginContext): return a `null` if there is no context found
This will be necessary to understand if a certain hook is running inside a plugin context or not.
* feat: add utility functions for checking extension configs
* tests: fix failing tests due to the type updates
* feat(AddedComponentsRegistry): validate plugin meta-info
* feat(AddedLinksRegistry): validate meta-info
* feat(ExposedComponentsRegistry): validate meta-info
* feat(usePluginComponent): add meta-info validation
* feat(usePluginComponents): add meta-info validation
* feat(usePluginLinks): add meta-info validation
* fix: only validate meta-info in registries if dev mode is enabled
* tests: add unit tests for the restrictions functionality
* tests: fix Go tests
* fix(tests): revert accidental changes
* fix: run goimports
* fix: api tests
* add nested app so that meta data can bested e2e tested
* refactor(types): extract the ExtensionInfo into a separate type
* refactor(extensions/utils): use Array.prototype.some() instead of .find()
* refactor(usePluginLinks): update warning message
* feat(usePluginExtensions()): validate plugin meta-info
* Wip
* fix(e2e): E2E tests for extensions
* fix(extensions): allow multiple "/" slashes in the extension point id
* fix(extensions/validators): stop validating the plugin id pattern
---------
Co-authored-by: Erik Sundell <erik.sundell87@gmail.com>
* CloudMigrations: create snapshots of Library Elements
* CloudMigrations: render library element resource in resources table
* CloudMigrations: create newtype with necessary fields for library element creation
* Search by query text, pagination
* Support default filtering by active datasource; filter by datasource name; improve table display
* Cleanup
* Fix update and delete url paths
* Fix test
* Use Stack, remove uneccessary function wrapper
* Notify when something is wrong with a row, add interaction tracking
* i18n
* Alerting docs: update that test functionality only for G Alertmanager
* ran prettier
* fixed alphabetical order
* indentation
* format
* all pretty, no pity
---------
Co-authored-by: tonypowa <tonypowa@gmail.com>
In Dashboard Scene:
* Display a warning in the panel header when rendering an angular panel
* Display a warning in the dashboard when rendering one or more angular panels
* Display a button to migrate in the dashboard banner
* Display a button to migrate in the panel editor
* Display a button to "Edit options" when it is an Angular panel, to open the panel JSON inspector to be able to edit the options
* Add tests
---------
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* Add folder store to dashboard permissions
* Include folder store in annotation scope resolver
* Add folder store when initialising library elements
* Include folder store in search v2 service initialisation
* Include folder store in GetInheritedScopes
* Add folder store to folder permissions provider
* Include cfg, folder permissions in folder service
* Move setting of folder permissions for folder service create method
* Change the label used for additional app links from apps to more apps so it doesn't conflict with applications, which is application observability, not the other bucket
* update to more apps
* more in german is mehr
* fix case, update translations correctly
* revert changes to de
* fix be tests
---------
Co-authored-by: joshhunt <josh@trtr.co>
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* Chore: Update module github.com/rs/cors to v1.11.0
* Fix: rs/cors to v1.11.1 to benefit from fix regarding support for multiple Access-Control-Request-Headers field, e.g. API Gateway
* update go.sum
---------
Co-authored-by: Jo <me@jguer.space>
* Add health fields to rules and an aggregator method to the scheduler
* Move health, last error, and last eval time in together to minimize state processing
* Wire up a readonly scheduler to prom api
* Extract to exported function
* Use health in api_prometheus and fix up tests
* Rename health struct to status
* Fix tests one more time
* Several new tests
* Handle inactive rules
* Push state mapping into state manager
* rename to StatusReader
* Rectify cyclo complexity rebase
* Convert existing package local status implementation to models one
* fix tests
* undo RuleDefs rename
* adds Filter gRPC and make protobuf
* adds route for querying the filter gRPC
* wires up Filter gRPC call
* [WIP] index from start
* renames gRPC endpoint to "Search"
* adds /apis/search route into k8s routes. Hacky for now.
* updates readme - wrong casing
* adds feature toggle for unified storage search
* hides US search behind feature flag. Clean up print statements.
* removes indexer - will be added in another PR
* Search: Add API Builder
* adds required method
* implementing UpdateAPIGroupInfo (WIP)
* adds groupversion
* commenting out for now
* remove unneeded code from experimenting and update register.go to match interface required
* namespaces search route
---------
Co-authored-by: leonorfmartins <leonorfmartins@gmail.com>
Co-authored-by: Todd Treece <todd.treece@grafana.com>
* Style nits for the simple query mode
* update translations
* update text
* update translations
* update disable word to deactivate
* update preview text when not advanced options
* update text
* update text
* Alerting: Decrypt secure settings when testing receivers in the remote Alertmanager
* go work sync
* make update-workspace
* point to latest main in grafana/alerting
* unit test
* import definitions only once
* Replace Watch with WatchNext
* remove watchset
* fix previous page and closing the channel
* Remove the broadcaster cache to prevent dupplicated events
* add watch bookmark
* add watch bookmark
* cleanup comments
* disable the tests for bookmarks for now
* Ensure we send previosu events
* lint
* re-introduce the cache
* load from cache
* disabling legacy test
* disabling legacy test
* Update pkg/storage/unified/resource/server.go
Co-authored-by: Diego Augusto Molina <diegoaugustomolina@gmail.com>
* Could not read previous events
* add proper migration
* Add previous_resource_version to both history and resource
* First event should have an RV of 2 and not 1
* Test both storage backends
* fix the inital RV for the sql backend
* ensure graceful stop of the stream decoder
* gocyclo
---------
Co-authored-by: Diego Augusto Molina <diegoaugustomolina@gmail.com>
* Mark Scenes feature toggles as GA
* Move old arch e2e to a new folder
* Run E2E on scenes by default
* Upgrade e2e-selectors to ensure the tests in Playwright works
* Export folder store implementation
* Rename folder store
* Add folder store as a parameter to folder service
* Add folder store to dash service implementation
* Fix folder store comments
* Add showPolicies prop
* Add manage permissions component for easier reuse within alerting
* Add method for checking whether to show access control within alerting
* Remove accidental console.log from main
* Tweak styling for contact point width and add manage permissions drawer
* Improve typing for access control type response
* Add basic test for manage permissions on contact points list
* Only show manage permissions if grafana AM and alertingApiServer is enabled
* Update i18n
* Add test utils for turning features on and back off
* Add access control handlers
* Update tests with new util
* Pass AM in and add tests
* Receiver OSS resource permissions
There is a complication that is not fully addressed: Viewer defaults to read:*
and Editor defaults to read+write+delete:*
This is different to other resource permissions where non-admin are not granted
any global permissions and instead access is handled solely by resource-specific
permissions that are populated on create and removed on delete.
This allows them to easily remove permission to view or edit a single resource
from basic roles.
The reason this is tricky here is that we have multiple APIs that can
create/delete receivers: config api, provisioning api, and k8s receivers api.
Config api in particular is not well-equipped to determine when creates/deletes
are happening and thus ensuring that the proper resource-specific permissions
are created/deleted is finicky.
We would also have to create a migration to populate resource-specific
permissions for all current receivers. This migration would need to be reset so
it can run again if the flag is disabled.
* Add access control permissions
* Pass in contact point ID to receivers form
* Temporarily remove access control check for contact points
* Include access control metadata in k8s receiver List & Get
GET: Always included.
LIST: Included by adding a label selector with value `grafana.com/accessControl`
* Include new permissions for contact points navbar
* Fix receiver creator fixed role to not give global read
* Include in-use metadata in k8s receiver List & Get
GET: Always included.
LIST: Included by adding a label selector with value `grafana.com/inUse`
* Add receiver creator permission to receiver writer
* Add receiver creator permission to navbar
* Always allow listing receivers, don't return 403
* Remove receiver read precondition from receiver create
Otherwise, Creator role will not be able to create their first receiver
* Update routes permissions
* Add further support for RBAC in contact points
* Update routes permissions
* Update contact points header logic
* Back out test feature toggle refactor
Not working atm, not sure why
* Tidy up imports
* Update mock permissions
* Revert more test changes
* Update i18n
* Sync inuse metadata pr
* Add back canAdmin permissions after main merge
* Split out check for policies navtree item
* Tidy up utils and imports and fix rules in use
* Fix contact point tests and act warnings
* Add missing ReceiverPermissionAdmin after merge conflict
* Move contact points permissions
* Only show contact points filter when permissions are correct
* Move to constants
* Fallback to empty array and remove labelSelectors (not needed)
* Allow `toAbility` to take multiple actions
* Show builtin alertmanager if contact points permission
* Add empty state and hide templates if missing permissions
* Translations
* Tidy up mock data
* Fix tests and templates permission
* Update message for unused contact points
* Don't return 403 when user lists receivers and has access to none
* Fix receiver create not adding empty uid permissions
* Move SetDefaultPermissions to ReceiverPermissionService
* Have SetDefaultPermissions use uid from string
Fixes circular dependency
* Add FakeReceiverPermissionsService and fix test wiring
* Implement resource permission handling in provisioning API and renames
Create: Sets to default permissions
Delete: Removes permissions
Update: If receiver name is modified and the new name doesn't exist, it copies
the permissions from the old receiver to the newly created one. If old receiver
is now empty, it removes the old permissions as well.
* Split contact point permissions checks for read/modify
* Generalise getting annotation values from k8s entities
* Proxy RouteDeleteAlertingConfig through MultiOrgAlertmanager
* Cleanup permissions on config api reset and restore
* Cleanup permissions on config api POST
note this is still not available with feature flag enabled
* Gate the permission manager behind FF until initial migration is added
* Sync changes from config api PR
* Switch to named export
* Revert unnecessary changes
* Revert Filter auth change and implement in k8s api only
* Don't allow new scoped permissions to give access without FF
Prevents complications around mixed support for the scoped permissions causing
oddities in the UI.
* Fix integration tests to account for list permission change
* Move to `permissions` file
* Add additional tests for contact points
* Fix redirect for viewer on edit page
* Combine alerting test utils and move to new file location
* Allow new permissions to access provisioning export paths with FF
* Always allow exporting if its grafana flavoured
* Fix logic for showing auto generated policies
* Fix delete logic for contact point only referenced by a rule
* Suppress warning message when renaming a contact point
* Clear team and role perm cache on receiver rename
Prevents temporarily broken UI permissions after rename when a user's source of
elevated permissions comes from a cached team or basic role permission.
* Debug log failed cache clear on CopyPermissions
---------
Co-authored-by: Matt Jacobson <matthew.jacobson@grafana.com>
* Fix duplicate command and code format
* Minor adjustment
* add bash to code line
added bash to a code line
* run prettier
---------
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* Extract a helper funtion to perform list with authorization checks
* Add k8s verb to utils package
* Construct default mapping when no custom mapping is passed
* Configure authorization checks for service accounts
* Fix helper and add filtering to service accounts
Update Usage insights logs docs: Scope
As far as I can tell, in https://github.com/grafana/grafana/pull/59931
we started to record Usage Insights events for Explore queries.
And in https://github.com/grafana/grafana/pull/78097 we further improved
our implementation of that logging.
This documentation should have been updated back then to match. So I'm
updating it now.
* chore(packages): bump rollup and rollup plugins to latest
* chore(packages): fix rollup node-externals plugin imports
* chore(packages): update build/bundle scripts to pass configPlugin arg to rollup
* feat(packages): migrate rollup configs to be esm compliant
* feat(packages): build using es2018 target and use same tsconfig and tsc for rollup
* ManagedServiceAccounts: Add a config option to disabled by default
* Update log in pkg/services/extsvcauth/registry/service.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Cloud migrations: store resource name in the cloud_migration_resource table
* remove unused function: convertMigrateDataResponseToDTO
* make swagger-clean && make openapi3-gen
* use DB_Text for cloud_migration_resource.name instead of DB_Varchar
* Add mode switch in Query section
* Implement simple query mode : WIP
* fix logic switching mode
* move guard and get methodd to another folder
* Add more requiremts for being transformable from advanced to not advanced mode
* fix usig mode when it's not a grafana managed alert
* Show warning when switching to not advanced and its not possible to convert
* Add feature toggle alertingQueryAndExpressionsStepMode
* fix test
* add translations
* address PR feedback
* Use form context for sharing simplfied mode used, save in local storage and use the new fields in the api
* add check to valid reducer and threshold when switching to simplified mode
* Use only one expression list
* fix test
* move existing rule check outside storeInLocalStorageValues
* add id in InlineSwitch to handle onClick on label
* fix
* Fix default values when editing existing rule
* Update dto fields for the api request
* fix snapshot
* Fix recording rules to not show switch mode
* remove unnecessary Boolean conversion
* fix areQueriesTransformableToSimpleCondition
* update text
* pr review nit
* pr review part2
* Revert "chore: add replDB to team service (#91799)"
This reverts commit c6ae2d7999.
* Revert "experiment: use read replica for Get and Find Dashboards (#91706)"
This reverts commit 54177ca619.
* Revert "QuotaService: refactor to use ReplDB for Get queries (#91333)"
This reverts commit 299c142f6a.
* Revert "refactor replCfg to look more like plugins/plugin config (#91142)"
This reverts commit ac0b4bb34d.
* Revert "chore (replstore): fix registration with multiple sql drivers, again (#90990)"
This reverts commit daedb358dd.
* Revert "Chore (sqlstore): add validation and testing for repl config (#90683)"
This reverts commit af19f039b6.
* Revert "ReplStore: Add support for round robin load balancing between multiple read replicas (#90530)"
This reverts commit 27b52b1507.
* Revert "DashboardStore: Use ReplDB and get dashboard quotas from the ReadReplica (#90235)"
This reverts commit 8a6107cd35.
* Revert "accesscontrol service read replica (#89963)"
This reverts commit 77a4869fca.
* Revert "Fix: add mapping for the new mysqlRepl driver (#89551)"
This reverts commit ab5a079bcc.
* Revert "fix: sql instrumentation dual registration error (#89508)"
This reverts commit d988f5c3b0.
* Revert "Experimental Feature Toggle: databaseReadReplica (#89232)"
This reverts commit 50244ed4a1.
* feat: add setup guide in home tab
* chore: add feature toggle for setup guide
* chore: add feature toggle for sub menu
* chore: run pretier
* chore: run i18n
* chore: run generated files again
* chore: update description
* chore: update comment to trigger test flow
* chore: trigger test
* chore: fix styling
* New Select: Extratc floating ui setup into hook
* Remove unused exports
* Rename exported floatStyles
* Set maxHeight instead of using js to find it
* Extarct into seperate file
* fix(datasources): add option to avoid adding '-- Grafana --' DS
Currently the `getList` method of `DatasourceSrv` adds the
'-- Grafana --' datasource in the majority of situations, unless a few
of the other filters are set, all of which affect the results in other
ways. This is the case even if the `filter` function is passed.
This causes the `DataSourcePicker` component to include the
'-- Grafana --' datasource in cases it's unsupported, such as in
Grafana ML where we only support specific datasource types.
This commit adds a new optional `grafana` field to the filter interface.
If explicitly set to `false`, the '-- Grafana --' datasource will not be
added to the list of datasources returned.
This should be backwards compatible and should allow developers to prevent
that datasource from appearing in the `DataSourcePicker`.
Relates to https://github.com/grafana/machine-learning/issues/4578.
* Use filter func to see if we should add '-- Grafana --', instead
* Add separate folder registration function
* Convert to k8s resource directly after legacy create
* Use create command when creating folders
* Set additional fields when converting to k8s resource
* Add created/updated timestamps during conversion
* Refactor UnstructuredToLegacyFolderDTO
* Return errors when doing k8s conversions
* WIP: working as expected, has to be tested
* Rename query param, small changes
* Remove unused code
* Address feedback
* Cleanup
* Use the feature toggle to control the behaviour
* Use the toggle on the FE too
* Prevent the extra redirect/reload
Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com>
* Return to login if user is not authenticated
* Add tracking issue
* Align BE redirect constructor to locationSvc
* Options pane, data pane queries tab and transformations tab working
* Update
* Discard works
* Panel inspect working
* Table viw works
* Repeat options
* Began fixing tests
* More tests fixed
* Progress on tests
* no errors
* init full width when enabling repeat
* Began moving VizPanelManager tests to where the code was moved
* Unlink libray panel code and unit test
* Fixes and unit tests for change tracking and resetting original state and dirty flag when saving
* migrating and improving unit tests
* Done with VizPanelManager tests refactoring
* Update
* Update
* remove console.log
* Removed unnesssary behavior and fixed test
* Update
* Fix unrelated test
* conditional options fix
* remove
* Fixing issue with editing repeated panels and scoping variable to first value
* Minor fix
* Fix discard query runner changes
* Review comment changes
* fix discard issue with new panels
* Add loading state to panel edit
* Fix test
* Update
* fix test
* fix lint
* lint
* Fix
* Fix overrides editing mutating fieldConfig
---------
Co-authored-by: alexandra vargas <alexa1866@gmail.com>
* Pass one
* Fix linter and add new betterer problem (sorry)
* fix swagger
* Add type to tests and update single correlations sql
* Fix provisioning test and other function that needs a type
* Add errors around query/external typing and add tests
* increment number of correlations tested as we added one for testing v1 type placement
* try merging back the swagger that is in main
* try again?
* Style form a little
* Update public/app/features/logs/components/logParser.ts
Co-authored-by: Matias Chomicki <matyax@gmail.com>
* fix bad commit, simplify logic
* Demonstrating type difficulties
* Fix distributed union changes
* Additional type changes
* Update types in form
* Fix swagger
* Add comment around the assertion and explicit typing
---------
Co-authored-by: Matias Chomicki <matyax@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
* Update Yarn to v4.5.0
* commit new version
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* Add authlib gRPC authenticators for in-proc mode
* implement `StaticRequester` signing in the unified resource client
- [x] when the `claims.AuthInfo` value type is `identity.StaticRequester`, and there's no ID token set, create an internal token and sign it with symmetrical key. This is a workaround for `go-jose` not offering the possibility to create an unsigned token.
- [x] update `IDClaimsWrapper` to support the scenario above
- [x] Switch to using `claims.From()` in `dashboardSqlAccess.SaveDashboard()`
---------
Co-authored-by: gamab <gabriel.mabille@grafana.com>
* Annotations: Optimize search on large number of dashboards
* refactor
* fix batch size
* Return early if no annotations found
* revert go.mod
* return nil in case of error
* Move default limit to the API package
* fix empty access control filter
* Set default limit to 100
* optimize query when number of annotations is less than limit
* Update pkg/services/annotations/annotationsimpl/annotations.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* remove limit from store since it's set in API
* set default limit in Find method (do not break tests)
* Only add limit to the query if it's set
* use limit trick for all searches without dashboard filter
* set default page if not provided
---------
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* update 'Simplified exploration' page
* removed extra 'Explore' heading, which is a little confusing in this context
* simplified the intro text to sound more like the rest of the docs
* Update docs/sources/explore/simplified-exploration/_index.md
Co-authored-by: Jennifer Villa <jvilla2013@gmail.com>
---------
Co-authored-by: Kim Nylander <104772500+knylander-grafana@users.noreply.github.com>
Co-authored-by: Jennifer Villa <jvilla2013@gmail.com>
* fix: keep extra datapoint before new 'from' when evicting datapoints in incremental query cache
* remove redundant comments
* Update todo
* move prometheus specific code in a new function
* add unit test
---------
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
* Unexport store and create new constructor function
* Add ResourceAuthorizer and LegacyAccessClient
* Configure checks for user store
* List with checks if AccessClient is configured
* Allow system user service account to read all users
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Managed Service Accounts: Use AutoAssignOrgID
* Fix the IsExternalServiceAccount function
* Reassign service account role
* Account for AutoAssignOrg
* Update pkg/services/serviceaccounts/models.go
* Simplify IsExternalServiceAccount function
* Add tests
* Easier to understand test
* Revert small change
* refactor breakdown scene
* refactor BreakdownScene along with LayoutSwitcher
* rename
* don't pass default layout
* better type handling
* betterer
* add @bsull/augurs
* implement LabelBreakdownScene
* integrate SortByScene in LabelBreakdownScene
* move to new directory
* introduce BreakdownSearchScene
* integrate searchScene
* cleaning
* initialize @bsull/augurs
* add interaction
* use new breakdown scene
* resolve merge conflicts
* ugrade @bsull/augurs
* update import
* update css
* update tooltip text
* refine sorting
* fix unit test
* fix
* implement outlier detector
* support wasm
* jest testing fix
* localization fix
* use unknown instead of any
* update i18n
* update betterer
* fix locales
* update test
* fix tests maybe
* prettier
* chore: update jest config
* chore: create mock for @bsull/augurs (#92156)
chore: create mock for bsull/augurs
@bsull/augurs assumes it will be running as an ESM, not
a CommonJS module, so can't be loaded by Jest (specifically
because it contains a reference to import.meta.url).
This PR provides a mock implementation which gets tests passing
again.
Ideally we'd be able to load the actual @bsull/augurs module
in tests so this is just a stopgap really, until a better
solution appears.
* fix unit tests
* remove unused BreakdownScene.tsx
* set outliers as undefined if an error occurs
* Add labels
* betterer
* reset event implemented
* fix controls positioning
* remove sorting
* fix type guard
* more clean up
* remove wasm support from webpack
* betterer
---------
Co-authored-by: Matias Chomicki <matyax@gmail.com>
Co-authored-by: Ben Sully <ben.sully@grafana.com>
* if result format is null from previous query, it will be null and not correct to a different format
* update to not have empty value in result format field
* fix tests
* add check to see if options are in list
* reformat stuff so logic lives on the right layer
* linterrrrrrrrrrrrrrrrrrRR
* Apply suggestions from code review
* if result format is null from previous query, it will be null and not correct to a different format
* update to not have empty value in result format field
* fix tests
* add check to see if options are in list
* reformat stuff so logic lives on the right layer
* linterrrrrrrrrrrrrrrrrrRR
* frontend linter
* linter
* feedback :)
* feat: supporting code for groupsync extension UI
* Add result of running i18n extraction
* Place the UI behind a feature toggle as well as the license feature
* Also add access checks to route loading of groupsync route with feature toggle
* Add access check on permissions to show External group sync in nav
* fix: New version of multiOrgRoleOptions hook
* Remove OSS route definition
* Apply feedback on nav title
* add OTel filter in metric select scene
* add resource query to get matching OTEL job&instance
* filter metrics by OTEL resources
* only add otel select if DS has OTEL matching job and instance
* add folder for otel resources
* upate metric select for new otel folder
* move otel api call
* get otel resources for labels for single series job/instance target_info
* add otel resources to adhoc variable dropdown
* update otel api to check for standardization and return labels
* label types for api
* check standardization, show otel variable, select depenv, update other variables
* remove otel target list from metric select scene
* load resources if dep_env label has already been selected
* exclude previously used filters
* do not check standardization if there are already otel filters
* drop filters when switching data sources
* add experience var for switching to otel experience
* remove otel from variables and place near settings
* add error for non-standard prom with otel resources
* fix typescript errors, remove ts-ignores
* add custom variable for deployment environment like app-olly
* fix name of otel variable
* add function for getting otel resources from variables
* add otel join query const
* update standard check to be simpler
* allow for unstandard otel data sources but give warning
* add otelJoinQuery to the base query and clean up variables when state changes
* refactor otel functions to return filters for targets, use targets to filter metrics
* update metric names on otel target filter change
* when no otel targets for otel resource filter, show no metrics
* move switch to settings, default to use experience, refactor otel checks
* clean code
* fix refactor to add hasOtelResources for showing the switch in settings
* sort otel resources by blessed list
* reset otel when data source is changed
* move otel experience toggle back outside settings
* move showPreviews into settings
* do not re-add otel resources from blessed list to filters when already selected
* add otel join query variable to histogram base query
* only show settings for appropriate scenes
* show info tooltip the same but show error on hover for disabling otel exp for unstandard DS
* refactor tagKeys and tagValues for otel resources variable, fix promoted list ordering, fix dep env state bug
* default dep env value
* apply var filters only where they are using VAR_FILTER_EXPR in queryies
* change copy for labels to attributes
* do not group_left job label when already joining by job
* update copy for label variable when using otel
* remove isStandard check for now because of data staleness in Prometheus
* default to showing heatmap for histograms
* add trail history for selecting dep env and otel resources
* add otel resource attributes tests for DataTrail
* move otel functions to utils
* write tests for otel api calls
* write tests for otel utils functions
* fix history
* standard otel has target_info metric and deployment_environment resource attributes
* fix tests
* refactor otel functions for updating state and variables
* clean code
* fix tests
* fix tests
* mock checkDataSourceForOtelResources
* fix tests
* update query tests with otelJoinQuery and default to heatmap for _bucket metrics
* fix tests for otel api
* fix trail history test
* fix trail store tests for missing otel variables
* make i18n-extract
* handle target_info with inconsistent job and instance labels
* fix otel copy and <Trans> component
* fix custom variable deployment environment bug when switchiing data sources from non otel to otel
* fix linting error for trans component
* format i18nKey correctly
* clean up old comments
* add frontend hardening for OTel job and instance metric list filtering
* fix test for deployment environment custom variable to use changeValueTo
* fix i18n
* remove comments for fixed bug
* edit skipped tests
* DashboardScene: Fixes preserve dashboard state for hidden options
* DashboardScene: Alt fix for pervering only specific url keys
* DashboardScene: Fixes url sync issue when coming from Home route
* Update
* Fix test
* Parameterise region building metric namespace URL
- Add parameter for region (this parameter takes precedence over if global is set)
- Update tests
- Support this parameter on the data source method
* Refactor fetchAllNamespaces
- Use Set rather than an array for greater performance
- Request namespaces across WestEurope, EastUS, and JapanEast concurrently
- Update test
* Maintain existing behaviour
* Add: http docs for lbac for datasources
* spelling
* update with only cloud loki
* rename to lbac for datasources
* moved it
* Update _index.md
This commit fixes minor style and punctuation issus
* change datasource to data source
* replace datasource with data source
minor updates and style fixes
* minor style changes
* prettier
---------
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* update RenameReceiverInNotificationSettings in DbStore to check for provisioning
* implement renaming in receiver service and provisioning
* do not patch route when stitching
* fix bug in stitching because it returned new name but the old one was expected
* update receiver service to always return result converted from storage model this makes sure that UID and version are consistent with GET\LIST operations
* use provided metadata.name for UID of domain model because rename changes UID and request fails
* remove rename guard
* update UI to not disable receiver name when k8s api enabled
* create should calculate uid from name because new receiver does not have UID yet.
* Fix parse of
* Add i18n files
* Add default value
* Replace input field with multiselect
* rename delete form function
* Use Controller for MultiSelect
* feat(plugin.json): update the extensions definition schema
* feat(plugin.json): add `exposedComponents` definition to the dependencies
* feat(plugin.schema.json): add descriptions for the new schema fields
* review: wrap extensions related dependencies
* review: add a pattern for the extension point id
* review: add a min-length to added link & component titles
* add a pattern to the exposed component id
* Chore: use github app for issue commands workflow
* use it in issue-opened too
* update comments and permissions
* use issue app for triager token
* add spaces
* add config as requirement
* only run main if it has secrets
* Check for repository name,
* remove config work
* get secrets after sleep
* Fix panels in rows stuck in loading
* fix
* fix + tests
* force reperform in case All value is selected and actual options change
* bump scenes so tests pass
* redo yarn.lock
* redo yarn.lock
* Display event name of a span
* Clean up
* Retrigger the build
* Show colon only when there are fields to display
* Rollback
* Use event name when exporting to OTLP
* Allow filtering spans by event name
* Remove redundant types
* Remove redundant TraceLog
* Update betterer report
* Include access control metadata in k8s receiver List & Get
* Add tests for receiver access
* Simplify receiver access provisioning extension
- prevents edge case infinite recursion
- removes read requirement from create
* Alerting: Fix dasboardUid typo in json provisioning api
The json tag for DashboardUID was incorrectly set to dasboardUid in the provisioning api. This change fixes the typo while keeping backwards compatibility for the typo.
* Add alerting-squad as CODEOWNER for services/provisioning/alerting
* introduce storage model for alert rule tables
* remove AlertRuleVersion from models because it's not used anywhere other than in storage
* update historian xorm store to use alerting store to fetch rules
* fix folder tests
---------
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* Transformations: Binary operation on all numbers
* Handle replaceFields option
* Change left clear out to string
* Handle time field
* Fix filtering
* Update new field names to remove double space
* Add tests
* Add BinaryValue interface and update editor
* Fix initial behavior
* Rollback rendering standards
* Add ctx interpolate
* Fix fixed value variable
* Add function to convert old binary value type
* Update tests for new structures
* Add bullet for all number field option
* baldm0mma/run content build script
* Disable alias control for type matching
* Add group and type labels to rule_group_rules metric
* Don't include group to avoid high cardinality
* Add comments
* Reset rule_group_rules before recording new values
* Edit description for rule_group_rules
* Include ruleGroup combo key in labels
* Fix lint
* only updateable plugins can be updated via the UI
* add missing state
* Apply levi brains
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* apply same style throughout
---------
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Add initial folder tests
* Add test for get/reading folders
* Compare legacy and k8s create and read
* Remove dependency on grafanaAPIServerWithExperimentalAPIs
* Alerting docs: adds recording rule info
* ran prettier
* Updates with feedback from pepe and removes external reference
* couple of minor edits
* removes reference
* feedback from sonia
* adds links per gilles
* adds correct version link
Back-end:
* update alerting module
* update GetSecretKeysForContactPointType to extract secret fields from nested options
* Update RemoveSecretsForContactPoint to support complex settings
* update PostableGrafanaReceiverToEmbeddedContactPoint to support nested secrets
* update Integration to support nested settings in models.Integration
* make sigv4 fields optional
Front-end:
* add UI support for encrypted subform fields
* allow emptying nested secure fields
* Omit non touched secure fields in POST payload when saving a contact point
* Use SecretInput from grafana-ui instead of the new EncryptedInput
* use produce from immer
* rename mapClone
* rename sliceClone
* Don't use produce from immer as we need to delete the fileds afterwards
---------
Co-authored-by: Gilles De Mey <gilles.de.mey@gmail.com>
Co-authored-by: Sonia Aguilar <soniaaguilarpeiron@gmail.com>
Co-authored-by: Matt Jacobson <matthew.jacobson@grafana.com>
* allow post URL
* check for config
* allow relative paths
* add allowed internal pattern; add checks for method
* update defaults.ini
* add custom header
* update config comment
* use globbing, switch to older middleware - deprecated call
* add codeowner
* update to use current api, add test
* update fall through logic
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* add more tests
* Update pkg/middleware/validate_action_url_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* fix request headers
* add additional tests for all verbs
* fix request headers++
* throw error when method is unknown
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Brian Gann <bkgann@gmail.com>
Co-authored-by: Brian Gann <briangann@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
* Export Combobox and add portalling
* Use floatingui fixed strategy and fix z-index
* Check non null
* Make value string type only
* Try with fiscal year setting
* Use combobox for WeekStartPicker
* Improve screen reader handling
* Fix faulty import
* Fix type issue
* Fix failing tests and export unstable
* Rename option and remove export
* Use comboboxMockSetup function
* Add support for number type
* menuClosed styles to emotion
* fix(plugins): resolve loadPluginCss urls for filesystem and cdn hosted plugins
* fix(plugins): should a registry lookup fail in getLoadPluginCssUrl fallback to relative path
* refactor(plugins): rename var to id for legibility
* test(plugins): add some extra test cases for getLoadPluginCssUrl function
Update to explain grafana_net is older and grafana_com is the preferred config name. However, grafana_net config is still accepted and parsed to grafana_com config.
* feat: add a context for the extension registries
* feat: add a provider for registries to `AppWrapper`
* feat(extensions): add a read-only registry version
* feat: share the registry for exposed components using the context
* fix: tests
* feat: share the registry for added components using the context
* feat: share the addedLinks registry using react context
* use read-only registry versions
* send "one-of" and "not-one-of" directly to datasource (instead of changing them to regex)
* Added to Ad-hoc and and Scope Filters: The "values" prop ([]string) and the "one-of" and "not-one-"of" operators. "values" is used with one-of and not-one-of.
* adds prometheus support for the above
---------
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
Co-authored-by: Todd Treece <todd.treece@grafana.com>
* Add split view and basic APIs to extensions
* Add comments
* Update public/app/AppWrapper.tsx
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Moved the .grafana-app element and deduplicate some code
* Remove the provider variants of usePluginLinks/Components
* Change buildPluginSectionNav
* Update comment
* Use eventBus
* Remove non existent exports
* refactor: use a sidecar service to encapsulate the state
* Don't wrap single app in split wrapper
* Use hook splitter
* Remove inline styles
* Type the style props from useSplitter
* Move the overflow style changes to appWrapper
* Deduplicate some common top level providers
* Move modals
* Move routes wrappers to it's own file
* Use better css and add comments
* Remove query rows app extension point
* Fix test
---------
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* do it all
* feat(plugins): move loadingStrategy to ds pluginMeta and add to plugin settings endpoint
* support child plugins and update tests
* use relative path for nested plugins
* feat(plugins): support nested plugins in the plugin loader cache by extracting pluginId from path
* feat(grafana-data): add plugin loading strategy to plugin meta and export
* feat(plugins): pass down loadingStrategy to fe plugin loader
* refactor(plugins): make PluginLoadingStrategy an enum
* feat(plugins): add the loading strategy to the fe plugin loader cache
* feat(plugins): load fe plugin js assets as script tags based on be loadingStrategy
* add more tests
* feat(plugins): add loading strategy to plugin preloader
* feat(plugins): make loadingStrategy a maybe and provide fetch fallback
* test(alerting): update config.apps mocks to include loadingStrategy
* fix format
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* Update `refs` links in `Service accounts` to enable the Cloud docs
* Update `refs` links in `Migrate API keys` to enable the Cloud docs
* Update `refs` links in `RBAC docs` to enable the Cloud docs
* 2 - Update `refs` links in `RBAC docs` to enable the Cloud docs
* 3 - Update `refs` links in `RBAC docs` to enable the Cloud docs
* Apply Jack suggestions
* Set `folder permissions` for OSS and Cloud
* Set adminition shortcode to support GC ref links
* Fix `//` in URLs
* Remove usage of traceqlStreaming feature toggle and stop checking for Tempo version
* Increase Grafana Live's ClientQueueMaxSize to 4mb to support larger responses from Tempo
* Add GroupMApping component
* Add remove/add buttons
* Implement role fields
* Change value as number for org ids
* Add i18n extracts
* Use conditional for GrafanaAdmin switch
* Ensure changelogs are prettified prior to commit
* Remove cache property
* Include .yarn directory
* Include packages directory
* Try just using npx
* Update workflows
* Hide some fields in the details tab (view page) when it's a grafana recording rule
* link to the explore view from the metric name in the detail view
* Revert "link to the explore view from the metric name in the detail view"
This reverts commit 3c17d16cf6.
* move logic to usePendingPeriod hook
* move logic to getPendingPeriod function
* move logic for getting annotations to a new getAnnotations function
* Access control: Use composite cache key for team permissions
* use composite key for teams
* use cache for hotpath (getCachedUserPermissions)
* don't cache empty teams set
* don't pass permissions as argument
* early return if no teams found
* reload cache correctly
* optimize allocations
* Clear user's teams cache
* remove composite cache for teams
* fix linter
* don't clear teams permissions
* pre-allocate memory for basic roles permissions
* chore(frontend): remove stray side-effect features import that brings the whole jungle
* chore(app): delete features/all.ts and its friends
* chore(codeowners): remove public/app/features/all.ts from file
* Display event name of a span
* Clean up
* Retrigger the build
* Show colon only when there are fields to display
* Rollback
* Use event name when exporting to OTLP
* Allow filtering spans by event name
* Show duration as a key/value pair
* Update betterer report (we do not translate panels that are planned to be externalized)
* Fix tests after changing how duration is rendered
* Handle long names
* Test handling long names
* Make parenthesis gray
* Fix a test
* Fix linting
* Fix tests
* Update label
* refactor: replace soft delete method
* refactor: adjust test to new naming
* refactor: clean up unused functions
* refactor: replace delete modal
* refactor: use new delete modal outside of scenes
* Display custom value in option list
* Ignore create new value when there is an exact match
* Support displaying custom value
* Add i18n string
* Update failing test
* update view panel scene variables properly after row repeat is performed
* refactor
* Fix case where view mode from panel menu would not work
Co-authored-by: ivanortegaalba <ivan.ortega@grafana.com>
* add context
---------
Co-authored-by: ivanortegaalba <ivan.ortega@grafana.com>
* DashboardGridItem: Fixes repeating panels issue when variable depends on time range
* tests
---------
Co-authored-by: Victor Marin <victor.marin@grafana.com>
* update the docs to reflect permissions needed to create subfolders
* Minor language fix
---------
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* handle oneOf operator in prometheus
* use new supportsMultiValueOperators
* remap oneOf to regex in prometheus datasource
* Remap one of operators for scope filters
* use plugin.json property instead of feature toggle
* optional chaining
* fix unit tests
* use getInstanceSettings
* update to latest scenes
* fix unit tests
---------
Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
* Remove kubernetesPlaylists feature_toggle
* Remove unified_storage_mode
* Remove double import
* Read from config instead from feature_toggle
* cover scenario for when unified storage is not defined
* Be temporarily retro compatible with previous feature toggle
* Properly read unified_storage section
* [WIP] Read new format of config
* Fix test
* Fix other tests
* Generate feature flags file
* Use <group>.<resource> schema
* Use <group>.resource format on the FE as well
* Hide UniStore config from Frontend
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
* unwanted changes
* Use feature toggles in the FE. Enforce FTs are present before enabling dual writing
Co-authored-by: Ryan McKinley <ryantxu@users.noreply.github.com>
* use kubernetes playlists feature toggle on the FE
* Remove unwanted code
* Remove configs from the FE
* Remove commented code
* Add more explicit example
---------
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
Co-authored-by: Maicon Costa <maiconscosta@gmail.com>
* IAM docs: Transform `API keys` to `Migrate API keys` docs
* Update links to `API keys` in other doc pages
* Grafana UI: update help button link
* Update OpenAPI/Swagger links
* Update docs/sources/administration/service-accounts/migrate-api-keys.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update `relref` links to the new URL
* fix space before em dash
spaces before or after em dashes are not recommended (https://developers.google.com/style/dashes)
---------
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* Docs: keep the HTTP API list updated
* Update menu title to be consistent with the HTTP API list
* Update docs/sources/developers/http_api/preferences.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/developers/http_api/snapshot.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
---------
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Alerting docs: add info on changing default time out for evaluation
* ran prettier
* Update docs/sources/alerting/fundamentals/alert-rule-evaluation/state-and-health.md
Co-authored-by: antonio <45235678+tonypowa@users.noreply.github.com>
* Update docs/sources/alerting/fundamentals/alert-rule-evaluation/state-and-health.md
Co-authored-by: antonio <45235678+tonypowa@users.noreply.github.com>
* ran prettier
* updates with yuris feedback
* ran prettier
---------
Co-authored-by: antonio <45235678+tonypowa@users.noreply.github.com>
* Stop redacting receivers by default in receiver_svc
[REDACTED] is only used in provisioning API since response doesn't include
SecureFields. This is not necessary in k8s or notifications api, instead we do
not include the encrypted settings in Settings at all, leaving it to
SecureFields to specify when a secure field exists.
* Capitalize logs messages
* Ensure that datasource apiservers receive and forwards headers for datasources:
- adds log line for prometheus to see when from alert header is received
- add logging to the datasource apiserver
- Updates the Connect func in sub query to forward expected headers to datasources and log unexpected ones.
* Adding information about datasource UID enforcement
* Style and content fixes (#92667)
This fixes:
- datasource to data source as per our style guide
- some other minor typos
- style and content
* fixing prettier lint
---------
Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
* use count_bytes_reader from plugin-sdk-go
* run `make update-workspace`
* update postgres tests
* update mysql tests
* time back to utc
* make update-workspace done
---------
Co-authored-by: Kyle Brandt <kyle@grafana.com>
* Restructure user queries
* restructure display query
* restructure team queries
* restructure team bindings query
* Restructure team members
* Restructure store
* Add team members as a sub resource
* Fix and clean up pagination for teams
* Fix and clean up pagination for users
* Fix and clean up pagination for service accounts
* Update snapshots
* Provide the list of admins if the admin with the default ID was not found
* Clean up
* Update docs
* Update docs/sources/cli.md
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/cmd/grafana-cli/commands/reset_password_command.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Lint
---------
Co-authored-by: Dan Cech <dcech@grafana.com>
* model fixed roles for dashboards and folders
* Correctly translate fixed role assignments
* minor refactor
* assign fixed roles to teams
* fix linter errors
* Migrate general folder permissions for fixed roles
* fix dashboards:create permission
* feat(plugins): only load shared plugin dependencies when needed
* feat(plugins): add react-redux and fix up comments
* feat(plugins): attempt to load async deps in fe sandbox
* feat(frontend): defer script execution to prevent systemjs from loading app.js
* fix(datalinks): position context menu offest to vertical window scroll
* feature toggle change
* enhance boot data mock with empty featureToggles
---------
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* Access control: Use composite cache key for team permissions
* use composite key for teams
* use cache for hotpath (getCachedUserPermissions)
* fix linter
* fix sorting
---------
Co-authored-by: Jeff Levin <jeff@levinology.com>
* add uid to template and populate it
* update delete method to support both uid and name
* update UpdateTemplate to support search by UID and fallback to name + support renaming of the template
* update upsert to exit if template not found and uid is specified
* update Get method to address by name or uid
---------
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* Replace global authz abstraction with one compatible with uid scope
* Replace GettableApiReceiver with models.Receiver in receiver_svc
* GrafanaIntegrationConfig -> models.Integration
* Implement Create/Update methods
* Add optimistic concurrency to receiver API
* Add scope to ReceiversRead & ReceiversReadSecrets
migrates existing permissions to include implicit global scope
* Add receiver create, update, delete actions
* Check if receiver is used by rules before delete
* On receiver name change update in routes and notification settings
* Improve errors
* Linting
* Include read permissions are requirements for create/update/delete
* Alias ngalert/models to ngmodels to differentiate from v0alpha1 model
* Ensure integration UIDs are valid, unique, and generated if empty
* Validate integration settings on create/update
* Leverage UidToName to GetReceiver instead of GetReceivers
* Remove some unnecessary uses of simplejson
* alerting.notifications.receiver -> alerting.notifications.receivers
* validator -> provenanceValidator
* Only validate the modified receiver
stops existing invalid receivers from preventing modification of a valid
receiver.
* Improve error in Integration.Encrypt
* Remove scope from alert.notifications.receivers:create
* Add todos for receiver renaming
* Use receiverAC precondition checks in k8s api
* Linting
* Optional optimistic concurrency for delete
* make update-workspace
* More specific auth checks in k8s authorize.go
* Add debug log when delete optimistic concurrency is skipped
* Improve error message on authorizer.DecisionDeny
* Keep error for non-forbidden errutil errors
* WIP
* Validate new field, and add value in provisioning if not defined in correct spot
* Simplify logic, use correct value
* fix tests
* Fix linter errors
* fix swagger and tests
* 😬
* Auto-generation isnt doing this..
* Fix linter
* test if nullable is the issue…
* Change structure on the frontend fields
* Try with backtick
* try programatic quoting
* Try only quote non-ints
* quoting, no backticks
* Remove debugging
* Use dag to find origin nodes when updating resample queries
Co-authored-by: Gilles De Mey <gilles.demey@grafana.com>
* lint
* fix test and types
* short-circuit function
* Prevent cycles in DAG
* Handle dag cycle error
* Catch the cyclic link error in dashboard variables
---------
Co-authored-by: Gilles De Mey <gilles.demey@grafana.com>
Co-authored-by: Gilles De Mey <gilles.de.mey@gmail.com>
* build test apps with webpack
* add extensions test app
* update e2e tests
* remove non-build test apps using amd
* use @grafana/plugin-configs rather than create-plugin config
* Update e2e/plugin-e2e/plugin-e2e-api-tests/as-admin-user/extensions/usePluginComponents.spec.ts
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* Update package.json
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* use run dir variable instead of hardcoded path
* add dummy licence file
* add separate step for building test plugins
* support nested plugins
* remove react-router-dom from the externals array
* remove add_mode dev
* lint starlark
* pass license path as env variable
* fix the path
* chore(e2e-plugins): clean up dependencies to match core versions
* refactor(e2e-plugins): prefer extending webpack plugins-config
* docs(e2e-plugins): add basic info to extensions test plugin readme
* update readme
* change dir name from custom plugins to test plugins
* change root readme
* update lockfile
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* feat(nameHeaders): add feature flag
* add safe parsing of headers
* use headers in loki datasource
* Loki: add option to pass headers to Loki
* Loki: add datasource tests for dashboard names
* cleanup
* DataSourceWithBackend: add test
* rename to `sanitizeHeader`
* Loki: add condition when to add headers
* Loki: add e2e tests
* Loki: change test name
* feat: Add new read filtering to datasources guardian
* Apply suggestion to use datasources read guardian check for frontend settings
---------
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
* revert buildLayout
* filter metric names using metricPrefix using regex
* build groups with all the metric names and only build them once
* remove commented code
* use the metrics search input results to build the prefix select options
* simplify prefix regex because we do not have to do it at the same time as the metrics search input regex
* chore: add tracing to quote API and service methods with contexts
I also fixed a typo (overriden -> overridden) and removed a method that looked like it wasn't useful anymore. (It seemed to exist to return an error, but never returned an error, and so just added many lines of unnecessary error checking).
* chore: Bump Go to 1.23.0
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* update swagger files
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* chore: update .bingo/README.md formatting to satisfy prettier
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* chore(lint): Fix new lint errors found by golangci-lint 1.60.1 and Go 1.23
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* keep golden file
* update openapi
* add name to expected output
* chore(lint): rearrange imports to a sensible order
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* Alerting docs: separates doc on create alerts from panels
* deletes previous panel section
* adds time series limitation and play link
* removes play from old topic
* ran prettier
* removed play shortcode, typo
* adds feedback from gilles
---------
Co-authored-by: tonypowa <tonypowa@gmail.com>
* fix public dashboards pages when publicDashboardsScene is enabled
* properly handle react-grid-layout at small screen sizes
* use unset instead of auto
* chore: add spans to publicdashboards service methods
* add tracing to test service
* test fixture whackamole
* move tracer to a package var
* Update pkg/services/publicdashboards/service/service.go
Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
---------
Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
* DashboardScene: Support remember scroll position when coming back from view panel, panel edit and settings
* remove unused state prop
* Update
* Fixes
* Update e2e
* Page/Body: Only show scrollbar lane gutter when needed
* Update packages/grafana-ui/src/themes/GlobalStyles/elements.ts
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
---------
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
- Note: The `dashboardTitle` property and this property (`groups`) are likely to move from the `spec` container to the `status` container within the `scopeDashboardBinding` object in the future.
* feat: add folder picker
* feat: run i18n extraction
* feat: add target folder to api query
* feat: hand over targetFolder data to api query
* feat: retrieve original location
* feat: Add condition for folder picker
* feat: Modify condition for folder picker default
* refactor: add changes from code review
* refactor: add changes from code review
* feat: add plural to translation, add styling
* feat: run i18n extraction
* update oauthtoken service to use remote cache and server lock
* remove token cache
* retry is lock is held by an in-flight refresh
* refactor token renewal to avoid race condition
* re-add refresh token expiry cache, but in SyncOauthTokenHook
* Add delta to the cache ttl
* Fix merge
* Change lockTimeConfig
* Always set the token from within the server lock
* Improvements
* early return when user is not authed by OAuth or refresh is disabled
* Allow more time for token refresh, tracing
* Retry on Mysql Deadlock error 1213
* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Add settings for configuring min wait time between retries
* Add docs for the new setting
* Clean up
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* started updates
* added descriptions
* changed some wording
* minor updates
* updates
* updates
* created new landing page, and the get started page
* finished creating landing page
* continued with restructure
* final edits
* updated the Explore landing page
* ran prettier
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Update docs/sources/explore/get-started-with-explore.md
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* updates based on Jack's feedback
* ran prettier a second time
* wording change on landing page
* removed uncommented section
---------
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* Progress
* Fix dashboards pane
* almost working
* add hook to get scopesDashboardsScene state
* check whether it's enabled when considering opened state
* add height to container
* Update
* revert change
* Make it work when bodyScrolling is disabled
* Last tweaks
* Update scenes
* Updating
* Fix
* fix tests
* fix lint issues
* fix lint issues
---------
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* add more doc info for truncate function and how we use it
* truncate label names and allow users to search all labels on typing
* remove unused import
* handle labels select in variable query in addition with truncated list
* add RenameTimeIntervalInNotificationSettings to storage
* update dependencies when the time interval is renamed
---------
Co-authored-by: William Wernert <william.wernert@grafana.com>
* add a limit for the series resource api in metrics browser
* decouple serieslimit from options and only use in metrics browser
* add series limit input to metrics browser
* add warning
* add and fix tests
* add new param to jsdoc
* do not use the limit in other calls outside metrics browser
* update test
* trim limit
* fix tests, remove limit from non labels calls
* backendResultTransformer: use templateSrv to highlight search words from variables
* Add unit tests
* Formatting
* Fix import issues
* Update public/app/plugins/datasource/loki/backendResultTransformer.ts
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
* Refactor: use executedQueryString to get the interpolated query
* Remove unused imports
* Update public/app/plugins/datasource/loki/backendResultTransformer.test.ts
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
---------
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
* pkg/tsdb/parca: Upgrade to using the flamegraph arrow
* pkg/tsdb/parca: Delete code for old flamegraphs
* pkg/tsdb/parca: Fix golangci-lint error in test
* pkg/tsdb/parca: Handle errors nicely
* docs/sources/datasource: Add Parca v0.19+ support note
* pkg/tsdb/parca: Don't use arrow table reader
As pointed out during reviews, it's not really needed and we can read the record directly.
* LogsNavigation: show older logs button when the order is descending
* LogsNavigation: adjust styles for showing only older logs button
* Logs Navigation: revert changes
* Infinite scroll: add older logs button
* Older logs button: show only in explore
* chore: add unit test
* Formatting
* Update public/app/features/logs/components/InfiniteScroll.test.tsx
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
* Chore: add missing translation
* Chore: move the button a tiny bit
---------
Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
* Alerting: Fix duplicated silences in remote primary mode bug
* test that a new silence id returned by calling CreateSilence() on the internal Alertmanager is ignored
* Add missing dependency to Dockerfile
Add aggregator dependency to Dockerfile, fix the issue #91871.
* Add defaults.ini to Dockerfile, add bash for alpine
* add OpenID metadata URL field
* add i18n generated content
* configure server discovery URL in a modal
* remove getValues
* address feedback
* update field name to OpenID Connect Discovery URL
* add well-known suffix to the URL provided
* address feedback
* add isLoading state to ServerDiscoveryField
* bump version 11.3.0-pre
* fix linters with: yarn run prettier:write
---------
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Diego Augusto Molina <diegoaugustomolina@gmail.com>
* WIP
* Finish getting form to populate
* WIP API
* Get PUT to work although the edit doesnt apply yet
* Complete working PUT
* PATCH v1 no json patch
* This works!
* Fix headers to be configurable
* Fix translations
* Revert "This works!"
This reverts commit d57ffcbc4b.
# Conflicts:
# public/app/features/query-library/api/factory.ts
# public/app/features/query-library/api/query.ts
# public/app/features/query-library/types.ts
* Use normal method of patching 😅
* Replace add to library form with generic version
* make translations generic
* Rename function, fix bad conflict resolution
* LogsPanelCfg: add displayedFields
* LogsPanel: expose displayedFields
* Chore: add docs
* LogsPanel: add callbacks to external API
* LogsPanel: expose field callbacks and add default implementation
* chore: add unit test
* chore: unfocus test
* LogsPanel: add docs for new props
* Enable by default
* Cloud migrations: GetSnapshotList only returns snapshots that belong to a session that exists
* Cloud migrations: test GetSnapshotList
* add one more test case for GetSnapshotList
* fix test
* store encryption key for testing
* Alerting: Add rule_group label to grafana_alerting_rule_group_rules metric (#62361)
* Alerting: Delete rule group metrics when the rule group is deleted
This commit addresses the issue where the GroupRules metric (a GaugeVec)
keeps its value and is not deleted when an alert rule is removed from the rule registry.
Previously, when an alert rule with orgID=1 was active, the metric was:
grafana_alerting_rule_group_rules{org="1",state="active"} 1
However, after deleting this rule, subsequent calls to updateRulesMetrics
did not update the gauge value, causing the metric to incorrectly remain at 1.
The fix ensures that when updateRulesMetrics is called it
also deletes the group rule metrics with the corresponding label values if needed.
* PluginDetailsRight panel is added. All the details were moved from the top to the right panel
* Add feature toggle pluginsDetailsRightPanel,Fix build, fix review comments
* Fix the typo
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
* hasAccessToExplore
* changes after review, add translations
* fix betterer
* fix betterer
* fix css error
* fix betterer
* fix translation labels, fix position of the right panel
* fix the build
* add condition to show updatedAt for plugin details
* add test to check 2 new fields at plugin details right panel;
* change the gap and remove report abuse button from core plugins
* add more tests
---------
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
Adds myself as an additional codeowner for issue templates given the current reliance on ordering for links to request a new plugin from Grafana.
This may be a temporary solution prior to being able to raise the requests natively within Grafana.
* Refactor identity struct to store type in separate field
* Update ResolveIdentity to take string representation of typedID
* Add IsIdentityType to requester interface
* Use IsIdentityType from interface
* Remove usage of TypedID
* Remote typedID struct
* fix GetInternalID
* Remove kubernetesPlaylists feature_toggle
* Remove unified_storage_mode
* Remove double import
* Regenerate feature-toggles
* Read from config instead from feature_toggle
* cover scenario for when unified storage is not defined
* Handle namespace and group query string params in Ruler API
* Use the new namespace and group query params when slashes in names
* Add validation, add group handling in GMA Api
* Move constants
* Use checkForPathSeparator function
* Fix linter issue
* Bump to go-duck v0.1.0
This fixed ordering of the columns
**What is this feature, why do we need it?**
See https://github.com/scottlepp/go-duck/pull/14 for a description of the improvement we're including here
**Who is this feature for?**
Anyone who uses SQL Expressions. This is still an experimental feature, and only used by a very small number of instances.
* Run `make update-workspace`
* add simple test apps that use usePluginComponent hook and exposeComponent api
* add e2e test
* update readme
* Update README.md
* fix lint issue
* pr feedback
* support optimistic concurrency in template service
* update request handler to get version from query parameter
* return not found if a new template is set with version
* update PUT api to set version
* update documentation + for mute timings
---------
Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
* Feature (quota service): Use ReplDB for quota service Gets
This adds the replDB to the quota service, as well as some more test helper functions to simplify updating tests. My intent is that the helper functions can be removed when this is fully rolled out (or not) and we're consistently using the ReplDB interface (or not!)
* test updates
"comment":" please add one or more appropriate labels. Here are some tips:\r\n\r\n- if you are making an issue, TODO, or reminder for yourself or your team, please add one label that best describes the product or feature area. Please also add the issue to your project board. :rocket:\r\n\r\n- if you are making an issue for any other reason (docs typo, you found a bug, etc), please add at least one label that best describes the product or feature that you are discussing (e.g. `area/alerting`, `datasource/loki`, `type/docs`, `type/bug`, etc). [Our issue triage](https://github.com/grafana/grafana/blob/main/ISSUE_TRIAGE.md#3-categorizing-an-issue) doc also provides additional guidance on labeling. :rocket:\r\n\r\n Thank you! :heart:"
"comment":" please add one or more appropriate labels. Here are some tips:\r\n\r\n- if you are making an issue, TODO, or reminder for yourself or your team, please add one label that best describes the product or feature area. Please also add the issue to your project board. :rocket:\r\n\r\n- if you are making an issue for any other reason (docs typo, you found a bug, etc), please add at least one label that best describes the product or feature that you are discussing (e.g. `area/alerting`, `datasource/loki`, `type/docs`, `type/bug`, etc). [Our issue triage](https://github.com/grafana/grafana/blob/main/contribute/ISSUE_TRIAGE.md#3-categorize-an-issue) doc also provides additional guidance on labeling. :rocket:\r\n\r\n Thank you! :heart:"
- **Chore:** Update libs with CVE in dependencies [#102712](https://github.com/grafana/grafana/pull/102712), [@grambbledook](https://github.com/grambbledook)
- **Go:** Bump to 1.24.2 [#103529](https://github.com/grafana/grafana/pull/103529), [@Proximyst](https://github.com/Proximyst)
- **Dependencies:** Bump Go to v1.24.4 [#106571](https://github.com/grafana/grafana/pull/106571), [@macabu](https://github.com/macabu)
- **Dependencies:** Bump github.com/openfga/openfga to v1.8.13 to address CVE-2025-48371 [#106120](https://github.com/grafana/grafana/pull/106120), [@macabu](https://github.com/macabu)
### Bug fixes
- **Security:** Fixes CVE-2025-3415
<!-- 11.3.8 END -->
<!-- 11.3.7 START -->
# 11.3.7 (2025-05-22)
### Features and enhancements
- **Chore:** Bump Go version to 1.24.3 [#105112](https://github.com/grafana/grafana/pull/105112), [@macabu](https://github.com/macabu)
- **Dependencies:** Bump github.com/blevesearch/bleve/v2 from v2.4.2 to v2.5.0 [#105447](https://github.com/grafana/grafana/pull/105447), [@macabu](https://github.com/macabu)
- **Dependencies:** Bump github.com/openfga/openfga from v1.8.5 to v1.8.12 [#105376](https://github.com/grafana/grafana/pull/105376), [@macabu](https://github.com/macabu)
- **Dependencies:** Unpin and bump github.com/getkin/kin-openapi from v0.125.0 to v0.132.0 [#105254](https://github.com/grafana/grafana/pull/105254), [@macabu](https://github.com/macabu)
### Bug fixes
- **Security:** Fix CVE-2025-3454
- **Security:** Fix CVE-2025-2703
<!-- 11.3.7 END -->
<!-- 11.3.6 START -->
# 11.3.6 (2025-04-22)
### Features and enhancements
- **Chore:** Update libs with CVE in dependencies [#102710](https://github.com/grafana/grafana/pull/102710), [@grambbledook](https://github.com/grambbledook)
- **Go:** Bump to 1.24.2 [#103528](https://github.com/grafana/grafana/pull/103528), [@Proximyst](https://github.com/Proximyst)
- **Go:** Bump to 1.24.2 (Enterprise)
### Bug fixes
- **Auth:** Fix SAML user IsExternallySynced not being set correctly [#103102](https://github.com/grafana/grafana/pull/103102), [@volcanonoodle](https://github.com/volcanonoodle)
- **AuthN:** Refetch user on "ErrUserAlreadyExists" [#102982](https://github.com/grafana/grafana/pull/102982), [@kalleep](https://github.com/kalleep)
- **Auth:** Fix SAML user IsExternallySynced not being set correctly [#103101](https://github.com/grafana/grafana/pull/103101), [@volcanonoodle](https://github.com/volcanonoodle)
- **AuthN:** Refetch user on "ErrUserAlreadyExists" [#102983](https://github.com/grafana/grafana/pull/102983), [@kalleep](https://github.com/kalleep)
- **Security:** Fix CVE-2025-3454
- **Security:** Fix CVE-2025-2703
<!-- 11.2.9 END -->
<!-- 11.2.8 START -->
<!-- 11.3.6 END -->
<!-- 11.3.5 START -->
# 11.2.8 (2025-03-25)
# 11.3.5 (2025-03-25)
### Features and enhancements
- **Chore:** Bump Go version to 1.23.7 [#101294](https://github.com/grafana/grafana/pull/101294), [@macabu](https://github.com/macabu)
- **Chore:** Bump Go version to 1.23.7 (Enterprise)
- **Chore:** Bump Go to 1.23.7 [#101583](https://github.com/grafana/grafana/pull/101583), [@macabu](https://github.com/macabu)
- **Chore:** Bump Go to 1.23.7 (Enterprise)
### Bug fixes
- **Alerting:** Update slack image upload to use new API [#101487](https://github.com/grafana/grafana/pull/101487), [@moustafab](https://github.com/moustafab)
- **Service Accounts:** Do not show error pop-ups for Service Account and Renderer UI flows [#101795](https://github.com/grafana/grafana/pull/101795), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
- **Alerting:** Fix token-based Slack image upload to work with channel names [#101488](https://github.com/grafana/grafana/pull/101488), [@moustafab](https://github.com/moustafab)
- **Service Accounts:** Do not show error pop-ups for Service Account and Renderer UI flows [#101791](https://github.com/grafana/grafana/pull/101791), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
<!-- 11.2.8 END -->
<!-- 11.2.7 START -->
<!-- 11.3.5 END -->
<!-- 11.3.4 START -->
# 11.2.7 (2025-02-18)
# 11.3.4 (2025-02-18)
### Features and enhancements
- **Docker:** Use our own glibc 2.40 binaries [#99922](https://github.com/grafana/grafana/pull/99922), [@DanCech](https://github.com/DanCech)
- **Docker:** Use our own glibc 2.40 binaries [#99923](https://github.com/grafana/grafana/pull/99923), [@DanCech](https://github.com/DanCech)
### Bug fixes
- **Azure:** Correctly set application insights resource values [#99596](https://github.com/grafana/grafana/pull/99596), [@aangelisc](https://github.com/aangelisc)
- **Azure:** Correctly set application insights resource values [#99597](https://github.com/grafana/grafana/pull/99597), [@aangelisc](https://github.com/aangelisc)
- **Dashboards:** Bring back scripted dashboards [#100627](https://github.com/grafana/grafana/pull/100627), [@dprokop](https://github.com/dprokop)
- **Plugin Metrics:** Eliminate data race in plugin metrics middleware [#100076](https://github.com/grafana/grafana/pull/100076), [@clord](https://github.com/clord)
<!-- 11.2.7 END -->
<!-- 11.2.6 START -->
<!-- 11.3.4 END -->
<!-- 11.3.3 START -->
# 11.2.6 (2025-01-28)
# 11.3.3 (2025-01-28)
### Features and enhancements
- **Azure Monitor:** Add a feature flag to toggle user auth for Azure Monitor only [#97565](https://github.com/grafana/grafana/pull/97565), [@adamyeats](https://github.com/adamyeats)
- **Security:** Update to Go 1.22.11 - Backport to v11.2.x [#99125](https://github.com/grafana/grafana/pull/99125), [@Proximyst](https://github.com/Proximyst)
- **Security:** Update to Go 1.22.11 - Backport to v11.2.x (Enterprise)
- **Azure Monitor:** Add a feature flag to toggle user auth for Azure Monitor only [#97576](https://github.com/grafana/grafana/pull/97576), [@adamyeats](https://github.com/adamyeats)
- **Security:** Update to Go 1.23.5 - Backport to v11.3.x [#99124](https://github.com/grafana/grafana/pull/99124), [@Proximyst](https://github.com/Proximyst)
- **Security:** Update to Go 1.23.5 - Backport to v11.3.x (Enterprise)
- **Dashboard:** Fixes issue with compatability of old DashboardModel.annotations [#97467](https://github.com/grafana/grafana/pull/97467), [@torkelo](https://github.com/torkelo)
- **Dashboards:** Fix issue where filtered panels would not react to variable changes [#98733](https://github.com/grafana/grafana/pull/98733), [@oscarkilhed](https://github.com/oscarkilhed)
- **Dashboards:** Fixes issue with panel header showing even when hide time override was enabled [#97389](https://github.com/grafana/grafana/pull/97389), [@torkelo](https://github.com/torkelo)
- **Dashboards:** Fixes week relative time ranges when weekStart was changed [#98268](https://github.com/grafana/grafana/pull/98268), [@torkelo](https://github.com/torkelo)
- **DateTimePicker:** Fixes issue with date picker showing invalid date [#97970](https://github.com/grafana/grafana/pull/97970), [@torkelo](https://github.com/torkelo)
- **Fix:** Add support for datasource variable queries [#98118](https://github.com/grafana/grafana/pull/98118), [@sunker](https://github.com/sunker)
- **InfluxDB:** Adhoc filters can use template vars as values [#98785](https://github.com/grafana/grafana/pull/98785), [@bossinc](https://github.com/bossinc)
- **Unified Storage:** Use tls preferred when grafana db using ssl [#97379](https://github.com/grafana/grafana/pull/97379), [@owensmallwood](https://github.com/owensmallwood)
<!-- 11.2.6 END -->
<!-- 11.2.5 START -->
### Plugin development fixes & changes
# 11.2.5 (2024-12-04)
- **Grafana UI:** Re-add react-router-dom as a dependency [#98421](https://github.com/grafana/grafana/pull/98421), [@leventebalogh](https://github.com/leventebalogh)
### Bug fixes
<!-- 11.3.3 END -->
<!-- 11.3.2 START -->
- **Fix:** Do not fetch Orgs if the user is authenticated by apikey/sa or render key [#97264](https://github.com/grafana/grafana/pull/97264), [@mgyongyosi](https://github.com/mgyongyosi)
<!-- 11.2.5 END -->
<!-- 11.2.4 START -->
# 11.2.4 (2024-11-19)
# 11.3.2 (2024-12-04)
### Features and enhancements
- **Alerting:** Make context deadline on AlertNG service startup configurable [#96133](https://github.com/grafana/grafana/pull/96133), [@fayzal-g](https://github.com/fayzal-g)
- **MigrationAssistant:** Restrict dashboards, folders and datasources by the org id of the signed in user [#96344](https://github.com/grafana/grafana/pull/96344), [@leandro-deveikis](https://github.com/leandro-deveikis)
- **User:** Check SignedInUser OrgID in RevokeInvite [#95489](https://github.com/grafana/grafana/pull/95489), [@mgyongyosi](https://github.com/mgyongyosi)
- **Backport:** Announcement Banners: Enable feature for all cloud tiers (Enterprise)
### Bug fixes
- **Alerting:** Force refetch prom rules when refreshing panel [#96124](https://github.com/grafana/grafana/pull/96124), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
- **Anonymous User:** Adds validator service for anonymous users [#94993](https://github.com/grafana/grafana/pull/94993), [@leandro-deveikis](https://github.com/leandro-deveikis)
- **Fix:** Do not fetch Orgs if the user is authenticated by apikey/sa or render key [#97262](https://github.com/grafana/grafana/pull/97262), [@mgyongyosi](https://github.com/mgyongyosi)
<!-- 11.3.2 END -->
<!-- 11.3.1 START -->
# 11.3.1 (2024-11-19)
### Features and enhancements
- **Alerting:** Make context deadline on AlertNG service startup configurable [#96135](https://github.com/grafana/grafana/pull/96135), [@fayzal-g](https://github.com/fayzal-g)
- **MigrationAssistant:** Restrict dashboards, folders and datasources by the org id of the signed in user [#96345](https://github.com/grafana/grafana/pull/96345), [@leandro-deveikis](https://github.com/leandro-deveikis)
- **User:** Check SignedInUser OrgID in RevokeInvite [#95490](https://github.com/grafana/grafana/pull/95490), [@mgyongyosi](https://github.com/mgyongyosi)
### Bug fixes
- **Alerting:** Fix escaping of silence matchers in utf8 mode [#95347](https://github.com/grafana/grafana/pull/95347), [@tomratcliffe](https://github.com/tomratcliffe)
- **Alerting:** Fix overflow for long receiver names [#95133](https://github.com/grafana/grafana/pull/95133), [@gillesdemey](https://github.com/gillesdemey)
- **Alerting:** Fix saving advanced mode toggle state in the alert rule editor [#95981](https://github.com/grafana/grafana/pull/95981), [@alexander-akhmetov](https://github.com/alexander-akhmetov)
- **Alerting:** Fix setting datasource uid, when datasource is string in old version [#96273](https://github.com/grafana/grafana/pull/96273), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
- **Alerting:** Force refetch prom rules when refreshing panel [#96125](https://github.com/grafana/grafana/pull/96125), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
- **Anonymous User:** Adds validator service for anonymous users [#94994](https://github.com/grafana/grafana/pull/94994), [@leandro-deveikis](https://github.com/leandro-deveikis)
- **Anonymous User:** Adds validator service for anonymous users (Enterprise)
- **Azure Monitor:** Support metric namespaces fallback [#95154](https://github.com/grafana/grafana/pull/95154), [@aangelisc](https://github.com/aangelisc)
- **Folders:** Add admin permissions upon creation of a folder w. SA [#95416](https://github.com/grafana/grafana/pull/95416), [@eleijonmarck](https://github.com/eleijonmarck)
- **Migration:** Remove table aliasing in delete statement to make it work for mariadb [#95231](https://github.com/grafana/grafana/pull/95231), [@kalleep](https://github.com/kalleep)
- **CloudWatch:** Interpolate region in log context query [#94990](https://github.com/grafana/grafana/pull/94990), [@iwysiu](https://github.com/iwysiu)
- **Dashboard datasource:** Return annotations as series when query topic is "annotations" [#95971](https://github.com/grafana/grafana/pull/95971), [@kaydelaney](https://github.com/kaydelaney)
- **Dashboard:** Append orgId to URL [#95963](https://github.com/grafana/grafana/pull/95963), [@bfmatei](https://github.com/bfmatei)
- **Dashboards:** Fixes performance issue expanding a row [#95321](https://github.com/grafana/grafana/pull/95321), [@torkelo](https://github.com/torkelo)
- **Flame Graph:** Fix crash when it receives empty data [#96211](https://github.com/grafana/grafana/pull/96211), [@yincongcyincong](https://github.com/yincongcyincong)
- **Folders:** Add admin permissions upon creation of a folder w. SA [#95365](https://github.com/grafana/grafana/pull/95365), [@eleijonmarck](https://github.com/eleijonmarck)
- **Folders:** Don't show error pop-up if the user can't fetch the root folder [#95600](https://github.com/grafana/grafana/pull/95600), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
- **Migration:** Remove table aliasing in delete statement to make it work for mariadb [#95232](https://github.com/grafana/grafana/pull/95232), [@kalleep](https://github.com/kalleep)
- **Service Accounts:** Run service account creation in transaction [#94803](https://github.com/grafana/grafana/pull/94803), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
- **Table:** Fix text wrapping applying to wrong field [#95425](https://github.com/grafana/grafana/pull/95425), [@codeincarnate](https://github.com/codeincarnate)
- **Unified Storage:** Use ssl_mode instead of sslmode [#95662](https://github.com/grafana/grafana/pull/95662), [@chaudyg](https://github.com/chaudyg)
- **Alerting:** Allow linking to silence form with `__alert_rule_uid__` value preset [#93526](https://github.com/grafana/grafana/pull/93526), [@tomratcliffe](https://github.com/tomratcliffe)
- **Alerting:** Hide query name when using simplified mode in the alert rule [#93779](https://github.com/grafana/grafana/pull/93779), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
- **Alerting:** Limit and clean up old alert rules versions [#89754](https://github.com/grafana/grafana/pull/89754), [@igloo12](https://github.com/igloo12)
- **Alerting:** Style nits for the simple query mode [#93930](https://github.com/grafana/grafana/pull/93930), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
- **Alerting:** Update texts in annotations step [#93977](https://github.com/grafana/grafana/pull/93977), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
- **Alerting:** Use useProduceNewAlertmanagerConfiguration for contact points [#88456](https://github.com/grafana/grafana/pull/88456), [@gillesdemey](https://github.com/gillesdemey)
- **Auth:** Attach external session info to Grafana session [#93849](https://github.com/grafana/grafana/pull/93849), [@mgyongyosi](https://github.com/mgyongyosi)
- **Auth:** Replace jmespath/go-jmespath with jmespath-community/go-jmespath [#94203](https://github.com/grafana/grafana/pull/94203), [@mgyongyosi](https://github.com/mgyongyosi)
- **CloudMigrations:** Add support for migration of Library Elements (Panels) resources [#93898](https://github.com/grafana/grafana/pull/93898), [@macabu](https://github.com/macabu)
- **Explore Logs:** Preinstall for onprem Grafana instances [#94221](https://github.com/grafana/grafana/pull/94221), [@svennergr](https://github.com/svennergr)
- **ExploreMetrics:** Ensure compatibility with Incremental Querying [#94355](https://github.com/grafana/grafana/pull/94355), [@NWRichmond](https://github.com/NWRichmond)
- **FieldConfig:** Add support for Actions [#92874](https://github.com/grafana/grafana/pull/92874), [@adela-almasan](https://github.com/adela-almasan)
- **Plugin Extensions:** Require meta-data to be defined in `plugin.json` during development mode [#93429](https://github.com/grafana/grafana/pull/93429), [@leventebalogh](https://github.com/leventebalogh)
- **Reporting:** Display template variables in the PDF (Enterprise)
- **Tempo:** Add deprecation notice for Aggregate By [#94050](https://github.com/grafana/grafana/pull/94050), [@joey-grafana](https://github.com/joey-grafana)
### Bug fixes
- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93947](https://github.com/grafana/grafana/pull/93947), [@alexweav](https://github.com/alexweav)
- **Canvas:** Allow API calls to grafana origin [#94129](https://github.com/grafana/grafana/pull/94129), [@adela-almasan](https://github.com/adela-almasan)
- **Folders:** Correctly show new folder button under root folder [#94712](https://github.com/grafana/grafana/pull/94712), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
- **OrgSync:** Do not set default Organization for a user to a non-existent Organization [#94549](https://github.com/grafana/grafana/pull/94549), [@mgyongyosi](https://github.com/mgyongyosi)
- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94959](https://github.com/grafana/grafana/pull/94959), [@samjewell](https://github.com/samjewell)
- **Alerting/Chore:** Fix TimeRangeInput not working across multiple months [#93622](https://github.com/grafana/grafana/pull/93622), [@tomratcliffe](https://github.com/tomratcliffe)
- **Alerting:** Fix default value for input in simple condition [#94248](https://github.com/grafana/grafana/pull/94248), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
- **Alerting:** Fix eval interval not being saved when creating a new group [#93821](https://github.com/grafana/grafana/pull/93821), [@tomratcliffe](https://github.com/tomratcliffe)
- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93940](https://github.com/grafana/grafana/pull/93940), [@alexweav](https://github.com/alexweav)
- **Alerting:** Fix panics when attempting to create an Alertmanager after failing [#94023](https://github.com/grafana/grafana/pull/94023), [@santihernandezc](https://github.com/santihernandezc)
- **DashboardScene:** Fixes url issue with subpath when exiting edit mode [#93962](https://github.com/grafana/grafana/pull/93962), [@torkelo](https://github.com/torkelo)
- **Dashboards:** Enable scenes by default [#93818](https://github.com/grafana/grafana/pull/93818), [@ivanortegaalba](https://github.com/ivanortegaalba)
- **Dashboards:** Fixes view & edit keyboard shortcuts when grafana is behind a subpath [#93955](https://github.com/grafana/grafana/pull/93955), [@torkelo](https://github.com/torkelo)
- **ElasticSearch:** Fix errorsource in newInstanceSettings [#93859](https://github.com/grafana/grafana/pull/93859), [@iwysiu](https://github.com/iwysiu)
- **Reporting:** Fix reports on multi-org instance (Enterprise)
- **SubMenu:** Fix expanding sub menu items on touch devices [#93208](https://github.com/grafana/grafana/pull/93208), [@yincongcyincong](https://github.com/yincongcyincong)
<!-- 11.2.3 END -->
<!-- 11.2.2+security-01 START -->
# 11.2.2+security-01 (2024-10-17)
### Bug fixes
- **SQL Expressions**: Fixes CVE-2024-9264
<!-- 11.2.2+security-01 END -->
<!-- 11.3.0 END -->
<!-- 11.2.2 START -->
# 11.2.2 (2024-10-01)
@@ -150,15 +226,72 @@
- **Plugins:** Avoid returning 404 for `AutoEnabled` apps [#93488](https://github.com/grafana/grafana/pull/93488), [@wbrowne](https://github.com/wbrowne)
<!-- 11.2.2 END -->
<!-- 11.2.1+security-01 START -->
<!-- 11.1.7 START -->
# 11.2.1+security-01 (2024-10-17)
# 11.1.7 (2024-10-01)
### Features and enhancements
- **Chore:** Bump Go to 1.22.7 [#93355](https://github.com/grafana/grafana/pull/93355), [@hairyhenderson](https://github.com/hairyhenderson)
- **Chore:** Bump Go to 1.22.7 (Enterprise)
### Bug fixes
- **SQL Expressions**: Fixes CVE-2024-9264
- **Alerting:** Fix preview of silences when label name contains spaces [#93050](https://github.com/grafana/grafana/pull/93050), [@tomratcliffe](https://github.com/tomratcliffe)
- **Alerting:** Make query wrapper match up datasource UIDs if necessary [#93115](https://github.com/grafana/grafana/pull/93115), [@tomratcliffe](https://github.com/tomratcliffe)
- **Correlations:** Limit access to correlations page to users who can access Explore [#93675](https://github.com/grafana/grafana/pull/93675), [@ifrost](https://github.com/ifrost)
- **Plugins:** Avoid returning 404 for `AutoEnabled` apps [#93487](https://github.com/grafana/grafana/pull/93487), [@wbrowne](https://github.com/wbrowne)
<!-- 11.2.1+security-01 END -->
<!-- 11.1.7 END -->
<!-- 11.0.6 START -->
# 11.0.6 (2024-10-01)
### Features and enhancements
- **Chore:** Bump Go to 1.22.7 [#93358](https://github.com/grafana/grafana/pull/93358), [@hairyhenderson](https://github.com/hairyhenderson)
- **Correlations:** Limit access to correlations page to users who can access Explore [#93674](https://github.com/grafana/grafana/pull/93674), [@ifrost](https://github.com/ifrost)
- **Plugins:** Avoid returning 404 for `AutoEnabled` apps [#93486](https://github.com/grafana/grafana/pull/93486), [@wbrowne](https://github.com/wbrowne)
<!-- 11.0.6 END -->
<!-- 10.4.10 START -->
# 10.4.10 (2024-10-01)
### Features and enhancements
- **Chore:** Bump Go to 1.22.7 [#93359](https://github.com/grafana/grafana/pull/93359), [@hairyhenderson](https://github.com/hairyhenderson)
- **Correlations:** Limit access to correlations page to users who can access Explore [#93673](https://github.com/grafana/grafana/pull/93673), [@ifrost](https://github.com/ifrost)
<!-- 10.4.10 END -->
<!-- 10.3.11 START -->
# 10.3.11 (2024-10-01)
### Features and enhancements
- **Chore:** Bump Go to 1.22.7 [#93360](https://github.com/grafana/grafana/pull/93360), [@hairyhenderson](https://github.com/hairyhenderson)
- **Chore:** Bump Go to 1.22.7 (Enterprise)
### Bug fixes
- **Correlations:** Limit access to correlations page to users who can access Explore [#93672](https://github.com/grafana/grafana/pull/93672), [@ifrost](https://github.com/ifrost)
<!-- 10.3.11 END -->
<!-- 11.2.1 START -->
# 11.2.1 (2024-09-26)
@@ -189,6 +322,63 @@
- **AutoSizeInput:** Allow to be controlled by value [#92999](https://github.com/grafana/grafana/pull/92999), [@ivanortegaalba](https://github.com/ivanortegaalba)
<!-- 11.2.1 END -->
<!-- 11.1.6 START -->
# 11.1.6 (2024-09-26)
### Features and enhancements
- **Chore:** Update swagger ui (4.3.0 to 5.17.14) [#92341](https://github.com/grafana/grafana/pull/92341), [@ryantxu](https://github.com/ryantxu)
- **TutorialCard:** Fix link to tutorial not opening [#92646](https://github.com/grafana/grafana/pull/92646), [@eledobleefe](https://github.com/eledobleefe)
### Plugin development fixes & changes
- **Bugfix:** QueryField typeahead missing background color [#92316](https://github.com/grafana/grafana/pull/92316), [@mckn](https://github.com/mckn)
- **Alerting:** Fixed CVE-2024-8118.
<!-- 11.1.6 END -->
<!-- 11.0.5 START -->
# 11.0.5 (2024-09-26)
### Features and enhancements
- **Chore:** Update swagger ui (4.3.0 to 5.17.14) [#92345](https://github.com/grafana/grafana/pull/92345), [@ryantxu](https://github.com/ryantxu)
- **TutorialCard:** Fix link to tutorial not opening [#92645](https://github.com/grafana/grafana/pull/92645), [@eledobleefe](https://github.com/eledobleefe)
- **Alerting:** Fixed CVE-2024-8118.
<!-- 11.0.5 END -->
<!-- 10.4.9 START -->
# 10.4.9 (2024-09-26)
### Features and enhancements
- **Chore:** Update swagger ui (4.3.0 to 5.17.14) [#92344](https://github.com/grafana/grafana/pull/92344), [@ryantxu](https://github.com/ryantxu)
- **Runtime:** Add provider and access hook for location service [#90759](https://github.com/grafana/grafana/pull/90759), [@aocenas](https://github.com/aocenas)
<!-- 11.2.0 END -->
<!-- 11.1.5 START -->
# 11.1.5 (2024-08-27)
### Bug fixes
- **Alerting:** Fix permissions for prometheus rule endpoints [#91414](https://github.com/grafana/grafana/pull/91414), [@yuri-tceretian](https://github.com/yuri-tceretian)
- **Alerting:** Fix persisting result fingerprint that is used by recovery threshold [#91290](https://github.com/grafana/grafana/pull/91290), [@yuri-tceretian](https://github.com/yuri-tceretian)
- **Auditing:** Fix a possible crash when audit logger parses responses for failed requests (Enterprise)
- **RBAC:** Fix an issue with server admins not being able to manage users in orgs that they don't belong to [#92273](https://github.com/grafana/grafana/pull/92273), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
- **RBAC:** Fix an issue with server admins not being able to manage users in orgs that they dont belong to (Enterprise)
- **RBAC:** Fix seeder failures when inserting duplicated permissions (Enterprise)
- **Snapshots:** Fix panic when snapshot_remove_expired is true [#91232](https://github.com/grafana/grafana/pull/91232), [@ryantxu](https://github.com/ryantxu)
- **VizTooltip:** Fix positioning at bottom and right edges on mobile [#92137](https://github.com/grafana/grafana/pull/92137), [@leeoniya](https://github.com/leeoniya)
### Plugin development fixes & changes
- **Bugfix:** QueryField typeahead missing background color [#92316](https://github.com/grafana/grafana/pull/92316), [@mckn](https://github.com/mckn)
<!-- 11.1.5 END -->
<!-- 11.0.4 START -->
# 11.0.4 (2024-08-27)
### Bug fixes
- **Alerting:** Fix persisting result fingerprint that is used by recovery threshold [#91328](https://github.com/grafana/grafana/pull/91328), [@yuri-tceretian](https://github.com/yuri-tceretian)
- **Auditing:** Fix a possible crash when audit logger parses responses for failed requests (Enterprise)
- **RBAC:** Fix seeder failures when inserting duplicated permissions (Enterprise)
- **Snapshots:** Fix panic when snapshot_remove_expired is true [#91330](https://github.com/grafana/grafana/pull/91330), [@ryantxu](https://github.com/ryantxu)
<!-- 11.0.4 END -->
<!-- 10.4.8 START -->
# 10.4.8 (2024-08-27)
### Bug fixes
- **Alerting:** Fix persisting result fingerprint that is used by recovery threshold [#91331](https://github.com/grafana/grafana/pull/91331), [@yuri-tceretian](https://github.com/yuri-tceretian)
- **Auditing:** Fix a possible crash when audit logger parses responses for failed requests (Enterprise)
- **RBAC:** Fix seeder failures when inserting duplicated permissions (Enterprise)
- **Snapshots:** Fix panic when snapshot_remove_expired is true [#91329](https://github.com/grafana/grafana/pull/91329), [@ryantxu](https://github.com/ryantxu)
Description:"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
Type:[]string{"string"},
Format:"",
},
},
"apiVersion":{
SchemaProps:spec.SchemaProps{
Description:"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
Description:"PlaylistItem defines model for PlaylistItem.",
Type:[]string{"object"},
Properties:map[string]spec.Schema{
"type":{
SchemaProps:spec.SchemaProps{
Description:"type of the item.",
Default:"",
Type:[]string{"string"},
Format:"",
},
},
"value":{
SchemaProps:spec.SchemaProps{
Description:"Value depends on type and describes the playlist item.\n - dashboard_by_id: The value is an internal numerical identifier set by Grafana. This\n is not portable as the numerical identifier is non-deterministic between different instances.\n Will be replaced by dashboard_by_uid in the future. (deprecated)\n - dashboard_by_tag: The value is a tag which is set on any number of dashboards. All\n dashboards behind the tag will be added to the playlist.\n - dashboard_by_uid: The value is the dashboard UID",
Description:"Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
Type:[]string{"string"},
Format:"",
},
},
"apiVersion":{
SchemaProps:spec.SchemaProps{
Description:"APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
Description:"PlaylistStatus defines model for PlaylistStatus.",
Type:[]string{"object"},
Properties:map[string]spec.Schema{
"additionalFields":{
SchemaProps:spec.SchemaProps{
Description:"additionalFields is reserved for future use",
Type:[]string{"object"},
AdditionalProperties:&spec.SchemaOrBool{
Allows:true,
Schema:&spec.Schema{
SchemaProps:spec.SchemaProps{
Type:[]string{"object"},
Format:"",
},
},
},
},
},
"operatorStates":{
SchemaProps:spec.SchemaProps{
Description:"operatorStates is a map of operator ID to operator state evaluations. Any operator which consumes this kind SHOULD add its state evaluation information to this field.",
# Metrics available at HTTP URL /metrics and /metrics/plugins/:pluginId
[metrics]
enabled=true
interval_seconds=10
enabled=true
interval_seconds=10
# Disable total stats (stat_totals_*) metrics to be generated
disable_total_stats=false
# The interval at which the total stats collector will update the stats. Default is 1800 seconds.
@@ -1725,6 +1747,12 @@ install_token =
hide_angular_deprecation=
# Comma separated list of plugin ids for which environment variables should be forwarded. Used only when feature flag pluginsSkipHostEnvVars is enabled.
forward_host_env_vars=
# Comma separated list of plugin ids to install as part of the startup process.
preinstall=grafana-lokiexplore-app
#Controls whether preinstall plugins asynchronously (in the background) or synchronously (blocking). Useful when preinstalled plugins are used with provisioning.
preinstall_async=true
#Disables preinstall feature. It has the same effect as setting preinstall to an empty list.
preinstall_disabled=false
#################################### Grafana Live ##########################################
@@ -270,17 +270,17 @@ In case there is an uncertainty around the prioritization of an issue, please as
1. If applicable, label the issue `priority/support-subscription`.
1. Add the issue to the next upcoming patch or major/minor stable release milestone. Ask maintainers for help if unsure if it's a patch or not. Create a new milestone if there are none.
1. Make sure to add the issue to a suitable backlog of a GitHub project and prioritize it or assign someone to work on it now or very soon.
1. Consider requesting [help from the community](#5-requesting-help-from-the-community), even though it may be problematic given a short amount of time until it should be released.
1. Consider requesting [help from the community](#5-request-help-from-the-community), even though it may be problematic given a short amount of time until it should be released.
**Important long-term**
1. Label the issue `priority/important-longterm`.
1. Consider requesting [help from the community](#5-requesting-help-from-the-community).
1. Consider requesting [help from the community](#5-request-help-from-the-community).
**Nice to have**
1. Label the issue `priority/nice-to-have`.
1. Consider requesting [help from the community](#5-requesting-help-from-the-community).
1. Consider requesting [help from the community](#5-request-help-from-the-community).
@@ -18,7 +18,7 @@ Grafana uses the [XORM](https://xorm.io) framework for persisting objects to the
> **Deprecated:** We are deprecating `sqlstore` handlers in favor of using the `SQLStore` object directly in each service. Since most services still use the `sqlstore` handlers, we still want to explain how they work.
The `sqlstore` package allows you to register [command handlers](communication.md#handle-commands) that either store or retrieve objects from the database. The `sqlstore` handlers are similar to services:
The `sqlstore` package allows you to register [command handlers](communication.md#commands-and-queries) that either store or retrieve objects from the database. The `sqlstore` handlers are similar to services:
- [Services](services.md) are command handlers that _contain business logic_.
-`sqlstore` handlers are command handlers that _access the database_.
@@ -30,7 +30,7 @@ The `sqlstore` package allows you to register [command handlers](communication.m
To register a handler:
- Create a new file, `myrepo.go`, in the `sqlstore` package.
- Create a [command handler](communication.md#handle-commands).
- Create a [command handler](communication.md#commands-and-queries).
- Register the handler in the `init` function:
```go
@@ -60,7 +60,7 @@ type MyService struct {
}
```
You can now make SQL queries in any of your [command handlers](communication.md#handle-commands) or [event listeners](communication.md#subscribe-to-an-event):
You can now make SQL queries in any of your [command handlers](communication.md#commands-and-queries) or [event listeners](communication.md#subscribe-to-an-event):
During initialization, SQL store queries the service registry, and runs migrations for every service that implements the [DatabaseMigrator](https://github.com/grafana/grafana/blob/44c2007498c76c2dbb48e8366b4af410f1ee1b98/pkg/registry/registry.go#L101-L106) interface.
During initialization, SQL store queries the service registry, and runs migrations for every service that implements the [DatabaseMigrator](https://github.com/grafana/grafana/blob/d27c3822f28e5f26199b4817892d6d24a7a26567/pkg/registry/registry.go#L46-L50) interface.
@@ -55,7 +55,7 @@ When should you use each log level?
Use a contextual logger to include additional key/value pairs attached to `context.Context`. For example, a `traceID`, used to allow correlating logs with traces, correlate logs with a common identifier, either or both.
You must [Enable tracing in Grafana](#2-enable-tracing-in-grafana) to get a `traceID`.
You must [Enable tracing in Grafana](#enable-tracing-in-grafana) to get a `traceID`.
For example:
@@ -156,7 +156,7 @@ A distributed trace is data that tracks an application request as it flows throu
### Usage
Grafana uses [OpenTelemetry](https://opentelemetry.io/) for distributed tracing. There's an interface `Tracer` in the `pkg/infra/tracing` package that implements the [OpenTelemetry Tracer interface](go.opentelemetry.io/otel/trace), which you can use to create traces and spans. To access `Tracer` you need to get it injected as a dependency of your service. Refer to [Services](services.md) for more details. For more information, you may also refer to [The OpenTelemetry documentation](https://opentelemetry.io/docs/instrumentation/go/manual/).
Grafana uses [OpenTelemetry](https://opentelemetry.io/) for distributed tracing. There's an interface `Tracer` in the `pkg/infra/tracing` package that implements the [OpenTelemetry Tracer interface](https://pkg.go.dev/go.opentelemetry.io/otel/trace), which you can use to create traces and spans. To access `Tracer` you need to get it injected as a dependency of your service. Refer to [Services](services.md) for more details. For more information, you may also refer to [The OpenTelemetry documentation](https://opentelemetry.io/docs/instrumentation/go/manual/).
@@ -121,7 +121,7 @@ For an example of the `IsDisabled` method and custom initialization code when th
## Run Wire (generate code)
Running `make run` calls `make gen-go` on the first run. The `gen-go` in turn calls the Wire binary and generates the code in [`wire_gen.go`](/pkg/server/wire_gen.go) and [`wire_gen.go`](/pkg/cmd/grafana-cli/runner/wire_gen.go). The Wire binary is installed using [`bingo`](https://github.com/bwplotka/bingo) which downloads and installs all the tools needed, including the Wire binary at the specified version.
Running `make run` calls `make gen-go` on the first run. The `gen-go` in turn calls the Wire binary and generates the code in [`wire_gen.go`](/pkg/server/wire_gen.go). The Wire binary is installed using [`bingo`](https://github.com/bwplotka/bingo) which downloads and installs all the tools needed, including the Wire binary at the specified version.
As such, while both terms are in use (also in our codebase) and are indeed interchangeable, TLS is the preferred term.
That said however, we have at Grafana Labs decided to use both acronyms in combination when referring to this type of
technology, i.e. _TLS/SSL_. This is in order to not confuse those who may not be aware of them being synonymous,
and SSL still being so prevalent in common discourse.
As such, while we use both terms in our codebase and documentation, we generally prefer TLS.
However, we use both acronyms in combination when referring to this type of technology, that is, _TLS/SSL_. We do this because we don't want to confuse readers who may not be aware of them being synonymous, and SSL is still prevalent in common discourse.
@@ -30,7 +30,7 @@ The pull request title should be formatted according to `<Area>: <Summary>` (Bot
Keep the summary short and understandable for the community as a whole.
All commits in a pull request are squashed when merged and the pull request title will be the default subject line of the squashed commit message. It's also used for the [changelog](#include-in-changelog-and-release-notes).
All commits in a pull request are squashed when merged and the pull request title will be the default subject line of the squashed commit message. It's also used for the [changelog](#what-to-include-in-changelog-and-release-notes).
**Example:**
@@ -40,7 +40,7 @@ See [formatting guidelines](create-pull-request.md#formatting-guidelines) for mo
### Assign a milestone (automated)
The Grafana release process uses a bot to automatically assign pull requests to a milestone to make it easier for release managers to track changes. For example, [generating changelog (release note)](#include-in-changelog-and-release-notes) must be in a milestone.
The Grafana release process uses a bot to automatically assign pull requests to a milestone to make it easier for release managers to track changes. For example, [generating changelog (release note)](#what-to-include-in-changelog-and-release-notes) must be in a milestone.
That being said, _you don't have to assign a milestone manually_ to a pull request. Instead, when it is merged and closed, a bot will then look for the most appropriate milestone and assign it to the pull request.
@@ -104,7 +104,7 @@ In case the pull request introduces a deprecation you should document this. Labe
In case the pull request introduces a breaking change you should document this. Label the pull request with `add to changelog` and `breaking change` and use the following template at the end of the pull request description describing the breaking change:
When end-to-end testing Grafana plugins, it's recommended to use the [`@grafana/plugin-e2e`](https://www.npmjs.com/package/@grafana/plugin-e2e?activeTab=readme) testing tool. `@grafana/plugin-e2e` extends [`@playwright/test`](https://playwright.dev/) capabilities with relevant fixtures, models, and expect matchers; enabling comprehensive end-to-end testing of Grafana plugins across multiple versions of Grafana. For information on how to get started with Plugin end-to-end testing and Playwright, checkout the [Get started](https://grafana.com/developers/plugin-tools/e2e-test-a-plugin/get-started) guide.
When end-to-end testing Grafana plugins, a best practice is to use the [`@grafana/plugin-e2e`](https://www.npmjs.com/package/@grafana/plugin-e2e?activeTab=readme) testing tool. The`@grafana/plugin-e2e` tool extends [`@playwright/test`](https://playwright.dev/) capabilities with relevant fixtures, models, and expect matchers. Use it to enable comprehensive end-to-end testing of Grafana plugins across multiple versions of Grafana.
## Adding end-to-end tests for a core plugin
> **Note:** To learn more, refer to our documentation on [plugin development](https://grafana.com/developers/plugin-tools/) and [end-to-end plugin testing](https://grafana.com/developers/plugin-tools/e2e-test-a-plugin/get-started).
Playwright end-to-end tests for plugins should be added to the [`e2e/plugin-e2e`](https://github.com/grafana/grafana/tree/main/e2e/plugin-e2e) directory.
## Add end-to-end tests for a core plugin
1. Add a new directory that has the name as your plugin [`here`](https://github.com/grafana/grafana/tree/main/e2e/plugin-e2e). This is where your plugin tests will be kept.
You can add Playwright end-to-end tests for plugins to the [`e2e/plugin-e2e`](https://github.com/grafana/grafana/tree/main/e2e/plugin-e2e) directory.
2.Playwright uses [projects](https://playwright.dev/docs/test-projects) to logically group tests together. All tests in a project share the same configuration.
In the [Playwright config file](https://github.com/grafana/grafana/blob/main/playwright.config.ts), add a new project item. Make sure the `name` and the `testDir` sub directory matches the name of the directory that contains your plugin tests.
Adding `'authenticate'` to the list of dependencies and specifying `'playwright/.auth/admin.json'` as storage state will ensure all tests in your project will start already authenticated as an admin user. If you wish to use a different role for and perhaps test RBAC for some of your tests, please refer to the plugin-e2e [documentation](https://grafana.com/developers/plugin-tools/e2e-test-a-plugin/use-authentication).
1.Add a new directory that has the name as your plugin [`here`](https://github.com/grafana/grafana/tree/main/e2e/plugin-e2e). This is the directory where your plugin tests will be kept.
1. Playwright uses [projects](https://playwright.dev/docs/test-projects) to logically group tests together. All tests in a project share the same configuration.
In the [Playwright config file](https://github.com/grafana/grafana/blob/main/playwright.config.ts), add a new project item. Make sure the `name` and the `testDir` subdirectory match the name of the directory that contains your plugin tests.
Add `'authenticate'` to the list of dependencies and specify `'playwright/.auth/admin.json'` as the storage state to ensure that all tests in your project will start already authenticated as an admin user. If you want to use a different role for and perhaps test RBAC for some of your tests, refer to our [documentation](https://grafana.com/developers/plugin-tools/e2e-test-a-plugin/use-authentication).
```ts
{
@@ -24,14 +26,16 @@ Playwright end-to-end tests for plugins should be added to the [`e2e/plugin-e2e`
},
```
3. Update the [CODEOWNERS](https://github.com/grafana/grafana/blob/main/.github/CODEOWNERS/#L315) file so that your team is owner of the tests in the directory you added in step 1.
1. Update the [CODEOWNERS](https://github.com/grafana/grafana/blob/main/.github/CODEOWNERS/#L315) file so that your team is owner of the tests in the directory you added in step 1.
## Commands
- `yarn e2e:playwright` will run all Playwright tests. Optionally, you can provide the `--project mysql` argument to run tests in a certain project.
- `yarn e2e:playwright` runs all Playwright tests. Optionally, you can provide the `--project mysql` argument to run tests in a specific project.
The script above assumes you have Grafana running on `localhost:3000`. You may change this by providing environment variables.
The `yarn e2e:playwright` script assumes you have Grafana running on `localhost:3000`. You may change this with an environment variable:
`HOST=127.0.0.1 PORT=3001 yarn e2e:playwright`
`HOST=127.0.0.1 PORT=3001 yarn e2e:playwright`
- `yarn e2e:playwright:server` will start a Grafana [development server](https://github.com/grafana/grafana/blob/main/scripts/grafana-server/start-server) on port 3001 and run the Playwright tests. The development server is provisioned with the [devenv](https://github.com/grafana/grafana/blob/main/contribute/developer-guide.md#add-data-sources) dashboards, data sources and apps.
The `yarn e2e:playwright:server` starts a Grafana [development server](https://github.com/grafana/grafana/blob/main/scripts/grafana-server/start-server) on port 3001 and runs the Playwright tests.
- You can provision the development server with the [devenv](https://github.com/grafana/grafana/blob/main/contribute/developer-guide.md#add-data-sources) dashboards, data sources, and apps.
Grafana Labs uses a minimal [homegrown solution](../../e2e/utils/index.ts) built on top of [Cypress](https://cypress.io) for its end-to-end (E2E) tests.
@@ -6,17 +6,17 @@ Important notes:
- We generally store all element identifiers ([CSS selectors](https://mdn.io/docs/Web/CSS/CSS_Selectors)) within the framework for reuse and maintainability.
- We generally do not use stubs or mocks as to fully simulate a real user.
- Cypress' promises [do not behave as you'd expect](https://docs.cypress.io/guides/core-concepts/introduction-to-cypress.html#Mixing-Async-and-Sync-code).
- [Testing core Grafana](e2e-core.md) is different than [testing plugins](e2e-plugins.md) - core Grafana uses Cypress whereas plugins use [Playwright test](https://playwright.dev/).
- Cypress' promises [don't behave as you might expect](https://docs.cypress.io/guides/core-concepts/introduction-to-cypress.html#Mixing-Async-and-Sync-code).
- [Testing core Grafana](e2e-core.md) is different than [testing plugins](e2e-plugins.md)—core Grafana uses Cypress whereas plugins use [Playwright test](https://playwright.dev/).
## Framework structure
Inspired by https://martinfowler.com/bliki/PageObject.html
Our framework structure is inspired by [Martin Fowler's Page Object](https://martinfowler.com/bliki/PageObject.html).
-`Selector`: A unique identifier that is used from the E2E framework to retrieve an element from the Browser
-`Page`: An abstraction for an object that contains one or more `Selectors` with `visit` function to navigate to the page.
-`Component`: An abstraction for an object that contains one or more `Selectors` but without `visit` function
-`Flow`: An abstraction that contains a sequence of actions on one or more `Pages` that can be reused and shared between tests
-**`Selector`**: A unique identifier that is used from the E2E framework to retrieve an element from the browser
-**`Page`**: An abstraction for an object that contains one or more `Selector` identifiers with the `visit` function to go to the page.
-**`Component`**: An abstraction for an object that contains one or more `Selector` identifiers but without the `visit` function
-**`Flow`**: An abstraction that contains a sequence of actions on one or more `Page` abstractions that can be reused and shared between tests
## Basic example
@@ -26,13 +26,15 @@ Let's start with a simple [JSX](https://reactjs.org/docs/introducing-jsx.html) e
We _could_ target the field with a CSS selector like `.gf-form-input.login-form-input` but that would be brittle as style changes occur frequently. Furthermore there is nothing that signals to future developers that this input is part of an E2E test. At Grafana, we use `data-testid` attributes as our preferred way of defining selectors. See [Aria-Labels vs data-testid](#aria-labels-vs-data-testid) for more details.
It is possible to target the field with a CSS selector like `.gf-form-input.login-form-input`. However, doing so is a brittle solution because style changes occur frequently.
Furthermore, there is nothing that signals to future developers that this input is part of an E2E test. At Grafana, we use `data-testid` attributes as our preferred way of defining selectors. See [Aria-Labels vs data-testid](#aria-labels-vs-data-testid) for more details.
The next step is to create a `Page` representation in our E2E framework to glue the test with the real implementation using the `pageFactory` function. For that function we can supply a `url` and `selectors` like in the example below:
The next step is to create a `Page` representation in our E2E framework. Doing so glues the test with the real implementation using the `pageFactory` function. For that function we can supply a `url` and selector like in the following example:
```typescript
exportconstLogin={
@@ -43,9 +45,9 @@ export const Login = {
};
```
Note that the selector is prefixed with `data-testid` - this is a signal to the framework to look for the selector in the `data-testid` attribute.
In this example, the selector is prefixed with `data-testid`. The prefix is a signal to the framework to look for the selector in the `data-testid` attribute.
The next step is to add the `Login` page to the `Pages` export within [_\<repo-root>/packages/grafana-e2e-selectors/src/selectors/pages.ts_](../../packages/grafana-e2e-selectors/src/selectors/pages.ts) so that it appears when we type `e2e.pages` in our IDE.
The next step is to add the `Login` page to the `Pages` export within [_\<repo-root>/packages/grafana-e2e-selectors/src/selectors/pages.ts_](../../packages/grafana-e2e-selectors/src/selectors/pages.ts) so that it appears when we type `e2e.pages` in your IDE.
```typescript
exportconstPages={
@@ -56,7 +58,9 @@ export const Pages = {
};
```
Now that we have a `Page` called `Login` in our `Pages` const we can use that to add a selector in our html like shown below and now this really signals to future developers that it is part of an E2E test.
Now that we have a page called `Login` in our `Pages` const, use it to add a selector in our HTML as shown in the following example. This page really signals to future developers that it is part of an E2E test.
Example:
```jsx
import{selectors}from'@grafana/e2e-selectors';
@@ -66,9 +70,8 @@ import { selectors } from '@grafana/e2e-selectors';
The last step in our example is to use our `Login` page as part of a test.
-The `url` property is used whenever we call the `visit` function and is equivalent to the Cypress' [`cy.visit()`](https://docs.cypress.io/api/commands/visit.html#Syntax).
- Any defined selector can be accessed from the `Login` page by invoking it. This is equivalent to the result of the Cypress function [`cy.get(…)`](https://docs.cypress.io/api/commands/get.html#Syntax).
-Use the `url` property whenever you call the `visit` function. It is equivalent to the [`cy.visit()`](https://docs.cypress.io/api/commands/visit.html#Syntax) in Cypress.
- Access any defined selector from the `Login` page by invoking it. This is equivalent to the result of the Cypress function [`cy.get(…)`](https://docs.cypress.io/api/commands/get.html#Syntax).
```typescript
describe('Login test',()=>{
@@ -83,7 +86,7 @@ describe('Login test', () => {
## Advanced example
Let's take a look at an example that uses the same `selector` for multiple items in a list for instance. In this example app we have a list of data sources that we want to click on during an E2E test.
Let's take a look at an example that uses the same selector for multiple items in a list for instance. In this example app, there's a list of data sources that we want to click on during an E2E test.
```jsx
<ul>
@@ -97,7 +100,7 @@ Let's take a look at an example that uses the same `selector` for multiple items
</ul>
```
Just as before in the basic example we'll start by creating a page abstraction using the `pageFactory` function:
Like in the basic example, start by creating a page abstraction using the `pageFactory` function:
You might have noticed that instead of a simple `string` as the `selector`, we're using a `function` that takes a string parameter as an argument and returns a formatted string using the argument.
You might have noticed that instead of a simple string as the selector, there's a function that takes a string parameter as an argument and returns a formatted string using the argument.
Just as before we need to add the `DataSources` page to the exported const `Pages` in `packages/grafana-e2e-selectors/src/selectors/pages.ts`.
Just as before, you need to add the `DataSources` page to the exported const `Pages` in `packages/grafana-e2e-selectors/src/selectors/pages.ts`.
The next step is to use the `dataSources` selector function as in our example below:
The next step is to use the `dataSources` selector function as in the following example:
```jsx
<ul>
@@ -126,7 +129,7 @@ The next step is to use the `dataSources` selector function as in our example be
</ul>
```
When this list is rendered with the data sources with names `A`, `B` and `C` ,the resulting HTML would look like:
When this list is rendered with the data sources with names `A`, `B` and `C` ,the resulting HTML looks like this:
```html
<divclass="card-item-name"data-testid="data-testid Data source list item A">A</div>
@@ -134,7 +137,7 @@ When this list is rendered with the data sources with names `A`, `B` and `C` ,th
<divclass="card-item-name"data-testid="data-testid Data source list item C">C</div>
```
Now we can write our test. The one thing that differs from the [basic example](#basic-example) above is that we pass in which data source we want to click on as an argument to the selector function:
Now we can write our test. The one thing that differs from the previous [basic example](#basic-example) is that we pass in which data source we want to click as an argument to the selector function:
Our selectors are set up to work with both aria-labels and data-testid attributes. Aria-labels help assistive technologies such as screenreaders identify interactive elements of a page for our users.
Our selectors are set up to work with both `aria-label` attributes and `data-testid` attributes. The `aria-label` attributes help assistive technologies such as screenreaders identify interactive elements of a page for our users.
A good example of a time to use an aria-label might be if you have a button with an X to close:
A good example of a time to use an aria-label might be if you have a button with an **X** to close:
```
<button aria-label="close">X<button>
```
It might be clear visually that the X closes the modal, but audibly it would not be clear for example.
It might be clear visually that the **X** closes the modal, but audibly it would not be clear, for example.
```
<button aria-label="close">Close<button>
@@ -165,28 +168,26 @@ It might be clear visually that the X closes the modal, but audibly it would not
The example might read aloud to a user as "Close, Close" or something similar.
However adding aria-labels to elements that are already clearly labeled or not interactive can be confusing and redundant for users with assistive technologies.
However, adding an aria-label to an element that is already clearly labeled or not interactive can be confusing and redundant for users with assistive technologies.
In such cases rather than adding unnecessary aria-labels to components so as to make them selectable for testing, it is preferable to use a data attribute that would not be read aloud with an assistive technology for example:
In such cases, don't add an unnecessary aria-label to a component so as to make them selectable for testing. Instead, use a data attribute that will not be read aloud with an assistive technology. For example:
- [Proposal for removing or replacing Angular dependencies](https://github.com/grafana/grafana/pull/23048)
Grafana Labs follows the [Airbnb React/JSX Style Guide](https://github.com/airbnb/javascript/tree/master/react) in matters pertaining to React. This guide provides highlights of the style rules we follow.
## Basic rules
@@ -43,11 +8,13 @@ Generally we follow the Airbnb [React Style Guide](https://github.com/airbnb/jav
- Break large components up into sub-components.
- Use spaces for indentation.
### Naming conventions
## Naming conventions
#### Use `PascalCase` for:
Follow these guidelines when naming elements of your code.
##### Typescript class names
### Class names
Use PascalCase. For example:
```typescript
// bad
@@ -61,7 +28,94 @@ class DataLink {
}
```
##### Types and interfaces
### Constants
Use ALL CAPS for constants. For example:
```typescript
// bad
constconstantValue="This string won't change";
// bad
constconstant_value="This string won't change";
// good
constCONSTANT_VALUE="This string won't change";
```
### Emotion class names
Use camelCase. For example:
```typescript
constgetStyles=(theme: GrafanaTheme2)=>({
// bad
ElementWrapper: css`...`,
// bad
['element-wrapper']:css`...`,
// good
elementWrapper: css({
padding: theme.spacing(1,2),
background: theme.colors.background.secondary,
}),
});
```
Use hook useStyles2(getStyles) to memoize the styles generation and try to avoid passing props to the getStyles function and instead compose classes using Emotion CX function.
### Enums
Use PascalCase. For example:
```
// bad
enum buttonVariant {
//...
}
// good
enum ButtonVariant {
//...
}
```
### Files and directories
Name files according to the primary export:
- When the primary export is a class or React component, use PascalCase.
- When the primary export is a function, use camelCase.
For files that export multiple utility functions, use the name that describes the responsibility of grouped utilities. For example, a file that exports math utilities should be named `math.ts`.
- Use `constants.ts` for files that export constants.
- Use `actions.ts` for files that export Redux actions.
- Use `reducers.ts` for Redux reducers.
- Use `*.test.ts(x)` for test files.
For directory names, use dash-case (sometimes called kebab-case).
- Use `features/new-important-feature/utils.ts`
### Functions
Use PascalCase. For example:
Use camelCase.
```typescript
// bad
constCalculatePercentage=()=>{...}
// bad
constcalculate_percentage=()=>{...}
// good
constcalculatePercentage=()=>{...}
```
### Interfaces
Use PascalCase. For example:
```
// bad
@@ -91,35 +145,11 @@ type request_info = ...
type RequestInfo = ...
```
##### Enums
### Methods
```
// bad
enum buttonVariant {
//...
}
Use PascalCase. For example:
// good
enum ButtonVariant {
//...
}
```
#### Use `camelCase` for:
##### Functions
```typescript
// bad
constCalculatePercentage=()=>{...}
// bad
constcalculate_percentage=()=>{...}
// good
constcalculatePercentage=()=>{...}
```
##### Methods
Use camelCase.
```typescript
classDateCalculator{
@@ -137,164 +167,13 @@ class DateCalculator {
}
```
##### Variables
### React components
```typescript
// bad
constQueryTargets=[];
// bad
constquery_targets=[];
Follow these guidelines for naming React components.
// good
constqueryTargets=[];
```
#### React callback props and handlers
##### React state and properties
```typescript
interfaceModalState{
// bad
IsActive: boolean;
// bad
is_active: boolean;
// good
isActive: boolean;
}
```
##### Emotion class names
```typescript
constgetStyles=(theme: GrafanaTheme2)=>({
// bad
ElementWrapper: css`...`,
// bad
['element-wrapper']:css`...`,
// good
elementWrapper: css({
padding: theme.spacing(1,2),
background: theme.colors.background.secondary,
}),
});
```
Use hook useStyles2(getStyles) to memoize the styles generation and try to avoid passing props to the getStyles function and instead compose classes using emotion cx function.
#### Use `ALL_CAPS` for constants.
```typescript
// bad
constconstantValue="This string won't change";
// bad
constconstant_value="This string won't change";
// good
constCONSTANT_VALUE="This string won't change";
```
#### Use [BEM](http://getbem.com/) convention for SASS styles.
_SASS styles are deprecated. Please migrate to Emotion whenever you need to modify SASS styles._
### Typing
In general, you should let Typescript infer the types so that there's no need to explicitly define type for each variable.
There are some exceptions to this:
```typescript
// Typescript needs to know type of arrays or objects otherwise it would infer it as array of any
// bad
conststringArray=[];
// good
conststringArray: string[]=[];
```
Specify function return types explicitly in new code. This improves readability by being able to tell what a function returns just by looking at the signature. It also prevents errors when a function's return type is broader than expected by the author.
> **Note:** We don't have linting for this enabled because of lots of old code that needs to be fixed first.
- When the primary export is a class or React component, use PascalCase.
- When the primary export is a function, use camelCase.
For files exporting multiple utility functions, use the name that describes the responsibility of grouped utilities. For example, a file exporting math utilities should be named `math.ts`.
- Use `constants.ts` for files exporting constants.
- Use `actions.ts` for files exporting Redux actions.
- Use `reducers.ts` Redux reducers.
- Use `*.test.ts(x)` for test files.
- Use kebab case for directory names: lowercase, words delimited by hyphen ( `-` ). For example, `features/new-important-feature/utils.ts`.
### Code organization
Organize your code in a directory that encloses feature code:
- Put Redux state and domain logic code in `state` directory (i.e. `features/my-feature/state/actions.ts`).
- Put React components in `components` directory (i.e. `features/my-feature/components/ButtonPeopleDreamOf.tsx`).
- Put test files next to the test subject.
- Put containers (pages) in feature root (i.e. `features/my-feature/DashboardPage.tsx`).
- Put API function calls that isn't a redux thunk in an `api.ts` file within the same directory.
- Subcomponents can live in the component folders. Small component do not need their own folder.
- Component SASS styles should live in the same folder as component code.
For code that needs to be used by external plugin:
- Put components and types in `@grafana/ui`.
- Put data models and data utilities in `@grafana/data`.
- Put runtime services interfaces in `@grafana/runtime`.
#### Exports
- Use named exports for all code you want to export from a file.
- Use declaration exports (i.e. `export const foo = ...`).
- Avoid using default exports (for example, `export default foo`).
- Export only the code that is meant to be used outside the module.
### Comments
- Use [TSDoc](https://github.com/microsoft/tsdoc) comments to document your code.
- Use [react-docgen](https://github.com/reactjs/react-docgen) comments (`/** ... */`) for props documentation.
- Use inline comments for comments inside functions, classes etc.
- Please try to follow the [code comment guidelines](./code-comments.md) when adding comments.
### Linting
Linting is performed using [@grafana/eslint-config](https://github.com/grafana/eslint-config-grafana).
## React
Use the following conventions when implementing React components:
### Props
##### Name callback props and handlers with an "on" prefix.
Name callback props and handlers with an _on_ prefix. For example:
SASS styles are deprecated. You should migrate to Emotion whenever you need to modify SASS styles.
### Types
In general, you should let TypeScript infer the types so that there's no need to explicitly define the type for each variable.
There are some exceptions to this:
```typescript
// TypeScript needs to know the type of arrays or objects; otherwise, it infers type as an array of any
// bad
conststringArray=[];
// good
conststringArray: string[]=[];
```
Specify function return types explicitly in new code. This improves readability by being able to tell what a function returns just by looking at the signature. It also prevents errors when a function's return type is broader than expected by the author.
> **Note:** Linting is not enabled for this issue because there is old code that needs to be fixed first.
- [Create React App: Remove React.FC from typescript template](https://github.com/facebook/create-react-app/pull/8177)
- [Kent C. Dodds: How to write a React Component in Typescript](https://kentcdodds.com/blog/how-to-write-a-react-component-in-typescript)
- [Kent C. Dodds: Function forms](https://kentcdodds.com/blog/function-forms)
- [Sam Hendrickx: Why you probably shouldn't use React.FC?](https://medium.com/raccoons-group/why-you-probably-shouldnt-use-react-fc-to-type-your-react-components-37ca1243dd13)
Grafana uses [Redux Toolkit](https://redux-toolkit.js.org/) to handle Redux boilerplate code.
> Some of our Reducers are used by Angular and therefore state is to be considered as mutable for those reducers.
> **Note:** Some of our reducers are used by Angular; therefore, consider state to be mutable for those reducers.
## Test functionality
Here's how to test the functioning of your Redux reducers.
### reducerTester
Fluent API that simplifies the testing of reducers
Use the Fluent API framework to simplify the testing of reducers.
#### Usage
Example of `reducerTester` in use:
```typescript
reducerTester()
.givenReducer(someReducer,initialState)
@@ -21,9 +25,9 @@ reducerTester()
#### Complex usage
Sometimes you encounter a `resulting state` that contains properties that are hard to compare, such as `Dates`, but you still want to compare that other props in state are correct.
Sometimes you encounter a _resulting state_ that contains properties that are hard to compare, such as `Dates`, but you still want to evaluate whether other props in state are correct.
Then you can use`thenStatePredicateShouldEqual` function on `reducerTester` that will return the `resulting state` so that you can expect upon individual properties..
In these cases, you can evaluate individual properties by using`thenStatePredicateShouldEqual` function on `reducerTester` that will return the resulting state. For example:
```typescript
reducerTester()
@@ -37,10 +41,12 @@ reducerTester()
### thunkTester
Fluent API that simplifies the testing of thunks.
Here's a Fluent API function that simplifies the testing of thunks.
It is possible to infer connected props automatically from `mapStateToProps` and `mapDispatchToProps` using a helper type `ConnectedProps` from Redux. For this to work the `connect` call has to be split into two parts.
It is possible to infer connected props automatically from `mapStateToProps` and `mapDispatchToProps` using a helper type `ConnectedProps` from Redux. For this to work properly, split the `connect` call into two parts like so:
```typescript
import{connect,ConnectedProps}from'react-redux';
@@ -80,4 +86,4 @@ class PanelEditorUnconnected extends PureComponent<Props> {}
For more examples, refer to the [Redux docs](https://react-redux.js.org/using-react-redux/static-typing#inferring-the-connected-props-automatically).
For more examples, refer to the [Redux documentation](https://react-redux.js.org/using-react-redux/static-typing#inferring-the-connected-props-automatically).
[Storybook](https://storybook.js.org/) is a tool which we use to manage our design system and the components which are a part of it. Storybook consists of _stories:_ each story represents a component and a case in which it is used. To show a wide variety of use cases is good both documentation wise and for troubleshooting -- it might be possible to reproduce a bug for an edge case in a story.
[Storybook](https://storybook.js.org/) is a tool which Grafana uses to manage our design system and its components. Storybook consists of _stories_. Each story represents a component and the case in which it is used.
To show a wide variety of use cases is good both documentation wise and for troubleshooting—it might be possible to reproduce a bug for an edge case in a story.
Storybook is:
@@ -10,16 +12,22 @@ Storybook is:
## How to create stories
Stories for a component should be placed next to the component file. The Storybook file requires the same name as the component file. For example, a story for `SomeComponent.tsx`will have the file name `SomeComponent.story.tsx`. If a story should be internal, not visible in production, name the file `SomeComponent.story.internal.tsx`.
Stories for a component should be placed next to the component file. The Storybook file requires the same name as the component file. For example, a story for `SomeComponent.tsx`has the file name `SomeComponent.story.tsx`.
If a story should be internal—not visible in production—name the file `SomeComponent.story.internal.tsx`.
### Writing stories
When writing stories, we use the [CSF format](https://storybook.js.org/docs/formats/component-story-format/). For more in-depth information on writing stories, see [Storybook’s documentation on writing stories](https://storybook.js.org/docs/basics/writing-stories/).
When writing stories, we use the [CSF format](https://storybook.js.org/docs/formats/component-story-format/).
> **Note:** For more in-depth information on writing stories, see [Storybook’s documentation](https://storybook.js.org/docs/basics/writing-stories/).
With the CSF format, the default export defines some general information about the stories in the file:
-`title`: Where the component is going to live in the hierarchy
-`decorators`: A list which can contain wrappers or provide context, such as theming
-**`title`**: Where the component is going to live in the hierarchy
-**`decorators`**: A list which can contain wrappers or provide context, such as theming
Example:
```jsx
// In MyComponent.story.tsx
@@ -34,18 +42,18 @@ export default {
```
When it comes to writing the actual stories, you continue in the same file with named exports. The exports are turned into the story name.
When it comes to writing the actual stories, you should continue in the same file with named exports. The exports are turned into the story name like so:
```jsx
// Will produce a story name “some story”
exportconstsomeStory=()=><MyComponent/>;
```
If you want to write cover cases with different values for props, then using knobs is usually enough. You don’t need to create a new story. This will be covered further down.
If you want to write cover cases with different values for props, then using knobs is usually enough. You don’t need to create a new story. This topic will be covered further down.
### Categorization
We currently have these categories:
We have these categories of components:
- **Docs Overview** - Guidelines and information regarding the design system
- **Forms** - Components commonly used in forms such as different kind of inputs
@@ -55,7 +63,7 @@ We currently have these categories:
## Writing MDX documentation
An MDX file is basically a markdown file with the possibility to add jsx. These files are used by Storybook to create a “docs” tab.
An MDX file is a markdown file with the possibility to add JSX. These files are used by Storybook to create a “docs” tab.
### Link the MDX file to a component’s stories
@@ -83,7 +91,7 @@ export default {
### MDX file structure
There are some things that the MDX file should contain:
The MDX file should contain the following items:
- When and why the component should be used
- Best practices - dos and don’ts for the component
@@ -101,7 +109,9 @@ import { MyComponent } from './MyComponent';
### MDX file without a relationship to a component
An MDX file can exist by itself without any connection to a story. This can be good for writing things such as a general guidelines page. Two things are required for this to work:
An MDX file can exist by itself without any connection to a story. This can be good for writing things such as a general guidelines page.
Two conditions must be met for this to work:
- The file needs to be named `*.story.mdx`
- A `Meta` tag must exist that says where in the hierarchy the component lives. It can look like this:
@@ -115,7 +125,7 @@ An MDX file can exist by itself without any connection to a story. This can be g
```
You can add parameters to the Meta tag. This example shows how to hide the tools:
You can add parameters to the `Meta` tag. This example shows how to hide the tools:
@@ -128,11 +138,11 @@ You can add parameters to the Meta tag. This example shows how to hide the tools
## Documenting component properties
A quick way to get an overview of what a component does is by looking at its properties. That's why it is important that we document these in a good way.
A quick way to get an overview of what a component does is by looking at its properties. That's why it is important that you document these in a good way.
### Comments
When writing the props interface for a component, it is possible to add a comment to that specific property, which will end up in the Props table in the MDX file. The comments are generated by [react-docgen](https://github.com/reactjs/react-docgen) and are formatted by writing `/** */`.
When writing the props interface for a component, it's possible to add a comment to that specific property. When you do so, the comment will appear in the Props table in the MDX file. The comments are generated by [react-docgen](https://github.com/reactjs/react-docgen) and are formatted by writing `/** */`.
```jsx
interfaceMyProps{
@@ -143,25 +153,28 @@ interface MyProps {
### Controls
The [controls addon](https://storybook.js.org/docs/react/essentials/controls) provides a way to interact with a component's properties dynamically and requires much less code than knobs. We're deprecating knobs in favor of using controls.
The [controls addon](https://storybook.js.org/docs/react/essentials/controls) provides a way to interact with a component's properties dynamically. It also requires much less code than knobs.
Knobs are deprecated in favor of using controls.
#### Migrating a story from Knobs to Controls
As a test, we migrated the [button story](https://github.com/grafana/grafana/blob/main/packages/grafana-ui/src/components/Button/Button.story.tsx). Here's the guide on how to migrate a story to controls.
As a test, we migrated the [button story](https://github.com/grafana/grafana/blob/main/packages/grafana-ui/src/components/Button/Button.story.tsx).
Here's the guide on how to migrate a story to controls.
1. Remove the `@storybook/addon-knobs` dependency.
2. Import the Story type from `@storybook/react`
2. Import the `Story` type from `@storybook/react`
`import { Story } from @storybook/react`
3. Import the props interface from the component you're working on (these must be exported in the component).
3. Import the props interface from the component you're working on (these must be exported in the component):
`import { Props } from './Component'`
4. Add the Story type to all stories in the file, then replace the props sent to the component
and remove any knobs.
4. Add the `Story` type to all stories in the file, then replace the props sent to the component and remove any knobs:
Before
Before:
```tsx
export const Simple = () => {
@@ -172,7 +185,7 @@ As a test, we migrated the [button story](https://github.com/grafana/grafana/blo
@@ -180,7 +193,7 @@ As a test, we migrated the [button story](https://github.com/grafana/grafana/blo
};
```
5. Add default props (or args in Storybook language).
5. Add default props (or `args` in Storybook language):
```tsx
Simple.args = {
@@ -189,8 +202,7 @@ As a test, we migrated the [button story](https://github.com/grafana/grafana/blo
};
```
6. If the component has advanced props type (ie. other than string, number, boolean), you need to
specify these in an `argTypes`. This is done in the default export of the story.
6. If the component has advanced props type (that is, other than string, number, or Boolean), you need to specify these in an `argTypes`. Do this in the default export of the story:
```tsx
export default {
@@ -204,6 +216,6 @@ As a test, we migrated the [button story](https://github.com/grafana/grafana/blo
## Best practices
- When creating a new component or writing documentation for an existing one, always cover the basic use case it was intended for with a code example.
- When creating a new component or writing documentation for an existing one, add a code example. The example should always cover the basic use case it was intended for.
- Use stories and knobs to create edge cases. If you are trying to solve a bug, try to reproduce it with a story.
- Do not create stories in the MDX, always create them in the `*.story.tsx` file.
- Do not create stories in the MDX. Instead, create them in the `*.story.tsx` file.
[Emotion](https://emotion.sh/docs/introduction) is our default-to-be approach to styling React components. It provides a way for styles to be a consequence of properties and state of a component.
[Emotion](https://emotion.sh/docs/introduction) is Grafana's default-to-be approach to styling React components. It provides a way for styles to be a consequence of properties and state of a component.
## Usage
For styling components, use [Emotion's `css` function](https://emotion.sh/docs/emotion#css).
For styling components, use [Emotion's `css` function](https://emotion.sh/docs/@emotion/css#css).
### Basic styling
To access the theme in your styles, use the `useStyles` hook. It provides basic memoization and access to the theme object.
To access the Emotion theme in your styles, use the `useStyles` hook. This hook provides basic memoization and access to the theme object.
> Please remember to put `getStyles` function at the end of the file!
> **Note:** Please remember to put `getStyles` function at the end of the file!
In more complex cases, especially when you need to style multiple DOM elements in one component, or when using styles that depend on properties and/or state you
can have your getStyles function return an object with many class names and use [Emotion's `cx` function](https://emotion.sh/docs/@emotion/css#cx) to compose them.
In more complex cases, you can have the `getStyles` function return an object with many class names and use [Emotion's `cx` function](https://emotion.sh/docs/@emotion/css#cx) to compose them.
Let's say you need to style a component that has a different background depending on the `isActive` property :
This feature can be especially useful in certain use cases:
- when you need to style multiple DOM elements in one component
- when using styles that depend on properties
- when using styles that depend on state
Let's say you need to style a component that has a different background depending on the `isActive` property. For example:
The goal of this document is to address the most frequently asked "How to" questions related to unit testing.
## Best practices
## Some recommended practices for testing
- Default to the `*ByRole` queries when testing components as it encourages testing with accessibility concerns in mind. It's also possible to use `*ByLabelText` queries. However, the `*ByRole` queries are [more robust](https://testing-library.com/docs/queries/bylabeltext/#name) and are generally recommended over the former.
- Default to the `*ByRole` queries when testing components because it encourages testing with accessibility concerns in mind.
- Alternatively, you could use `*ByLabelText` queries for testing components. However, we recommend the `*ByRole` queries because they are [more robust](https://testing-library.com/docs/queries/bylabeltext/#name).
## Testing User Interactions
@@ -13,7 +14,7 @@ We use the [user-event](https://testing-library.com/docs/user-event/intro) libra
There are two important considerations when working with `userEvent`:
1. All methods in `userEvent` are asynchronous, and thus require the use of `await` when called.
2. Directly calling methods from `userEvent` may not be supported in future versions. As such, it's necessary to first call `userEvent.setup()` prior to the tests. This method returns a `userEvent` instance, complete with all its methods. This setup process can be simplified using a utility function:
1. Directly calling methods from `userEvent` may not be supported in future versions. As such, it's necessary to first call `userEvent.setup()` prior to the tests. This method returns a `userEvent` instance, complete with all its methods. This setup process can be simplified using a utility function:
There are a few utilities that can be useful for debugging tests:
- [screen.debug()](https://testing-library.com/docs/queries/about/#screendebug) - This function prints a human-readable representation of the document's DOM tree when called without arguments, or the DOM tree of specific node(s) when provided with arguments. It is internally using `console.log` to log the output to terminal.
- [Testing Playground](https://testing-playground.com/) - An interactive sandbox that allows testing which queries work with specific HTML elements.
- [logRoles](https://testing-library.com/docs/dom-testing-library/api-debugging/#prettydom) - A utility function that prints out all the implicit ARIA roles for a given DOM tree.
- [screen.debug()](https://testing-library.com/docs/queries/about/#screendebug) - This function prints a human-readable representation of the document's DOM tree when called without arguments, or the DOM tree of specific node or nodes when provided with arguments. It is internally using `console.log` to log the output to terminal.
- [Testing Playground](https://testing-playground.com/) - An interactive sandbox that allows testing of which queries work with specific HTML elements.
- [prettyDOM logRoles](https://testing-library.com/docs/dom-testing-library/api-debugging/#prettydom) - A utility function that prints out all the implicit ARIA roles for a given DOM tree.
## Testing Select Components
## Testing select components
Here, the [OrgRolePicker](https://github.com/grafana/grafana/blob/38863844e7ac72c7756038a1097f89632f9985ff/public/app/features/admin/OrgRolePicker.tsx) component is used as an example. This component essentially serves as a wrapper for the `Select` component, complete with its own set of options.
The recommended way to query `Select` components is by using a label. Add a `label` element and provide the `htmlFor` prop with a matching `inputId`. Alternatively, `aria-label` can be specified on the `Select`.
It is a recommended practice to query `Select` components by using a label. Add a `label` element and provide the `htmlFor` prop with a matching `inputId`. Alternatively, you can specify `aria-label` on the `Select` statement.
At times, it might be necessary to verify that the `Select` component is displaying the correct options. In such instances, the best solution is to click the `Select` component and match the desired option using the `*ByText` query.
The recommended approach for mocking the `window` object is to use Jest spies. Jest's spy functions provide a built-in mechanism for restoring mocks. This feature eliminates the need to manually save a reference to the `window` object.
The recommended approach for mocking the `window` object is to use [Jest spies](https://jestjs.io/docs/jest-object). Jest's spy functions provide a built-in mechanism for restoring mocks. This feature eliminates the need to manually save a reference to the `window` object.
```tsx
letwindowSpy: jest.SpyInstance;
@@ -156,7 +157,7 @@ it('should test with window', function () {
### Mocking getBackendSrv()
The `getBackendSrv()` function is used to make HTTP requests to the Grafana backend. It is possible to mock this function using the `jest.mock` method.
Use the `getBackendSrv()` function to make HTTP requests to the Grafana backend. It is possible to mock this function using the `jest.mock` method.
The `AsyncSelect` component is used to asynchronously load options. As such, it often relies on the `getBackendSrv` for loading the options.
Use the `AsyncSelect` component to asynchronously load options. This component often relies on the `getBackendSrv` for loading the options.
Here's how the test would look like for this [OrgPicker](https://github.com/grafana/grafana/blob/38863844e7ac72c7756038a1097f89632f9985ff/public/app/core/components/Select/OrgPicker.tsx) component, which uses `AsyncSelect` under the hood.
Here's what the test looks like for this [OrgPicker](https://github.com/grafana/grafana/blob/38863844e7ac72c7756038a1097f89632f9985ff/public/app/core/components/Select/OrgPicker.tsx) component, which uses `AsyncSelect` under the hood:
- Lowering the issue count by preventing duplicate issues.
- Streamlining the development process by preventing duplicate discussions.
This document gives you some ideas on what you can do to help. For more information, read more about [how the core Grafana team triage issues](/ISSUE_TRIAGE.md).
This document gives you some ideas on what you can do to help. For more information, read more about [how the core Grafana team triage issues](/contribute/ISSUE_TRIAGE.md).
## Improve issues
@@ -23,9 +23,9 @@ Investigate issues that we haven't been able to reproduce yet. In some cases, th
## Vote on issues
Use [GitHub reactions](https://help.github.com/en/articles/about-conversations-on-github#reacting-to-ideas-in-comments) to let us know what's important to you. Vote on bugs if you've experienced the same problem. **Don't vote, or react, by commenting on the issue.**
Use [GitHub reactions](https://github.blog/news-insights/product-news/add-reactions-to-pull-requests-issues-and-comments/) to let us know what's important to you. Vote on bugs if you've experienced the same problem. **Don't vote, or react, by commenting on the issue.**
Read more about [how we prioritize issues](/ISSUE_TRIAGE.md#4-prioritization-of-issues).
Read more about [how we prioritize issues](/contribute/ISSUE_TRIAGE.md#4-prioritization-of-issues).
- Report per-CPU metrics if true, global sum of CPU metrics if false (details: [collectd.conf man page](https://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_cpu))
- Report per-CPU metrics if true, global sum of CPU metrics if false (details: [collectd.conf man page](https://www.collectd.org/documentation/manpages/collectd.conf.html))
- Optional, defaults to false.
-`COLLECT_INTERVAL`
- Collection interval and thus resolution of metrics
# README for the image storage WebDAV docker block
This block is used for testing the [WebDAV](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#external_image_storagewebdav) option for external image storage which is used in [alert notifications](https://grafana.com/docs/grafana/latest/alerting/manage-notifications/images-in-notifications/). This uses the simplest WebDav server that is still being maintained, a project called [Dufs](https://github.com/sigoden/dufs).
This block is used for testing the [WebDAV](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#external_image_storagewebdav) option for external image storage which is used in [alert notifications](https://grafana.com/docs/grafana/latest/alerting/configure-notifications/template-notifications/images-in-notifications/). This uses the simplest WebDav server that is still being maintained, a project called [Dufs](https://github.com/sigoden/dufs).
You can create interactive links for Explore visualizations to run queries related to presented data by setting up Correlations.
You can create interactive links for Explore visualizations by setting up Correlations. These links can either run queries or generate external URLs related to presented data.
A correlation defines how data in one [data source](../../datasources/) is used to query data in another data source.
A correlation defines how data in one [data source](../../datasources/) is used to query data in another data source or to generate an external URL.
Some examples:
- an application name returned in a logs data source can be used to query metrics related to that application in a metrics data source, or
- a user name returned by an SQL data source can be used to query logs related to that particular user in a logs data source
- a customer ID in a logs data source can link to a different platform that has a profile on that customer.
[Explore](../../explore/) takes user-defined correlations to display links inside the visualizations.
You can click on a link to run the related query and see results in [Explore Split View](../../explore/#split-and-compare).
If a correlation links to a query, you can click on that link to run the related query and see results in [Explore Split View](../../explore/#split-and-compare).
If a correlation links to an external URL, you can click on the link to open the URL in a new tab in your browser.
Explore visualizations that currently support showing links based on correlations:
title: Label Based Access Control (LBAC) for data sources
weight: 100
---
# Team LBAC
# Label Based Access Control (LBAC) for data sources
Team Label Based Access Control (LBAC) simplifies and streamlines data source access management based on team memberships.
Label Based Access Control (LBAC) simplifies and streamlines data source access management based on team memberships.
{{< admonition type="note" >}}
Creating Team LBAC rules is available for preview for logs with Loki in Grafana Cloud.
LBAC rules is available for preview for logs with Loki in Grafana Cloud.
Report any unexpected behavior to the Grafana Support team.
To use Team LBAC rules you must enable the `teamHttpHeaders` feature toggle because the feature uses HTTP headers for the LBAC rules requests.
- Be sure that you are running Grafana Enterprise.
{{< /admonition >}}
To use LBAC rules you must enable the `teamHttpHeaders` feature toggle because the feature uses HTTP headers for the LBAC rules requests.
{{< /admonition >}}
You can configure user access based upon team memberships using LogQL.
Team LBAC controls access to logs depending on the rules set for each team.
LBAC for data sources controls access to logs depending on the rules set for each team.
This feature addresses two common challenges faced by Grafana users:
1. Having a high number of Grafana Cloud data sources.
Team LBAC lets Grafana administrators reduce the total number of data sources per instance from hundreds, to one.
LBAC for data sources lets Grafana administrators reduce the total number of data sources per instance from hundreds, to one.
1. Using the same dashboard across multiple teams.
Team LBAC lets Grafana Teams use the same dashboard with different access control rules.
LBAC for data sources lets Grafana Teams use the same dashboard with different access control rules.
To set up Team LBAC for a Loki data source, refer to [Configure Team LBAC](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/administration/data-source-management/teamlbac/configure-teamlbac-for-loki/).
To set up LBAC for data sources for a Loki data source, refer to [Configure LBAC for data sources](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/administration/data-source-management/teamlbac/configure-teamlbac-for-loki/).
## Limitations
- There is a set number of rules to be configured within a datasource, depending on the size of the rules.
- There is a set number of rules to be configured within a datasource, depending on the size of the rules.
- Around ~500-600 rules is the upper limit.
- If there are no Team LBAC rules for a user's team, that user can query all logs.
- If an administrator is part of a team with Team LBAC rules, those rules are applied to the administrator requests.
Cloud Access Policies are the access controls from Grafana Cloud.
If there are any CAP LBAC rules configured for the same data source, then only the CAP LBAC rules are applied.
- If there are no LBAC for data sources rules for a user's team, that user can query all logs.
- If an administrator is part of a team with LBAC for data sources rules, those rules are applied to the administrator requests.
- Cloud Access Policy (CAP) LBAC rules override LBAC for data sources rules.
CAP are the access controls from Grafana Cloud.
You must remove any label selectors from your Cloud Access Policies to use Team LBAC.
For more information about CAP label selectors, refer to [Use label-based access control (LBAC) with access policies](https://grafana.com/docs/grafana-cloud/account-management/authentication-and-permissions/access-policies/label-access-policies/).
You must remove any label selectors from your Cloud Access Policy that is configured for the Loki data source, otherwise the CAP label selectors override the LBAC for data sources rules. For more information about CAP label selectors, refer to [Use label-based access control (LBAC) with access policies](https://grafana.com/docs/grafana-cloud/account-management/authentication-and-permissions/access-policies/label-access-policies/).
## Data source permissions
Data source permissions allow the users access to query the data source.
Administrators set the permissions at the data source level.
All the teams and users that are part of the data source inherit those permissions.
-Data source permissions allow the users access to query the data source.
-Administrators set the permissions at the data source level.
-All the teams and users that are part of the data source inherit those permissions.
## Recommended setup
It's recommended that you create a single Loki data source for using Team LBAC rules so you have a clear separation of data sources using Team LBAC and those that aren't.
It's recommended that you create a single Loki data source for using LBAC for data sources rules so you have a clear separation of data sources using LBAC for data sources and those that aren't.
All teams should have with only teams having `query` permission.
You should create another Loki data source configured without Team LBAC for full access to the logs.
You should create another Loki data source configured without LBAC for data sources for full access to the logs.
## Team LBAC rules
## LBAC rules
Grafana adds Team LBAC rules to the HTTP request via the Loki data source.
Grafana adds LBAC for data sources rules to the HTTP request via the Loki data source.
If you configure multiple rules for a team, each rule is evaluated separately.
Query results include lines that match any of the rules.
Only users with data source `Admin` permissions can edit Team LBAC rules in the **Data source permissions** tab because changing LBAC rules requires the same access level as editing data source permissions.
Only users with data source `Admin` permissions can edit LBAC for data sources rules in the **Data source permissions** tab because changing LBAC rules requires the same access level as editing data source permissions.
To set up Team LBAC for a Loki data source, refer to [Configure Team LBAC](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/administration/data-source-management/teamlbac/configure-teamlbac-for-loki/).
To set up LBAC for data sources for a Loki data source, refer to [Configure LBAC for data sources](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/administration/data-source-management/teamlbac/configure-teamlbac-for-loki/).
description: Configure Team LBAC for Loki data source on Grafana Cloud
description: Configure LBAC for data sources for Loki data source on Grafana Cloud
keywords:
- loki
- datasource
@@ -7,42 +7,41 @@ keywords:
labels:
products:
- cloud
title: Configure Team LBAC for Loki
title: Configure LBAC for data sources for Loki
weight: 250
---
# Configure Team LBAC for Loki data source on Grafana Cloud
# Configure LBAC for data sources for Loki data source on Grafana Cloud
Team LBAC is available in private preview on Grafana Cloud for Loki created with basic authentication. Loki datasources for Team LBAC can only be created, provisioning is currently not available.
LBAC for data sources is available in private preview on Grafana Cloud for Loki created with basic authentication. Loki datasources for LBAC for data sources can only be created, provisioning is currently not available.
You cannot configure LBAC rules for Grafana-provisioned data sources from the UI. Alternatively, you can replicate the setting of the provisioned data source in a new data source as described in [LBAC Configuration for New Loki Data Source](https://grafana.com/docs/grafana/latest/administration/data-source-management/teamlbac/configure-teamlbac-for-loki/#task-1-lbac-configuration-for-new-loki-data-source) and then add the LBAC configuration to the new data source.
## Before you begin
To be able to use Team LBAC rules, you need to enable the feature toggle `teamHttpHeaders` on your Grafana instance. Contact support to enable the feature toggle for you.
To be able to use LBAC for data sources rules, you need to enable the feature toggle `teamHttpHeaders` on your Grafana instance. Contact support to enable the feature toggle for you.
- Be sure that you are running Grafana Enterprise.
- Be sure that you have the permission setup to create a loki tenant in Grafana Cloud
- Be sure that you have the permission setup to create a Loki tenant in Grafana Cloud
- Be sure that you have admin data source permissions for Grafana.
### Permissions
We recommend that you remove all permissions for roles and teams that are not required to access the data source. This will help to ensure that only the required teams have access to the data source. The recommended permissions are `Admin` permission and only add the teams `Query` permissions that you want to add Team LBAC rules for.
We recommend that you remove all permissions for roles and teams that are not required to access the data source. This will help to ensure that only the required teams have access to the data source. The recommended permissions are `Admin` permission and only add the teams `Query` permissions that you want to add LBAC for data sources rules for.
## Task 1: Configure Team LBAC for a new Loki data source
## Task 1: LBAC Configuration for New Loki Data Source
1. Access Loki data sources details for your stack through grafana.com
1. Copy Loki Details and Create a CAP
1. Copy Loki details and create a CAP
- Copy the details of your Loki setup.
- Create a Cloud Access Policy (CAP) for the Loki data source in grafana.com.
- Ensure the CAP includes `logs:read` permissions.
- Ensure the CAP does not include `labels` rules.
1. Create a New Loki Data Source
1. Create a new Loki data source
- In Grafana, proceed to add a new data source and select Loki as the type.
1. Navigate back to the Loki data source
- Set up the Loki data source using basic authentication. Use the userID as the username. Use the generated CAP token as the password.
- Save and connect.
1. Navigate to Data Source Permissions
- Go to the permissions tab of the newly created Loki data source. Here, you'll find the Team LBAC rules section.
1. Navigate to data source permissions
- Go to the permissions tab of the newly created Loki data source. Here, you'll find the LBAC for data sources rules section.
For more information on how to setup Team LBAC rules for a Loki data source, refer to [Create Team LBAC rules for the Loki data source](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/administration/data-source-management/teamlbac/create-teamlbac-rules/).
For more information on how to setup LBAC for data sources rules for a Loki data source, refer to [Create LBAC for data sources rules for the Loki data source](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/administration/data-source-management/teamlbac/create-teamlbac-rules/).
description: Learn how to create Team LBAC rules for the Loki data source.
description: Learn how to create LBAC for data sources rules for the Loki data source.
keywords:
- loki
- lbac
- team
labels:
products:
- enterprise
- cloud
title: Create Team LBAC rules for the Loki data source
title: Create LBAC for data sources rules for the Loki data source
weight: 250
---
# Create Team LBAC rules for the Loki data source
# Create LBAC for data sources rules for the Loki data source
Team LBAC is available on Cloud for data sources created with basic authentication. Any managed Loki data source can **NOT** be configured with Team LBAC rules.
LBAC for data sources is available on Cloud for Loki data sources created with basic authentication. Managed/Provisioned Loki data source can **NOT** be configured with LBAC for data sources as of now.
## Before you begin
To be able to use Team LBAC rules, you need to enable the feature toggle `teamHttpHeaders` on your Grafana instance. Contact support to enable the feature toggle for you.
To be able to use LBAC for data sources rules, you need to enable the feature toggle `teamHttpHeaders` on your Grafana instance. Contact support to enable the feature toggle for you.
- Be sure that you are running Grafana Enterprise.
- Be sure that you have the permission setup to create a Loki tenant in Grafana Cloud.
- Be sure that you have admin data source permissions for Grafana.
- Be sure that you have a team setup in Grafana.
### Create a Team LBAC Rule for a team
### Create a LBAC for data sources Rule for a team
1. Navigate to your Loki datasource
1. Navigate to your Loki datasource
1. Navigate to the permissions tab
- Here, you'll find the Team LBAC rules section.
1. Add a Team LBAC Rule
- Add a new rule for the team in the Team LBAC rules section.
1. Define Label Selector for the Rule
- Here, you'll find the LBAC for data sources rules section.
1. Add a LBAC for data sources Rule
- Add a new rule for the team in the LBAC for data sources rules section.
1. Define a label selector for the rule
- Add a label selector to the rule. Refer to Loki query documentation for guidance on the types of log selections you can specify.
### LBAC rule
A LBAC rule is a `logql` query that runs as a query to the loki instance for your logs. Each rule is it's own filtering operating independently from the other rules within a team. For example, you can create a label policy that includes all log lines with the label.
A LBAC rule is a `logql` query that runs as a query to the Loki instance for your logs. Each rule operates independently as its own filter, separate from other rules within a team. For example, you can create a label policy that includes all log lines with a specific label.
One rule `{namespace="dev", cluster="us-west-0"}` created with multiple namespaces will be seen as `namespace="dev"`**AND**`cluster="us-west-0"`.
Two rules `{namespace="dev"}`, `{cluster="us-west-0"}` created for a team will be seen as `namespace="dev"`**OR**`cluster="us-west-0"`.
@@ -47,11 +46,11 @@ We recommend you only add `query` permissions for teams that should use the data
We recommend for a first setup, setting up as few rules as possible for each team and make them additive for simplicity.
For validating the rules, we recommend testing the rules in the Loki Explore view. This will allow you to see the logs that would be returned for the rule.
To validate the rules, we recommend testing the rules in the Loki Explore view. This will allow you to see the logs that would be returned for the rule.
#### Tasks
### Task 1: One rule setup for each team
### Task 1: One rule setup for each team
One common use case for creating an LBAC policy is to have specific access to logs that have a specific label. For example, you can create a label policy that includes all log lines with the label.
@@ -67,9 +66,9 @@ A user that is part of Team B will have access to logs that match `namespace="pr
A user that is part of Team A and Team B will have access to logs that match `namespace="dev"` OR `namespace="prod"`.
### Task 2: One rule setup for a team Exclude a label
### Task 2: Set up a rule to exclude a label for a team
One common use case for creating an LBAC policy is to exclude logs that have a specific label. For example, you can create a label policy that excludes all log lines with the label secret=true by adding a selector with `secret!="true"` when you create an access policy:
One common use case for creating an LBAC policy is to exclude logs that have a specific label. For example, you can create a label policy that excludes all log lines with the label `secret=true` by adding a selector with `secret!="true"` when you create an access policy:
We have one team, Team A `Query` permissions. Loki access is setup with `Admin` roles to have `Admin` permission only.
@@ -77,7 +76,7 @@ We have one team, Team A `Query` permissions. Loki access is setup with `Admin`
A user that is part of Team A will **NOT** have access to logs that match `secret!="true"`.
### Task 3: Multiple rules setup for one team
### Task 3: Set up multiple rules for a team
We have two teams, Team A and Team B with `Query` permissions. Loki access is setup with `Admin` roles having `Admin` permission.
@@ -113,7 +112,7 @@ A user in Team B will have access to logs that match `namespace!="dev"`.
> _NOTE:_ A user that is part of Team A and Team B will have access to all logs that match `namespace="dev"` `OR` `namespace!="dev"`.
### Task 5: One rule setup for a Team
### Task 5: Single rule setup for a team
We have two teams, Team A and Team B. Loki access is setup with `Editor`, `Viewer` roles to have `Query` permission.
@@ -35,9 +35,9 @@ To activate your license, complete the following tasks.
For more information about deploying an application on Amazon ECS, refer to [Creating an Amazon ECS service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/create-service.html).
1. As you create the Amazon ECS service, use the Grafana Enterprise version 8.3.0 or later container image.
1. As you create the Amazon ECS service, use the intended Grafana Enterprise container image version.
For example, enter `grafana/grafana-enterprise:8.3.3`.
For example, enter `grafana/grafana-enterprise:11.3.0`.
> Only Grafana Enterprise versions 8.3.0 and later support licenses granted through AWS Marketplace.
# Activate a Grafana Enterprise license from AWS Marketplace on EKS
If you have purchased a Grafana Enterprise subscription through AWS Marketplace, you must activate it in order to use Grafana Enterprise data source plugins and features in Grafana.
If you have purchased a Grafana Enterprise subscription through AWS Marketplace, you must activate it to use Grafana Enterprise data source plugins and features in Grafana.
## Before you begin:
@@ -37,9 +37,9 @@ To activate your license, complete the following tasks:
For more information about installing Grafana on Kubernetes using the Helm Chart, refer to the [Grafana Helm Chart](https://github.com/grafana/helm-charts/tree/main/charts/grafana#readme).
1. Use `kubectl set image deployment/my-release grafana=grafana/grafana-enterprise:<version>` to update the container image to Grafana Enterprise version 8.3.0 or later.
1. Use `kubectl set image deployment/my-release grafana=grafana/grafana-enterprise:<version>` to update the container image.
For example, enter `grafana/grafana-enterprise:8.3.3`.
For example, enter `grafana/grafana-enterprise:11.3.0`.
> Only Grafana Enterprise versions 8.3.0 and later support licenses granted through AWS Marketplace.
@@ -56,7 +56,7 @@ Use app plugins when you want an out-of-the-box monitoring experience.
### Managing access for app plugins
Customize access to app plugins with [RBAC](../roles-and-permissions/access-control/#about-rbac).
Customize access to app plugins with [RBAC](../roles-and-permissions/access-control/rbac-for-app-plugins/).
By default, the Viewer, Editor and Admin roles have access to all app plugins that their Organization role allows them to access. Access is granted by the `fixed:plugins.app:reader` role.
@@ -103,53 +103,45 @@ To browse for available plugins:
### Install a plugin
To install a plugin:
The most common way to install a plugin is through the Grafana UI, but alternative methods are also available.
1. In Grafana, click **Administration > Plugins and data > Plugins** in the side navigation menu to view all plugins.
1. Browse and find a plugin.
1. Click the plugin's logo.
1. Click **Install**.
When the update is complete, you'll see a confirmation message that the installation was successful.
There are also additional ways to install plugins depending on your setup.
### Update a plugin
#### Install a plugin using Grafana CLI
To update a plugin:
Grafana CLI allows you to install, upgrade, and manage your Grafana plugins using a command line. For more information about Grafana CLI plugin commands, refer to [Plugin commands](../../cli/#plugins-commands).
1. In Grafana, click **Administration > Plugins and data > Plugins** in the side navigation menu to view all plugins.
1. Click the **Installed** filter to show only installed plugins.
1. Click the plugin's logo.
1. Click **Update**.
#### Install a plugin from a ZIP file
When the update is complete, you'll see a confirmationmessage that the update was successful.
This method is typically used for plugins not available in the Plugin Catalog or in environments without internet access.
### Uninstall a plugin
Download the archive containing the plugin assets, and install it by extracting the archive into the plugin directory. For example:
1. In Grafana, click **Administration > Plugins and data > Plugins** in the side navigation menu to view all plugins.
1. Click the plugin's logo.
1. Click the **Installed** filter to show only installed plugins.
1. Click **Uninstall**.
The path to the plugin directory is defined in the configuration file. For more information, refer to [Configuration](../../setup-grafana/configure-grafana/#plugins).
When the update is complete, you'll see a confirmation message that the uninstall was successful.
#### Install a plugin in air-gapped environment
## Install Grafana plugins
Plugin installation usually requires an internet connection. You can check which endpoints are used during the installation on your instance and add them to your instance’s allowlist.
Grafana supports data source, panel, and app plugins.
If this is not possible you can go via installing a plugin using [Grafana CLI](#install-a-plugin-using-grafana-cli) or as a [ZIP file](#install-a-plugin-from-a-zip-file).
1. In a web browser, navigate to the [Grafana plugin catalog](https://grafana.com/plugins) and find a plugin that you want to install.
1. Click the plugin, and then click the **Installation** tab.
You can fetch any plugin from Grafana.com API following the download link referenced in the API.
Here is an example based on `grafana-lokiexplore-app` plugins.
### Install plugin on Grafana Cloud
1. Open `https://grafana.com/api/plugins/grafana-lokiexplore-app` and look for `links` section
1. Find a `download` url which looks something like `https://grafana.com/api/plugins/grafana-lokiexplore-app/versions/1.0.2/download`
1. Use this URL to download the plugin ZIP file, which you can then install as described above.
On the **Installation tab**, in the **For** field, click the name of the Grafana instance on which you want to install the plugin.
Grafana Cloud handles the plugin installation automatically.
If you're logged in to Grafana Cloud when you add a plugin, log out and then log back in again to use the new plugin.
### Install plugins using the Grafana Helm chart
#### Install plugins using the Grafana Helm chart
With the Grafana Helm chart, add the plugins you want to install as a list using the `plugins` field in the your values file. For more information about the configuration, refer to [the Helm chart configuration reference](https://github.com/grafana/helm-charts/tree/main/charts/grafana#configuration).
@@ -162,21 +154,29 @@ plugins:
- redis-datasource
```
### Install plugin on local Grafana
When the update is complete, a confirmation message will indicate the installation was successful.
Follow the instructions on the **Install** tab. You can either install the plugin with a Grafana CLI command or by downloading and uncompressing a zip file into the Grafana plugins directory. We recommend using Grafana CLI in most instances. The zip option is available if your Grafana server doesn't have access to the internet.
### Update a plugin
For more information about Grafana CLI plugin commands, refer to [Plugin commands](../../cli/#plugins-commands).
To update a plugin:
#### Install a packaged plugin
1. In Grafana, click **Administration > Plugins and data > Plugins** in the side navigation menu to view all plugins.
1. Click the **Installed** filter to show only installed plugins.
1. Click the plugin's logo.
1. Click **Update**.
After the user has downloaded the archive containing the plugin assets, they can install it by extracting the archive into their plugin directory. For example:
When the update is complete, a confirmation message will indicate the installation was successful.
The path to the plugin directory is defined in the configuration file. For more information, refer to [Configuration](../../setup-grafana/configure-grafana/#plugins).
To uninstall a plugin:
1. In Grafana, click **Administration > Plugins and data > Plugins** in the side navigation menu to view all plugins.
1. Click the plugin's logo.
1. Click the **Installed** filter to show only installed plugins.
1. Click **Uninstall**.
When the update is complete, a confirmation message will indicate the installation was successful.
@@ -257,17 +257,17 @@ All of these settings are optional.
The _HTTP\*_ tag denotes data sources that communicate using the HTTP protocol, including all core data source plugins except MySQL, PostgreSQL, and MS SQL.
| tlsCACert | string | _HTTP\*_, MySQL, PostgreSQL | CA cert for out going requests. You can point directly to your stored cert by using an environment variable following the `$__file{path/to/ca}` format. |
| tlsClientCert | string | _HTTP\*_, MySQL, PostgreSQL | TLS Client cert for outgoing requests. You can point directly to your stored cert by using an environment variable following the `$__file{path/to/cert}` format. |
| tlsClientKey | string | _HTTP\*_, MySQL, PostgreSQL | TLS Client key for outgoing requests. You can point directly to your stored key by using an environment variable following the `$__file{path/to/key}` format. |
Available in [Grafana Enterprise](../../../../introduction/grafana-enterprise/) and [Grafana Cloud](/docs/grafana-cloud).
{{% /admonition %}}
{{< admonition type="note" >}}
Available in [Grafana Enterprise](/docs/grafana/<GRAFANA_VERSION>/introduction/grafana-enterprise/) and [Grafana Cloud](/docs/grafana-cloud/).
{{< /admonition >}}
A permission is comprised of an action and a scope. When creating a custom role, consider the actions the user can perform and the resource(s) on which they can perform those actions.
A permission is comprised of an action and a scope. When creating a custom role, consider the actions the user can perform and the resources on which they can perform those actions.
To learn more about the Grafana resources to which you can apply RBAC, refer to [Resources with RBAC permissions](ref:rbac-fixed-roles).
@@ -40,198 +40,184 @@ To learn more about the Grafana resources to which you can apply RBAC, refer to
The following list contains role-based access control actions.
| `alert.instances.external:read` | `datasources:*`<br>`datasources:uid:*` | Read alerts and silences in data sources that support alerting. |
| `alert.instances.external:write` | `datasources:*`<br>`datasources:uid:*`| Manage alerts and silences in data sources that support alerting. |
| `alert.instances:create` | n/a | Create silences in the current organization. |
| `alert.instances:read` | n/a| Read alerts and silences in the current organization. |
| `alert.instances:write` | n/a| Update and expire silences in the current organization. |
| `alert.notifications.external:read` | `datasources:*`<br>`datasources:uid:*` | Read templates, contact points, notification policies, and mute timings in data sources that support alerting. |
| `alert.notifications.external:write` | `datasources:*`<br>`datasources:uid:*` | Manage templates, contact points, notification policies, and mute timings in data sources that support alerting. |
| `alert.notifications:write` | n/a | Manage templates, contact points, notification policies, and mute timings in the current organization. |
| `alert.notifications:read`| n/a| Read all templates, contact points, notification policies, and mute timings in the current organization. |
| `alert.rules.external:read` | `datasources:*`<br>`datasources:uid:*` | Read alert rules in data sources that support alerting (Prometheus, Mimir, and Loki) |
| `alert.rules.external:write` | `datasources:*`<br>`datasources:uid:*`| Create, update, and delete alert rules in data sources that support alerting (Mimir and Loki). |
| `alert.rules:create` | `folders:*`<br>`folders:uid:*` | Create Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.rules:delete` | `folders:*`<br>`folders:uid:*` | Delete Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.rules:read`| `folders:*`<br>`folders:uid:*` | Read Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.rules:write` | `folders:*`<br>`folders:uid:*` | Update Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.silences:create`|`folders:*`<br>`folders:uid:*`| Create rule-specific silences in a folder and its subfolders. |
| `alert.silences:read`| `folders:*`<br>`folders:uid:*`| Read all general silences and rule-specific silences in a folder and its subfolders. |
| `alert.silences:write` | `folders:*`<br>`folders:uid:*` | Update and expire rule-specific silences in a folder and its subfolders. |
| `alert.provisioning:read` | n/a | Read all Grafana alert rules, notification policies, etc via provisioning API. Permissions to folders and datasource are not required. |
| `alert.provisioning.secrets:read`| n/a | Same as `alert.provisioning:read` plus ability to export resources with decrypted secrets. |
| `alert.provisioning:write` | n/a| Update all Grafana alert rules, notification policies, etc via provisioning API. Permissions to folders and datasource are not required. |
| `alert.provisioning.provenance:write` | n/a | Set provisioning status for alerting resources. Cannot be used alone. Requires user to have permissions to access resources |
| `apikeys:read` | `apikeys:*`<br>`apikeys:id:*` | Read API keys. |
| `apikeys:delete` | `apikeys:*`<br>`apikeys:id:*` | Delete API keys. |
| `dashboards:create` | `folders:*`<br>`folders:uid:*`| Create dashboards in one or more folders and their subfolders. |
| `dashboards:delete` | `dashboards:*`<br>`dashboards:uid:*`<br>`folders:*`<br>`folders:uid:*`| Delete one or more dashboards. |
| `dashboards.insights:read`| n/a | Read dashboard insights data and see presence indicators. |
| `dashboards.permissions:read`| `dashboards:*`<br>`dashboards:uid:*`<br>`folders:*`<br>`folders:uid:*` | Read permissions for one or more dashboards. |
| `dashboards.permissions:write` | `dashboards:*`<br>`dashboards:uid:*`<br>`folders:*`<br>`folders:uid:*` | Update permissions for one or more dashboards. |
| `dashboards:read` | `dashboards:*`<br>`dashboards:uid:*`<br>`folders:*`<br>`folders:uid:*` | Read one or more dashboards. |
| `dashboards:write` | `dashboards:*`<br>`dashboards:uid:*`<br>`folders:*`<br>`folders:uid:*` | Update one or more dashboards. |
| `dashboards.public:write`|`dashboards:*`<br>`dashboards:uid:*` | Write public dashboard configuration. |
| `folders.permissions:read` | `folders:*`<br>`folders:uid:*` | Read permissions for one or more folders and their subfolders. |
| `folders.permissions:write` | `folders:*`<br>`folders:uid:*`| Update permissions for one or more folders and their subfolders. |
| `folders:create`| n/a | Create folders in the root level. If granted together with `folders:write`, also allows creating subfolders under all folders that the user can update. |
| `folders:delete` | `folders:*`<br>`folders:uid:*` | Delete one or more folders and their subfolders. |
| `folders:read`| `folders:*`<br>`folders:uid:*`| Read one or more folders and their subfolders. |
| `folders:write` | `folders:*`<br>`folders:uid:*` | Update one or more folders and their subfolders. If granted together with `folders:create` permission, also allows creating subfolders under these folders. |
| `ldap.config:reload`| n/a | Reload the LDAP configuration. |
| `ldap.status:read` | n/a| Verify the availability of the LDAP server or servers. |
| `ldap.user:read` | n/a | Read users via LDAP. |
| `ldap.user:sync` | n/a | Sync users via LDAP. |
| `library.panels:create` | `folders:*` <br> `folders:uid:*` | Create a library panel in one or more folders and their subfolders. |
| `library.panels:read` | `folders:*` <br> `folders:uid:*` <br> `library.panels:*` <br> `library.panels:uid:*` | Read one or more library panels. |
| `library.panels:write` | `folders:*` <br> `folders:uid:*` <br> `library.panels:*` <br> `library.panels:uid:*` | Update one or more library panels. |
| `library.panels:delete` | `folders:*` <br> `folders:uid:*` <br> `library.panels:*` <br> `library.panels:uid:*` | Delete one or more library panels. |
| `licensing.reports:read` | n/a | Get custom permission reports. |
| `licensing:delete`| n/a| Delete the license token. |
| `orgs:delete` | n/a| Delete one or more organizations. |
| `orgs:read` | n/a| Read one or more organizations. |
| `orgs:write` | n/a| Update one or more organizations. |
| `plugins.app:access` | `plugins:*` <br> `plugins:id:*` | Access one or more application plugins (still enforcing the organization role) |
| `plugins:install` | n/a | Install and uninstall plugins. |
| `plugins:write` | `plugins:*` <br> `plugins:id:*`| Edit settings for one or more plugins. |
| `provisioning:reload` | `provisioners:*` | Reload provisioning files. To find the exact scope for specific provisioner, see [Scope definitions](#scope-definitions). |
| `serviceaccounts:read`| `serviceaccounts:*` <br> `serviceaccounts:id:*`| Read Grafana service accounts. |
| `serviceaccounts.permissions:write` | `serviceaccounts:*` <br> `serviceaccounts:id:*` | Update Grafana service account permissions to control who can do what with the service account. |
| `serviceaccounts.permissions:read`| `serviceaccounts:*` <br> `serviceaccounts:id:*` | Read Grafana service account permissions to see who can do what with the service account. |
| `settings:write` | `settings:*`<br>`settings:auth.saml:*`<br>`settings:auth.saml:enabled` (property level) | Update any Grafana configuration settings that can be [updated at runtime](../../../../setup-grafana/configure-grafana/settings-updates-at-runtime/). |
| `support.bundles:create`| n/a | Create support bundles. |
| `support.bundles:delete` | n/a | Delete support bundles. |
| `support.bundles:read` | n/a| List and download support bundles. |
| `status:accesscontrol` | `services:accesscontrol`| Get access-control enabled status. |
| `teams.permissions:read` | `teams:*`<br>`teams:id:*` | Read members and Team Sync setup for teams. |
| `teams.permissions:write` | `teams:*`<br>`teams:id:*`| Add, remove and update members and manage Team Sync setup for teams. |
| `teams.roles:add` | `permissions:type:delegate` | Assign a role to a team. |
| `teams.roles:read` | `teams:*`<br>`teams:id:*` | List roles assigned directly to a team. |
| `teams.roles:remove` | `permissions:type:delegate` | Unassign a role from a team. |
| `teams:create` | n/a | Create teams. |
| `teams:delete` | `teams:*`<br>`teams:id:*`| Delete one or more teams. |
| `teams:read`| `teams:*`<br>`teams:id:*` | Read one or more teams and team preferences. To list teams through the UI one of the following permissions is required in addition to `teams:read`: `teams:write`, `teams.permissions:read` or `teams.permissions:write`. |
| `teams:write` | `teams:*`<br>`teams:id:*` | Update one or more teams and team preferences. |
| `users.authtoken:read`| `global.users:*` <br> `global.users:id:*` | List authentication tokens that are assigned to a user. |
| `users.authtoken:write` | `global.users:*` <br> `global.users:id:*`| Update authentication tokens that are assigned to a user. |
> **Note:** Available from Grafana 9.4 in early access.
> **Note:** This feature is behind the `accessControlOnCall` feature toggle.
> You can enable feature toggles through configuration file or environment variables. See configuration [docs](../../../../setup-grafana/configure-grafana/#feature_toggles) for details.
The following list contains role-based access control actions used by Grafana OnCall application plugin.
| `alert.instances.external:read` | <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul> | Read alerts and silences in data sources that support alerting. |
| `alert.instances.external:write` | <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul> | Manage alerts and silences in data sources that support alerting. |
| `alert.instances:create` | None | Create silences in the current organization. |
| `alert.instances:read` | None | Read alerts and silences in the current organization. |
| `alert.instances:write` | None | Update and expire silences in the current organization. |
| `alert.notifications.external:read` | <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul> | Read templates, contact points, notification policies, and mute timings in data sources that support alerting. |
| `alert.notifications.external:write`| <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul> | Manage templates, contact points, notification policies, and mute timings in data sources that support alerting. |
| `alert.notifications:write` | None | Manage templates, contact points, notification policies, and mute timings in the current organization. |
| `alert.notifications:read`| None | Read all templates, contact points, notification policies, and mute timings in the current organization. |
| `alert.rules.external:read` | <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul> | Read alert rules in data sources that support alerting (Prometheus, Mimir, and Loki) |
| `alert.rules.external:write`| <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul> | Create, update, and delete alert rules in data sources that support alerting (Mimir and Loki). |
| `alert.rules:create` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Create Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.rules:delete` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Delete Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.rules:read` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Read Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.rules:write` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Update Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.silences:create` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Create rule-specific silences in a folder and its subfolders. |
| `alert.silences:read` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Read all general silences and rule-specific silences in a folder and its subfolders. |
| `alert.silences:write` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Update and expire rule-specific silences in a folder and its subfolders. |
| `alert.provisioning:read` | None | Read all Grafana alert rules, notification policies, etc via provisioning API. Permissions to folders and datasource are not required. |
| `alert.provisioning.secrets:read` | None | Same as `alert.provisioning:read` plus ability to export resources with decrypted secrets. |
| `alert.provisioning:write` | None | Update all Grafana alert rules, notification policies, etc via provisioning API. Permissions to folders and datasource are not required. |
| `alert.provisioning.provenance:write` | None| Set provisioning status for alerting resources. Cannot be used alone. Requires user to have permissions to access resources |
| `dashboards:create` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Create dashboards in one or more folders and their subfolders. |
| `dashboards:delete`| <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Delete one or more dashboards. |
| `dashboards.insights:read` | None | Read dashboard insights data and see presence indicators. |
| `dashboards.permissions:read` | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Read permissions for one or more dashboards. |
| `dashboards.permissions:write` | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul>| Update permissions for one or more dashboards. |
| `dashboards:read` | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Read one or more dashboards. |
| `dashboards:write` | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Update one or more dashboards. |
| `dashboards.public:write` | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li></ul> | Write public dashboard configuration. |
| `folders.permissions:read` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Read permissions for one or more folders and their subfolders. |
| `folders.permissions:write` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul>| Update permissions for one or more folders and their subfolders. |
| `folders:create` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li><li>`folders:uid:general`</li></ul> | Create folders or subfolders. If granted with scope `folders:uid:general`, it allows to create root level folders. Otherwise, it allows creating subfolders under the specified folders. |
| `folders:delete` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Delete one or more folders and their subfolders. |
| `folders:read` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Read one or more folders and their subfolders. |
| `folders:write` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Update one or more folders and their subfolders. |
| `ldap.config:reload`| None | Reload the LDAP configuration. |
| `ldap.status:read`| None | Verify the availability of the LDAP server or servers. |
| `ldap.user:read` | None | Read users via LDAP. |
| `ldap.user:sync` | None | Sync users via LDAP. |
| `library.panels:create` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul> | Create a library panel in one or more folders and their subfolders. |
| `library.panels:read` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li><li>`library.panels:*`</li><li>`library.panels:uid:*`</li></ul> | Read one or more library panels. |
| `library.panels:write`| <ul><li>`folders:*`</li><li>`folders:uid:*`</li><li>`library.panels:*`</li><li>`library.panels:uid:*`</li></ul> | Update one or more library panels. |
| `library.panels:delete` | <ul><li>`folders:*`</li><li>`folders:uid:*`</li><li>`library.panels:*`</li><li>`library.panels:uid:*`</li></ul> | Delete one or more library panels. |
| `licensing.reports:read`| None | Get custom permission reports. |
| `licensing:delete`| None | Delete the license token. |
| `licensing:write` | None | Update the license token. |
| `org.users:write` | <ul><li>`users:*`</li><li>`users:id:*`</li></ul> | Update the organization role (`None`, `Viewer`, `Editor`, or `Admin`) of a user. |
| `org.users:add`| <ul><li>`users:*`</li><li>`users:id:*`</li></ul> | Add a user to an organization or invite a new user to an organization. |
| `org.users:read` | <ul><li>`users:*`</li><li>`users:id:*`</li></ul> | Get user profiles within an organization. |
| `org.users:remove` | <ul><li>`users:*`</li><li>`users:id:*`</li></ul> | Remove a user from an organization. |
| `orgs:create` | None | Create an organization. |
| `orgs:delete`| None | Delete one or more organizations. |
| `orgs:read` | None | Read one or more organizations. |
| `orgs:write` | None | Update one or more organizations. |
| `plugins.app:access` | <ul><li>`plugins:*`</li><li>`plugins:id:*`</li></ul> | Access one or more application plugins (still enforcing the organization role) |
| `plugins:install`| None | Install and uninstall plugins. |
| `plugins:write` | <ul><li>`plugins:*`</li><li>`plugins:id:*`</li></ul> | Edit settings for one or more plugins. |
| `provisioning:reload` | `provisioners:*` | Reload provisioning files. To find the exact scope for specific provisioner, refer to [Scope definitions](#scope-definitions). |
| `serviceaccounts:write`| <ul><li>`serviceaccounts:*`</li><ul> | Create Grafana service accounts. |
| `serviceaccounts:create` | None | Update Grafana service accounts. |
| `serviceaccounts:delete` | <ul><li>`serviceaccounts:*`</li><li>`serviceaccounts:id:*`</li></ul> | Delete Grafana service accounts. |
| `serviceaccounts:read` | <ul><li>`serviceaccounts:*`</li><li>`serviceaccounts:id:*`</li></ul> | Read Grafana service accounts. |
| `serviceaccounts.permissions:write` | <ul><li>`serviceaccounts:*`</li><li>`serviceaccounts:id:*`</li></ul> | Update Grafana service account permissions to control who can do what with the service account. |
| `serviceaccounts.permissions:read` | <ul><li>`serviceaccounts:*`</li><li>`serviceaccounts:id:*`</li></ul> | Read Grafana service account permissions to see who can do what with the service account. |
| `settings:write`| <ul><li>`settings:*`</li><li>`settings:auth.saml:*`</li><li>`settings:auth.saml:enabled`</li></ul> (property level) | Update any Grafana configuration settings that can be [updated at runtime](/docs/grafana/<GRAFANA_VERSION>/setup-grafana/configure-grafana/settings-updates-at-runtime/). |
| `support.bundles:create` | None | Create support bundles. |
| `support.bundles:delete`| None | Delete support bundles. |
| `support.bundles:read` | None | List and download support bundles. |
| `status:accesscontrol` | <ul><li>`services:accesscontrol`</li><ul> | Get access-control enabled status. |
| `teams.permissions:read` | <ul><li>`teams:*`</li><li>`teams:id:*`</li></ul> | Read members and Team Sync setup for teams. |
| `teams.permissions:write` | <ul><li>`teams:*`</li><li>`teams:id:*`</li></ul> | Add, remove and update members and manage Team Sync setup for teams. |
| `teams.roles:add`| <ul><li>`permissions:type:delegate`</li><ul> | Assign a role to a team. |
| `teams.roles:read` | <ul><li>`teams:*`</li><li>`teams:id:*`</li></ul> | List roles assigned directly to a team. |
| `teams.roles:remove`| <ul><li>`permissions:type:delegate`</li><ul> | Unassign a role from a team. |
| `teams:create` | None | Create teams. |
| `teams:delete` | <ul><li>`teams:*`</li><li>`teams:id:*`</li></ul> | Delete one or more teams. |
| `teams:read` | <ul><li>`teams:*`</li><li>`teams:id:*`</li></ul> | Read one or more teams and team preferences. To list teams through the UI one of the following permissions is required in addition to `teams:read`: `teams:write`, `teams.permissions:read` or `teams.permissions:write`. |
| `teams:write` | <ul><li>`teams:*`</li><li>`teams:id:*`</li></ul> | Update one or more teams and team preferences. |
| `users.authtoken:read` | <ul><li>`global.users:*`</li><li>`global.users:id:*`</li></ul> | List authentication tokens that are assigned to a user. |
| `users.authtoken:write` | <ul><li>`global.users:*`</li><li>`global.users:id:*`</li></ul> | Update authentication tokens that are assigned to a user. |
| `users.password:write`| <ul><li>`global.users:*`</li><li>`global.users:id:*`</li></ul> | Update a user’s password. |
| `users.permissions:read`| <ul><li>`users:*`</li><ul> | List permissions of a user. |
| `alert.notifications.receivers:create` | None | Create a new contact points. The creator is automatically granted full access to the created contact point.None |
| `fixed:datasources.permissions:writer` | `fixed_aiQh9YDfLOKjQhYasF9_SFUjQiw` | All permissions from `fixed:datasources.permissions:reader` and <br>`datasources.permissions:write` | Create, read, or delete permissions of a data source. |
| `fixed:folders:creator` | `fixed_gGLRbZGAGB6n9uECqSh_W382RlQ` | `folders:create` | Create folders in the root level. If granted together with `folders:write` permission, also allows creating subfolders under all folders. |
| `fixed:folders:creator` | `fixed_gGLRbZGAGB6n9uECqSh_W382RlQ` | `folders:create` | Create folders in the root level. |
| `fixed:folders:reader` | `fixed_yeW-5QPeo-i5PZUIUXMlAA97GnQ` | `folders:read`<br>`dashboards:read` | Read all folders and dashboards. |
| `fixed:folders:writer` | `fixed_wJXLoTzgE7jVuz90dryYoiogL0o` | All permissions from `fixed:dashboards:writer` and <br>`folders:read`<br>`folders:write`<br>`folders:create`<br>`folders:delete`<br>`folders.permissions:read`<br>`folders.permissions:write` | Read, create, update, and delete all folders and dashboards. If granted together with `fixed:folders:creator`, allows creating subfolders under all folders. |
| `fixed:folders:writer` | `fixed_wJXLoTzgE7jVuz90dryYoiogL0o` | All permissions from `fixed:dashboards:writer` and <br>`folders:read`<br>`folders:write`<br>`folders:create`<br>`folders:delete`<br>`folders.permissions:read`<br>`folders.permissions:write` | Read, update, and delete all folders and dashboards. Create folders and subfolders. |
| `fixed:folders.permissions:writer` | `fixed_3GAgpQ_hWG8o7-lwNb86_VB37eI` | All permissions from `fixed:folders.permissions:reader` and <br>`folders.permissions:write` | Read and update all folder permissions. |
| `fixed:ldap:reader` | `fixed_lMcOPwSkxKY-qCK8NMJc5k6izLE` | `ldap.user:read`<br>`ldap.status:read` | Read the LDAP configuration and LDAP status information. |
Available in [Grafana Cloud](/docs/grafana-cloud).
{{% /admonition %}}
RBAC can be used to manage access to [app plugins](https://grafana.com/docs/grafana/latest/administration/plugin-management/#app-plugins).
Each app plugin grants the basic Viewer, Editor and Admin organization roles a default set of plugin permissions.
You can use RBAC to restrict which app plugins a basic organization role has access to.
Some app plugins have fine-grained RBAC support, which allows you to grant additional access to these app plugins to teams and users regardless of their basic organization roles.
## Restricting access to app plugins
By default, Viewers, Editors and Admins have access to all App Plugins that their organization role allows them to access.
To change this default behavior and prevent a basic organization role from accessing an App plugin, you must [update the basic role's permissions](ref:manage-rbac-roles-update-basic-role-permissions).
See an example of [preventing Viewers from accessing an app plugin](ref:restrict-access-to-app-plugin-example) to learn more.
To grant access to a limited set of app plugins, you will need plugin IDs. You can find them in `plugin.json` files or in the URL when you open the app plugin in the Grafana Cloud UI.
Note that unless an app plugin has fine-grained RBAC support, it is not possible to grant access to this app plugin for a user whose organization role does not have access to that app plugin.
## Fine-grained access to app plugins
Plugins with fine-grained RBAC support allow you to manage access to plugin features at a more granular level.
For instance, you can grant admin access to an app plugin to a user with Viewer organization role. Or restrict the Editor organization role from being able to edit plugin resources.
Please refer to plugin documentation to see what RBAC permissions the plugin has and what default access the plugin grants to Viewer, Editor and Admin organization roles.
The following list contains app plugins that have fine-grained RBAC support.
To list all the permissions granted to a basic role, use the [HTTP API endpoint to query for the role](https://grafana.com/docs/grafana/latest/developers/http_api/access_control/#get-a-role).
Basic role UIDs are listed in [RBAC role definitions list](ref:rbac-role-definitions).
To remove the undesired plugin permissions from a basic role, you must [update the basic role's permissions](ref:manage-rbac-roles-update-basic-role-permissions).
### Grant additional access to app plugins
To grant access to app plugins, you can use the predefined [fixed plugin roles](https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/access-control/#fixed-roles) or create [custom roles](https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/access-control/#custom-roles) with specific plugin permissions.
To learn about how to assign an RBAC role, refer to [the documentation on assigning RBAC roles](https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/access-control/assign-rbac-roles/#assign-rbac-roles).
description: Learn more about the fundamentals and available features that help you create, manage, and respond to alerts; and improve your team’s ability to resolve issues quickly.
height: 24
- title: Set up
href: ./set-up/
description: Set up your implementation of Grafana Alerting.
height: 24
- title: Configure alert rules
href: ./alerting-rules/
description: Create, manage, view, and adjust alert rules to alert on your metrics data or log entries from multiple data sources — no matter where your data is stored.
@@ -39,13 +35,13 @@ cards:
href: ./configure-notifications/
description: Choose how, when, and where to send your alert notifications.
height: 24
- title: Detect and respond
- title: Monitor status
href: ./manage-notifications/
description: Monitor, respond to, and triage issues within your services.
height: 24
- title: Monitor
href: ./monitor/
description: Monitor your alerting metrics to ensure you identify potential issues before they become critical.
- title: Additional configuration
href: ./set-up/
description: Use advanced configuration options to further tailor your alerting setup. These options can enhance security, scalability, and automation in complex environments.
@@ -83,15 +88,39 @@ Grafana-managed rules are the most flexible alert rule type. They allow you to c
Multiple alert instances can be created as a result of one alert rule (also known as a multi-dimensional alerting).
{{% admonition type="note" %}}
For Grafana Cloud, you can create 100 free Grafana-managed alert rules.
For Grafana Cloud Free Forever, you can create up to 100 free Grafana-managed alert rules with each alert rule having a maximum of 1000 alert instances.
For all paid tiers (Cloud Pro and Advanced), there is a soft limit of 2000 alert rules and unlimited alert instances. To increase the limit, open a support ticket from the [Cloud portal](https://grafana.com/docs/grafana-cloud/account-management/support/).
{{% /admonition %}}
Grafanamanaged alert rules can only be edited or deleted by users with Edit permissions for the folder storing the rules.
Grafana-managed alert rules can only be edited or deleted by users with Edit permissions for the folder storing the rules.
If you delete an alerting resource created in the UI, you can no longer retrieve it.
If you delete an alert resource created in the UI, you can no longer retrieve it.
To make a backup of your configuration and to be able to restore deleted alerting resources, create your alerting resources using file provisioning, Terraform, or the Alerting API.
In the following sections, we’ll guide you through the process of creating your Grafana-managed alert rules.
## Before you begin
If you are using Grafana OSS:
1. Configure your [data sources](ref:data-sources).
2. Check which [data sources](ref:compatible-data-sources) are compatible with and supported by Grafana Alerting.
If you are using Grafana OSS, Enterprise, or Cloud:
You can use default or advanced options for Grafana-managed alert rule creation. The default options streamline rule creation with a cleaner header and a single query and condition. For more complex rules, use advanced options to add multiple queries and expressions.
Default and advanced options are enabled by default for Grafana Cloud users and this feature is being rolled out progressively.
For OSS users,enable the `alertingQueryAndExpressionsStepMode` feature toggle.
{{% admonition type="note" %}}
Once you have created an alert rule using one of the options, the system defaults to this option for the next alert rule you create.
You can toggle between the two options. However, if you want to switch from advanced options to the default, it may be that your query and expressions cannot be converted. In this case, a warning message checks whether you want to continue to reset to default settings.
{{% /admonition %}}
## Steps
To create a Grafana-managed alert rule, use the in-product alert creation flow and follow these steps.
@@ -108,14 +137,26 @@ To get started quickly, refer to our [tutorial on getting started with Grafana a
Define a query to get the data you want to measure and a condition that needs to be met before an alert rule fires.
{{< collapse title="Default options" >}}
1. Add a query.
1. Add an alert condition.
The **When** input includes the reducer function and the last input is the threshold.
1. Click **Preview** to verify.
{{< /collapse >}}
{{< collapse title="Advanced options" >}}
1. Select a data source.
1. From the **Options** dropdown, specify a [time range](ref:time-units-and-relative-ranges).
**Note:**
{{% admonition type="note" %}}
Grafana Alerting only supports fixed relative time ranges, for example, `now-24hr: now`.
Grafana Alerting only supports fixed relative time ranges, for example,`now-24hr: now`.
It does not support absolute time ranges: `2021-12-02 00:00:00 to 2021-12-05 23:59:592` or semi-relative time ranges: `now/d to: now`.
It does not support absolute time ranges: `2021-12-02 00:00:00 to 2021-12-05 23:59:592` or semi-relative time ranges:`now/d to: now`.
{{% /admonition %}}
1. Add a query.
@@ -138,6 +179,7 @@ Define a query to get the data you want to measure and a condition that needs to
You can only add one recovery threshold in a query and it must be the alert condition.
1. Click **Set as alert condition** on the query or expression you want to set as your alert condition.
{{< /collapse >}}
## Set alert evaluation behavior
@@ -230,15 +272,9 @@ Annotations add metadata to provide more information on the alert in your alert
Webpage where you keep your runbook for the alert
1. Optional: Add a custom annotation
1. Optional: Add a **dashboard and panel link**.
1. Optional: **Link dashboard and panel**.
Links alerts to panels in a dashboard.
{{% admonition type="note" %}}
At the moment, alerts are only supported in the [time series](ref:time-series) and [alert list](ref:alert-list) visualizations.
{{% /admonition %}}
{{< docs/play title="visualizations with linked alerts in Grafana" url="https://play.grafana.org/d/000000074/" >}}
[Link the alert rule to a panel](ref:link-alert-rules-to-panels) to facilitate alert investigation.
1. Click **Save rule**.
@@ -267,13 +303,3 @@ You can also configure the alert instance state when its evaluation returns an e
| Keep Last State | Maintains the alert instance in its last state. Useful for mitigating temporary issues, refer to [Keep last state](ref:keep-last-state). |
When you configure the No data or Error behavior to `Alerting` or `Normal`, Grafana will attempt to keep a stable set of fields under notification `Values`. If your query returns no data or an error, Grafana re-uses the latest known set of fields in `Values`, but will use `-1` in place of the measured value.
## Create alerts from panels
Create alerts from any panel type. This means you can reuse the queries in the panel and create alerts based on them.
1. Navigate to a dashboard in the **Dashboards** section.
2. In the top right corner of the panel, click on the three dots (ellipses).
3. From the dropdown menu, select **More...** and then choose **New alert rule**.
This will open the alert rule form, allowing you to configure and create your alert based on the current panel's query.
In Grafana Cloud, you can only create data source-managed recording rules.
In Grafana OSS and Enterprise, you can create both Grafana-managed and data source-managed recording rules if you enable the `grafanaManagedRecordingRules` feature flag.
For more information on enabling feature toggles, refer to [Configure feature toggles](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/setup-grafana/configure-grafana/feature-toggles).
{{< /admonition >}}
Recording rules calculate frequently needed expressions or computationally expensive expressions in advance and save the result as a new set of time series. Querying this new time series is faster, especially for dashboards since they query the same expression every time the dashboards refresh.
For more information on recording rules in Prometheus, refer to [Defining recording rules in Prometheus](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/).
Recording rules are run as instant rules, which means that they run every 10s. To overwrite this configuration, update the min_interval in your custom configuration file.
[min_interval](ref:configure-grafana) sets the minimum interval to enforce between rule evaluations. The default value is 10s which equals the scheduler interval. Rules will be adjusted if they are less than this value or if they are not multiple of the scheduler interval (10s). Higher values can help with resource management as fewer evaluations are scheduled over time.
This setting has precedence over each individual rule frequency. If a rule frequency is lower than this value, then this value is enforced.
## Configure data source-managed recording rules
Configure data source-managed recording rules.
### Before you begin
- Verify that you have write permission to the Prometheus or Loki data source. Otherwise, you will not be able to create or update Grafana Mimir managed alerting rules.
- For Grafana Mimir and Loki data sources, enable the ruler API by configuring their respective services.
- **Loki** - The `local` rule storage type, default for the Loki data source, supports only viewing of rules. To edit rules, configure one of the other rule storage types.
- **Grafana Mimir** - use the `/prometheus` prefix. The Prometheus data source supports both Grafana Mimir and Prometheus, and Grafana expects that both the [Query API](/docs/mimir/latest/operators-guide/reference-http-api/#querier--query-frontend) and [Ruler API](/docs/mimir/latest/operators-guide/reference-http-api/#ruler) are under the same URL. You cannot provide a separate URL for the Ruler API.
To configure data-source managed recording rules, complete the following steps.
1. Click **Alerts & IRM** -> **Alerting** ->
**Alert rules**.
1. Scroll to the **Data source-managed section** and click **+New recording rule**.
#### Enter recording rule name
The recording rule name must be a Prometheus metric name and contain no whitespace.
#### Define recording rule
Select your data source and enter a query.
#### Add namespace and group
1. From the **Namespace** dropdown, select an existing rule namespace or add a new one.
Namespaces can contain one or more rule groups and only have an organizational purpose.
1. From the **Group** dropdown, select an existing group within the selected namespace or add a new one.
Newly created rules are appended to the end of the group. Rules within a group are run sequentially at a regular interval, with the same evaluation time.
#### Add labels
1. Add custom labels selecting existing key-value pairs from the drop down, or add new labels by entering the new key or value.
1. Click **Save rule** to save the rule or **Save rule and exit** to save the rule and go back to the Alerting page.
## Configure Grafana-managed recording rules
Configure Grafana-managed recording rules.
{{< admonition type="note" >}}
This feature is only available for Grafana OSS and Enterprise users. It is not available in Grafana Cloud.
{{< /admonition >}}
### Before you begin
- Enable the `grafanaManagedRecordingRules` [feature flag](https://grafana.com/docs/grafana/<GRAFANA_VERSION>/setup-grafana/configure-grafana/feature-toggles/).
To configure Grafana-managed recording rules, complete the following steps.
1. Click **Alerts & IRM** -> **Alerting** ->
**Alert rules**.
1. Scroll to the **Grafana-managed section** and click **+New recording rule**.
#### Enter a recording rule and metric name
Enter a names to identify your recording rule and metric. The metric name must be a Prometheus metric name and contain no whitespace.
For more information, refer to [Metrics and labels](https://prometheus.io/docs/concepts/data_model/#metric-names-and-labels).
#### Define recording rule
Define a query to get the data you want to measure and a condition that needs to be met before an alert rule fires.
1. Select a data source.
1. From the **Options** dropdown, specify a time range.
{{< admonition type="note" >}}
Grafana Alerting only supports fixed relative time ranges, for example, `now-24hr: now`.
It does not support absolute time ranges: `2021-12-02 00:00:00 to 2021-12-05 23:59:592` or semi-relative time ranges: `now/d to: now`.
{{< /admonition >}}
1. Add a query.
To add multiple queries, click **Add query**.
All alert rules are managed by Grafana by default. If you want to switch to a data source-managed alert rule, click **Switch to data source-managed alert rule**.
2. Add one or more [expressions].
a. For each expression, select either **Classic condition** to create a single alert rule, or choose from the **Math**, **Reduce**, and **Resample** options to generate separate alert for each series.
{{% admonition type="note" %}}
When using Prometheus, you can use an instant vector and built-in functions, so you don't need to add additional expressions.
{{% /admonition %}}
b. Click **Preview** to verify that the expression is successful.
3. To add a recovery threshold, turn the **Custom recovery threshold** toggle on and fill in a value for when your alert rule should stop firing.
You can only add one recovery threshold in a query and it must be the alert condition.
4. Click **Set as alert condition** on the query or expression you want to set as your alert condition.
#### Set evaluation behavior
Use alert rule evaluation to determine how frequently an alert rule should be evaluated and how quickly it should change its state.
To do this, you need to make sure that your alert rule is in the right evaluation group and set a pending period time that works best for your use case.
1. Select a folder or click **+ New folder**.
1. Select an evaluation group or click **+ New evaluation group**.
If you are creating a new evaluation group, specify the interval for the group.
All rules within the same group are evaluated concurrently over the same time interval.
1. Enter a pending period.
The pending period is the period in which an alert rule can be in breach of the condition until it fires.
Once a condition is met, the alert goes into the **Pending** state. If the condition remains active for the duration specified, the alert transitions to the **Firing** state, else it reverts to the **Normal** state.
1. Turn on pause alert notifications, if required.
{{< admonition type="note" >}}
You can pause alert rule evaluation to prevent noisy alerting while tuning your alerts.
Pausing stops alert rule evaluation and doesn't create any alert instances.
This is different to mute timings, which stop notifications from being delivered, but still allows for alert rule evaluation and the creation of alert instances.
{{< /admonition >}}
#### Add labels
Add labels to your rule for searching, silencing, or routing to a notification policy.
description: Recording rules allow you to pre-compute frequently needed or computationally expensive expressions and save the results as a new set of time series. Querying precomputed results is faster and can reduce system load.
Recording rules allows you to periodically pre-compute frequently used or computationally expensive queries, saving the results as a new time series metric.
For instance, you can create a recording rule generating a new metric, `error_9001_count`, which counts occurrences of a specific log error within one minute. Then, query the `error_9001_count` metric in dashboards and alert rules.
Recording rules can be helpful in various scenarios, such as:
- **Faster queries** are needed: Performing heavy aggregations or querying large data sets is quicker with precomputed results than real-time queries.
- **Reducing system load:** Precomputing specific queries in advance can reduce system overload caused by multiple simultaneous queries.
- **Simplifying complex aggregations:** Create a new metric from complex aggregations to facilitate alert and dashboard setup.
- **Reusing queries across alerts:** Improve efficiency by reusing the same query across similar alert rules and dashboards.
The evaluation group of the recording rule determines how often the metric is pre-computed.
Similar to alert rules, Grafana supports two types of recording rules:
1. [Grafana-managed recording rules](ref:grafana-managed-recording-rules), which can query any Grafana data source supported by alerting.
2. [Data source-managed recording rules](ref:data-source-managed-recording-rules), which can query Prometheus-based data sources like Mimir or Loki.
description: Recording rules allow you to pre-compute expensive queries in advance and save the results as a new set of time series. Data source-managed recording rules can create a recording rule for Prometheus-based data sources like Mimir or Loki.
[Recording rules](ref:create-recording-rules) allow you to periodically pre-compute frequently used or computationally expensive queries, saving the results as a new time series metric.
Alert rules and dashboards can then query the new metric resulting from the recording rule. This is faster than querying real-time data and can help to reduce system load.
Data source-managed recording rules can query Prometheus-based data sources like Mimir or Loki. For more information on recording rules in Prometheus, refer to [Defining recording rules in Prometheus](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/).
Note that in data source-managed groups, the alert rules and recording rules within the same evaluation group are evaluated sequentially. This is useful to ensure that a recording rule is evaluated before any other alert rule queries the pre-computed metric.
## Before you begin
- Verify that you have write permission to the Prometheus or Loki data source. Otherwise, you will not be able to create or update Grafana Mimir managed alerting rules.
- For Grafana Mimir and Loki data sources, enable the ruler API by configuring their respective services.
- **Loki** - The `local` rule storage type, default for the Loki data source, supports only viewing of rules. To edit rules, configure one of the other rule storage types.
- **Grafana Mimir** - use the `/prometheus` prefix. The Prometheus data source supports both Grafana Mimir and Prometheus, and Grafana expects that both the [Query API](/docs/mimir/latest/operators-guide/reference-http-api/#querier--query-frontend) and [Ruler API](/docs/mimir/latest/operators-guide/reference-http-api/#ruler) are under the same URL. You cannot provide a separate URL for the Ruler API.
## Add new recording rule
To create a new data source-managed recording rule:
1. Scroll to the **Data source-managed section** and click **+New recording rule**.
## Enter recording rule name
The recording rule name must be a Prometheus metric name and contain no whitespace.
## Define recording rule
Select your data source and enter a query. The queries used in data source-managed recording rules always run as instant queries.
## Add namespace and group
1. From the **Namespace** dropdown, select an existing rule namespace or add a new one.
Namespaces can contain one or more rule groups and only have an organizational purpose.
1. From the **Group** dropdown, select an existing group within the selected namespace or add a new one.
Newly created rules are appended to the end of the group. Rules within a group are run sequentially at a regular interval, with the same evaluation time.
## Add labels
Optionally, you can add custom labels to the resulting metric by selecting existing key-value pairs from the drop down or entering the new key or value.
## Query the new metric in dashboards or alert rules
Click **Save rule** or **Save rule and exit** to save the rule.
Once saved, the new recording metric is available for use in dashboards and alert rules.
description: Recording rules allow you to pre-compute expensive queries in advance and save the results as a new set of time series. Grafana-managed recording rules can create a recording rule for any data source supported by alerting.
[Recording rules](ref:create-recording-rules) allow you to periodically pre-compute frequently used or computationally expensive queries, saving the results as a new time series metric.
Alert rules and dashboards can then query the new metric resulting from the recording rule. This is faster than querying real-time data and can help to reduce system load.
Grafana does not contain an embedded time-series database to store recording rule results. You must bring your own Prometheus-compatible database to store the series generated by recording rules.
Grafana-managed recording rules offer the same Prometheus-like semantics but allow you to query [data sources supported by alerting](ref:alerting-data-sources). Additionally, you can use recording rules to import and map data from other data sources into Prometheus.
{{< admonition type="note" >}}
Grafana-managed recording rules are enabled by default in Grafana Cloud.
In Grafana OSS and Enterprise, you must enable them by following the [Before you begin](#before-you-begin) instructions.
{{< /admonition >}}
To configure Grafana-managed recording rules, complete the following steps.
## Before you begin
This section only applies to Grafana OSS and Grafana Enterprise.
First, enable the `grafanaManagedRecordingRules` [feature flag](ref:configure-feature-toggles).
Then, enable the feature by setting `enabled = true` in the `[recording_rules]` section of the Grafana config .ini. Provide the URL of your Prometheus-compatible remote-write endpoint in the `url` field, along with optional credentials or headers.
1. Scroll to the **Grafana-managed section** and click **+New recording rule**.
1. Enter the names to identify your recording rule and metric.
The metric name must be a Prometheus metric name and contain no whitespace. For details, refer to [Prometheus metric names](https://prometheus.io/docs/concepts/data_model/#metric-names-and-labels).
## Define recording rule
Define a query to get the data you want to measure and set the recording rule output.
1. Select a data source.
1. From the **Options** dropdown, specify a time range.
{{< admonition type="note" >}}
Grafana Alerting only supports fixed relative time ranges, for example, `now-24hr: now`.
It does not support absolute time ranges: `2021-12-02 00:00:00 to 2021-12-05 23:59:592` or semi-relative time ranges: `now/d to: now`.
{{< /admonition >}}
1. Add a query.
To add multiple queries, click **Add query**.
1. Add one or more [expressions](ref:expressions).
a. For each expression, select either **Classic condition** to create a single recording rule, or choose from the **Math**, **Reduce**, and **Resample** options.
When using Prometheus, you can use an instant vector and built-in functions, so you don't need to add additional expressions.
b. Click **Preview** to verify that the expression is successful.
1. Click **Set as recording rule output** on the query or expression you want to set as your rule output.
## Set evaluation behavior
Use recording rule evaluation to determine how frequently a recording rule should be evaluated.
To do this, you need to make sure that your recording rule is in the right evaluation group with an interval that works best for your use case.
1. Select a folder or click **+ New folder**.
1. Select an evaluation group or click **+ New evaluation group**.
If you are creating a new evaluation group, specify the interval for the group.
All rules within the same group are evaluated concurrently over the same time interval. Every recording rule in a group uses the same evaluation time, meaning that all queries from the same group are always aligned with each other.
1. Before or after creating a recording rule, you have the option to **Pause evaluation** if necessary.
### Advanced configuration
[min_interval](ref:configure-grafana-min-interval) sets the minimum interval to enforce between rule evaluations. The default value is 10s which equals the scheduler interval. Rules are adjusted if they are less than this value or if they are not multiple of the scheduler interval (10s). Higher values can help with resource management as fewer evaluations are scheduled over time.
This setting has precedence over each individual rule frequency. If a rule frequency is lower than this value, then this value is enforced.
This setting applies to both Grafana-managed alert and recording rules.
## Add labels
Optionally, you can add custom labels to the resulting metric by selecting existing key-value pairs from the drop down or entering the new key or value.
## Query the new metric in dashboards or alert rules
Click **Save rule** or **Save rule and exit** to save the rule.
Once saved, the new recording metric is available for use in dashboards and alert rules.
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
