* Social: link to OrgRoleMapper
* OIDC: support Generic Oauth org to role mappings
Fixes: #73448
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Handle when getAllOrgs fails in the org_role_mapper
* Add more tests
* OIDC: ensure orgs are evaluated from API when not from token
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* OIDC: ensure AutoAssignOrg is applied with OrgMapping without RoleAttributeStrict
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Extend docs
* Fix test, lint
---------
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
* add function to static function to static service
* find email and login claims with jmespath
* rename configuration files
* Replace JWTClaims struct for map
* check for subclaims error
Removes legacy alerting, so long and thanks for all the fish! 🐟
---------
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Co-authored-by: Sonia Aguilar <soniaAguilarPeiron@users.noreply.github.com>
Co-authored-by: Armand Grillet <armandgrillet@users.noreply.github.com>
Co-authored-by: William Wernert <rwwiv@users.noreply.github.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
* query OAuth info from a new instance
* add `hd` validation flag
* add `disable_hd_validation` to settings map
* update documentation
---------
Co-authored-by: Jo <joao.guerreiro@grafana.com>
* initial changes for generic_oauth, okta
* updates
* add terraform examples for each provider
* add link to terraform registry for grafana_sso_settings resource
* remove auth_url, token_url and api_url from github, gitlab and google
* Add documentation for enabling email lookup
* Apply suggestions from code review
Co-authored-by: lwandz13 <126723338+lwandz13@users.noreply.github.com>
* Address review feedback
* Update TF provider version
* Apply suggestions from code review
Co-authored-by: lwandz13 <126723338+lwandz13@users.noreply.github.com>
* Use Azure AD for now
---------
Co-authored-by: Mihai Doarna <mihai.doarna@grafana.com>
Co-authored-by: lwandz13 <126723338+lwandz13@users.noreply.github.com>
* Update Grafana.com org sync index.md
Included additional information regarding logging in with Grafana.com credentials that it will override what is defined within the Grafana instance.
* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana-com/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Eve Meelan <81647476+Eve832@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* added Descope as an OAuth2 provider
Added docs for customers of ours that have asked us how to use Descope with Grafana. We wanted to make sure they can easily find these docs on both our website and Grafana's.
* Update docs/sources/setup-grafana/configure-security/configure-authentication/generic-oauth/index.md
Co-authored-by: Ieva <vasiljeva.ieva@gmail.com>
* Update docs/sources/setup-grafana/configure-security/configure-authentication/generic-oauth/index.md
Co-authored-by: Ieva <vasiljeva.ieva@gmail.com>
* Update docs/sources/setup-grafana/configure-security/configure-authentication/generic-oauth/index.md
Co-authored-by: lwandz13 <126723338+lwandz13@users.noreply.github.com>
* Changed note to use admonition
* Prettier
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Ieva <vasiljeva.ieva@gmail.com>
Co-authored-by: lwandz13 <126723338+lwandz13@users.noreply.github.com>
Co-authored-by: Jack Baldry <jack.baldry@grafana.com>
* fix id token hint information
* Update docs/sources/setup-grafana/configure-security/configure-authentication/keycloak/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Improve groups claim setup docs
* Improve the GroupMember.Read.All perm docs
* Apply suggestions from code review
* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md
* Update docs/sources/setup-grafana/configure-security/configure-authentication/azuread/index.md
* Update the groups and app roles documentation
* Update
* Split long list to separate sections
* fix anchor
* Apply suggestions from code review
* Address other comments, fix anchors
* Address other comments, lint
* Apply suggestions from code review
* Changes
* final adjustments
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: lwandz13 <126723338+lwandz13@users.noreply.github.com>
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* Split signout_redirect_url into per provider settings
* update docs
* update devenvs
* add missing struct tag
---------
Co-authored-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: jguer <me@jguer.space>
* support google oauth allowed_groups. unify allowed groups logic
* add role mapping for google oauth
* add documentation
* add addendums
* remove extra isGroupMember
* add to sample ini
* Apply suggestions from code review
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Docs: Update auditing docs with a basic authentication example
* Add admonition for Cloud guidance
Co-authored-by: Steven Dungan <114922977+stevendungan@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-security/audit-grafana.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Steven Dungan <114922977+stevendungan@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* added the feature parity table to our iam strategy
* wip
* updated the table with current features
* added better formatting for explanations
* change emoji to words
* sample of new table approach
* changing the name from unsupported to N/A
* add describtion of N/A and remove warning
---------
Co-authored-by: Chris Moyer <chris.moyer@grafana.com>
* Update all use of docs/shared in Grafana to use keyword arguments
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Add version inference to remaining Grafana docs/shared usage
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* sets skip_org_role_sync to true for google
* add google skiporgrolesync and sets to true always
* add field
* Update docs/sources/setup-grafana/configure-security/configure-authentication/google/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* add AKS to words
* script back to mina
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update _index.md
Adding popular open-source proxy options so users don't have to do further research if they don't want to
* ran Prettier
* Update docs/sources/setup-grafana/configure-security/_index.md
Co-authored-by: Ieva <vasiljeva.ieva@gmail.com>
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <vasiljeva.ieva@gmail.com>
* init for base branch
* Add authnz code ownership
* Fix docs ownsership path
* docs revamp: Plan IAM strategy (#62582)
* Add planning page
* Add teams definition
* Expand on planning and benefits
* Add reasons to organize users
* Add description of User Teams
* Add Grafana organizations info
* Add a section between Teams and Orgs
* Add a section for external systems
* planning your role strategy
* Add service account documentation
* Add Auth Setup to index sidebar
* Address PR comments
* Add planning for API keys
* Add team and org sync
* Docs: role and permission section for planning docs (#64702)
* docs revamp: Service accounts (#63710)
* docs revamp: Add new documentation to sidebar index (#66104)
* docs revamp: synchronisation planning (#66409)
* Docs: api keys (#64803)
* Remove personal access tokens section
* Move auth integration planning page
* Remove auth folder
* Restore codeowners file
* reword and update info on user management and grouping
* Rename iam strategy page
* extend the section on teams and organizations
* Rename planning your IAM section
* Move to administration section
* Add definition for role sync
* Relocate planning
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Set every page to have defaults of 'Enterprise' and 'Open source' labels
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set administration pages to have of 'Cloud', 'Enterprise', and 'Open source' labels
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set administration/enterprise-licensing pages to have 'Enterprise' labels
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set administration/organization-management pages to have 'Enterprise' and 'Open source' labels
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set administration/provisioning pages to have 'Enterprise' and 'Open source' labels
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set administration/recorded-queries pages to have labels cloud,enterprise
* Set administration/roles-and-permissions/access-control pages to have labels cloud,enterprise
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set administration/stats-and-license pages to have labels cloud,enterprise
* Set alerting pages to have labels cloud,enterprise,oss
* Set breaking-changes pages to have labels cloud,enterprise,oss
* Set dashboards pages to have labels cloud,enterprise,oss
* Set datasources pages to have labels cloud,enterprise,oss
* Set explore pages to have labels cloud,enterprise,oss
* Set fundamentals pages to have labels cloud,enterprise,oss
* Set introduction/grafana-cloud pages to have labels cloud
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix introduction pages products
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set panels-visualizations pages to have labels cloud,enterprise,oss
* Set release-notes pages to have labels cloud,enterprise,oss
* Set search pages to have labels cloud,enterprise,oss
* Set setup-grafana/configure-security/audit-grafana pages to have labels cloud,enterprise
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set setup-grafana/configure-security/configure-authentication pages to have labels cloud,enterprise,oss
* Set setup-grafana/configure-security/configure-authentication/enhanced-ldap pages to have labels cloud,enterprise
* Set setup-grafana/configure-security/configure-authentication/saml pages to have labels cloud,enterprise
* Set setup-grafana/configure-security/configure-database-encryption/encrypt-secrets-using-hashicorp-key-vault pages to have labels cloud,enterprise
* Set setup-grafana/configure-security/configure-request-security pages to have labels cloud,enterprise,oss
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set setup-grafana/configure-security/configure-team-sync pages to have labels cloud,enterprise
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set setup-grafana/configure-security/export-logs pages to have labels cloud,enterprise
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Set troubleshooting pages to have labels cloud,enterprise,oss
* Set whatsnew pages to have labels cloud,enterprise,oss
* Apply updated labels from review
Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: brendamuir <100768211+brendamuir@users.noreply.github.com>
Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>
* First changes
* WIP docs
* Align current tests
* Add test for UseRefreshToken
* Update docs
* Fix
* Remove unnecessary AuthCodeURL from generic_oauth
* Change GitHub to disable use_refresh_token by default
* github oauth doc improvements
* add skip_org_role_sync to config for github provider
* update links and section headings
* update the docs based on the first PR
* update references
* update generic OAuth docs
* some more fixes and corrections
* update examples and sync sections
* fix a link
* linting
* formatting and adding more links to OAuth integrations
* add a section with config walkthrough
* fix link
* move examples to the end of the doc
* extend role mapping
* small improvements
* add a before you begin section, clean up steps, remove some text
* remove unnecessary section
* merge main 2
* OAuth -> OAuth2
* remove Centrify example because it's likely outdated
* add shared intro content
* indentation
* add refresh token to tasks, clean up more sections
* linting
* linting
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-security/configure-authentication/generic-oauth/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* indentation and small descriptions under headings
* add a table for config options
* clean up more sections
* rewrite email address section
* rewriting login and display name sections, plus adding line breaks
* clean up more sections
* update role mapping section
* indentation again
* update section names
* incorporates final edits
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* pr feedback
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* PR feedback: rewording
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Chris Moyer <chris.moyer@grafana.com>
* Update cascading front matter to use sequence form
The map form does not override the sequence form that is used in the website repository to specify the default labels.
For more information, refer to https://github.com/grafana/writers-toolkit/pull/234.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove useless alias
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update labels for pages noted in code review
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Move all product labeling to the project index file
All changes can be made in a single place.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Move all individual page product labels to project index file
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Shorten YAML
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Add newlines to aid readability
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Document front matter ordering
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Rewrite labels for breaking-changes pages
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* updated labels for whats new and breaking changes
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Isabel <76437239+imatwawana@users.noreply.github.com>
* Enable doc-validator for specific directories
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix one linting error to trigger CI
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update doc-validator to latest release
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update make-docs procedure
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Use doc-validator version from CI in local make target
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Revert to 1.11.0
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* adds missing descriptions
* Fix titles and headings
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix link formats
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix easy to resolve anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove broken anchor link
This anchor appears to have been broken for a long time.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Use doc-validator image with support for numbered anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update make-docs procedure to support doc-validator 2.0.x
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix a bunch of broken anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Ignore old whatsnew content
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Update doc-validator to v2.0.x and use reviewdog to report errors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* removes broken links
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Chris Moyer <chris.moyer@grafana.com>
* Draft: Feature: Trusted Types support
* remove trusted-types package
* Create policy before jQuery and Angular is loaded and add feature flag
* Add trustedTypePolicies
* Sanitize scriptURL
* Add TT meta tag for test env
* Move trusted types into core
* Add DOMParser support for TrustedHTML
* Seperate RSS sanitization and add better TrustedHTML support
* Get test CSP header from config
* Remove dompurify dep from core
* Add documentation for trusted types
* Apply suggestions from code review
Co-authored-by: Kristian Bremberg <114284895+KristianGrafana@users.noreply.github.com>
* Add comment about Github discussion thread and things breaking
* Remove changes from News panel
* Remove TT feature toggle
* Expose TT and CSPReportOnly to frontend
* Log errors in console when CSP report only is enabled
* Log error for reporting and remove test mode
* Only insert CSP header in HTML for dev env
* Update docs
---------
Co-authored-by: Tobias Skarhed <tobias.skarhed@gmail.com>
Co-authored-by: Tobias Skarhed <1438972+tskarhed@users.noreply.github.com>
* first pass at SAML UI docs
* doc updates
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* review feedback
* finish documentation for all the sections
* remove unneeded doc bit
* PR feedback
* cross-reference SAML UI docs from SAML config file docs
* extending the docs with the new fields and expaning the mapping section
* feedback
* add the permissions required to access SAML UI
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Added note to contact Support
* Update docs/sources/setup-grafana/configure-security/configure-authentication/enhanced-ldap/index.md
* Update docs/sources/setup-grafana/configure-security/configure-authentication/enhanced-ldap/index.md
* makes prettier
* Apply suggestions from code review
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Chris Moyer <chris.moyer@grafana.com>
* update enhanced-ldap
documenting a potential issue with ldap active sync, when search filter and username attributes do not match.
* Update docs/sources/setup-grafana/configure-security/configure-authentication/enhanced-ldap/index.md
* formats example
* Update docs/sources/setup-grafana/configure-security/configure-authentication/enhanced-ldap/index.md
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Chris Moyer <chris.moyer@grafana.com>
* docs: add featuretoggle introduction
* update to point to the setting instead
* Update docs/sources/administration/user-management/manage-org-users/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* update text
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Fix reference to Grafana CLI
- Make relref for relative permalink
- Use relative path for unambiguous resolution
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix alerting relref anchor format
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Avoid ambiguous relref lookups by forcing relative resolution
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove reference to non-existent shared page
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix links broken in Grafana Cloud using absolute relrefs
By resolving the relref absolutely, it refers to the same location
regardless of mounted directory.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove trailing slash for bundle independent resolution
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix typo
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* For now, avoid Hugo checking cross repository /docs/grafana-cloud link
The path is unlikely to change in the short term and this makes CI
completely green for now.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* No need to specify path for in page anchors
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix prose
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Add 'Grafana Cloud' label to content
All pages are applicable to both 'Open source' and 'Grafana Cloud'
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Add 'Grafana Cloud' label to administration content with some exceptions
- Enterprise licensing is 'Open source' and 'Enterprise'.
- 'Manage Organizations', 'Provision Grafana', and 'Stats and License' are 'Open source' only.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove OSS from enterprise-licensing content
* Apply suggestions from code review
---------
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Clarify that enabling LDAP will create users by default when they log in
This proposed change to the doc was requested by a user in support ticket `79860`, as it was not clear to them that the OOTB behavior was for user accounts to be provisioned automatically in Grafana when signing in for the first time via LDAP.
* Update docs/sources/setup-grafana/configure-security/configure-authentication/ldap/index.md
Thanks!
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* fix boolean
Woops, `true` should be `false`
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* update ldap library and use go module path
* add TLS min version and accepted min TLS version
* set default min ver to library default
* set default min ver to library default
* add cipher list to toml
* Update pkg/services/ldap/settings.go
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* lint
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Add PDC docs
Add documentation for private data source connect, available in Cloud Pro and Advanced in closed preview
* Move PDC ssh key generation task
* edits throughout
* move image to media folder
---------
Co-authored-by: Chris Moyer <chris.moyer@grafana.com>
* add: deprecaation notice for overall setting
* add: deprecation notice for configuration files
* chore: update docs with deprecation notice
* refactor: change to note the new setting instead
* Update pkg/setting/setting.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* refactor: based on review comments
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* WIP
* Update pkg/services/login/authinfo.go
* fix: merge
* change order to internal last
* adds: docs
* add: configuration for defaults and sample
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Jo <joao.guerreiro@grafana.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* add: skip_org_role_sync setting for github
* fix: frontend
* rearranged tests
* refactor: assignGrafanaAdmin skip also
* Add: tests for allowGrafanaAdmin
- both for the case when both settings are set and the setting for only
allowGrafanaAdmin
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update pkg/login/social/github_oauth.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* added vairable inside scope
* Update docs/sources/setup-grafana/configure-security/configure-authentication/github/index.md
* Update docs/sources/setup-grafana/configure-security/configure-authentication/github/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Add new config option
* Add frontend control
* Condition new auth broker with config option
* Condition old auth broker with config option
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Config: Separate lists either by spaces or by commas.
* Simplify space separation
* use separate function for the config strings
* Change behavior only if string contains quotes
* add test for invalid string
* Use JSON list syntax
* ignore leading spaces when process list
* Add notes about using JSON lists into the docs
* Fix typo
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* [WIP] Auth: add backend skipOrgRoleSync to AzureAD OAuth
- add: skipOrgRoleSync
- rename: skipOrgRoleSync to skipOrgRoleSyncBase (to make it clear that
it is the base version of SocialBase)
- add: tests for skipOrgRoleSync in AzureAD
TODO:
- [ ] frontend changes
* add: docs
* refactor: remove role from basicinfo
* add: settings for grafanacom
* add: settigns for frontend
* add: logic for azureAD user skip org role
* add: docs for skip_org_role_sync
* refactor: docs a bit
* add: tests for userinfo
* refactor: to only extract if skiporgrolesync false
* refactor: based on review comments
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Docs: add Grafana security hardening
* Apply suggestions from code review
Changed grammar and typos based on feedback.
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Move configure-security-hardening.md file to new directory to comply with Hugo.
* Linting with Prettier
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Use relative aliases for all non-current Grafana aliases
Prevents non-latest documentation "stealing" the page away from latest
and through permanent redirects for latest pages that no longer exist.
The redirected pages are indexed by search engines but our robots.txt
forbids them crawling the non-latest page.
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove aliases from shared pages
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Rewrite all current latest aliases to be next
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Fix typo in latest alias
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Remove all current page aliases
find docs/sources -type f -name '*.md' -exec sed -z -i 's#\n *- /docs/grafana/next/[^\n]*\n#\n#' {} \;
find docs/sources -type f -name '*.md' -exec sed -Ez -i 's#\n((aliases:\n *-)|aliases:\n)#\n\2#' {} \;
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Prettier
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* usageinsights: record events for Explore queries
* usageinsights: make the source field optional
It is not logical to have it for an event like the dashboard-view
* usageinsights: add comment to Explore test
Explain why we are reversing a previous decision
Misi
Mihai Doarna
Eric Leijonmarck
Mathieu Parent
linoman
Xavi Lacasa
Ryan Crutchfield
Ieva
Dai Nguyen
Fredrik Ekre
Larissa Wandzura
Gilles De Mey
Ivana Huckova
Aaron Godin
Armand Grillet
Christopher Moyer
Jo
Tobias Skarhed
Kristina
Kevin J Gao
Trần Hoàng Việt
andrewthomas92
venkatbvc
Timur Olzhabayev
Gabriel MABILLE
Jack Baldry
Vardan Torosyan
arukiidou
Tristan Otterpohl
Jan Garaj
Bruno Melo
Kevin Burke
Jess Sartin
cmo-pomerium
Mitch Seaman
marybelvargas
Eve Meelan
Jan Garaj
MichaelKo
Matt Dodson
Kristian Bremberg
Alexander Zobnin
Kevin Minehart
Isabel
melGL
annelaurefroment
Joan López de la Franca Beltran
Aaron Godin
chrisharbro
Georges Chaudy
Ron D
Daniel Lee
Giuseppe Crinò