Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New OnCall initialization process #4363

Closed
wants to merge 109 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
109 commits
Select commit Hold shift + click to select a range
0a63ceb
implement basic backend plugin and Api path config on the frontend
brojd May 20, 2024
03a3f8c
Merge branch 'dev' into brojd/backend-plugin-starter
brojd May 20, 2024
3b05cbe
update
brojd May 20, 2024
f3eb32c
update
brojd May 20, 2024
5de963a
Merge branch 'dev' into brojd/backend-plugin-starter
brojd May 21, 2024
c4817a4
update
brojd May 21, 2024
73c6631
add missing permission, move flag to env var
brojd May 21, 2024
f89dddf
update
brojd May 21, 2024
465066c
Enable drone build on branch
mderynck May 21, 2024
d98230d
Add build command
mderynck May 21, 2024
9d60c68
Split backend plugin build into separate step
mderynck May 21, 2024
d4aa462
Add build step
mderynck May 21, 2024
0fbf33e
Fix path
mderynck May 21, 2024
7e43bec
Enable externalServiceAccounts in docker compose dev
mderynck May 21, 2024
1a1f688
Merge branch 'dev' into brojd/backend-plugin-starter
brojd May 22, 2024
b9632c2
update
brojd May 22, 2024
a96d72d
Merge branch 'brojd/backend-plugin-starter' of github.com:grafana/onc…
brojd May 22, 2024
b9cf918
read useBackendPlugin from jsonData
brojd May 23, 2024
11b3b9a
update
brojd May 23, 2024
ce3ab85
remove unused import
brojd May 23, 2024
2243223
Read useBackendPlugin from jsonData (#4385)
brojd May 23, 2024
d9d0541
Basic working backend proxy
mderynck May 23, 2024
5885402
Merge
mderynck May 23, 2024
c990689
Add getting user id and permissions in backend plugin
mderynck May 24, 2024
61344c9
Add teams, handle case for non-rbac instance
mderynck May 27, 2024
9eb862a
Add install handler, disable token write from frontend
mderynck May 28, 2024
bedd61f
Revert provisioning change, lint
mderynck May 28, 2024
a4d112f
Revert provisioning
mderynck May 28, 2024
87890f5
Remove test for unused endpoints
mderynck May 28, 2024
210623c
Merge pull request #4392 from grafana/mderynck/backend-plugin-proxy
mderynck May 28, 2024
04f2bdc
Fix body not being sent by proxy
mderynck May 28, 2024
c6185f8
Merge branch 'dev' into brojd/backend-plugin-starter
brojd May 29, 2024
f42d253
Oncall initialization frontend cleanup (#4420)
brojd Jun 3, 2024
79d39d0
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 3, 2024
b550e68
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 4, 2024
9c5ce13
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 4, 2024
e9664f4
First e2e tests for plugin initialization (#4465)
brojd Jun 7, 2024
6e49e3c
Merge dev
mderynck Jun 7, 2024
7bfc867
Assemble data for user, team and permission sync in backend plugin
mderynck Jun 8, 2024
e1d1f52
Fix avatarUrl name
mderynck Jun 8, 2024
5a4b9f3
Move proxy add config for other plugin features
mderynck Jun 11, 2024
88a3a71
Merge pull request #4491 from grafana/mderynck/backend-plugin-2
mderynck Jun 11, 2024
d8011c4
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 12, 2024
b1c9e07
Fix user lookup and grafana URL for 10.1.7, fix sync check for rbac
mderynck Jun 12, 2024
f26e0a0
Merge branch 'brojd/backend-plugin-starter' of github.com:grafana/onc…
mderynck Jun 12, 2024
cce4918
WIP
mderynck Jun 15, 2024
6b05e01
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 17, 2024
410056b
Merge branch 'brojd/backend-plugin-starter' of github.com:grafana/onc…
brojd Jun 17, 2024
da1130e
WIP basic OSS install
mderynck Jun 18, 2024
ca5e8f8
WIP basic OSS status
mderynck Jun 18, 2024
b6b4013
WIP remove test permission
mderynck Jun 18, 2024
a9b1fb9
WIP remove test command
mderynck Jun 18, 2024
5441b14
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 18, 2024
036d773
fix rbac check, add grafanaUrl to provisioning file, fix Tiltfile (#4…
brojd Jun 18, 2024
682a5f4
Lint
mderynck Jun 18, 2024
6f6ea02
Merge pull request #4551 from grafana/mderynck/plugin-init-install-st…
mderynck Jun 18, 2024
670714f
Plugin configuration UI, full page error (#4507)
brojd Jun 19, 2024
8a06b66
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 19, 2024
c89d4d7
Fix install endpoint
mderynck Jun 19, 2024
b0a6205
Use provisioned grafana url for now instead of appurl
mderynck Jun 19, 2024
f4a58e5
Set provisioned grafana url to http://grafana:3000
mderynck Jun 19, 2024
7b71a2e
resetConnectionStatus
brojd Jun 20, 2024
20bd24d
more e2e tests
brojd Jun 20, 2024
b819fbe
bring back previous timeout
brojd Jun 20, 2024
e2a39f5
Fix error status code used for /install (#4571)
mderynck Jun 21, 2024
c11af49
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 21, 2024
42ea1f4
Merge branch 'brojd/backend-plugin-starter' into brojd/plugin-initial…
brojd Jun 21, 2024
012419a
improve refreshing applied url
brojd Jun 21, 2024
b575010
implement health check in /status and /install
brojd Jun 21, 2024
3925677
update
brojd Jun 21, 2024
11209fe
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 24, 2024
054e9e9
Merge branch 'brojd/backend-plugin-starter' into brojd/plugin-initial…
brojd Jun 24, 2024
f6effc4
set ONCALL_API_URL value in provisioning file based on env var (#4558)
brojd Jun 24, 2024
bb03583
Add backend plugin org sync and rework existing sync
matiasb Jun 24, 2024
ed890f0
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jun 27, 2024
048f002
Merge branch 'brojd/backend-plugin-starter' into brojd/plugin-initial…
brojd Jun 27, 2024
ebb084b
Merge branch 'brojd/backend-plugin-starter' into matiasb/engine-sync-…
brojd Jun 27, 2024
de41691
fix health check
brojd Jun 27, 2024
6a48ecd
improve error messages
brojd Jun 27, 2024
55d1db0
remove test that breaks configuration on the backend
brojd Jun 27, 2024
28ffbb3
update
brojd Jun 27, 2024
1a4a180
fix test
brojd Jun 27, 2024
8afa118
Merge pull request #4581 from grafana/matiasb/engine-sync-organization
brojd Jun 27, 2024
57c4c05
Merge branch 'brojd/backend-plugin-starter' into brojd/plugin-initial…
brojd Jun 27, 2024
771d582
handle sync_teams is None
brojd Jun 27, 2024
154f287
update
brojd Jun 27, 2024
a589a80
Merge pull request #4567 from grafana/brojd/plugin-initialization-imp…
brojd Jun 27, 2024
7f70ce1
install Mage, Go and build plugin backend on Github CI
brojd Jul 8, 2024
11694eb
Merge dev
matiasb Jul 8, 2024
fd4b23b
Fix merge issues
matiasb Jul 8, 2024
2347a2a
Fix issues post-merge
matiasb Jul 8, 2024
e6e5b1c
Sync teams on user creation during first login
matiasb Jul 1, 2024
2bcd01c
Add authentication for sync endpoint engine-side
matiasb Jul 3, 2024
d365c27
Update codeowners
matiasb Jul 3, 2024
df42162
Add tests
matiasb Jul 3, 2024
6f5a884
Update v2 sync org/stack check
matiasb Jul 4, 2024
e578df7
Add a few tests
matiasb Jul 5, 2024
72ad172
Merge dev
matiasb Jul 8, 2024
e5c729c
Merge pull request #4604 from grafana/matiasb/user-header-including-t…
matiasb Jul 8, 2024
6af98f8
Merge pull request #4620 from grafana/brojd/new-init-process-dev-depl…
brojd Jul 9, 2024
2a0db2f
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jul 9, 2024
fd5ba8a
use more Grafana versions in PRs e2e tests
brojd Jul 9, 2024
72fc09f
update
brojd Jul 9, 2024
2926837
Check for external service account before setting teams in header
matiasb Jul 9, 2024
049b85a
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jul 10, 2024
dbae55c
add comment
brojd Jul 10, 2024
e9a091a
Merge pull request #4639 from grafana/brojd/run-e2e-tests-on-prs-agai…
brojd Jul 10, 2024
289a24d
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jul 10, 2024
9a2fbb0
Merge branch 'dev' into brojd/backend-plugin-starter
brojd Jul 11, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
* @grafana/grafana-oncall-backend
/grafana-plugin @grafana/grafana-oncall-frontend
/grafana-plugin/pkg @grafana/grafana-oncall-backend
/docs @grafana/docs-gops @grafana/grafana-oncall

# `make docs` procedure is owned by @jdbaldry of @grafana/docs-squad.
Expand Down
8 changes: 8 additions & 0 deletions .github/actions/build-sign-and-package-plugin/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,13 @@ runs:
# yamllint disable rule:line-length
run: |
echo filename="grafana-oncall${{ inputs.is_enterprise == 'true' && '-ee' || '' }}-app-${{ inputs.plugin_version_number }}.zip" >> $GITHUB_OUTPUT
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: "1.21.5"
- name: Install Mage
shell: bash
run: go install github.com/magefile/[email protected]
- name: Build, sign, and package plugin
shell: bash
working-directory: ${{ inputs.working_directory }}
Expand All @@ -35,6 +42,7 @@ runs:
run: |
jq --arg v "${{ inputs.plugin_version_number }}" '.version=$v' package.json > package.new && mv package.new package.json && jq '.version' package.json;
yarn build
mage buildAll
yarn sign
if [ ! -f dist/MANIFEST.txt ]; then echo "Sign failed, MANIFEST.txt not created, aborting." && exit 1; fi
mv dist grafana-oncall-app
Expand Down
2 changes: 0 additions & 2 deletions .github/workflows/e2e-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -109,13 +109,11 @@ jobs:

# ---------- Expensive e2e tests steps start -----------
- name: Install Go
if: inputs.run-expensive-tests
uses: actions/setup-go@v4
with:
go-version: "1.21.5"

- name: Install Mage
if: inputs.run-expensive-tests
run: go install github.com/magefile/[email protected]

- name: Get Vault secrets
Expand Down
35 changes: 25 additions & 10 deletions .github/workflows/linting-and-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ env:
jobs:
lint-entire-project:
name: "Lint entire project"
runs-on: ubuntu-latest
runs-on: ubuntu-latest-16-cores
steps:
- name: Checkout project
uses: actions/checkout@v4
Expand All @@ -26,7 +26,7 @@ jobs:

lint-test-and-build-frontend:
name: "Lint, test, and build frontend"
runs-on: ubuntu-latest
runs-on: ubuntu-latest-16-cores
steps:
- name: Checkout project
uses: actions/checkout@v4
Expand All @@ -38,7 +38,7 @@ jobs:

test-technical-documentation:
name: "Test technical documentation"
runs-on: ubuntu-latest
runs-on: ubuntu-latest-16-cores
steps:
- name: "Check out code"
uses: "actions/checkout@v4"
Expand All @@ -55,7 +55,7 @@ jobs:

lint-migrations-backend-mysql-rabbitmq:
name: "Lint database migrations"
runs-on: ubuntu-latest
runs-on: ubuntu-latest-16-cores
services:
rabbit_test:
image: rabbitmq:3.12.0
Expand Down Expand Up @@ -86,7 +86,7 @@ jobs:

unit-test-helm-chart:
name: "Helm Chart Unit Tests"
runs-on: ubuntu-latest
runs-on: ubuntu-latest-16-cores
steps:
- name: Checkout project
uses: actions/checkout@v4
Expand All @@ -98,6 +98,16 @@ jobs:
- name: Run tests
run: helm unittest ./helm/oncall

unit-test-backend-plugin:
name: "Backend Tests: Plugin"
runs-on: ubuntu-latest-16-cores
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: "1.21.5"
- run: cd grafana-plugin && go test ./pkg/...

unit-test-backend-mysql-rabbitmq:
name: "Backend Tests: MySQL + RabbitMQ (RBAC enabled: ${{ matrix.rbac_enabled }})"
runs-on: ubuntu-latest-16-cores
Expand Down Expand Up @@ -201,7 +211,7 @@ jobs:

unit-test-migrators:
name: "Unit tests - Migrators"
runs-on: ubuntu-latest
runs-on: ubuntu-latest-16-cores
steps:
- name: Checkout project
uses: actions/checkout@v4
Expand All @@ -215,7 +225,7 @@ jobs:

mypy:
name: "mypy"
runs-on: ubuntu-latest
runs-on: ubuntu-latest-16-cores
steps:
- name: Checkout project
uses: actions/checkout@v4
Expand All @@ -227,10 +237,15 @@ jobs:

end-to-end-tests:
name: Standard e2e tests
strategy:
matrix:
grafana_version:
- 10.3.3
- 10.1.7
fail-fast: false
uses: ./.github/workflows/e2e-tests.yml
with:
# TODO: fix issues with running e2e tests against Grafana v10.2.x and v10.3.x
grafana_version: 10.1.7
# grafana_version: 10.3.3
grafana_version: ${{ matrix.grafana_version }}
run-expensive-tests: false
browsers: "chromium"
secrets: inherit
27 changes: 23 additions & 4 deletions Tiltfile
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ if not running_under_parent_tiltfile:
# Load the custom Grafana extensions
v1alpha1.extension_repo(
name="grafana-tilt-extensions",
ref="v1.2.0",
ref="v1.4.2",
url="https://github.com/grafana/tilt-extensions",
)
v1alpha1.extension(
Expand Down Expand Up @@ -63,7 +63,7 @@ docker_build_sub(
if is_ci:
local_resource(
"build-ui",
labels=["OnCallUI"],
labels=["OnCallPluginUI"],
dir="grafana-plugin",
cmd="yarn build",
allow_parallel=True,
Expand All @@ -81,13 +81,30 @@ if not is_ci:
allow_parallel=True,
)

local_resource(
'build-oncall-plugin-backend',
labels=["OnCallPluginBackend"],
dir="./grafana-plugin",
cmd="mage buildAll",
deps=['grafana-plugin/pkg/plugin']
)

local_resource(
'restart-oncall-plugin-backend',
labels=["OnCallPluginBackend"],
dir="./dev/scripts",
cmd="chmod +x ./restart_backend_plugin.sh && ./restart_backend_plugin.sh",
resource_deps=["grafana", "build-oncall-plugin-backend"],
deps=['grafana-plugin/pkg/plugin']
)

local_resource(
"e2e-tests",
labels=["allTests"],
cmd=e2e_tests_cmd,
trigger_mode=TRIGGER_MODE_MANUAL,
auto_init=is_ci,
resource_deps=["build-ui", "grafana", "grafana-oncall-app-provisioning-configmap", "engine", "celery"]
resource_deps=["build-ui", "grafana", "grafana-oncall-app-provisioning-configmap", "engine", "celery", "build-oncall-plugin-backend"]
)

cmd_button(
Expand Down Expand Up @@ -183,11 +200,13 @@ if not running_under_parent_tiltfile:
context="grafana-plugin",
plugin_files=["grafana-plugin/src/plugin.json"],
namespace="default",
deps=["grafana-oncall-app-provisioning-configmap", "build-ui"],
deps=["grafana-oncall-app-provisioning-configmap", "build-ui", "build-oncall-plugin-backend"],
extra_env={
"GF_SECURITY_ADMIN_PASSWORD": "oncall",
"GF_SECURITY_ADMIN_USER": "oncall",
"GF_AUTH_ANONYMOUS_ENABLED": "false",
"GF_FEATURE_TOGGLES_ENABLE": "externalServiceAccounts",
"ONCALL_API_URL": "http://oncall-dev-engine:8080"
},
)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,6 @@ apps:
jsonData:
stackId: 5
orgId: 100
onCallApiUrl: http://oncall-dev-engine:8080
license: OpenSource
onCallApiUrl: $ONCALL_API_URL
grafanaUrl: http://grafana:3000
2 changes: 1 addition & 1 deletion dev/helm-local.yml
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ grafana:
- name: DATABASE_PASSWORD
value: oncallpassword
env:
GF_FEATURE_TOGGLES_ENABLE: topnav
GF_FEATURE_TOGGLES_ENABLE: topnav,externalServiceAccounts
GF_SECURITY_ADMIN_PASSWORD: oncall
GF_SECURITY_ADMIN_USER: oncall
GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS: grafana-oncall-app
Expand Down
23 changes: 23 additions & 0 deletions dev/scripts/restart_backend_plugin.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
#!/bin/bash

# Find a grafana pod
pod=$(kubectl get pods -l app.kubernetes.io/name=grafana -o=jsonpath='{.items[0].metadata.name}')

if [ -z "$pod" ]; then
echo "No pod found with the specified label."
exit 1
fi

# Exec into the pod
kubectl exec -it "$pod" -- /bin/bash <<'EOF'

# Find and kill the process containing "gpx_grafana" (plugin backend process)
process_id=$(ps aux | grep gpx_grafana | grep -v grep | awk '{print $1}')
echo $process_id
if [ -n "$process_id" ]; then
echo "Killing process $process_id"
kill $process_id
else
echo "No process containing 'gpx_grafana' in COMMAND found."
fi
EOF
4 changes: 2 additions & 2 deletions docker-compose-developer.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,6 @@ services:
context: ./grafana-plugin
dockerfile: Dockerfile.dev
labels: *oncall-labels
environment:
ONCALL_API_URL: http://host.docker.internal:8080
volumes:
- ./grafana-plugin:/etc/app
- node_modules_dev:/etc/app/node_modules
Expand Down Expand Up @@ -324,6 +322,8 @@ services:
GF_SECURITY_ADMIN_USER: oncall
GF_SECURITY_ADMIN_PASSWORD: oncall
GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS: grafana-oncall-app
GF_FEATURE_TOGGLES_ENABLE: externalServiceAccounts
ONCALL_API_URL: http://host.docker.internal:8080
env_file:
- ./dev/.env.${DB}.dev
ports:
Expand Down
39 changes: 28 additions & 11 deletions engine/apps/auth_token/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,11 @@

from apps.api.permissions import GrafanaAPIPermission, LegacyAccessControlRole, RBACPermission, user_is_authorized
from apps.grafana_plugin.helpers.gcom import check_token
from apps.grafana_plugin.sync_data import SyncUser
from apps.user_management.exceptions import OrganizationDeletedException, OrganizationMovedException
from apps.user_management.models import User
from apps.user_management.models.organization import Organization
from apps.user_management.sync import get_or_create_user
from settings.base import SELF_HOSTED_SETTINGS

from .constants import GOOGLE_OAUTH2_AUTH_TOKEN_NAME, SCHEDULE_EXPORT_TOKEN_NAME, SLACK_AUTH_TOKEN_NAME
Expand Down Expand Up @@ -149,19 +151,34 @@ def _get_user(request: Request, organization: Organization) -> User:
except (ValueError, TypeError):
raise exceptions.AuthenticationFailed("Grafana context must be JSON dict.")

if "UserId" not in context and "UserID" not in context:
raise exceptions.AuthenticationFailed("Invalid Grafana context.")

try:
user_id = context["UserId"]
except KeyError:
user_id = context["UserID"]

try:
return organization.users.get(user_id=user_id)
user_id = context.get("UserId", context.get("UserID"))
if user_id is not None:
return organization.users.get(user_id=user_id)
elif "Login" in context:
return organization.users.get(username=context["Login"])
else:
raise exceptions.AuthenticationFailed("Grafana context must specify a User or UserID.")
except User.DoesNotExist:
logger.debug(f"Could not get user from grafana request. Context {context}")
raise exceptions.AuthenticationFailed("Non-existent or anonymous user.")
try:
user_data = dict(json.loads(request.headers.get("X-Oncall-User-Context")))
except (ValueError, TypeError):
raise exceptions.AuthenticationFailed("User context must be JSON dict.")
if user_data:
user_sync_data = SyncUser(
id=user_data["id"],
name=user_data["name"],
login=user_data["login"],
email=user_data["email"],
role=user_data["role"],
avatar_url=user_data["avatar_url"],
permissions=user_data["permissions"] or [],
teams=user_data.get("teams", None),
)
return get_or_create_user(organization, user_sync_data)
else:
logger.debug("Could not get user from grafana request.")
raise exceptions.AuthenticationFailed("Non-existent or anonymous user.")


class PluginAuthenticationSchema(OpenApiAuthenticationExtension):
Expand Down
Loading
Loading