Merge branch 'main' into ash/layout-tweak

2025-05-28 14:36:32 +01:00 · 2025-05-28 14:36:32 +01:00 · e337a99a8d
parent 6c6f3c8bd4 312fcb4a54
commit e337a99a8d
6 changed files with 51 additions and 36 deletions
--- a/docs/sources/setup-grafana/configure-security/_index.md
+++ b/docs/sources/setup-grafana/configure-security/_index.md
@ -45,6 +45,16 @@ Self-hosted reverse proxy options include but are not limited to:
 - [NGINX](https://docs.nginx.com/nginx/) using their [guide on restricting access with HTTP basic authentication](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/)
 - [OAuth2 proxy](https://github.com/oauth2-proxy/oauth2-proxy)
 ### Configure CORS
 If you want to enable CORS for your Grafana instance, run Grafana behind a reverse proxy and configure the CORS headers in the reverse proxy.
 For more information, refer to [Run Grafana behind a reverse proxy](https://grafana.com/tutorials/run-grafana-behind-a-proxy/).
 {{< admonition type="note" >}}
 Grafana doesn't recommend using wildcard values (`*`) as header values and recommends using a URL instead.
 {{< /admonition >}}
 ## Limit Viewer query permissions
 Users with the `Viewer role` can enter _any possible query_ in _any_ of the data sources available in the **organization**, not just the queries that are defined on the dashboards for which the user has Viewer permissions.
--- a/pkg/build/daggerbuild/arguments/grafana.go
+++ b/pkg/build/daggerbuild/arguments/grafana.go
@ -3,7 +3,6 @@ package arguments
 import (
 	"context"
 	"fmt"
 	"log"
 	"log/slog"
 	"path"
 	"path/filepath"
@ -95,16 +94,30 @@ func GrafanaDirectoryOptsFromFlags(c cliutil.CLIContext) *GrafanaDirectoryOpts {
 }
 func cloneOrMount(ctx context.Context, client *dagger.Client, localPath, repo, ref string, ght string) (*dagger.Directory, error) {
-	// If GrafanaDir was provided, then we can just use that one.
+	if localPath != "" {
-	if path := localPath; path != "" {
+		absolute, err := filepath.Abs(localPath)
-		slog.Info("Using local Grafana found", "path", path)
+		if err != nil {
-		return daggerutil.HostDir(client, path)
+			return nil, fmt.Errorf("error getting absolute path for local dir: %w", err)
 		}
 		localPath = absolute
 		slog.Info("Using local directory for repository", "path", localPath, "repo", repo)
 		return daggerutil.HostDir(client, localPath)
 	}
 	ght, err := githubToken(ctx, ght)
 	if err != nil {
 		return nil, fmt.Errorf("error acquiring GitHub token: %w", err)
 	}
 	return git.CloneWithGitHubToken(client, ght, repo, ref)
 }
 func applyPatches(ctx context.Context, client *dagger.Client, src *dagger.Directory, repo, patchesPath, ref, ght string) (*dagger.Directory, error) {
 	ght, err := githubToken(ctx, ght)
 	if err != nil {
 		return nil, fmt.Errorf("error acquiring GitHub token: %w", err)
 	}
 	// Clone the patches repository on 'main'
 	dir, err := git.CloneWithGitHubToken(client, ght, repo, ref)
 	if err != nil {
@ -144,12 +157,7 @@ func applyPatches(ctx context.Context, client *dagger.Client, src *dagger.Direct
 func grafanaDirectory(ctx context.Context, opts *pipeline.ArgumentOpts) (any, error) {
 	o := GrafanaDirectoryOptsFromFlags(opts.CLIContext)
-	ght, err := githubToken(ctx, o.GitHubToken)
+	src, err := cloneOrMount(ctx, opts.Client, o.GrafanaDir, o.GrafanaRepo, o.GrafanaRef, o.GitHubToken)
 	if err != nil {
 		log.Println("No github token found:", err)
 	}
 	src, err := cloneOrMount(ctx, opts.Client, o.GrafanaDir, o.GrafanaRepo, o.GrafanaRef, ght)
 	if err != nil {
 		return nil, err
 	}
@ -172,7 +180,7 @@ func grafanaDirectory(ctx context.Context, opts *pipeline.ArgumentOpts) (any, er
 		WithFile(".buildinfo.branch", branchFile)
 	if o.PatchesRepo != "" {
-		withPatches, err := applyPatches(ctx, opts.Client, src, o.PatchesRepo, o.PatchesPath, o.PatchesRef, ght)
+		withPatches, err := applyPatches(ctx, opts.Client, src, o.PatchesRepo, o.PatchesPath, o.PatchesRef, o.GitHubToken)
 		if err != nil {
 			opts.Log.Debug("patch application skipped", "error", err)
 		} else {
@ -209,12 +217,7 @@ func enterpriseDirectory(ctx context.Context, opts *pipeline.ArgumentOpts) (any,
 		return nil, fmt.Errorf("error initializing grafana directory: %w", err)
 	}
-	ght, err := githubToken(ctx, o.GitHubToken)
+	src, err := cloneOrMount(ctx, opts.Client, o.EnterpriseDir, o.EnterpriseRepo, o.EnterpriseRef, o.GitHubToken)
 	if err != nil {
 		return nil, nil
 	}
 	src, err := cloneOrMount(ctx, opts.Client, o.EnterpriseDir, o.EnterpriseRepo, o.EnterpriseRef, ght)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/build/daggerbuild/backend/build.go
+++ b/pkg/build/daggerbuild/backend/build.go
@ -33,7 +33,7 @@ func GoLDFlags(flags []LDFlag) string {
 // GoBuildCommand returns the arguments for go build to be used in 'WithExec'.
 func GoBuildCommand(output string, ldflags []LDFlag, tags []string, main string) []string {
-	args := []string{"go", "build", "-v", "-x",
+	args := []string{"go", "build",
 		fmt.Sprintf("-ldflags=\"%s\"", GoLDFlags(ldflags)),
 		fmt.Sprintf("-o=%s", output),
 		"-trimpath",
--- a/pkg/build/daggerbuild/backend/builder.go
+++ b/pkg/build/daggerbuild/backend/builder.go
@ -93,14 +93,14 @@ func GolangContainer(
 	container := golang.Container(d, platform, goVersion).
 		WithExec([]string{"apk", "add", "--update", "wget", "build-base", "alpine-sdk", "musl", "musl-dev", "xz"}).
-		WithExec([]string{"wget", "https://ziglang.org/download/0.11.0/zig-linux-x86_64-0.11.0.tar.xz"}).
+		WithExec([]string{"wget", "https://dl.grafana.com/ci/zig-linux-x86_64-0.11.0.tar.xz"}).
 		WithExec([]string{"tar", "--strip-components=1", "-C", "/", "-xf", "zig-linux-x86_64-0.11.0.tar.xz"}).
 		WithExec([]string{"mv", "/zig", "/bin/zig"}).
 		// Install the toolchain specifically for armv7 until we figure out why it's crashing w/ zig container = container.
 		WithExec([]string{"mkdir", "/toolchain"}).
-		WithExec([]string{"wget", "http://musl.cc/arm-linux-musleabihf-cross.tgz", "-P", "/toolchain"}).
+		WithExec([]string{"wget", "http://dl.grafana.com/ci/arm-linux-musleabihf-cross.tgz", "-P", "/toolchain"}).
 		WithExec([]string{"tar", "-xvf", "/toolchain/arm-linux-musleabihf-cross.tgz", "-C", "/toolchain"}).
-		WithExec([]string{"wget", "https://musl.cc/s390x-linux-musl-cross.tgz", "-P", "/toolchain"}).
+		WithExec([]string{"wget", "https://dl.grafana.com/ci/s390x-linux-musl-cross.tgz", "-P", "/toolchain"}).
 		WithExec([]string{"tar", "-xvf", "/toolchain/s390x-linux-musl-cross.tgz", "-C", "/toolchain"})
 	return WithGoEnv(log, container, distro, opts)
--- a/pkg/build/daggerbuild/msi/builder.go
+++ b/pkg/build/daggerbuild/msi/builder.go
@ -7,7 +7,7 @@ import (
 func Builder(d *dagger.Client) (*dagger.Container, error) {
 	nssm := d.Container().From("busybox").
-		WithExec([]string{"wget", "https://nssm.cc/release/nssm-2.24.zip"}).
+		WithExec([]string{"wget", "https://dl.grafana.com/ci/nssm-2.24.zip"}).
 		WithExec([]string{"unzip", "nssm-2.24.zip"}).
 		Directory("nssm-2.24")
--- a/public/app/features/commandPalette/ScopesRow.tsx
+++ b/public/app/features/commandPalette/ScopesRow.tsx
@ -26,6 +26,7 @@ export function ScopesRow({ treeScopes, isDirty, apply, toggleNode }: Props) {
        <span className={styles.scopesText}>
          <Trans i18nKey={'command-palette.scopes.selected-scopes-label'}>Scopes: </Trans>
        </span>
        <Stack wrap={'wrap'}>
          {treeScopes?.map((scope) => {
            return (
              <FilterPill
@ -40,6 +41,7 @@ export function ScopesRow({ treeScopes, isDirty, apply, toggleNode }: Props) {
            );
          })}
        </Stack>
      </Stack>
      {isDirty && (
        <Button
          onClick={() => {