"Release: Updated versions in package to 9.0.9" (#532)

* Data source: prevent from using auth proxy header as custom data source header (#478)

* apply security changes for auth proxy permission escalation

* fix test

* fix test

* add links to CVE

* remove duplicate check

* apply security fix for admin only folder migration (#483)

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

.betterer.ts

@@ -0,0 +1,69 @@
+import { regexp } from '@betterer/regexp';
+import { BettererFileTest } from '@betterer/betterer';
+import { ESLint, Linter } from 'eslint';
+import { existsSync } from 'fs';
+
+export default {
+  'no enzyme tests': () => regexp(/from 'enzyme'/g).include('**/*.test.*'),
+  'better eslint': () => countEslintErrors().include('**/*.{ts,tsx}'),
+  'no undocumented stories': () => countUndocumentedStories().include('**/*.story.tsx'),
+};
+
+function countUndocumentedStories() {
+  return new BettererFileTest(async (filePaths, fileTestResult) => {
+    filePaths.forEach((filePath) => {
+      if (!existsSync(filePath.replace(/\.story.tsx$/, '.mdx'))) {
+        // In this case the file contents don't matter:
+        const file = fileTestResult.addFile(filePath, '');
+        // Add the issue to the first character of the file:
+        file.addIssue(0, 0, 'No undocumented stories are allowed, please add an .mdx file with some documentation');
+      }
+    });
+  });
+}
+
+function countEslintErrors() {
+  return new BettererFileTest(async (filePaths, fileTestResult, resolver) => {
+    const { baseDirectory } = resolver;
+    const cli = new ESLint({ cwd: baseDirectory });
+
+    await Promise.all(
+      filePaths.map(async (filePath) => {
+        const linterOptions = (await cli.calculateConfigForFile(filePath)) as Linter.Config;
+
+        const rules: Partial<Linter.RulesRecord> = {
+          '@typescript-eslint/no-explicit-any': 'error',
+        };
+
+        if (!filePath.endsWith('.test.tsx') && !filePath.endsWith('.test.ts')) {
+          rules['@typescript-eslint/consistent-type-assertions'] = [
+            'error',
+            {
+              assertionStyle: 'never',
+            },
+          ];
+        }
+
+        const runner = new ESLint({
+          baseConfig: {
+            ...linterOptions,
+            rules,
+          },
+          useEslintrc: false,
+          cwd: baseDirectory,
+        });
+
+        const lintResults = await runner.lintFiles([filePath]);
+        lintResults
+          .filter((lintResult) => lintResult.source)
+          .forEach((lintResult) => {
+            const { messages } = lintResult;
+            const file = fileTestResult.addFile(filePath, '');
+            messages.forEach((message, index) => {
+              file.addIssue(0, 0, message.message, `${index}`);
+            });
+          });
+      })
+    );
+  });
+}

.bingo/.gitignore

@@ -5,6 +5,7 @@
 # But not these files:
 !.gitignore
 !*.mod
+!*.sum
 !README.md
 !Variables.mk
 !variables.env

.bingo/Variables.mk

@@ -1,4 +1,4 @@
-# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.1. DO NOT EDIT.
+# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT.
 # All tools are designed to be build inside $GOBIN.
 BINGO_DIR := $(dir $(lastword $(MAKEFILE_LIST)))
 GOPATH ?= $(shell go env GOPATH)
@@ -17,11 +17,11 @@ GO     ?= $(shell which go)
 #	@echo "Running drone"
 #	@$(DRONE) <flags/args..>
 #
-DRONE := $(GOBIN)/drone-v1.4.0
+DRONE := $(GOBIN)/drone-v1.5.0
 $(DRONE): $(BINGO_DIR)/drone.mod
 	@# Install binary/ries using Go 1.14+ build command. This is using bwplotka/bingo-controlled, separate go module with pinned dependencies.
-	@echo "(re)installing $(GOBIN)/drone-v1.4.0"
-	@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=drone.mod -o=$(GOBIN)/drone-v1.4.0 "github.com/drone/drone-cli/drone"
+	@echo "(re)installing $(GOBIN)/drone-v1.5.0"
+	@cd $(BINGO_DIR) && $(GO) build -mod=mod -modfile=drone.mod -o=$(GOBIN)/drone-v1.5.0 "github.com/drone/drone-cli/drone"
 
 WIRE := $(GOBIN)/wire-v0.5.0
 $(WIRE): $(BINGO_DIR)/wire.mod

.bingo/drone.mod

@@ -4,4 +4,4 @@ go 1.17
 
 replace github.com/docker/docker => github.com/docker/engine v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
 
-require github.com/drone/drone-cli v1.4.0 // drone
+require github.com/drone/drone-cli v1.5.0 // drone

.bingo/variables.env

@@ -1,4 +1,4 @@
-# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.5.1. DO NOT EDIT.
+# Auto generated binary variables helper managed by https://github.com/bwplotka/bingo v0.6. DO NOT EDIT.
 # All tools are designed to be build inside $GOBIN.
 # Those variables will work only until 'bingo get' was invoked, or if tools were installed via Makefile's Variables.mk.
 GOBIN=${GOBIN:=$(go env GOBIN)}
@@ -8,7 +8,7 @@ if [ -z "$GOBIN" ]; then
 fi
 
 
-DRONE="${GOBIN}/drone-v1.4.0"
+DRONE="${GOBIN}/drone-v1.5.0"
 
 WIRE="${GOBIN}/wire-v0.5.0"
 

.bra.toml

@@ -1,8 +1,8 @@
 [run]
 init_cmds = [
   ["make", "gen-go"],
-  ["go", "run", "build.go", "-dev", "build-cli"],
-  ["go", "run", "build.go", "-dev", "build-server"],
+  ["GO_BUILD_DEV=1", "make", "build-cli"],
+  ["GO_BUILD_DEV=1", "make", "build-server"],
   ["./bin/grafana-server", "-packaging=dev", "cfg:app_mode=development"]
 ]
 watch_all = true
@@ -13,10 +13,10 @@ watch_dirs = [
   "$WORKDIR/conf",
 ]
 watch_exts = [".go", ".ini", ".toml", ".template.html"]
-ignore_files = ["wire_gen.go"] 
+ignore_files = ["wire_gen.go"]
 build_delay = 1500
 cmds = [
   ["make", "gen-go"],
-  ["go", "run", "build.go", "-dev", "build-server"],
+  ["GO_BUILD_DEV=1", "make", "build-server"],
   ["./bin/grafana-server", "-packaging=dev", "cfg:app_mode=development"]
 ]

.circleci/config.yml

@@ -1,11 +0,0 @@
-version: 2.1
-jobs:
-  build:
-    docker:
-      - image: alpine:3.7
-    steps:
-      - run:
-          name: The First Step
-          command: |
-            echo 'Fake step!'
-

.drone.star

@@ -6,7 +6,8 @@
 
 load('scripts/drone/pipelines/pr.star', 'pr_pipelines')
 load('scripts/drone/pipelines/main.star', 'main_pipelines')
-load('scripts/drone/pipelines/release.star', 'release_pipelines', 'test_release_pipelines')
+load('scripts/drone/pipelines/docs.star', 'docs_pipelines')
+load('scripts/drone/pipelines/release.star', 'release_pipelines', 'publish_image_pipelines', 'publish_artifacts_pipelines', 'publish_npm_pipelines', 'publish_packages_pipeline')
 load('scripts/drone/version.star', 'version_branch_pipelines')
 load('scripts/drone/pipelines/cron.star', 'cronjobs')
 load('scripts/drone/vault.star', 'secrets')
@@ -14,4 +15,7 @@ load('scripts/drone/vault.star', 'secrets')
 def main(ctx):
     edition = 'oss'
     return pr_pipelines(edition=edition) + main_pipelines(edition=edition) + release_pipelines() + \
-        test_release_pipelines() + version_branch_pipelines() + cronjobs(edition=edition) + secrets()
+        publish_image_pipelines('public') + publish_image_pipelines('security') + \
+        publish_artifacts_pipelines('security') + publish_artifacts_pipelines('public') + \
+        publish_npm_pipelines('public') + publish_packages_pipeline() + \
+        version_branch_pipelines() + cronjobs(edition=edition) + secrets()

.eslintignore

@@ -1,10 +1,25 @@
-node_modules
-compiled
+.git
+.github
+.yarn
 build
-vendor
-devenv
+compiled
 data
+deployment_tools_config.json
+devenv
 dist
 e2e/tmp
+node_modules
+pkg
 public/lib/monaco
-deployment_tools_config.json
+scripts/grafana-server/tmp
+vendor
+
+# TS generate from cue by cuetsy
+**/*.gen.ts
+
+# Auto-generated localisation files
+public/locales/_build/
+public/locales/**/*.js
+
+# Auto-generated icon file
+packages/grafana-ui/src/components/Icon/iconBundle.ts

.eslintrc

@@ -1,12 +1,24 @@
 {
   "extends": ["@grafana/eslint-config"],
   "root": true,
-  "plugins": ["no-only-tests", "@emotion", "lodash"],
+  "plugins": ["@emotion", "lodash", "jest", "import"],
+  "settings": {
+    "import/internal-regex": "^(app/)|(@grafana)",
+    "import/external-module-folders": ["node_modules", ".yarn"]
+  },
   "rules": {
-    "no-only-tests/no-only-tests": "error",
     "react/prop-types": "off",
     "@emotion/jsx-import": "error",
-    "lodash/import-scope": [2, "member"]
+    "lodash/import-scope": [2, "member"],
+    "jest/no-focused-tests": "error",
+    "import/order": [
+      "error",
+      {
+        "groups": [["builtin", "external"], "internal", "parent", "sibling", "index"],
+        "newlines-between": "always",
+        "alphabetize": { "order": "asc" }
+      }
+    ]
   },
   "overrides": [
     {

.github/CODEOWNERS

@@ -28,31 +28,46 @@ go.sum @grafana/backend-platform
 .drone.yml @grafana/grafana-release-eng
 .drone.star @grafana/grafana-release-eng
 /scripts/drone/ @grafana/grafana-release-eng
+/pkg/build/ @grafana/grafana-release-eng
 
 # Cloud Datasources backend code
-/pkg/tsdb/cloudwatch @grafana/cloud-datasources @grafana/observability-squad
+/pkg/tsdb/cloudwatch @grafana/cloud-datasources
 /pkg/tsdb/azuremonitor @grafana/cloud-datasources
 /pkg/tsdb/cloudmonitoring @grafana/cloud-datasources
 
 # Observability backend code
-/pkg/tsdb/influxdb @grafana/observability-squad
-/pkg/tsdb/elasticsearch @grafana/observability-squad
-/pkg/tsdb/graphite @grafana/observability-squad
-/pkg/tsdb/jaeger @grafana/observability-squad
-/pkg/tsdb/loki @grafana/observability-squad
-/pkg/tsdb/zipkin @grafana/observability-squad
-/pkg/tsdb/tempo @grafana/observability-squad
+/pkg/tsdb/prometheus @grafana/observability-metrics
+/pkg/tsdb/influxdb @grafana/observability-metrics
+/pkg/tsdb/elasticsearch @grafana/observability-logs-and-traces
+/pkg/tsdb/graphite @grafana/observability-metrics
+/pkg/tsdb/jaeger @grafana/observability-logs-and-traces
+/pkg/tsdb/loki @grafana/observability-logs-and-traces
+/pkg/tsdb/zipkin @grafana/observability-logs-and-traces
+/pkg/tsdb/tempo @grafana/observability-logs-and-traces
+
+# BI backend code
+/pkg/tsdb/mysql @grafana/grafana-bi-squad
+/pkg/tsdb/postgres @grafana/grafana-bi-squad
+/pkg/tsdb/mssql @grafana/grafana-bi-squad
 
 # Database migrations
 /pkg/services/sqlstore/migrations @grafana/backend-platform @grafana/hosted-grafana-team
 *_mig.go @grafana/backend-platform @grafana/hosted-grafana-team
 
-# Grafana live
+# Grafana edge
 /pkg/services/live/ @grafana/grafana-edge-squad
+/pkg/services/searchV2/ @grafana/grafana-edge-squad
+/pkg/services/store/ @grafana/grafana-edge-squad
+/pkg/services/export/ @grafana/grafana-edge-squad
+/pkg/infra/filestore/ @grafana/grafana-edge-squad
+pkg/tsdb/testdatasource/sims/ @grafana/grafana-edge-squad
 
-# Unified Alerting
-/pkg/services/ngalert @grafana/alerting-squad
-/pkg/services/sqlstore/migrations/ualert @grafana/alerting-squad
+# Alerting
+/pkg/services/ngalert @grafana/alerting-squad-backend
+/pkg/services/sqlstore/migrations/ualert @grafana/alerting-squad-backend
+/pkg/services/alerting @grafana/alerting-squad-backend
+/pkg/tests/api/alerting @grafana/alerting-squad-backend
+/public/app/features/alerting @grafana/alerting-squad-frontend
 
 # Library Services
 /pkg/services/libraryelements @grafana/user-essentials
@@ -64,6 +79,9 @@ go.sum @grafana/backend-platform
 /pkg/services/datasourceproxy @grafana/plugins-platform-backend
 /pkg/services/datasources @grafana/plugins-platform-backend
 
+# Dashboard previews / crawler (behind feature flag)
+/pkg/services/thumbs @grafana/grafana-edge-squad
+
 # Backend code docs
 /contribute/style-guides/backend.md @grafana/backend-platform
 /contribute/architecture/backend @grafana/backend-platform
@@ -81,21 +99,25 @@ go.sum @grafana/backend-platform
 /packages/grafana-ui/src/components/TimeSeries @grafana/grafana-bi-squad
 /packages/grafana-ui/src/components/uPlot @grafana/grafana-bi-squad
 /packages/grafana-ui/src/utils/storybook @grafana/plugins-platform-frontend
-/packages/jaeger-ui-components/ @grafana/observability-squad
+/packages/jaeger-ui-components/ @grafana/observability-logs-and-traces
 /plugins-bundled @grafana/plugins-platform-frontend
-/public @grafana/user-essentials
+# public folder
 /public/app/core/components/TimePicker @grafana/grafana-bi-squad
 /public/app/core/components/Layers @grafana/grafana-edge-squad
 /public/app/features/canvas/ @grafana/grafana-edge-squad
+/public/app/features/comments/ @grafana/grafana-edge-squad
 /public/app/features/dimensions/ @grafana/grafana-edge-squad
+/public/app/features/geo/ @grafana/grafana-edge-squad
 /public/app/features/live/ @grafana/grafana-edge-squad
-/public/app/features/explore/ @grafana/observability-squad
+/public/app/features/explore/ @grafana/observability-experience-squad
 /public/app/features/plugins @grafana/plugins-platform-frontend
+/public/app/features/transformers/spatial @grafana/grafana-edge-squad
 /public/app/plugins/panel/alertlist @grafana/alerting-squad
 /public/app/plugins/panel/barchart @grafana/grafana-bi-squad
 /public/app/plugins/panel/heatmap @grafana/grafana-bi-squad
 /public/app/plugins/panel/histogram @grafana/grafana-bi-squad
-/public/app/plugins/panel/nodeGraph @grafana/observability-squad
+/public/app/plugins/panel/logs @grafana/observability-logs-and-traces
+/public/app/plugins/panel/nodeGraph @grafana/observability-logs-and-traces
 /public/app/plugins/panel/piechart @grafana/grafana-bi-squad
 /public/app/plugins/panel/state-timeline @grafana/grafana-bi-squad
 /public/app/plugins/panel/status-history @grafana/grafana-bi-squad
@@ -126,22 +148,36 @@ lerna.json @grafana/frontend-ops
 *.mdx @marcusolsson @jessover9000 @grafana/plugins-platform-frontend
 
 # Core datasources
-/public/app/plugins/datasource/cloudwatch @grafana/cloud-datasources @grafana/observability-squad
-/public/app/plugins/datasource/elasticsearch @grafana/observability-squad
+/public/app/plugins/datasource/cloudwatch @grafana/cloud-datasources
+/public/app/plugins/datasource/elasticsearch @grafana/observability-logs-and-traces
 /public/app/plugins/datasource/grafana-azure-monitor-datasource @grafana/cloud-datasources
-/public/app/plugins/datasource/graphite @grafana/observability-squad
-/public/app/plugins/datasource/influxdb @grafana/observability-squad
-/public/app/plugins/datasource/jaeger @grafana/observability-squad
-/public/app/plugins/datasource/loki @grafana/observability-squad
-/public/app/plugins/datasource/mssql @grafana/backend-platform
-/public/app/plugins/datasource/mysql @grafana/backend-platform
+/public/app/plugins/datasource/graphite @grafana/observability-metrics
+/public/app/plugins/datasource/influxdb @grafana/observability-metrics
+/public/app/plugins/datasource/jaeger @grafana/observability-logs-and-traces
+/public/app/plugins/datasource/loki @grafana/observability-logs-and-traces
+/public/app/plugins/datasource/mssql @grafana/grafana-bi-squad
+/public/app/plugins/datasource/mysql @grafana/grafana-bi-squad
 /public/app/plugins/datasource/opentsdb @grafana/backend-platform
-/public/app/plugins/datasource/postgres @grafana/backend-platform
-/public/app/plugins/datasource/prometheus @grafana/observability-squad
+/public/app/plugins/datasource/postgres @grafana/grafana-bi-squad
+/public/app/plugins/datasource/prometheus @grafana/observability-metrics
 /public/app/plugins/datasource/cloud-monitoring @grafana/cloud-datasources
-/public/app/plugins/datasource/zipkin @grafana/observability-squad
-/public/app/plugins/datasource/tempo @grafana/observability-squad
+/public/app/plugins/datasource/zipkin @grafana/observability-logs-and-traces
+/public/app/plugins/datasource/tempo @grafana/observability-logs-and-traces
 /public/app/plugins/datasource/alertmanager @grafana/alerting-squad
 
 # Cloud middleware
 /grafana-mixin/ @grafana/hosted-grafana-team
+
+# Grafana authentication and authorization
+/pkg/services/accesscontrol @grafana/grafana-authnz-team
+/pkg/services/auth @grafana/grafana-authnz-team
+/pkg/services/dashboards/accesscontrol.go @grafana/grafana-authnz-team
+/pkg/services/datasources/permissions @grafana/grafana-authnz-team
+/pkg/services/datasources/permissions/accesscontrol.go @grafana/grafana-authnz-team
+/pkg/services/guardian @grafana/grafana-authnz-team
+/pkg/services/ldap @grafana/grafana-authnz-team
+/pkg/services/login @grafana/grafana-authnz-team
+/pkg/services/multildap @grafana/grafana-authnz-team
+/pkg/services/oauthtoken @grafana/grafana-authnz-team
+/pkg/services/teamguardian @grafana/grafana-authnz-team
+/pkg/services/serviceaccounts @grafana/grafana-authnz-team

.github/ISSUE_TEMPLATE/4-UX-design.yaml

@@ -0,0 +1,43 @@
+name: UX design issue
+description: Create an issue for delivering wireframes, mockups or other design solutions.
+title: "UX: "
+labels: ["type/ux"]
+body:
+  - type: textarea
+    id: background
+    attributes:
+      label: "Background / Why we're doing this"
+      description: Describe the problem and background of the issue. This could include research insights that inform the design changes, unmet user needs, or other usability issues.
+      placeholder: Add UI improvements to make Grafana Alerting alert creation easier based on usability test results.
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Is there existing research for this?
+      description: Please link research results or insights in the Background section if you have any. If no research was conducted, you might want to consider usability testing your design later.
+      options: [
+        "Yes, I have linked it", 
+        "No research yet"
+      ]
+    validations:
+      required: true
+  - type: textarea
+    id: problems-or-tasks
+    attributes:
+      label: Problems or tasks
+      description: Describe problems the new design should solve or tasks the user needs to complete.
+      placeholder: 
+      value: |
+        - A problem we're trying to solve
+        - A task the user needs to accomplish
+        - …
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: Deliverables
+      description: Add a checklist of deliverables here. You can later add links to each deliverable.
+      value: |
+          - Figma mockup
+          - Miro board
+          - …

.github/commands.json

@@ -1,69 +1,221 @@
 [
   {
-    "type": "label",
-    "name": "bot/question",
-    "addLabel": "type/question",
-    "removeLabel": "bot/question",
-    "action": "close",
-    "comment": "Please ask your question on [community.grafana.com/](https://community.grafana.com/). To avoid having your issue closed in the future, please read our [CONTRIBUTING](https://github.com/grafana/grafana/blob/main/CONTRIBUTING.md) guidelines.\n\nHappy graphing!"
+    "type":"label",
+    "name":"bot/question",
+    "addLabel":"type/question",
+    "removeLabel":"bot/question",
+    "action":"close",
+    "comment":"Please ask your question on [community.grafana.com/](https://community.grafana.com/). To avoid having your issue closed in the future, please read our [CONTRIBUTING](https://github.com/grafana/grafana/blob/main/CONTRIBUTING.md) guidelines.\n\nHappy graphing!"
   },
   {
-    "type": "comment",
-    "name": "duplicate",
-    "allowUsers": [],
-    "action": "updateLabels",
-    "addLabel": "type/duplicate"
+    "type":"comment",
+    "name":"duplicate",
+    "allowUsers":[],
+    "action":"updateLabels",
+    "addLabel":"type/duplicate"
   },
   {
-    "type": "label",
-    "name": "bot/duplicate",
-    "addLabel": "type/duplicate",
-    "removeLabel": "bot/duplicate",
-    "action": "close",
-    "comment": "Thanks for creating this issue! It looks like this has already been reported by another user. We’ve closed this in favor of the existing one. Please consider adding any details you think is missing to that issue.\n\nTo avoid having your issue closed in the future, please read our [CONTRIBUTING](https://github.com/grafana/grafana/blob/main/CONTRIBUTING.md) guidelines.\n\nHappy graphing!"
+    "type":"label",
+    "name":"bot/duplicate",
+    "addLabel":"type/duplicate",
+    "removeLabel":"bot/duplicate",
+    "action":"close",
+    "comment":"Thanks for creating this issue! It looks like this has already been reported by another user. We’ve closed this in favor of the existing one. Please consider adding any details you think is missing to that issue.\n\nTo avoid having your issue closed in the future, please read our [CONTRIBUTING](https://github.com/grafana/grafana/blob/main/CONTRIBUTING.md) guidelines.\n\nHappy graphing!"
   },
   {
-    "type": "comment",
-    "name": "needsMoreInfo",
-    "allowUsers": [],
-    "action": "updateLabels",
-    "addLabel": "bot/needs more info"
+    "type":"comment",
+    "name":"needsMoreInfo",
+    "allowUsers":[],
+    "action":"updateLabels",
+    "addLabel":"bot/needs more info"
   },
   {
-    "type": "label",
-    "name": "bot/needs more info",
-    "action": "updateLabels",
-    "addLabel": "needs more info",
-    "removeLabel": "bot/needs more info",
-    "comment": "Thanks for creating this issue! We think it's missing some basic information. \r\n\r\nFollow the issue template and add additional information that will help us replicate the problem. \r\nFor data visualization issues: \r\n- Query results from the inspect drawer (data tab & query inspector)\r\n- Panel settings can be extracted in the panel inspect drawer JSON tab\r\n\r\nFor dashboard related issues: \r\n- Dashboard JSON can be found in the dashboard settings JSON model view\r\n\r\nFor authentication, provisioning and alerting issues, Grafana server logs are useful. \r\n\r\nHappy graphing!"
+    "type":"label",
+    "name":"bot/needs more info",
+    "action":"updateLabels",
+    "addLabel":"needs more info",
+    "removeLabel":"bot/needs more info",
+    "comment":"Thanks for creating this issue! We think it's missing some basic information. \r\n\r\nFollow the issue template and add additional information that will help us replicate the problem. \r\nFor data visualization issues: \r\n- Query results from the inspect drawer (data tab & query inspector)\r\n- Panel settings can be extracted in the panel inspect drawer JSON tab\r\n\r\nFor dashboard related issues: \r\n- Dashboard JSON can be found in the dashboard settings JSON model view\r\n\r\nFor authentication, provisioning and alerting issues, Grafana server logs are useful. \r\n\r\nHappy graphing!"
   },
   {
-    "type": "label",
-    "name": "bot/no new info",
-    "action": "close",
-    "comment": "We've closed this issue since it needs more information and hasn't had any activity recently. We can re-open it after you you add more information. To avoid having your issue closed in the future, please read our [CONTRIBUTING](https://github.com/grafana/grafana/blob/main/CONTRIBUTING.md) guidelines.\n\nHappy graphing!"
+    "type":"label",
+    "name":"bot/no new info",
+    "action":"close",
+    "comment":"We've closed this issue since it needs more information and hasn't had any activity recently. We can re-open it after you you add more information. To avoid having your issue closed in the future, please read our [CONTRIBUTING](https://github.com/grafana/grafana/blob/main/CONTRIBUTING.md) guidelines.\n\nHappy graphing!"
   },
   {
-    "type": "label",
-    "name": "bot/close feature request",
-    "action": "close",
-    "addLabel": "not implemented",
-    "comment": "This feature request has been open for a long time with few received upvotes or comments, so we are closing it. We're trying to limit open GitHub issues in order to better track planned work and features.  \r\n\r\nThis doesn't mean that we'll never ever implement it or that we will never accept a PR for it. A closed issue can still attract upvotes and act as a ticket to track feature demand\/interest. \r\n\r\nThank You to you for taking the time to create this issue!"
+    "type":"label",
+    "name":"bot/close feature request",
+    "action":"close",
+    "addLabel":"not implemented",
+    "comment":"This feature request has been open for a long time with few received upvotes or comments, so we are closing it. We're trying to limit open GitHub issues in order to better track planned work and features.  \r\n\r\nThis doesn't mean that we'll never ever implement it or that we will never accept a PR for it. A closed issue can still attract upvotes and act as a ticket to track feature demand\/interest. \r\n\r\nThank You to you for taking the time to create this issue!"
   },
   {
-    "type": "label",
-    "name": "oss-user-essentials",
-    "action": "addToProject",
-    "addToProject": {
-      "url": "https://github.com/orgs/grafana/projects/78"
+    "type":"label",
+    "name":"oss-user-essentials",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/78"
+    }
+  },
+  {
+    "type":"label",
+    "name":"area/plugins-catalog",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/76"
+    }
+  },
+  {
+    "type":"label",
+    "name":"type/docs",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/69"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Azure",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/97"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/CloudWatch",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/97"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/CloudWatch Logs",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/97"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/GoogleCloudMonitoring",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/97"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Prometheus",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/112"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/InfluxDB",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/112"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Graphite",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/112"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/OpenTSDB",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/112"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/OpenSearch",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/110"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Loki",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/110"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Tempo",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/110"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Elasticsearch",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/110"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Jaeger",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/110"
+    }
+  },
+  {
+    "type":"label",
+    "name":"datasource/Zipkin",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/110"
+    }
+  },
+  {
+    "type":"label",
+    "name":"area/explore",
+    "action":"addToProject",
+    "addToProject":{
+      "url":"https://github.com/orgs/grafana/projects/111"
+    }
+  },
+  {
+    "type":"label",
+    "name":"oss-user-essentials",
+    "action":"removeFromProject",
+    "removeFromProject":{
+      "url":"https://github.com/orgs/grafana/projects/78"
+    }
+  },
+  {
+    "type":"label",
+    "name":"oss-user-essentials",
+    "action":"removeFromProject",
+    "removeFromProject":{
+      "url":"https://github.com/grafana/grafana/projects/33"
     }
   },
   {
     "type": "label",
-    "name": "area/plugins-catalog",
+    "name": "team/grafana-partners",
     "action": "addToProject",
     "addToProject": {
-      "url": "https://github.com/orgs/grafana/projects/76"
+      "url": "https://github.com/orgs/grafana/projects/87"
     }
   }
 ]

.github/pr-checks.json

@@ -5,5 +5,45 @@
     "targetUrl": "https://github.com/grafana/grafana/blob/main/contribute/merge-pull-request.md#assign-a-milestone",
     "success": "Milestone set",
     "failure": "Milestone not set"
+  },
+  {
+    "type": "check-label",
+    "title": "Backport Check",
+    "labels": {
+      "exists": "Backport enabled",
+      "notExists": "Backport decision needed",
+      "matches": [
+        "backport v*"
+      ]
+    },
+    "skip": {
+      "message": "Backport skipped",
+      "matches": [
+        "backport",
+        "no-backport"
+      ]
+    },
+    "targetUrl": "https://github.com/grafana/grafana/blob/main/contribute/merge-pull-request.md#should-the-pull-request-be-backported"
+  },
+  {
+    "type": "check-changelog",
+    "title": "Changelog Check",
+    "labels": {
+      "exists": "Changelog enabled",
+      "notExists": "Changelog decision needed",
+      "matches": [
+        "add to changelog"
+      ]
+    },
+    "breakingChangeLabels": [
+      "breaking change"
+    ],
+    "skip": {
+      "message": "Changelog skipped",
+      "matches": [
+        "no-changelog"
+      ]
+    },
+    "targetUrl": "https://github.com/grafana/grafana/blob/main/contribute/merge-pull-request.md#include-in-changelog-and-release-notes"
   }
 ]

.github/pr-commands.json

@@ -179,11 +179,17 @@
     "action": "updateLabel",
     "addLabel": "area/dashboard/templating"
   },
+  {
+    "type": "changedfiles",
+    "matches": ["/pkg/services/ngalert/**/*", "/pkg/services/sqlstore/migrations/ualert/**/*", "/pkg/services/alerting/**/*", "/public/app/features/alerting/**/*", "/pkg/tests/api/alerting/**/*"],
+    "action": "updateLabel",
+    "addLabel": "area/alerting"
+  },
   {
     "type": "author",
     "name": "pr/external",
     "notMemberOf": { "org": "grafana" },
-    "ignoreList": ["renovate[bot]"],
+    "ignoreList": ["renovate[bot]","dependabot[bot]"],
     "action": "updateLabel",
     "addLabel": "pr/external"
   }

.github/renovate.json5

@@ -9,18 +9,21 @@
     "@types/d3-interpolate", // we should bump this once we move to esm modules
     "@types/d3-scale-chromatic", // we should bump this once we move to esm modules
     "@types/react-icons", // jaeger-ui-components is being refactored to use @grafana/ui icons instead
+    "commander", // we are planning to remove this, so no need to update it
     "d3",
     "d3-force", // we should bump this once we move to esm modules
     "d3-interpolate", // we should bump this once we move to esm modules
     "d3-scale-chromatic", // we should bump this once we move to esm modules
-    "eslint", // wait until `eslint-plugin-react-hooks>4.2.0` is released
     "execa", // we should bump this once we move to esm modules
     "history", // we should bump this together with react-router-dom
+    "@mdx-js/react", // storybook peer-depends on it's 1.x version, we should upgrade this when we upgrade storybook
+    "monaco-editor", // due to us exposing this via @grafana/ui/CodeEditor's props bumping can break plugins
+    "node-fetch", // we should bump this once we move to esm modules
+    "react-hook-form", // due to us exposing these hooks via @grafana/ui form components bumping can break plugins
     "react-icons", // jaeger-ui-components is being refactored to use @grafana/ui icons instead
     "react-router-dom", // we should bump this together with history
-    "slate",
-    "slate-plain-serializer",
     "systemjs",
+    "copy-webpack-plugin", // try to upgrade with newer yarn release. Not working with 3.1.1
     "ts-loader", // we should remove ts-loader and use babel-loader instead
     "ora" // we should bump this once we move to esm modules
   ],
@@ -29,12 +32,16 @@
   "packageRules": [
     {
       "matchUpdateTypes": ["patch"],
-      "extends": ["schedule:monthly"]
+      "excludePackagePatterns": ["@storybook"],
+      "extends": ["schedule:monthly"],
+      "groupName": "Monthly patch updates"
+    },
+    {
+      "matchPackagePatterns": ["@storybook"],
+      "extends": ["schedule:monthly"],
+      "groupName": "Storybook updates"
     }
   ],
-  "patch": {
-    "enabled": false
-  },
   "pin": {
     "enabled": false
   },

.github/stale.yml

@@ -1,47 +0,0 @@
-# Configuration for probot-stale - https://github.com/probot/stale
-
-# General configuration
-# Label to use when marking as stale
-staleLabel: stale
-
-# Pull request specific configuration
-pulls:
-  # Number of days of inactivity before an Issue or Pull Request becomes stale
-  daysUntilStale: 14
-  # Number of days of inactivity before a stale Issue or Pull Request is closed.
-  # Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale.
-  daysUntilClose: 30
-  # Comment to post when marking as stale. Set to `false` to disable
-  markComment: >
-    This pull request has been automatically marked as stale because it has not had
-    activity in the last 2 weeks. It will be closed in 30 days if no further activity occurs. Please
-    feel free to give a status update now, ping for review, or re-open when it's ready.
-    Thank you for your contributions!
-  # Comment to post when closing a stale Issue or Pull Request.
-  closeComment: >
-     This pull request has been automatically closed because it has not had
-     activity in the last 30 days. Please feel free to give a status update now, ping for review, or re-open when it's ready.
-     Thank you for your contributions!
-  # Limit the number of actions per hour, from 1-30. Default is 30
-  limitPerRun: 1
-
-exemptLabels:
-  - help wanted
-  - type/bug
-  - type/feature-request
-  - Epic
-  - no stalebot
-
-# Issue specific configuration
-issues:
-  limitPerRun: 1
-  daysUntilStale: 100000
-  daysUntilClose: 100000
-  markComment: >
-    This issue has been automatically marked as stale because it has not had activity in the
-    last 100 days. It will be closed in the next 100 days if no activity occurs.
-    Thank you for your contributions.
-  closeComment: >
-    This issue has been automatically closed because it has not had activity in the
-    last month and a half. If this issue is still valid, please ping a maintainer and ask them to check this again.
-    Thank you for your contributions.

.github/workflows/backport.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions

.github/workflows/bump-version.yml

@@ -5,25 +5,52 @@ on:
       version:
         required: true
         default: '7.x.x'
+  workflow_call:
+    inputs:
+      version_call:
+        description: Needs to match, exactly, the name of a version
+        required: true
+        type: string
+    secrets:
+        token:
+          required: true
+        metricsWriteAPIKey:
+          required: true
+env:
+    YARN_ENABLE_IMMUTABLE_INSTALLS: false
 jobs:
   main:
     runs-on: ubuntu-latest
     steps:
     # This is a basic workflow to help you get started with Actions
       - uses: actions-ecosystem/action-regex-match@v2.0.2
+        if: ${{ github.event.inputs.version != '' }}
         id: regex-match
         with:
           text: ${{ github.event.inputs.version }}
           regex: '^(\d+.\d+).\d+(?:-beta.\d+)?$'
-
+      - uses: actions-ecosystem/action-regex-match@v2.0.2
+        if: ${{ inputs.version_call != '' }}
+        id: regex-match-version-call
+        with:
+          text: ${{ inputs.version_call }}
+          regex: '^(\d+.\d+).\d+(?:-beta\d+)?$'
       - name: Validate input version
-        if: ${{ steps.regex-match.outputs.match == '' }}
+        if: ${{ steps.regex-match.outputs.match == '' && github.event.inputs.version != '' }}
         run: |
           echo "The input version format is not correct, please respect:\
           major.minor.patch or major.minor.patch-beta.number format. \
           example: 7.4.3 or 7.4.3-beta.1"
           exit 1
-      - uses: actions/checkout@v2
+      - name: Validate input version call
+        if: ${{ inputs.version_call != '' && steps.regex-match-version-call.outputs.match == '' }}
+        run: |
+          echo "The input version format is not correct, please respect:\
+          major.minor.patch or major.minor.patch-beta<number> format. \
+          example: 7.4.3 or 7.4.3-beta1"
+          exit 1
+
+      - uses: actions/checkout@v3
 
       - name: Set intermedia variables
         id: intermedia
@@ -33,14 +60,8 @@ jobs:
           echo "::set-output name=branch_name::v${{steps.regex-match.outputs.group1}}"
           echo "::set-output name=branch_exist::$(git ls-remote --heads https://github.com/grafana/grafana.git v${{ steps.regex-match.outputs.group1 }}.x | wc -l)"
 
-      - name: Check input version is aligned with branch(not main)
-        if: steps.intermedia.outputs.branch_exist != '0' && !contains(steps.intermedia.outputs.short_ref, steps.intermedia.outputs.branch_name)
-        run: |
-          echo " You need to run the workflow on branch v${{steps.regex-match.outputs.group1}}.x
-          exit 1
-
       - name: Check input version is aligned with branch(main)
-        if: steps.intermedia.outputs.branch_exist == '0' && !contains(steps.intermedia.outputs.short_ref, 'main')
+        if: ${{ github.event.inputs.version != '' && steps.intermedia.outputs.branch_exist == '0' && !contains(steps.intermedia.outputs.short_ref, 'main') }}
         run: |
           echo "When you want to deliver a new new minor version, you might want to create a new branch first \
           with naming convention v[major].[minor].x, and just run the workflow on that branch. \
@@ -48,18 +69,26 @@ jobs:
           exit 1
 
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions
           ref: main
-      - uses: actions/setup-node@v2.4.1
+      - uses: actions/setup-node@v3.2.0
         with:
-          node-version: '14'
+          node-version: '16'
       - name: Install Actions
         run: npm install --production --prefix ./actions
-      - name: Run bump version
+      - name: Run bump version (manually invoked)
+        if: ${{ github.event.inputs.version != '' }}
         uses: ./actions/bump-version
         with:
-          token: ${{secrets.GH_BOT_ACCESS_TOKEN}}
-          metricsWriteAPIKey: ${{secrets.GRAFANA_MISC_STATS_API_KEY}}
+          token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+          metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
+      - name: Run bump version (workflow invoked)
+        if: ${{ inputs.version_call != '' }}
+        uses: ./actions/bump-version
+        with:
+          version_call: ${{ inputs.version_call }}
+          token: ${{ secrets.token }}
+          metricsWriteAPIKey: ${{ secrets.metricsWriteAPIKey }}

.github/workflows/close-milestone.yml

@@ -0,0 +1,39 @@
+name: Close milestone
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        required: true
+        description: Needs to match, exactly, the name of a milestone
+  workflow_call:
+    inputs:
+      version_call:
+        description: Needs to match, exactly, the name of a milestone
+        required: true
+        type: string
+    secrets:
+      token:
+        required: true
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Actions
+        uses: actions/checkout@v3
+        with:
+          repository: "grafana/grafana-github-actions"
+          path: ./actions
+          ref: main
+      - name: Install Actions
+        run: npm install --production --prefix ./actions
+      - name: Close milestone (manually invoked)
+        if: ${{ github.event.inputs.version != '' }}
+        uses: ./actions/close-milestone
+        with:
+          token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+      - name: Close milestone (workflow invoked)
+        if: ${{ inputs.version_call != '' }}
+        uses: ./actions/close-milestone
+        with:
+          version_call: ${{ inputs.version_call }}
+          token: ${{ secrets.token }}

.github/workflows/cloud-data-sources-code-coverage.yml

@@ -0,0 +1,20 @@
+name: Cloud data sources test code coverage
+on:
+  pull_request:
+    paths:
+      - 'pkg/tsdb/azuremonitor/**'
+      - 'pkg/tsdb/cloudwatch/**'
+      - 'pkg/tsdb/cloudmonitoring/**'
+      - 'public/app/plugins/datasource/grafana-azure-monitor-datasource/**'
+      - 'public/app/plugins/datasource/cloudwatch/**'
+      - 'public/app/plugins/datasource/cloud-monitoring/**'
+    branches-ignore:
+      - dependabot/**
+      - backport-*
+
+jobs:
+  workflow-call:
+    uses: grafana/code-coverage/.github/workflows/code-coverage.yml@v0.1.6
+    with:
+      frontend-path-regexp: public\/app\/plugins\/datasource\/(grafana-azure-monitor-datasource|cloud-monitoring|cloudwatch)
+      backend-path-regexp: pkg\/tsdb\/(azuremonitor|cloudmonitoring|cloudwatch)

.github/workflows/codeql-analysis.yml

@@ -8,9 +8,12 @@ name: "CodeQL"
 on:
   push:
     branches: [main, v1.8.x, v2.0.x, v2.1.x, v2.6.x, v3.0.x, v3.1.x, v4.0.x, v4.1.x, v4.2.x, v4.3.x, v4.4.x, v4.5.x, v4.6.x, v4.7.x, v5.0.x, v5.1.x, v5.2.x, v5.3.x, v5.4.x, v6.0.x, v6.1.x, v6.2.x, v6.3.x, v6.4.x, v6.5.x, v6.6.x, v6.7.x, v7.0.x, v7.1.x, v7.2.x]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [main]
+    paths-ignore:
+      - '**/*.cue'
+      - '**/*.json'
+      - '**/*.md'
+      - '**/*.txt'
+      - '**/*.yml'
   schedule:
     - cron: '0 4 * * 6'
 
@@ -30,7 +33,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can checkout the head.
@@ -46,21 +49,5 @@ jobs:
         # Prefix the list here with "+" to use these queries and those in the config file.
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v1

.github/workflows/commands.yml

@@ -1,16 +1,17 @@
 name: Run commands when issues are labeled or comments added
 on:
   issues:
-    types: [labeled]
+    types: [labeled, unlabeled]
   issue_comment:
     types: [created]
-
+concurrency:
+  group: issue-commands-${{ github.event.issue.number }}
 jobs:
   main:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions

.github/workflows/detect-breaking-changes-build.yml

@@ -0,0 +1,149 @@
+name: Levitate / Detect breaking changes
+
+on: pull_request
+
+jobs:
+  buildPR:
+    name: Build PR
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: './pr'
+
+    steps:
+    - uses: actions/checkout@v3
+      with: 
+        path: './pr'
+
+    - uses: actions/setup-node@v3
+      with:
+        node-version: 16.16.0
+
+    - name: Get yarn cache directory path
+      id: yarn-cache-dir-path
+      run: echo "::set-output name=dir::$(yarn config get cacheFolder)"
+    
+    - name: Restore yarn cache
+      uses: actions/cache@v2
+      id: yarn-cache
+      with:
+        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+        key: yarn-cache-folder-${{ hashFiles('**/yarn.lock', '.yarnrc.yml') }}
+        restore-keys: |
+          yarn-cache-folder-
+      
+    - name: Install dependencies
+      run: yarn install --immutable
+
+    - name: Build packages
+      run: yarn packages:build
+
+    - name: Zip built packages
+      run: zip -r ./pr_built_packages.zip ./packages/**/dist
+
+    - name: Upload build output as artifact
+      uses: actions/upload-artifact@v2
+      with:
+        name: buildPr
+        path: './pr/pr_built_packages.zip'
+
+  buildBase:
+    name: Build Base
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: './base'
+
+    steps:
+    - uses: actions/checkout@v3
+      with: 
+        path: './base'
+        ref: ${{ github.event.pull_request.base.ref }}
+
+    - uses: actions/setup-node@v3
+      with:
+        node-version: 16.16.0
+
+    - name: Get yarn cache directory path
+      id: yarn-cache-dir-path
+      run: echo "::set-output name=dir::$(yarn config get cacheFolder)"
+    
+    - name: Restore yarn cache
+      uses: actions/cache@v2
+      id: yarn-cache
+      with:
+        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+        key: yarn-cache-folder-${{ hashFiles('**/yarn.lock', '.yarnrc.yml') }}
+        restore-keys: |
+          yarn-cache-folder-
+      
+    - name: Install dependencies
+      run: yarn install --immutable
+
+    - name: Build packages
+      run: yarn packages:build
+
+    - name: Zip built packages
+      run: zip -r ./base_built_packages.zip ./packages/**/dist
+
+    - name: Upload build output as artifact
+      uses: actions/upload-artifact@v2
+      with:
+        name: buildBase
+        path: './base/base_built_packages.zip'
+
+  Detect:
+    name: Detect breaking changes
+    runs-on: ubuntu-latest
+    needs: ['buildPR', 'buildBase']
+    env:
+      GITHUB_STEP_NUMBER: 7
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Get built packages from pr
+        uses: actions/download-artifact@v3
+        with:
+          name: buildPr
+
+      - name: Get built packages from base
+        uses: actions/download-artifact@v3
+        with:
+          name: buildBase
+      
+      - name: Unzip artifact from pr
+        run: unzip pr_built_packages.zip -d ./pr && rm pr_built_packages.zip
+
+      - name: Unzip artifact from base
+        run: unzip base_built_packages.zip -d ./base && rm base_built_packages.zip
+
+      - name: Get link for the Github Action job
+        id: job
+        uses: actions/github-script@v6
+        with:
+          script: |
+              const script = require('./.github/workflows/scripts/pr-get-job-link.js')
+              await script({github, context, core})
+
+      - name: Detect breaking changes
+        id: breaking-changes
+        run: ./scripts/check-breaking-changes.sh 
+        env:
+          FORCE_COLOR: 3
+          GITHUB_JOB_LINK: ${{ steps.job.outputs.link }}
+
+      - name: Persisting the check output
+        run: |
+            mkdir -p ./levitate
+            echo "{ \"exit_code\": ${{ steps.breaking-changes.outputs.is_breaking }}, \"message\": \"${{ steps.breaking-changes.outputs.message }}\", \"job_link\": \"${{ steps.job.outputs.link }}#step:${GITHUB_STEP_NUMBER}:1\", \"pr_number\": \"${{ github.event.pull_request.number }}\" }" > ./levitate/result.json
+
+      - name: Upload check output as artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: levitate
+          path: levitate/
+        
+      - name: Exit
+        run: exit ${{ steps.breaking-changes.outputs.is_breaking }}
+        shell: bash

.github/workflows/detect-breaking-changes-report.yml

@@ -0,0 +1,184 @@
+name: Levitate / Report breaking changes
+
+on:
+  workflow_run:
+    workflows: ["Levitate / Detect breaking changes"]
+    types: [completed]
+
+jobs:
+  notify:
+    name: Report
+    runs-on: ubuntu-latest
+    env:
+      ARTIFACT_FOLDER: '${{ github.workspace }}/tmp'
+      ARTIFACT_NAME: 'levitate'
+
+    steps:
+    - uses: actions/checkout@v3
+    
+    - name: 'Download artifact'
+      uses: actions/github-script@v6
+      env:
+        RUN_ID: ${{ github.event.workflow_run.id }}
+      with:
+        script: |
+          const fs = require('fs');
+
+          const { owner, repo } = context.repo;
+          const runId = process.env.RUN_ID;
+          const artifactName = process.env.ARTIFACT_NAME;
+          const artifactFolder = process.env.ARTIFACT_FOLDER;
+          const artifacts = await github.rest.actions.listWorkflowRunArtifacts({
+              owner,
+              repo,
+              run_id: runId,
+          });
+          const artifact = artifacts.data.artifacts.find(a => a.name === artifactName);
+        
+          if (!artifact) {
+              throw new Error(`Could not find artifact ${ artifactName } in workflow (${ runId })`);
+          }
+
+          const download = await github.rest.actions.downloadArtifact({
+              owner,
+              repo,
+              artifact_id: artifact.id,
+              archive_format: 'zip',
+          });
+
+          fs.mkdirSync(artifactFolder, { recursive: true });
+          fs.writeFileSync(`${ artifactFolder }/${ artifactName }.zip`, Buffer.from(download.data));
+        
+    - name: Unzip artifact
+      run: unzip "${ARTIFACT_FOLDER}/${ARTIFACT_NAME}.zip" -d "${ARTIFACT_FOLDER}"
+    
+    - name: Parsing levitate result
+      uses: actions/github-script@v6
+      id: levitate-run
+      with:
+        script: |
+          const filePath = `${ process.env.ARTIFACT_FOLDER }/result.json`;
+          const script = require('./.github/workflows/scripts/json-file-to-job-output.js');
+          await script({ core, filePath });
+
+    - name: Check if "levitate breaking change" label exists
+      id: does-label-exist
+      uses: actions/github-script@v6
+      env:
+        PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0].number }}
+      with:
+        script: |
+          const { data } = await github.rest.issues.listLabelsOnIssue({
+            issue_number: process.env.PR_NUMBER,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+          });
+          const labels = data.map(({ name }) => name);
+          const doesExist = labels.includes('levitate breaking change');
+
+          return doesExist ? 1 : 0;
+
+    - name: Comment on PR
+      if: ${{ steps.levitate-run.outputs.exit_code == 1 }}
+      uses: marocchino/sticky-pull-request-comment@v2
+      with:
+        number: ${{ steps.levitate-run.outputs.pr_number }}
+        message: |
+          ⚠️   **Possible breaking changes**
+
+          _(Open the links below in a new tab to go to the correct steps)_
+
+          ${{ steps.levitate-run.outputs.message }}
+
+          [Console output](${{ steps.levitate-run.outputs.job_link }})
+          [Read our guideline](https://github.com/grafana/grafana/blob/main/contribute/breaking-changes-guide.md)
+
+    - name: Remove comment on PR
+      if: ${{ steps.levitate-run.outputs.exit_code == 0 }}
+      uses: marocchino/sticky-pull-request-comment@v2
+      with:
+        number: ${{ steps.levitate-run.outputs.pr_number }}
+        delete: true
+
+    # Posts a notification to Slack if a PR has a breaking change and it did not have a breaking change before
+    - name: Post to Slack
+      id: slack
+      if: ${{ steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 }}
+      uses: slackapi/slack-github-action@v1.18.0
+      with:
+        payload: |
+          {
+            "pr_link": "https://github.com/grafana/grafana/pull/${{ steps.levitate-run.outputs.pr_number }}",
+            "pr_number": "${{ steps.levitate-run.outputs.pr_number }}",
+            "job_link": "${{ steps.levitate-run.outputs.job_link }}",
+            "reporting_job_link": "${{ github.event.workflow_run.html_url }}",
+            "message": "${{ steps.levitate-run.outputs.message }}"
+          }
+      env:
+        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_LEVITATE_WEBHOOK_URL }}
+
+    - name: Add "levitate breaking change" label
+      if: ${{ steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 }}
+      uses: actions/github-script@v6
+      env:
+        PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
+      with:
+        github-token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+        script: |
+          await github.rest.issues.addLabels({
+            issue_number: process.env.PR_NUMBER,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            labels: ['levitate breaking change']
+          })
+
+    - name: Remove "levitate breaking change" label
+      if: ${{ steps.levitate-run.outputs.exit_code == 0 && steps.does-label-exist.outputs.result == 1 }}
+      uses: actions/github-script@v6
+      env:
+        PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
+      with:
+        github-token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+        script: |
+          await github.rest.issues.removeLabel({
+            issue_number: process.env.PR_NUMBER,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            name: 'levitate breaking change'
+          })
+
+    # This is very weird, the actual request goes through (comes back with a 201), but does not assign the team.
+    # Related issue: https://github.com/renovatebot/renovate/issues/1908
+    - name: Add "grafana/plugins-platform-frontend" as a reviewer
+      if: ${{ steps.levitate-run.outputs.exit_code == 1 }}
+      uses: actions/github-script@v6
+      env:
+        PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
+      with:
+        github-token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+        script: |
+          await github.rest.pulls.requestReviewers({
+            pull_number: process.env.PR_NUMBER,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            reviewers: [],
+            team_reviewers: ['grafana/plugins-platform-frontend']
+          });
+
+    - name: Remove "grafana/plugins-platform-frontend" from the list of reviewers
+      if: ${{ steps.levitate-run.outputs.exit_code == 0 }}
+      uses: actions/github-script@v6
+      env:
+        PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
+      with:
+        github-token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+        script: |
+          await github.rest.pulls.removeRequestedReviewers({
+            pull_number: process.env.PR_NUMBER,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            reviewers: [],
+            team_reviewers: ['grafana/plugins-platform-frontend']
+          });
+
+

.github/workflows/doc-validator.yml

@@ -0,0 +1,16 @@
+name: "doc-validator"
+on:
+  pull_request:
+    paths: ["docs/sources/**"]
+  workflow_dispatch:
+jobs:
+  doc-validator:
+    runs-on: "ubuntu-latest"
+    container:
+      image: "grafana/doc-validator:latest"
+    steps:
+      - name: "Checkout code"
+        uses: "actions/checkout@v3"
+      - name: "Run doc-validator tool"
+        # Ensure that the CI always passes until all errors are resolved.
+        run: "doc-validator ./docs/sources || true"

.github/workflows/enterprise-pr-check.yml

@@ -0,0 +1,26 @@
+name: Enterprise PR check
+on:
+  pull_request:
+    branches:
+      - main
+      - 'v[0-9]+.[0-9]+.x'
+jobs:
+  dispatch:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Actions
+        uses: actions/checkout@v2
+        with:
+          repository: "grafana/grafana-github-actions"
+          path: ./actions
+          ref: main
+      - name: Install Actions
+        run: npm install --production --prefix ./actions
+      - name: Repository Dispatch
+        uses: ./actions/repository-dispatch
+        with:
+          token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+          repository: grafana/grafana-enterprise
+          event_type: oss-pull-request
+          client_payload:
+            '{"source_branch": "${{ github.head_ref }}", "target_branch": "${{ github.base_ref }}", "pr_number": "${{ github.event.number }}"}'

.github/workflows/github-release.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions

.github/workflows/metrics-collector.yml

@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions

.github/workflows/milestone.yml

@@ -0,0 +1,21 @@
+name: Close Milestone
+on:
+  workflow_dispatch:
+    inputs:
+      version_input:
+        description: 'The version to be released please respect: major.minor.patch or major.minor.patch-beta<number> format. example: 7.4.3 or 7.4.3-beta1'
+        required: true
+jobs:
+  call-remove-milestone:
+    uses: grafana/grafana/.github/workflows/remove-milestone.yml@main
+    with:
+      version_call: ${{ github.event.inputs.version_input }}
+    secrets:
+      token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+  call-close-milestone:
+    uses: grafana/grafana/.github/workflows/close-milestone.yml@main
+    with:
+      version_call: ${{ github.event.inputs.version_input }}
+    secrets:
+      token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+    needs: call-remove-milestone

.github/workflows/pr-checks.yml

@@ -1,20 +1,27 @@
 name: PR Checks
 on:
-  pull_request:
+  pull_request_target:
     types:
       - opened
+      - reopened
       - synchronize
+      - ready_for_review
+      - labeled
+      - unlabeled
+      - edited
   issues:
     types:
       - milestoned
       - demilestoned
-
+concurrency:
+  group: pr-checks-${{ github.event.number }}
 jobs:
   main:
     runs-on: ubuntu-latest
+    if: github.event.pull_request.draft == false
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions

.github/workflows/pr-codeql-analysis-go.yml

@@ -0,0 +1,29 @@
+name: "CodeQL for PR / go"
+
+on:
+  pull_request:
+    branches: [main]
+    paths:
+      - '**/*.go'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: "go"
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/pr-codeql-analysis-javascript.yml

@@ -0,0 +1,31 @@
+name: "CodeQL for PR / javascript"
+
+on:
+  pull_request:
+    branches: [main]
+    paths:
+      - '**/*.js'
+      - '**/*.ts'
+      - '**/*.tsx'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: "javascript"
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/pr-codeql-analysis-python.yml

@@ -0,0 +1,29 @@
+name: "CodeQL for PR / python"
+
+on:
+  pull_request:
+    branches: [main]
+    paths:
+      - '**/*.py'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: "python"
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/pr-commands-closed.yml

@@ -3,7 +3,8 @@ on:
   pull_request:
     types:
       - closed      
-
+concurrency:
+  group: pr-commands-closed-${{ github.event.number }}
 jobs:
   close_job:
     # this job will only run if the PR has been closed without being merged

.github/workflows/pr-commands.yml

@@ -4,13 +4,14 @@ on:
     types:
       - opened
       - synchronize
-
+concurrency:
+  group: pr-commands-${{ github.event.number }}
 jobs:
   main:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions

.github/workflows/prepare-release.yml

@@ -0,0 +1,23 @@
+name: Prepare release
+on:
+  workflow_dispatch:
+    inputs:
+      version_input:
+        description: 'The version to be released please respect: major.minor.patch or major.minor.patch-beta<number> format. example: 7.4.3 or 7.4.3-beta1'
+        required: true
+jobs:
+  call-bump-version:
+    uses: grafana/grafana/.github/workflows/bump-version.yml@main
+    with:
+      version_call: ${{ github.event.inputs.version_input }}
+    secrets:
+      token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+      metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
+  call-update-changelog:
+    uses: grafana/grafana/.github/workflows/update-changelog.yml@main
+    with:
+      version_call: ${{ github.event.inputs.version_input }}
+    secrets:
+      token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+      metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
+    needs: call-bump-version

.github/workflows/publish.yml

@@ -3,7 +3,7 @@ name: publish_docs
 on:
   push:
     branches:
-    - main
+    - v9.0.x
     paths:
     - 'docs/sources/**'
     - 'packages/grafana-*/**'
@@ -14,17 +14,17 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v1
+    - uses: actions/checkout@v3
     - run: git clone --single-branch --no-tags --depth 1 -b master https://grafanabot:${{ secrets.GH_BOT_ACCESS_TOKEN }}@github.com/grafana/website-sync ./.github/actions/website-sync
     - name: generate-packages-docs
-      uses: actions/setup-node@v2.4.1
+      uses: actions/setup-node@v3.2.0
       id: generate-docs
       with:
-        node-version: '14'
+        node-version: '16'
     - name: Get yarn cache directory path
       id: yarn-cache-dir-path
       run: echo "::set-output name=dir::$(yarn config get cacheFolder)"
-    - uses: actions/cache@v2.1.6
+    - uses: actions/cache@v2.1.7
       with:
         path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
         key: yarn-${{ hashFiles('**/yarn.lock') }}
@@ -41,7 +41,7 @@ jobs:
         host: github.com
         github_pat: '${{ secrets.GH_BOT_ACCESS_TOKEN }}'
         source_folder: docs/sources
-        target_folder: content/docs/grafana/next
+        target_folder: content/docs/grafana/v9.0
         allow_no_changes: 'true'
     - shell: bash
       run: |

.github/workflows/remove-milestone.yml

@@ -5,19 +5,35 @@ on:
       version:
         required: true
         description: Needs to match, exactly, the name of a milestone
+  workflow_call:
+    inputs:
+      version_call:
+        description: Needs to match, exactly, the name of a milestone
+        required: true
+        type: string
+    secrets:
+      token:
+        required: true
 jobs:
   main:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions
           ref: main
       - name: Install Actions
         run: npm install --production --prefix ./actions
-      - name: Remove milestone from open issues
+      - name: Remove milestone from open issues (manually invoked)
+        if: ${{ github.event.inputs.version != '' }}
         uses: ./actions/remove-milestone
         with:
-          token: ${{secrets.GH_BOT_ACCESS_TOKEN}}
+          token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+      - name: Remove milestone from open issues (workflow invoked)
+        if: ${{ inputs.version_call != '' }}
+        uses: ./actions/remove-milestone
+        with:
+          version_call: ${{ inputs.version_call }}
+          token: ${{ secrets.token }}

.github/workflows/scripts/json-file-to-job-output.js

@@ -0,0 +1,27 @@
+module.exports = async ({ core, filePath }) => {
+    try {
+        const fs = require('fs');
+        const content = await readFile(fs, filePath);
+        const result = JSON.parse(content);
+    
+        core.startGroup('Parsing json file...');
+
+        for (const property in result) {
+            core.info(`${property} <- ${result[property]}`);
+            core.setOutput(property, result[property]);
+        }
+
+        core.endGroup();
+    } catch (error) {
+        core.restFailed(error.message);
+    }
+}
+
+async function readFile(fs, path) {
+    return new Promise((resolve, reject) => {
+        fs.readFile(path, (error, data) => {
+            if (error) return reject(error);
+            return resolve(data);
+        });
+    });
+}

.github/workflows/scripts/pr-get-job-link.js

@@ -0,0 +1,9 @@
+
+module.exports = async ({ github, context, core }) => {
+    const { owner, repo } = context.repo;
+    const url = `https://api.github.com/repos/${owner}/${repo}/actions/runs/${context.runId}/jobs`
+    const result = await github.request(url)
+    const link = `https://github.com/grafana/grafana/runs/${result.data.jobs[0].id}?check_suite_focus=true`;
+
+    core.setOutput('link', link);
+}

.github/workflows/stale.yml

@@ -0,0 +1,33 @@
+name: 'Close stale issues and PRs'
+on:
+  schedule:
+    - cron: '30 1 * * *'
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v5
+        with:
+          repo-token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+          # Number of days of inactivity before a stale Issue or Pull Request is closed.
+          # Set to -1 to disable. If disabled, issues still need to be closed manually, but will remain marked as stale.
+          days-before-close: 14
+          # Number of days of inactivity before an Issue or Pull Request becomes stale
+          days-before-stale: 30
+          # We don't want any Issues to be marked as stale for now.
+          days-before-issue-stale: -1
+          exempt-issue-labels: no stalebot
+          exempt-pr-labels: no stalebot
+          operations-per-run: 500
+          stale-issue-label: stale
+          stale-pr-label: stale
+          stale-pr-message: >
+            This pull request has been automatically marked as stale because it has not had
+            activity in the last 30 days. It will be closed in 2 weeks if no further activity occurs. Please
+            feel free to give a status update now, ping for review, or re-open when it's ready.
+            Thank you for your contributions!
+          close-pr-message: >
+            This pull request has been automatically closed because it has not had
+            activity in the last 2 weeks. Please feel free to give a status update now, ping for review, or re-open when it's ready.
+            Thank you for your contributions!

.github/workflows/update-changelog.yml

@@ -3,22 +3,41 @@ on:
   workflow_dispatch:
     inputs:
       version:
-        required: true        
+        required: true
         description: Needs to match, exactly, the name of a milestone
+  workflow_call:
+    inputs:
+      version_call:
+        description: Needs to match, exactly, the name of a milestone
+        required: true
+        type: string
+    secrets:
+        token:
+          required: true
+        metricsWriteAPIKey:
+          required: true
 jobs:
   main:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Actions
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: "grafana/grafana-github-actions"
           path: ./actions
-          ref: main      
+          ref: main
       - name: Install Actions
         run: npm install --production --prefix ./actions
-      - name: Run update changelog
+      - name: Run update changelog (manually invoked)
+        if: ${{ github.event.inputs.version != '' }}
         uses: ./actions/update-changelog
         with:
-          token: ${{secrets.GH_BOT_ACCESS_TOKEN}}
-          metricsWriteAPIKey: ${{secrets.GRAFANA_MISC_STATS_API_KEY}}
+          token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
+          metricsWriteAPIKey: ${{ secrets.GRAFANA_MISC_STATS_API_KEY }}
+      - name: Run update changelog (workflow invoked)
+        if: ${{ inputs.version_call != '' }}
+        uses: ./actions/update-changelog
+        with:
+          version_call: ${{ inputs.version_call }}
+          token: ${{ secrets.token }}
+          metricsWriteAPIKey: ${{ secrets.metricsWriteAPIKey }}

.gitignore

@@ -7,15 +7,16 @@ awsconfig
 /.awcache
 /dist
 /public/build
-public/dist/tsconfig.tsbuildinfo
 /public/views/index.html
 /public/views/error.html
 /emails/dist
 /reports
 /e2e/tmp
+/scripts/grafana-server/tmp
 vendor/
 /docs/menu.yaml
 /requests
+tsconfig.tsbuildinfo
 
 # Yarn
 .yarn/*
@@ -38,6 +39,7 @@ vendor/
 
 # Enterprise devenv
 /devenv/docker/blocks/grafana-enterprise
+/devenv/docker/blocks/saml-enterprise
 
 /tmp
 tools/phantomjs/phantomjs
@@ -115,6 +117,7 @@ debug.test
 
 /scripts/build/release_publisher/release_publisher
 *.patch
+!.yarn/patches/*.patch
 
 # Ignoring frontend packages specifics
 /packages/**/dist
@@ -136,6 +139,12 @@ compilation-stats.json
 /e2e/**/screenshots
 !/e2e/**/screenshots/expected/*
 /e2e/**/videos/*
+/e2e/benchmarks/**/results/*
+/e2e/benchmarks/**/results
+/e2e/build_results.zip
+
+# grafana server
+/scripts/grafana-server/server.log
 
 # a11y tests
 /pa11y-ci-results.json
@@ -149,5 +158,12 @@ compilation-stats.json
 
 # auto generated Go files
 *_gen.go
+!pkg/services/featuremgmt/toggles_gen.go
+
+# Auto-generated localisation files
+public/locales/_build/
+public/locales/**/*.js
 
 deployment_tools_config.json
+
+.betterer.cache

.husky/pre-commit

@@ -1,4 +1,8 @@
 #!/bin/sh
+
+# Ignore husky hooks if no frontend code has been changed
+git diff --cached --name-only | grep -v --quiet "^pkg/" || exit 0
+
 . "$(dirname "$0")/_/husky.sh"
 
 yarn run precommit

.linguirc

@@ -0,0 +1,32 @@
+{
+  "locales": [
+    "en",
+    "fr",
+    "es",
+    "pseudo-LOCALE"
+  ],
+  "catalogs": [
+    {
+      "path": "public/locales/{locale}/messages",
+      "include": [
+        "public/app"
+      ],
+      "exclude": [
+        "**/*.d.ts",
+        "**/*.test.ts",
+        "**/node_modules/**",
+        "public/app/plugins"
+      ]
+    }
+  ],
+  "fallbackLocales": {
+    "pseudo-LOCALE": "en",
+    "default": "en"
+  },
+  "pseudoLocale": "pseudo-LOCALE",
+  "sourceLocale": "en",
+  "format": "po",
+  "formatOptions": {
+    "lineNumbers": false
+  }
+}

.nvmrc

@@ -0,0 +1 @@
+v16.14.0

.prettierignore

@@ -1,13 +1,27 @@
 .git
 .github
-dist/
-pkg/
-node_modules
-public/vendor/
-vendor/
-/data/
+.yarn
+build
+compiled
+data
+deployment_tools_config.json
+devenv
+dist
 e2e/tmp
-public/build/
-public/sass/*.generated.scss
-devenv/
+node_modules
+pkg
 public/lib/monaco
+public/sass/*.generated.scss
+scripts/grafana-server/tmp
+vendor
+
+# TS generate from cue by cuetsy
+**/*.gen.ts
+
+# Auto-generated localisation files
+public/locales/_build/
+public/locales/**/*.js
+
+# Auto-generated theme files
+theme.light.generated.json
+theme.dark.generated.json

.vscode/launch.json

@@ -8,13 +8,15 @@
       "mode": "auto",
       "program": "${workspaceFolder}/pkg/cmd/grafana-server/",
       "env": {},
+      "cwd": "${workspaceFolder}",
       "args": ["--homepath", "${workspaceFolder}", "--packaging", "dev"]
     },
     {
       "name": "Debug Jest test",
       "type": "node",
       "request": "launch",
-      "runtimeArgs": ["--inspect-brk", "${workspaceRoot}/node_modules/.bin/jest", "--runInBand", "${file}"],
+      "runtimeExecutable": "yarn",
+      "runtimeArgs": ["run", "jest", "--runInBand", "${file}"],
       "console": "integratedTerminal",
       "internalConsoleOptions": "neverOpen",
       "port": 9229

.yarn/sdks/eslint/package.json

@@ -1,6 +1,6 @@
 {
   "name": "eslint",
-  "version": "7.28.0-sdk",
+  "version": "8.11.0-sdk",
   "main": "./lib/api.js",
   "type": "commonjs"
 }

.yarn/sdks/prettier/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prettier",
-  "version": "2.2.1-sdk",
+  "version": "2.6.0-sdk",
   "main": "./index.js",
   "type": "commonjs"
 }

.yarn/sdks/stylelint/bin/stylelint.js

@@ -1,20 +0,0 @@
-#!/usr/bin/env node
-
-const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
-const {resolve} = require(`path`);
-
-const relPnpApiPath = "../../../../.pnp.cjs";
-
-const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
-
-if (existsSync(absPnpApiPath)) {
-  if (!process.versions.pnp) {
-    // Setup the environment to be able to require stylelint/bin/stylelint.js
-    require(absPnpApiPath).setup();
-  }
-}
-
-// Defer to the real stylelint/bin/stylelint.js your application uses
-module.exports = absRequire(`stylelint/bin/stylelint.js`);

.yarn/sdks/stylelint/lib/index.js

@@ -1,20 +0,0 @@
-#!/usr/bin/env node
-
-const {existsSync} = require(`fs`);
-const {createRequire, createRequireFromPath} = require(`module`);
-const {resolve} = require(`path`);
-
-const relPnpApiPath = "../../../../.pnp.cjs";
-
-const absPnpApiPath = resolve(__dirname, relPnpApiPath);
-const absRequire = (createRequire || createRequireFromPath)(absPnpApiPath);
-
-if (existsSync(absPnpApiPath)) {
-  if (!process.versions.pnp) {
-    // Setup the environment to be able to require stylelint/lib/index.js
-    require(absPnpApiPath).setup();
-  }
-}
-
-// Defer to the real stylelint/lib/index.js your application uses
-module.exports = absRequire(`stylelint/lib/index.js`);

.yarn/sdks/stylelint/package.json

@@ -1,6 +0,0 @@
-{
-  "name": "stylelint",
-  "version": "14.0.1-sdk",
-  "main": "lib/index.js",
-  "type": "commonjs"
-}

.yarn/sdks/typescript/lib/tsserver.js

@@ -18,6 +18,7 @@ const moduleWrapper = tsserver => {
   const pnpApi = require(`pnpapi`);
 
   const isVirtual = str => str.match(/\/(\$\$virtual|__virtual__)\//);
+  const isPortal = str => str.startsWith("portal:/");
   const normalize = str => str.replace(/\\/g, `/`).replace(/^\/?/, `/`);
 
   const dependencyTreeRoots = new Set(pnpApi.getDependencyTreeRoots().map(locator => {
@@ -44,7 +45,7 @@ const moduleWrapper = tsserver => {
       const resolved = isVirtual(str) ? pnpApi.resolveVirtual(str) : str;
       if (resolved) {
         const locator = pnpApi.findPackageLocator(resolved);
-        if (locator && dependencyTreeRoots.has(`${locator.name}@${locator.reference}`)) {
+        if (locator && (dependencyTreeRoots.has(`${locator.name}@${locator.reference}`) || isPortal(locator.reference))) {
           str = resolved;
         }
       }
@@ -60,18 +61,26 @@ const moduleWrapper = tsserver => {
           //
           // Ref: https://github.com/microsoft/vscode/issues/105014#issuecomment-686760910
           //
-          // Update Oct 8 2021: VSCode changed their format in 1.61.
+          // Update 2021-10-08: VSCode changed their format in 1.61.
           // Before | ^zip:/c:/foo/bar.zip/package.json
           // After  | ^/zip//c:/foo/bar.zip/package.json
           //
+          // Update 2022-04-06: VSCode changed the format in 1.66.
+          // Before | ^/zip//c:/foo/bar.zip/package.json
+          // After  | ^/zip/c:/foo/bar.zip/package.json
+          //
           case `vscode <1.61`: {
             str = `^zip:${str}`;
           } break;
 
-          case `vscode`: {
+          case `vscode <1.66`: {
             str = `^/zip/${str}`;
           } break;
 
+          case `vscode`: {
+            str = `^/zip${str}`;
+          } break;
+
           // To make "go to definition" work,
           // We have to resolve the actual file system path from virtual path
           // and convert scheme to supported by [vim-rzip](https://github.com/lbrayner/vim-rzip)
@@ -85,7 +94,7 @@ const moduleWrapper = tsserver => {
           // everything else is up to neovim
           case `neovim`: {
             str = normalize(resolved).replace(/\.zip\//, `.zip::`);
-            str = `zipfile:${str}`;
+            str = `zipfile://${str}`;
           } break;
 
           default: {
@@ -100,8 +109,7 @@ const moduleWrapper = tsserver => {
 
   function fromEditorPath(str) {
     switch (hostInfo) {
-      case `coc-nvim`:
-      case `neovim`: {
+      case `coc-nvim`: {
         str = str.replace(/\.zip::/, `.zip/`);
         // The path for coc-nvim is in format of /<pwd>/zipfile:/<pwd>/.yarn/...
         // So in order to convert it back, we use .* to match all the thing
@@ -111,6 +119,12 @@ const moduleWrapper = tsserver => {
           : str.replace(/^.*zipfile:/, ``);
       } break;
 
+      case `neovim`: {
+        str = str.replace(/\.zip::/, `.zip/`);
+        // The path for neovim is in format of zipfile:///<pwd>/.yarn/...
+        return str.replace(/^zipfile:\/\//, ``);
+      } break;
+
       case `vscode`:
       default: {
         return process.platform === `win32`
@@ -143,8 +157,9 @@ const moduleWrapper = tsserver => {
   let hostInfo = `unknown`;
 
   Object.assign(Session.prototype, {
-    onMessage(/** @type {string} */ message) {
-      const parsedMessage = JSON.parse(message)
+    onMessage(/** @type {string | object} */ message) {
+      const isStringMessage = typeof message === 'string';
+      const parsedMessage = isStringMessage ? JSON.parse(message) : message;
 
       if (
         parsedMessage != null &&
@@ -153,14 +168,23 @@ const moduleWrapper = tsserver => {
         typeof parsedMessage.arguments.hostInfo === `string`
       ) {
         hostInfo = parsedMessage.arguments.hostInfo;
-        if (hostInfo === `vscode` && process.env.VSCODE_IPC_HOOK && process.env.VSCODE_IPC_HOOK.match(/Code\/1\.([1-5][0-9]|60)\./)) {
-          hostInfo += ` <1.61`;
+        if (hostInfo === `vscode` && process.env.VSCODE_IPC_HOOK) {
+          if (/(\/|-)1\.([1-5][0-9]|60)\./.test(process.env.VSCODE_IPC_HOOK)) {
+            hostInfo += ` <1.61`;
+          } else if (/(\/|-)1\.(6[1-5])\./.test(process.env.VSCODE_IPC_HOOK)) {
+            hostInfo += ` <1.66`;
+          }
         }
       }
 
-      return originalOnMessage.call(this, JSON.stringify(parsedMessage, (key, value) => {
-        return typeof value === `string` ? fromEditorPath(value) : value;
-      }));
+      const processedMessageJSON = JSON.stringify(parsedMessage, (key, value) => {
+        return typeof value === 'string' ? fromEditorPath(value) : value;
+      });
+
+      return originalOnMessage.call(
+        this,
+        isStringMessage ? processedMessageJSON : JSON.parse(processedMessageJSON)
+      );
     },
 
     send(/** @type {any} */ msg) {

.yarn/sdks/typescript/lib/tsserverlibrary.js

@@ -18,6 +18,7 @@ const moduleWrapper = tsserver => {
   const pnpApi = require(`pnpapi`);
 
   const isVirtual = str => str.match(/\/(\$\$virtual|__virtual__)\//);
+  const isPortal = str => str.startsWith("portal:/");
   const normalize = str => str.replace(/\\/g, `/`).replace(/^\/?/, `/`);
 
   const dependencyTreeRoots = new Set(pnpApi.getDependencyTreeRoots().map(locator => {
@@ -44,7 +45,7 @@ const moduleWrapper = tsserver => {
       const resolved = isVirtual(str) ? pnpApi.resolveVirtual(str) : str;
       if (resolved) {
         const locator = pnpApi.findPackageLocator(resolved);
-        if (locator && dependencyTreeRoots.has(`${locator.name}@${locator.reference}`)) {
+        if (locator && (dependencyTreeRoots.has(`${locator.name}@${locator.reference}`) || isPortal(locator.reference))) {
           str = resolved;
         }
       }
@@ -60,18 +61,26 @@ const moduleWrapper = tsserver => {
           //
           // Ref: https://github.com/microsoft/vscode/issues/105014#issuecomment-686760910
           //
-          // Update Oct 8 2021: VSCode changed their format in 1.61.
+          // Update 2021-10-08: VSCode changed their format in 1.61.
           // Before | ^zip:/c:/foo/bar.zip/package.json
           // After  | ^/zip//c:/foo/bar.zip/package.json
           //
+          // Update 2022-04-06: VSCode changed the format in 1.66.
+          // Before | ^/zip//c:/foo/bar.zip/package.json
+          // After  | ^/zip/c:/foo/bar.zip/package.json
+          //
           case `vscode <1.61`: {
             str = `^zip:${str}`;
           } break;
 
-          case `vscode`: {
+          case `vscode <1.66`: {
             str = `^/zip/${str}`;
           } break;
 
+          case `vscode`: {
+            str = `^/zip${str}`;
+          } break;
+
           // To make "go to definition" work,
           // We have to resolve the actual file system path from virtual path
           // and convert scheme to supported by [vim-rzip](https://github.com/lbrayner/vim-rzip)
@@ -85,7 +94,7 @@ const moduleWrapper = tsserver => {
           // everything else is up to neovim
           case `neovim`: {
             str = normalize(resolved).replace(/\.zip\//, `.zip::`);
-            str = `zipfile:${str}`;
+            str = `zipfile://${str}`;
           } break;
 
           default: {
@@ -100,8 +109,7 @@ const moduleWrapper = tsserver => {
 
   function fromEditorPath(str) {
     switch (hostInfo) {
-      case `coc-nvim`:
-      case `neovim`: {
+      case `coc-nvim`: {
         str = str.replace(/\.zip::/, `.zip/`);
         // The path for coc-nvim is in format of /<pwd>/zipfile:/<pwd>/.yarn/...
         // So in order to convert it back, we use .* to match all the thing
@@ -111,6 +119,12 @@ const moduleWrapper = tsserver => {
           : str.replace(/^.*zipfile:/, ``);
       } break;
 
+      case `neovim`: {
+        str = str.replace(/\.zip::/, `.zip/`);
+        // The path for neovim is in format of zipfile:///<pwd>/.yarn/...
+        return str.replace(/^zipfile:\/\//, ``);
+      } break;
+
       case `vscode`:
       default: {
         return process.platform === `win32`
@@ -143,8 +157,9 @@ const moduleWrapper = tsserver => {
   let hostInfo = `unknown`;
 
   Object.assign(Session.prototype, {
-    onMessage(/** @type {string} */ message) {
-      const parsedMessage = JSON.parse(message)
+    onMessage(/** @type {string | object} */ message) {
+      const isStringMessage = typeof message === 'string';
+      const parsedMessage = isStringMessage ? JSON.parse(message) : message;
 
       if (
         parsedMessage != null &&
@@ -153,14 +168,23 @@ const moduleWrapper = tsserver => {
         typeof parsedMessage.arguments.hostInfo === `string`
       ) {
         hostInfo = parsedMessage.arguments.hostInfo;
-        if (hostInfo === `vscode` && process.env.VSCODE_IPC_HOOK && process.env.VSCODE_IPC_HOOK.match(/Code\/1\.([1-5][0-9]|60)\./)) {
-          hostInfo += ` <1.61`;
+        if (hostInfo === `vscode` && process.env.VSCODE_IPC_HOOK) {
+          if (/(\/|-)1\.([1-5][0-9]|60)\./.test(process.env.VSCODE_IPC_HOOK)) {
+            hostInfo += ` <1.61`;
+          } else if (/(\/|-)1\.(6[1-5])\./.test(process.env.VSCODE_IPC_HOOK)) {
+            hostInfo += ` <1.66`;
+          }
         }
       }
 
-      return originalOnMessage.call(this, JSON.stringify(parsedMessage, (key, value) => {
-        return typeof value === `string` ? fromEditorPath(value) : value;
-      }));
+      const processedMessageJSON = JSON.stringify(parsedMessage, (key, value) => {
+        return typeof value === 'string' ? fromEditorPath(value) : value;
+      });
+
+      return originalOnMessage.call(
+        this,
+        isStringMessage ? processedMessageJSON : JSON.parse(processedMessageJSON)
+      );
     },
 
     send(/** @type {any} */ msg) {

.yarn/sdks/typescript/package.json

@@ -1,6 +1,6 @@
 {
   "name": "typescript",
-  "version": "4.4.3-sdk",
+  "version": "4.6.4-sdk",
   "main": "./lib/typescript.js",
   "type": "commonjs"
 }

.yarnrc.yml

@@ -3,42 +3,38 @@ enableTelemetry: false
 nodeLinker: pnp
 
 packageExtensions:
-  "@grafana/slate-react@0.22.10-grafana":
-    peerDependencies:
-      slate-react: ">=0.22.0"
-  "@mdx-js/loader@1.6.22":
+  '@mdx-js/loader@1.6.22':
     peerDependencies:
       react: 17.0.1
-  "@storybook/addon-docs@6.4.4":
+  '@storybook/addon-docs@6.4.21':
     peerDependencies:
-      "@storybook/manager-webpack5": 6.4.4
-  "@storybook/addon-essentials@6.4.4":
+      '@storybook/manager-webpack5': 6.4.21
+  '@storybook/addon-essentials@6.4.21':
     peerDependencies:
-      "@storybook/components": 6.4.4
-      "@storybook/core-events": 6.4.4
-      "@storybook/manager-webpack5": 6.4.4
-      "@storybook/theming": 6.4.4
-  "@storybook/core-server@6.4.4":
+      '@storybook/components': 6.4.21
+      '@storybook/core-events': 6.4.21
+      '@storybook/manager-webpack5': 6.4.21
+      '@storybook/theming': 6.4.21
+  '@storybook/core-server@6.4.21':
     peerDependencies:
-      "@babel/core": ^7.0.0
-  "@storybook/core@6.4.4":
+      '@babel/core': ^7.0.0
+  '@storybook/core@6.4.21':
     peerDependencies:
-      "@babel/core": ^7.0.0
-      "@storybook/manager-webpack5": 6.4.4
-  "@storybook/csf-tools@6.4.4":
+      '@babel/core': ^7.0.0
+      '@storybook/manager-webpack5': 6.4.21
+  '@storybook/csf-tools@6.4.21':
     peerDependencies:
-      "@babel/core": ^7.0.0
-  "@storybook/react@6.4.4":
+      '@babel/core': ^7.0.0
+  '@storybook/react@6.4.21':
     peerDependencies:
-      "@storybook/manager-webpack5": 6.4.4
+      '@storybook/manager-webpack5': 6.4.21
   doctrine@3.0.0:
     dependencies:
       assert: 2.0.0
-  moveable@0.26.0:
+  moveable@0.29.8:
     dependencies:
-      "@daybrush/utils": 1.6.0
+      '@daybrush/utils': 1.6.0
       framework-utils: ^1.1.0
-      react-simple-compat: 1.2.1
   rc-time-picker@3.7.3:
     peerDependencies:
       react: 17.0.1
@@ -47,36 +43,36 @@ packageExtensions:
     peerDependencies:
       react: 17.0.1
       react-dom: 17.0.1
-  react-compat-moveable@0.14.0:
+  react-compat-css-styled@1.0.8:
     dependencies:
-      "@egjs/agent": ^2.2.1
-      "@egjs/children-differ": ^1.0.1
-      "@scena/matrix": 1.1.1
+      react-simple-compat: 1.2.1
+  react-compat-moveable@0.17.8:
+    dependencies:
+      '@egjs/agent': ^2.2.1
+      '@egjs/children-differ': ^1.0.1
+      '@scena/matrix': 1.1.1
       css-to-mat: ^1.0.3
-      gesto: ^1.4.0
+      gesto: ^1.7.0
       overlap-area: ^1.0.0
+      react-simple-compat: 1.2.1
     peerDependencies:
       framework-utils: ^1.1.0
-  react-dev-utils@11.0.4:
-    peerDependencies:
-      typescript: 4.4.3
-      webpack: 5.51.1
   react-docgen-typescript-loader@3.7.2:
     peerDependencies:
       webpack: 4.41.5
   react-icons@2.2.7:
     peerDependencies:
-      prop-types: "*"
+      prop-types: '*'
   react-resizable@3.0.4:
     peerDependencies:
       react-dom: 17.0.1
 
 plugins:
   - path: .yarn/plugins/@yarnpkg/plugin-typescript.cjs
-    spec: "@yarnpkg/plugin-typescript"
+    spec: '@yarnpkg/plugin-typescript'
   - path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
-    spec: "@yarnpkg/plugin-interactive-tools"
+    spec: '@yarnpkg/plugin-interactive-tools'
   - path: .yarn/plugins/@yarnpkg/plugin-outdated.cjs
-    spec: "https://mskelton.dev/yarn-outdated/v2"
+    spec: 'https://mskelton.dev/yarn-outdated/v2'
 
-yarnPath: .yarn/releases/yarn-3.1.1.cjs
+yarnPath: .yarn/releases/yarn-3.2.2.cjs

CONTRIBUTING.md

@@ -46,6 +46,10 @@ If you have an idea of how to improve Grafana, submit an [enhancement request](h
 
 We want to make Grafana accessible to even more people. Submit an [accessibility issue](https://github.com/grafana/grafana/issues/new?labels=type%3A+accessibility&template=3-accessibility.md) to help us understand what we can improve.
 
+### Write documentation
+
+To edit or write technical content, refer to [Contribute to our documentation](/contribute/documentation/README.md). We welcome your expertise and input as our body of technical content grows.
+
 ### Triage issues
 
 If you don't have the knowledge or time to code, consider helping with _issue triage_. The community will thank you for saving them time by spending some of yours.
@@ -76,6 +80,6 @@ Before we can accept your pull request, you need to [sign our CLA](https://grafa
 ## Where do I go from here?
 
 - Set up your [development environment](contribute/developer-guide.md).
-- Learn how to [contribute documentation](contribute/documentation.md).
+- Learn how to [contribute documentation](contribute/README.md).
 - Get started [developing plugins](https://grafana.com/docs/grafana/latest/developers/plugins/) for Grafana.
-- Look through the resources in the [contribute](https://github.com/grafana/grafana/tree/main/contribute) folder.
+- Look through the resources in the [contribute](contribute) folder.

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16-alpine3.14 as js-builder
+FROM node:16-alpine3.15 as js-builder
 
 ENV NODE_OPTIONS=--max_old_space_size=8000
 
@@ -11,7 +11,7 @@ COPY plugins-bundled plugins-bundled
 
 RUN yarn install
 
-COPY tsconfig.json .eslintrc .editorconfig .browserslistrc .prettierrc.js babel.config.json ./
+COPY tsconfig.json .eslintrc .editorconfig .browserslistrc .prettierrc.js babel.config.json .linguirc ./
 COPY public public
 COPY tools tools
 COPY scripts scripts
@@ -20,16 +20,16 @@ COPY emails emails
 ENV NODE_ENV production
 RUN yarn build
 
-FROM golang:1.17.3-alpine3.14 as go-builder
+FROM golang:1.17.12-alpine3.15 as go-builder
 
 RUN apk add --no-cache gcc g++ make
 
 WORKDIR /grafana
 
 COPY go.mod go.sum embed.go Makefile build.go package.json ./
-COPY cue cue
 COPY packages/grafana-schema packages/grafana-schema
 COPY public/app/plugins public/app/plugins
+COPY public/api-spec.json public/api-spec.json
 COPY pkg pkg
 COPY scripts scripts
 COPY cue.mod cue.mod
@@ -39,7 +39,7 @@ RUN go mod verify
 RUN make build-go
 
 # Final stage
-FROM alpine:3.14.3
+FROM alpine:3.15
 
 LABEL maintainer="Grafana team <hello@grafana.com>"
 

Dockerfile.ubuntu

@@ -1,4 +1,4 @@
-FROM node:16-alpine3.14 as js-builder
+FROM node:16-alpine3.15 as js-builder
 
 ENV NODE_OPTIONS=--max_old_space_size=8000
 
@@ -12,7 +12,7 @@ COPY plugins-bundled plugins-bundled
 
 RUN yarn install
 
-COPY tsconfig.json .eslintrc .editorconfig .browserslistrc .prettierrc.js babel.config.json ./
+COPY tsconfig.json .eslintrc .editorconfig .browserslistrc .prettierrc.js babel.config.json .linguirc ./
 COPY public public
 COPY tools tools
 COPY scripts scripts
@@ -21,7 +21,7 @@ COPY emails emails
 ENV NODE_ENV production
 RUN yarn build
 
-FROM golang:1.17.3 AS go-builder
+FROM golang:1.17.12 AS go-builder
 
 WORKDIR /src/grafana
 
@@ -29,10 +29,10 @@ COPY go.mod go.sum embed.go ./
 COPY Makefile build.go package.json ./
 COPY .bingo .bingo
 COPY pkg pkg/
-COPY cue cue/
 COPY cue.mod cue.mod/
 COPY packages/grafana-schema packages/grafana-schema/
 COPY public/app/plugins public/app/plugins/
+COPY public/api-spec.json public/api-spec.json
 
 RUN go mod verify
 RUN make build-go

GOVERNANCE.md

@@ -79,8 +79,7 @@ The current team members are:
 - Dominik Prokop ([Grafana Labs](https://grafana.com/))
 - Emil Tullstedt ([Grafana Labs](https://grafana.com/))
 - Erik Sundell ([Grafana Labs](https://grafana.com/))
-- Fredrik Enestad ([Soundtrack Your Brand](https://www.soundtrackyourbrand.com/))
-- Hugo Häggmark ([Grafana Labs](https://grafana.com/))
+- Fredrik Enestad ([Embark Studios](https://www.embark-studios.com/))
 - Ivana Huckova ([Grafana Labs](https://grafana.com/))
 - Jeroen Op 't Eynde ([Grafana Labs](https://grafana.com/))
 - Jessica Müller ([Grafana Labs](https://grafana.com/))
@@ -100,7 +99,7 @@ The current team members are:
 - Ryan McKinley ([Grafana Labs](https://grafana.com/))
 - Sofia Papagiannaki ([Grafana Labs](https://grafana.com/))
 - Stephanie Closson ([Grafana Labs](https://grafana.com/))
-- Tobias Skarhed ([Grafana Labs](https://grafana.com/))
+- Tobias Skarhed ([CERN](https://home.web.cern.ch/))
 - Torkel Ödegaard ([Grafana Labs](https://grafana.com/))
 - Utkarsh Bhatnagar ([Tinder](https://www.tinder.com/))
 - Will Browne ([Grafana Labs](https://grafana.com/))

HALL_OF_FAME.md

@@ -0,0 +1,5 @@
+# Hall of fame
+
+List of previous team members that have had a big impact on the company or the product and contributed during a long period of time.
+
+- Hugo Häggmark ([School of applied technology](https://salt.study))

ISSUE_TRIAGE.md

@@ -77,11 +77,11 @@ Instructions for setting up filters in Gmail can be found [here](#setting-up-gma
 
 ## 2. Ensure the issue contains basic information
 
-Before triaging an issue very far, make sure that the issue's author provided the standard issue information. This will help you make an educated recommendation on how to categorize the issue. The Grafana project utilizes [GitHub issue templates](https://help.github.com/en/articles/creating-issue-templates-for-your-repository) to guide contributors to provide standard information that must be included for each type of template or type of issue.
+Before triaging an issue very far, make sure that the issue's author provided the standard issue information. This will help you make an educated recommendation on how to categorize the issue. The Grafana project utilizes [GitHub issue templates](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository) to guide contributors to provide standard information that must be included for each type of template or type of issue.
 
 ### Standard issue information that must be included
 
-Given a certain [issue template](<[template](https://github.com/grafana/grafana/issues/new/choose)>) have been used by the issue author or depending how the issue is perceived by the issue triage responsible, the following should help you understand what standard issue information that must be included.
+Given a certain [issue template](https://github.com/grafana/grafana/issues/new/choose) have been used by the issue author or depending how the issue is perceived by the issue triage responsible, the following should help you understand what standard issue information that must be included.
 
 #### Bug reports
 
@@ -192,7 +192,7 @@ First, evaluate if the documentation makes sense to be included in the Grafana p
 
 - Is this something we want/can maintain as a project?
 - Is this referring to usage of some specific integration/tool and in that case is that a popular use case in combination with Grafana?
-- If unsure, kindly and politely add a comment explaining that we would need [upvotes](https://help.github.com/en/articles/about-conversations-on-github#reacting-to-ideas-in-comments) to identify that lots of other users want/need this.
+- If unsure, kindly and politely add a comment explaining that we would need [upvotes](https://github.blog/2016-03-10-add-reactions-to-pull-requests-issues-and-comments) to identify that lots of other users want/need this.
 
 Second, label the issue `type/docs` and at least one `area/*` or `datasource/*` label.
 
@@ -296,13 +296,13 @@ In many cases the issue author or community as a whole is more suitable to contr
 
 ## Investigation of issues
 
-When an issue has all basic information provided, but the triage responsible haven't been able to reproduce the reported problem at a first glance, the issue is labeled [Needs investigation](https://github.com/grafana/grafana/labels/needs%20investigation). Depending on the perceived severity and/or number of [upvotes](https://help.github.com/en/articles/about-conversations-on-github#reacting-to-ideas-in-comments), the investigation will either be delegated to another maintainer for further investigation or put on hold until someone else (maintainer or contributor) picks it up and eventually starts investigating it.
+When an issue has all basic information provided, but the triage responsible haven't been able to reproduce the reported problem at a first glance, the issue is labeled [Needs investigation](https://github.com/grafana/grafana/labels/needs%20investigation). Depending on the perceived severity and/or number of [upvotes](https://github.blog/2016-03-10-add-reactions-to-pull-requests-issues-and-comments), the investigation will either be delegated to another maintainer for further investigation or put on hold until someone else (maintainer or contributor) picks it up and eventually starts investigating it.
 
 Investigating issues can be a very time consuming task, especially for the maintainers, given the huge number of combinations of plugins, data sources, platforms, databases, browsers, tools, hardware, integrations, versions and cloud services, etc that are being used with Grafana. There is a certain number of combinations that are more common than others, and these are in general easier for maintainers to investigate.
 
 For some other combinations it may not be possible at all for a maintainer to setup a proper test environment to investigate the issue. In these cases we really appreciate any help we can get from the community. Otherwise the issue is highly likely to be closed.
 
-Even if you don't have the time or knowledge to investigate an issue we highly recommend that you [upvote](https://help.github.com/en/articles/about-conversations-on-github#reacting-to-ideas-in-comments) the issue if you happen to have the same problem. If you have further details that may help investigating the issue please provide as much information as possible.
+Even if you don't have the time or knowledge to investigate an issue we highly recommend that you [upvote](https://github.blog/2016-03-10-add-reactions-to-pull-requests-issues-and-comments) the issue if you happen to have the same problem. If you have further details that may help investigating the issue please provide as much information as possible.
 
 ## Automation
 

LICENSING.md

@@ -17,11 +17,13 @@ packages/grafana-toolkit/
 packages/grafana-ui/
 packages/jaeger-ui-components/
 packaging/
+pkg/coremodel/
+pkg/framework/coremodel/
 grafana-mixin/
 cue/
 ```
 
-The following directories and their subdirectories are the original upstream licenses:
+The following directories and their subdirectories are licensed under their original upstream licenses:
 
 ```
 public/vendor/

Makefile

@@ -7,11 +7,15 @@ WIRE_TAGS = "oss"
 -include local/Makefile
 include .bingo/Variables.mk
 
-.PHONY: all deps-go deps-js deps build-go build-server build-cli build-js build build-docker-full lint-go golangci-lint test-go test-js gen-ts test run run-frontend clean devenv devenv-down protobuf drone help
+.PHONY: all deps-go deps-js deps build-go build-server build-cli build-js build build-docker-full build-docker-full-ubuntu lint-go golangci-lint test-go test-js gen-ts test run run-frontend clean devenv devenv-down protobuf drone help
 
 GO = go
 GO_FILES ?= ./pkg/...
 SH_FILES ?= $(shell find ./scripts -name *.sh)
+API_DEFINITION_FILES = $(shell find ./pkg/api/docs/definitions -name '*.go' -print)
+SWAGGER_TAG ?= latest
+GO_BUILD_FLAGS += $(if $(GO_BUILD_DEV),-dev)
+GO_BUILD_FLAGS += $(if $(GO_BUILD_TAGS),-build-tags=$(GO_BUILD_TAGS))
 
 all: deps build
 
@@ -28,23 +32,72 @@ node_modules: package.json yarn.lock ## Install node modules.
 	@echo "install frontend dependencies"
 	YARN_ENABLE_PROGRESS_BARS=false yarn install --immutable
 
+##@ Swagger
+SPEC_TARGET = public/api-spec.json
+MERGED_SPEC_TARGET := public/api-merged.json
+NGALERT_SPEC_TARGET = pkg/services/ngalert/api/tooling/api.json
+
+$(SPEC_TARGET): $(API_DEFINITION_FILES) ## Generate API spec
+	docker run --rm -it \
+	-e GOPATH=${HOME}/go:/go \
+	-e SWAGGER_GENERATE_EXTENSION=false \
+	-v ${HOME}/go:/go \
+	-v $$(pwd):/grafana \
+	-w $$(pwd)/pkg/api/docs quay.io/goswagger/swagger:$(SWAGGER_TAG) \
+	generate spec -m -o /grafana/public/api-spec.json \
+	-w /grafana/pkg/server \
+	-x "grafana/grafana/pkg/services/ngalert/api/tooling/definitions" \
+	-x "github.com/prometheus/alertmanager" \
+	-i /grafana/pkg/api/docs/tags.json
+
+swagger-api-spec: gen-go $(SPEC_TARGET) $(MERGED_SPEC_TARGET) validate-api-spec
+
+$(NGALERT_SPEC_TARGET):
+	+$(MAKE) -C pkg/services/ngalert/api/tooling api.json
+
+$(MERGED_SPEC_TARGET): $(SPEC_TARGET) $(NGALERT_SPEC_TARGET) ## Merge generated and ngalert API specs
+	go run pkg/api/docs/merge/merge_specs.go -o=public/api-merged.json $(<) pkg/services/ngalert/api/tooling/api.json
+
+ensure_go-swagger_mac:
+	@hash swagger &>/dev/null || (brew tap go-swagger/go-swagger && brew install go-swagger)
+
+--swagger-api-spec-mac: ensure_go-swagger_mac $(API_DEFINITION_FILES)  ## Generate API spec (for M1 Mac)
+	swagger generate spec -m -w pkg/server -o public/api-spec.json \
+	-x "github.com/grafana/grafana/pkg/services/ngalert/api/tooling/definitions" \
+	-x "github.com/prometheus/alertmanager" \
+	-i pkg/api/docs/tags.json
+
+swagger-api-spec-mac: gen-go --swagger-api-spec-mac $(MERGED_SPEC_TARGET) validate-api-spec
+
+validate-api-spec: $(MERGED_SPEC_TARGET) ## Validate API spec
+	docker run --rm -it \
+	-e GOPATH=${HOME}/go:/go \
+	-e SWAGGER_GENERATE_EXTENSION=false \
+	-v ${HOME}/go:/go \
+	-v $$(pwd):/grafana \
+	-w $$(pwd)/pkg/api/docs quay.io/goswagger/swagger:$(SWAGGER_TAG) \
+	validate /grafana/$(<)
+
+clean-api-spec:
+	rm $(SPEC_TARGET) $(MERGED_SPEC_TARGET)
+
 ##@ Building
 
 gen-go: $(WIRE)
 	@echo "generate go files"
 	$(WIRE) gen -tags $(WIRE_TAGS) ./pkg/server ./pkg/cmd/grafana-cli/runner
 
-build-go: gen-go ## Build all Go binaries.
+build-go: $(MERGED_SPEC_TARGET) gen-go ## Build all Go binaries.
 	@echo "build go files"
-	$(GO) run build.go build
+	$(GO) run build.go $(GO_BUILD_FLAGS) build
 
 build-server: ## Build Grafana server.
 	@echo "build server"
-	$(GO) run build.go build-server
+	$(GO) run build.go $(GO_BUILD_FLAGS) build-server
 
 build-cli: ## Build Grafana CLI application.
 	@echo "build grafana-cli"
-	$(GO) run build.go build-cli
+	$(GO) run build.go $(GO_BUILD_FLAGS) build-cli
 
 build-js: ## Build frontend assets.
 	@echo "build frontend"
@@ -99,6 +152,11 @@ build-docker-full: ## Build Docker image for development.
 	@echo "build docker container"
 	docker build --tag grafana/grafana:dev .
 
+build-docker-full-ubuntu: ## Build Docker image based on Ubuntu for development.
+	@echo "build docker container"
+	docker build --tag grafana/grafana:dev-ubuntu -f ./Dockerfile.ubuntu .
+
+
 ##@ Services
 
 # create docker-compose file with provided sources and start them

README.md

@@ -1,14 +1,14 @@
 ![Grafana](docs/logo-horizontal.png)
 
-The open-source platform for monitoring and observability.
+The open-source platform for monitoring and observability
 
 [![License](https://img.shields.io/github/license/grafana/grafana)](LICENSE)
 [![Drone](https://drone.grafana.net/api/badges/grafana/grafana/status.svg)](https://drone.grafana.net/grafana/grafana)
 [![Go Report Card](https://goreportcard.com/badge/github.com/grafana/grafana)](https://goreportcard.com/report/github.com/grafana/grafana)
 
-Grafana allows you to query, visualize, alert on and understand your metrics no matter where they are stored. Create, explore, and share dashboards with your team and foster a data driven culture:
+Grafana allows you to query, visualize, alert on and understand your metrics no matter where they are stored. Create, explore, and share dashboards with your team and foster a data-driven culture:
 
-- **Visualize:** Fast and flexible client side graphs with a multitude of options. Panel plugins offer many different ways to visualize metrics and logs.
+- **Visualizations:** Fast and flexible client side graphs with a multitude of options. Panel plugins offer many different ways to visualize metrics and logs.
 - **Dynamic Dashboards:** Create dynamic & reusable dashboards with template variables that appear as dropdowns at the top of the dashboard.
 - **Explore Metrics:** Explore your data through ad-hoc queries and dynamic drilldown. Split view and compare different time ranges, queries and data sources side by side.
 - **Explore Logs:** Experience the magic of switching from metrics to logs with preserved label filters. Quickly search through all your logs or streaming them live.

UPGRADING_DEPENDENCIES.md

@@ -15,6 +15,7 @@ Upgrading Go or Node.js requires making changes in many different files. See bel
 - `grafana/build-container`
 - Appveyor
 - Dockerfile
+- `.github/workflows/publish.yml`
 
 ## Go dependencies
 

babel.config.json

@@ -33,12 +33,16 @@
         "allowDeclareFields": true
       }
     ],
+    // added to mitigate https://github.com/babel/babel/issues/14289
+    // package (and following line) can be removed once the issue is fixed and released
+    "@babel/plugin-proposal-class-properties",
     ["@babel/plugin-proposal-object-rest-spread", { "loose": true }],
     "@babel/plugin-transform-react-constant-elements",
     "@babel/plugin-proposal-nullish-coalescing-operator",
     "@babel/plugin-proposal-optional-chaining",
     "@babel/plugin-syntax-dynamic-import", // needed for `() => import()` in routes.ts
-    "angularjs-annotate"
+    "angularjs-annotate",
+    "macros"
   ],
   "env": {
     "production": {

conf/defaults.ini

@@ -9,6 +9,9 @@ app_mode = production
 # instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
 instance_name = ${HOSTNAME}
 
+# force migration will run migrations that might cause dataloss
+force_migration = false
+
 #################################### Paths ###############################
 [paths]
 # Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
@@ -122,6 +125,9 @@ path = grafana.db
 # For "sqlite3" only. cache mode setting used for connecting to the database
 cache_mode = private
 
+# For "mysql" only if migrationLocking feature toggle is set. How many seconds to wait before failing to lock the database for the migrations, default is 0.
+locking_attempt_timeout_sec = 0
+
 #################################### Cache server #############################
 [remote_cache]
 # Either "redis", "memcached" or "database" default is "database"
@@ -190,12 +196,19 @@ reporting_enabled = true
 reporting_distributor = grafana-labs
 
 # Set to false to disable all checks to https://grafana.com
-# for new versions (grafana itself and plugins), check is used
-# in some UI views to notify that grafana or plugin update exists
+# for new versions of grafana. The check is used
+# in some UI views to notify that a grafana update exists.
 # This option does not cause any auto updates, nor send any information
-# only a GET request to https://grafana.com to get latest versions
+# only a GET request to https://raw.githubusercontent.com/grafana/grafana/main/latest.json to get the latest version.
 check_for_updates = true
 
+# Set to false to disable all checks to https://grafana.com
+# for new versions of plugins. The check is used
+# in some UI views to notify that a plugin update exists.
+# This option does not cause any auto updates, nor send any information
+# only a GET request to https://grafana.com to get the latest versions.
+check_for_plugin_updates = true
+
 # Google Analytics universal tracking code, only enabled if you specify an id here
 google_analytics_ua_id =
 
@@ -220,6 +233,9 @@ application_insights_connection_string =
 # Optional. Specifies an Application Insights endpoint URL where the endpoint string is wrapped in backticks ``.
 application_insights_endpoint_url =
 
+# Controls if the UI contains any links to user feedback forms
+feedback_links_enabled = true
+
 #################################### Security ############################
 [security]
 # disable creation of admin user on first start of grafana
@@ -235,7 +251,7 @@ admin_password = admin
 secret_key = SW2YcwTIb9zpOOhoPsMm
 
 # current key provider used for envelope encryption, default to static value specified by secret_key
-encryption_provider = secretKey
+encryption_provider = secretKey.v1
 
 # list of configured key providers, space separated (Enterprise only): e.g., awskms.v1 azurekv.v1
 available_encryption_providers =
@@ -259,7 +275,6 @@ cookie_samesite = lax
 allow_embedding = false
 
 # Set to true if you want to enable http strict transport security (HSTS) response header.
-# This is only sent when HTTPS is enabled in this configuration.
 # HSTS tells browsers that the site should only be accessed using HTTPS.
 strict_transport_security = false
 
@@ -290,12 +305,24 @@ content_security_policy = false
 # $ROOT_PATH is server.root_url without the protocol.
 content_security_policy_template = """script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';"""
 
+# Controls if old angular plugins are supported or not. This will be disabled by default in future release
+angular_support_enabled = true
+
+[security.encryption]
+# Defines the time-to-live (TTL) for decrypted data encryption keys stored in memory (cache).
+# Please note that small values may cause performance issues due to a high frequency decryption operations.
+data_keys_cache_ttl = 15m
+
+# Defines the frequency of data encryption keys cache cleanup interval.
+# On every interval, decrypted data encryption keys that reached the TTL are removed from the cache.
+data_keys_cache_cleanup_interval = 1m
+
 #################################### Snapshots ###########################
 [snapshots]
 # snapshot sharing options
 external_enabled = true
-external_snapshot_url = https://snapshots-origin.raintank.io
-external_snapshot_name = Publish to snapshot.raintank.io
+external_snapshot_url = https://snapshots.raintank.io
+external_snapshot_name = Publish to snapshots.raintank.io
 
 # Set to true to enable this Grafana instance act as an external snapshot server and allow unauthenticated requests for
 # creating and deleting snapshots.
@@ -398,12 +425,18 @@ oauth_auto_login = false
 # OAuth state max age cookie duration in seconds. Defaults to 600 seconds.
 oauth_state_cookie_max_age = 600
 
+# Skip forced assignment of OrgID 1 or 'auto_assign_org_id' for social logins
+oauth_skip_org_role_update_sync = false
+
 # limit of api_key seconds to live before expiration
 api_key_max_seconds_to_live = -1
 
 # Set to true to enable SigV4 authentication option for HTTP-based datasources
 sigv4_auth_enabled = false
 
+# Set to true to enable verbose logging of SigV4 request signing
+sigv4_verbose_logging = false
+
 #################################### Anonymous Auth ######################
 [auth.anonymous]
 # enable anonymous access
@@ -444,6 +477,8 @@ token_url = https://gitlab.com/oauth/token
 api_url = https://gitlab.com/api/v4
 allowed_domains =
 allowed_groups =
+role_attribute_path =
+role_attribute_strict = false
 
 #################################### Google Auth #########################
 [auth.google]
@@ -488,10 +523,12 @@ auth_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/authorize
 token_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
 allowed_domains =
 allowed_groups =
+role_attribute_strict = false
 
 #################################### Okta OAuth #######################
 [auth.okta]
 name = Okta
+icon = okta
 enabled = false
 allow_sign_up = true
 client_id = some_id
@@ -508,6 +545,7 @@ role_attribute_strict = false
 #################################### Generic OAuth #######################
 [auth.generic_oauth]
 name = OAuth
+icon = signin
 enabled = false
 allow_sign_up = true
 client_id = some_id
@@ -546,11 +584,10 @@ enabled = false
 header_name = X-WEBAUTH-USER
 header_property = username
 auto_sign_up = true
-# Deprecated, use sync_ttl instead
-ldap_sync_ttl = 60
 sync_ttl = 60
 whitelist =
 headers =
+headers_encoded = false
 enable_login_token = false
 
 #################################### Auth JWT ##########################
@@ -564,6 +601,7 @@ jwk_set_file =
 cache_ttl = 60m
 expected_claims = {}
 key_file =
+auto_sign_up = false
 
 #################################### Auth LDAP ###########################
 [auth.ldap]
@@ -573,7 +611,7 @@ allow_sign_up = true
 
 # LDAP background sync (Enterprise only)
 # At 1 am every day
-sync_cron = "0 0 1 * * *"
+sync_cron = "0 1 * * *"
 active_sync_enabled = true
 
 #################################### AWS ###########################
@@ -605,6 +643,12 @@ managed_identity_enabled = false
 # Should be set for user-assigned identity and should be empty for system-assigned identity
 managed_identity_client_id =
 
+#################################### Role-based Access Control ###########
+[rbac]
+enabled = true
+# If enabled, cache permissions in a in memory cache (Enterprise only)
+permission_cache = true
+
 #################################### SMTP / Emailing #####################
 [smtp]
 enabled = false
@@ -797,6 +841,22 @@ max_attempts = 3
 # The interval string is a possibly signed sequence of decimal numbers, followed by a unit suffix (ms, s, m, h, d), e.g. 30s or 1m.
 min_interval = 10s
 
+[unified_alerting.screenshots]
+# Enable screenshots in notifications. This option requires the Grafana Image Renderer plugin.
+# For more information on configuration options, refer to [rendering].
+capture = false
+
+# The maximum number of screenshots that can be taken at the same time. This option is different from
+# concurrent_render_request_limit as max_concurrent_screenshots sets the number of concurrent screenshots
+# that can be taken at the same time for all firing alerts where as concurrent_render_request_limit sets
+# the total number of concurrent screenshots across all Grafana services.
+max_concurrent_screenshots = 5
+
+# Uploads screenshots to the local Grafana server or remote storage such as Azure, S3 and GCS. Please
+# see [external_image_storage] for further configuration options. If this option is false then
+# screenshots will be persisted to disk for up to temp_data_lifetime.
+upload_external_image_storage = false
+
 #################################### Alerting ############################
 [alerting]
 # Enable the legacy alerting sub-system and interface. If Unified Alerting is already enabled and you try to go back to legacy alerting, all data that is part of Unified Alerting will be deleted. When this configuration section and flag are not defined, the state is defined at runtime. See the documentation for more details.
@@ -865,15 +925,30 @@ max_annotations_to_keep =
 # Enable the Explore section
 enabled = true
 
+#################################### Help #############################
+[help]
+# Enable the Help section
+enabled = true
+
+#################################### Profile #############################
+[profile]
+# Enable the Profile section
+enabled = true
+
+#################################### Query History #############################
+[query_history]
+# Enable the Query history
+enabled = true
+
 #################################### Internal Grafana Metrics ############
-# Metrics available at HTTP API Url /metrics
+# Metrics available at HTTP URL /metrics and /metrics/plugins/:pluginId
 [metrics]
 enabled              = true
 interval_seconds     = 10
 # Disable total stats (stat_totals_*) metrics to be generated
 disable_total_stats = false
 
-#If both are set, basic auth will be required for the metrics endpoint.
+#If both are set, basic auth will be required for the metrics endpoints.
 basic_auth_username =
 basic_auth_password =
 
@@ -897,6 +972,7 @@ url = https://grafana.com
 url = https://grafana.com
 
 #################################### Distributed tracing ############
+# Opentracing is deprecated use opentelemetry instead
 [tracing.jaeger]
 # jaeger destination (ex localhost:6831)
 address =
@@ -923,6 +999,15 @@ disable_shared_zipkin_spans = false
 [tracing.opentelemetry.jaeger]
 # jaeger destination (ex http://localhost:14268/api/traces)
 address =
+# Propagation specifies the text map propagation format: w3c, jaeger
+propagation =
+
+# This is a configuration for OTLP exporter with GRPC protocol
+[tracing.opentelemetry.otlp]
+# otlp destination (ex localhost:4317)
+address =
+# Propagation specifies the text map propagation format: w3c, jaeger
+propagation =
 
 #################################### External Image Storage ##############
 [external_image_storage]
@@ -967,6 +1052,8 @@ container_name =
 server_url =
 # If the remote HTTP image renderer service runs on a different server than the Grafana server you may have to configure this to a URL where Grafana is reachable, e.g. http://grafana.domain/.
 callback_url =
+# An auth token that will be sent to and verified by the renderer. The renderer will deny any request without an auth token matching the one configured on the renderer side.
+renderer_token = -
 # Concurrent render request limit affects when the /render HTTP endpoint is used. Rendering many images at the same time can overload the server,
 # which this setting can help protect against by only allowing a certain amount of concurrent requests.
 concurrent_render_request_limit = 30
@@ -1076,9 +1163,32 @@ grpc_port =
 license_path =
 
 [feature_toggles]
-# enable features, separated by spaces
+# there are currently two ways to enable feature toggles in the `grafana.ini`.
+# you can either pass an array of feature you want to enable to the `enable` field or
+# configure each toggle by setting the name of the toggle to true/false. Toggles set to true/false
+# will take precedence over toggles in the `enable` list.
+
+# enable = feature1,feature2
 enable =
 
+# The new prometheus visual query builder
+promQueryBuilder = true
+
+# The new loki visual query builder
+lokiQueryBuilder = true
+
+# Experimental Explore to Dashboard workflow
+explore2Dashboard = true
+
+# Experimental Command Palette
+commandPalette = true
+
+# Use dynamic labels in CloudWatch datasource
+cloudWatchDynamicLabels = true
+
+# feature1 = true
+# feature2 = false
+
 [date_formats]
 # For information on what formatting patterns that are supported https://momentjs.com/docs/#/displaying/
 
@@ -1109,3 +1219,22 @@ default_baselayer_config =
 
 # Enable or disable loading other base map layers
 enable_custom_baselayers = true
+
+#################################### Dashboard previews #####################################
+
+[dashboard_previews.crawler]
+# Number of dashboards rendered in parallel. Default is 6.
+thread_count =
+
+# Timeout passed down to the Image Renderer plugin. It is used in two separate places within a single rendering request:
+# First during the initial navigation to the dashboard and then when waiting for all the panels to load. Default is 20s.
+# This setting should be expressed as a duration. Examples: 10s (seconds), 1m (minutes).
+rendering_timeout =
+
+# Maximum duration of a single crawl. Default is 1h.
+# This setting should be expressed as a duration. Examples: 10s (seconds), 1m (minutes).
+max_crawl_duration =
+
+# Minimum interval between two subsequent scheduler runs. Default is 12h.
+# This setting should be expressed as a duration. Examples: 10s (seconds), 1m (minutes).
+scheduler_interval =

conf/provisioning/access-control/sample.yaml

@@ -1,76 +1,68 @@
+# ---
 # # config file version
-# apiVersion: 1
+# apiVersion: 2
 
-# # list of default built-in role assignments that should be removed
-# removeDefaultAssignments:
-#   # <string>, must be one of the Organization roles (`Viewer`, `Editor`, `Admin`) or `Grafana Admin`
-#   - builtInRole: "Grafana Admin"
-#     # <string>, must be one of the existing fixed roles
-#     fixedRole: "fixed:permissions:admin"
-
-# # list of default built-in role assignments that should be added back
-# addDefaultAssignments:
-#   # <string>, must be one of the Organization roles (`Viewer`, `Editor`, `Admin`) or `Grafana Admin`
-#   - builtInRole: "Admin"
-#     # <string>, must be one of the existing fixed roles
-#     fixedRole: "fixed:reporting:admin:read"
-    
-# # list of roles that should be deleted
-# deleteRoles:
-#   # <string> name of the role you want to create. Required if no uid is set
-#   - name: "custom:reports:editor"
-#     # <string> uid of the role. Required if no name
-#     uid: "customreportseditor1"
-#     # <int> org id. will default to Grafana's default if not specified
-#     orgId: 1
-#     # <bool> force deletion revoking all grants of the role
-#     force: true
-#   - name: "custom:global:reports:reader"
-#     uid: "customglobalreportsreader1"
-#     # <bool> overwrite org id and removes a global role
-#     global: true
-#     force: true
-
-# # list of roles to insert/update depending on what is available in the database
+# # <list> list of roles to insert/update/delete
 # roles:
-#   # <string, required> name of the role you want to create. Required
-#   - name: "custom:users:editor"
+#   # <string, required> name of the role you want to create or update. Required.
+#   - name: 'custom:users:writer'
 #     # <string> uid of the role. Has to be unique for all orgs.
-#     uid: customuserseditor1
+#     uid: customuserswriter1
 #     # <string> description of the role, informative purpose only.
-#     description: "Role for our custom user editors"
-#     # <int> version of the role, Grafana will update the role when increased
+#     description: 'Create, read, write users'
+#     # <int> version of the role, Grafana will update the role when increased.
 #     version: 2
-#     # <int> org id. will default to Grafana's default if not specified
-#     orgId: 1    
-#     # <list> list of the permissions granted by this role
+#     # <int> org id. Defaults to Grafana's default if not specified.
+#     orgId: 1
+#     # <list> list of the permissions granted by this role.
 #     permissions:
-#       # <string, required> action allowed
-#       - action: "users:read"
-#         #<string> scope it applies to
-#         scope: "users:*"
-#       - action: "users:write"
-#         scope: "users:*"
-#       - action: "users:create"
-#         scope: "users:*"
-#     # <list> list of builtIn roles the role should be assigned to
-#     builtInRoles:
-#       # <string, required> name of the builtin role you want to assign the role to
-#       - name: "Editor"
-#         # <int> org id. will default to the role org id
-#         orgId: 1        
-#   - name: "custom:global:users:reader"
-#     uid: "customglobalusersreader1"
-#     description: "Global Role for custom user readers"
-#     version: 1
-#     # <bool> overwrite org id and creates a global role
+#       # <string, required> action allowed.
+#       - action: 'users:read'
+#         #<string> scope it applies to.
+#         scope: 'users:*'
+#       - action: 'users:write'
+#         scope: 'users:*'
+#       - action: 'users:create'
+#   - name: 'custom:global:users:reader'
+#     # <bool> overwrite org id and creates a global role.
 #     global: true
-#     permissions:
-#       - action: "users:read"
-#         scope: "users:*"
-#     builtInRoles:
-#       - name: "Viewer"
-#         orgId: 1        
-#       - name: "Editor"
-#         # <bool> overwrite org id and assign role globally
+#     # <string> state of the role. Defaults to 'present'. If 'absent', role will be deleted.
+#     state: 'absent'
+#     # <bool> force deletion revoking all grants of the role.
+#     force: true
+#   - uid: 'basic_editor'
+#     version: 2
+#     global: true
+#     # <list> list of roles to copy permissions from.
+#     from:
+#       - uid: 'basic_editor'
 #         global: true
+#       - name: 'fixed:users:writer'
+#         global: true
+#     # <list> list of the permissions to add/remove on top of the copied ones.
+#     permissions:
+#       - action: 'users:read'
+#         scope: 'users:*'
+#       - action: 'users:write'
+#         scope: 'users:*'
+#         # <string> state of the permission. Defaults to 'present'. If 'absent', the permission will be removed.
+#         state: absent
+
+# # <list> list role assignments to teams to create or remove.
+# teams:
+#   # <string, required> name of the team you want to assign roles to. Required.
+#   - name: 'Users writers'
+#     # <int> org id. Will default to Grafana's default if not specified.
+#     orgId: 1
+#     # <list> list of roles to assign to the team
+#     roles:
+#       # <string> uid of the role you want to assign to the team.
+#       - uid: 'customuserswriter1'
+#         # <int> org id. Will default to Grafana's default if not specified.
+#         orgId: 1
+#       # <string> name of the role you want to assign to the team.
+#       - name: 'fixed:users:writer'
+#         # <bool> overwrite org id to specify the role is global.
+#         global: true
+#         # <string> state of the assignment. Defaults to 'present'. If 'absent', the assignment will be revoked.
+#         state: absent

conf/provisioning/datasources/sample.yaml

@@ -19,8 +19,6 @@ apiVersion: 1
 #   orgId: 1
 #   # <string> url
 #   url: http://localhost:8080
-#   # <string> database password, if used
-#   password:
 #   # <string> database user, if used
 #   user:
 #   # <string> database name, if used
@@ -29,8 +27,6 @@ apiVersion: 1
 #   basicAuth:
 #   # <string> basic auth username
 #   basicAuthUser:
-#   # <string> basic auth password
-#   basicAuthPassword:
 #   # <bool> enable/disable with credentials headers
 #   withCredentials:
 #   # <bool> mark as default datasource. Max one per org

conf/sample.ini

@@ -9,6 +9,9 @@
 # instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
 ;instance_name = ${HOSTNAME}
 
+# force migration will run migrations that might cause dataloss
+;force_migration = false
+
 #################################### Paths ####################################
 [paths]
 # Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
@@ -123,6 +126,9 @@
 # For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
 ;cache_mode = private
 
+# For "mysql" only if migrationLocking feature toggle is set. How many seconds to wait before failing to lock the database for the migrations, default is 0.
+;locking_attempt_timeout_sec = 0
+
 ################################### Data sources #########################
 [datasources]
 # Upper limit of data sources that Grafana will return. This limit is a temporary configuration and it will be deprecated when pagination will be introduced on the list data sources API.
@@ -195,13 +201,20 @@
 # The name of the distributor of the Grafana instance. Ex hosted-grafana, grafana-labs
 ;reporting_distributor = grafana-labs
 
-# Set to false to disable all checks to https://grafana.net
-# for new versions (grafana itself and plugins), check is used
-# in some UI views to notify that grafana or plugin update exists
+# Set to false to disable all checks to https://grafana.com
+# for new versions of grafana. The check is used
+# in some UI views to notify that a grafana update exists.
 # This option does not cause any auto updates, nor send any information
-# only a GET request to http://grafana.com to get latest versions
+# only a GET request to https://raw.githubusercontent.com/grafana/grafana/main/latest.json to get the latest version.
 ;check_for_updates = true
 
+# Set to false to disable all checks to https://grafana.com
+# for new versions of plugins. The check is used
+# in some UI views to notify that a plugin update exists.
+# This option does not cause any auto updates, nor send any information
+# only a GET request to https://grafana.com to get the latest versions.
+;check_for_plugin_updates = true
+
 # Google Analytics universal tracking code, only enabled if you specify an id here
 ;google_analytics_ua_id =
 
@@ -220,6 +233,9 @@
 # Rudderstack Config url, optional, used by Rudderstack SDK to fetch source config
 ;rudderstack_config_url =
 
+# Controls if the UI contains any links to user feedback forms
+;feedback_links_enabled = true
+
 #################################### Security ####################################
 [security]
 # disable creation of admin user on first start of grafana
@@ -235,7 +251,7 @@
 ;secret_key = SW2YcwTIb9zpOOhoPsMm
 
 # current key provider used for envelope encryption, default to static value specified by secret_key
-;encryption_provider = secretKey
+;encryption_provider = secretKey.v1
 
 # list of configured key providers, space separated (Enterprise only): e.g., awskms.v1 azurekv.v1
 ;available_encryption_providers =
@@ -259,7 +275,6 @@
 ;allow_embedding = false
 
 # Set to true if you want to enable http strict transport security (HSTS) response header.
-# This is only sent when HTTPS is enabled in this configuration.
 # HSTS tells browsers that the site should only be accessed using HTTPS.
 ;strict_transport_security = false
 
@@ -290,12 +305,24 @@
 # $ROOT_PATH is server.root_url without the protocol.
 ;content_security_policy_template = """script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';"""
 
+# Controls if old angular plugins are supported or not. This will be disabled by default in future release
+;angular_support_enabled = true
+
+[security.encryption]
+# Defines the time-to-live (TTL) for decrypted data encryption keys stored in memory (cache).
+# Please note that small values may cause performance issues due to a high frequency decryption operations.
+;data_keys_cache_ttl = 15m
+
+# Defines the frequency of data encryption keys cache cleanup interval.
+# On every interval, decrypted data encryption keys that reached the TTL are removed from the cache.
+;data_keys_cache_cleanup_interval = 1m
+
 #################################### Snapshots ###########################
 [snapshots]
 # snapshot sharing options
 ;external_enabled = true
-;external_snapshot_url = https://snapshots-origin.raintank.io
-;external_snapshot_name = Publish to snapshot.raintank.io
+;external_snapshot_url = https://snapshots.raintank.io
+;external_snapshot_name = Publish to snapshots.raintank.io
 
 # Set to true to enable this Grafana instance act as an external snapshot server and allow unauthenticated requests for
 # creating and deleting snapshots.
@@ -392,12 +419,18 @@
 # OAuth state max age cookie duration in seconds. Defaults to 600 seconds.
 ;oauth_state_cookie_max_age = 600
 
+# Skip forced assignment of OrgID 1 or 'auto_assign_org_id' for social logins
+;oauth_skip_org_role_update_sync = false
+
 # limit of api_key seconds to live before expiration
 ;api_key_max_seconds_to_live = -1
 
 # Set to true to enable SigV4 authentication option for HTTP-based datasources.
 ;sigv4_auth_enabled = false
 
+# Set to true to enable verbose logging of SigV4 request signing
+;sigv4_verbose_logging = false
+
 #################################### Anonymous Auth ######################
 [auth.anonymous]
 # enable anonymous access
@@ -473,6 +506,7 @@
 ;token_url = https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
 ;allowed_domains =
 ;allowed_groups =
+;role_attribute_strict = false
 
 #################################### Okta OAuth #######################
 [auth.okta]
@@ -534,6 +568,8 @@
 ;sync_ttl = 60
 ;whitelist = 192.168.1.1, 192.168.2.1
 ;headers = Email:X-User-Email, Name:X-User-Name
+# Non-ASCII strings in header values are encoded using quoted-printable encoding
+;headers_encoded = false
 # Read the auth proxy docs for details on what the setting below enables
 ;enable_login_token = false
 
@@ -548,6 +584,7 @@
 ;cache_ttl = 60m
 ;expected_claims = {"aud": ["foo", "bar"]}
 ;key_file = /path/to/key/file
+;auto_sign_up = false
 
 #################################### Auth LDAP ##########################
 [auth.ldap]
@@ -557,7 +594,7 @@
 
 # LDAP background sync (Enterprise only)
 # At 1 am every day
-;sync_cron = "0 0 1 * * *"
+;sync_cron = "0 1 * * *"
 ;active_sync_enabled = true
 
 #################################### AWS ###########################
@@ -586,6 +623,11 @@
 # Should be set for user-assigned identity and should be empty for system-assigned identity
 ;managed_identity_client_id =
 
+#################################### Role-based Access Control ###########
+[rbac]
+;enabled = true
+# If enabled, cache permissions in a in memory cache (Enterprise only)
+;permission_cache = true
 #################################### SMTP / Emailing ##########################
 [smtp]
 ;enabled = false
@@ -848,8 +890,23 @@
 # Enable the Explore section
 ;enabled = true
 
+#################################### Help #############################
+[help]
+# Enable the Help section
+;enabled = true
+
+#################################### Profile #############################
+[profile]
+# Enable the Profile section
+;enabled = true
+
+#################################### Query History #############################
+[query_history]
+# Enable the Query history
+;enabled = true
+
 #################################### Internal Grafana Metrics ##########################
-# Metrics available at HTTP API Url /metrics
+# Metrics available at HTTP URL /metrics and /metrics/plugins/:pluginId
 [metrics]
 # Disable / Enable internal metrics
 ;enabled           = true
@@ -858,7 +915,7 @@
 # Disable total stats (stat_totals_*) metrics to be generated
 ;disable_total_stats = false
 
-#If both are set, basic auth will be required for the metrics endpoint.
+#If both are set, basic auth will be required for the metrics endpoints.
 ; basic_auth_username =
 ; basic_auth_password =
 
@@ -880,6 +937,7 @@
 ;url = https://grafana.com
 
 #################################### Distributed tracing ############
+# Opentracing is deprecated use opentelemetry instead
 [tracing.jaeger]
 # Enable by setting the address sending traces to jaeger (ex localhost:6831)
 ;address = localhost:6831
@@ -906,6 +964,15 @@
 [tracing.opentelemetry.jaeger]
 # jaeger destination (ex http://localhost:14268/api/traces)
 ; address = http://localhost:14268/api/traces
+# Propagation specifies the text map propagation format: w3c, jaeger
+; propagation = jaeger
+
+# This is a configuration for OTLP exporter with GRPC protocol
+[tracing.opentelemetry.otlp]
+# otlp destination (ex localhost:4317)
+; address = localhost:4317
+# Propagation specifies the text map propagation format: w3c, jaeger
+; propagation = w3c
 
 #################################### External image storage ##########################
 [external_image_storage]
@@ -947,6 +1014,8 @@
 ;server_url =
 # If the remote HTTP image renderer service runs on a different server than the Grafana server you may have to configure this to a URL where Grafana is reachable, e.g. http://grafana.domain/.
 ;callback_url =
+# An auth token that will be sent to and verified by the renderer. The renderer will deny any request without an auth token matching the one configured on the renderer side.
+;renderer_token = -
 # Concurrent render request limit affects when the /render HTTP endpoint is used. Rendering many images at the same time can overload the server,
 # which this setting can help protect against by only allowing a certain amount of concurrent requests.
 ;concurrent_render_request_limit = 30
@@ -1055,8 +1124,15 @@
 ;license_path =
 
 [feature_toggles]
-# enable features, separated by spaces
-;enable =
+# there are currently two ways to enable feature toggles in the `grafana.ini`.
+# you can either pass an array of feature you want to enable to the `enable` field or
+# configure each toggle by setting the name of the toggle to true/false. Toggles set to true/false
+# will take presidence over toggles in the `enable` list.
+
+;enable = feature1,feature2
+
+;feature1 = true
+;feature2 = false
 
 [date_formats]
 # For information on what formatting patterns that are supported https://momentjs.com/docs/#/displaying/

contribute/README.md

@@ -3,7 +3,7 @@
 This directory contains guides for contributors to the Grafana project.
 
 - [Create a pull request](create-pull-request.md)
-- [Contributing documentation](documentation.md)
+- [Contribute documentation](../contribute/documentation/README.md)
 - [Developer guide](developer-guide.md)
 - [Triage issues](triage-issues.md)
 - [Merge a pull request](merge-pull-request.md)

contribute/architecture/backend/communication.md

@@ -2,6 +2,8 @@
 
 Grafana uses a _bus_ to pass messages between different parts of the application. All communication over the bus happens synchronously.
 
+> **Deprecated:** The bus has officially been deprecated, however, we're still using the command/query objects paradigms.
+
 There are three types of messages: _events_, _commands_, and _queries_.
 
 ## Events
@@ -109,7 +111,7 @@ ctx := req.Request.Context()
 query := &models.FindDashboardQuery{
     ID: "foo",
 }
-if err := bus.DispatchCtx(ctx, query); err != nil {
+if err := bus.Dispatch(ctx, query); err != nil {
     return err
 }
 // The query now contains a result.

contribute/architecture/backend/database.md

@@ -99,6 +99,8 @@ To add a migration:
 - In the `AddMigrations` function, find the `addXxxMigration` function for the service you want to create a migration for.
 - At the end of the `addXxxMigration` function, register your migration:
 
+> **NOTE:** Putting migrations behind feature flags is no longer recommended as it may cause the migration skip integration testing.
+
 [Example](https://github.com/grafana/grafana/blob/00d0640b6e778ddaca021670fe851fe00982acf2/pkg/services/sqlstore/migrations/migrations.go#L55-L70)
 
 ### Implement `DatabaseMigrator`

contribute/breaking-changes-guide.md

@@ -0,0 +1,119 @@
+# Handling breaking changes in Grafana frontend APIs
+
+This guide tries to help you identify and communicate breaking changes introduced to our frontend API.
+
+- [What are our public APIs?](#what-are-our-public-apis)
+- [What is Levitate?](#what-is-levitate)
+- [How does the CI workflow look like?](#how-does-the-ci-workflow-look-like)
+- [I received a comment on my PR, what does it mean?](#i-received-a-comment-on-my-pr-what-does-it-mean)
+- [**I know it's a breaking change, what's next?**](#i-know-its-a-breaking-change-whats-next)
+  - [Introduce breaking changes only in major versions](#introduce-breaking-changes-only-in-major-versions)
+  - [Deprecate first](#deprecate-first)
+  - [Communicate](#communicate)
+- [I still have questions, who can help me out?](#i-still-have-questions-who-can-help-me-out)
+
+---
+
+## What are our public APIs?
+
+The Grafana frontend codebase is exposing functionality through NPM packages to make plugin development easier and faster.
+These packages live in the `/packages` folder and contain packages like:
+
+- `@grafana/data`
+- `@grafana/runtime`
+- `@grafana/toolkit`
+- `@grafana/ui`
+- etc. ([They can be viewed here](https://github.com/grafana/grafana/tree/main/packages)
+
+Any change that causes dependent software to behave differently is considered to be breaking.
+
+## What is Levitate?
+
+[`@grafana/levitate`](https://github.com/grafana/levitate) is a tool created by Grafana that can show breaking changes between two versions of a **TypeScript** package or a source file.
+
+It can list exported members of an NPM package or imports used by an NPM package,
+**but we are mainly using it for comparing different versions of the same package to see changes in the exported members.**
+
+A Github workflow runs against every pull request and comments a hint in case there are
+possible breaking changes. It also adds the `"breaking change"` label to the pull request.
+
+## How does the CI workflow look like?
+
+<img src="./breaking-changes-workflow.png" alt="CI workflow" width="700" />
+
+## I received a comment on my PR, what does it mean?
+
+![Levitate comment](./breaking-changes-comment-screenshot.png)
+
+Receiving a comment like the one above does not necessarily mean that you actually introduced breaking
+changes (as certain edge cases are still not covered by the tool), but as there is a good chance we rather raise attention.
+
+By clicking the links in the comment ("more info" or "Check console output") you can view more detailed information about what triggered the notification.
+
+**Removed exported members** (console view):<br />
+This means that some previously exported members won't be available in the newer version of the package which can break dependent plugins.
+
+![](./breaking-changes-console-screenshot-1.png)
+
+**Changed an existing member** (console view):<br />
+This means that a member was changed in a way that can break dependent plugins.
+
+![](./breaking-changes-console-screenshot-2.png)
+
+**No breaking changes** (console view):<br />
+Seeing this suggests that whilst changes were made, most probably none of them were breaking. You are good to go! 👏
+
+![](./breaking-changes-console-screenshot-3.png)
+
+## How can I decide if it is really a breaking change?
+
+First go to the console output of the workflow and make sure that the diffs make sense.
+
+It can happen that Levitate highlights a change which is marked with TSDoc tags `// @alpha` or `// @internal` in
+which case you can choose to ignore it - keep in mind though that these flags won't really hold developers back
+from using your code and most likely it is going to cause them problems if we are breaking them.
+
+It can also happen that Levitate marks changing an interface as a possible breaking change.
+For anyone that implements that interface introducing a new property will break their code. Whilst this is correctly marked as a breaking change maybe it is an interface that is never implemented by other developers. In which case you can choose to ignore Levitate's message.
+
+These notifications are only warnings though, and **in the end it's up to the author of the PR to make a decision that makes the most sense.**
+
+## I know it's a breaking change, what's next?
+
+### Introduce breaking changes only in major versions
+
+We can make breaking changes less painful if they are only happening between major releases of Grafana.
+
+### Deprecate first
+
+Whenever possible try to deprecate first what you are about to remove or change. For example:
+
+```javascript
+import { deprecationWarning } from '@grafana/data';
+
+/**
+ * @deprecated -- this is no longer necessary and will be removed in Grafana 9.0.0
+ */
+myOldFunction(name: string) {
+    deprecationWarning('MyFile', 'myOldFunction', 'myNewFunction');
+    // ...
+}
+```
+
+1. Add a deprecation comment `// @deprecated`
+2. Add info in the comment about **when it is going to be removed**
+3. Add info in the comment about **what should be used instead**
+4. In case it's a function or a method, use `deprecationWarning(<file name>, <old name>, <new name>)` to raise attention during runtime as well
+5. Update the [migration guide](../docs/sources/developers/plugins/migration-guide.md) with your instructions
+
+### Communicate
+
+Reach out to **@grafana/plugins-platform-frontend** to help finding which plugins are using the code that is just about to change, so we try making it smoother by communicating it to them.
+
+---
+
+## I still have questions, who can help me out?
+
+We are here to help.
+
+Please either ping us in the pull request by using the **@grafana/plugins-platform-frontend** handle or reach out to us on the internal Slack in `#grafana-plugins-platform`.

contribute/create-pull-request.md

@@ -117,11 +117,14 @@ If you're unsure, see the existing [changelog](https://github.com/grafana/grafan
 
 ### Pull request titles
 
+The pull request title should be formatted according to `<Area>: <Summary>` (Both "Area" and "Summary" should start with a capital letter).
+
 The Grafana team _squashes_ all commits into one when we accept a pull request. The title of the pull request becomes the subject line of the squashed commit message. We still encourage contributors to write informative commit messages, as they becomes a part of the Git commit body.
 
 We use the pull request title when we generate change logs for releases. As such, we strive to make the title as informative as possible.
 
-Make sure that the title for your pull request uses the same format as the subject line in the commit message.
+**Example:**
+`Docs: Change url to URL in all documentation files`
 
 ## Configuration changes
 

contribute/developer-guide.md

@@ -39,6 +39,14 @@ For alternative ways of cloning the Grafana repository, please refer to [GitHub'
 
 **Warning:** Do not use `go get` to download Grafana. Recent versions of Go have added behavior which isn't compatible with the way the Grafana repository is structured.
 
+### Configure Editors
+
+For some IDEs, additional configuration may be needed for Typescript to work with [Yarn plug'n'play](https://yarnpkg.com/features/pnp).
+For [VSCode](https://yarnpkg.com/getting-started/editor-sdks#vscode) and [Vim](https://yarnpkg.com/getting-started/editor-sdks#vim),
+it's as easy as running `yarn dlx @yarnpkg/sdks vscode` or `yarn dlx @yarnpkg/sdks vim`, respectively.
+
+More information can be found [here](https://yarnpkg.com/getting-started/editor-sdks).
+
 ## Build Grafana
 
 Grafana consists of two components; the _frontend_, and the _backend_.
@@ -128,6 +136,26 @@ Running the backend tests on Windows currently needs some tweaking, so use the b
 go run build.go test
 ```
 
+### Run SQLLite, PostgreSQL and MySQL integration tests
+
+By default, Grafana runs SQLite to run tests with SQLite.
+
+```bash
+go test -covermode=atomic -tags=integration ./pkg/...
+```
+
+To run PostgreSQL and MySQL integration tests locally, start the Docker blocks for MySQL and/or PostgreSQL test data sources by running `make devenv sources=mysql_tests,postgres_tests`. When your test data sources are running, you can execute integration tests by running:
+
+```bash
+GRAFANA_TEST_DB=mysql go test -covermode=atomic -tags=integration ./pkg/...
+```
+
+and/or
+
+```bash
+GRAFANA_TEST_DB=postgres go test -covermode=atomic -tags=integration ./pkg/...
+```
+
 ### Run end-to-end tests
 
 The end to end tests in Grafana use [Cypress](https://www.cypress.io/) to run automated scripts in a headless Chromium browser. Read more about our [e2e framework](/contribute/style-guides/e2e.md).

contribute/documentation.md

@@ -1,42 +0,0 @@
-# Contributing to documentation
-
-This documents guides you through the process of contributing to the Grafana documentation. Make sure you've read the guide for [Contributing to Grafana](/CONTRIBUTING.md).
-
-## Your first contribution
-
-If you’re unsure about where to start, check out some of our [open docs issues](https://github.com/grafana/grafana/issues?q=is%3Aopen+is%3Aissue+label%3Atype%2Fdocs).
-
-Sometimes it can be difficult to understand an issue when you're just getting started. Refer to this list of [beginner-friendly issues](https://github.com/grafana/grafana/issues?q=is%3Aopen+is%3Aissue+label%3Atype%2Fdocs+label%3A"beginner+friendly") for tasks suitable for first-time contributors.
-
-When you’ve found an issue you want to work on, please comment on the issue to let other people know you intend to work on it.
-
-If you encounter any misspellings or violations to the style guide, please let us know by submitting an issue (or just fix them if they are minor changes).
-
-On every page in the [documentation](https://grafana.com/docs/) are two links in the upper right corner:
-
-- **Edit this page** takes you directly to the file on GitHub where you can contribute a fix.
-- **Request doc changes** prepares an issue on GitHub with relevant information already filled in.
-
-## Join our community
-
-For general discussions on documentation, you’re welcome to join the `#docs` channel on our [public Grafana Slack](http://slack.raintank.io) team.
-
-## Style and formatting
-
-All Grafana documentation is written using [Markdown](https://en.wikipedia.org/wiki/Markdown), and can be found in the [docs](/docs) directory in the [Grafana GitHub repository](https://github.com/grafana/grafana). The [documentation website](https://grafana.com/docs) is generated with [Hugo](https://gohugo.io) which uses [Blackfriday](https://github.com/russross/blackfriday) as its Markdown rendering engine.
-
-### Documentation structure
-
-The Grafana documentation is organized into topics, called _sections_. You can take a look at the current build at [grafana.com/docs/](https://grafana.com/docs/).
-
-Each top-level section is located under the [docs/sources](/docs/sources) directory. Subsections are added by creating a subdirectory in the directory of the parent section.
-
-For each section, an `_index.md` file provides an overview of the topic.
-
-### Style guide
-
-Refer to the [Documentation style guide](style-guides/documentation-style-guide.md) for information about Grafana style, word choice, and grammar conventions.
-
-### Spelling
-
-The [codespell](https://github.com/codespell-project/codespell) tool is run for every change to catch common misspellings.

contribute/documentation/README.md

@@ -0,0 +1,235 @@
+# Contribute to our documentation
+
+We provide these guidelines to help our contributors make additions or corrections to our documentation.
+
+## Welcome
+
+Welcome. We're glad you're here to help make our technical documentation even better. We develop content that leads our users to success using Grafana products. Technical accuracy is our primary consideration, and we value the use of inclusive language. We regard your feedback as a gift - thanks for reading through these guidelines.
+
+### Intended audience
+
+We write these guidelines for contributors who are interested in improving our technical content.
+
+## Understanding the structure of Grafana documentation
+
+All Grafana Enterprise and OSS documentation is located in the [Grafana open source project](https://github.com/grafana/grafana) GitHub repository: https://github.com/grafana/grafana/tree/main/docs/sources.
+
+- The **sources** directory organizes content by topic areas, for example **administration** and **alerting**.
+- Topic directories include an `_index.md` file, which provides an overview of the topic, and optionally includes subtopics that provide more detail.
+
+> The `_index.md` file is required.
+
+### Writing in markdown
+
+We write technical documentation using [Markdown](https://en.wikipedia.org/wiki/Markdown). We've put together a short guide to help you how to structure and format your content.
+
+To access the markdown guide, refer to [Markdown style guide](documentation-markdown-guide.md).
+
+## Ways to contribute
+
+We're thrilled that you are considering contributing to the documentation. You can contribute content in the following ways:
+
+- [Request a change](#request-a-change)
+- [Edit a topic](#edit-a-topic)
+- [Write a topic](#write-a-topic)
+
+### Request a change
+
+Request a change when you want to make a suggestion about a topic, but don't want to provide an edit that generates a pull request. Requesting a change gives you the freedom to express your ideas without committing language. Your suggestion can reflect a small change to wording or can reflect larger, more substantive changes.
+
+GitHub captures your request as an **Issue** logged against the repository.
+
+Before you begin:
+
+- Create a GitHub account.
+
+To request a change, complete the following steps:
+
+1.  While viewing the topic, click **Request a change**.
+
+The Issue title auto-populates with the location of the file about which you are requesting a change.
+
+![Request a change](request-change.png)
+
+2. Enter a change request description.
+
+3. Add the **type/docs** label.
+
+4. Click **Submit new issue**.
+
+### Edit a topic
+
+If you want to recommend a small change, such as suggesting a correction to a topic, you can edit the topic directly in GitHub. You are not required to fork and clone the repo to use this approach.
+
+Other small changes might include:
+
+- Adding steps to a task
+- Adding clarifying language to a concept
+- Providing an example
+
+Before you begin:
+
+- Create a GitHub account.
+
+To edit a topic, complete the following steps:
+
+1. While viewing the topic you want to edit, click **Edit this page**.
+
+![Edit a topic](edit-file.png)
+
+2. Add your changes to the topic.
+
+3. Scroll to the bottom of the page and enter a branch name.
+
+   For example, enter `clarified dashboard panel definition`.
+
+4. Click **Commit**.
+
+   GitHub prompts you to create a PR.
+
+5. Complete the prompts provided in the body of the PR.
+
+6. Click **Create pull request**.
+
+### Write a topic
+
+At Grafana Labs, we use the principles of topic-based authoring when we write technical documentation. Topic-based authoring provides guidelines for writing three _types_ of technical documentation: concept, task, and reference. Before you begin writing, establish the topic type you want to write.
+
+#### Understanding topic types
+
+Technical content is divided into three topic types: concept, task, and reference.
+
+- **Concept**: A concept topic explains _what_ a feature (or idea) is, and why it is important.
+- **Task**: A task topic explains _how_ to complete an end user procedure in the system. Task topics contain steps.
+- **Reference** A reference topic contains lookup information that a user might consult when they complete a task. Documenting a list of values with descriptions is a common form of reference topic.
+
+**Example**
+
+Suppose you are writing content for a site called _Doggie handbook_. You might organize your topics like this:
+
+**Concepts**
+
+- What a dog is
+- Brief history of dogs
+- Why you might want a dog
+- Tasks dogs can be trained to do
+
+**Tasks**
+
+- Feed the dog
+- Groom the dog
+- Train the dog
+
+**References**
+
+- List of dog equipment you will need
+- Table of breeds that includes breed name, size range, short or long hair, and type of dog
+
+#### Prepare your environment
+
+Before you begin writing, we recommend that you fork and clone the Grafana repository so that you can use a text editor locally to create branches, commit your changes, and create a PR.
+
+While this document doesn't include git commands or descriptions of Github operations, you might find these links useful.
+
+- [Install git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git): We store all source code, including documentation, in Git repositories.
+- [Fork a repo](https://docs.github.com/en/get-started/quickstart/fork-a-repo): Locate the repo you want to clone, and fork it.
+- [Clone a repo](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository): Clone the repository to your local machine.
+- [Create a branch](https://git-scm.com/book/en/v2/Git-Branching-Basic-Branching-and-Merging): Before you make change, create a branch. Do not push changes against the `main` branch.
+- [Create a PR](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request): After you add, commit, and push your changes, create a PR in Github.
+
+#### Use a documentation template to contribute a topic
+
+We have provided documentation templates that align with each topic type:
+
+- [Concept](templates/doc-concept-template.md)
+- [Task](templates/doc-task-template.md)
+- [Reference](templates/doc-reference-template.md)
+
+Each template provides additional usage and formatting guidelines. We recommend that you make a copy of whichever template you are using, then add content.
+
+> Remove any unused content before you commit your changes.
+
+#### View a local build
+
+Prior to pushing your changes, you can view a local build of the documentation so that you can review your work.
+
+To view a local build:
+
+1. Install [Docker](https://www.docker.com/products/docker-desktop).
+
+1. Run Docker.
+
+1. Navigate to the **docs** root directory.
+
+1. Run `make build`.
+
+1. Open `localhost:3002` to review your changes.
+
+## Push changes and create a PR
+
+When you are ready for other people to review your work, perform the following tasks.
+
+1. [Add](https://git-scm.com/docs/git-add) your changes, which prepares your content for the next commit.
+
+1. [Commit](https://git-scm.com/docs/git-commit) your changes.
+
+1. [Push](https://git-scm.com/docs/git-push) your changes to Github.
+
+1. [Create a PR](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request) in Github.
+
+The docs build system automatically conducts a series of tests to ensure that the content doesn't conflict with other content in the docs repository.
+
+### Understanding the PR review and approval workflow
+
+When a PR is added to the repo with a label associated with `docs`, it will be reviewed by a member of the technical writing team. Depending on the size of the PR and the priority of other work, the PR will either be immediately reviewed and merged (minor fixes typically follow this pattern) or the PR will be triaged and placed in the backlog of work or moved into further development.
+
+## Join our community
+
+For general discussions on documentation, you’re welcome to join the `#docs` channel on our [public Grafana Slack](http://slack.raintank.io) team.
+
+## Reference: Top five writing tips
+
+While we don't provide a comprehensive style guide in this document, here's a few writing tips to help the writing process.
+
+### Consider the audience
+
+Write for an audience that is computer literate and has general technical knowledge, but is not necessarily familiar with Grafana or the finer points of observability.
+
+Pretend you are explaining your topic to a brand new Grafana user or developer.
+
+### Write clear and concise sentences and paragraphs
+
+Use the following sentence structure when you write: _subject_—_verb_—_object_. If you are telling a user to do something, write an imperative sentence. For example “Enter the refresh rate time interval and click Save.”
+
+- You can also start a sentence with an _if_ clause, which positions the condition before the action.
+- Limit the number of words in a sentence to 20..
+
+### Use active voice
+
+Active voice makes the performer of the action the subject
+of the sentence. When you write in passive voice, the recipient of the action (and not the performer) becomes the subject of the sentence.
+
+Active-voice sentences are more direct and clearly identify _who_ is doing _what_. Not all tasks are completed by a user; sometimes the system can also be a performer (and by extension, the subject of the sentence). When you write in active voice you clearly make that distinction, which results in more engaging and less wordy content.
+
+| Use (active)                                          | Avoid (passive)                                                      |
+| ----------------------------------------------------- | -------------------------------------------------------------------- |
+| After you upgrade the software, restart the computer. | After the software has been upgraded, the computer can be restarted. |
+| Click **OK** to save the dashboard.                   | The dashboard is saved when the **OK** button is clicked.            |
+| Create a dashboard.                                   | A dashboard is created by you.                                       |
+
+### Avoid obscure non-English words and abbreviations
+
+Users might be unfamiliar with some non-English words and abbreviations such as _per_, _vs_, and _via_. Latin abbreviations in particular, like _i.e._, _e.g._, and _etc._, are vague.
+
+| Use          | Don’t use   |
+| ------------ | ----------- |
+| through      | via         |
+| that is      | i.e.        |
+| according to | per, as per |
+| and so on    | etc.        |
+
+### Write self-contained topics
+
+Thanks to search engines, every page in the documentation might be a reader's entry point. This means that each page needs to be self-contained and make sense on its own. The reader should not need to read other topics in order to perform the task or understand the concept.
+
+However, try to be helpful and link to related information. Using the _Doggie handbook_ example, the concept topic that explains what dogs can be trained to do might link to the Train the dog task.

contribute/localization.md

@@ -0,0 +1,194 @@
+# Localisation
+
+Grafana uses the [LinguiJS](https://github.com/lingui/js-lingui) framework for managing translating phrases in the Grafana frontend.
+
+## tl;dr
+
+- Use `<Trans id="search-results.panel-link">Go to {panel.title}</Trans>` in code to add a translatable phrase
+- Translations are stored in .po files in `public/locales/{locale}/messages.po`
+- If a particular phrase is not available in the a language then it will fall back to English
+
+## How to add a new translation phrase
+
+1. Use one of `@lingui/macro`'s React components with the `id`, ensuring it conforms to the guidelines below, with the default english translation. e.g.
+
+```jsx
+import { Trans } from @lingui/macro
+
+const SearchTitle = ({term}) => (
+  <Trans id="search-page.results-title">
+    Results for {term}
+  </Trans>
+);
+```
+
+Prefer using the JSX components (compared to the plain javascript functions, see below) where possible for phrases. Many props can (and probably should) be changed to accept the `React.ReactNode` instead of `string` for phrases put into the DOM.
+
+Note that Lingui must be able to statically analyse the code to extract the phrase, so the `id` can not be dynamic. e.g. the following will not work:
+
+```jsx
+const ErrorMessage = ({ id, message }) => <Trans id={`errors.${id}`}>There was an error: {message}</Trans>;
+```
+
+2. Upon reload, the default English phrase will appear on the page.
+
+3. Before submitting your PR, run the `yarn i18n:extract` command to extract the messages you added into the `messages.po` file and make them available for translation.
+
+## How translations work in Grafana
+
+Grafana uses the [LinguiJS](https://github.com/lingui/js-lingui) framework for managing translating phrases in the Grafana frontend. It:
+
+- Marks up phrases within our code for extraction
+- Extracts phrases into messages catalogues for translating in external systems
+- "Compiles" the catalogues to a format that can be used in the website
+- Manages the user's locale and putting the translated phrases in the UI
+
+### Phrase ID naming convention
+
+We set explicit IDs for phrases to make it easier to identify phrases out of context, and to track where they're used. IDs follow a naming scheme that includes _where_ the phrase is used. The exception is the rare case of single reoccuring words like "Cancel", but default to using a feature/phrase specific phrase.
+
+Message IDs are made of _up to_ three segments in the format `feature.area.phrase`. For example:
+
+- `dashboard.header.refresh-label`
+- `explore.toolbar.share-tooltip`
+
+For components used all over the site, use just two segments:
+
+- `footer.update`
+- `navigation.home`
+
+### Top-level provider
+
+In [AppWrapper.tsx](/public/app/AppWrapper.tsx) the app is wrapped with `I18nProvider` from `public/app/core/localisation.tsx` where the Lingui instance is created with the user's preferred locale. This sets the appropriate context and allows any component from `@lingui/macro` to use the translations for the user's preferred locale.
+
+### Message format
+
+Lingui uses the [ICU MessageFormat](https://unicode-org.github.io/icu/userguide/format_parse/messages/) for the phrases in the .po catalogues. ICU has special syntax especially for describing plurals across multiple languages. For more details see the [Lingui docs](https://lingui.js.org/ref/message-format.html).
+
+### Plain JS usage
+
+See [Lingui Docs](https://lingui.js.org/ref/macro.html#t) for more details.
+
+Sometimes you may need to translate a string cannot be represented in JSX, such as `placeholder` props. Use the `t` macro for this.
+
+```jsx
+import { t } from "@lingui/macro"
+
+const placeholder = t({
+   id: 'form.username-placeholder',
+   message: `Username`
+});
+
+return <input type="value" placeholder={placeholder}>
+```
+
+While the `t` macro can technically be used outside of React functions (e.g, in actions/reducers), aim to keep all UI phrases within the React UI functions.
+
+## Examples
+
+See the [Lingui docs](https://lingui.js.org/ref/macro.html#usage) for more details.
+
+### Basic usage
+
+For fixed phrases:
+
+```jsx
+import { Trans } from '@lingui/macro';
+
+<Trans id="page.greeting">Hello user!</Trans>;
+```
+
+You can include variables, just like regular JSX. Prefer using "simple" variables to make the extracted phrase easier to read for translators
+
+```jsx
+import { Trans } from '@lingui/macro';
+
+// Bad - translators will see: Hello {0}
+<Trans id="page.greeting">Hello {user.name}!</Trans>;
+
+// Good - translators will see: Hello {userName}
+const userName = user.name;
+<Trans id="page.greeting">Hello {userName}!</Trans>;
+```
+
+Variables must be strings (or, must support calling `.toString()`, which we almost never want).
+
+```jsx
+import { Trans } from '@lingui/macro';
+
+// This will not work
+const userName = <strong>user.name</strong>;
+<Trans id="page.greeting">Hello {userName}!</Trans>;
+
+// Instead, put the JSX inside the phrase directly
+const userName = user.name;
+<Trans id="page.greeting">
+  Hello <strong>{userName}</strong>!
+</Trans>;
+```
+
+### React components and HTML tags
+
+Both HTML tags and React components can be included in a phase. The Lingui macro will replace them with placeholder tags for the translators
+
+```js
+import { Trans } from "@lingui/macro"
+
+const randomVariable = "variable"
+
+<Trans id="page.explainer">
+  Click <button>here</button> to <a href="https://grafana.com">learn more.</a>
+</Trans>
+
+// ↓ is transformed by macros into ↓
+<Trans
+  id="page.explainer"
+  defaults="Click <0>here</0> to <1>learn more</1>"
+  components={[
+    <button />,
+    <Text />
+  ]}
+/>
+
+// ↓ is in the messages.po file like ↓
+msgid "page.explainer"
+msgstr "Click <0>here</0> to <1>learn more</1>"
+```
+
+### Plurals
+
+See the [Lingui docs](https://lingui.js.org/ref/macro.html#id1) for more details.
+
+Plurals require special handling to make sure they can be translating according to the rules of each locale (which may be more complex that you think!). Use the `<Plural />` component and specify the plural forms for the default language (English). The message will be extracted into a form where translators can extend it with rules for other locales.
+
+```js
+import { Plural } from "@lingui/macro"
+
+<Plural
+  id="sharing.shared-with"
+  value={sharedCount}
+  none="Not shared with anyone"
+  one="Shared with one person"
+  other="Shared with # people"
+/>
+
+// ↓ is transformed by macros into ↓
+
+<Trans
+  id="example.plurals"
+  values={{ sharedCount }}
+  defaults="{sharedCount, plural, none {Not shared with anyone}, one {Shared with one person}, other {Shared with # people}"
+/>
+
+// sharedCount = 0 -> Not shared with anyone
+// sharedCount = 1 -> Shared with one person
+// sharedCount = 3 -> Shared with # people
+```
+
+### Date and time
+
+[Lingui has functions](https://lingui.js.org/ref/core.html#I18n.date) to format dates and times according to the convention to the user's preferred locale, based on the browser [Intl.DateTimeFormat](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Intl/DateTimeFormat) API. However, as displaying dates and times is fundamental to Grafana, guidelines have not been established for this yet.
+
+## Documentation
+
+[Grafana's documentation](https://grafana.com/docs/grafana/latest/) is not yet open for translation and should be authored in American English only.