# What this PR does
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
- Add new panels to OnCall Metrics dashboard with the new metric
"user_was_notified_of_alert_groups"
- Remove unused param for dashboard tab from plugin.json
- Fix old panels
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
Bumps [django](https://github.com/django/django) from 3.2.19 to 3.2.20.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="19bc11f636"><code>19bc11f</code></a>
[3.2.x] Bumped version for 3.2.20 release.</li>
<li><a
href="454f2fb934"><code>454f2fb</code></a>
[3.2.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in
EmailValidator a...</li>
<li><a
href="07cc014cb3"><code>07cc014</code></a>
[3.2.x] Added stub release notes for 3.2.20.</li>
<li><a
href="e1bbbbe6ac"><code>e1bbbbe</code></a>
[3.2.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test
if P...</li>
<li><a
href="47ef12e69c"><code>47ef12e</code></a>
[3.2.x] Added CVE-2023-31047 to security archive.</li>
<li><a
href="15f90ebff3"><code>15f90eb</code></a>
[3.2.x] Post-release version bump.</li>
<li>See full diff in <a
href="https://github.com/django/django/compare/3.2.19...3.2.20">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/grafana/oncall/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
# What this PR does
Address issue where if the user had multiple registered devices w/ FCM,
doing django queries like `.first()` could potentially pick the wrong
device. Do this in two ways:
1. set the `DELETE_INACTIVE_DEVICES` `fcm_django` setting to `True`.
According to the
[docs](20e275618b/README.rst (L127-L130)),
this works as follows:
> devices to which notifications cannot be sent, are deleted upon
receiving error response from FCM
2. Customizing the `FCMDevice` model provided by `fcm_django`. Add a new
method, `get_active_device_for_user`, so that we can centralize the
logic for this rather than duplicating
`FCMDevice.objects.filter(user=user).first()`
## Which issue(s) this PR fixes
https://raintank-corp.slack.com/archives/C0229FD3CE9/p1688461915752119
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Remove link from sms notification to avoid difficulties with different
countries anti-spam regulations
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
# What this PR does
Add organization moved exception to mobile app auth to redirect requests
to correct region
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
Added integration with [zvonok.com](https://zvonok.com) service.
Features:
- Phone number validation
- Test calls
- Selection of pre-recorded audio
- Making calls
- Processing call status
- Acknowledgment alert group (optional)
To process the call status, it is required to add a postback with the
GET method on the side of the zvonok.com service with the following
format ([more info
here](https://zvonok.com/ru-ru/guide/guide_postback/)):
```${ONCALL_BASE_URL}/zvonok/call_status_events?campaign_id={ct_campaign_id}&call_id={ct_call_id}&status={ct_status}&user_choice={ct_user_choice}```
The names of the transmitted parameters can be redefined through environment variables.
---------
Co-authored-by: Innokentii Konstantinov <innokenty.konstantinov@grafana.com>
# What this PR does
Lays ground work for #1586. Adds three new fixtures, `adminRolePage`,
`editorRolePage`, and `viewerRolePage`. These fixtures can be easily
accessed in a `test` context and allow the test to be run as a user
authenticated with one of these Grafana basic roles.
The bulk of the changes in the PR are to the "global setup" step. There
is a bit of logic + communication with the Grafana instance's API, in
order to create all the necessary authentication credentials.
Lastly, adds the first basic role authorization test, asserting that
Admin/Editors can view the list of OnCall users, whereas Viewers cannot.
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Adds full avatar URL for on-call users in schedule internal API
(`avatar_full`).
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Remove attempt to check token when editor/viewers are accessing the
plugin. Only check the token for reinstall during sync from the
PluginConfigPage since only Admins would have access to it.
## Which issue(s) this PR fixes
## Checklist
- [X] Unit, integration, and e2e (if applicable) tests updated
- [X] Documentation added (or `pr:no public docs` PR label added if not
required)
- [X] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Simplifies `_get_organization_from_payload` and
`_get_slack_team_identity_from_payload` methods on
`SlackEventApiEndpointView`, so it's (hopefully) easier to grasp.
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
- Add docs for `/resolution_notes` public api endpoint
- Fix resolution notes order to show notes for the newest alert group on
top
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/222
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
```bash
❯ mypy .
Success: no issues found in 595 source files
```
- re-enable the mypy CI check
- fixes all `django-manager-missing` mypy errors
- disable all other rules currently giving mypy errors
- changing the approach here. rather than enforcing that backend
contributors fix >= 1 `mypy` error on their PR, lets simply disable all
the rules that're currently returning errors and slowly re-enable these
one at a time #2392
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required) (N/A)
# What this PR does
Change alerts order in `/alert` public api endpoint
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/1031
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Changes OnCall plugin to use service accounts and api tokens instead of
api keys. API keys will continue to work but if the plugin ever replaces
them it will use a service account instead. Previously this was thought
to be unnecessary but it was missing the case where the API key was
converted to a service account which it could no longer find when
searching the `/api/auth/keys` endpoint. That key would not be deleted
and it would conflict with a newly created one of the same name.
Now the behaviour is as follows:
1. Anytime a new token is needed all API keys and tokens under the
service account matching the defined names will be deleted
2. A service account will be created named `sa-autogen-OnCall` if one
does not already exist
3. An api token will be created under that service account named
`OnCall`
## Which issue(s) this PR fixes
#1806
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
# What this PR does
`docker buildx` natively supports multiarch builds. This means we no
longer need to have duplicate `docker build` Drone steps + there is no
longer a need for the manual "manifesting" step. This [blog
post](https://www.docker.com/blog/multi-arch-build-and-images-the-simple-way/)
from Docker perfectly summarizes the difference between what we do now
vs. what this PR would do.
This would also get rid of pushing `vX.Y.Z-{architecture}` tagged
images. These are redundant because modern `docker` clients can pull the
appropriate image for the host OS, from a multiarch image:
<img width="618" alt="Screenshot 2023-06-28 at 12 54 09"
src="https://github.com/grafana/oncall/assets/9406895/ce4cd0ef-b92e-4273-877d-a73818d9cc54">
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required) (N/A)
# What this PR does
Update `rabbitmq` Docker containers used in the `docker-compose` config
files, Drone pipelines, and GitHub Actions to use version 3.12.0.
FWIW, we're already using v12.0.0 of the bitnami `rabbitmq` `helm` chart
which, by default, uses the `3.12.0-debian-11-r0` tag for the `rabbitmq`
image ([chart
docs](https://artifacthub.io/packages/helm/bitnami/rabbitmq/12.0.0)).
closes#695
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required) (N/A)
