grafana

Commit Graph

Author	SHA1	Message	Date
colin-stuart	a5708105df	SCIM: validate external UID (#105046 ) * SCIM: validate externalUID * better tests * add additional test cases * add externalID as field in fromUserToUserSchema * fix test case	2 weeks ago
Ryan McKinley	0283c98e30	K8s/Folders: Use v1beta1 and app-sdk based spec (#103975 )	1 month ago
Stephanie Hingtgen	f5ad1ef69b	K8s: Folders: Add v1 api (#103842 )	1 month ago
linoman	acf85504fc	SCIM: Rename `allow_non_provisioned_users` (#103684 ) Rename `allow_non_provisioned_users`	1 month ago
linoman	eeb4c045d3	SCIM: Add access control for non provisioned users (#103596 ) * Add hook to validate access for users based on provisioning logic * Wire the hook * Add tests * declare new variables for errors * rework the authorization flow for provisioned users * Add scim feature to testinfra opts * Grant access if the identity doesn't have associated a user * skip external uid check for subsequent calls * Update tests	1 month ago
linoman	d82d03a1d3	SCIM: Update authinfoquery (#103123 ) * Rewrite mismatched externalUID error message * Update AuhtInfo if user exists	2 months ago
Mariell Hoversholm	77fa2271be	AppPlatform: Introduce experimental Github integration for dashboard configuration management (#96329 ) * [Provisioning] Pay back some technical debt (#100720) * Handle pagination in github client * Add some unit test coverage * Remove unknown repository * Remove unknown leftover * Revert "Add some unit test coverage" This reverts commit `420c9674d2`. * Revert "Revert "Add some unit test coverage"" This reverts commit `f7eca41957`. * Revert unit tests in github package * Remove S3 case as it's now deprecated * [Provisioning] Consolidate job status report in JobProgressRecorder (#100718) * Log also successful operation * Consolidate stop logic under TooManyErrors * Use error for TooManyErrors * Pass the progress recorder * Define JobProgressRecorder interface * Do not expect workers to return status * Remove scenarios due to pointers * Use recorder to manage the entire state * Provisioning: Support rotating secrets (#100705) * Provisioning: Refactor webhook to another interface (#100733) * POC/Provisioning: Remove S3 references (#100734) * Remove unused script * Remove s3 references * Provisioning: Keep the existing k8s name if it is specified in metadata (#100672) * keep name * keep name * Revert "keep name" This reverts commit `29f87bcaeb`. * Commit stale go.mod * Keep name also for sync deletions --------- Co-authored-by: Roberto Jimenez Sanchez <roberto.jimenez@grafana.com> * Update preview banner copy * Query Library: Move backend to enterprise (#100371) * Fix wire * Fix jobs table re-renders * Provisioning: Refactor history to its own interface (#100735) * Provisioning: Refactor history to its own interface * refactor: use VersionedRepository * Update API * Provisioning: Test the GitHub client directly (#100808) * Provisioning: Test the GitHub client directly Instead of mocking the abstracted client, test it as well by mocking the underlying GitHub client. This also lets us remove the mock for the abstracted client. * refactor: move out helpers * chore: set dependency owner * Provisioning: Better clone/push error support (#100854) * Provisioning: Replace searcher with one that knows about modes (#100857) * Provisioning: Start in "mode5" when nothing exists in legacy (#100862) * [Provisioning] Fix duplicate sync jobs triggered in controller (#100870) * Improve logging on reasons why the controller triggered * Fix messaging for sync job * fix lint * Provisioning: Move legacy export/import into a single migrate job (#100865) * [Provisioning] Miscellanenous bug fixes and improvements (#100976) * Error if found duplicate ID * Fix issue with manual test button * Fix issue with health errors not going away * Display status in sync overview * Use patch operations instead * Trigger sync job after status update * Convert Export Tab into modal * Remove unused FieldSet import * Only last 8 jobs * Remove Links card * Use button for Github Source Code * Add actions to resources page * Add resource column to Repository Resources * Display Job Spec in RecentJobs * Display dates in history page * Display Avatar if available * Improve styling of the avatar * Update betterer * Remove duplicate history header in history * Commit betterer * Address code styling issues * update flags * github v69 * v69 * POC/Provisioning: Add wizard (#100596) * Chore: make update-workspace * Chore: Fix lints (#101039) * Provisioning: Workflows as write access (#101031) * workflow as write access * workflow as write access * workflow as write access * Update pkg/registry/apis/provisioning/repository/test.go Co-authored-by: Mariell Hoversholm <mariell.hoversholm@grafana.com> * POC/Provisioning: Add wizard (#100596) * update refs * update refs * lint fix * lint fix * lint fix * default everythign to read only * reuse form components * remove main --------- Co-authored-by: Mariell Hoversholm <mariell.hoversholm@grafana.com> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * merge main * Fix workflow types * Betterer * [Provisioning] Fix webhook and finalizer issues (#101052) Fix webhook and finalizer issue The maximum number of webhooks per repository is 20 * [Provisioning] Fix issue with last ref (#101056) * Fix issue with last ref * Update frontend code * Fix the local tmp test * Use lastRef * POC/Provisioning: Simplify connect step (#101064) * Fix sending workflows * Use write for local * Move connect action to the next step * Remove wizard props * Typo * Redirect to wizard * Show repo link after successful export * Provisioning: Avoid starting sync jobs when using legacy storage (#101114) * avoid starting sync jobs on legacy * newlines * Provisioning: Onboarding landing page (#101112) * add landing page before wizard * Update onboarding page * Update URL * Remove unused * Add deleteAll button * Improved text * betterer --------- Co-authored-by: Clarity-89 <homes89@ukr.net> * Provisioning: use the sync job to finish the migrate job (#101107) * Provisioning: Show progress more often (#101128) * show progress bar earlier * show progress bar earlier * update wording to be less specific * POC/Provisioning: Enable sync (#101131) * update preview banner * actualy remove and don't crash without provisioning flag * Update db banner * Provisioning: Export oldest items first (#101189) * Provisioning: better branch handling (#101188) * add missing file * Provisioning: Fix tests (#101197) * Provisioning: Refactor tests to be multiple functions * Provisioning: Fix tests * fix: make github-example sync * fix misspell * Provisioning: avoid migration wizard if things are already in unified storage (#101204) Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * more lint * POC/Provisioning: Handle connect step errors (#101192) * Provisioning: Unify status handling in repository and migrate steps * Refactor: Move WorkflowsField outside RepositoryStep and use proper type * Refactor: Improve repository verification error handling and UI * Refactor: Simplify repository verification error handling * Refactor: Simplify RepositoryStep component structure * Refactor: Improve error handling in RepositoryStep * Refactor: Remove redundant repository creation logic from ProvisioningWizard * Refactor: Simplify RequestErrorAlert component * show github error * now will verify * test .git * recover from bad config * Update error handling * Remove unused prop * merge upstream * Show migration summary * Update text * Improve text * Betterer * [Provisioning] Review controller changes (#101216) * Review health check conditions * Move down the logic to set up the sync status * Skip if it's only a health check rerun * Fix health check conditions * Preserve last ref * Format code * Rename to shouldSkipSync --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> Co-authored-by: Roberto Jiménez Sánchez <roberto.jimenez@grafana.com> * fix promotion step * In the promotion pipeline, publish should depend on build * fix promotion pipeline * [Provisioning] Use smaller methods to process repository events (#101240) * update codegen * merge main * Provisioning: Avoid localhost error loop (#101253) * Provisioning: Update the recent jobs formatting (#101250) format history * [Provisioning] Refactor Pull Request & Lint worker (#101273) * Refactor the code * Refactor into separate files * Consolidate linter flag in one spot * Use global feature flags * Commit betterer * Remove from JSON the intermidiate flag * Use again spec * Clean up * Revert changes in test * POC/Provisioning: Remove sync confirm modal (#101281) * [Provisioning] Remove linting from MVP (#101286) * Remove Linting backend * Re-generate client * POC/Provisioning: Unify tags (#101218) * Unify tags * add both tags * add tag types * Check for the redirect only once * Add fetch settings with delay hook * Refetch settings * Split hooks into separate files * Cleanup * Prettier * Prettier * Remove lint code * Betterer --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * Provisioning: Update token instructions (#101280) * Provisioning: Use blob storage rather than local file system to save images (#101298) * [Provisioning] Add more explicit setup warnings if webhook integration and image rendering are disabled (#101304) * Setup warnings if renders or webhooks are not possible * Improve display * Use a single Alert * Make design more compact * Only display local config is missing critical feature toggles * Improve styling of required flags * Add file name to the custom ini itself * Add copy button * Add FeatureSection Component * Commit betterer * Use an interactive table * Use a modal for instructions * Use the same modal for example config * Improve setup steps * Improve stepper * Copy code ctrl + c * Make it more compact * Select feature to enable * Improve the height of alerts * Separate components * Better warnings * Improve the page * Improve the cards * Improve cards even more * Improve cards * Improve cards * Optional copy in code block * Add side bar with steps * Improve styling * Style modal * Clean up Code * Remove index file * Simplify Step Component * Commit betterer * Simplify components * Use CodeEditor and Clipboard components * Do not show scrollback on minimum size * Fix positioning of footer * Separate Component for Feature * Use different styling * Commit betterer * Use more Grafana components in the FeatureCard * Separate sidebar into own components * Simplify sidebar code * Commit betterer * Remove connector * Simplify styling further * Use cards * Improve code * Use more grafana component in InstructionsModal * Further simplify * Simplify the code * Simplify style * Clean up * Simplify the Wizard * Use little icons * Improve feature cards * Improve cards * Commit betterer * Add description to feature setup * Improve instructions for snapshot preview * Move all files into Setup folder * Commit betterer * Clean up the warnings code * Improve coding * Move sidebar item to separate fiel * Rename components * Fix issues * Use stack instead * Improve style * Don't show setup button if configured already * Simplify again CSS * Use secondary actions * Style a bit more * Improve wording * Update warning * Refer to docs in Image Renderer * More clean up * Revert changes in generated client * Fix typos and imports * Fix lint errors * Provisioning: better error support (#101490) * update openapi snapshot * fix build * Provisioning: Only show setup page when feature toggles are missing (#101502) * form fixing * form fixing * always send UID * Same onboarding page regarless of migration (#101557) * backend building... frontend still broken * rename sync with main * Provisioning: Update dashboard badge (#101599) * Rename to push / pull everything user-facing (#101577) * Rename to push / pull all everything user-facing * Use automatic pulling wording * Provisioning: Migrate when using unified storage (#101572) * migrate when not unified * Update pkg/registry/apis/provisioning/register.go Co-authored-by: Roberto Jiménez Sánchez <roberto.jimenez@grafana.com> * variables * merge main --------- Co-authored-by: Roberto Jiménez Sánchez <roberto.jimenez@grafana.com> * Add tabs and features tab to listing page (#101570) * List features in onboarding page (#101558) * merge main * POC/Provisioning: Check if the instance is provisioned (#101601) * Check if the instance is provisioned * Fix lints * Fix getting config for new dashboard * Fixes after merge * More fixes * Show success message * Fix default value * Add test * Fix lints * Provisioning: Include URLs in ResourceWrapper response (#101511) * Convert Migrate wizard into a Connection Wizard (#101575) * Convert Migrate wizard into a Connection Wizard * Remove duplicate empty state * Allow users to select target in the first step * Remove file created by merge * Select target based on existing connections * Default option for targets and explainatory alert * Do not display connect button if single connection * Display target as tag in repository card * Add Pull Step * Fix linting * User decides if migrate or connect * Improve style based based on review * Provisioning: Return upsert resource when writing (#101574) * [Provisioning] Getting Started Page and Tab (#101701) * merge main * fix go.mod * Provisioning: Redirect to the new URL after save (#101757) Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * POC/Provisioning: create folder (#101619) * Add NewProvisionedFolderForm * Cleanup * Add folder api * Register API * Do not show provisioned badge for instances * Enable saving * Show saved alert * Fixes * Fix deps * Cleanup * Add test * Add test * Updates * Fix test * Fix import * [Provisioning] Display instance connection directly in home (#101720) * Show tabs directly in home page for instance sync * Display actions also in the home page * Add delete button to actions * Fix issue with files tab * Display tabs also in instant sync * Generate connection name for instance sync * Fix issues when no repositories * Set active tab * Remove leftover * Rename component for listing folder repository * Fix linting issues * Fix merge error * Rename to HomePage * Split folder list into separate component * Create own component for repository card * Improve RepositoryCard readability * Improve RepositoryCard styling * Make view primary button * Fix syntax * Fix generateName * merge main * Provisioning: Move folder management into its own helper (#101864) * folder * update folder links * Fix test * update * cleanup --------- Co-authored-by: Clarity-89 <homes89@ukr.net> * fixed folder issue * POC/Provisioning: Create folder from root (#101921) * Enable creating folder at the root * Fix test * Add interceptor * Provisioning: Expose stats (#101927) * [Provisioning] Unified onboarding wizard (#101952) * Spike the solution * More work * Add more situations * Attempt to display count of dashboards and folders * Attempt with file count * Do not display options if not possible * Improve styling resources * Use another API * Fix issue with selection * Style a bit * Fix more issues * Make the sync step work * Improve links * Use LinkButton * Start pull automatically * Start migration automatically * Fix issue with options * Fix issues * Fix loading error * Improve more things * Improve styling * Improve messaging * Set the autofocus * Fix some issues * Fix issue with disabled options * Only resources * Finish settings depending on configuration * Move title to wizard * Fix title * Improve styling * Badge * Explain on hover * Improve styling * Disabled at the bottom * History & identifiers * Improve wording * Add padding left and right disable options * Delete repository * Improve buttons * Give index time to catch up * Improve buttons * Handle steps with only forms * Fix issue with initial migrate or pull * Commit betterer * Error messages * Use memo * Revampt that a bit * Attempt to simplify the state and components * Improve the component for Migrate * Commit betterer * Fix issue in next button * Clean up more * Start for boostrap step * Fix issue with running status * Fix issue with loading bootstrapping * Improve loading * Improve more the loading * Fix issue with loading * Empty tree * Handle error * Fix issue with looping * Remove commented out lines * Add comment * Remove accidental file * Fix imports * Improve MigrateStep and PullStep * Use hook for step status * JobStep component * Refactor data fetching * Validate with Github * Fix issue with failed error * Fix next on success * Address small comments * Separate file for WizardContent * Fix linting * Use step approach also for bootstrap * Make the logic for moving between steps clearer * Fix navigation issue * Clean up some logic * Use useAsync for JobStep steps * Revert "Use useAsync for JobStep steps" This reverts commit `242a275cc9`. * Provisioning: use service to get counts (#101972) counts * must migrate when using legacy storage * Revert "Revert "Use useAsync for JobStep steps"" This reverts commit `a420d0ac36`. * Fix async conditions * Organize imports * Separate component for BootstrapOptionCard * BootstrapOptionsList * Remove duplicate definitions --------- Co-authored-by: Clarity-89 <homes89@ukr.net> Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * Merge * Fix utils * POC/Provisioning: Fix folder path for dashboard (#101997) * Provisioning: Fix folder path for dashboards * Fix isNew * Update test * Fix any error * Betterer * [Provisioning] Improve progress recording and updates (#102035) * do not validate on delete * Provisioning: Implement authorizer for remaining resources (#101945) * feat: implement authorizer for remaining resources * fix: don't allow viewers to write files * security: harden blob id fetching * add integration test for admin vs viewer * feat: only Get is a valid verb for reads in our subresources Co-Authored-By: Ryan McKinley <ryantxu@gmail.com> * feat: allow render for all requests * refactor: use guards Not changing code that goes `if a { } else if b { } else { }` as the semantic meaning of the different branches is easier to parse. --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * POC/Provisioning: Improve wizard setup (#102066) * wizard actions * workign better * remove more memo * show polling interval * cleanup * finalizers * Update public/app/features/provisioning/Wizard/BootstrapStep.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Update public/app/features/provisioning/Wizard/BootstrapStep.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Update public/app/features/provisioning/Wizard/BootstrapStep.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Update public/app/features/provisioning/Wizard/BootstrapStep.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Update public/app/features/provisioning/Wizard/BootstrapStep.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Update public/app/features/provisioning/Wizard/WizardContent.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Update public/app/features/provisioning/Wizard/WizardContent.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Update public/app/features/provisioning/Wizard/BootstrapStep.tsx Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * updates from alex * updates from alex * Simplify actions * Extract props * history supported form legacy only (for now) * More refactor * change order * Fix cleanup finalizer * show kinds * fix lint --------- Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Clarity-89 <homes89@ukr.net> Co-authored-by: Roberto Jimenez Sanchez <roberto.jimenez@grafana.com> * Fix resource condition (#102086) * Fix job summary stats issue (#102084) * merge main * Repository link should point to configured branch (#102092) * Add getRepoHref * Fix random string generation * Redirect to Home on repository deletion (#102096) * Fix extra commas in pull request comment (#102108) * Fix image rendering endpoint (#102107) * POC/Provisioning: Support migrate... when starting with unified storage (#102097) * use same clone * now using upsert * Fix lint --------- Co-authored-by: Roberto Jimenez Sanchez <roberto.jimenez@grafana.com> * Clean up unprovisioned resources after unified storage migration (#102126) * Clean up unprovisioned resources after migrate * Clean up unprovisioned resources after migrate * Update pkg/registry/apis/provisioning/jobs/migrate/resources.go * Reset summary between export and pull (#102101) * Reset summary between export and pull * Add reset results to unified storage migration * Provisioning: always dirty (#102151) * fix test version * log the watch line * POC/Provisioning: Disable repository list watch (#102169) * Disable watch for repo list endpoint * Add comment * Remove another watch * Provisioning: Avoid calling test on every update (#102161) test less often * Provisioning: Support prefixes in GitHub repositories (#101969) * feat: add a Prefix property to GitHub repo spec * feat: make nested folders work properly * feat: use subdir for go-git export * fix: placeholder for prefix should be grafana/ * feat: rename prefix to path * fix: json name should be path, too Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * chore: regen apis * fix: copy 'path' --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * Merge * Fix duplicate type * Provisioning: Test export functionality (#101336) * Provisioning: Test export functionality * fix: use context.Background * test: add more cases for local repo path resolving * test: rework test inputs * test: try to make github test work * fix: clear global state * Update api client imports * Fix import * Fix test * Update codegen * Provisioning: Make it green (#102271) * chore: remove unused functions * chore: update betterer results * chore: update openapi spec * chore: yarn generate-apis * fix: specify default false if undefined * Use AnnoKeyManagerIdentity * Add manager kind * POC/Provisioning: Update component structure (#102297) * Update project structure * Update imports * Remove unused components * Copy fixes * Typo * More copy fixes * Betterer * Update test * merge main * Provisioning: Replace hardcoded clients with discovery client (#101918) * disco client * discovery client * merge main * merge main * keep factory * keep factory * find preffered version for delete factory * use same folders request * merge main * with integration test * POC/Provisioning: Compare spec in test rather than raw JSON (#102352) * compare spec not json * compare spec not json * [Provisioning] Add in-code TODOs in API Server area (#102360) * Add TODOs for files endpoint * Add TODO history endpoint * Add TODO to move files logic to resource package * Add TODO to not use private fields directly * Remove unnecessary checks in list connector * Add pagination TODO in lister * Add TODO to rename resources * Add todo about cloning too early * Add TODO to propose to merge sync and migrate endpoints * Add TODOs in register * Add more TODOs in connectors & routes * Add TODOs about prefix * Change it to remove * Update pkg/registry/apis/provisioning/test.go Co-authored-by: Ryan McKinley <ryantxu@gmail.com> --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * POC/Provisioning: Switch folders to use managedBy (#102362) * Folders: Switch to managedBy * Fix create folder * Fix tests * Do not allow changing folder from dashboard settings * Update imports * Update provisioned meta * Do not show provisioned badge for child folders * Fix folder title * Update folder actions * Update new provisioned folder form * Remove unused code * Fix condition * Reset default values on change * Remove duplicate nav item * Add managedBy to DashboardQueryResult * Provisioning: support watch over live (in feature branch) (#102408) * Provisioning: watch cleanup (#102424) * fix lint * Provisioning: Add basic usage stats (#102405) * [Provisioning] Add limitations to Github Repository (#102451) * Put limits to Github * File is too large * Move constants * Embed ListOptions again * Remove TODO * Provisioning: Pick a better default title (#102516) better title * Provisioning: sanitize pull request urls (#102517) * [Provisioning] Clean up clone after export and migrate (#102467) * Remove clone directory on clone failure * Defer remove clones * Log error if removal fails --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * [Provisioning] Limit path length and depth in APIs (#102472) * Limit filepath length in files API calls * Add common utility to deal with paths * Use the existing function * Fix import * Update pkg/registry/apis/provisioning/safepath/limit.go Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * Fix issue after website commit * Fix linting issue in test --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * Add timeout, JSON check and max body size to endpoints (#102443) * Add timeout, JSON check and max body size to endpoints * Use http.MaxBytesReader instead * Use MaxBytesReader also for reading the entire body * Add empty line * Add unit tests * Fix integration tests * Update pkg/registry/apis/provisioning/render.go Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * Do not use utils :) * Fix comment on unmarshalJSON * 25MB for webhook events * Remove content type check for files write --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * fix imports * Provisioning: Remove export option from the UI (#102511) * [Provisioning] Remove unused checkout method in go-git (#102460) * [Provisioning] Limit max number of repositories to 10 (#102542) * Limit to maximum 10 repositories in backend * Change messaging * Do not display connect button if more than 10 * Only fetch settings once * watch repos --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com> * [Provisioning] Limit size and time to git clone and push in go-git (#102458) * Limit git clone and push time and size * Fix linting * Use transport instead to limit * Remove not supported * Add TODO to make timeout configurable * chore: make update-workspace * Provisioning: Implement a new job queue (#102446) * feat: implement a new job queue Outstanding problems: * Status isn't saved. * Progress updates don't work (due to status not being saved probably?). * feat: properly save status * chore: document label * chore: assumptions do hold * fix: support multi-tenant job drivers * fix: use namespace=* * fix: set resource back to pointer when updating job progress If we don't do this, we start rejecting job progress updates as the version falls out of sync. * feat: make job APIs read-only * fix: complete job when worker returns * fix: set namespace on requests from controller * test: check historic jobs * chore: regen apis * feat: start augmenting frontend * feat: add jobs to authorizer * feat: use watch from input * fix: make frontend subscribe to historic jobs * fix: lint * chore: yarn prettier:write * fix: frontend lints * test: allow for empty state in historicjobs * test: set content type for export request * fix: always set job name on insert * fix: import * fix: use dashes not colons * fix: job status should expect a historic job transition * fix: allow PR jobs from multiple PRs * feat: same name for sync and migrate jobs * feat: generate a job name in the store * refactor: rename to persistentStore * feat: remove status subresources on jobs * feat: join jobs into one card * chore: regen openapi snapshot --------- Co-authored-by: Roberto Jimenez Sanchez <roberto.jimenez@grafana.com> * Provisioning: Use a complete storage for jobs (#102605) * feat: add a complete strategy to apiserver * feat: use the complete storage strategy for jobs * test: behaviour changed in main * [Provisioning] Consolidate file path handling (#102617) * Add more cases for validation * Call the method dir * Clean files endpoint * Simplify further * Fix issues with folder * Add Dir function * Use walk function in folders * Move things from ID * Fix some tests * Add tree * Sync worker and changes * Add more TODOs * Add normal join * Remove things in local * Consolidate single Join * Call it safe * Add new IsPathSupported action * Move the depth to resources * Add more cases * Improve trie implementation * Add tests trie * Fix trie tests * Improve trie tests * Add tests for walk * Fix linting * Add unit tests filepath * Remove TODO * Remove another TODO * Unsupported file extension error * Add documentation for IsPathSupported * Filepath unit tests * Use safepath to validate github path * Remove TODO in wrapper * Use trailing slash in folder internal object * Fix changes test * Include dot * Add TODO to explore own type for path * Fix frontend lint * Fix unit tests * Fix provisioning integration tests --------- Co-authored-by: Roberto Jiménez Sánchez <roberto.jimenez@grafana.com> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> Co-authored-by: Ryan McKinley <ryantxu@gmail.com> Co-authored-by: Clarity-89 <homes89@ukr.net> Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com> Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>	2 months ago
linoman	cb532cafef	SCIM: Validate provisioned users (#102099 ) * Validate authID when user is provisioned * Add new `user_unique_id` to `user_auth` table * Validate provisioned user with saml assertion * Rework `ExternalUID` * Validate for ExternalUID only * Enhance verbosity * Move ExternalUID to saml config * Rename db variable for externalUID * Add verbosity to debug ExternalUID * Assign new error for ExternalUID mismatch * Add `GetByLoginFn` * Add new configuration to saml tests * add validation for empty externalUID	2 months ago
Quentin Bisson	aeca9a80a4	JWT: Add org role mapping support to the JWT provider (#101584 ) * add org role mapping to the jwt provider * Fix indentation for OrgMapping assignment * add-test * fix linting * add org_attribute_path * fix test * update doc * update doc * Update pkg/services/authn/clients/jwt.go * Update docs --------- Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>	2 months ago
xavi	045733aed6	[IAM] Clear user's permission cache after login (#102311 )	2 months ago
Karl Persson	f1e4706f79	Authn: Concurrent updates to last seen at (#102122 ) * Use singleflight for last seen update * Run last seen update in a signelflight	2 months ago
Eric Leijonmarck	94020aa9cd	Config: Remove setting `editors_can_admin` (#101607 ) * Remove editors can admin * delete file * add ac_test back * Add linting ignore * more static ignore	2 months ago
Karl Persson	43f56c5ca1	Apiserver: Refactor authenticator and authorizers (#101449 ) * Clean up authenticator * Cleanup authorizers and replace org_id and stack_id with namespace authorizer * Remove dependency on org service * Extract orgID from /apis/ urls and validate stack id	3 months ago
linoman	b7a0aeeb0d	SCIM: Disable auto assign organization if the user has been provisioned (#101307 ) * Add isProvisioned field to model * Add new isProvisioned column to migration * Disable auto assignment to organization if the user is provisioned * add annotation to user model * add annotation to user models * Remove IsProvisioned field from Identity * Move new field assignenment and add default value * Update annotations for user query results * Remove isProvisioned from identity * Add new column to test * Resolve user from identity at SyncOrgHook	3 months ago
Karl Persson	16fda6f686	Authz: Setup access claims for service identity (#100986 ) * Setup access claims for service identity and add them to identityes without any claims	3 months ago
Karl Persson	0b4c622df8	AuthN: Refetch user on "ErrUserAlreadyExists" (#100346 ) * AuthN: Refetch user on "ErrUserAlreadyExists"	3 months ago
Karl Persson	b16e290444	Auth: Remove feature toggle `authAPIAccessTokenAuth` (#100055 ) Remove feature toggle	4 months ago
Ryan McKinley	680e6bc1f8	Authlib: Use types package rather than claims (#99243 )	4 months ago
colin-stuart	4581a82ac4	Auth: disable passwordless auth if any SAML/OAuth is enabled (#98227 ) * Auth: disable passwordless auth if any SAML/OAuth is enabled * Update pkg/services/authn/authnimpl/registration.go Co-authored-by: Victor Cinaglia <victor@grafana.com> * simplify check if any auth providers are enabled * add accidentally removed break statement, use IsEnabled with empty context to check if PasswordlessMagicLinkAuth enabled * use IsClientEnabled * Update pkg/api/frontendsettings.go Co-authored-by: Misi <mgyongyosi@users.noreply.github.com> --------- Co-authored-by: Victor Cinaglia <victor@grafana.com> Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>	4 months ago
Misi	6cd3a5458e	Auth: Return error when retries have been exhausted for OAuth token refresh (#98034 ) Return error when retries for DB lock have been exhausted in oauth_token.go	5 months ago
Jo	40d3b02648	Auth: Separate anonymous settings to its own struct (#97791 ) separate anonymous settings to its own struct	5 months ago
Misi	84b8296ffb	OAuth: Use the attached external session data in OAuthToken and OAuthTokenSync (#96655 ) * wip * wip + tests * wip * wip opt2 * Use authn.Identity struct's SessionToken * Merge fixes * Handle disabling the feature flag correctly * Fix test * Cleanup * Remove HasOAuthEntry from the OAuthTokenService interface * Remove unused function	6 months ago
Karl Persson	3990637af9	IAM: remove duplicated functions (#96989 ) * Remove duplicated function and use the one provided by claims package	6 months ago
colin-stuart	6abe99efd6	Auth: Passwordless Login Option Using Magic Links (#95436 ) * initial passwordless client * passwordless login page * Working basic e2e flow * Add todo comments * Improve the passwordless login flow * improved passwordless login, backend for passwordless signup * add expiration to emails * update email templates & render username & name fields on signup * improve email templates * change login page text while awaiting passwordless code * fix merge conflicts * use claims.TypeUser * add initial passwordless tests * better error messages * simplified error name * remove completed TODOs * linting & minor test improvements & rename passwordless routes * more linting fixes * move code generation to its own func, use locationService to get query params * fix ampersand in email templates & use passwordless api routes in LoginCtrl * txt emails more closely match html email copy * move passwordless auth behind experimental feature toggle * fix PasswordlessLogin property failing typecheck * make update-workspace * user correct placeholder * Update emails/templates/passwordless_verify_existing_user.txt Co-authored-by: Dan Cech <dcech@grafana.com> * Update emails/templates/passwordless_verify_existing_user.mjml Co-authored-by: Dan Cech <dcech@grafana.com> * Update emails/templates/passwordless_verify_new_user.txt Co-authored-by: Dan Cech <dcech@grafana.com> * Update emails/templates/passwordless_verify_new_user.txt Co-authored-by: Dan Cech <dcech@grafana.com> * Update emails/templates/passwordless_verify_new_user.mjml Co-authored-by: Dan Cech <dcech@grafana.com> * use & in email templates * Update emails/templates/passwordless_verify_existing_user.txt Co-authored-by: Dan Cech <dcech@grafana.com> * remove IP address validation * struct for passwordless settings * revert go.work.sum changes * mock locationService.getSearch in failing test --------- Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com> Co-authored-by: Dan Cech <dcech@grafana.com>	6 months ago
Karl Persson	8d74296b6c	Authn: Always set namespace (#96230 ) * Rename from AllowedKubernetesNamespace to Namespace * Use a sync hook to always set namespace for Identity. * format * Don't set uid when authenticating as user	6 months ago
Misi	50a635bc7e	Auth: Introduce authn.SSOClientConfig to get client config from SSOSettings service (#94618 ) * wip * possible solution * Separate interface for SSO settings clients * Rename interface * Fix tests * Rename * Change GetClientConfig to comma ok idiom	7 months ago
linoman	21d26de4d8	Session Refactor: Add SAMLSession (#94490 ) * add saml session struct * resolve saml session * Add NameID --------- Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>	7 months ago
Misi	c872cad879	OrgSync: Do not set default Organization for a user to a non-existent Organization (#94537 ) Do not set default org for a user to a missing org Co-authored-by: Karl Persson <kalle.persson@grafana.com>	7 months ago
Misi	bd7850853e	Auth: Attach external session info to Grafana session (#93849 ) * initial from poc changes * wip * Remove public external session service * Update swagger * Fix merge * Cleanup * Add backgroud service for cleanup * Add auth_module to user_external_session * Add tests for token revocation functions * Add secret migration capabilities for user_external_session fields * Cleanup, refactor to address feedback * Fix test	8 months ago
Gabriel MABILLE	7ef13497a8	AuthN: Ext JWT support actions (#92486 )	8 months ago
Dan Cech	9020eb4b17	Auth: Update oauthtoken service to use remote cache and server lock (#90572 ) * update oauthtoken service to use remote cache and server lock * remove token cache * retry is lock is held by an in-flight refresh * refactor token renewal to avoid race condition * re-add refresh token expiry cache, but in SyncOauthTokenHook * Add delta to the cache ttl * Fix merge * Change lockTimeConfig * Always set the token from within the server lock * Improvements * early return when user is not authed by OAuth or refresh is disabled * Allow more time for token refresh, tracing * Retry on Mysql Deadlock error 1213 * Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go Co-authored-by: Dan Cech <dcech@grafana.com> * Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go Co-authored-by: Dan Cech <dcech@grafana.com> * Add settings for configuring min wait time between retries * Add docs for the new setting * Clean up * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> --------- Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>	9 months ago
Karl Persson	8bcd9c2594	Identity: Remove typed id (#91801 ) * Refactor identity struct to store type in separate field * Update ResolveIdentity to take string representation of typedID * Add IsIdentityType to requester interface * Use IsIdentityType from interface * Remove usage of TypedID * Remote typedID struct * fix GetInternalID	9 months ago
Ryan McKinley	21d4a4f49e	Auth: use IdentityType from authlib (#91763 )	9 months ago
Vardan Torosyan	e20f8c566d	RBAC sync: Fix removal of roles which need to be added (#91152 ) * RBAC sync: Fix removal of roles which need to be added * Optimize code * cleanup: appease the linter --------- Co-authored-by: Victor Cinaglia <victor@grafana.com>	10 months ago
Ryan McKinley	9db3bc926e	Identity: Rename "namespace" to "type" in the requester interface (#90567 )	10 months ago
Vardan Torosyan	82236976ae	Add support ticket fixed roles to cloud role sync (#90864 ) * Add support ticket fixed roles to cloud role sync * Adding tests * Fix the linter	10 months ago
Mihai Doarna	bbd1611265	SSO: Register LDAP service if LDAP is enabled in SSO settings (#90228 ) register LDAP service if LDAP is enabled in SSO settings	10 months ago
Charandas	c210617735	K8s: use contexthandler in standalone handler chain (#90102 )	11 months ago
Misi	f337da8e57	Chore: Add more context to logs of OAuthToken and OAuthTokenSync (#90071 ) Chore: Add more context to oauth token sync	11 months ago
Jeff Levin	cfe8317d45	Add auth spans and remove deduplication code for scopes (#89804 ) Adds more spans for timing in accesscontrol and remove permission deduplicating code after benchmarking --------- Signed-off-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>	11 months ago
Ryan McKinley	99d8025829	Chore: Move identity and errutil to apimachinery module (#89116 )	11 months ago
Misi	ed6b3e9e7c	Auth: Introduce pre-logout hooks + add GCOM LogoutHook (#88475 ) * Introduce preLogoutHooks in authn service * Add gcom_logout_hook * Config the api token from the Grafana config file * Simplify * Add tests for logout hook * Clean up * Update * Address PR comment * Fix	12 months ago
Carl Bergquist	6c79f63c04	Auth: Pass ctx when updating last seen (#88496 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	12 months ago
Kristin Laemmert	16b1e285ea	Chore: Use cache for all signed in user lookups (#88133 ) * GetSignedInUser unexported (renamed to getSignedInUser) * GetSignedInUserWithCacheCtx renamed to GetSignedInUser * added a check for a nil cacheservice (as defensive programming / test convenience)	1 year ago
Karl Persson	5c27f223af	Authn: Support access token wildcard namespace (#87816 ) * Authn+ExtJWT: allow wildcard namespace for access tokens and restructure validation	1 year ago
Karl Persson	9977258d04	AuthN: Set uid during authentication (#87797 ) * Identity: Remove GetNamespacedUID and use GetUID instead * Authn: Set uid for users and service accounts	1 year ago
Karl Persson	0f3080ecb8	AuthN: Fix signout redirect url (#87631 ) * Add missing return * Use sign out redirect url from auth config if configured * remove option from auth.jwt that is not used	1 year ago
Karl Persson	be5ced4287	Identity: Use typed version of namespace id (#87257 ) * Remove different constructors and only use NewNamespaceID * AdminUser: check typed namespace id * Identity: Add convinient function to parse valid user id when type is either user or service account * Annotations: Use typed namespace id instead	1 year ago
Dan Cech	41bee274fd	Chore: Fix error handling in postDashboard, remove UserDisplayDTO, fix live redis client initialization (#87206 ) * clean up error handling in postDashboard and remove UserDisplayDTO * replace GetUserUID with GetUID and GetNamespacedUID, enforce namespace constant type * lint fix * lint fix * more lint fixes	1 year ago
Gabriel MABILLE	8802282ebc	RBAC: fix panic role not found permission sync (#87217 )	1 year ago

1 2 3 4

187 Commits (unistore-distributor-option2)