cremate graveyard legend

fix candlestick suggestions
fix candlestick
2024-11-25 14:07:17 -06:00 · 2024-11-25 13:57:55 -06:00 · 2024-11-25 13:53:07 -06:00 · 2024-11-25 13:40:57 -06:00 · 2024-11-25 13:29:18 -06:00 · 2024-11-25 13:26:47 -06:00
2830 changed files with 114948 additions and 61058 deletions
@@ -0,0 +1,45 @@
+// @ts-check
+/**
+ * @type {Array<import('eslint').Linter.Config>}
+ */
+module.exports = [
+  {
+    files: ['**/*.{js,jsx,ts,tsx}'],
+    rules: {
+      '@typescript-eslint/no-explicit-any': 'error',
+      '@grafana/no-aria-label-selectors': 'error',
+      'no-restricted-imports': [
+        'error',
+        {
+          patterns: [
+            {
+              group: ['@grafana/ui*', '*/Layout/*'],
+              importNames: ['Layout', 'HorizontalGroup', 'VerticalGroup'],
+              message: 'Use Stack component instead.',
+            },
+          ],
+        },
+      ],
+    },
+  },
+  {
+    files: ['**/*.{ts,tsx}'],
+    ignores: ['**/*.{test,spec}.{ts,tsx}', '**/__mocks__/**', '**/public/test/**'],
+    rules: {
+      '@typescript-eslint/consistent-type-assertions': ['error', { assertionStyle: 'never' }],
+    },
+  },
+  {
+    files: ['public/app/**/*.{ts,tsx}'],
+    rules: {
+      'no-barrel-files/no-barrel-files': 'error',
+    },
+  },
+  {
+    files: ['public/**/*.tsx', 'packages/grafana-ui/**/*.tsx'],
+    ignores: ['public/app/plugins/**', '**/*.story.tsx', '**/*.{test,spec}.{ts,tsx}', '**/__mocks__/', 'public/test'],
+    rules: {
+      '@grafana/no-untranslated-strings': 'error',
+    },
+  },
+];
@@ -1,8 +1,8 @@
 import { BettererFileTest } from '@betterer/betterer';
+import { ESLint } from 'eslint';
 import { promises as fs } from 'fs';
-import { ESLint, Linter } from 'eslint';
-import path from 'path';
-import { glob } from 'glob';
+
+import config from './.betterer.eslint.config';

 // Why are we ignoring these?
 // They're all deprecated/being removed so doesn't make sense to fix types
@@ -82,81 +82,20 @@ function countEslintErrors() {
    }

    const { baseDirectory } = resolver;
-    const cli = new ESLint({ cwd: baseDirectory });
-
-    // Get the base config to set up parsing etc correctly
-    // this is by far the slowest part of this code. It takes eslint about 2 seconds just to find the config
-    const baseConfig = await cli.calculateConfigForFile(filePaths[0]);
-
-    const baseRules: Partial<Linter.RulesRecord> = {
-      '@emotion/syntax-preference': [2, 'object'],
-      '@typescript-eslint/no-explicit-any': 'error',
-      '@grafana/no-aria-label-selectors': 'error',
-      'no-restricted-imports': [
-        'error',
-        {
-          patterns: [
-            {
-              group: ['@grafana/ui*', '*/Layout/*'],
-              importNames: ['Layout', 'HorizontalGroup', 'VerticalGroup'],
-              message: 'Use Stack component instead.',
-            },
-          ],
-        },
-      ],
-    };
-
-    const config: Linter.Config = {
-      ...baseConfig,
-      rules: baseRules,
-
-      // Be careful when specifying overrides for the same rules as in baseRules - it will... override
-      // the same rule, not merge them with different configurations
-      overrides: [
-        {
-          files: ['**/*.{ts,tsx}'],
-          excludedFiles: ['*.{test,spec}.{ts,tsx}', '**/__mocks__/**', '**/public/test/**'],
-          rules: {
-            '@typescript-eslint/consistent-type-assertions': ['error', { assertionStyle: 'never' }],
-          },
-        },
-
-        {
-          files: ['public/app/**/*.{ts,tsx}'],
-          rules: {
-            'no-barrel-files/no-barrel-files': 'error',
-          },
-        },
-        {
-          files: ['public/**/*.tsx', 'packages/grafana-ui/**/*.tsx'],
-          excludedFiles: [
-            'public/app/plugins/**',
-            '*.story.tsx',
-            '*.{test,spec}.{ts,tsx}',
-            '**/__mocks__/**',
-            'public/test/**',
-          ],
-          rules: {
-            '@grafana/no-untranslated-strings': 'error',
-          },
-        },
-      ],
-    };

    const runner = new ESLint({
-      baseConfig: config,
-      useEslintrc: false,
+      overrideConfig: config,
      cwd: baseDirectory,
+      warnIgnored: false,
    });

    const lintResults = await runner.lintFiles(Array.from(filePaths));
-    lintResults
-      .filter((lintResult) => lintResult.source)
-      .forEach(({ messages, filePath }) => {
-        const file = fileTestResult.addFile(filePath, '');
-        messages.forEach((message, index) => {
-          file.addIssue(0, 0, message.message, `${index}`);
-        });
+
+    lintResults.forEach(({ messages, filePath }) => {
+      const file = fileTestResult.addFile(filePath, '');
+      messages.forEach((message, index) => {
+        file.addIssue(0, 0, message.message, `${index}`);
      });
+    });
  });
 }
@@ -16,7 +16,7 @@ watch_exts = [".go", ".ini", ".toml", ".template.html"]
 ignore_files = [".*_gen.go"]
 build_delay = 1500
 cmds = [
-  ["GO_BUILD_DEV=1", "make", "build-go"],
+  ["GO_BUILD_DEV=1", "make", "build-go-fast"],
  ["make", "gen-jsonnet"],
  ["./bin/grafana", "server", "-profile", "-profile-addr=127.0.0.1", "-profile-port=6000", "-profile-block-rate=1", "-profile-mutex-rate=5", "-packaging=dev", "cfg:app_mode=development"]
 ]
@@ -1,27 +0,0 @@
-.git
-.github
-.yarn
-build
-compiled
-/data
-deployment_tools_config.json
-/devenv
-dist
-/e2e/tmp
-node_modules
-/pkg
-/public/lib/monaco
-/scripts/grafana-server/tmp
-vendor
-e2e/test-plugins
-playwright-report
-
-# TS generate from cue by cuetsy
-**/*.gen.ts
-
-# Auto-generated internationalization files
-/public/locales/_build/
-/public/locales/**/*.js
-
-# Auto-generated icon file
-/packages/grafana-ui/src/components/Icon/iconBundle.ts
@@ -1,162 +0,0 @@
-{
-  "extends": ["@grafana/eslint-config", "plugin:react/jsx-runtime"],
-  "root": true,
-  "plugins": [
-    "@emotion",
-    "lodash",
-    "jest",
-    "import",
-    "jsx-a11y",
-    "@grafana",
-    "no-barrel-files",
-    // Included so betterer doesn't fail when processing all files,
-    // as other parts of the code use testing-library plugin
-    "testing-library",
-  ],
-  "settings": {
-    "import/internal-regex": "^(app/)|(@grafana)",
-    "import/external-module-folders": ["node_modules", ".yarn"],
-  },
-  "rules": {
-    "@grafana/no-border-radius-literal": "error",
-    "@grafana/no-unreduced-motion": "error",
-    "react/prop-types": "off",
-    // need to ignore emotion's `css` prop, see https://github.com/jsx-eslint/eslint-plugin-react/blob/master/docs/rules/no-unknown-property.md#rule-options
-    "react/no-unknown-property": ["error", { "ignore": ["css"] }],
-    "@emotion/jsx-import": "error",
-    "lodash/import-scope": [2, "member"],
-    "jest/no-focused-tests": "error",
-    "import/order": [
-      "error",
-      {
-        "groups": [["builtin", "external"], "internal", "parent", "sibling", "index"],
-        "newlines-between": "always",
-        "alphabetize": { "order": "asc" },
-      },
-    ],
-    "no-restricted-imports": [
-      "error",
-      {
-        "paths": [
-          {
-            "name": "react-redux",
-            "importNames": ["useDispatch", "useSelector"],
-            "message": "Please import from app/types instead.",
-          },
-          {
-            "name": "react-i18next",
-            "importNames": ["Trans", "t"],
-            "message": "Please import from app/core/internationalization instead",
-          },
-        ],
-      },
-    ],
-
-    // Use typescript's no-redeclare for compatibility with overrides
-    "no-redeclare": "off",
-    "@typescript-eslint/no-redeclare": ["error"],
-  },
-  "overrides": [
-    {
-      "files": ["packages/grafana-ui/src/components/uPlot/**/*.{ts,tsx}"],
-      "rules": {
-        "react-hooks/rules-of-hooks": "off",
-        "react-hooks/exhaustive-deps": "off",
-      },
-    },
-    {
-      "files": ["packages/grafana-ui/src/components/ThemeDemos/**/*.{ts,tsx}"],
-      "rules": {
-        "@emotion/jsx-import": "off",
-        "react/jsx-uses-react": "off",
-        "react/react-in-jsx-scope": "off",
-      },
-    },
-    {
-      "files": ["public/dashboards/scripted*.js"],
-      "rules": {
-        "no-redeclare": "error",
-        "@typescript-eslint/no-redeclare": "off",
-      },
-    },
-    {
-      "extends": ["plugin:jsx-a11y/recommended"],
-      "files": ["**/*.tsx"],
-      "excludedFiles": ["**/*.{spec,test}.tsx"],
-      "rules": {
-        // rules marked "off" are those left in the recommended preset we need to fix
-        // we should remove the corresponding line and fix them one by one
-        // any marked "error" contain specific overrides we'll need to keep
-        "jsx-a11y/no-autofocus": [
-          "error",
-          {
-            "ignoreNonDOM": true,
-          },
-        ],
-        "jsx-a11y/label-has-associated-control": [
-          "error",
-          {
-            "controlComponents": ["NumberInput"],
-            "depth": 2,
-          },
-        ],
-      },
-    },
-    {
-      "files": [
-        "public/app/plugins/datasource/azuremonitor/*.{ts,tsx}",
-        "public/app/plugins/datasource/azuremonitor/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/cloud-monitoring/*.{ts,tsx}",
-        "public/app/plugins/datasource/cloud-monitoring/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/elasticsearch/*.{ts,tsx}",
-        "public/app/plugins/datasource/elasticsearch/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/grafana-postgresql-datasource/*.{ts,tsx}",
-        "public/app/plugins/datasource/grafana-postgresql-datasource/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/grafana-pyroscope-datasource/*.{ts,tsx}",
-        "public/app/plugins/datasource/grafana-pyroscope-datasource/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/grafana-testdata-datasource/*.{ts,tsx}",
-        "public/app/plugins/datasource/grafana-testdata-datasource/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/jaeger/*.{ts,tsx}",
-        "public/app/plugins/datasource/jaeger/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/loki/*.{ts,tsx}",
-        "public/app/plugins/datasource/loki/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/mysql/*.{ts,tsx}",
-        "public/app/plugins/datasource/mysql/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/parca/*.{ts,tsx}",
-        "public/app/plugins/datasource/parca/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/tempo/*.{ts,tsx}",
-        "public/app/plugins/datasource/tempo/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/loki/*.{ts,tsx}",
-        "public/app/plugins/datasource/loki/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/elasticsearch/*.{ts,tsx}",
-        "public/app/plugins/datasource/elasticsearch/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/cloudwatch/*.{ts,tsx}",
-        "public/app/plugins/datasource/cloudwatch/**/*.{ts,tsx}",
-        "public/app/plugins/datasource/zipkin/*.{ts,tsx}",
-        "public/app/plugins/datasource/zipkin/**/*.{ts,tsx}",
-      ],
-      "settings": {
-        "import/resolver": {
-          "node": {
-            "extensions": [".ts", ".tsx"],
-          },
-        },
-      },
-      "rules": {
-        "import/no-restricted-paths": [
-          "error",
-          {
-            "zones": [
-              {
-                "target": "./public/app/plugins",
-                "from": "./public",
-                "except": ["./app/plugins"],
-                "message": "Core plugins are not allowed to depend on Grafana core packages",
-              },
-            ],
-          },
-        ],
-      },
-    },
-  ],
-}
@@ -12,8 +12,8 @@
 # This should make it easy to add new rules without breaking existing ones.

 # Documentation
-/.changelog-archive @grafana/grafana-release-guild
-/CHANGELOG.md @grafana/grafana-release-guild
+/.changelog-archive @grafana/grafana-developer-enablement-squad
+/CHANGELOG.md @grafana/grafana-developer-enablement-squad
 /CODE_OF_CONDUCT.md @grafana/grafana-community-support
 /CONTRIBUTING.md @grafana/grafana-community-support
 /GOVERNANCE.md @RichiH
@@ -40,7 +40,7 @@

 /docs/sources/alerting/                                                           @brendamuir
 /docs/sources/dashboards/                                                         @imatwawana
-/docs/sources/explore/                                                            @grafana/explore-squad @lwandz13
+/docs/sources/datasources/                                                        @lwandz13
 /docs/sources/panels-visualizations/                                              @imatwawana
 /docs/sources/release-notes/                                                      @irenerl24 @GrafanaWriter
 /docs/sources/upgrade-guide/                                                      @imatwawana
@@ -72,6 +72,7 @@
 /pkg/apis/ @grafana/grafana-app-platform-squad
 /pkg/apis/alerting_notifications @grafana/grafana-app-platform-squad @grafana/alerting-backend @grafana/alerting-frontend
 /pkg/apis/query @grafana/grafana-datasources-core-services
+/pkg/apis/userstorage @grafana/grafana-app-platform-squad @grafana/plugins-platform-backend
 /pkg/bus/ @grafana/grafana-search-and-storage
 /pkg/cmd/ @grafana/grafana-backend-group
 /pkg/cmd/grafana-cli/commands/install_command.go @grafana/plugins-platform-backend
@@ -121,7 +122,7 @@
 /pkg/services/apikey/ @grafana/identity-squad
 /pkg/services/cleanup/ @grafana/grafana-backend-group
 /pkg/services/contexthandler/ @grafana/grafana-backend-group @grafana/grafana-app-platform-squad
-/pkg/services/correlations/ @grafana/explore-squad
+/pkg/services/correlations/ @grafana/dataviz-squad
 /pkg/services/dashboardimport/ @grafana/grafana-backend-group
 /pkg/services/dashboards/ @grafana/grafana-app-platform-squad
 /pkg/services/dashboardversion/ @grafana/grafana-backend-group
@@ -139,7 +140,7 @@
 /pkg/services/provisioning/ @grafana/grafana-search-and-storage
 /pkg/services/provisioning/alerting/ @grafana/alerting-backend
 /pkg/services/query/ @grafana/grafana-app-platform-squad
-/pkg/services/queryhistory/ @grafana/explore-squad
+/pkg/services/queryhistory/ @grafana/observability-traces-and-profiling
 /pkg/services/quota/ @grafana/grafana-search-and-storage
 /pkg/services/screenshot/ @grafana/grafana-backend-group
 /pkg/services/search/ @grafana/grafana-search-and-storage
@@ -159,8 +160,9 @@
 /pkg/setting/ @grafana/grafana-backend-services-squad
 /pkg/tests/ @grafana/grafana-backend-services-squad
 /pkg/tests/apis/ @grafana/grafana-app-platform-squad
+/pkg/tests/apis/query @grafana/grafana-datasources-core-services
 /pkg/tests/apis/alerting @grafana/grafana-app-platform-squad @grafana/alerting-backend
-/pkg/tests/api/correlations/ @grafana/explore-squad
+/pkg/tests/api/correlations/ @grafana/dataviz-squad
 /pkg/tsdb/grafanads/ @grafana/grafana-backend-group
 /pkg/tsdb/opentsdb/ @grafana/partner-datasources
 /pkg/util/ @grafana/grafana-backend-group
@@ -188,6 +190,7 @@
 /devenv/dev-dashboards-without-uid/ @grafana/dashboards-squad
 /devenv/dev-dashboards/ @grafana/dashboards-squad
 /devenv/docker/blocks/alert_webhook_listener/ @grafana/alerting-backend
+/devenv/docker/blocks/caddy_tls/ @grafana/alerting-backend
 /devenv/docker/blocks/clickhouse/ @grafana/partner-datasources
 /devenv/docker/blocks/collectd/ @grafana/observability-metrics
 /devenv/docker/blocks/etcd @grafana/grafana-app-platform-squad
@@ -234,8 +237,8 @@
 /devenv/docker/loadtest/ @grafana/grafana-backend-services-squad
 /devenv/docker/rpmtest/ @grafana/grafana-backend-services-squad
 /devenv/jsonnet/ @grafana/dataviz-squad
+/devenv/local_cdn/ @grafana/frontend-ops
 /devenv/local-npm/ @grafana/frontend-ops
-/devenv/vscode/ @grafana/frontend-ops
 /devenv/setup.sh @grafana/grafana-backend-services-squad
 /devenv/plugins.yaml @grafana/plugins-platform-frontend

@@ -247,15 +250,15 @@


 # Continuous Integration
-.drone.yml @grafana/grafana-release-guild
-.drone.star @grafana/grafana-release-guild
-/scripts/drone/ @grafana/grafana-release-guild
-/pkg/build/ @grafana/grafana-release-guild
-/.dockerignore @grafana/grafana-release-guild
-/Dockerfile @grafana/grafana-release-guild
-/Makefile @grafana/grafana-release-guild
-/scripts/build/ @grafana/grafana-release-guild
-/scripts/list-release-artifacts.sh @grafana/grafana-release-guild
+.drone.yml @grafana/grafana-developer-enablement-squad
+.drone.star @grafana/grafana-developer-enablement-squad
+/scripts/drone/ @grafana/grafana-developer-enablement-squad
+/pkg/build/ @grafana/grafana-developer-enablement-squad
+/.dockerignore @grafana/grafana-developer-enablement-squad
+/Dockerfile @grafana/grafana-developer-enablement-squad
+/Makefile @grafana/grafana-developer-enablement-squad
+/scripts/build/ @grafana/grafana-developer-enablement-squad
+/scripts/list-release-artifacts.sh @grafana/grafana-developer-enablement-squad
 /.trivyignore @grafana/grafana-backend-services-squad

 # OSS Plugin Partnerships backend code
@@ -274,6 +277,8 @@
 # OSS Big Tent backend code
 /pkg/tsdb/mysql/ @grafana/oss-big-tent
 /pkg/tsdb/grafana-postgresql-datasource/ @grafana/oss-big-tent
+/pkg/tsdb/zipkin/ @grafana/oss-big-tent
+/pkg/tsdb/jaeger/ @grafana/oss-big-tent

 # Partner Datasources backend code
 /pkg/tsdb/mssql/ @grafana/partner-datasources
@@ -380,7 +385,8 @@
 /.nxignore @grafana/frontend-ops
 /tsconfig.json @grafana/frontend-ops
 /.editorconfig @grafana/frontend-ops
-/.eslintignore @grafana/frontend-ops
+/eslint.config.js @grafana/frontend-ops
+/.betterer.eslint.config.js @grafana/frontend-ops
 /.gitattributes @grafana/frontend-ops
 /.gitignore @grafana/frontend-ops
 /.nvmrc @grafana/frontend-ops
@@ -390,7 +396,6 @@
 /yarn.lock @grafana/frontend-ops
 /lerna.json @grafana/frontend-ops
 /.prettierrc.js @grafana/frontend-ops
-/.eslintrc @grafana/frontend-ops
 /.vim @zoltanbedi
 /jest.config.js @grafana/frontend-ops
 /latest.json @grafana/frontend-ops
@@ -414,7 +419,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
 /public/app/core/components/OptionsUI/ @grafana/dashboards-squad @grafana/dataviz-squad


-/public/app/core/history/ @grafana/explore-squad
+/public/app/core/history/ @grafana/observability-traces-and-profiling
 /public/app/features/admin/ @grafana/identity-access-team

 # Temp owners until Enterprise team takes over
@@ -429,7 +434,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
 /public/app/features/visualization/data-hover/ @grafana/dataviz-squad
 /public/app/features/commandPalette/ @grafana/grafana-frontend-platform
 /public/app/features/connections/ @grafana/plugins-platform-frontend
-/public/app/features/correlations/ @grafana/explore-squad
+/public/app/features/correlations/ @grafana/dataviz-squad
 /public/app/features/dashboard/ @grafana/dashboards-squad
 /public/app/features/dashboard/components/TransformationsEditor/ @grafana/dataviz-squad
 /public/app/features/dashboard-scene/ @grafana/dashboards-squad
@@ -437,7 +442,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
 /public/app/features/datasources/ @grafana/plugins-platform-frontend
 /public/app/features/dimensions/ @grafana/dataviz-squad
 /public/app/features/dataframe-import/ @grafana/dataviz-squad
-/public/app/features/explore/ @grafana/explore-squad
+/public/app/features/explore/ @grafana/observability-traces-and-profiling
 /public/app/features/expressions/ @grafana/observability-metrics
 /public/app/features/folders/ @grafana/grafana-frontend-platform
 /public/app/features/inspector/ @grafana/dashboards-squad
@@ -453,14 +458,13 @@ playwright.config.ts @grafana/plugins-platform-frontend
 /public/app/features/playlist/ @grafana/dashboards-squad
 /public/app/features/plugins/ @grafana/plugins-platform-frontend
 /public/app/features/profile/ @grafana/grafana-frontend-platform
-/public/app/features/query-library/ @grafana/explore-squad
+/public/app/features/query-library/ @grafana/grafana-frontend-platform
 /public/app/features/runtime/ @ryantxu
 /public/app/features/query/ @grafana/dashboards-squad
 /public/app/features/sandbox/ @grafana/grafana-frontend-platform
 /public/app/features/browse-dashboards/ @grafana/grafana-frontend-platform
 /public/app/features/search/ @grafana/grafana-frontend-platform
 /public/app/features/serviceaccounts/ @grafana/identity-squad
-/public/app/features/storage/ @grafana/grafana-app-platform-squad
 /public/app/features/teams/ @grafana/access-squad
 /public/app/features/templating/ @grafana/dashboards-squad
 /public/app/features/trails/ @grafana/observability-metrics
@@ -469,6 +473,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
 /public/app/features/users/ @grafana/access-squad
 /public/app/features/variables/ @grafana/dashboards-squad
 /public/app/features/preferences/ @grafana/grafana-frontend-platform
+/public/app/features/bookmarks/ @grafana/grafana-frontend-platform
 /public/app/plugins/panel/alertlist/ @grafana/alerting-frontend
 /public/app/plugins/panel/annolist/ @grafana/grafana-frontend-platform
 /public/app/plugins/panel/barchart/ @grafana/dataviz-squad
@@ -547,27 +552,27 @@ playwright.config.ts @grafana/plugins-platform-frontend

 /scripts/benchmark-access-control.sh @grafana/access-squad
 /scripts/check-breaking-changes.sh @grafana/plugins-platform-frontend
-/scripts/ci-* @grafana/grafana-release-guild
-/scripts/circle-* @grafana/grafana-release-guild
-/scripts/publish-npm-packages.sh @grafana/grafana-release-guild @grafana/plugins-platform-frontend
-/scripts/validate-npm-packages.sh @grafana/grafana-release-guild @grafana/plugins-platform-frontend
+/scripts/ci-* @grafana/grafana-developer-enablement-squad
+/scripts/circle-* @grafana/grafana-developer-enablement-squad
+/scripts/publish-npm-packages.sh @grafana/grafana-developer-enablement-squad @grafana/plugins-platform-frontend
+/scripts/validate-npm-packages.sh @grafana/grafana-developer-enablement-squad @grafana/plugins-platform-frontend
 /scripts/ci-frontend-metrics.sh @grafana/grafana-frontend-platform @grafana/plugins-platform-frontend @grafana/dataviz-squad
 /scripts/cli/ @grafana/grafana-frontend-platform
 /scripts/clean-git-or-error.sh @grafana/grafana-as-code
 /scripts/grafana-server/ @grafana/grafana-frontend-platform
-/scripts/helpers/ @grafana/grafana-release-guild
+/scripts/helpers/ @grafana/grafana-developer-enablement-squad
 /scripts/import_many_dashboards.sh @torkelo
 /scripts/mixin-check.sh @bergquist
 /scripts/openapi3/ @grafana/grafana-operator-experience-squad
 /scripts/prepare-packagejson.js @grafana/frontend-ops
 /scripts/protobuf-check.sh @grafana/plugins-platform-backend
 /scripts/stripnulls.sh @grafana/grafana-as-code
-/scripts/tag_release.sh @grafana/grafana-release-guild
-/scripts/trigger_docker_build.sh @grafana/grafana-release-guild
-/scripts/trigger_grafana_packer.sh @grafana/grafana-release-guild
-/scripts/trigger_windows_build.sh @grafana/grafana-release-guild
+/scripts/tag_release.sh @grafana/grafana-developer-enablement-squad
+/scripts/trigger_docker_build.sh @grafana/grafana-developer-enablement-squad
+/scripts/trigger_grafana_packer.sh @grafana/grafana-developer-enablement-squad
+/scripts/trigger_windows_build.sh @grafana/grafana-developer-enablement-squad
 /scripts/cleanup-husky.sh @grafana/frontend-ops
-/scripts/verify-repo-update/ @grafana/grafana-release-guild
+/scripts/verify-repo-update/ @grafana/grafana-developer-enablement-squad
 /scripts/generate-icon-bundle.js @grafana/plugins-platform-frontend @grafana/grafana-frontend-platform
 /scripts/generate-rtk-apis.ts @grafana/grafana-frontend-platform
 /scripts/generate-alerting-rtk-apis.ts @grafana/alerting-frontend
@@ -626,7 +631,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
 /pkg/services/rendering/ @grafana/sharing-squad

 # SSE - Server Side Expressions
-/pkg/expr/ @grafana/observability-metrics
+/pkg/expr/ @grafana/grafana-datasources-core-services

 # Cloud middleware
 /grafana-mixin/ @grafana/grafana-backend-services-squad
@@ -658,6 +663,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
 /pkg/services/caching/ @grafana/grafana-operator-experience-squad
 /pkg/services/cloudmigration/ @grafana/grafana-operator-experience-squad
 /pkg/services/gcom/ @grafana/grafana-operator-experience-squad
+/pkg/services/authapi/ @grafana/grafana-operator-experience-squad

 # Feature toggles
 /pkg/services/featuremgmt/ @grafana/grafana-backend-services-squad
@@ -666,6 +672,7 @@ playwright.config.ts @grafana/plugins-platform-frontend
 # Kind definitions
 /kinds/dashboard @grafana/dashboards-squad
 /kinds/ @grafana/grafana-as-code
+kindsv2/ @grafana/dashboards-squad

 # Kind system and code generation
 embed.go @grafana/grafana-as-code
@@ -674,6 +681,7 @@ embed.go @grafana/grafana-as-code
 /pkg/registry/apis/ @grafana/grafana-app-platform-squad
 /pkg/registry/apis/alerting @grafana/grafana-app-platform-squad @grafana/alerting-backend
 /pkg/registry/apis/query @grafana/grafana-datasources-core-services
+/pkg/registry/apis/userstorage @grafana/grafana-app-platform-squad @grafana/plugins-platform-backend
 /pkg/codegen/ @grafana/grafana-as-code
 /pkg/codegen/generators @grafana/grafana-as-code
 /pkg/kinds/*/*_gen.go @grafana/grafana-as-code
@@ -690,8 +698,8 @@ embed.go @grafana/grafana-as-code
 /.github/dependabot.yml @grafana/frontend-ops
 /.github/issue-opened.json @grafana/grafana-community-support
 /.github/metrics-collector.json @torkelo
-/.github/pr-checks.json @marefr
-/.github/pr-commands.json @marefr
+/.github/pr-checks.json @tolzhabayev
+/.github/pr-commands.json @tolzhabayev
 /.github/renovate.json5 @grafana/frontend-ops
 /.github/teams.yml @armandgrillet
 /.github/workflows/alerting-swagger-gen.yml @grafana/alerting-backend
@@ -701,35 +709,32 @@ embed.go @grafana/grafana-as-code
 /.github/workflows/close-milestone.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/release-pr.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/release-comms.yml @grafana/grafana-developer-enablement-squad
-/.github/workflows/migrate-prs.yml @grafana/grafana-developer-enablement-squad
-/.github/workflows/create-next-release-branch.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/codeowners-validator.yml @tolzhabayev
 /.github/workflows/codeql-analysis.yml @DanCech
 /.github/workflows/commands.yml @torkelo
-/.github/workflows/community-release.yml @grafana/grafana-release-guild
+/.github/workflows/community-release.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/detect-breaking-changes-* @grafana/plugins-platform-frontend
 /.github/workflows/doc-validator.yml @grafana/docs-tooling
 /.github/workflows/epic-add-to-platform-ux-parent-project.yml @meanmina
-/.github/workflows/github-release.yml @grafana/grafana-release-guild
+/.github/workflows/github-release.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/issue-labeled.yml @armandgrillet
 /.github/workflows/issue-opened.yml @grafana/grafana-community-support
 /.github/workflows/metrics-collector.yml @torkelo
-/.github/workflows/milestone.yml @marefr
-/.github/workflows/pr-checks.yml @marefr
+/.github/workflows/milestone.yml @tolzhabayev
+/.github/workflows/pr-checks.yml @tolzhabayev
 /.github/workflows/pr-codeql-analysis-go.yml @DanCech
 /.github/workflows/pr-codeql-analysis-javascript.yml @DanCech
 /.github/workflows/pr-codeql-analysis-python.yml @DanCech
-/.github/workflows/pr-commands.yml @marefr
-/.github/workflows/pr-patch-check.yml @grafana/grafana-release-guild
-/.github/workflows/sync-mirror.yml @grafana/grafana-release-guild
+/.github/workflows/pr-commands.yml @tolzhabayev
+/.github/workflows/pr-patch-check.yml @grafana/grafana-developer-enablement-squad
+/.github/workflows/sync-mirror.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/publish-technical-documentation-next.yml @grafana/docs-tooling
 /.github/workflows/publish-technical-documentation-release.yml @grafana/docs-tooling
-/.github/workflows/remove-milestone.yml @grafana/grafana-release-guild
+/.github/workflows/remove-milestone.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/sbom-report.yml @grafana/security-team
 /.github/workflows/scripts/json-file-to-job-output.js @grafana/plugins-platform-frontend
-/.github/workflows/scripts/pr-get-job-link.js @grafana/plugins-platform-frontend
-/.github/workflows/stale.yml @grafana/grafana-release-guild
-/.github/workflows/update-changelog.yml @grafana/grafana-release-guild
+/.github/workflows/stale.yml @grafana/grafana-developer-enablement-squad
+/.github/workflows/update-changelog.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/update-make-docs.yml @grafana/docs-tooling
 /.github/workflows/scripts/kinds/verify-kinds.go @grafana/platform-cat
 /.github/workflows/publish-kinds-next.yml @grafana/platform-cat
@@ -737,11 +742,12 @@ embed.go @grafana/grafana-as-code
 /.github/workflows/verify-kinds.yml @grafana/platform-cat
 /.github/workflows/dashboards-issue-add-label.yml @grafana/dashboards-squad
 /.github/workflows/ephemeral-instances-pr-comment.yml @grafana/grafana-backend-services-squad
-/.github/workflows/create-security-patch-from-security-mirror.yml @grafana/grafana-release-guild
+/.github/workflows/create-security-patch-from-security-mirror.yml @grafana/grafana-developer-enablement-squad
 /.github/workflows/core-plugins-build-and-release.yml @grafana/plugins-platform-frontend @grafana/plugins-platform-backend
 /.github/workflows/i18n-crowdin-upload.yml @grafana/grafana-frontend-platform
 /.github/workflows/i18n-crowdin-download.yml @grafana/grafana-frontend-platform
 /.github/workflows/pr-go-workspace-check.yml @grafana/grafana-app-platform-squad
+/.github/workflows/pr-dependabot-update-go-workspace.yml @grafana/grafana-app-platform-squad
 /.github/workflows/pr-k8s-codegen-check.yml @grafana/grafana-app-platform-squad
 /.github/workflows/go_lint.yml @grafana/grafana-backend-services-squad
 /.github/workflows/trivy-scan.yml @grafana/grafana-backend-services-squad
@@ -59,14 +59,6 @@
      "url": "https://github.com/orgs/grafana/projects/76"
    }
  },
-  {
-    "type": "label",
-    "name": "type/docs",
-    "action": "addToProject",
-    "addToProject": {
-      "url": "https://github.com/orgs/grafana/projects/69"
-    }
-  },
  {
    "type": "label",
    "name": "datasource/Azure",
@@ -539,6 +531,14 @@
      "url": "https://github.com/orgs/grafana/projects/599"
    }
  },
+  {
+    "type": "label",
+    "name": "area/provisioning/datasources",
+    "action": "addToProject",
+    "addToProject": {
+      "url": "https://github.com/orgs/grafana/projects/76"
+    }
+  },
  {
    "type": "label",
    "name": "area/scenes",
@@ -603,14 +603,6 @@
      "url": "https://github.com/orgs/grafana/projects/660"
    }
  },
-  {
-    "type": "label",
-    "name": "area/expressions",
-    "action": "addToProject",
-    "addToProject": {
-      "url": "https://github.com/orgs/grafana/projects/112"
-    }
-  },
  {
    "type": "label",
    "name": "area/backend/api",
@@ -1202,5 +1194,13 @@
    "addToProject": {
      "url": "https://github.com/orgs/grafana/projects/736"
    }
+  },
+  {
+    "type": "label",
+    "name": "area/expressions",
+    "action": "addToProject",
+    "addToProject": {
+      "url": "https://github.com/orgs/grafana/projects/699"
+    }
  }
 ]
@@ -5,6 +5,21 @@ updates:
    schedule:
      interval: "daily"
  - package-ecosystem: "gomod"
-    directory: "/"
+    directories:
+      - "/"
+      - "/apps/playlist"
+      - "/pkg/aggregator"
+      - "/pkg/apimachinery"
+      - "/pkg/apiserver"
+      - "/pkg/build"
+      - "/pkg/build/wire"
+      - "/pkg/promlib"
+      - "/pkg/semconv"
+      - "/pkg/storage/unified/apistore"
+      - "/pkg/storage/unified/resource"
+      - "/pkg/util/xorm"
    schedule:
-      interval: "weekly"
+      interval: "daily"
+      time: "02:00"
+      timezone: Etc/UTC
+    open-pull-requests-limit: 10
@@ -1,9 +1,7 @@
 {
-  "extends": [
-    "config:base"
-  ],
-  "enabledManagers": ["npm"],
-  "ignoreDeps": [
+  extends: ["config:recommended"],
+  enabledManagers: ["npm"],
+  ignoreDeps: [
    "@types/history", // this can be removed entirely when we upgrade history since v5 exposes types directly
    "history", // we should bump this together with react-router-dom (see https://github.com/grafana/grafana/issues/76744)
    "react-router-dom", // we should bump this together with history (see https://github.com/grafana/grafana/issues/76744)
@@ -14,84 +12,71 @@
    "slate", // we don't want to continue using this on the long run, use Monaco editor instead of Slate
    "slate-react", // we don't want to continue using this on the long run, use Monaco editor instead of Slate
    "@types/slate-react", // we don't want to continue using this on the long run, use Monaco editor instead of Slate
-    "@types/slate" // we don't want to continue using this on the long run, use Monaco editor instead of Slate
+    "@types/slate", // we don't want to continue using this on the long run, use Monaco editor instead of Slate
+
+    // Temporarily pause updating lerna and nx until we resolve build issues
+    "lerna",
+    "nx"
  ],
-  "includePaths": ["package.json", "packages/**", "public/app/plugins/**"],
-  "ignorePaths": ["emails/**", "plugins-bundled/**", "**/mocks/**"],
-  "labels": ["area/frontend", "dependencies", "no-changelog"],
-  "postUpdateOptions": ["yarnDedupeHighest"],
-  "packageRules": [
+  includePaths: ["package.json", "packages/**", "public/app/plugins/**"],
+  ignorePaths: ["emails/**", "plugins-bundled/**", "**/mocks/**"],
+  labels: ["area/frontend", "dependencies", "no-changelog"],
+  postUpdateOptions: ["yarnDedupeHighest"],
+  packageRules: [
    {
-      "automerge": true,
-      "matchCurrentVersion": "!/^0/",
-      "matchUpdateTypes": ["patch"],
-      "excludePackagePatterns": ["^@?storybook", "^@locker"]
+      automerge: true,
+      matchCurrentVersion: "!/^0/",
+      matchUpdateTypes: ["patch"],
+      matchPackageNames: ["!/^@?storybook/", "!/^@locker/"],
    },
    {
-      "matchPackagePatterns": ["^@?storybook"],
-      "extends": ["schedule:monthly"],
-      "groupName": "Storybook updates"
+      extends: ["schedule:monthly"],
+      groupName: "Storybook updates",
+      matchPackageNames: ["/^@?storybook/"],
    },
    {
-      "groupName": "React Aria",
-      "matchPackagePrefixes": [
-        "@react-aria/",
-        "@react-stately/"
-      ]
+      groupName: "React Aria",
+      matchPackageNames: ["@react-aria/{/,}**", "@react-stately/{/,}**"],
    },
    {
-      "groupName": "Moveable",
-      "matchPackageNames": [
-        "moveable",
-        "react-moveable"
-      ]
+      groupName: "Moveable",
+      matchPackageNames: ["moveable", "react-moveable"],
    },
    {
-      "groupName": "Slate",
-      "matchPackageNames": [
-        "@types/slate",
-        "@types/slate-react",
-        "slate",
-        "slate-react"
-      ]
+      groupName: "Slate",
+      matchPackageNames: ["@types/slate", "@types/slate-react", "slate", "slate-react"],
    },
    {
-      "groupName": "d3",
-      "matchPackagePrefixes": [
-        "d3",
-        "@types/d3"
-      ]
+      groupName: "d3",
+      matchPackageNames: ["d3{/,}**", "@types/d3{/,}**"],
    },
    {
-      "groupName": "visx",
-      "matchPackagePrefixes": [
-        "@visx/"
-      ]
+      groupName: "scenes",
+      matchPackageNames: ["@grafana/scenes", "@grafana/scenes-react"],
    },
    {
-      "groupName": "uLibraries",
-      "matchPackageNames": [
-        "@leeoniya/ufuzzy",
-        "uplot"
-      ],
-      "reviewers": ["leeoniya"],
+      groupName: "visx",
+      matchPackageNames: ["@visx/{/,}**"],
    },
    {
-      "groupName": "locker",
-      "matchPackagePrefixes": [
-        "@locker/"
-      ],
-      "reviewers": ["team:grafana/plugins-platform-frontend"],
+      groupName: "uLibraries",
+      matchPackageNames: ["@leeoniya/ufuzzy", "uplot"],
+      reviewers: ["leeoniya"],
+    },
+    {
+      groupName: "locker",
+      reviewers: ["team:grafana/plugins-platform-frontend"],
+      matchPackageNames: ["@locker/{/,}**"],
    },
  ],
-  "pin": {
-    "enabled": false
+  pin: {
+    enabled: false,
+  },
+  prConcurrentLimit: 10,
+  rebaseWhen: "conflicted",
+  reviewers: ["team:grafana/frontend-ops"],
+  separateMajorMinor: false,
+  vulnerabilityAlerts: {
+    addLabels: ["area/security"],
  },
-  "prConcurrentLimit": 10,
-  "rebaseWhen": "conflicted",
-  "reviewers": ["team:grafana/frontend-ops"],
-  "separateMajorMinor": false,
-  "vulnerabilityAlerts": {
-    "addLabels": ["area/security"]
-  }
 }
@@ -10,19 +10,24 @@ jobs:
    if: github.repository == 'grafana/grafana'
    runs-on: ubuntu-latest
    steps:
-      - name: Checkout
+      - name: Checkout Actions
        uses: actions/checkout@v4
+        with:
+          repository: "grafana/grafana-github-actions"
+          path: ./actions
          ref: main
+      - name: Install Actions
+        run: npm install --production --prefix ./actions
      - name: "Generate token"
        id: generate_token
        uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
        with:
          app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
          private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
-      - run: git config --global user.email '132647405+grafana-delivery-bot[bot]@users.noreply.github.com'
-      - run: git config --global user.name 'grafana-delivery-bot[bot]'
-      - run: git remote set-url origin "https://grafana-delivery-bot:${{ steps.generate_token.outputs.token }}@github.com/grafana/grafana.git"
      - name: Run backport
-        uses: grafana/grafana-github-actions-go/backport@main
+        uses: ./actions/backport
        with:
+          metricsWriteAPIKey: ${{secrets.GRAFANA_MISC_STATS_API_KEY}}
          token: ${{ steps.generate_token.outputs.token }}
+          labelsToAdd: "backport"
+          title: "[{{base}}] {{originalTitle}}"
@@ -1,43 +0,0 @@
-name: Create next release branch
-on:
-  workflow_call:
-    inputs:
-      ownerRepo:
-        type: string
-        description: Owner/repo of the repository where the branch is created (e.g. 'grafana/grafana')
-        required: true
-      source:
-        description: The release branch to increment (eg providing `release-11.2.3` will result in `release-11.2.4` being created)
-        type: string
-        required: true
-    secrets:
-      token:
-        required: true
-    outputs:
-      branch:
-        description: The new branch that was created
-        value: ${{ jobs.main.outputs.branch }}
-  workflow_dispatch:
-    inputs:
-      ownerRepo:
-        description: Owner/repo of the repository where the branch is created (e.g. 'grafana/grafana')
-      source:
-        description: The release branch to increment (eg providing `release-11.2.3` will result in `release-11.2.4` being created)
-        type: string
-        required: true
-    secrets:
-      token:
-        required: true
-jobs:
-  main:
-    runs-on: ubuntu-latest
-    outputs:
-      branch: ${{ steps.branch.outputs.branch }}
-    steps:
-      - name: Create release branch
-        id: branch
-        uses: grafana/grafana-github-actions-go/bump-release@main
-        with:
-          ownerRepo: ${{ inputs.ownerRepo }}
-          source: ${{ inputs.source }}
-          token: ${{ secrets.token }}
@@ -11,7 +11,6 @@ on:
    branches:
      - "main"
      - "v*.*.*"
-      - "release-*.*.*"

 # This is run before the pull request has been merged, so we'll run against the src branch
 jobs:
@@ -3,8 +3,11 @@ on:
  issues:
    types: [opened, closed, edited, reopened, assigned, unassigned, labeled, unlabeled]

+permissions:
+  contents: read
+  id-token: write
+
 env:
-  GITHUB_TOKEN: ${{ secrets.ISSUE_COMMANDS_TOKEN }}
  ORGANIZATION: ${{ github.repository_owner }}
  REPO: ${{ github.event.repository.name }}
  TARGET_PROJECT: 202
@@ -13,27 +16,28 @@ env:
 concurrency:
  group: issue-label-when-in-project-${{ github.event.number }}
 jobs:
-  config:
-    runs-on: "ubuntu-latest"
-    outputs:
-      has-secrets: ${{ steps.check.outputs.has-secrets }}
-    steps:
-      - name: "Check for secrets"
-        id: check
-        shell: bash
-        run: |
-          if [ -n "${{ (secrets.ISSUE_COMMANDS_TOKEN != '') || '' }}" ]; then
-            echo "has-secrets=1" >> "$GITHUB_OUTPUT"
-          fi
-
  main:
-    needs: config
-    if: needs.config.outputs.has-secrets
+    if: github.repository == 'grafana/grafana'
    runs-on: ubuntu-latest
    steps:
-      - name: log in
-        run: gh api user -q .login
+      - name: "Get vault secrets"
+        id: vault-secrets
+        uses: grafana/shared-workflows/actions/get-vault-secrets@main
+        with:
+          # Secrets placed in the ci/repo/grafana/grafana/plugins_platform_issue_commands_github_bot path in Vault
+          repo_secrets: |
+            GH_APP_ID=plugins_platform_issue_commands_github_bot:app_id
+            GH_APP_PEM=plugins_platform_issue_commands_github_bot:app_pem
+
+      - name: "Generate token"
+        id: generate_token
+        uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
+        with:
+          app_id: ${{ env.GH_APP_ID }}
+          private_key: ${{ env.GH_APP_PEM }}
      - name: Check if issue is in target project
+        env:
+          GH_TOKEN: ${{ steps.generate_token.outputs.token }}
        run: |
          gh api graphql -f query='
            query($org: String!, $repo: String!) {
@@ -62,6 +66,8 @@ jobs:
          done
      - name: Add label to issue
        if: env.IN_TARGET_PROJ
+        env:
+          GH_TOKEN: ${{ steps.generate_token.outputs.token }}
        run: |
          gh api graphql -f query='
            mutation ($labelableId: ID!, $labelIds: [ID!]!) {
@@ -6,6 +6,10 @@ concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

+permissions:
+  contents: read
+  id-token: write
+
 on:
  pull_request:
    paths:
@@ -154,26 +158,16 @@ jobs:
          project_id: 'grafanalabs-global'
          install_components: 'bq'

-      - name: Get link for the Github Action job
-        id: job
-        uses: actions/github-script@v6
-        with:
-          script: |
-              const name = 'Detect breaking changes';
-              const script = require('./.github/workflows/scripts/pr-get-job-link.js')
-              await script({name, github, context, core})
-
      - name: Detect breaking changes
        id: breaking-changes
        run: ./scripts/check-breaking-changes.sh
        env:
          FORCE_COLOR: 3
-          GITHUB_JOB_LINK: ${{ steps.job.outputs.link }}

      - name: Persisting the check output
        run: |
            mkdir -p ./levitate
-            echo "{ \"exit_code\": ${{ steps.breaking-changes.outputs.is_breaking }}, \"message\": \"${{ steps.breaking-changes.outputs.message }}\", \"job_link\": \"${{ steps.job.outputs.link }}#step:${GITHUB_STEP_NUMBER}:1\", \"pr_number\": \"${{ github.event.pull_request.number }}\" }" > ./levitate/result.json
+            echo "{ \"exit_code\": ${{ steps.breaking-changes.outputs.is_breaking }}, \"message\": \"${{ steps.breaking-changes.outputs.message }}\", \"pr_number\": \"${{ github.event.pull_request.number }}\" }" > ./levitate/result.json

      - name: Upload check output as artifact
        uses: actions/upload-artifact@v4
@@ -219,15 +213,12 @@ jobs:
          PR_NUMBER: ${{ github.event.pull_request.number }}
        with:
          script: |
-            const { data } = await github.rest.issues.listLabelsOnIssue({
-              issue_number: process.env.PR_NUMBER,
+            const { data: labels } = await github.rest.issues.listLabelsOnIssue({
+              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
            });
-            const labels = data.map(({ name }) => name);
-            const doesExist = labels.includes('levitate breaking change');
-
-            return doesExist ? 1 : 0;
+            return labels.some(label => label.name === 'levitate breaking change') ? 1 : 0

      # put the markdown into a variable
      - name: Levitate Markdown
@@ -271,23 +262,41 @@ jobs:
          delete: true
          GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}

-      # Posts a notification to Slack if a PR has a breaking change and it did not have a breaking change before
-      - name: Post to Slack
+      - name: Send Slack Message via Payload
        id: slack
-        if: steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 && env.HAS_SECRETS
-        uses: slackapi/slack-github-action@v1.26.0
+        if: steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 && github.repository == 'grafana/grafana'
+        uses: grafana/shared-workflows/actions/send-slack-message@main
        with:
-          payload: |
+          channel-id: "C031SLFH6G0"
+          payload:  |
            {
-              "pr_link": "https://github.com/grafana/grafana/pull/${{ steps.levitate-run.outputs.pr_number }}",
-              "pr_number": "${{ steps.levitate-run.outputs.pr_number }}",
-              "job_link": "${{ steps.levitate-run.outputs.job_link }}",
-              "reporting_job_link": "${{ github.event.workflow_run.html_url }}",
-              "message": "${{ steps.levitate-run.outputs.message }}"
+              "channel": "C031SLFH6G0",
+              "text": ":warning: Possible breaking changes detected in *PR:* <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }} :warning:",
+              "icon_emoji": ":grot:",
+              "username": "Levitate Bot",
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": "*grafana/grafana* repository has possible breaking changes"
+                  }
+                },
+                {
+                  "type": "section",
+                  "fields": [
+                    {
+                      "type": "mrkdwn",
+                      "text": "*PR:* <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }}>"
+                    },
+                    {
+                      "type": "mrkdwn",
+                      "text": "*Job:* <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Job>"
+                    }
+                  ]
+                }
+              ]
            }
-        env:
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_LEVITATE_WEBHOOK_URL }}
-          HAS_SECRETS: ${{ (github.repository == 'grafana/grafana' || secrets.SLACK_LEVITATE_WEBHOOK_URL != '') || '' }}

      # Add the label
      - name: Add "levitate breaking change" label
@@ -1,50 +0,0 @@
-name: Migrate open PRs
-# Migrate open PRs from a superseded release branch to the current release branch and notify authors
-on: 
-  workflow_call:
-    inputs:
-      from:
-        description: 'The base branch to check for open PRs'
-        required: true
-        type: string
-      to:
-        description: 'The base branch to migrate open PRs to'
-        required: true
-        type: string
-      ownerRepo:
-        description: Owner/repo of the repository where the branch is created (e.g. 'grafana/grafana')
-        required: true
-        type: string
-    secrets:
-      token:
-        required: true
-  workflow_dispatch:
-    inputs:
-      from:
-        description: 'The base branch to check for open PRs'
-        required: true
-        type: string
-      to:
-        description: 'The base branch to migrate open PRs to'
-        required: true
-        type: string
-      ownerRepo:
-        description: Owner/repo of the repository where the branch is created (e.g. 'grafana/grafana')
-        required: true
-        type: string
-    secrets:
-      token:
-        required: true
-
-jobs:
-  main:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Migrate PRs
-        uses: grafana/grafana-github-actions-go/migrate-open-prs@main
-        with:
-          token: ${{ secrets.token }}
-          ownerRepo: ${{ inputs.ownerRepo }}
-          from: ${{ inputs.from }}
-          to: ${{ inputs.to }}
-          binary_release_tag: 'dev'
@@ -0,0 +1,49 @@
+name: "Update Go Workspace for Dependabot PRs"
+on:
+  pull_request:
+    branches: [main]
+    paths:
+      - .github/workflows/pr-dependabot-update-go-workspace.yml
+      - go.mod
+      - go.sum
+      - go.work
+      - go.work.sum
+      - '**/go.mod'
+      - '**/go.sum'
+      - '**.go'
+permissions:
+  contents: write
+jobs:
+  update:
+    runs-on: "ubuntu-latest"
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    continue-on-error: true
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      with:
+        repository: ${{ github.event.pull_request.head.repo.full_name }}
+        ref: ${{ github.event.pull_request.head.ref }}
+
+    - name: Set go version
+      uses: actions/setup-go@v4
+      with:
+        go-version-file: go.mod
+
+    - name: Update workspace
+      run: make update-workspace
+
+    - name: Commit and push workspace changes
+      env:
+        BRANCH_NAME: ${{ github.head_ref || github.ref_name }} 
+      run: |
+        if ! git diff --exit-code --quiet; then
+          git config --local user.name "Grot"
+          git config --local user.email "grot@grafana.com"
+          git config --local --add --bool push.autoSetupRemote true
+          echo "Committing and pushing workspace changes"
+          git remote
+          git branch -l
+          git commit -a -m "update workspace"
+          git push origin $BRANCH_NAME
+        fi
@@ -4,6 +4,15 @@ on:
  workflow_dispatch:
  pull_request:
    branches: [main]
+    paths:
+      - .github/workflows/pr-go-workspace-check.yml
+      - go.mod
+      - go.sum
+      - go.work
+      - go.work.sum
+      - '**/go.mod'
+      - '**/go.sum'
+      - '**.go'

 jobs:
  check:
@@ -3,7 +3,7 @@ name: publish-technical-documentation-release
 on:
  push:
    branches:
-      - release-[0-9]+.[0-9]+.[0-9]+
+      - v[0-9]+.[0-9]+.x
    tags:
      - v[0-9]+.[0-9]+.[0-9]+
    paths:
@@ -20,10 +20,10 @@ jobs:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
-      - uses: grafana/writers-toolkit/publish-technical-documentation-release@publish-technical-documentation-release/v2
+      - uses: grafana/writers-toolkit/publish-technical-documentation-release@publish-technical-documentation-release/v1
        with:
-          release_tag_regexp: "^v(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)$"
-          release_branch_regexp: "^release-(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)$"
-          release_branch_with_patch_regexp: "^release-(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)$"
+          release_tag_regexp: "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$"
+          release_branch_regexp: "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.x$"
+          release_branch_with_patch_regexp: "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$"
          website_directory: content/docs/grafana
          version_suffix: ""
@@ -27,18 +27,10 @@ jobs:
    name: Setup and establish latest
    outputs:
      version: ${{ steps.output.outputs.version }}
-      release_branch: ${{ steps.output.outputs.release_branch }}
      dry_run: ${{ steps.output.outputs.dry_run }}
      latest: ${{ steps.output.outputs.latest }}
-      token: ${{ steps.output.outputs.token }}
    runs-on: ubuntu-latest
    steps:
-    - name: "Generate token"
-      id: generate_token
-      uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
-      with:
-        app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
-        private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
      # The github-release action expects a `LATEST` value of a string of either '1' or '0'
    - if: ${{ github.event_name == 'workflow_dispatch' }}
      run: |
@@ -57,51 +49,9 @@ jobs:
        echo "latest: $LATEST"
        echo "version: $VERSION"

-        echo "release_branch=$(echo $VERSION | sed -s 's/^v/release-/g')" >> "$GITHUB_OUTPUT"
-        echo "token=${{ steps.generate_token.outputs.token }}" >> "$GITHUB_OUTPUT"
        echo "dry_run=$DRY_RUN" >> "$GITHUB_OUTPUT"
        echo "latest=$LATEST" >> "$GITHUB_OUTPUT"
        echo "version=$VERSION" >> "$GITHUB_OUTPUT"
-  create_next_release_branch_grafana:
-    name: Create next release branch (Grafana)
-    needs: setup
-    uses: ./.github/workflows/create-next-release-branch.yml
-    with:
-      ownerRepo: 'grafana/grafana'
-      source: ${{ needs.setup.outputs.release_branch }}
-    secrets:
-      token: ${{ needs.setup.outputs.token }}
-  create_next_release_branch_enterprise:
-    name: Create next release branch (Grafana Enterprise)
-    needs: setup
-    uses: ./.github/workflows/create-next-release-branch.yml
-    with:
-      ownerRepo: 'grafana/grafana'
-      source: ${{ needs.setup.outputs.release_branch }}
-    secrets:
-      token: ${{ needs.setup.outputs.token }}
-  migrate_prs_grafana:
-    needs:
-      - setup
-      - create_next_release_branch_grafana
-    uses: ./.github/workflows/migrate-prs.yml
-    with:
-      ownerRepo: 'grafana/grafana'
-      from: ${{ needs.setup.outputs.release_branch }}
-      to: ${{ needs.create_next_release_branch_grafana.outputs.branch }}
-    secrets:
-      token: ${{ needs.setup.outputs.token }}
-  migrate_prs_enterprise:
-    needs:
-      - setup
-      - create_next_release_branch_enterprise
-    uses: ./.github/workflows/migrate-prs.yml
-    with:
-      ownerRepo: 'grafana/grafana-enterprise'
-      from: ${{ needs.setup.outputs.release_branch }}
-      to: ${{ needs.create_next_release_branch_enterprise.outputs.branch }}
-    secrets:
-      token: ${{ needs.setup.outputs.token }}
  post_changelog_on_forum:
    needs: setup
    uses: ./.github/workflows/community-release.yml
@@ -4,7 +4,7 @@
 # Please refrain from including any processes that do not result in code changes in this workflow. Instead, they should
 # either be triggered in the release promotion process or in the release comms process (that is triggered by merging
 # this PR).
-name: Grafana Release PR
+name: Complete a Grafana release
 on:
  workflow_dispatch:
    inputs:
@@ -19,7 +19,7 @@ on:
      target:
        required: true
        type: string
-        description: The release branch pattern (eg v9.5.x) that these changes are being merged into
+        description: The base branch that these changes are being merged into
      backport:
        required: false
        type: string
@@ -61,17 +61,10 @@ jobs:
        with:
          app_id: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_ID }}
          private_key: ${{ secrets.GRAFANA_DELIVERY_BOT_APP_PEM }}
-      - name: Get release branch
-        id: branch
-        uses: grafana/grafana-github-actions-go/latest-release-branch@main
-        with:
-          token: ${{ steps.generate_token.outputs.token }}
-          ownerRepo: 'grafana/grafana'
-          pattern: ${{ inputs.target }}
      - name: Checkout Grafana
        uses: actions/checkout@v4
        with:
-          ref: ${{ steps.branch.outputs.branch }}
+          ref: ${{ inputs.target }}
          fetch-depth: 0
          fetch-tags: true
      - name: Checkout Grafana (main)
@@ -131,6 +124,7 @@ jobs:
          rm -f CHANGELOG.part changelog_items.md

          git diff CHANGELOG.md
+          
      - name: "Prettify CHANGELOG.md"
        run: npx prettier --write CHANGELOG.md
      - name: Commit CHANGELOG.md changes
@@ -157,7 +151,7 @@ jobs:
            $( [ "x${{ inputs.latest }}" == "xtrue" ] && printf %s '-l "release/latest"') \
            -l "no-changelog" \
            --dry-run=${{ inputs.dry_run }} \
-            -B "${{ steps.branch.outputs.branch }}" \
+            -B "${{ inputs.target }}" \
            --title "Release: ${{ inputs.version }}" \
            --body "These code changes must be merged after a release is complete"
        env:
@@ -171,7 +165,7 @@ jobs:
            -l "product-approved" \
            -l "no-changelog" \
            --dry-run=${{ inputs.dry_run }} \
-            -B "${{ steps.branch.outputs.branch }}" \
+            -B "${{ inputs.target }}" \
            --title "Release: ${{ inputs.version }}" \
            --body "These code changes must be merged after a release is complete"
        env:
@@ -1,9 +0,0 @@
-
-module.exports = async ({ name, github, context, core }) => {
-    const { owner, repo } = context.repo;
-    const url = `https://api.github.com/repos/${owner}/${repo}/actions/runs/${context.runId}/jobs`
-    const result = await github.request(url);
-    const job = result.data.jobs.find(j => j.name === name);
-    
-    core.setOutput('link', `${job.html_url}?check_suite_focus=true`);
-}
@@ -4,48 +4,59 @@ on:
    # only run on PRs where go.mod/go.sum/etc have been updated
    paths:
      - go.*
+      - .github/workflows/trivy-scan.yml
  push:
    branches:
      - main
    paths:
      - go.*
+      - .github/workflows/trivy-scan.yml

 jobs:
  trivy-scan:
    runs-on: ubuntu-22.04
    steps:
    - uses: actions/checkout@v4
+    - name: Install Trivy
+      uses: aquasecurity/setup-trivy@v0.2.2
+      with:
+        version: v0.56.2
+        cache: true
+    - name: Download Trivy DB
+      run: |
+        trivy fs --no-progress --download-db-only --db-repository public.ecr.aws/aquasecurity/trivy-db
    - name: Run Trivy vulnerability scanner (table output)
-      uses: aquasecurity/trivy-action@0.24.0
-      with:
-        # scan the filesystem, rather than building a Docker image prior - the
-        # downside is we won't catch dependencies that are only installed in the
-        # image, but the upside is we'll only catch vulnerabilities that are
-        # explicitly in the our dependencies
-        scan-type: 'fs'
-        scanners: 'vuln'
-        format: 'table'
-        exit-code: 1
-        ignore-unfixed: true
-        vuln-type: 'os,library'
-        severity: 'CRITICAL,HIGH'
-        trivyignores: .trivyignore
-        # for the PR check, ignore JS-related issues
-        skip-files: 'yarn.lock,package.json'
+      # Use the trivy binary rather than the aquasecurity/trivy-action action
+      # to avoid a few bugs
+      # scan the filesystem, rather than building a Docker image prior - the
+      # downside is we won't catch dependencies that are only installed in the
+      # image, but the upside is we'll only catch vulnerabilities that are
+      # explicitly in the our dependencies
+      run: |
+        trivy fs \
+          --scanners vuln \
+          --format table \
+          --exit-code 1 \
+          --ignore-unfixed \
+          --pkg-types os,library \
+          --severity CRITICAL,HIGH \
+          --ignorefile .trivyignore \
+          --skip-files yarn.lock,package.json \
+          --skip-db-update \
+          .
    - name: Run Trivy vulnerability scanner (SARIF)
-      uses: aquasecurity/trivy-action@0.24.0
-      with:
-        scan-type: 'fs'
-        scanners: 'vuln'
-        # Note: The SARIF format ignores severity and uploads all vulns for
-        # later triage. The table-format step above is used to fail the build
-        # if there are any critical or high vulnerabilities.
-        # See https://github.com/aquasecurity/trivy-action/issues/95
-        format: 'sarif'
-        output: 'trivy-results.sarif'
-        ignore-unfixed: true
-        vuln-type: 'os,library'
-        trivyignores: .trivyignore
+      # Use the trivy binary rather than the aquasecurity/trivy-action action
+      # to avoid a few bugs
+      run: |
+        trivy fs \
+          --scanners vuln \
+          --format sarif \
+          --output trivy-results.sarif \
+          --ignore-unfixed \
+          --pkg-types os,library \
+          --ignorefile .trivyignore \
+          --skip-db-update \
+          .
      if: always() && github.repository == 'grafana/grafana'
    - name: Upload Trivy scan results to GitHub Security tab
      uses: github/codeql-action/upload-sarif@v3
@@ -107,6 +107,7 @@ profile.cov
 /pkg/extensions/*
 /pkg/build/cmd/artifactspage.go
 /pkg/build/cmd/artifactspage.tmpl.html
+/pkg/build/cmd/exportversion.go
 /pkg/server/wireexts_enterprise.go
 /pkg/cmd/grafana-cli/runner/wireexts_enterprise.go
 !/pkg/extensions/main.go
@@ -223,3 +224,5 @@ public/app/plugins/**/dist/

 # Mock service worker used for fake API responses in frontend development
 public/mockServiceWorker.js
+
+/e2e/test-plugins/*/dist
@@ -9,7 +9,21 @@
      "program": "${workspaceFolder}/pkg/cmd/grafana/",
      "env": {},
      "cwd": "${workspaceFolder}",
-      "args": ["server", "--homepath", "${workspaceFolder}", "--packaging", "dev", "cfg:app_mode=development"]
+      "args": [
+        "server", 
+        "--homepath", "${workspaceFolder}", 
+        "--packaging", "dev", 
+        "cfg:app_mode=development",
+      ]
+    },
+    {
+      "name": "Attach to Test Process",
+      "type": "go",
+      "request": "attach",
+      "mode": "remote",
+      "host": "127.0.0.1",
+      "port": 50480,
+      "apiVersion": 2,
    },
    {
      "name": "Run API Server (testdata)",
@@ -1,63 +0,0 @@
-diff --git a/cjs/history.js b/cjs/history.js
-index fcd8ebab613c6d87b9ac824feb30ab1080cf0ef2..4df20d5cb2f9ba5fc8777899aada53f49399560b 100644
--- a/cjs/history.js
-+++ b/cjs/history.js
-@@ -103,16 +103,6 @@ function createLocation(path, state, key, currentLocation) {
-     if (state !== undefined && location.state === undefined) location.state = state;
-   }
- 
-  try {
-    location.pathname = decodeURI(location.pathname);
-  } catch (e) {
-    if (e instanceof URIError) {
-      throw new URIError('Pathname "' + location.pathname + '" could not be decoded. ' + 'This is likely caused by an invalid percent-encoding.');
-    } else {
-      throw e;
-    }
-  }
-
-   if (key) location.key = key;
- 
-   if (currentLocation) {
-diff --git a/esm/history.js b/esm/history.js
-index df67820fe3eed558c44fca07a82b0cd409d46720..e0e0d4f69a407e8de782b3fdf8297d42708e110a 100644
--- a/esm/history.js
-+++ b/esm/history.js
-@@ -80,16 +80,6 @@ function createLocation(path, state, key, currentLocation) {
-     if (state !== undefined && location.state === undefined) location.state = state;
-   }
- 
-  try {
-    location.pathname = decodeURI(location.pathname);
-  } catch (e) {
-    if (e instanceof URIError) {
-      throw new URIError('Pathname "' + location.pathname + '" could not be decoded. ' + 'This is likely caused by an invalid percent-encoding.');
-    } else {
-      throw e;
-    }
-  }
-
-   if (key) location.key = key;
- 
-   if (currentLocation) {
-diff --git a/umd/history.js b/umd/history.js
-index 80e4ff66c44a2a71d4f842cc05a252e48dd18e9a..f8f4901be95e48c66f5626fbf051747a2ffbe41d 100644
--- a/umd/history.js
-+++ b/umd/history.js
-@@ -207,16 +207,6 @@
-       if (state !== undefined && location.state === undefined) location.state = state;
-     }
- 
-    try {
-      location.pathname = decodeURI(location.pathname);
-    } catch (e) {
-      if (e instanceof URIError) {
-        throw new URIError('Pathname "' + location.pathname + '" could not be decoded. ' + 'This is likely caused by an invalid percent-encoding.');
-      } else {
-        throw e;
-      }
-    }
-
-     if (key) location.key = key;
- 
-     if (currentLocation) {
@@ -26,7 +26,7 @@ plugins:
  - path: .yarn/plugins/@yarnpkg/plugin-outdated.cjs
    spec: 'https://mskelton.dev/yarn-outdated/v2'

-yarnPath: .yarn/releases/yarn-4.5.0.cjs
+yarnPath: .yarn/releases/yarn-4.5.1.cjs
 # Uncomment the following lines if you want to use Verdaccio local npm registry. Read more at packages/README.md
 #npmScopes:
 # grafana:
@@ -1,42 +1,3 @@
-<!-- 11.4.1 START -->
-
-# 11.4.1 (2025-01-28)
-
-### Features and enhancements
-
- **Security:** Update to Go 1.23.5 - Backport to v11.4.x [#99123](https://github.com/grafana/grafana/pull/99123), [@Proximyst](https://github.com/Proximyst)
- **Security:** Update to Go 1.23.5 - Backport to v11.4.x (Enterprise)
-
-### Bug fixes
-
- **Alerting:** AlertingQueryRunner should skip descendant nodes of invalid queries [#97830](https://github.com/grafana/grafana/pull/97830), [@gillesdemey](https://github.com/gillesdemey)
- **Alerting:** Fix alert rules unpausing after moving rule to different folder [#97583](https://github.com/grafana/grafana/pull/97583), [@santihernandezc](https://github.com/santihernandezc)
- **Alerting:** Fix label escaping in rule export [#98649](https://github.com/grafana/grafana/pull/98649), [@moustafab](https://github.com/moustafab)
- **Alerting:** Fix slack image uploading to use new api [#98066](https://github.com/grafana/grafana/pull/98066), [@moustafab](https://github.com/moustafab)
- **Azure/GCM:** Improve error display [#97594](https://github.com/grafana/grafana/pull/97594), [@aangelisc](https://github.com/aangelisc)
- **Dashboards:** Fix issue where filtered panels would not react to variable changes [#98734](https://github.com/grafana/grafana/pull/98734), [@oscarkilhed](https://github.com/oscarkilhed)
- **Dashboards:** Fixes issue with panel header showing even when hide time override was enabled [#98747](https://github.com/grafana/grafana/pull/98747), [@torkelo](https://github.com/torkelo)
- **Dashboards:** Fixes week relative time ranges when weekStart was changed [#98269](https://github.com/grafana/grafana/pull/98269), [@torkelo](https://github.com/torkelo)
- **Dashboards:** Panel react for `timeFrom` and `timeShift` changes using variables [#98659](https://github.com/grafana/grafana/pull/98659), [@Sergej-Vlasov](https://github.com/Sergej-Vlasov)
- **DateTimePicker:** Fixes issue with date picker showing invalid date [#97971](https://github.com/grafana/grafana/pull/97971), [@torkelo](https://github.com/torkelo)
- **Fix:** Add support for datasource variable queries [#98119](https://github.com/grafana/grafana/pull/98119), [@sunker](https://github.com/sunker)
- **InfluxDB:** Adhoc filters can use template vars as values [#98786](https://github.com/grafana/grafana/pull/98786), [@bossinc](https://github.com/bossinc)
- **LibraryPanel:** Fallback to panel title if library panel title is not set [#99410](https://github.com/grafana/grafana/pull/99410), [@ivanortegaalba](https://github.com/ivanortegaalba)
-
-### Plugin development fixes & changes
-
- **Grafana UI:** Re-add react-router-dom as a dependency [#98422](https://github.com/grafana/grafana/pull/98422), [@leventebalogh](https://github.com/leventebalogh)
-
-<!-- 11.4.1 END -->
-<!-- 11.4.0 START -->
-
-# 11.4.0 (2024-12-05)
-
-### Features and enhancements
-
- **Cloudwatch:** OpenSearch PPL and SQL support in Logs Insights
-
-<!-- 11.4.0 END -->
 <!-- 11.3.1 START -->

 # 11.3.1 (2024-11-19)
@@ -73,6 +34,81 @@
 - **Unified Storage:** Use ssl_mode instead of sslmode [#95662](https://github.com/grafana/grafana/pull/95662), [@chaudyg](https://github.com/chaudyg)

 <!-- 11.3.1 END -->
+<!-- 11.2.4 START -->
+
+# 11.2.4 (2024-11-19)
+
+### Features and enhancements
+
+- **Alerting:** Make context deadline on AlertNG service startup configurable [#96133](https://github.com/grafana/grafana/pull/96133), [@fayzal-g](https://github.com/fayzal-g)
+- **MigrationAssistant:** Restrict dashboards, folders and datasources by the org id of the signed in user [#96344](https://github.com/grafana/grafana/pull/96344), [@leandro-deveikis](https://github.com/leandro-deveikis)
+- **Transformations:** Add 'transpose' transform [#95076](https://github.com/grafana/grafana/pull/95076), [@jmdane](https://github.com/jmdane)
+- **User:** Check SignedInUser OrgID in RevokeInvite [#95489](https://github.com/grafana/grafana/pull/95489), [@mgyongyosi](https://github.com/mgyongyosi)
+
+### Bug fixes
+
+- **Alerting:** Force refetch prom rules when refreshing panel [#96124](https://github.com/grafana/grafana/pull/96124), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
+- **Anonymous User:** Adds validator service for anonymous users [#94993](https://github.com/grafana/grafana/pull/94993), [@leandro-deveikis](https://github.com/leandro-deveikis)
+- **Anonymous User:** Adds validator service for anonymous users (Enterprise)
+- **Azure Monitor:** Support metric namespaces fallback [#95154](https://github.com/grafana/grafana/pull/95154), [@aangelisc](https://github.com/aangelisc)
+- **Azure:** Fix duplicated traces in multi-resource trace query [#95246](https://github.com/grafana/grafana/pull/95246), [@aangelisc](https://github.com/aangelisc)
+- **Azure:** Handle namespace request rejection [#95908](https://github.com/grafana/grafana/pull/95908), [@aangelisc](https://github.com/aangelisc)
+- **Folders:** Add admin permissions upon creation of a folder w. SA [#95416](https://github.com/grafana/grafana/pull/95416), [@eleijonmarck](https://github.com/eleijonmarck)
+- **Migration:** Remove table aliasing in delete statement to make it work for mariadb [#95231](https://github.com/grafana/grafana/pull/95231), [@kalleep](https://github.com/kalleep)
+- **ServerLock:** Fix pg concurrency/locking issue [#95934](https://github.com/grafana/grafana/pull/95934), [@mgyongyosi](https://github.com/mgyongyosi)
+- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94959](https://github.com/grafana/grafana/pull/94959), [@samjewell](https://github.com/samjewell)
+
+<!-- 11.2.4 END -->
+<!-- 11.1.9 START -->
+
+# 11.1.9 (2024-11-19)
+
+### Features and enhancements
+
+- **Alerting:** Make context deadline on AlertNG service startup configurable [#96132](https://github.com/grafana/grafana/pull/96132), [@fayzal-g](https://github.com/fayzal-g)
+- **User:** Check SignedInUser OrgID in RevokeInvite [#95488](https://github.com/grafana/grafana/pull/95488), [@mgyongyosi](https://github.com/mgyongyosi)
+
+### Bug fixes
+
+- **Alerting:** Force refetch prom rules when refreshing panel [#96123](https://github.com/grafana/grafana/pull/96123), [@soniaAguilarPeiron](https://github.com/soniaAguilarPeiron)
+- **Anonymous User:** Adds validator service for anonymous users [#94992](https://github.com/grafana/grafana/pull/94992), [@leandro-deveikis](https://github.com/leandro-deveikis)
+- **Anonymous User:** Adds validator service for anonymous users (Enterprise)
+- **Azure Monitor:** Support metric namespaces fallback [#95153](https://github.com/grafana/grafana/pull/95153), [@aangelisc](https://github.com/aangelisc)
+- **Azure:** Fix duplicated traces in multi-resource trace query [#95245](https://github.com/grafana/grafana/pull/95245), [@aangelisc](https://github.com/aangelisc)
+- **Azure:** Handle namespace request rejection [#95907](https://github.com/grafana/grafana/pull/95907), [@aangelisc](https://github.com/aangelisc)
+- **Migration:** Remove table aliasing in delete statement to make it work for mariadb [#95230](https://github.com/grafana/grafana/pull/95230), [@kalleep](https://github.com/kalleep)
+- **Prometheus:** Fix interpolating adhoc filters with template variables [#95977](https://github.com/grafana/grafana/pull/95977), [@cazeaux](https://github.com/cazeaux)
+- **ServerLock:** Fix pg concurrency/locking issue [#95933](https://github.com/grafana/grafana/pull/95933), [@mgyongyosi](https://github.com/mgyongyosi)
+- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94969](https://github.com/grafana/grafana/pull/94969), [@scottlepp](https://github.com/scottlepp)
+
+<!-- 11.1.9 END -->
+<!-- 11.0.8 START -->
+
+# 11.0.8 (2024-11-19)
+
+### Features and enhancements
+
+- **Alerting:** Make context deadline on AlertNG service startup configurable [#96131](https://github.com/grafana/grafana/pull/96131), [@fayzal-g](https://github.com/fayzal-g)
+- **User:** Check SignedInUser OrgID in RevokeInvite [#95487](https://github.com/grafana/grafana/pull/95487), [@mgyongyosi](https://github.com/mgyongyosi)
+
+### Bug fixes
+
+- **Anonymous User:** Adds validator service for anonymous users [#95151](https://github.com/grafana/grafana/pull/95151), [@leandro-deveikis](https://github.com/leandro-deveikis)
+- **Anonymous User:** Adds validator service for anonymous users (Enterprise)
+- **Azure Monitor:** Support metric namespaces fallback [#95152](https://github.com/grafana/grafana/pull/95152), [@aangelisc](https://github.com/aangelisc)
+- **Azure:** Fix duplicated traces in multi-resource trace query [#95244](https://github.com/grafana/grafana/pull/95244), [@aangelisc](https://github.com/aangelisc)
+- **Azure:** Handle namespace request rejection [#95906](https://github.com/grafana/grafana/pull/95906), [@aangelisc](https://github.com/aangelisc)
+- **Migration:** Remove table aliasing in delete statement to make it work for mariadb [#95229](https://github.com/grafana/grafana/pull/95229), [@kalleep](https://github.com/kalleep)
+- **Prometheus:** Fix interpolating adhoc filters with template variables [#95986](https://github.com/grafana/grafana/pull/95986), [@cazeaux](https://github.com/cazeaux)
+- **ServerLock:** Fix pg concurrency/locking issue [#95932](https://github.com/grafana/grafana/pull/95932), [@mgyongyosi](https://github.com/mgyongyosi)
+- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94971](https://github.com/grafana/grafana/pull/94971), [@samjewell](https://github.com/samjewell)
+
+<!-- 11.0.8 END -->
+<!-- 10.4.13 START -->
+
+# 10.4.13 (2024-11-19)
+
+<!-- 10.4.13 END -->
 <!-- 11.3.0+security-01 START -->

 # 11.3.0+security-01 (2024-11-12)
@@ -82,6 +118,22 @@
 - **MigrationAssistant:** Fix Migration Assistant issue [CVE-2024-9476]

 <!-- 11.3.0+security-01 END -->
+<!-- 11.2.3+security-01 START -->
+
+# 11.2.3+security-01 (2024-11-12)
+
+- **MigrationAssistant:** Fix Migration Assistant issue [CVE-2024-9476]
+
+<!-- 11.2.3+security-01 END -->
+<!-- 10.4.12 START -->
+
+# 10.4.12 (2024-11-08)
+
+### Bug fixes
+
+- **Alerting:** Make context deadline on AlertNG service startup configurable [#96058](https://github.com/grafana/grafana/pull/96058), [@fayzal-g](https://github.com/fayzal-g)
+
+<!-- 10.4.12 END -->
 <!-- 11.3.0 START -->

 # 11.3.0 (2024-10-22)
@@ -121,6 +173,89 @@
 - **SubMenu:** Fix expanding sub menu items on touch devices [#93208](https://github.com/grafana/grafana/pull/93208), [@yincongcyincong](https://github.com/yincongcyincong)

 <!-- 11.3.0 END -->
+<!-- 11.2.3 START -->
+
+# 11.2.3 (2024-10-22)
+
+### Bug fixes
+
+- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93947](https://github.com/grafana/grafana/pull/93947), [@alexweav](https://github.com/alexweav)
+- **AzureMonitor:** Fix App Insights portal URL for multi-resource trace queries [#94475](https://github.com/grafana/grafana/pull/94475), [@aangelisc](https://github.com/aangelisc)
+- **Canvas:** Allow API calls to grafana origin [#94129](https://github.com/grafana/grafana/pull/94129), [@adela-almasan](https://github.com/adela-almasan)
+- **Folders:** Correctly show new folder button under root folder [#94712](https://github.com/grafana/grafana/pull/94712), [@IevaVasiljeva](https://github.com/IevaVasiljeva)
+- **OrgSync:** Do not set default Organization for a user to a non-existent Organization [#94549](https://github.com/grafana/grafana/pull/94549), [@mgyongyosi](https://github.com/mgyongyosi)
+- **Plugins:** Skip install errors if dependency plugin already exists [#94717](https://github.com/grafana/grafana/pull/94717), [@wbrowne](https://github.com/wbrowne)
+- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94959](https://github.com/grafana/grafana/pull/94959), [@samjewell](https://github.com/samjewell)
+
+<!-- 11.2.3 END -->
+<!-- 11.2.2+security-01 START -->
+
+# 11.2.2+security-01 (2024-10-17)
+
+### Bug fixes
+
+- **SQL Expressions**: Fixes CVE-2024-9264
+
+<!-- 11.2.2+security-01 END -->
+<!-- 11.2.1+security-01 START -->
+
+# 11.2.1+security-01 (2024-10-17)
+
+### Features and enhancements
+
+### Bug fixes
+
+- **SQL Expressions**: Fixes CVE-2024-9264
+
+<!-- 11.2.1+security-01 END -->
+<!-- 11.1.8 START -->
+
+# 11.1.8 (2024-10-22)
+
+### Bug fixes
+
+- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93948](https://github.com/grafana/grafana/pull/93948), [@alexweav](https://github.com/alexweav)
+- **AzureMonitor:** Fix App Insights portal URL for multi-resource trace queries [#94474](https://github.com/grafana/grafana/pull/94474), [@aangelisc](https://github.com/aangelisc)
+- **OrgSync:** Do not set default Organization for a user to a non-existent Organization [#94551](https://github.com/grafana/grafana/pull/94551), [@mgyongyosi](https://github.com/mgyongyosi)
+- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94969](https://github.com/grafana/grafana/pull/94969), [@scottlepp](https://github.com/scottlepp)
+
+<!-- 11.1.8 END -->
+<!-- 11.1.7+security-01 START -->
+
+# 11.1.7+security-01 (2024-10-17)
+
+### Bug fixes
+
+- **SQL Expressions**: Fixes CVE-2024-9264
+
+<!-- 11.1.7+security-01 END -->
+<!-- 11.1.6+security-01 START -->
+
+# 11.1.6+security-01 (2024-10-17)
+
+### Bug fixes
+
+- **SQL Expressions**: Fixes CVE-2024-9264
+
+<!-- 11.1.6+security-01 END -->
+<!-- 11.0.6+security-01 START -->
+
+# 11.0.6+security-01 (2024-10-17)
+
+### Bug fixes
+
+- **SQL Expressions**: Fixes CVE-2024-9264
+
+<!-- 11.0.6+security-01 END -->
+<!-- 11.0.5+security-01 START -->
+
+# 11.0.5+security-01 (2024-10-17)
+
+### Bug fixes
+
+- **SQL Expressions**: Fixes CVE-2024-9264
+
+<!-- 11.0.5+security-01 END -->
 <!-- 11.2.2 START -->

 # 11.2.2 (2024-10-01)
@@ -164,6 +299,19 @@
 - **Plugins:** Avoid returning 404 for `AutoEnabled` apps [#93487](https://github.com/grafana/grafana/pull/93487), [@wbrowne](https://github.com/wbrowne)

 <!-- 11.1.7 END -->
+<!-- 11.0.7 START -->
+
+# 11.0.7 (2024-10-22)
+
+### Bug fixes
+
+- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93949](https://github.com/grafana/grafana/pull/93949), [@alexweav](https://github.com/alexweav)
+- **AzureMonitor:** Fix App Insights portal URL for multi-resource trace queries [#94489](https://github.com/grafana/grafana/pull/94489), [@aangelisc](https://github.com/aangelisc)
+- **Dashboard:** Make dashboard search faster [#94702](https://github.com/grafana/grafana/pull/94702), [@knuzhdin](https://github.com/knuzhdin)
+- **OrgSync:** Do not set default Organization for a user to a non-existent Organization [#94552](https://github.com/grafana/grafana/pull/94552), [@mgyongyosi](https://github.com/mgyongyosi)
+- **ServerSideExpressions:** Disable SQL Expressions to prevent RCE and LFI vulnerability [#94971](https://github.com/grafana/grafana/pull/94971), [@samjewell](https://github.com/samjewell)
+
+<!-- 11.0.7 END -->
 <!-- 11.0.6 START -->

 # 11.0.6 (2024-10-01)
@@ -181,6 +329,17 @@
 - **Plugins:** Avoid returning 404 for `AutoEnabled` apps [#93486](https://github.com/grafana/grafana/pull/93486), [@wbrowne](https://github.com/wbrowne)

 <!-- 11.0.6 END -->
+<!-- 10.4.11 START -->
+
+# 10.4.11 (2024-10-22)
+
+### Bug fixes
+
+- **Alerting:** Fix broken panelId links [#94686](https://github.com/grafana/grafana/pull/94686), [@gillesdemey](https://github.com/gillesdemey)
+- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93946](https://github.com/grafana/grafana/pull/93946), [@alexweav](https://github.com/alexweav)
+- **Dashboard:** Make dashboard search faster [#94703](https://github.com/grafana/grafana/pull/94703), [@knuzhdin](https://github.com/knuzhdin)
+
+<!-- 10.4.11 END -->
 <!-- 10.4.10 START -->

 # 10.4.10 (2024-10-01)
@@ -196,6 +355,16 @@
 - **Correlations:** Limit access to correlations page to users who can access Explore [#93673](https://github.com/grafana/grafana/pull/93673), [@ifrost](https://github.com/ifrost)

 <!-- 10.4.10 END -->
+<!-- 10.3.12 START -->
+
+# 10.3.12 (2024-10-22)
+
+### Bug fixes
+
+- **Alerting:** Fix incorrect permission on POST external rule groups endpoint [CVE-2024-8118] [#93945](https://github.com/grafana/grafana/pull/93945), [@alexweav](https://github.com/alexweav)
+- **Dashboard:** Make dashboard search faster [#94704](https://github.com/grafana/grafana/pull/94704), [@knuzhdin](https://github.com/knuzhdin)
+
+<!-- 10.3.12 END -->
 <!-- 10.3.11 START -->

 # 10.3.11 (2024-10-01)
@@ -1,19 +1,14 @@
 # syntax=docker/dockerfile:1

-# to maintain formatting of multiline commands in vscode, add the following to settings.json:
-# "docker.languageserver.formatter.ignoreMultilineInstructions": true
-
-ARG BASE_IMAGE=alpine:3.19.1
+ARG BASE_IMAGE=alpine:3.20
 ARG JS_IMAGE=node:20-alpine
 ARG JS_PLATFORM=linux/amd64
-ARG GO_IMAGE=golang:1.23.5-alpine
+ARG GO_IMAGE=golang:1.23.1-alpine

-# Default to building locally
 ARG GO_SRC=go-builder
 ARG JS_SRC=js-builder

-# Javascript build stage
-FROM --platform=${JS_PLATFORM} ${JS_IMAGE} AS js-builder
+FROM --platform=${JS_PLATFORM} ${JS_IMAGE} as js-builder

 ENV NODE_OPTIONS=--max_old_space_size=8000

@@ -35,11 +30,10 @@ COPY tsconfig.json .eslintrc .editorconfig .browserslistrc .prettierrc.js ./
 COPY scripts scripts
 COPY emails emails

-ENV NODE_ENV production
+ENV NODE_ENV=production
 RUN yarn build

-# Golang build stage
-FROM ${GO_IMAGE} AS go-builder
+FROM ${GO_IMAGE} as go-builder

 ARG COMMIT_SHA=""
 ARG BUILD_BRANCH=""
@@ -83,6 +77,7 @@ RUN if [[ "$BINGO" = "true" ]]; then \
 COPY embed.go Makefile build.go package.json ./
 COPY cue.mod cue.mod
 COPY kinds kinds
+COPY kindsv2 kindsv2
 COPY local local
 COPY packages/grafana-schema packages/grafana-schema
 COPY public/app/plugins public/app/plugins
@@ -97,8 +92,7 @@ ENV BUILD_BRANCH=${BUILD_BRANCH}

 RUN make build-go GO_BUILD_TAGS=${GO_BUILD_TAGS} WIRE_TAGS=${WIRE_TAGS}

-# From-tarball build stage
-FROM ${BASE_IMAGE} AS tgz-builder
+FROM ${BASE_IMAGE} as tgz-builder

 WORKDIR /tmp/grafana

@@ -110,8 +104,8 @@ COPY ${GRAFANA_TGZ} /tmp/grafana.tar.gz
 RUN tar x -z -f /tmp/grafana.tar.gz --strip-components=1

 # helpers for COPY --from
-FROM ${GO_SRC} AS go-src
-FROM ${JS_SRC} AS js-src
+FROM ${GO_SRC} as go-src
+FROM ${JS_SRC} as js-src

 # Final stage
 FROM ${BASE_IMAGE}
@@ -146,20 +140,19 @@ RUN if grep -i -q alpine /etc/issue; then \
    fi

 # glibc support for alpine x86_64 only
-# docker run --rm --env STDOUT=1 sgerrand/glibc-builder 2.40 /usr/glibc-compat > glibc-bin-2.40.tar.gz
-ARG GLIBC_VERSION=2.40
-
 RUN if grep -i -q alpine /etc/issue && [ `arch` = "x86_64" ]; then \
-      wget -qO- "https://dl.grafana.com/glibc/glibc-bin-$GLIBC_VERSION.tar.gz" | tar zxf - -C / \
-        usr/glibc-compat/lib/ld-linux-x86-64.so.2 \
-        usr/glibc-compat/lib/libc.so.6 \
-        usr/glibc-compat/lib/libdl.so.2 \
-        usr/glibc-compat/lib/libm.so.6 \
-        usr/glibc-compat/lib/libpthread.so.0 \
-        usr/glibc-compat/lib/librt.so.1 \
-        usr/glibc-compat/lib/libresolv.so.2 && \
-      mkdir /lib64 && \
-      ln -s /usr/glibc-compat/lib/ld-linux-x86-64.so.2 /lib64; \
+      wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \
+      wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.35-r0/glibc-2.35-r0.apk \
+        -O /tmp/glibc-2.35-r0.apk && \
+      wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.35-r0/glibc-bin-2.35-r0.apk \
+        -O /tmp/glibc-bin-2.35-r0.apk && \
+      apk add --force-overwrite --no-cache /tmp/glibc-2.35-r0.apk /tmp/glibc-bin-2.35-r0.apk && \
+      rm -f /lib64/ld-linux-x86-64.so.2 && \
+      ln -s /usr/glibc-compat/lib64/ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2 && \
+      rm -f /tmp/glibc-2.35-r0.apk && \
+      rm -f /tmp/glibc-bin-2.35-r0.apk && \
+      rm -f /lib/ld-linux-x86-64.so.2 && \
+      rm -f /etc/ld.so.cache; \
    fi

 COPY --from=go-src /tmp/grafana/conf ./conf
@@ -3,3 +3,4 @@
 List of previous team members that have had a big impact on the company or the product and contributed during a long period of time.

 - Hugo Häggmark ([Björn Lundén](https://www.bjornlunden.se/))
+- Marcus Efraimsson
@@ -8,7 +8,7 @@ WIRE_TAGS = "oss"
 include .bingo/Variables.mk

 GO = go
-GO_VERSION = 1.23.5
+GO_VERSION = 1.23.1
 GO_LINT_FILES ?= $(shell ./scripts/go-workspace/golangci-lint-includes.sh)
 GO_TEST_FILES ?= $(shell ./scripts/go-workspace/test-includes.sh)
 SH_FILES ?= $(shell find ./scripts -name *.sh)
@@ -17,6 +17,7 @@ GO_RACE_FLAG := $(if $(GO_RACE),-race)
 GO_BUILD_FLAGS += $(if $(GO_BUILD_DEV),-dev)
 GO_BUILD_FLAGS += $(if $(GO_BUILD_TAGS),-build-tags=$(GO_BUILD_TAGS))
 GO_BUILD_FLAGS += $(GO_RACE_FLAG)
+GIT_BASE = remotes/origin/main

 # GNU xargs has flag -r, and BSD xargs (e.g. MacOS) has that behaviour by default
 XARGSR = $(shell xargs --version 2>&1 | grep -q GNU && echo xargs -r || echo xargs)
@@ -145,6 +146,11 @@ gen-cue: ## Do all CUE/Thema code generation
 	go generate ./kinds/gen.go
 	go generate ./public/app/plugins/gen.go

+.PHONY: gen-cuev2
+gen-cuev2: ## Do all CUE code generation
+	@echo "generate code from .cue files (v2)"
+	go generate ./kindsv2/gen.go
+
 .PHONY: gen-feature-toggles
 gen-feature-toggles:
 ## First go test run fails because it will re-generate the feature toggles.
@@ -173,12 +179,16 @@ gen-jsonnet:
 	go generate ./devenv/jsonnet

 .PHONY: update-workspace
-update-workspace:
+update-workspace: gen-go
 	@echo "updating workspace"
 	bash scripts/go-workspace/update-workspace.sh

 .PHONY: build-go
 build-go: gen-go update-workspace ## Build all Go binaries.
+	@echo "build go files with updated workspace"
+	$(GO) run build.go $(GO_BUILD_FLAGS) build
+
+build-go-fast: gen-go ## Build all Go binaries.
 	@echo "build go files"
 	$(GO) run build.go $(GO_BUILD_FLAGS) build

@@ -308,7 +318,7 @@ lint-go: golangci-lint ## Run all code checks for backend. You can use GO_LINT_F

 .PHONY: lint-go-diff
 lint-go-diff: $(GOLANGCI_LINT)
-	git diff --name-only remotes/origin/main | \
+	git diff --name-only $(GIT_BASE) | \
 		grep '\.go$$' | \
 		$(XARGSR) dirname | \
 		sort -u | \
@@ -411,6 +421,7 @@ protobuf: ## Compile protobuf definitions
 	buf generate pkg/plugins/backendplugin/pluginextensionv2 --template pkg/plugins/backendplugin/pluginextensionv2/buf.gen.yaml
 	buf generate pkg/plugins/backendplugin/secretsmanagerplugin --template pkg/plugins/backendplugin/secretsmanagerplugin/buf.gen.yaml
 	buf generate pkg/storage/unified/resource --template pkg/storage/unified/resource/buf.gen.yaml
+	buf generate pkg/services/authz/proto/v1 --template pkg/services/authz/proto/v1/buf.gen.yaml

 .PHONY: clean
 clean: ## Clean up intermediate build artifacts.
@@ -38,7 +38,7 @@ If you're interested in contributing to the Grafana project:

 ## Get involved

- Follow [@grafana on Twitter](https://twitter.com/grafana/).
+- Follow [@grafana on X (formerly Twitter)](https://x.com/grafana/).
 - Read and subscribe to the [Grafana blog](https://grafana.com/blog/).
 - If you have a specific question, check out our [discussion forums](https://community.grafana.com/).
 - For general discussions, join us on the [official Slack](https://slack.grafana.com) team.
@@ -0,0 +1,4 @@
+.PHONY: generate
+generate:
+	## --crdencoding none is needed to avoid infinite loop while generating recursive models'
+	grafana-app-sdk generate -c . -g ./apis --crdencoding none
@@ -0,0 +1,49 @@
+package core
+
+route: {
+	kind:  "RoutingTree"
+	group: "notifications"
+	apiResource: {
+		groupOverride: "notifications.alerting.grafana.app"
+	}
+	codegen: {
+		frontend: false
+		backend:  true
+	}
+	pluralName: "RoutingTrees"
+	current:    "v0alpha1"
+	versions: {
+		"v0alpha1": {
+			schema: {
+				#RouteDefaults: {
+					receiver: string
+					group_by?: [...string]
+					group_wait?: string
+					group_interval?:  string
+					repeat_interval?: string
+				}
+				#Matcher: {
+					 type: "=" |"!="|"=~"|"!~" @cuetsy(kind="enum")
+					 label: string
+					 value: string
+				}
+				#Route: {
+					receiver?: string
+					matchers?: [...#Matcher]
+					continue: bool
+
+					group_by?: [...string]
+					mute_time_intervals?: [...string]
+					routes?: [...#Route]
+					group_wait?: string
+					group_interval?:  string
+					repeat_interval?: string
+				}
+				spec: {
+					 defaults: #RouteDefaults
+					 routes: [...#Route]
+				}
+			}
+		}
+	}
+}
@@ -1,3 +1,3 @@
 .PHONY: generate
 generate:
-	@grafana-app-sdk generate -g ./apis --kindgrouping=group --postprocess
+	@grafana-app-sdk generate -g ./pkg/apis --kindgrouping=group --postprocess --crdencoding none
@@ -3,36 +3,81 @@ module github.com/grafana/grafana/apps/playlist
 go 1.23.1

 require (
-	github.com/grafana/grafana-app-sdk v0.19.0
+	github.com/grafana/grafana-app-sdk v0.23.1
 	k8s.io/apimachinery v0.31.1
+	k8s.io/klog/v2 v2.130.1
 	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340
 )

 require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/bradfitz/gomemcache v0.0.0-20230905024940-24af94b03874 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/getkin/kin-openapi v0.128.0 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.23.0 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/imdario/mergo v0.3.16 // indirect
+	github.com/invopop/yaml v0.3.1 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/compress v1.17.9 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/perimeterx/marshmallow v1.1.5 // indirect
+	github.com/prometheus/client_golang v1.20.5 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
+	github.com/prometheus/common v0.60.1 // indirect
+	github.com/prometheus/procfs v0.15.1 // indirect
+	github.com/puzpuzpuz/xsync/v2 v2.5.1 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
-	golang.org/x/net v0.29.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
-	google.golang.org/protobuf v1.34.2 // indirect
+	go.opentelemetry.io/otel v1.32.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.32.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.32.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.31.0 // indirect
+	go.opentelemetry.io/otel/metric v1.32.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.32.0 // indirect
+	go.opentelemetry.io/otel/trace v1.32.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
+	golang.org/x/net v0.30.0 // indirect
+	golang.org/x/oauth2 v0.23.0 // indirect
+	golang.org/x/sys v0.27.0 // indirect
+	golang.org/x/term v0.25.0 // indirect
+	golang.org/x/text v0.20.0 // indirect
+	golang.org/x/time v0.6.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28 // indirect
+	google.golang.org/grpc v1.67.1 // indirect
+	google.golang.org/protobuf v1.35.2 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/klog/v2 v2.130.1 // indirect
+	k8s.io/api v0.31.1 // indirect
+	k8s.io/apiextensions-apiserver v0.31.1 // indirect
+	k8s.io/client-go v0.31.1 // indirect
 	k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
 )
@@ -1,19 +1,36 @@
+github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
+github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
+github.com/bradfitz/gomemcache v0.0.0-20230905024940-24af94b03874 h1:N7oVaKyGp8bttX0bfZGmcGkjz7DLQXhAn3DNd3T0ous=
+github.com/bradfitz/gomemcache v0.0.0-20230905024940-24af94b03874/go.mod h1:r5xuitiExdLAJ09PR7vBVENGvp4ZuTBeWTGtxuX3K+c=
+github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
+github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
 github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
+github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U=
+github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E=
 github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
+github.com/getkin/kin-openapi v0.128.0 h1:jqq3D9vC9pPq1dGcOCv7yOp1DaEe7c/T1vzcLbITSp4=
+github.com/getkin/kin-openapi v0.128.0/go.mod h1:OZrfXzUfGrNbsKj+xmFBx6E5c6yH3At/tAKSc2UszXM=
+github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
 github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ=
 github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY=
 github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ=
 github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4=
 github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE=
 github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
+github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM=
+github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
@@ -26,18 +43,35 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/grafana/grafana-app-sdk v0.19.0 h1:RY9HvCFR+4WUy81n53wejZnof9qE6++pd6r24d6+JYs=
-github.com/grafana/grafana-app-sdk v0.19.0/go.mod h1:y0BgzYxc+a7CwOqkwUhN9zXd5cgZJjd2zAbgHEd/xzo=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/grafana/grafana-app-sdk v0.23.1 h1:BRpUG0bA0oVxjthkmO2thuJBo3nbjaRSSmZJHw+mA8I=
+github.com/grafana/grafana-app-sdk v0.23.1/go.mod h1:KzgPnTJfMeckGmMctv6CJb8Jr/o/5rwARDyjXoeR0Fc=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.23.0 h1:ad0vkEBuk23VJzZR9nkLVG0YAoN9coASF1GusYX6AlU=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.23.0/go.mod h1:igFoXX2ELCW06bol23DWPB5BEWfZISOzSP5K2sbLea0=
+github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
+github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
+github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
+github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4=
+github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY=
+github.com/invopop/yaml v0.3.1 h1:f0+ZpmhfBSS4MhG+4HYseMdJhoeeopbSKbq5Rpeelso=
+github.com/invopop/yaml v0.3.1/go.mod h1:PMOp3nn4/12yEZUFfmOuNHJsZToEEOwoWsT+D81KkeA=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
+github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -45,21 +79,59 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
+github.com/perimeterx/marshmallow v1.1.5 h1:a2LALqQ1BlHM8PZblsDdidgv1mWi1DgC2UmX50IvK2s=
+github.com/perimeterx/marshmallow v1.1.5/go.mod h1:dsXbUu8CRzfYP5a87xpp0xq9S3u0Vchtcl8we9tYaXw=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
-github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
+github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
+github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
+github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
+github.com/prometheus/common v0.60.1 h1:FUas6GcOw66yB/73KC+BOZoFJmbo/1pojoILArPAaSc=
+github.com/prometheus/common v0.60.1/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw=
+github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
+github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+github.com/puzpuzpuz/xsync/v2 v2.5.1 h1:mVGYAvzDSu52+zaGyNjC+24Xw2bQi3kTr4QJ6N9pIIU=
+github.com/puzpuzpuz/xsync/v2 v2.5.1/go.mod h1:gD2H2krq/w52MfPLE+Uy64TzJDVY7lP2znR9qmR35kU=
+github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
+github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
+github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+go.opentelemetry.io/otel v1.32.0 h1:WnBN+Xjcteh0zdk01SVqV55d/m62NJLJdIyb4y/WO5U=
+go.opentelemetry.io/otel v1.32.0/go.mod h1:00DCVSB0RQcnzlwyTfqtxSm+DRr9hpYrHjNGiBHVQIg=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.32.0 h1:IJFEoHiytixx8cMiVAO+GmHR6Frwu+u5Ur8njpFO6Ac=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.32.0/go.mod h1:3rHrKNtLIoS0oZwkY2vxi+oJcwFRWdtUyRII+so45p8=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.32.0 h1:9kV11HXBHZAvuPUZxmMWrH8hZn/6UnHX4K0mu36vNsU=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.32.0/go.mod h1:JyA0FHXe22E1NeNiHmVp7kFHglnexDQ7uRWDiiJ1hKQ=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.31.0 h1:lUsI2TYsQw2r1IASwoROaCnjdj2cvC2+Jbxvk6nHnWU=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.31.0/go.mod h1:2HpZxxQurfGxJlJDblybejHB6RX6pmExPNe517hREw4=
+go.opentelemetry.io/otel/metric v1.32.0 h1:xV2umtmNcThh2/a/aCP+h64Xx5wsj8qqnkYZktzNa0M=
+go.opentelemetry.io/otel/metric v1.32.0/go.mod h1:jH7CIbbK6SH2V2wE16W05BHCtIDzauciCRLoc/SyMv8=
+go.opentelemetry.io/otel/sdk v1.32.0 h1:RNxepc9vK59A8XsgZQouW8ue8Gkb4jpWtJm9ge5lEG4=
+go.opentelemetry.io/otel/sdk v1.32.0/go.mod h1:LqgegDBjKMmb2GC6/PrTnteJG39I8/vJCAP9LlJXEjU=
+go.opentelemetry.io/otel/trace v1.32.0 h1:WIC9mYrXf8TmY/EXuULKc8hR17vE+Hjv2cssQDe03fM=
+go.opentelemetry.io/otel/trace v1.32.0/go.mod h1:+i4rkvCraA+tG6AzwloGaCtkx53Fa+L+V8e9a7YvhT8=
+go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0=
+go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@@ -69,18 +141,26 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
-golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
+golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
+golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
+golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24=
+golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
-golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
+golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
+golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
+golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
@@ -89,8 +169,16 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw=
+gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY=
+google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28 h1:M0KvPgPmDZHPlbRbaNU1APr28TvwvvdUPlSv7PUvy8g=
+google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28/go.mod h1:dguCy7UOdZhTvLzDyt15+rOrawrpM4q7DD9dQ1P11P4=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28 h1:XVhgTWWV3kGQlwJHR3upFWZeTsei6Oks1apkZSeonIE=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI=
+google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E=
+google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA=
+google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
+google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
@@ -101,8 +189,14 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+k8s.io/api v0.31.1 h1:Xe1hX/fPW3PXYYv8BlozYqw63ytA92snr96zMW9gWTU=
+k8s.io/api v0.31.1/go.mod h1:sbN1g6eY6XVLeqNsZGLnI5FwVseTrZX7Fv3O26rhAaI=
+k8s.io/apiextensions-apiserver v0.31.1 h1:L+hwULvXx+nvTYX/MKM3kKMZyei+UiSXQWciX/N6E40=
+k8s.io/apiextensions-apiserver v0.31.1/go.mod h1:tWMPR3sgW+jsl2xm9v7lAyRF1rYEK71i9G5dRtkknoQ=
 k8s.io/apimachinery v0.31.1 h1:mhcUBbj7KUjaVhyXILglcVjuS4nYXiwC+KKFBgIVy7U=
 k8s.io/apimachinery v0.31.1/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo=
+k8s.io/client-go v0.31.1 h1:f0ugtWSbWpxHR7sjVpQwuvw9a3ZKLXX0u0itkFXufb0=
+k8s.io/client-go v0.31.1/go.mod h1:sKI8871MJN2OyeqRlmA4W4KM9KBdBUpDLu/43eGemCg=
 k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
 k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=
@@ -5,6 +5,8 @@ externalName: {
 	group: "playlist"
 	apiResource: {
 		groupOverride: "playlist.grafana.app"
+		mutation: operations:  ["create","update"]
+		validation: operations:  ["create","update"]
 	}
 	codegen: {
 		frontend: false
@@ -0,0 +1,64 @@
+//
+// This file is generated by grafana-app-sdk
+// DO NOT EDIT
+//
+
+package apis
+
+import (
+	"encoding/json"
+
+	"github.com/grafana/grafana-app-sdk/app"
+)
+
+var (
+	rawSchemaPlaylistv0alpha1     = []byte(`{"spec":{"properties":{"interval":{"type":"string"},"items":{"items":{"properties":{"type":{"description":"type of the item.","enum":["dashboard_by_tag","dashboard_by_uid","dashboard_by_id"],"type":"string"},"value":{"description":"Value depends on type and describes the playlist item.\n - dashboard_by_id: The value is an internal numerical identifier set by Grafana. This\n is not portable as the numerical identifier is non-deterministic between different instances.\n Will be replaced by dashboard_by_uid in the future. (deprecated)\n - dashboard_by_tag: The value is a tag which is set on any number of dashboards. All\n dashboards behind the tag will be added to the playlist.\n - dashboard_by_uid: The value is the dashboard UID","type":"string"}},"required":["type","value"],"type":"object"},"type":"array"},"title":{"type":"string"}},"required":["title","interval","items"],"type":"object"},"status":{"properties":{"additionalFields":{"description":"additionalFields is reserved for future use","type":"object","x-kubernetes-preserve-unknown-fields":true},"operatorStates":{"additionalProperties":{"properties":{"descriptiveState":{"description":"descriptiveState is an optional more descriptive state field which has no requirements on format","type":"string"},"details":{"description":"details contains any extra information that is operator-specific","type":"object","x-kubernetes-preserve-unknown-fields":true},"lastEvaluation":{"description":"lastEvaluation is the ResourceVersion last evaluated","type":"string"},"state":{"description":"state describes the state of the lastEvaluation.\nIt is limited to three possible states for machine evaluation.","enum":["success","in_progress","failed"],"type":"string"}},"required":["lastEvaluation","state"],"type":"object"},"description":"operatorStates is a map of operator ID to operator state evaluations.\nAny operator which consumes this kind SHOULD add its state evaluation information to this field.","type":"object"}},"type":"object","x-kubernetes-preserve-unknown-fields":true}}`)
+	versionSchemaPlaylistv0alpha1 app.VersionSchema
+	_                             = json.Unmarshal(rawSchemaPlaylistv0alpha1, &versionSchemaPlaylistv0alpha1)
+)
+
+var appManifestData = app.ManifestData{
+	AppName: "playlist",
+	Group:   "playlist.grafana.app",
+	Kinds: []app.ManifestKind{
+		{
+			Kind:       "Playlist",
+			Scope:      "Namespaced",
+			Conversion: false,
+			Versions: []app.ManifestKindVersion{
+				{
+					Name: "v0alpha1",
+					Admission: &app.AdmissionCapabilities{
+						Validation: &app.ValidationCapability{
+							Operations: []app.AdmissionOperation{
+								app.AdmissionOperationCreate,
+								app.AdmissionOperationUpdate,
+							},
+						},
+						Mutation: &app.MutationCapability{
+							Operations: []app.AdmissionOperation{
+								app.AdmissionOperationCreate,
+								app.AdmissionOperationUpdate,
+							},
+						},
+					},
+					Schema: &versionSchemaPlaylistv0alpha1,
+				},
+			},
+		},
+	},
+}
+
+func jsonToMap(j string) map[string]any {
+	m := make(map[string]any)
+	json.Unmarshal([]byte(j), &j)
+	return m
+}
+
+func LocalManifest() app.Manifest {
+	return app.NewEmbeddedManifest(appManifestData)
+}
+
+func RemoteManifest() app.Manifest {
+	return app.NewAPIServerManifest("playlist")
+}
@@ -65,12 +65,13 @@ func (o *Playlist) SetSubresource(name string, value any) error {
 }

 func (o *Playlist) GetStaticMetadata() resource.StaticMetadata {
+	gvk := o.GroupVersionKind()
 	return resource.StaticMetadata{
 		Name:      o.ObjectMeta.Name,
 		Namespace: o.ObjectMeta.Namespace,
-		Group:     o.GroupVersionKind().Group,
-		Version:   o.GroupVersionKind().Version,
-		Kind:      o.GroupVersionKind().Kind,
+		Group:     gvk.Group,
+		Version:   gvk.Version,
+		Kind:      gvk.Kind,
 	}
 }

@@ -12,17 +12,17 @@ import (

 func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
 	return map[string]common.OpenAPIDefinition{
-		"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.Playlist":                    schema_playlist_apis_playlist_v0alpha1_Playlist(ref),
-		"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistItem":                schema_playlist_apis_playlist_v0alpha1_PlaylistItem(ref),
-		"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistList":                schema_playlist_apis_playlist_v0alpha1_PlaylistList(ref),
-		"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistOperatorState":       schema_playlist_apis_playlist_v0alpha1_PlaylistOperatorState(ref),
-		"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistSpec":                schema_playlist_apis_playlist_v0alpha1_PlaylistSpec(ref),
-		"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistStatus":              schema_playlist_apis_playlist_v0alpha1_PlaylistStatus(ref),
-		"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlayliststatusOperatorState": schema_playlist_apis_playlist_v0alpha1_PlayliststatusOperatorState(ref),
+		"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.Playlist":                    schema_pkg_apis_playlist_v0alpha1_Playlist(ref),
+		"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistItem":                schema_pkg_apis_playlist_v0alpha1_PlaylistItem(ref),
+		"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistList":                schema_pkg_apis_playlist_v0alpha1_PlaylistList(ref),
+		"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistOperatorState":       schema_pkg_apis_playlist_v0alpha1_PlaylistOperatorState(ref),
+		"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistSpec":                schema_pkg_apis_playlist_v0alpha1_PlaylistSpec(ref),
+		"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistStatus":              schema_pkg_apis_playlist_v0alpha1_PlaylistStatus(ref),
+		"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlayliststatusOperatorState": schema_pkg_apis_playlist_v0alpha1_PlayliststatusOperatorState(ref),
 	}
 }

-func schema_playlist_apis_playlist_v0alpha1_Playlist(ref common.ReferenceCallback) common.OpenAPIDefinition {
+func schema_pkg_apis_playlist_v0alpha1_Playlist(ref common.ReferenceCallback) common.OpenAPIDefinition {
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
@@ -51,13 +51,13 @@ func schema_playlist_apis_playlist_v0alpha1_Playlist(ref common.ReferenceCallbac
 					"spec": {
 						SchemaProps: spec.SchemaProps{
 							Default: map[string]interface{}{},
-							Ref:     ref("github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistSpec"),
+							Ref:     ref("github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistSpec"),
 						},
 					},
 					"status": {
 						SchemaProps: spec.SchemaProps{
 							Default: map[string]interface{}{},
-							Ref:     ref("github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistStatus"),
+							Ref:     ref("github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistStatus"),
 						},
 					},
 				},
@@ -65,11 +65,11 @@ func schema_playlist_apis_playlist_v0alpha1_Playlist(ref common.ReferenceCallbac
 			},
 		},
 		Dependencies: []string{
-			"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistSpec", "github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+			"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistSpec", "github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 	}
 }

-func schema_playlist_apis_playlist_v0alpha1_PlaylistItem(ref common.ReferenceCallback) common.OpenAPIDefinition {
+func schema_pkg_apis_playlist_v0alpha1_PlaylistItem(ref common.ReferenceCallback) common.OpenAPIDefinition {
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
@@ -99,7 +99,7 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistItem(ref common.ReferenceCal
 	}
 }

-func schema_playlist_apis_playlist_v0alpha1_PlaylistList(ref common.ReferenceCallback) common.OpenAPIDefinition {
+func schema_pkg_apis_playlist_v0alpha1_PlaylistList(ref common.ReferenceCallback) common.OpenAPIDefinition {
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
@@ -132,7 +132,7 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistList(ref common.ReferenceCal
 								Schema: &spec.Schema{
 									SchemaProps: spec.SchemaProps{
 										Default: map[string]interface{}{},
-										Ref:     ref("github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.Playlist"),
+										Ref:     ref("github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.Playlist"),
 									},
 								},
 							},
@@ -143,11 +143,11 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistList(ref common.ReferenceCal
 			},
 		},
 		Dependencies: []string{
-			"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.Playlist", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+			"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.Playlist", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 	}
 }

-func schema_playlist_apis_playlist_v0alpha1_PlaylistOperatorState(ref common.ReferenceCallback) common.OpenAPIDefinition {
+func schema_pkg_apis_playlist_v0alpha1_PlaylistOperatorState(ref common.ReferenceCallback) common.OpenAPIDefinition {
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
@@ -199,7 +199,7 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistOperatorState(ref common.Ref
 	}
 }

-func schema_playlist_apis_playlist_v0alpha1_PlaylistSpec(ref common.ReferenceCallback) common.OpenAPIDefinition {
+func schema_pkg_apis_playlist_v0alpha1_PlaylistSpec(ref common.ReferenceCallback) common.OpenAPIDefinition {
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
@@ -220,7 +220,7 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistSpec(ref common.ReferenceCal
 								Schema: &spec.Schema{
 									SchemaProps: spec.SchemaProps{
 										Default: map[string]interface{}{},
-										Ref:     ref("github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistItem"),
+										Ref:     ref("github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistItem"),
 									},
 								},
 							},
@@ -238,11 +238,11 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistSpec(ref common.ReferenceCal
 			},
 		},
 		Dependencies: []string{
-			"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlaylistItem"},
+			"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlaylistItem"},
 	}
 }

-func schema_playlist_apis_playlist_v0alpha1_PlaylistStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
+func schema_pkg_apis_playlist_v0alpha1_PlaylistStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
@@ -273,7 +273,7 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistStatus(ref common.ReferenceC
 								Schema: &spec.Schema{
 									SchemaProps: spec.SchemaProps{
 										Default: map[string]interface{}{},
-										Ref:     ref("github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlayliststatusOperatorState"),
+										Ref:     ref("github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlayliststatusOperatorState"),
 									},
 								},
 							},
@@ -283,11 +283,11 @@ func schema_playlist_apis_playlist_v0alpha1_PlaylistStatus(ref common.ReferenceC
 			},
 		},
 		Dependencies: []string{
-			"github.com/grafana/grafana/apps/playlist/apis/playlist/v0alpha1.PlayliststatusOperatorState"},
+			"github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1.PlayliststatusOperatorState"},
 	}
 }

-func schema_playlist_apis_playlist_v0alpha1_PlayliststatusOperatorState(ref common.ReferenceCallback) common.OpenAPIDefinition {
+func schema_pkg_apis_playlist_v0alpha1_PlayliststatusOperatorState(ref common.ReferenceCallback) common.OpenAPIDefinition {
 	return common.OpenAPIDefinition{
 		Schema: spec.Schema{
 			SchemaProps: spec.SchemaProps{
@@ -0,0 +1,87 @@
+package app
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/grafana/grafana-app-sdk/app"
+	"github.com/grafana/grafana-app-sdk/operator"
+	"github.com/grafana/grafana-app-sdk/resource"
+	"github.com/grafana/grafana-app-sdk/simple"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/klog/v2"
+
+	playlistv0alpha1 "github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1"
+	"github.com/grafana/grafana/apps/playlist/pkg/watchers"
+)
+
+type PlaylistConfig struct {
+	EnableWatchers bool
+}
+
+func New(cfg app.Config) (app.App, error) {
+	var (
+		playlistWatcher operator.ResourceWatcher
+		err             error
+	)
+
+	playlistConfig, ok := cfg.SpecificConfig.(*PlaylistConfig)
+	if ok && playlistConfig.EnableWatchers {
+		playlistWatcher, err = watchers.NewPlaylistWatcher()
+		if err != nil {
+			return nil, fmt.Errorf("unable to create PlaylistWatcher: %w", err)
+		}
+	}
+
+	simpleConfig := simple.AppConfig{
+		Name:       "playlist",
+		KubeConfig: cfg.KubeConfig,
+		InformerConfig: simple.AppInformerConfig{
+			ErrorHandler: func(ctx context.Context, err error) {
+				klog.ErrorS(err, "Informer processing error")
+			},
+		},
+		ManagedKinds: []simple.AppManagedKind{
+			{
+				Kind:    playlistv0alpha1.PlaylistKind(),
+				Watcher: playlistWatcher,
+				Mutator: &simple.Mutator{
+					MutateFunc: func(ctx context.Context, req *app.AdmissionRequest) (*app.MutatingResponse, error) {
+						// modify req.Object if needed
+						return &app.MutatingResponse{
+							UpdatedObject: req.Object,
+						}, nil
+					},
+				},
+				Validator: &simple.Validator{
+					ValidateFunc: func(ctx context.Context, req *app.AdmissionRequest) error {
+						// do something here if needed
+						return nil
+					},
+				},
+			},
+		},
+	}
+
+	a, err := simple.NewApp(simpleConfig)
+	if err != nil {
+		return nil, err
+	}
+
+	err = a.ValidateManifest(cfg.ManifestData)
+	if err != nil {
+		return nil, err
+	}
+
+	return a, nil
+}
+
+func GetKinds() map[schema.GroupVersion]resource.Kind {
+	gv := schema.GroupVersion{
+		Group:   playlistv0alpha1.PlaylistKind().Group(),
+		Version: playlistv0alpha1.PlaylistKind().Version(),
+	}
+	return map[schema.GroupVersion]resource.Kind{
+		gv: playlistv0alpha1.PlaylistKind(),
+	}
+}
@@ -0,0 +1,75 @@
+package watchers
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/grafana/grafana-app-sdk/operator"
+	"github.com/grafana/grafana-app-sdk/resource"
+	"k8s.io/klog/v2"
+
+	playlist "github.com/grafana/grafana/apps/playlist/pkg/apis/playlist/v0alpha1"
+)
+
+var _ operator.ResourceWatcher = &PlaylistWatcher{}
+
+type PlaylistWatcher struct{}
+
+func NewPlaylistWatcher() (*PlaylistWatcher, error) {
+	return &PlaylistWatcher{}, nil
+}
+
+// Add handles add events for playlist.Playlist resources.
+func (s *PlaylistWatcher) Add(ctx context.Context, rObj resource.Object) error {
+	object, ok := rObj.(*playlist.Playlist)
+	if !ok {
+		return fmt.Errorf("provided object is not of type *playlist.Playlist (name=%s, namespace=%s, kind=%s)",
+			rObj.GetStaticMetadata().Name, rObj.GetStaticMetadata().Namespace, rObj.GetStaticMetadata().Kind)
+	}
+
+	klog.InfoS("Added resource", "name", object.GetStaticMetadata().Identifier().Name)
+	return nil
+}
+
+// Update handles update events for playlist.Playlist resources.
+func (s *PlaylistWatcher) Update(ctx context.Context, rOld resource.Object, rNew resource.Object) error {
+	oldObject, ok := rOld.(*playlist.Playlist)
+	if !ok {
+		return fmt.Errorf("provided object is not of type *playlist.Playlist (name=%s, namespace=%s, kind=%s)",
+			rOld.GetStaticMetadata().Name, rOld.GetStaticMetadata().Namespace, rOld.GetStaticMetadata().Kind)
+	}
+
+	_, ok = rNew.(*playlist.Playlist)
+	if !ok {
+		return fmt.Errorf("provided object is not of type *playlist.Playlist (name=%s, namespace=%s, kind=%s)",
+			rNew.GetStaticMetadata().Name, rNew.GetStaticMetadata().Namespace, rNew.GetStaticMetadata().Kind)
+	}
+
+	klog.InfoS("Updated resource", "name", oldObject.GetStaticMetadata().Identifier().Name)
+	return nil
+}
+
+// Delete handles delete events for playlist.Playlist resources.
+func (s *PlaylistWatcher) Delete(ctx context.Context, rObj resource.Object) error {
+	object, ok := rObj.(*playlist.Playlist)
+	if !ok {
+		return fmt.Errorf("provided object is not of type *playlist.Playlist (name=%s, namespace=%s, kind=%s)",
+			rObj.GetStaticMetadata().Name, rObj.GetStaticMetadata().Namespace, rObj.GetStaticMetadata().Kind)
+	}
+
+	klog.InfoS("Deleted resource", "name", object.GetStaticMetadata().Identifier().Name)
+	return nil
+}
+
+// Sync is not a standard resource.Watcher function, but is used when wrapping this watcher in an operator.OpinionatedWatcher.
+// It handles resources which MAY have been updated during an outage period where the watcher was not able to consume events.
+func (s *PlaylistWatcher) Sync(ctx context.Context, rObj resource.Object) error {
+	object, ok := rObj.(*playlist.Playlist)
+	if !ok {
+		return fmt.Errorf("provided object is not of type *playlist.Playlist (name=%s, namespace=%s, kind=%s)",
+			rObj.GetStaticMetadata().Name, rObj.GetStaticMetadata().Namespace, rObj.GetStaticMetadata().Kind)
+	}
+
+	klog.InfoS("Possible resource update", "name", object.GetStaticMetadata().Identifier().Name)
+	return nil
+}
@@ -316,6 +316,9 @@ feedback_links_enabled = true
 # Static context that is being added to analytics events
 reporting_static_context =

+# Logs interaction events to the browser javascript console, intended for development only
+browser_console_reporter = false
+
 #################################### Security ############################
 [security]
 # disable creation of admin user on first start of grafana
@@ -403,8 +406,9 @@ angular_support_enabled = false
 # The CSRF check will be executed even if the request has no login cookie.
 csrf_always_check = false

-# Comma-separated list of plugins ids that won't be loaded inside the frontend sandbox
-disable_frontend_sandbox_for_plugins = grafana-incident-app
+# Comma-separated list of plugins ids that will be loaded inside the frontend sandbox
+# Currently behind the feature flag pluginsFrontendSandbox
+enable_frontend_sandbox_for_plugins =

 # Comma-separated list of paths for POST/PUT URL in actions. Empty will allow anything that is not on the same origin
 actions_allow_post_url =
@@ -553,7 +557,7 @@ token_expiration_day_limit =
 # Login cookie name
 login_cookie_name = grafana_session

-# Disable usage of Grafana build-in login solution.
+# Disable usage of Grafana's built-in login solution.
 disable_login = false

 # The maximum lifetime (duration) an authenticated user can be inactive before being required to login at next visit. Default is 7 days (7d). This setting should be expressed as a duration, e.g. 5m (minutes), 6h (hours), 10d (days), 2w (weeks), 1M (month). The lifetime resets at each successful token rotation (token_rotation_interval_minutes).
@@ -622,6 +626,11 @@ id_response_header_namespaces = user api-key service-account
 # This feature currently **only supports single-organization deployments**
 managed_service_accounts_enabled = false

+#################################### Passwordless Auth ###########################
+[auth.passwordless]
+enabled = false
+code_expiration = 20m
+
 #################################### SSO Settings ###########################
 [sso_settings]
 # interval for reloading the SSO Settings from the database
@@ -939,7 +948,7 @@ session_duration = "15m"

 # Set the plugins that will receive AWS settings for each request (via plugin context)
 # By default this will include all Grafana Labs owned AWS plugins, or those that make use of AWS settings (ElasticSearch, Prometheus).
-forward_settings_to_plugins = cloudwatch, grafana-athena-datasource, grafana-redshift-datasource, grafana-x-ray-datasource, grafana-timestream-datasource, grafana-iot-sitewise-datasource, grafana-iot-twinmaker-app, grafana-opensearch-datasource, aws-datasource-provisioner, elasticsearch, prometheus
+forward_settings_to_plugins = cloudwatch, grafana-athena-datasource, grafana-redshift-datasource, grafana-x-ray-datasource, grafana-timestream-datasource, grafana-iot-sitewise-datasource, grafana-iot-twinmaker-app, grafana-opensearch-datasource, aws-datasource-provisioner, elasticsearch, prometheus, grafana-amazonprometheus-datasource, grafana-aurora-datasource

 #################################### Azure ###############################
 [azure]
@@ -1125,6 +1134,9 @@ log_endpoint_requests_per_second_limit = 3
 # Max requests accepted per short interval of time for Grafana backend log ingestion endpoint (/log)
 log_endpoint_burst_limit = 15

+# Enables all Faro default instrumentation by using `getWebInstrumentations`. Overrides other instrumentation flags.
+instrumentations_all_enabled = false
+
 # Should error instrumentation be enabled, only affects Grafana Javascript Agent
 instrumentations_errors_enabled = true

@@ -1562,7 +1574,8 @@ enabled = true

 #################################### Short Links #############################
 [short_links]
-# Short links which are never accessed will be deleted as cleanup. Time is in days. Default is 7 days. Max is 365. 0 means they will be deleted approximately every 10 minutes.
+# Short links that are never accessed will be deleted as cleanup. Time is set up in days. The default is 7 days. Maximum value is 365.
+# 0 means they will be deleted approximately every 10 minutes. A negative value (such as -1) will disable expiration.
 expire_time = 7

 #################################### Internal Grafana Metrics ############
@@ -1748,7 +1761,8 @@ hide_angular_deprecation =
 # Comma separated list of plugin ids for which environment variables should be forwarded. Used only when feature flag pluginsSkipHostEnvVars is enabled.
 forward_host_env_vars =
 # Comma separated list of plugin ids to install as part of the startup process.
-preinstall = grafana-lokiexplore-app
+# By default, the following plugins will be preinstalled: "grafana-lokiexplore-app"
+preinstall =
 # Controls whether preinstall plugins asynchronously (in the background) or synchronously (blocking). Useful when preinstalled plugins are used with provisioning.
 preinstall_async = true
 # Disables preinstall feature. It has the same effect as setting preinstall to an empty list.
@@ -2020,3 +2034,6 @@ fail_tests_on_console = true
 # Whether or not to enable the MSW mock API, which intercepts requests and returns mock data
 # Should only be used for local development or demo purposes
 mock_api = false
+# Whether to enable betterer eslint rules for local development
+# Useful if you want to always see betterer rules that we're trying to fix so they're more prevalent
+betterer_eslint_rules = false
@@ -315,6 +315,9 @@
 # Static context that is being added to analytics events
 ;reporting_static_context = grafanaInstance=12, os=linux

+# Logs interaction events to the browser javascript console, intended for development only
+;browser_console_reporter = false
+
 #################################### Security ####################################
 [security]
 # disable creation of admin user on first start of grafana
@@ -408,8 +411,9 @@
 # The CSRF check will be executed even if the request has no login cookie.
 ;csrf_always_check = false

-# Comma-separated list of plugins ids that won't be loaded inside the frontend sandbox
-;disable_frontend_sandbox_for_plugins =
+# Comma-separated list of plugins ids that will be loaded inside the frontend sandbox
+# Currently behind the feature flag pluginsFrontendSandbox
+;enable_frontend_sandbox_for_plugins =

 # Comma-separated list of paths for POST/PUT URL in actions. Empty will allow anything that is not on the same origin
 ;actions_allow_post_url =
@@ -1118,6 +1122,9 @@
 # Max requests accepted per short interval of time for Grafana backend log ingestion endpoint (/log).
 ;log_endpoint_burst_limit = 15

+# Enables all Faro default instrumentation by using `getWebInstrumentations`. Overrides other instrumentation flags.
+;instrumentations_all_enabled = false
+
 # Should error instrumentation be enabled, only affects Grafana Javascript Agent
 ;instrumentations_errors_enabled = true

@@ -81,7 +81,7 @@ host = "localhost:1025"
 You can access the web UI at http://localhost:12080/#/

 ## Debugging setup in VS Code
-An example of launch.json is provided in `devenv/vscode/launch.json`. It basically does what Makefile and .bra.toml do. The 'program' field is set to the folder name so VS Code loads all *.go files in it instead of just main.go.
+An example of launch.json is provided in `.vscode/launch.json`. It basically does what Makefile and .bra.toml do. The 'program' field is set to the folder name so VS Code loads all *.go files in it instead of just main.go.

 ## Troubleshooting

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash

 echo "Deleting previous bulk folders"
 find ./bulk-folders -type d -name "Bulk Folder*" -exec rm -rf "{}" \;
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash

 blocks_dir=docker/blocks
 docker_dir=docker
@@ -321,3 +321,11 @@ datasources:
    access: proxy
    url: http://localhost:4040
    editable: false
+
+
+  - name: gdev-e2etestdatasource
+    type: grafana-e2etest-datasource
+    uid: gdev-e2etest-datasource
+    access: proxy
+    url: http://localhost:4040
+    editable: false
@@ -0,0 +1,33 @@
+# TLS Caddy Server
+
+Starts a [Caddy server](https://caddyserver.com/) with TLS configured.
+
+## Setup
+
+- Caddy is setup to run on port 2081, so when configuring the webhook receiver in Grafana Alerting you should use the
+following the following URL: `https://localhost:2081`
+- Also, Caddy is configured to use a self-signed certificate and to check the client certificate (`require_and_verify` mode)
+- Caddy is setup to log requests and has debug mode enabled to make it easier to investigate possible issues
+
+## TLS Certificates
+
+If you want to configure a webhook contact point in Grafana Alerting with TLS, you need to provide a certificate and key.
+
+You can find them in `/etc/caddy` directory in the container:
+
+``` shell
+docker exec devenv-caddy_tls-1 ls /etc/caddy/
+```
+
+### CA Certificate
+
+``` shell
+docker exec devenv-caddy_tls-1 cat /etc/caddy/ca.pem
+```
+
+### Client certificates
+
+``` shell
+docker exec devenv-caddy_tls-1 cat /etc/caddy/client.pem
+docker exec devenv-caddy_tls-1 cat /etc/caddy/client.key
+```
@@ -0,0 +1,14 @@
+{
+    debug
+}
+
+localhost:2081 {
+    log
+    tls /etc/caddy/server.pem /etc/caddy/server.key {
+      ca_root /etc/caddy/ca.pem
+      client_auth {
+        mode require_and_verify
+        trust_pool file /etc/caddy/client.pem /etc/caddy/ca.pem
+      }
+    }
+}
@@ -0,0 +1,12 @@
+FROM caddy:2.8.4-alpine
+
+WORKDIR /etc/caddy
+EXPOSE 2081
+
+COPY Caddyfile ./Caddyfile
+COPY san.cnf ./san.cnf
+COPY gen_certs.sh ./gen_certs.sh
+
+RUN apk update && apk upgrade --no-cache && apk add openssl
+
+RUN ./gen_certs.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+DAYS_VALID=3650
+
+# Create CA certificate
+openssl genpkey -algorithm RSA -out ca.key
+openssl req -new -x509 -days $DAYS_VALID -key ca.key -out ca.pem -subj "/CN=My CA"
+
+# Create server certificate
+openssl genpkey -algorithm RSA -out server.key
+openssl req -new -key server.key -out server.csr -subj "/CN=localhost"
+openssl x509 -req -days $DAYS_VALID -in server.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out server.pem -extfile san.cnf -extensions v3_req
+
+# Create client key and certificate
+openssl genpkey -algorithm RSA -out client.key
+openssl req -new -key client.key -out client.csr -subj "/CN=Client"
+openssl x509 -req -days $DAYS_VALID -in client.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out client.pem -extfile san.cnf -extensions v3_req
@@ -0,0 +1,7 @@
+[ v3_req ]
+subjectAltName = @alt_names
+
+[ alt_names ]
+DNS.1 = localhost
+IP.1 = 127.0.0.1
+IP.2 = ::1
@@ -0,0 +1,5 @@
+  caddy_tls:
+    build:
+      context: docker/blocks/caddy_tls/build
+    ports:
+      - "2081:2081"
@@ -1,6 +1,6 @@
 FROM    ubuntu:xenial

-ENV     DEBIAN_FRONTEND noninteractive
+ENV     DEBIAN_FRONTEND=noninteractive

 RUN     apt-get -y update
 RUN     apt-get -y install collectd curl python-pip
@@ -150,7 +150,8 @@ function getRandomLogItem(counter, timestamp) {
    value: counter,
    metric: chooseRandomElement(['cpu', 'memory', 'latency']),
    description: "this is description",
-    slash: "Access to the path '\\\\tkasnpo\\KASNPO\\Files\\contacts.xml' is denied."
+    slash: "Access to the path '\\\\tkasnpo\\KASNPO\\Files\\contacts.xml' is denied.",
+    url: "/foo/blah"
  };
 }

@@ -1,9 +1,10 @@
  mimir_backend:
-    image: grafana/mimir-alpine:r304-3872ccb
+    image: grafana/mimir-alpine:r316-55f47f8
    container_name: mimir_backend
    command:
      - -target=backend
      - -alertmanager.grafana-alertmanager-compatibility-enabled
+      - -alertmanager.utf8-strict-mode-enabled
  nginx:
    environment:
      - NGINX_ENVSUBST_OUTPUT_DIR=/etc/nginx
@@ -15,6 +15,6 @@ require (
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.55.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
-	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
 	google.golang.org/protobuf v1.34.2 // indirect
 )
@@ -20,7 +20,7 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
 github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
 golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 h1:kx6Ds3MlpiUHKj7syVnbp57++8WpuKPcR5yjLBjvLEA=
 golang.org/x/exp v0.0.0-20240823005443-9b4947da3948/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ=
-golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
-golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
+golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
 google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
@@ -2,18 +2,18 @@ FROM centos:6.6

 RUN yum install -y initscripts curl tar gcc libc6-dev git

-ENV GOLANG_VERSION 1.4.2
+ENV GOLANG_VERSION=1.4.2

 RUN curl -sSL https://golang.org/dl/go$GOLANG_VERSION.src.tar.gz \
 		| tar -v -C /usr/src -xz

 RUN cd /usr/src/go/src && ./make.bash --no-clean 2>&1

-ENV PATH /usr/src/go/bin:$PATH
+ENV PATH=/usr/src/go/bin:$PATH

 RUN mkdir -p /go/src /go/bin && chmod -R 777 /go
-ENV GOPATH /go
-ENV PATH /go/bin:$PATH
+ENV GOPATH=/go
+ENV PATH=/go/bin:$PATH

 WORKDIR /go/src/github.com/grafana/grafana

@@ -7,6 +7,6 @@ WORKDIR /go/src/webhook
 RUN mkdir /tmp/logs
 RUN go build -o /bin webhook-listener.go

-ENV PORT 8080
+ENV PORT=8080

 ENTRYPOINT [ "/bin/webhook-listener" ]
@@ -0,0 +1,24 @@
+server {
+	root /data;
+	autoindex on;
+
+	location / {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '$http_origin' always;
+			add_header 'Access-Control-Allow-Credentials' 'true' always;
+			add_header 'Access-Control-Allow-Headers' '*' always;
+			add_header 'Access-Control-Allow-Methods' '*';
+			# add_header 'Access-Control-Max-Age' 1728000;
+			add_header 'Content-Type' 'text/plain; charset=utf-8';
+			add_header 'Content-Length' 0;
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '$http_origin' always;
+		add_header 'Access-Control-Allow-Methods' '*' always;
+		add_header 'Access-Control-Allow-Headers' '*' always;
+		add_header 'Access-Control-Allow-Credentials' 'true' always;
+
+		rewrite ^/grafana-oss/11.4.0-pre/public(.*)$ $1 last;
+	}
+}
@@ -0,0 +1,11 @@
+version: '2'
+
+services:
+  grafana_local_cdn:
+    image: nginx:alpine
+    container_name: grafana_local_cdn
+    ports:
+      - "8080:80"
+    volumes:
+      - ../../public:/data
+      - ./default.conf:/etc/nginx/conf.d/default.conf
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash

 bulkDashboard() {

@@ -1,21 +0,0 @@
-{
-  // Use IntelliSense to learn about possible attributes.
-  // Hover to view descriptions of existing attributes.
-  // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
-  "version": "0.2.0",
-  "configurations": [
-    {
-      "name": "grafana-server",
-      "type": "go",
-      "request": "launch",
-      "mode": "auto",
-      "program": "${workspaceFolder}/pkg/cmd/grafana-server",
-      "env": {},
-      "args": [
-          "--homepath=${workspaceFolder}",
-          "--packaging=dev",
-          "cfg:app_mode=development",
-      ]
-  }
-  ]
-}
@@ -0,0 +1,6 @@
+aks
+eror
+iam
+wan
+[Operato Windrose](https://grafana.com/grafana/plugins/operato-windrose-panel/)
+sergent
@@ -1,6 +1,4 @@
 #!/bin/sh
-# shellcheck disable=SC2034
-#
 # The source of this file is https://raw.githubusercontent.com/grafana/writers-toolkit/main/docs/make-docs.
 # # `make-docs` procedure changelog
 #
@@ -8,26 +6,6 @@
 # [Semantic versioning](https://semver.org/) is used to help the reader identify the significance of changes.
 # Changes are relevant to this script and the support docs.mk GNU Make interface.
 #
-# ## 8.4.0 (2025-01-27)
-#
-# ### Fixed
-#
-# - Correct mount for the /docs/grafana-cloud/send-data/fleet-management/ project.
-#
-# ## 8.3.0 (2024-12-27)
-#
-# ### Added
-#
-# - Debug output of the final command when DEBUG=true.
-#
-#   Useful to inspect if the script is correctly constructing the final command.
-#
-# ## 8.2.0 (2024-12-22)
-#
-# ### Removed
-#
-# - Special cases for Oracle and Datadog plugins now that they exist in the plugins monorepo.
-#
 # ## 8.1.0 (2024-08-22)
 #
 # ### Added
@@ -35,7 +13,7 @@
 # - Additional website mounts for projects that use the website repository.
 #
 #   Mounts are required for `make docs` to work in the website repository or with the website project.
-#   The Makefile is also mounted for convenient development of the procedure in that repository.
+#   The Makefile is also mounted for convenient development of the procedure that repository.
 #
 # ## 8.0.1 (2024-07-01)
 #
@@ -312,7 +290,6 @@ PODMAN="$(if command -v podman >/dev/null 2>&1; then echo podman; else echo dock

 if ! command -v curl >/dev/null 2>&1; then
  if ! command -v wget >/dev/null 2>&1; then
-    # shellcheck disable=SC2016
    errr 'either `curl` or `wget` must be installed for this script to work.'

    exit 1
@@ -320,7 +297,6 @@ if ! command -v curl >/dev/null 2>&1; then
 fi

 if ! command -v "${PODMAN}" >/dev/null 2>&1; then
-  # shellcheck disable=SC2016
  errr 'either `podman` or `docker` must be installed for this script to work.'

  exit 1
@@ -367,10 +343,6 @@ EOF
  exit 1
 fi

-# The following variables comprise a pseudo associative array of project names to source repositories.
-# You only need to set a SOURCES variable if the project name does not match the source repository name.
-# You can get a key identifier using the `identifier` function.
-# To look up the value of any pseudo associative array, use the `aget` function.
 SOURCES_as_code='as-code-docs'
 SOURCES_enterprise_metrics='backend-enterprise'
 SOURCES_enterprise_metrics_='backend-enterprise'
@@ -380,16 +352,13 @@ SOURCES_grafana_cloud_alerting_and_irm_slo='slo'
 SOURCES_grafana_cloud_k6='k6-docs'
 SOURCES_grafana_cloud_data_configuration_integrations='cloud-onboarding'
 SOURCES_grafana_cloud_frontend_observability_faro_web_sdk='faro-web-sdk'
-SOURCES_grafana_cloud_send_data_fleet_management='fleet-management'
 SOURCES_helm_charts_mimir_distributed='mimir'
 SOURCES_helm_charts_tempo_distributed='tempo'
 SOURCES_opentelemetry='opentelemetry-docs'
+SOURCES_plugins_grafana_datadog_datasource='datadog-datasource'
+SOURCES_plugins_grafana_oracle_datasource='oracle-datasource'
 SOURCES_resources='website'

-# The following variables comprise a pseudo associative array of project names to versions.
-# You only need to set a VERSIONS variable if it is not the default of 'latest'.
-# You can get a key identifier using the `identifier` function.
-# To look up the value of any pseudo associative array, use the `aget` function.
 VERSIONS_as_code='UNVERSIONED'
 VERSIONS_grafana_cloud='UNVERSIONED'
 VERSIONS_grafana_cloud_alerting_and_irm_machine_learning='UNVERSIONED'
@@ -397,21 +366,20 @@ VERSIONS_grafana_cloud_alerting_and_irm_slo='UNVERSIONED'
 VERSIONS_grafana_cloud_k6='UNVERSIONED'
 VERSIONS_grafana_cloud_data_configuration_integrations='UNVERSIONED'
 VERSIONS_grafana_cloud_frontend_observability_faro_web_sdk='UNVERSIONED'
-VERSIONS_grafana_cloud_send_data_fleet_management='UNVERSIONED'
 VERSIONS_opentelemetry='UNVERSIONED'
+VERSIONS_plugins_grafana_datadog_datasource='latest'
+VERSIONS_plugins_grafana_oracle_datasource='latest'
 VERSIONS_resources='UNVERSIONED'
 VERSIONS_technical_documentation='UNVERSIONED'
 VERSIONS_website='UNVERSIONED'
 VERSIONS_writers_toolkit='UNVERSIONED'

-# The following variables comprise a pseudo associative array of project names to source repository paths.
-# You only need to set a PATHS variable if it is not the default of 'docs/sources'.
-# You can get a key identifier using the `identifier` function.
-# To look up the value of any pseudo associative array, use the `aget` function.
 PATHS_grafana_cloud='content/docs/grafana-cloud'
 PATHS_helm_charts_mimir_distributed='docs/sources/helm-charts/mimir-distributed'
 PATHS_helm_charts_tempo_distributed='docs/sources/helm-charts/tempo-distributed'
 PATHS_mimir='docs/sources/mimir'
+PATHS_plugins_grafana_datadog_datasource='docs/sources'
+PATHS_plugins_grafana_oracle_datasource='docs/sources'
 PATHS_resources='content'
 PATHS_tempo='docs/sources/tempo'
 PATHS_website='content'
@@ -663,7 +631,7 @@ POSIX_HERESTRING

    case "${_project}" in
      # Workaround for arbitrary mounts where the version field is expected to be the local directory
-     # and the repo field is expected to be the container directory.
+      # and the repo field is expected to be the container directory.
      arbitrary)
        echo "${_project}^${_version}^${_repo}^" # TODO
        ;;
@@ -833,16 +801,10 @@ case "${image}" in
                | sed "s#$(proj_dst "${proj}")#sources#"
 EOF

-    if [ -n "${DEBUG}" ]; then
-      debg "${cmd}"
-    fi
-
    case "${OUTPUT_FORMAT}" in
      human)
        if ! command -v jq >/dev/null 2>&1; then
-          # shellcheck disable=SC2016
          errr '`jq` must be installed for the `doc-validator` target to work.'
-          # shellcheck disable=SC2016
          note 'To install `jq`, refer to https://jqlang.github.io/jq/download/,'

          exit 1
@@ -875,10 +837,6 @@ EOF
                /hugo/content/docs
 EOF

-    if [ -n "${DEBUG}" ]; then
-      debg "${cmd}"
-    fi
-
    case "${OUTPUT_FORMAT}" in
      human)
        ${cmd} --output=line \
@@ -15,8 +15,6 @@ weight: 250

 LBAC for data sources is available in private preview on Grafana Cloud for Loki created with basic authentication. Loki data sources for LBAC for data sources can only be created, provisioning is currently not available.

-You cannot configure LBAC rules for Grafana-provisioned data sources from the UI. Alternatively, you can replicate the setting of the provisioned data source in a new data source as described in [LBAC Configuration for New Loki Data Source](https://grafana.com/docs/grafana/latest/administration/data-source-management/teamlbac/configure-teamlbac-for-loki/#task-1-lbac-configuration-for-new-loki-data-source) and then add the LBAC configuration to the new data source.
-
 ## Before you begin

 To be able to use LBAC for data sources rules, you need to enable the feature toggle `teamHttpHeaders` on your Grafana instance. Contact support to enable the feature toggle for you.
@@ -234,7 +234,7 @@ To determine the number of active users:

 A tiered license defines dashboard viewers, and dashboard editors and administrators, as two distinct user types that each have their own user limit.

-As of Grafana Enterprise version 9.0, Grafana only counts and enforces the _total_ number of active users in your Grafana instance. For example, if you purchase 150 active users, you can have 20 admins, 70 editors, and 60 viewers, or you can have 150 admins. Grafana will enforce the total number of active users even if you use a license that grants a specific number of admins or editors and a certain number of viewers. This is a more permissive policy than before, which gives you the flexibility to change users' roles.
+Grafana only counts and enforces the _total_ number of active users in your Grafana instance. For example, if you purchase 150 active users, you can have 20 admins, 70 editors, and 60 viewers, or you can have 150 admins. Grafana will enforce the total number of active users even if you use a license that grants a specific number of admins or editors and a certain number of viewers. This is a more permissive policy than before, which gives you the flexibility to change users' roles.

 If you are running a pre-9.0 version of Grafana Enterprise, please refer to the documentation for that version to learn more about license enforcement in your current version.

@@ -256,24 +256,14 @@ The system creates a session when a user signs in to Grafana from a new device,

 When a user reaches the session limit, the fourth connection succeeds and the longest inactive session is signed out.

+### Request usage billing
+
+You can request Grafana Labs to activate usage billing which allows an unlimited number of active users. When usage billing is enabled, Grafana does not enforce active user limits or display warning banners. Instead, you are charged for active users that exceed the limit, according to your customer contract.
+
+Usage billing involves a contractual agreement between you and Grafana Labs, and it is only available if Grafana Enterprise is configured to [automatically refresh its license token]({{< relref "../../setup-grafana/configure-grafana/enterprise-configuration/#auto_refresh_license" >}}).
+
 ### Request a change to your license

 To increase the number of licensed users within Grafana, extend a license, or change your licensed URL, contact [Grafana support](/profile/org#support) or your Grafana Labs account team. They will update your license, which you can activate from within Grafana.

 For instructions about how to activate your license after it is updated, refer to [Activate an Enterprise license]({{< relref "#activate-an-enterprise-license" >}}).
-
-## Usage billing
-
-Standard Grafana Enterprise licenses include a certain number of seats that can be used, and prevent more users logging into Grafana than have been licensed. This makes sense if you prefer a predictable bill. It can however be a problem if you anticipate uneven usage patterns over time or when it's critical that no user ever be prevented from logging into Grafana due to capacity constraints.
-
-For those use-cases we support usage-based billing, where your license includes a certain number of included users and you are billed on a monthly basis for any excess active users during the month.
-
-Usage billing involves a contractual agreement between you and Grafana Labs and an update to your license, and it is only available if Grafana Enterprise version 10.0.0 or higher is configured to [automatically refresh its license token]({{< relref "../../setup-grafana/configure-grafana/enterprise-configuration/#auto_refresh_license" >}}).
-
-### User deduplication
-
-If your organization has multiple Grafana Enterprise instances with usage billing enabled, then each active user counts only once toward your license, regardless of how many instances that user signs into. Each Grafana Enterprise instance submits a hashed list of users to Grafana Labs via API every day. Each user email address or anonymous device ID is hashed using a one-way sha256 algorithm, and submitted to Grafana where the hashed users are deduplicated across instances.
-
-### Request usage billing
-
-To request usage billing, contact your Grafana Labs account team or [submit a support ticket](https://grafana.com/profile/org#support).
@@ -228,6 +228,58 @@ WARN[06-01|16:45:59] Running an unsigned plugin   pluginID=<plugin id>
 If you're developing a plugin, then you can enable development mode to allow all unsigned plugins.
 {{% /admonition %}}

+## Plugin Frontend Sandbox
+
+{{% admonition type="caution" %}}
+Plugin Frontend Sandbox is currently in [public preview](/docs/release-life-cycle/). Grafana Labs offers limited support, and breaking changes might occur prior to the feature being made generally available.
+{{% /admonition %}}
+
+The Plugin Frontend Sandbox is a security feature that isolates plugin frontend code from the main Grafana application.
+When enabled, plugins run in a separate JavaScript context, which provides several security benefits:
+
+- Prevents plugins from modifying parts of the Grafana interface outside their designated areas
+- Stops plugins from interfering with other plugins functionality
+- Protects core Grafana features from being altered by plugins
+- Prevents plugins from modifying global browser objects and behaviors
+
+Plugins running inside the Frontend Sandbox should continue to work normally without any noticeable changes in their intended functionality.
+
+### Enable Frontend Sandbox
+
+The Frontend Sandbox feature is currently behind the `pluginsFrontendSandbox` feature flag. To enable it, you'll need to:
+
+1. Enable the feature flag in your Grafana configuration. For more information about enabling feature flags, refer to [Configure feature toggles](/setup-grafana/configure-grafana/feature-toggles/).
+
+2. For self-hosted Grafana installations, add the plugin IDs you want to sandbox in the `security` section using the `enable_frontend_sandbox_for_plugins` configuration option.
+
+For Grafana Cloud users, you can simply use the toggle switch in the plugin catalog page to enable or disable the sandbox for each plugin. By default, the sandbox is disabled for all plugins.
+
+{{% admonition type="note" %}}
+Enabling the Frontend Sandbox might impact the performance of certain plugins. Only disable the sandbox if you fully trust the plugin and understand the security implications.
+{{% /admonition %}}
+
+### Compatibility
+
+The Frontend Sandbox is available in public preview in Grafana >=11.4. It is compatible with all types of plugins including app plugins, panel plugins, and data source plugins. Angular-based plugins are not supported. Plugins developed and signed by Grafana Labs are excluded and cannot be sandboxed.
+
+### When to Use Frontend Sandbox
+
+We strongly recommend enabling the Frontend Sandbox for plugins that allow users to write custom JavaScript code for data visualization or manipulation. These plugins, while powerful, can potentially execute arbitrary JavaScript code in your Grafana instance. The sandbox provides an additional layer of security by restricting what this code can access and modify.
+
+Examples of plugins where the sandbox is particularly important include:
+
+- Panel plugins that allow users to write custom JavaScript code
+- Plugins from untrusted sources
+
+### Troubleshooting
+
+If a plugin isn't functioning correctly with the Frontend Sandbox enabled:
+
+1. Temporarily disable the sandbox for that specific plugin
+1. Test if the plugin works correctly without the sandbox
+1. If the plugin only works with the sandbox disabled, ensure you trust the plugin source before continuing to use it without sandbox protection
+1. Report any sandbox-related issues to the plugin developer
+
 ## Learn more

 - [Browse plugins](/grafana/plugins)
@@ -81,13 +81,9 @@ The configuration file can also list data sources to automatically delete, calle
 Grafana deletes the data sources listed in `deleteDatasources` _before_ adding or updating those in the `datasources` list.

 You can configure Grafana to automatically delete provisioned data sources when they're removed from the provisioning file.
-To do so, add `prune: true` to the root of your provisioning file.
+To do so, add `prune: true` to the root of your data source provisioning file.
 With this configuration, Grafana also removes the provisioned data sources if you remove the provisioning file entirely.

-{{< admonition type="note" >}}
-The `prune` parameter is available in Grafana v11.1 and higher.
-{{< /admonition >}}
-
 ### Running multiple Grafana instances

 If you run multiple instances of Grafana, add a version number to each data source in the configuration and increase it when you update the configuration.
@@ -231,9 +227,9 @@ Data sources tagged with _HTTP\*_ communicate using the HTTP protocol, which inc
 | encrypt                       | string  | MSSQL                                                            | Determines SSL encryption handling. Options include: `disable` - data sent between client and server is not encrypted; `false` - data sent between client and server is not encrypted beyond the login packet; `true` - data sent between client and server is encrypted. Default is `false`. |
 | postgresVersion               | number  | PostgreSQL                                                       | Postgres version as a number (903/904/905/906/1000) meaning v9.3, v9.4, ..., v10                                                                                                                                                                                                              |
 | timescaledb                   | boolean | PostgreSQL                                                       | Enable usage of TimescaleDB extension                                                                                                                                                                                                                                                         |
-| maxOpenConns                  | number  | MySQL, PostgreSQL and MSSQL                                      | Maximum number of open connections to the database (Grafana v5.4+)                                                                                                                                                                                                                            |
-| maxIdleConns                  | number  | MySQL, PostgreSQL and MSSQL                                      | Maximum number of connections in the idle connection pool (Grafana v5.4+)                                                                                                                                                                                                                     |
-| connMaxLifetime               | number  | MySQL, PostgreSQL and MSSQL                                      | Maximum amount of time in seconds a connection may be reused (Grafana v5.4+)                                                                                                                                                                                                                  |
+| maxOpenConns                  | number  | MySQL, PostgreSQL and MSSQL                                      | Maximum number of open connections to the database                                                                                                                                                                                                                                            |
+| maxIdleConns                  | number  | MySQL, PostgreSQL and MSSQL                                      | Maximum number of connections in the idle connection pool                                                                                                                                                                                                                                     |
+| connMaxLifetime               | number  | MySQL, PostgreSQL and MSSQL                                      | Maximum amount of time in seconds a connection may be reused                                                                                                                                                                                                                                  |
 | keepCookies                   | array   | _HTTP\*_                                                         | Cookies that needs to be passed along while communicating with data sources                                                                                                                                                                                                                   |
 | prometheusVersion             | string  | Prometheus                                                       | The version of the Prometheus data source, such as `2.37.0`, `2.24.0`                                                                                                                                                                                                                         |
 | prometheusType                | string  | Prometheus                                                       | Prometheus database type. Options are `Prometheus`, `Cortex`, `Mimir` or`Thanos`.                                                                                                                                                                                                             |
@@ -618,12 +614,22 @@ The following sections detail the supported settings and secure settings for eac

 #### Alert notification `webhook`

-| Name       | Secure setting |
-| ---------- | -------------- |
-| url        |                |
-| httpMethod |                |
-| username   |                |
-| password   | yes            |
+| Name        | Secure setting |
+| ----------- | -------------- |
+| url         |                |
+| http_method |                |
+| username    |                |
+| password    | yes            |
+| tls_config  |                |
+
+##### TLS config
+
+| Name               | Secure setting |
+| ------------------ | -------------- |
+| insecureSkipVerify |                |
+| clientCertificate  | yes            |
+| clientKey          | yes            |
+| caCertificate      | yes            |

 #### Alert notification `googlechat`

@@ -79,7 +79,7 @@ The following list contains role-based access control actions.
 | `dashboards.permissions:write`        | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul>             | Update permissions for one or more dashboards.                                                                                                                                                                            |
 | `dashboards:read`                     | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul>             | Read one or more dashboards.                                                                                                                                                                                              |
 | `dashboards:write`                    | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li><li>`folders:*`</li><li>`folders:uid:*`</li></ul>             | Update one or more dashboards.                                                                                                                                                                                            |
-| `dashboards.public:write`             | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li></ul>                                                         | Write public dashboard configuration.                                                                                                                                                                                     |
+| `dashboards.public:write`             | <ul><li>`dashboards:*`</li><li>`dashboards:uid:*`</li></ul>                                                         | Write shared dashboard configuration.                                                                                                                                                                                     |
 | `datasources.caching:read`            | <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul>                                                       | Read data source query caching settings.                                                                                                                                                                                  |
 | `datasources.caching:write`           | <ul><li>`datasources:*`</li><li>`datasources:uid:*`</li></ul>                                                       | Update data source query caching settings.                                                                                                                                                                                |
 | `datasources:create`                  | None                                                                                                                | Create data sources.                                                                                                                                                                                                      |
@@ -100,6 +100,8 @@ The following list contains role-based access control actions.
 | `folders:delete`                      | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul>                                                               | Delete one or more folders and their subfolders.                                                                                                                                                                          |
 | `folders:read`                        | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul>                                                               | Read one or more folders and their subfolders.                                                                                                                                                                            |
 | `folders:write`                       | <ul><li>`folders:*`</li><li>`folders:uid:*`</li></ul>                                                               | Update one or more folders and their subfolders.                                                                                                                                                                          |
+| `groupsync.mappings:read`                       | None                                                               | List group attribute sync mappings. To use this permission, enable the `groupAttributeSync` feature toggle.                                                                                                                                                                          |
+| `groupsync.mappings:write`                       | None                                                               | List, create, update, and delete group attribute sync mappings. To use this permission, enable the `groupAttributeSync` feature toggle.                                                                                                                                                                         |
 | `ldap.config:reload`                  | None                                                                                                                | Reload the LDAP configuration.                                                                                                                                                                                            |
 | `ldap.status:read`                    | None                                                                                                                | Verify the availability of the LDAP server or servers.                                                                                                                                                                    |
 | `ldap.user:read`                      | None                                                                                                                | Read users via LDAP.                                                                                                                                                                                                      |
@@ -188,36 +190,38 @@ The following list contains role-based access control actions used by Grafana Ad

 | Action                                               | Applicable scopes | Description                                           |
 | ---------------------------------------------------- | ----------------- | ----------------------------------------------------- |
-| `grafana‑adaptive‑metrics‑app.plugin:access`         | None              | Access the Adaptive Metrics plugin in Grafana Cloud.  |
-| `grafana‑adaptive‑metrics‑app.config:read`           | None              | Read the Adaptive Metrics app configuration.          |
-| `grafana‑adaptive‑metrics‑app.config:write`          | None              | Update the Adaptive Metrics app configuration.        |
-| `grafana‑adaptive‑metrics‑app.recommendations:read`  | None              | Read aggregation recommendations.                     |
-| `grafana‑adaptive‑metrics‑app.recommendations:apply` | None              | Apply aggregation recommendations.                    |
-| `grafana‑adaptive‑metrics‑app.rules:read`            | None              | Read aggregation rules.                               |
-| `grafana‑adaptive‑metrics‑app.rules:write`           | None              | Create aggregation rules.                             |
-| `grafana‑adaptive‑metrics‑app.rules:delete`          | None              | Delete aggregation rules.                             |
-| `grafana‑adaptive‑metrics‑app.exemptions:read`       | None              | Read recommendation exemptions.                       |
-| `grafana‑adaptive‑metrics‑app.exemptions:write`      | None              | Create, update, and delete recommendation exemptions. |
+| `grafana-adaptive-metrics-app.plugin:access`         | None              | Access the Adaptive Metrics plugin in Grafana Cloud.  |
+| `grafana-adaptive-metrics-app.config:read`           | None              | Read the Adaptive Metrics app configuration.          |
+| `grafana-adaptive-metrics-app.config:write`          | None              | Update the Adaptive Metrics app configuration.        |
+| `grafana-adaptive-metrics-app.recommendations:read`  | None              | Read aggregation recommendations.                     |
+| `grafana-adaptive-metrics-app.recommendations:apply` | None              | Apply aggregation recommendations.                    |
+| `grafana-adaptive-metrics-app.rules:read`            | None              | Read aggregation rules.                               |
+| `grafana-adaptive-metrics-app.rules:write`           | None              | Create aggregation rules.                             |
+| `grafana-adaptive-metrics-app.rules:delete`          | None              | Delete aggregation rules.                             |
+| `grafana-adaptive-metrics-app.exemptions:read`       | None              | Read recommendation exemptions.                       |
+| `grafana-adaptive-metrics-app.exemptions:write`      | None              | Create, update, and delete recommendation exemptions. |

 ### Grafana Alerting Notification action definitions

-To enable these permissions, enable the `alertingApiServer` feature toggle.
+To use these permissions, enable the `alertingApiServer` feature toggle.

-| Action                                       | Applicable scopes                  | Description                                                                                                     |
-| -------------------------------------------- | ---------------------------------- | --------------------------------------------------------------------------------------------------------------- |
-| `alert.notifications.receivers:read`         | `receivers:*`<br>`receivers:uid:*` | Read contact points. None                                                                                       |
-| `alert.notifications.receivers.secrets:read` | `receivers:*`<br>`receivers:uid:*` | Export contact points with decrypted secrets.None                                                               |
-| `alert.notifications.receivers:create`       | None                               | Create a new contact points. The creator is automatically granted full access to the created contact point.None |
-| `alert.notifications.receivers:write`        | `receivers:*`<br>`receivers:uid:*` | Update existing contact points.None                                                                             |
-| `alert.notifications.receivers:delete`       | `receivers:*`<br>`receivers:uid:*` | Update and delete existing contact points.None                                                                  |
-| `receivers.permissions:read`                 | `receivers:*`<br>`receivers:uid:*` | Read permissions for contact points.None                                                                        |
-| `receivers.permissions:write`                | `receivers:*`<br>`receivers:uid:*` | Manage permissions for contact points.None                                                                      |
-| `alert.notifications.time-intervals:read`    | None                               | Read mute time intervals.None                                                                                   |
-| `alert.notifications.time-intervals:write`   | None                               | Create new or update existing mute time intervals.None                                                          |
-| `alert.notifications.time-intervals:delete`  | None                               | Delete existing time intervals.None                                                                             |
-| `alert.notifications.templates:read`         | None                               | Read templates.                                                                                                 |
-| `alert.notifications.templates:write`        | None                               | Create new or update existing templates.None                                                                    |
-| `alert.notifications.templates:delete`       | None                               | Delete existing templates.None                                                                                  |
+| Action                                       | Applicable scopes                  | Description                                                                                                 |
+| -------------------------------------------- | ---------------------------------- | ----------------------------------------------------------------------------------------------------------- |
+| `alert.notifications.receivers:read`         | `receivers:*`<br>`receivers:uid:*` | Read contact points.                                                                                        |
+| `alert.notifications.receivers.secrets:read` | `receivers:*`<br>`receivers:uid:*` | Export contact points with decrypted secrets.                                                               |
+| `alert.notifications.receivers:create`       | None                               | Create a new contact points. The creator is automatically granted full access to the created contact point. |
+| `alert.notifications.receivers:write`        | `receivers:*`<br>`receivers:uid:*` | Update existing contact points.                                                                             |
+| `alert.notifications.receivers:delete`       | `receivers:*`<br>`receivers:uid:*` | Update and delete existing contact points.                                                                  |
+| `receivers.permissions:read`                 | `receivers:*`<br>`receivers:uid:*` | Read permissions for contact points.                                                                        |
+| `receivers.permissions:write`                | `receivers:*`<br>`receivers:uid:*` | Manage permissions for contact points.                                                                      |
+| `alert.notifications.time-intervals:read`    | None                               | Read mute time intervals.                                                                                   |
+| `alert.notifications.time-intervals:write`   | None                               | Create new or update existing mute time intervals.                                                          |
+| `alert.notifications.time-intervals:delete`  | None                               | Delete existing time intervals.                                                                             |
+| `alert.notifications.templates:read`         | None                               | Read templates.                                                                                             |
+| `alert.notifications.templates:write`        | None                               | Create new or update existing templates.                                                                    |
+| `alert.notifications.templates:delete`       | None                               | Delete existing templates.                                                                                  |
+| `alert.notifications.routes:read`            | None                               | Read notification policies.                                                                                 |
+| `alert.notifications.routes:write`           | None                               | Create new, update or delete notification policies                                                          |

 ## Scope definitions

@@ -54,13 +54,13 @@ The following tables list permissions associated with basic and fixed roles.

 ## Basic role assignments

-| Basic role    | UID                   | Associated fixed roles                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | Description                                                                                                                                              |
-| ------------- | --------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| Grafana Admin | `basic_grafana_admin` | `fixed:roles:reader`<br>`fixed:roles:writer`<br>`fixed:users:reader`<br>`fixed:users:writer`<br>`fixed:org.users:reader`<br>`fixed:org.users:writer`<br>`fixed:ldap:reader`<br>`fixed:ldap:writer`<br>`fixed:stats:reader`<br>`fixed:settings:reader`<br>`fixed:settings:writer`<br>`fixed:provisioning:writer`<br>`fixed:organization:reader`<br>`fixed:organization:maintainer`<br>`fixed:licensing:reader`<br>`fixed:licensing:writer`<br>`fixed:datasources.caching:reader`<br>`fixed:datasources.caching:writer`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:plugins:maintainer`<br>`fixed:authentication.config:writer`<br>`fixed:library.panels:creator`<br>`fixed:library.panels:reader`<br>`fixed:library.panels:general.reader`<br>`fixed:library.panels:writer`<br>`fixed:library.panels:general.writer`                                                                                                                                                                                                                                                                                                         | Default [Grafana server administrator](/docs/grafana/<GRAFANA_VERSION>/administration/roles-and-permissions/#grafana-server-administrators) assignments. |
-| Admin         | `basic_admin`         | `fixed:reports:reader`<br>`fixed:reports:writer`<br>`fixed:datasources:reader`<br>`fixed:datasources:writer`<br>`fixed:organization:writer`<br>`fixed:datasources.permissions:reader`<br>`fixed:datasources.permissions:writer`<br>`fixed:teams:writer`<br>`fixed:dashboards:reader`<br>`fixed:dashboards:writer`<br>`fixed:dashboards.permissions:reader`<br>`fixed:dashboards.permissions:writer`<br>`fixed:dashboards.public:writer`<br>`fixed:folders:reader`<br>`fixed:folders:writer`<br>`fixed:folders.permissions:reader`<br>`fixed:folders.permissions:writer`<br>`fixed:alerting:writer`<br>`fixed:apikeys:reader`<br>`fixed:apikeys:writer`<br>`fixed:alerting.provisioning.secrets:reader`<br>`fixed:alerting.provisioning:writer`<br>`fixed:datasources.caching:reader`<br>`fixed:datasources.caching:writer`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:plugins:writer`<br>`fixed:library.panels:creator`<br>`fixed:library.panels:reader`<br>`fixed:library.panels:general.reader`<br>`fixed:library.panels:writer`<br>`fixed:library.panels:general.writer`<br>`fixed:alerting.provisioning.status:writer` | Default [Grafana organization administrator](ref:rbac-basic-roles) assignments.                                                                          |
-| Editor        | `basic_editor`        | `fixed:datasources:explorer`<br>`fixed:dashboards:creator`<br>`fixed:folders:creator`<br>`fixed:annotations:writer`<br>`fixed:teams:creator` if the `editors_can_admin` configuration flag is enabled<br>`fixed:alerting:writer`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:library.panels:creator`<br>`fixed:library.panels:general.reader`<br>`fixed:library.panels:general.writer`<br>`fixed:alerting.provisioning.status:writer`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | Default [Editor](ref:rbac-basic-roles) assignments.                                                                                                      |
-| Viewer        | `basic_viewer`        | `fixed:datasources.id:reader`<br>`fixed:organization:reader`<br>`fixed:annotations:reader`<br>`fixed:annotations.dashboard:writer`<br>`fixed:alerting:reader`<br>`fixed:plugins.app:reader`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:library.panels:general.reader`<br>`fixed:datasources:explorer` if the `viewers_can_edit` configuration flag is enabled                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | Default [Viewer](ref:rbac-basic-roles) assignments.                                                                                                      |
-| No Basic Role | n/a                   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | Default [No Basic Role](ref:rbac-basic-roles)                                                                                                            |
+| Basic role    | UID                   | Associated fixed roles                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | Description                                                                                                                                              |
+| ------------- | --------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Grafana Admin | `basic_grafana_admin` | `fixed:roles:reader`<br>`fixed:roles:writer`<br>`fixed:users:reader`<br>`fixed:users:writer`<br>`fixed:org.users:reader`<br>`fixed:org.users:writer`<br>`fixed:ldap:reader`<br>`fixed:ldap:writer`<br>`fixed:stats:reader`<br>`fixed:settings:reader`<br>`fixed:settings:writer`<br>`fixed:provisioning:writer`<br>`fixed:organization:reader`<br>`fixed:organization:maintainer`<br>`fixed:licensing:reader`<br>`fixed:licensing:writer`<br>`fixed:datasources.caching:reader`<br>`fixed:datasources.caching:writer`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:plugins:maintainer`<br>`fixed:authentication.config:writer`<br>`fixed:library.panels:creator`<br>`fixed:library.panels:reader`<br>`fixed:library.panels:general.reader`<br>`fixed:library.panels:writer`<br>`fixed:library.panels:general.writer`<br>`fixed:groupsync:writer`                                                                                                                                                                                                                                                                                                         | Default [Grafana server administrator](/docs/grafana/<GRAFANA_VERSION>/administration/roles-and-permissions/#grafana-server-administrators) assignments. |
+| Admin         | `basic_admin`         | `fixed:reports:reader`<br>`fixed:reports:writer`<br>`fixed:datasources:reader`<br>`fixed:datasources:writer`<br>`fixed:organization:writer`<br>`fixed:datasources.permissions:reader`<br>`fixed:datasources.permissions:writer`<br>`fixed:teams:writer`<br>`fixed:dashboards:reader`<br>`fixed:dashboards:writer`<br>`fixed:dashboards.permissions:reader`<br>`fixed:dashboards.permissions:writer`<br>`fixed:dashboards.public:writer`<br>`fixed:folders:reader`<br>`fixed:folders:writer`<br>`fixed:folders.permissions:reader`<br>`fixed:folders.permissions:writer`<br>`fixed:alerting:writer`<br>`fixed:apikeys:reader`<br>`fixed:apikeys:writer`<br>`fixed:alerting.provisioning.secrets:reader`<br>`fixed:alerting.provisioning:writer`<br>`fixed:datasources.caching:reader`<br>`fixed:datasources.caching:writer`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:plugins:writer`<br>`fixed:library.panels:creator`<br>`fixed:library.panels:reader`<br>`fixed:library.panels:general.reader`<br>`fixed:library.panels:writer`<br>`fixed:library.panels:general.writer`<br>`fixed:alerting.provisioning.status:writer`<br>`fixed:groupsync:writer` | Default [Grafana organization administrator](ref:rbac-basic-roles) assignments.                                                                          |
+| Editor        | `basic_editor`        | `fixed:datasources:explorer`<br>`fixed:dashboards:creator`<br>`fixed:folders:creator`<br>`fixed:annotations:writer`<br>`fixed:teams:creator` if the `editors_can_admin` configuration flag is enabled<br>`fixed:alerting:writer`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:library.panels:creator`<br>`fixed:library.panels:general.reader`<br>`fixed:library.panels:general.writer`<br>`fixed:alerting.provisioning.status:writer`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | Default [Editor](ref:rbac-basic-roles) assignments.                                                                                                      |
+| Viewer        | `basic_viewer`        | `fixed:datasources.id:reader`<br>`fixed:organization:reader`<br>`fixed:annotations:reader`<br>`fixed:annotations.dashboard:writer`<br>`fixed:alerting:reader`<br>`fixed:plugins.app:reader`<br>`fixed:dashboards.insights:reader`<br>`fixed:datasources.insights:reader`<br>`fixed:library.panels:general.reader`<br>`fixed:datasources:explorer` if the `viewers_can_edit` configuration flag is enabled                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | Default [Viewer](ref:rbac-basic-roles) assignments.                                                                                                      |
+| No Basic Role | n/a                   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | Default [No Basic Role](ref:rbac-basic-roles)                                                                                                            |

 ## Fixed role definitions

@@ -98,7 +98,7 @@ To learn how to use the roles API to determine the role UUIDs, refer to [Manage
 | `fixed:dashboards.insights:reader`           | `fixed_JlBJ2_gizP8zhgaeGE2rjyZe2Rs` | `dashboards.insights:read`                                                                                                                                                                                                                                                  | Read dashboard insights data and see presence indicators.                                                                                                                                                                                                                             |
 | `fixed:dashboards.permissions:reader`        | `fixed_f17oxuXW_58LL8mYJsm4T_mCeIw` | `dashboards.permissions:read`                                                                                                                                                                                                                                               | Read all dashboard permissions.                                                                                                                                                                                                                                                       |
 | `fixed:dashboards.permissions:writer`        | `fixed_CcznxhWX_Yqn8uWMXMQ-b5iFW9k` | All permissions from `fixed:dashboards.permissions:reader` and <br>`dashboards.permissions:write`                                                                                                                                                                           | Read and update all dashboard permissions.                                                                                                                                                                                                                                            |
-| `fixed:dashboards.public:writer`             | `fixed_f_GHHRBciaqESXfGz2oCcooqHxs` | `dashboards.public:write`                                                                                                                                                                                                                                                   | Create, update, delete or pause a public dashboard.                                                                                                                                                                                                                                   |
+| `fixed:dashboards.public:writer`             | `fixed_f_GHHRBciaqESXfGz2oCcooqHxs` | `dashboards.public:write`                                                                                                                                                                                                                                                   | Create, update, delete or pause a shared dashboard.                                                                                                                                                                                                                                   |
 | `fixed:datasources:creator`                  | `fixed_XX8jHREgUt-wo1A-rPXIiFlX6Zw` | `datasources:create`                                                                                                                                                                                                                                                        | Create data sources.                                                                                                                                                                                                                                                                  |
 | `fixed:datasources:explorer`                 | `fixed_qDzW9mzx9yM91T5Bi8dHUM2muTw` | `datasources:explore`                                                                                                                                                                                                                                                       | Enable the Explore feature. Data source permissions still apply, you can only query data sources for which you have query permissions.                                                                                                                                                |
 | `fixed:datasources:reader`                   | `fixed_C2x8IxkiBc1KZVjyYH775T9jNMQ` | `datasources:read`<br>`datasources:query`                                                                                                                                                                                                                                   | Read and query data sources.                                                                                                                                                                                                                                                          |
@@ -115,6 +115,8 @@ To learn how to use the roles API to determine the role UUIDs, refer to [Manage
 | `fixed:folders.permissions:reader`           | `fixed_E06l4cx0JFm47EeLBE4nmv3pnSo` | `folders.permissions:read`                                                                                                                                                                                                                                                  | Read all folder permissions.                                                                                                                                                                                                                                                          |
 | `fixed:folders.permissions:writer`           | `fixed_3GAgpQ_hWG8o7-lwNb86_VB37eI` | All permissions from `fixed:folders.permissions:reader` and <br>`folders.permissions:write`                                                                                                                                                                                 | Read and update all folder permissions.                                                                                                                                                                                                                                               |
 | `fixed:ldap:reader`                          | `fixed_lMcOPwSkxKY-qCK8NMJc5k6izLE` | `ldap.user:read`<br>`ldap.status:read`                                                                                                                                                                                                                                      | Read the LDAP configuration and LDAP status information.                                                                                                                                                                                                                              |
+| `fixed:groupsync:reader`                     | `fixed_tLIbDrE6kw93sKqooF8GVS9BF4E` | `groupsync.mappings:read`                                                                                                                                                                                                                                                   | List all group attribute sync mappings. To use this role, enable the `groupAttributeSync` feature toggle.                                                                                                                                                                             |
+| `fixed:groupsync:writer`                     | `fixed_q7XUYx_efzxxsVmWhQgpiYClwBs` | `groupsync.mappings:read`<br>`groupsync.mappings:write`                                                                                                                                                                                                                     | Create, read, update, and delete all group attribute sync mappings. To use this role, enable the `groupAttributeSync` feature toggle.                                                                                                                                                 |
 | `fixed:ldap:writer`                          | `fixed_p6AvnU4GCQyIh7-hbwI-bk3GYnU` | All permissions from `fixed:ldap:reader` and <br>`ldap.user:sync`<br>`ldap.config:reload`                                                                                                                                                                                   | Read and update the LDAP configuration, and read LDAP status information.                                                                                                                                                                                                             |
 | `fixed:library.panels:creator`               | `fixed_6eX6ItfegCIY5zLmPqTDW8ZV7KY` | `library.panels:create`<br>`folders:read`                                                                                                                                                                                                                                   | Create library panel at the root level.                                                                                                                                                                                                                                               |
 | `fixed:library.panels:general.reader`        | `fixed_ct0DghiBWR_2BiQm3EvNPDVmpio` | `library.panels:read`                                                                                                                                                                                                                                                       | Read all library panels at the root level.                                                                                                                                                                                                                                            |
@@ -27,7 +27,7 @@ filters = accesscontrol:debug accesscontrol.evaluator:debug dashboard.permission
 ## Enable audit logging

 {{% admonition type="note" %}}
-Available in [Grafana Enterprise](/docs/grafana/<GRAFANA_VERSION>/introduction/grafana-enterprise/) version 7.3 and later, and [Grafana Cloud](/docs/grafana-cloud).
+Available in [Grafana Enterprise](/docs/grafana/<GRAFANA_VERSION>/introduction/grafana-enterprise/) and [Grafana Cloud](/docs/grafana-cloud).
 {{% /admonition %}}

 You can enable auditing in the Grafana configuration file.
@@ -36,7 +36,7 @@ cards:
      description: Choose how, when, and where to send your alert notifications.
      height: 24
    - title: Monitor status
-      href: ./monitor-status/
+      href: ./manage-notifications/
      description: Monitor, respond to, and triage issues within your services.
      height: 24
    - title: Additional configuration
@@ -12,59 +12,37 @@ labels:
    - oss
 title: Configure alert rules
 weight: 120
-refs:
-  alert-rules:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/
-  configure-grafana-alerts:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/create-grafana-managed-rule/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/create-grafana-managed-rule/
-  configure-ds-alerts:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/create-data-source-managed-rule/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/create-data-source-managed-rule/
-  recording-rules:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/create-recording-rules/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/create-recording-rules/
-  alert-types-comparison-table:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/#comparison-between-alert-rule-types
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/#comparison-between-alert-rule-types
-  templating-labels-annotations:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/templates/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/templates/
 ---

 # Configure alert rules

-[Alert rules](ref:alert-rules) are the central component of your alerting system.
+An alert rule consists of one or more queries and expressions that select the data you want to measure. It also contains a condition, which is the threshold that an alert rule must meet or exceed in order to fire.

-An alert rule consists of one or more queries and expressions that select the data you want to measure. It contains a condition to trigger the alert, an evaluation period that determines how often the rule is evaluated, and additional options to manage alert events and their notifications.
+Create, manage, view, and adjust alert rules to alert on your metrics data or log entries from multiple data sources — no matter where your data is stored.

-Grafana supports two types of alert rules:
+The main parts of alert rule creation are:

-1. Grafana-managed alert rules: These can query multiple data sources.
+1. Select your data source
+1. Query your data
+1. Normalize your data
+1. Set your threshold

-1. Data source-managed alert rules: These can only query Prometheus-based data sources and support horizontal scaling.
+**Query, expressions, and alert condition**

-We recommend using Grafana-managed alert rules whenever possible, and opting for data source-managed alert rules when horizontal scaling is required. Refer to the [comparison table of alert rule types](ref:alert-types-comparison-table) for a more detailed overview.
+What are you monitoring? How are you measuring it?

-Both types of alert rules can be configured in Grafana using the **+ New alert rule** flow. For step-by-step instructions, refer to:
+{{< admonition type="note" >}}
+Expressions can only be used for Grafana-managed alert rules.
+{{< /admonition >}}

- [Configure Grafana-managed alert rules](ref:configure-grafana-alerts)
- [Configure data source-managed alert rules](ref:configure-ds-alerts)
- [Create and link alert rules to panels](ref:templating-labels-annotations)
+**Evaluation**

-Alert rules can also query metrics generated by recording rules. To learn more, refer to:
+How do you want your alert to be evaluated?

- [Create recording rules](ref:recording-rules)
+**Labels and notifications**
+
+How do you want to route your alert? What kind of additional labels could you add to annotate your alert rules and ease searching?
+
+**Annotations**
+
+Do you want to add more context on the alert in your notification messages, for example, what caused the alert to fire? Which server did it happen on?
@@ -1,157 +0,0 @@
---
-aliases:
-  - ../unified-alerting/alerting-rules/create-mimir-loki-managed-rule/ # /docs/grafana/<GRAFANA_VERSION>/alerting/unified-alerting/alerting-rules/create-mimir-loki-managed-rule/
-  - ../unified-alerting/alerting-rules/edit-cortex-loki-namespace-group/ # /docs/grafana/<GRAFANA_VERSION>/alerting/unified-alerting/alerting-rules/edit-cortex-loki-namespace-group/
-  - ../unified-alerting/alerting-rules/edit-mimir-loki-namespace-group/ # /docs/grafana/<GRAFANA_VERSION>/alerting/unified-alerting/alerting-rules/edit-mimir-loki-namespace-group/
-  - ../alerting-rules/create-mimir-loki-managed-rule/ # /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/create-mimir-loki-managed-rule/
-canonical: https://grafana.com/docs/grafana/latest/alerting/alerting-rules/create-data-source-managed-rule/
-description: Configure data source-managed alert rules alert for an external Grafana Mimir or Loki instance
-keywords:
-  - grafana
-  - alerting
-  - guide
-  - rules
-  - create
-labels:
-  products:
-    - cloud
-    - enterprise
-    - oss
-title: Configure data source-managed alert rules
-weight: 200
-refs:
-  shared-configure-prometheus-data-source-alerting:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/datasources/prometheus/configure-prometheus-data-source/#alerting
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/connect-externally-hosted/data-sources/prometheus/configure-prometheus-data-source/#alerting
-  configure-grafana-managed-rules:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/create-grafana-managed-rule/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/create-grafana-managed-rule/notification-policies/
-  notification-policies:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/notification-policies/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/notification-policies/
-  pending-period:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rule-evaluation/#pending-period
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rule-evaluation/#pending-period
-  alert-rules:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/
-  alert-rule-labels:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#labels
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#labels
-  alert-rule-evaluation:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rule-evaluation/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rule-evaluation/
-  shared-provision-alerting-resources:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/set-up/provision-alerting-resources/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/set-up/provision-alerting-resources/
-  shared-alert-rule-template:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/templates/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/templates/
-  shared-annotations:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#annotations
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#annotations
-  shared-link-alert-rules-to-panels:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/link-alert-rules-to-panels/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/link-alert-rules-to-panels/
---
-
-# Configure data source-managed alert rules
-
-Data source-managed alert rules can only be created using Grafana Mimir or Grafana Loki data sources.
-
-The rules are stored within the data source. In a distributed architecture, they can scale horizontally to provide high-availability. For more details, refer to [alert rule types](ref:alert-rules).
-
-We recommend using [Grafana-managed alert rules](ref:configure-grafana-managed-rules) whenever possible and opting for data source-managed alert rules when scaling your alerting setup is necessary.
-
-{{< docs/shared lookup="alerts/note-prometheus-ds-rules.md" source="grafana" version="<GRAFANA_VERSION>" >}}
-
-To create or edit data source-managed alert rules, follow these instructions.
-
-## Before you begin
-
-Verify that you have write permission to the Mimir or Loki data source. Otherwise, you cannot create or update data source-managed alert rules.
-
-### Enable the Ruler API
-
-For more information, refer to the [Mimir Ruler API](/docs/mimir/latest/references/http-api/#ruler) or [Loki Ruler API](/docs/loki/latest/api/#ruler).
-
- **Mimir** - use the `/prometheus` prefix. The Prometheus data source supports both Grafana Mimir and Prometheus, and Grafana expects that both the [Query API](/docs/mimir/latest/operators-guide/reference-http-api/#querier--query-frontend) and [Ruler API](/docs/mimir/latest/operators-guide/reference-http-api/#ruler) are under the same URL. You cannot provide a separate URL for the Ruler API.
-
- **Loki** - The `local` rule storage type, default for the Loki data source, supports only viewing of rules. To edit rules, configure one of the other rule storage types.
-
-### Permissions
-
-Alert rules for Mimir or Loki instances can be edited or deleted by users with **Editor** or **Admin** roles.
-
-If you do not want to manage alert rules for a particular data source, go to its settings and clear the **Manage alerts via Alerting UI** checkbox.
-
-{{< docs/shared lookup="alerts/configure-provisioning-before-begin.md" source="grafana" version="<GRAFANA_VERSION>" >}}
-
-{{< docs/shared lookup="alerts/configure-alert-rule-name.md" source="grafana" version="<GRAFANA_VERSION>" >}}
-
-## Define query and condition
-
-Define a query to get the data you want to measure and a condition that needs to be met before an alert rule fires.
-
-{{% admonition type="note" %}}
-By default, new alert rules are Grafana-managed. To switch to **Data source-managed**, follow these instructions.
-{{% /admonition %}}
-
-1. Select a Prometheus-based data source from the drop-down list.
-
-   You can also click **Open advanced data source picker** to find more options.
-
-1. Enter a PromQL or LogQL query, including the alert condition.
-1. In the **Rule type** option, select **Data source-managed**.
-1. Click **Preview alerts**.
-
-## Set alert evaluation behavior
-
-Use [alert rule evaluation](ref:alert-rule-evaluation) to determine how frequently an alert rule should be evaluated and how quickly it should change its state.
-
-1. Select a namespace or click **+ New namespace**.
-1. Select an evaluation group or click **+ New evaluation group**.
-
-   If you are creating a new evaluation group, specify the interval for the group.
-
-   All rules within the same group are evaluated sequentially over the same time interval. You can reorder them from the **Alert rules** page.
-
-1. Enter a pending period.
-
-   The [pending period](ref:pending-period) is the period in which an alert rule can be in breach of the condition until it fires.
-
-   Once a condition is met, the alert goes into the **Pending** state. If the condition remains active for the duration specified, the alert transitions to the **Firing** state, else it reverts to the **Normal** state.
-
-## Configure labels and notifications
-
-Add [labels](ref:alert-rule-labels) to your alert rules to set which [notification policy](ref:notification-policies) should handle your firing alert instances.
-
-All alert rules and instances, irrespective of their labels, match the default notification policy. If there are no nested policies, or no nested policies match the labels in the alert rule or alert instance, then the default notification policy is the matching policy.
-
-1. Add labels if you want to change the way your notifications are routed.
-
-   Add custom labels by selecting existing key-value pairs from the drop down, or add new labels by entering the new key or value.
-
-{{< docs/shared lookup="alerts/configure-notification-message.md" source="grafana" version="<GRAFANA_VERSION>" >}}
@@ -24,144 +24,123 @@ refs:
      destination: /docs/grafana/<GRAFANA_VERSION>/dashboards/use-dashboards/#time-units-and-relative-ranges
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/visualizations/dashboards/use-dashboards/#time-units-and-relative-ranges
+  fundamentals:
+    - pattern: /docs/grafana/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/
+    - pattern: /docs/grafana-cloud/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/
  alert-instance-state:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rule-evaluation/state-and-health/#alert-instance-state
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rule-evaluation/state-and-health/#alert-instance-state
-  modify-the-no-data-or-error-state:
+  keep-last-state:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rule-evaluation/state-and-health/#modify-the-no-data-or-error-state
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rule-evaluation/state-and-health/#keep-last-state
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rule-evaluation/state-and-health/#modify-the-no-data-or-error-state
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rule-evaluation/state-and-health/#keep-last-state
+  add-a-query:
+    - pattern: /docs/grafana/
+      destination: /docs/grafana/<GRAFANA_VERSION>/panels-visualizations/query-transform-data/#add-a-query
+    - pattern: /docs/grafana-cloud/
+      destination: /docs/grafana-cloud/visualizations/panels-visualizations/query-transform-data/#add-a-query
  pending-period:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rule-evaluation/#pending-period
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rule-evaluation/#pending-period
-  alert-rule-evaluation:
+  alerting-on-numeric-data:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rule-evaluation/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/queries-conditions/#alert-on-numeric-data
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rule-evaluation/
-  mute-timings:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/mute-timings/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/mute-timings/
-  alert-rule-query:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/queries-conditions/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/queries-conditions/
-  alert-rule-labels:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#labels
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#labels
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/queries-conditions/#alert-on-numeric-data
  expression-queries:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/queries-conditions/#expression-queries
+      destination: /docs/grafana/<GRAFANA_VERSION>/panels-visualizations/query-transform-data/expression-queries/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/queries-conditions/#expression-queries
-  alert-condition:
+      destination: /docs/grafana-cloud/visualizations/panels-visualizations/query-transform-data/expression-queries/
+  annotation-label:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/queries-conditions/#alert-condition
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/queries-conditions/#alert-condition
-  contact-points:
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/
+  link-alert-rules-to-panels:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/contact-points/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/link-alert-rules-to-panels/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/contact-points/
-  notification-policies:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/notification-policies/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/notification-policies/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/link-alert-rules-to-panels/
  data-sources:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/datasources/
    - pattern: /docs/grafana-cloud/
    - destination: /docs/grafana-cloud/connect-externally-hosted/data-sources/
-  alert-rules:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/
  compatible-data-sources:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/#supported-data-sources
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/#supported-data-sources
-  shared-provision-alerting-resources:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/set-up/provision-alerting-resources/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/set-up/provision-alerting-resources/
-  shared-alert-rule-template:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/templates/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/templates/
-  shared-annotations:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#annotations
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#annotations
-  shared-link-alert-rules-to-panels:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/link-alert-rules-to-panels/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/link-alert-rules-to-panels/
 ---

 # Configure Grafana-managed alert rules

-Grafana-managed rules can query data from multiple data sources in a single alert rule. They are the most flexible [alert rule type](ref:alert-rules). You can also add expressions to transform your data, set alert conditions, and images in alert notifications.
+Grafana-managed rules are the most flexible alert rule type. They allow you to create alerts that can act on data from any of our supported data sources. In addition to supporting multiple data sources, you can also add expressions to transform your data and set alert conditions. Using images in alert notifications is also supported. This is the only type of rule that allows alerting from multiple data sources in a single rule definition.
+
+Multiple alert instances can be created as a result of one alert rule (also known as a multi-dimensional alerting).

 {{% admonition type="note" %}}
-In Grafana Cloud, the number of Grafana-managed alert rules you can create depends on your Grafana Cloud plan.
+For Grafana Cloud Free Forever, you can create up to 100 free Grafana-managed alert rules with each alert rule having a maximum of 1000 alert instances.

- Free Forever plan: You can create up to 100 free alert rules, with each alert rule having a maximum of 1000 alert instances.
- All paid plans (Pro and Advanced): They have a soft limit of 2000 alert rules and support unlimited alert instances. To increase the limit, open a support ticket from the [Cloud portal](/docs/grafana-cloud/account-management/support/).
+For all paid tiers (Cloud Pro and Advanced), there is a soft limit of 2000 alert rules and unlimited alert instances. To increase the limit, open a support ticket from the [Cloud portal](https://grafana.com/docs/grafana-cloud/account-management/support/).

 {{% /admonition %}}

-To create or edit Grafana-managed alert rules, follow the instructions below. For a practical example, check out our [tutorial on getting started with Grafana alerting](http://grafana.com/tutorials/alerting-get-started/).
+Grafana-managed alert rules can only be edited or deleted by users with Edit permissions for the folder storing the rules.
+
+If you delete an alert resource created in the UI, you can no longer retrieve it.
+To make a backup of your configuration and to be able to restore deleted alerting resources, create your alerting resources using file provisioning, Terraform, or the Alerting API.

 ## Before you begin

-Verify that the data sources you plan to query in the alert rule are [compatible with Grafana-managed alert rules](ref:compatible-data-sources) and are properly configured.
+If you are using Grafana OSS:

-### Permissions
+1. Configure your [data sources](ref:data-sources).
+2. Check which [data sources](ref:compatible-data-sources) are compatible with and supported by Grafana Alerting.

-Only users with **Edit** permissions for the folder storing the rules can edit or delete Grafana-managed alert rules.
-
-{{< docs/shared lookup="alerts/configure-provisioning-before-begin.md" source="grafana" version="<GRAFANA_VERSION>" >}}
-
-### Default vs Advanced options
+If you are using Grafana OSS, Enterprise, or Cloud:

 You can use default or advanced options for Grafana-managed alert rule creation. The default options streamline rule creation with a cleaner header and a single query and condition. For more complex rules, use advanced options to add multiple queries and expressions.

-You can toggle between the two options. Once you have created an alert rule, the system defaults to your previous choice for the next alert rule.
+Default and advanced options are enabled by default for Grafana Cloud users and this feature is being rolled out progressively.

-Switching from advanced to default may result in queries and expressions that cannot be converted. In this case, a warning message asks if you want to continue to reset to default settings.
+For OSS users,enable the `alertingQueryAndExpressionsStepMode` feature toggle.

-Default and advanced options are enabled by default for Grafana Cloud users and this feature is being rolled out progressively. OSS users can enable them via the [`alertingQueryAndExpressionsStepMode` feature toggle](/setup-grafana/configure-grafana/feature-toggles/).
+{{% admonition type="note" %}}
+Once you have created an alert rule using one of the options, the system defaults to this option for the next alert rule you create.

-{{< docs/shared lookup="alerts/configure-alert-rule-name.md" source="grafana" version="<GRAFANA_VERSION>" >}}
+You can toggle between the two options. However, if you want to switch from advanced options to the default, it may be that your query and expressions cannot be converted. In this case, a warning message checks whether you want to continue to reset to default settings.
+{{% /admonition %}}
+
+## Steps
+
+To create a Grafana-managed alert rule, use the in-product alert creation flow and follow these steps.
+
+To get started quickly, refer to our [tutorial on getting started with Grafana alerting](http://grafana.com/tutorials/alerting-get-started/).
+
+## Set alert rule name
+
+1. Click **Alerts & IRM** -> **Alert rules** -> **+ New alert rule**.
+1. Enter a name to identify your alert rule.
+
+   This name is displayed in the alert rule list. It is also the `alertname` label for every alert instance that is created from this rule.

 ## Define query and condition

 Define a query to get the data you want to measure and a condition that needs to be met before an alert rule fires.

-You can toggle between **Default** and **Advanced** options. If the [Default vs. Advanced feature](#default-vs-advanced-options) is not enabled in your Grafana instance, follow the **Advanced options** instructions.
-
 {{< collapse title="Default options" >}}

-1. Add a [query](ref:alert-rule-query).
-1. Add an [alert condition](ref:alert-condition).
+1. Add a query.
+1. Add an alert condition.

   The **When** input includes the reducer function and the last input is the threshold.

@@ -173,11 +152,15 @@ You can toggle between **Default** and **Advanced** options. If the [Default vs.
 1. Select a data source.
 1. From the **Options** dropdown, specify a [time range](ref:time-units-and-relative-ranges).

-   Note that Grafana Alerting only supports fixed relative time ranges, for example, `now-24hr: now`. It does not support absolute time ranges: `2021-12-02 00:00:00 to 2021-12-05 23:59:592` or semi-relative time ranges: `now/d to: now`.
+{{% admonition type="note" %}}
+Grafana Alerting only supports fixed relative time ranges, for example, `now-24hr: now`.
+
+It does not support absolute time ranges: `2021-12-02 00:00:00 to 2021-12-05 23:59:592` or semi-relative time ranges: `now/d to: now`.
+{{% /admonition %}}

 1. Add a query.

-   To add multiple [queries](ref:alert-rule-query), click **Add query**.
+   To add multiple [queries](ref:add-a-query), click **Add query**.

   All alert rules are managed by Grafana by default. If you want to switch to a data source-managed alert rule, click **Switch to data source-managed alert rule**.

@@ -185,7 +168,9 @@ You can toggle between **Default** and **Advanced** options. If the [Default vs.

   a. For each expression, select either **Classic condition** to create a single alert rule, or choose from the **Math**, **Reduce**, and **Resample** options to generate separate alert for each series.

+   {{% admonition type="note" %}}
   When using Prometheus, you can use an instant vector and built-in functions, so you don't need to add additional expressions.
+   {{% /admonition %}}

   b. Click **Preview** to verify that the expression is successful.

@@ -193,24 +178,12 @@ You can toggle between **Default** and **Advanced** options. If the [Default vs.

   You can only add one recovery threshold in a query and it must be the alert condition.

-1. Click **Set as alert condition** on the query or expression you want to set as your [alert condition](ref:alert-condition).
+1. Click **Set as alert condition** on the query or expression you want to set as your alert condition.
   {{< /collapse >}}

-## Set folder and labels
+## Set alert evaluation behavior

-Organize your alert rule with a folder and set of labels.
-
-In the **Labels** section, you can optionally choose whether to add labels to organize your alert rules and their notifications. For more details, refer to [alert rule labels](ref:alert-rule-labels).
-
-1. Select a folder or click **+ New folder**.
-
-1. Add labels, if required.
-
-   Add custom labels by selecting existing key-value pairs from the drop down, or add new labels by entering the new key or value.
-
-## Configure alert evaluation behavior
-
-Use [alert rule evaluation](ref:alert-rule-evaluation) to determine how frequently an alert rule should be evaluated and how quickly it should change its state.
+Use alert rule evaluation to determine how frequently an alert rule should be evaluated and how quickly it should change its state.

 To do this, you need to make sure that your alert rule is in the right evaluation group and set a pending period time that works best for your use case.

@@ -221,7 +194,7 @@ To do this, you need to make sure that your alert rule is in the right evaluatio

   All rules within the same group are evaluated concurrently over the same time interval.

-1. Enter a [pending period](ref:pending-period).
+1. Enter a pending period.

   The pending period is the period in which an alert rule can be in breach of the condition until it fires.

@@ -229,20 +202,15 @@ To do this, you need to make sure that your alert rule is in the right evaluatio

 1. Turn on pause alert notifications, if required.

+   {{< admonition type="note" >}}
   You can pause alert rule evaluation to prevent noisy alerting while tuning your alerts.
   Pausing stops alert rule evaluation and doesn't create any alert instances.
-   This is different to [mute timings](ref:mute-timings), which stop notifications from being delivered, but still allows for alert rule evaluation and the creation of alert instances.
+   This is different to mute timings, which stop notifications from being delivered, but still allows for alert rule evaluation and the creation of alert instances.
+   {{< /admonition >}}

-1. In **Configure no data and error handling**, you can define the alerting behavior and alerting state for two scenarios:
+1. In **Configure no data and error handling**, configure alerting behavior in the absence of data.

-   - When the evaluation returns **No data** or all values are null.
-   - When the evaluation returns **Error** or timeout.
-
-   ### Configure no data and error handling
-
-   {{< docs/shared lookup="alerts/table-configure-no-data-and-error.md" source="grafana" version="<GRAFANA_VERSION>" >}}
-
-   For more details, refer to [alert instance states](ref:alert-instance-state) and [modify the no data or error state](ref:modify-the-no-data-or-error-state).
+   Use the guidelines in [No data and error handling](#configure-no-data-and-error-handling).

 ## Configure labels and notifications

@@ -260,7 +228,7 @@ Complete the following steps to set up labels and notifications.

   **Select contact point**

-   1. Choose this option to select an existing [contact point](ref:contact-points).
+   1. Choose this option to select an existing contact point.

      All notifications for this alert rule are sent to this contact point automatically and notification policies are not used.

@@ -271,18 +239,67 @@ Complete the following steps to set up labels and notifications.

   **Use notification policy**

-   1. Choose this option to use the [notification policy tree](ref:notification-policies) to direct your notifications.
+   3. Choose this option to use the notification policy tree to direct your notifications.

      {{< admonition type="note" >}}
      All alert rules and instances, irrespective of their labels, match the default notification policy. If there are no nested policies, or no nested policies match the labels in the alert rule or alert instance, then the default notification policy is the matching policy.
      {{< /admonition >}}

-   2. Preview your alert instance routing set up.
+   4. Preview your alert instance routing set up.

      Based on the labels added, alert instances are routed to the following notification policies displayed.

-   3. Expand each notification policy below to view more details.
+   5. Expand each notification policy below to view more details.

-   4. Click **See details** to view alert routing details and an email preview.
+   6. Click **See details** to view alert routing details and an email preview.

-{{< docs/shared lookup="alerts/configure-notification-message.md" source="grafana" version="<GRAFANA_VERSION>" >}}
+## Add annotations
+
+Add [annotations](ref:annotation-label). to provide more context on the alert in your alert notification message.
+
+Annotations add metadata to provide more information on the alert in your alert notification message. For example, add a **Summary** annotation to tell you which value caused the alert to fire or which server it happened on.
+
+1. Optional: Add a summary.
+
+   Short summary of what happened and why.
+
+1. Optional: Add a description.
+
+   Description of what the alert rule does.
+
+1. Optional: Add a Runbook URL.
+
+   Webpage where you keep your runbook for the alert
+
+1. Optional: Add a custom annotation
+1. Optional: **Link dashboard and panel**.
+
+   [Link the alert rule to a panel](ref:link-alert-rules-to-panels) to facilitate alert investigation.
+
+1. Click **Save rule**.
+
+## Configure no data and error handling
+
+In **Configure no data and error handling**, you can define the alerting behavior when the evaluation returns no data or an error.
+
+For details about alert states, refer to [lifecycle of alert instances](ref:alert-instance-state).
+
+You can configure the alert instance state when its evaluation returns no data:
+
+| No Data configuration | Description                                                                                                                                                                                                                               |
+| --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| No Data               | The default option. Sets alert instance state to `No data`. <br/> The alert rule also creates a new alert instance `DatasourceNoData` with the name and UID of the alert rule, and UID of the datasource that returned no data as labels. |
+| Alerting              | Sets the alert instance state to `Pending` and then transitions to `Alerting` once the [pending period](ref:pending-period) ends. If you sent the pending period to 0, the alert instance state is immediately set to `Alerting`.         |
+| Normal                | Sets alert instance state to `Normal`.                                                                                                                                                                                                    |
+| Keep Last State       | Maintains the alert instance in its last state. Useful for mitigating temporary issues, refer to [Keep last state](ref:keep-last-state).                                                                                                  |
+
+You can also configure the alert instance state when its evaluation returns an error or timeout.
+
+| Error configuration | Description                                                                                                                                                                                                                            |
+| ------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Error               | The default option. Sets alert instance state to `Error`. <br/> The alert rule also creates a new alert instance `DatasourceError` with the name and UID of the alert rule, and UID of the datasource that returned no data as labels. |
+| Alerting            | Sets alert instance state to `Alerting`. It transitions from `Pending` to `Alerting` after the [pending period](ref:pending-period) has finished.                                                                                      |
+| Normal              | Sets alert instance state to `Normal`.                                                                                                                                                                                                 |
+| Keep Last State     | Maintains the alert instance in its last state. Useful for mitigating temporary issues, refer to [Keep last state](ref:keep-last-state).                                                                                               |
+
+When you configure the No data or Error behavior to `Alerting` or `Normal`, Grafana will attempt to keep a stable set of fields under notification `Values`. If your query returns no data or an error, Grafana re-uses the latest known set of fields in `Values`, but will use `-1` in place of the measured value.
@@ -0,0 +1,144 @@
+---
+aliases:
+  - ../unified-alerting/alerting-rules/create-mimir-loki-managed-rule/ # /docs/grafana/<GRAFANA_VERSION>/alerting/unified-alerting/alerting-rules/create-mimir-loki-managed-rule/
+  - ../unified-alerting/alerting-rules/edit-cortex-loki-namespace-group/ # /docs/grafana/<GRAFANA_VERSION>/alerting/unified-alerting/alerting-rules/edit-cortex-loki-namespace-group/
+  - ../unified-alerting/alerting-rules/edit-mimir-loki-namespace-group/ # /docs/grafana/<GRAFANA_VERSION>/alerting/unified-alerting/alerting-rules/edit-mimir-loki-namespace-group/
+canonical: https://grafana.com/docs/grafana/latest/alerting/alerting-rules/create-mimir-loki-managed-rule/
+description: Configure data source-managed alert rules alert for an external Grafana Mimir or Loki instance
+keywords:
+  - grafana
+  - alerting
+  - guide
+  - rules
+  - create
+labels:
+  products:
+    - cloud
+    - enterprise
+    - oss
+title: Configure data source-managed alert rules
+weight: 200
+refs:
+  alerting:
+    - pattern: /docs/grafana/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/
+    - pattern: /docs/grafana-cloud/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/
+  annotation-label:
+    - pattern: /docs/grafana/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/
+    - pattern: /docs/grafana-cloud/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/
+  link-alert-rules-to-panels:
+    - pattern: /docs/grafana/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/link-alert-rules-to-panels/
+    - pattern: /docs/grafana-cloud/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/link-alert-rules-to-panels/
+---
+
+# Configure data source-managed alert rules
+
+Create data source-managed alert rules for Grafana Mimir or Grafana Loki data sources, which have been configured to support rule creation.
+
+To configure your Grafana Mimir or Loki data source for alert rule creation, enable either the Loki Ruler API or the Mimir Ruler API.
+
+For more information, refer to [Loki Ruler API](/docs/loki/<GRAFANA_VERSION>/api/#ruler) or [Mimir Ruler API](/docs/mimir/<GRAFANA_VERSION>/references/http-api/#ruler).
+
+**Note**:
+
+Alert rules for a Grafana Mimir or Loki instance can be edited or deleted by users with Editor or Admin roles.
+
+If you delete an alerting resource created in the UI, you can no longer retrieve it.
+To make a backup of your configuration and to be able to restore deleted alerting resources, create your alerting resources using file provisioning, Terraform, or the Alerting API.
+
+## Before you begin
+
+- Verify that you have write permission to the Mimir or Loki data source. Otherwise, you cannot create or update Grafana Mimir or Loki-managed alert rules.
+
+- Enable the Mimir or Loki Ruler API.
+
+  - **Loki** - The `local` rule storage type, default for the Loki data source, supports only viewing of rules. To edit rules, configure one of the other rule storage types.
+
+  - **Grafana Mimir** - use the `/prometheus` prefix. The Prometheus data source supports both Grafana Mimir and Prometheus, and Grafana expects that both the [Query API](/docs/mimir/latest/operators-guide/reference-http-api/#querier--query-frontend) and [Ruler API](/docs/mimir/latest/operators-guide/reference-http-api/#ruler) are under the same URL. You cannot provide a separate URL for the Ruler API.
+
+Watch this video to learn more about how to create a Mimir-managed alert rule: {{< vimeo 720001865 >}}
+
+{{% admonition type="note" %}}
+If you do not want to manage alert rules for a particular Loki or Mimir data source, go to its settings and clear the **Manage alerts via Alerting UI** checkbox.
+{{% /admonition %}}
+
+To create a data source-managed alert rule, use the in-product alert creation flow and follow these steps to help you.
+
+## Set alert rule name
+
+1. Click **Alerts & IRM** -> **Alert rules** -> **+ New alert rule**.
+1. Enter a name to identify your alert rule.
+
+   This name is displayed in the alert rule list. It is also the `alertname` label for every alert instance that is created from this rule.
+
+## Define query and condition
+
+Define a query to get the data you want to measure and a condition that needs to be met before an alert rule fires.
+
+**Note**:
+
+All alert rules are managed by Grafana by default. To switch to a data source-managed alert rule, click **Switch to data source-managed alert rule**.
+
+1. Select a data source from the drop-down list.
+
+   You can also click **Open advanced data source picker** to see more options, including adding a data source (Admins only).
+
+1. Enter a PromQL or LogQL query.
+1. Click **Preview alerts**.
+
+## Set alert evaluation behavior
+
+Use alert rule evaluation to determine how frequently an alert rule should be evaluated and how quickly it should change its state.
+
+1. Select a namespace or click **+ New namespace**.
+1. Select an evaluation group or click **+ New evaluation group**.
+
+   If you are creating a new evaluation group, specify the interval for the group.
+
+   All rules within the same group are evaluated sequentially over the same time interval.
+
+1. Enter a pending period.
+
+   The pending period is the period in which an alert rule can be in breach of the condition until it fires.
+
+   Once a condition is met, the alert goes into the **Pending** state. If the condition remains active for the duration specified, the alert transitions to the **Firing** state, else it reverts to the **Normal** state.
+
+## Configure notifications
+
+Add labels to your alert rules to set which notification policy should handle your firing alert instances.
+
+All alert rules and instances, irrespective of their labels, match the default notification policy. If there are no nested policies, or no nested policies match the labels in the alert rule or alert instance, then the default notification policy is the matching policy.
+
+1. Add labels if you want to change the way your notifications are routed.
+
+   Add custom labels by selecting existing key-value pairs from the drop down, or add new labels by entering the new key or value.
+
+## Add annotations
+
+Add [annotations](ref:annotation-label). to provide more context on the alert in your alert notifications.
+
+Annotations add metadata to provide more information on the alert in your alert notifications. For example, add a **Summary** annotation to tell you which value caused the alert to fire or which server it happened on.
+
+1. Optional: Add a summary.
+
+   Short summary of what happened and why.
+
+1. Optional: Add a description.
+
+   Description of what the alert rule does.
+
+1. Optional: Add a Runbook URL.
+
+   Webpage where you keep your runbook for the alert
+
+1. Optional: Add a custom annotation
+1. Optional: **Link dashboard and panel**.
+
+   [Link the alert rule to a panel](ref:link-alert-rules-to-panels) to facilitate alert investigation.
+
+1. Click **Save rule**.
@@ -41,7 +41,7 @@ Note that in data source-managed groups, the alert rules and recording rules wit

  - **Loki** - The `local` rule storage type, default for the Loki data source, supports only viewing of rules. To edit rules, configure one of the other rule storage types.

-  - **Mimir** - use the `/prometheus` prefix. The Prometheus data source supports both Grafana Mimir and Prometheus, and Grafana expects that both the [Query API](/docs/mimir/latest/operators-guide/reference-http-api/#querier--query-frontend) and [Ruler API](/docs/mimir/latest/operators-guide/reference-http-api/#ruler) are under the same URL. You cannot provide a separate URL for the Ruler API.
+  - **Grafana Mimir** - use the `/prometheus` prefix. The Prometheus data source supports both Grafana Mimir and Prometheus, and Grafana expects that both the [Query API](/docs/mimir/latest/operators-guide/reference-http-api/#querier--query-frontend) and [Ruler API](/docs/mimir/latest/operators-guide/reference-http-api/#ruler) are under the same URL. You cannot provide a separate URL for the Ruler API.

 ## Add new recording rule

@@ -66,9 +66,7 @@ Select your data source and enter a query. The queries used in data source-manag

 1. From the **Group** dropdown, select an existing group within the selected namespace or add a new one.

-   Rules within a group are run sequentially at a regular interval, with the same evaluation time.
-
-   Newly created rules are appended to the end of the group, and you can reorder them from the **Alert rules** page.
+   Newly created rules are appended to the end of the group. Rules within a group are run sequentially at a regular interval, with the same evaluation time.

 ## Add labels

@@ -30,9 +30,9 @@ refs:
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#annotations
  view-alert-state-on-panels:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/monitor-status/view-alert-state/#view-alert-state-on-panels
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/manage-notifications/view-alert-state-on-panels/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/monitor-status/view-alert-state/#view-alert-state-on-panels
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/manage-notifications/view-alert-state-on-panels/
 ---

 # Create and link alert rules to panels
@@ -18,16 +18,16 @@ labels:
 title: Template annotations and labels
 weight: 500
 refs:
-  reference-labels:
+  labels:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/templates/reference/#labels
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#labels
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/templates/reference/#labels
-  reference-values:
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#labels
+  values:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/templates/reference/#values
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#values
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/templates/reference/#values
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#values
  annotations:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#annotations
@@ -63,19 +63,14 @@ refs:
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/template-notifications/reference/#notification-data
  view-alert-state:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/monitor-status/view-alert-state/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/manage-notifications/view-state-health/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/monitor-status/view-alert-state/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/manage-notifications/view-state-health/
  preview-notifications:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/template-notifications/manage-notification-templates/#preview-notification-templates
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/template-notifications/manage-notification-templates/#preview-notification-templates
-  labels:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/latest/alerting/fundamentals/alert-rules/annotation-label/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/
 ---

 # Template annotations and labels
@@ -97,7 +92,7 @@ Refer to [Templates Introduction](ref:intro-to-templates) for a more detailed ex

 Both types of templates are written in the Go templating system. However, it's important to understand that variables and functions used in notification templates are different from those used in annotation and label templates.

-1.  **Template annotations and labels**: These templates add extra information to individual alert instances. Template variables like [`$labels`](ref:reference-labels) and [`$values`](ref:reference-values) represent alert query data of the individual alert instance.
+1.  **Template annotations and labels**: These templates add extra information to individual alert instances. Template variables like [`$labels`](ref:labels) and [`$values`](ref:values) represent alert query data of the individual alert instance.
 1.  **Template notifications**: Notification templates format the notification content for a group of alerts. Variables like [`.Alerts`](ref:notification-data-reference) include all firing and resolved alerts in the notification.

 ## Template annotations
@@ -116,11 +111,11 @@ CPU usage has exceeded 80% for the last 5 minutes.

 However, if you want to display dynamic query values in annotations, you need to use template code. Common use cases include:

- Displaying the query value that triggered the alert.
- Highlighting label information that identifies the alert, such as the environment, instance, or region.
+- Displaying the query value or threshold that triggered the alert.
+- Highlighting label information that identifies the alert, such as environment, region, or priority.
 - Providing specific instructions based on query values.
- Customizing runbook links depending on query labels.
- Including contact information based on query labels.
+- Customizing runbook links depending on query or label values.
+- Including contact information based on alert labels.

 For instance, you can template the previous example to display the specific instance and CPU value that triggered the alert.

@@ -218,7 +213,3 @@ For further details on how to template alert rules, refer to:

 - [Annotation and label template reference](ref:alert-rule-template-reference)
 - [Annotation and label examples](ref:alert-rule-template-examples)
-
-{{< admonition type="tip" >}}
-For a practical example of templating, refer to our [Getting Started with Templating tutorial](https://grafana.com/tutorials/alerting-get-started-pt4/).
-{{< /admonition  >}}
@@ -115,9 +115,7 @@ CPU usage has exceeded 80% (81.2345) for the last 5 minutes.

 ### Include labels for extra details

-To provide additional context, you can include labels from the query using the [`$labels`](ref:reference-labels) variable.
-
-For instance, the previous case could also include the affected `instance`.
+To provide additional context, you can include labels from the query. For instance, access the [`$labels`](ref:reference-labels) variable to display a label that informs about the affected instance:

 ```
 CPU usage for {{ $labels.instance }} has exceeded 80% ({{ $values.A.Value }}) for the last 5 minutes.
@@ -127,14 +125,14 @@ CPU usage for {{ $labels.instance }} has exceeded 80% ({{ $values.A.Value }}) fo
 CPU usage for Instance 1 has exceeded 80% (81.2345) for the last 5 minutes.
 ```

-You can incorporate any labels returned by the query into the template. For instance, the following template includes information about the environment and region where the alert occurred.
+Annotations can also be used to provide a summary of key alert labels, such as the environment and alert severity. For instance, you can display a summary of the alert with important labels like:

 ```
-Alert triggered in {{ $labels.environment }} on {{ $labels.region }} region.
+Alert triggered in {{ $labels.environment }} with severity {{ $labels.severity }}
 ```

 ```template_output
-Alert triggered in production on AMER region.
+Alert triggered in production with severity critical.
 ```

 ### Print a range query
@@ -193,11 +191,15 @@ For additional functions to display or format data, refer to:
 Here’s an example of creating a `severity` label based on a query value:

 ```go
-{{- if (gt $values.A.Value 90.0) -}}critical
-{{- else if (gt $values.A.Value 80.0) -}}high
-{{- else if (gt $values.A.Value 60.0) -}}medium
-{{- else -}}low
-{{- end -}}
+{{ if (gt $values.A.Value 90.0) -}}
+critical
+{{ else if (gt $values.A.Value 80.0) -}}
+high
+{{ else if (gt $values.A.Value 60.0) -}}
+medium
+{{ else -}}
+low
+{{- end }}
 ```

 In this example, the `severity` label is determined by the query value:
@@ -218,13 +220,10 @@ You should avoid displaying query values in labels, as this may create many aler
 You can use labels to differentiate alerts coming from various environments (e.g., production, staging, dev). For example, you may want to add a label that sets the environment based on the instance’s label. Here’s how you can template it:

 ```go
-{{- if eq $labels.instance "prod-server-1" -}}
-production
-{{- else if eq $labels.instance "staging-server-1" -}}
-staging
-{{- else -}}
-development
-{{- end -}}
+{{ if eq $labels.instance "prod-server-1" }}production
+{{ else if eq $labels.instance "staging-server-1" }}staging
+{{ else }}development
+{{ end }}
 ```

 This would print:
@@ -236,13 +235,10 @@ This would print:
 To make this template more flexible, you can use a regular expression that matches the instance name with the instance name prefix using the [`match()`](ref:reference-match) function:

 ```go
-{{- if match "^prod-server-.*" $labels.instance -}}
-production
-{{- else if match "^staging-server-.*" $labels.instance -}}
-staging
-{{- else -}}
-development
-{{- end -}}
+{{ if match "^prod-server-.*" $labels.instance }}production
+{{ else if match "^staging-server-.*" $labels.instance}}staging
+{{ else }}development
+{{ end }}
 ```

 {{< collapse title="Legacy Alerting templates" >}}
@@ -16,11 +16,6 @@ title: Annotation and label template reference
 menuTitle: Template reference
 weight: 101
 refs:
-  label-types:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/#label-types
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/#label-types
  notification-template-reference:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/template-notifications/reference/
@@ -51,11 +46,6 @@ refs:
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/alerting-rules/templates/
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/alerting-rules/templates/
-  explore:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/explore/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana/<GRAFANA_VERSION>/explore/
 ---

 # Annotation and label template reference
@@ -82,15 +72,15 @@ The following variables are available when templating annotations and labels:

 | Variables          | Description                                                                                                                                         |
 | ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [$labels](#labels) | Contains all labels from the query, only query labels.                                                                                              |
+| [$labels](#labels) | Contains all labels from the query.                                                                                                                 |
 | [$values](#values) | Contains the labels and floating point values of all instant queries and expressions, indexed by their Ref IDs.                                     |
 | [$value](#value)   | A string containing the labels and values of all instant queries; threshold, reduce and math expressions, and classic conditions in the alert rule. |

 ### $labels

-The `$labels` variable contains all labels from the query. It excludes [user-configured and reserved labels](ref:label-types), containing only query labels.
+The `$labels` variable contains all labels from the query.

-{{< figure src="/media/docs/alerting/query-labels-and-values.png" max-width="1200px" caption="An alert rule displaying labels and value from a query." >}}
+{{< figure src="/media/docs/alerting/query-labels-and_value.png" max-width="1200px" caption="An alert rule displaying labels and value from a query" >}}

 For example, suppose you have a query that returns CPU usage for all of your servers, and you have an alert rule that fires when any of your servers have exceeded 80% CPU usage for the last 5 minutes. You want to add a summary annotation to the alert that tells you which server is experiencing high CPU usage. With the `$labels` variable you can write a template that prints a human-readable sentence such as:

@@ -14,75 +14,29 @@ menuTitle: Configure notifications
 title: Configure notifications
 weight: 125
 refs:
-  intro-notifications:
+  contact-points:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/contact-points/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/
-  configure-contact-points:
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/contact-points/
+  notification-policies:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/manage-contact-points/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/notification-policies/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/manage-contact-points/
-  configure-notification-policies:
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/notification-policies/
+  templates-page:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/create-notification-policy/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/templates/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/create-notification-policy/
-  configure-templates:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/template-notifications/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/template-notifications/
-  configure-silences:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/create-silence/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/create-silence/
-  configure-mute-timings:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/mute-timings/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/mute-timings/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/templates/
 ---

 # Configure notifications

-Configuring how, when, and where to send alert notifications is an essential part of your alerting system.
+Choose how, when, and where to send your alert notifications.

-By default, Grafana Alerting provides default notification messages with relevant alert information, so you don't need to configure messages initially. In the alert rule, you need to configure how to forward alerts:
+As a first step, define your [contact points](ref:contact-points) where to send your alert notifications to. A contact point is a set of one or more integrations that are used to deliver notifications.

-1. Directly to a contact point.
-2. To a contact point via notification policies (more flexible).
+Next, create a [notification policy](ref:notification-policies) which is a set of rules for where, when and how your alerts are routed to contact points. In a notification policy, you define where to send your alert notifications by choosing one of the contact points you created.

-{{< figure src="/media/docs/alerting/alerting-configure-notifications-v2.png" max-width="750px" alt="In the alert rule, you can configure alert forwarding directly to a contact point or through notification policies" >}}
-
-Notification setup is essential for an effective alerting system to scale across multiple teams and services. For a quick overview about the various components involved in handling notifications, refer to the [introduction about notifications](ref:intro-notifications).
-
-The topics in this section include step-by-step instructions for:
-
- [Configuring contact points](ref:configure-contact-points) to specify where to receive alert notifications.
- [Configuring notification policies](ref:configure-notification-policies) to determine how alerts are routed to contact points.
- [Templating notifications](ref:configure-templates) to customize notification messages.
- [Configuring silences](ref:configure-silences) or [mute timings](ref:configure-mute-timings) to stop notifications.
-
-## Alertmanager architecture
-
-Grafana Alerting is based on the Prometheus Alerting model, whose architecture decouples rule evaluation from notification handling.
-
- The alert rule evaluator, either Grafana or the data source, evaluates alert rules and triggers alerts.
- The alert notification manager, known as the **Alertmanager**, receives alerts and manages their notifications.
-
-{{< figure src="/media/docs/alerting/alerting-alertmanager-architecture.png" max-width="750px" alt="A diagram with the alert generator and alert manager architecture" >}}
-
-In Grafana, you can use different types of alert rules and configure multiple Alertmanagers.
-
-By default, Grafana uses its built-in Alertmanager, and Grafana Cloud instances include an additional Alertmanager.
-
-{{< figure src="/media/docs/alerting/alerting-choose-alertmanager.png" max-width="750px" alt="A screenshot choosing an Alertmanager in the notification policies UI" >}}
-
-When having multiple Alertmanagers, note that each Alertmanager manages its own independent notification resources, such as contact points, templates, policies, silences, mute timings, and active notifications.
-
-These notification resources cannot be shared across different Alertmanagers.
-
-Use the **Choose Alertmanager** dropdown to select the Alertmanager you want to configure.
+Optionally, you can add [notification templates](ref:templates-page) to contact points for reuse and consistent messaging in your notifications.
@@ -20,67 +20,26 @@ labels:
 title: Configure notification policies
 weight: 420
 refs:
-  alertmanager-architecture:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/#alertmanager-architecture
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/#alertmanager-architecture
-  intro-notification-policies:
+  notification-policies:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/notification-policies/
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/notification-policies/
-  configure-mute-timings:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/mute-timings/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/mute-timings/
-  configure-contact-points:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/manage-contact-points/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/manage-contact-points/
-  policy-routing:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/notification-policies/#routing
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/notification-policies/#routing
-  policy-inheritance:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/notification-policies/#inheritance
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/notification-policies/#inheritance
-  policy-grouping:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/group-alert-notifications/#group-notifications
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/group-alert-notifications/#group-notifications
-  policy-timing-options:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/group-alert-notifications/#timing-options
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/group-alert-notifications/#timing-options
 ---

 # Configure notification policies

 Notification policies determine how alerts are routed to contact points.

-Policies have a tree structure. Each policy can have one or more child policies and a set of label matchers.
+Policies have a tree structure and each policy can have one or more child policies. Each policy, except for the default policy, can also match specific alert labels.

-Each alert (or alert instance) is evaluated by the default policy and subsequently by each child policy. Alerts are routed to the appropriate notification policy by matching alert labels with the policy's label matchers. For further details, refer to [label matching and routing in notification policies](ref:intro-notification-policies).
+Each alert is evaluated by the default policy and subsequently by each child policy.

-{{< figure src="/media/docs/alerting//get-started-notification-policy-tree-combo.png" max-width="750px" alt="A diagram displaying how the notification policy tree routes alerts" >}}
+If the **Continue matching subsequent sibling nodes** option is enabled for a child policy, evaluation continues even after one or more matches. A parent policy’s configuration settings and contact point information govern the behavior of an alert that does not match any of the child policies. A default policy governs any alert that does not match a child policy.

-When an alert instance is assigned to a notification policy, the notification policy is responsible for:
+You can configure Grafana-managed notification policies as well as notification policies for an external Alertmanager data source.

- [Grouping similar alerts](ref:policy-grouping) to minimize the number of notifications.
- Controlling when notifications are sent using the [timing options](ref:policy-timing-options).
- Determining the [contact points](ref:configure-contact-points) that receive the alert notification.
-
-{{% admonition type="note" %}}
-The default notification policy and its child policies are assigned to a [specific Alertmanager](ref:alertmanager-architecture), and they cannot use contact points or mute timings from other Alertmanagers.
-{{% /admonition %}}
+For more information on notification policies, refer to [fundamentals of Notification Policies](ref:notification-policies).

 ## Edit the default notification policy

@@ -88,12 +47,12 @@ The default notification policy and its child policies are assigned to a [specif
 1. Click **Notification policies**.
 1. From the **Choose Alertmanager** dropdown, select an external Alertmanager. By default, the **Grafana Alertmanager** is selected.
 1. In the Default policy section, click **...** -> **Edit**.
-1. In **Default contact point**, update the [contact point](ref:configure-contact-points) for where to send notifications when alert rules do not match any specific policy.
-1. In **Group by**, choose labels to group alerts. If multiple alerts match this policy, they are grouped by the selected labels, and notifications are sent per group. For more details on using this option, refer to [Group notifications](ref:policy-grouping).
-1. In **Timing options**, set the [timing options](ref:policy-timing-options) to configure when notifications are sent.
-   - **Group wait**: the time to wait before sending the first notification for a new group of alerts. Default is 30 seconds.
-   - **Group interval**: the time to wait before sending a notification about changes in the alert group. Default is 5 minutes.
-   - **Repeat interval**: the time to wait before sending a notification if the group has not changed since the last notification. Default is 4 hours.
+1. In **Default contact point**, update the contact point for where to send notifications when alert rules do not match any specific policy.
+1. In **Group by**, choose labels to group alerts by. If multiple alerts are matched for this policy, then they are grouped by these labels. A notification is sent per group. If the field is empty (default), then all notifications are sent in a single group. Use a special label `...` to group alerts by all labels (which effectively disables grouping).
+1. In **Timing options**, select from the following options:
+   - **Group wait** Time to wait to buffer alerts of the same group before sending an initial notification. Default is 30 seconds.
+   - **Group interval** Minimum time interval between two notifications for a group. Default is 5 minutes.
+   - **Repeat interval** Minimum time interval for re-sending a notification if no new alerts were added to the group. Default is 4 hours.
 1. Click **Save** to save your changes.

 ## Add a child policy
@@ -103,18 +62,15 @@ You can create a child policy under a default policy or under an existing child
 If you want to choose where to position your policy, see the section on **Add a sibling policy**.

 1. In the left-side menu, click **Alerts & IRM** and then **Alerting**.
-1. Click **Notification policies**.
-1. From the **Choose Alertmanager** dropdown, select an Alertmanager. By default, the **Grafana Alertmanager** is selected.
-1. Click **+New child policy** from the default policy or an existing child policy.
-1. In the Matching labels section of the child policy, add one or more matching label rules to narrow down a specific case from the parent policy.
-
-   For instance, a child policy of the default policy handles `team=security` alerts, or a child policy handles only the `severity=critical` alerts of a parent policy.
-
-1. In the **Contact point** dropdown, select the [contact point](ref:configure-contact-points) to send notifications. If left empty, the contact point of the parent policy is [inherited](ref:policy-inheritance).
-1. Optionally, enable **Continue matching subsequent sibling nodes** to continue matching sibling policies even after the alert matched the current policy. If enabled, multiple policies can handle the same alert.
-1. Optionally, enable **Override grouping** to set different [grouping](ref:policy-grouping) than the parent policy. If disabled, the grouping of the parent policy is [inherited](ref:policy-inheritance).
-1. Optionally, enable **Override general timings** to set different [timing options](ref:policy-timing-options) than the parent policy. If disabled, the timing options of the parent policy are [inherited](ref:policy-inheritance).
-1. Click **Save policy** to save your changes.
+2. Click **Notification policies**.
+3. From the **Choose Alertmanager** dropdown, select an Alertmanager. By default, the **Grafana Alertmanager** is selected.
+4. Click **+New child policy** from the default policy.
+5. In the Matching labels section, add one or more rules for matching alert labels.
+6. In the **Contact point** dropdown, select the contact point to send notification to if alert matches only this specific policy and not any of the child policies.
+7. Optionally, enable **Continue matching subsequent sibling nodes** to continue matching sibling policies even after the alert matched the current policy. When this option is enabled, you can get more than one notification for one alert.
+8. Optionally, enable **Override grouping** to specify the same grouping as the default policy. If this option is not enabled, the default policy grouping is used.
+9. Optionally, enable **Override general timings** to override the timing options configured in the group notification policy.
+10. Click **Save policy** to save your changes.

 ## Add a sibling policy

@@ -123,11 +79,9 @@ If you want to choose where to position your policy, see the section on **Add a
 1. Find the child policy you want to create a sibling for.
 1. Click **Add new policy** -> **New sibling above** or **New sibling below**.

-   It's important to determine which policy receives the alert first and to set the correct order of sibling and child policies.
+   Notification policies are evaluated from top to bottom, so it is key to be able to choose which notification policy receives alerts first. Adding sibling notification policies instead of always inserting a child policy as well as being able to choose where to insert is key to managing where your alerts go.

-   Policies are evaluated from top to bottom. If a matching policy is found, the system continues to evaluate its child policies in the order they are displayed. For more details, refer to [notification policies routing](ref:policy-routing).
-
-1. Follow the instructions from step 5 onward in [adding a child policy](#add-a-child-policy).
+1. Click **Save policy** to save your changes.

 ## Search for policies

@@ -144,7 +98,7 @@ It is important to note that all matched policies are **exact** matches. Grafana

 ## Mute timings

-Mute timings are not inherited from a parent notification policy, and they have to be configured on each level. For instructions, refer to [Configure mute timings](ref:configure-mute-timings).
+Mute timings are not inherited from a parent notification policy. They have to be configured in full on each level.

 ## Example

@@ -22,52 +22,32 @@ labels:
 title: Configure silences
 weight: 440
 refs:
-  configure-alertmanager:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/set-up/configure-alertmanager/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/set-up/configure-alertmanager/
-  silence-url:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/template-notifications/reference/#alert
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/template-notifications/reference/#alert
-  shared-alert-labels:
+  alert-labels:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/alert-rules/annotation-label/
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/alert-rules/annotation-label/
-  shared-notification-policies:
+  notification-policies:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/fundamentals/notifications/notification-policies/
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/fundamentals/notifications/notification-policies/
-  shared-silences:
+  silences:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/create-silence/
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/create-silence/
-  shared-mute-timings:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/mute-timings/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/mute-timings/
-  alertmanager-architecture:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/set-up/configure-alertmanager/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/set-up/configure-alertmanager/
 ---

 # Configure silences

-Silences stop notifications from getting created and last for only a specified window of time. Use them to temporarily prevent alert notifications, such as during incident response or a maintenance window.
+Silences stop notifications from getting created and last for only a specified window of time.

 {{< admonition type="note" >}}
-Silences are assigned to a [specific Alertmanager](ref:alertmanager-architecture) and only suppress notifications for alerts managed by that Alertmanager.
-{{< /admonition >}}

-{{< docs/shared lookup="alerts/mute-timings-vs-silences.md" source="grafana" version="<GRAFANA_VERSION>" >}}
+- Inhibition rules are not supported in the Grafana Alertmanager.
+- The preview of silenced alerts only applies to alerts in firing state.
+  {{< /admonition >}}

 ## Add silences

@@ -79,12 +59,10 @@ To add a silence, complete the following steps.
 1. Click **Create silence** to open the Create silence page.
 1. In **Silence start and end**, select the start and end date to indicate when the silence should go into effect and expire.
 1. Optionally, in **Duration**, specify how long the silence is enforced. This automatically updates the end time in the **Silence start and end** field.
-1. In the **Label** and **Value** fields, enter one or more _Matching Labels_ to determine which alerts the silence applies to.
+1. In the **Label** and **Value** fields, enter one or more _Matching Labels_. Matchers determine which rules the silence will apply to. Any matching alerts (in firing state) will show in the **Silenced alert instances** field

   {{< docs/shared lookup="alerts/how_label_matching_works.md" source="grafana" version="<GRAFANA_VERSION>" >}}

-   Any matching alerts (in the firing state only) will show under **Affected alert rule instances**.
-
 1. In **Comment**, add details about the silence.
 1. Click **Submit**.

@@ -97,6 +75,14 @@ To edit a silence, complete the following steps.
 1. Find the silence you want to edit, then click **Edit** (pen icon).
 1. Make the desired changes, then click **Submit** to save your changes.

+## Create a URL to link to a silence form
+
+When linking to a silence form, provide the default matching labels and comment via `matcher` and `comment` query parameters. The `matcher` parameter should be in the following format `[label][operator][value]` where the `operator` parameter can be one of the following: `=` (equals, not regular expression), `!=` (not equals, not regular expression), `=~` (equals, regular expression), `!~` (not equals, regular expression).
+The URL can contain many query parameters with the key `matcher`.
+For example, to link to silence form with matching labels `severity=critical` & `cluster!~europe-.*` and comment `Silence critical EU alerts`, create a URL `https://mygrafana/alerting/silence/new?matcher=severity%3Dcritical&matcher=cluster!~europe-*&comment=Silence%20critical%20EU%20alert`.
+
+To link to a new silence page for an external Alertmanager, add a `alertmanager` query parameter with the Alertmanager data source name.
+
 ## Remove silences

 To remove a silence, complete the following steps.
@@ -109,30 +95,13 @@ To remove a silence, complete the following steps.

 ## Rule-specific silences

-Rule-specific silences are silences that apply only to a specific alert rule. They're created when you silence an alert rule directly using the **Silence notifications** action in the UI.
+Rule-specific silences are silences that apply only to a specific alert rule.
+They're created when you silence an alert rule directly using the **Silence notifications** action in the UI.

+{{< admonition type="note" >}}
 As opposed to general silences, rule-specific silence access is tied directly to the alert rule they act on. They can be created manually by including the specific label matcher: `__alert_rule_uid__=<alert rule UID>`.
+{{< /admonition >}}

-## URL link to a silence form
+## Useful links

-Default notification messages often include a link to silence alerts.
-
-In custom notification templates, you can use [`.Alert.SilenceURL`](ref:silence-url) to redirect users to the UI where they can silence the given alert.
-
-If [`.Alert.SilenceURL`](ref:silence-url) doesn’t fit your specific use case, you can also create a custom silence link for your custom templates.
-
-{{< collapse title="Create a custom silence link" >}}
-
-When linking to a silence form, provide the default matching labels and comment via `matcher` and `comment` query parameters. The `matcher` parameter should be in the following format `[label][operator][value]` where the `operator` parameter can be one of the following: `=` (equals, not regular expression), `!=` (not equals, not regular expression), `=~` (equals, regular expression), `!~` (not equals, regular expression).
-The URL can contain many query parameters with the key `matcher`.
-For example, to link to silence form with matching labels `severity=critical` & `cluster!~europe-.*` and comment `Silence critical EU alerts`, create a URL `https://mygrafana/alerting/silence/new?matcher=severity%3Dcritical&matcher=cluster!~europe-*&comment=Silence%20critical%20EU%20alert`.
-
-To link to a new silence page for an external Alertmanager, add a `alertmanager` query parameter with the Alertmanager data source name.
-
-{{< /collapse >}}
-
-## Inhibition rules
-
-Inhibition rules are supported in the Prometheus Alertmanager. You can [configure a Prometheus Alertmanager](ref:configure-alertmanager) to handle the notification of alerts and suppress notifications via inhibition rules.
-
-Inhibition rules are not currently supported in the Grafana Alertmanager. For tracking the progress of this feature request, follow [this GitHub issue](https://github.com/grafana/grafana/issues/68822).
+[Aggregation operators](https://prometheus.io/docs/prometheus/latest/querying/operators/#aggregation-operators)
@@ -81,21 +81,16 @@ refs:
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/manage-contact-points/integrations/configure-teams/
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/manage-contact-points/integrations/configure-teams/
-  mqtt:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/manage-contact-points/integrations/configure-mqtt/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/manage-contact-points/integrations/configure-mqtt/
-  alertmanager-architecture:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/#alertmanager-architecture
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/#alertmanager-architecture
  external-alertmanager:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/set-up/configure-alertmanager/
    - pattern: /docs/grafana-cloud/
      destination: /docs/grafana-cloud/alerting-and-irm/alerting/set-up/configure-alertmanager/
+  mqtt:
+    - pattern: /docs/grafana/
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/manage-contact-points/integrations/configure-mqtt/
+    - pattern: /docs/grafana-cloud/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/manage-contact-points/integrations/configure-mqtt/
  manage-notification-templates:
    - pattern: /docs/grafana/
      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/template-notifications/manage-notification-templates/
@@ -118,10 +113,6 @@ On the **Contact Points** tab, you can:
 - Export individual contact points or all contact points in JSON, YAML, or Terraform format.
 - Delete contact points. Note that you cannot delete contact points that are in use by a notification policy. To proceed, either delete the notification policy or update it to use another contact point.

-{{% admonition type="note" %}}
-Contact points are assigned to a [specific Alertmanager](ref:alertmanager-architecture) and cannot be used by notification policies in other Alertmanagers.
-{{% /admonition %}}
-
 ## Add a contact point

 Complete the following steps to add a contact point.
@@ -159,16 +150,6 @@ Testing a contact point is only available for Grafana Alertmanager. Complete the
 1. Choose whether to send a predefined test notification or choose custom to add your own custom annotations and labels to include in the notification.
 1. Click **Send test notification** to fire the alert.

-## Customize notification messages
-
-In contact points, you can also customize notification messages. For example, when setting up an email contact point integration, click **Message** or **Subject** to modify it.
-
-By default, notification messages include common alert details, which are usually sufficient for most cases.
-
-If necessary, you can customize the content and format of notification messages. You can create a custom notification template, which can then be applied to one or more contact points.
-
-On the **Notification templates** tab, you can view, edit, copy or delete notification templates. Refer to [manage notification templates](ref:manage-notification-templates) for instructions on selecting or creating a template for a contact point.
-
 ## List of supported integrations

 Each contact point integration has its own configuration options and setup process. In most cases, this involves providing an API key or a Webhook URL.
@@ -201,3 +182,13 @@ The following table lists the contact point integrations supported by Grafana.
 | WeCom                        | `wecom`                   |

 Some of these integrations are not compatible with [external Alertmanagers](ref:external-alertmanager). For the list of Prometheus Alertmanager integrations, refer to the [Prometheus Alertmanager receiver settings](https://prometheus.io/docs/alerting/latest/configuration/#receiver-integration-settings).
+
+## Customize notification messages
+
+In contact points, you can also customize notification messages. For example, when setting up an email contact point integration, click **Message** or **Subject** to modify it.
+
+By default, notification messages include common alert details, which are usually sufficient for most cases.
+
+If necessary, you can customize the content and format of notification messages. You can create a custom notification template, which can then be applied to one or more contact points.
+
+On the **Notification templates** tab, you can view, edit, copy or delete notification templates. Refer to [manage notification templates](ref:manage-notification-templates) for instructions on selecting or creating a template for a contact point.
@@ -149,8 +149,8 @@ Each alert instance in the `alerts` array has the following fields.
 | generatorURL | string | URL of the alert rule in the Grafana UI                                            |
 | fingerprint  | string | The labels fingerprint, alarms with the same labels will have the same fingerprint |
 | silenceURL   | string | URL to silence the alert rule in the Grafana UI                                    |
-| dashboardURL | string | **Deprecated. It will be removed in a future release.**                            |
-| panelURL     | string | **Deprecated. It will be removed in a future release.**                            |
+| dashboardURL | string | A link to the Grafana Dashboard if the alert has a Dashboard UID annotation        |
+| panelURL     | string | A link to the panel if the alert has a Panel ID annotation                         |
 | imageURL     | string | URL of a screenshot of a panel assigned to the rule that created this notification |

 {{< admonition type="note" >}}
@@ -140,8 +140,8 @@ The webhook notification is a simple way to send information about a state chang
 | generatorURL | string | URL of the alert rule in the Grafana UI                                            |
 | fingerprint  | string | The labels fingerprint, alarms with the same labels will have the same fingerprint |
 | silenceURL   | string | URL to silence the alert rule in the Grafana UI                                    |
-| dashboardURL | string | **Will be deprecated soon**                                                        |
-| panelURL     | string | **Will be deprecated soon**                                                        |
+| dashboardURL | string | A link to the Grafana Dashboard if the alert has a Dashboard UID annotation        |
+| panelURL     | string | A link to the panel if the alert has a Panel ID annotation                         |
 | imageURL     | string | URL of a screenshot of a panel assigned to the rule that created this notification |

 {{< admonition type="note" >}}
@@ -18,34 +18,31 @@ labels:
    - enterprise
    - oss
 title: Configure mute timings
-weight: 430
+weight: 450
 refs:
-  alertmanager-architecture:
+  external-alertmanager:
    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/#alertmanager-architecture
+      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/set-up/configure-alertmanager/
    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/#alertmanager-architecture
-  shared-silences:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/create-silence/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/create-silence/
-  shared-mute-timings:
-    - pattern: /docs/grafana/
-      destination: /docs/grafana/<GRAFANA_VERSION>/alerting/configure-notifications/mute-timings/
-    - pattern: /docs/grafana-cloud/
-      destination: /docs/grafana-cloud/alerting-and-irm/alerting/configure-notifications/mute-timings/
+      destination: /docs/grafana-cloud/alerting-and-irm/alerting/set-up/configure-alertmanager/
 ---

 # Configure mute timings

-A mute timing is a recurring interval of time when no new notifications for a policy are generated or sent. Use them to prevent alerts from firing a specific and reoccurring period, for example, a regular maintenance period or weekends.
+A mute timing is a recurring interval of time when no new notifications for a policy are generated or sent. Use them to prevent alerts from firing a specific and reoccurring period, for example, a regular maintenance period.

-{{< admonition type="note" >}}
-Mute timings are assigned to a [specific Alertmanager](ref:alertmanager-architecture) and only suppress notifications for alerts managed by that Alertmanager.
-{{< /admonition >}}
+Similar to silences, mute timings do not prevent alert rules from being evaluated, nor do they stop alert instances from being shown in the user interface. They only prevent notifications from being created.

-{{< docs/shared lookup="alerts/mute-timings-vs-silences.md" source="grafana" version="<GRAFANA_VERSION>" >}}
+You can configure Grafana managed mute timings as well as mute timings for an [external Alertmanager](ref:external-alertmanager).
+
+## Mute timings vs silences
+
+The following table highlights the key differences between mute timings and silences.
+
+| Mute timing                                        | Silence                                                                      |
+| -------------------------------------------------- | ---------------------------------------------------------------------------- |
+| Uses time interval definitions that can reoccur    | Has a fixed start and end time                                               |
+| Is created and then added to notification policies | Uses labels to match against an alert to determine whether to silence or not |

 ## Add mute timings

@@ -68,8 +65,6 @@ Mute timings are assigned to a [specific Alertmanager](ref:alertmanager-architec

 A time interval is a specific duration during which alerts are suppressed. The duration typically consists of a specific time range and the days of the week, month, or year.

-A mute timing can contain multiple time intervals.
-
 Supported time interval options are:

 - Time range: The time inclusive of the start and exclusive of the end time (in UTC if no location has been selected, otherwise local time).
@@ -81,13 +76,9 @@ Supported time interval options are:

 All fields are lists; to match the field, at least one list element must be satisfied. Fields also support ranges using `:` (e.g., `monday:thursday`).

-If a field is left blank, any moment of time matches the field. For an instant of time to match a complete time interval, all fields must match.
+If a field is left blank, any moment of time matches the field. For an instant of time to match a complete time interval, all fields must match. A mute timing can contain multiple time intervals.

-If you want to specify an exact duration, specify all the options.
-
-**Example**
-
-If you wanted to create a time interval for the first Monday of the month, for March, June, September, and December, between the hours of 12:00 and 24:00 UTC your time interval specification would be:
+If you want to specify an exact duration, specify all the options. For example, if you wanted to create a time interval for the first Monday of the month, for March, June, September, and December, between the hours of 12:00 and 24:00 UTC your time interval specification would be:

 - Time range:
  - Start time: `12:00`
--- a/Show More
+++ b/Show More