# What this PR does
Prohibits creating & updating overrides in the past when using the web
UI.
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/1221
## Checklist
- [x] Tests updated
- [x] `CHANGELOG.md` updated
It's a duplicate of LICENSE env var
**What this PR does**:
Remove OSS_INSTALLATION env var in favour of LICENSE env var. Also, I
refactored features tests a little. From my point of view it makes
little sense to test if all features are disabled or enabled. Better to
test specific use-case (e.g. oss installation).
Also to test that all features are disabled it is needed to set LICENSE
equals cloud license, which makes test confusing.
**Checklist**
- [x] Tests updated
- [ ] Documentation added
- [ ] `CHANGELOG.md` updated
# What this PR does
Allows PD migrator to migrate overrides (the current implementation only
migrates rotation layers).
Also tweaks public API so created overrides are consistent with the web
UI.
## Checklist
- [x] Tests updated
# What this PR does
- Implement recapthca v3 check. DRF_RECAPTCHA didn't support hostname
validation and it's too complicated to add it.
- Add validation of verification code on oncall side to not to call
twilio with obviously invalid codes
## Checklist
- [x] Tests updated
- [ ] Documentation added
- [ ] `CHANGELOG.md` updated
# What this PR does
Adds a `used` filter on schedules endpoint for internal API.
Usage:
- `?used=true` returns schedules that are referenced by at least one
escalation policy
- `?used=false` returns schedules that are NOT referenced
- `?used=null` or not providing the query param at all will return all
schedules
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/1423
## Checklist
- [x] Tests updated
# What this PR does
This PR fixes templates behaviour for public and private api. It fix
"reset to default" for templates from messaging backends and some minor
bugs. Also added acknowledge signal and source link templates
## Checklist
- [x] Tests updated
- [x] Documentation added
- [x] `CHANGELOG.md` updated
# What this PR does
Make internal API return 100 latest alerts for alert group.
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/857
## Checklist
- [x] Tests updated
- [x] `CHANGELOG.md` updated
This should fix task error as seen in logs, trying to parse an empty
string as ical value:
```
Task apps.schedules.tasks.refresh_ical_files.refresh_ical_file[] raised unexpected: ValueError("Found no components where exactly one is required: ''")
```
# What this PR does
Move reCAPTCHA site key to backend environment for easier management to
support multiple environments.
## Which issue(s) this PR fixes
## Checklist
- [ ] Tests updated
- [ ] Documentation added
- [x] `CHANGELOG.md` updated
# What this PR does
When an organization is migrated to a different cluster it has it's
`migration_destination_slug` set for redirection purposes but it also
needs to be deleted so scheduled tasks for it do not run in the old
cluster. By changing the order so moved has precedence over deleted API
calls will be correctly redirected for moved organizations while the
organization is still considered deleted to suppress tasks that are no
longer needed in the old cluster.
## Which issue(s) this PR fixes
## Checklist
- [ ] Tests updated
- [ ] Documentation added
- [ ] `CHANGELOG.md` updated
# What this PR does
this PR refactors the `sync_organization` and
`GrafanaAPIClient.is_rbac_enabled_for_organization` methods to check the
connected response bool rather than explicit check on HTTP 200. This
handles the legitimate case where the Grafana instance may return an
HTTP 302 (redirect) rather than an HTTP 200.
## Which issue(s) this PR fixes
See
[this](https://grafana.slack.com/archives/C02LSUUSE2G/p1677136582890269)
Slack thread in the community channel for more context
## Checklist
- [x] Tests updated
- [ ] Documentation added (N/A)
- [x] `CHANGELOG.md` updated
Allow PD migrator tool to migrate on-call shifts when migrating
schedules (currently it migrates schedules using PD ICal file):
https://github.com/grafana/oncall/issues/1283.
This PR will allow to select the mode of schedule migration via
`SCHEDULE_MIGRATION_MODE_WEB` env variable (`ical` or `web`). Due to
differences in the scheduling systems of PD and OnCall, it's not always
possible to migrate shifts automatically (migration plan will show any
schedules and layers that can't be migrated).
PD rotations that will be possible to migrate:
- Any rotation without restrictions ("restriction" is a PD term for
describing active periods for rotation)
- Daily rotations with daily restrictions
- Weekly rotations with weekly restrictions
- Some weekly rotations with daily restrictions
- Some daily rotations with weekly restrictions
There will be a separate PR to update the
[instruction](https://github.com/grafana/oncall/tree/dev/tools/pagerduty-migrator#readme)
since this one is pretty huge already.
# What this PR does
This PR simplifies code of maintenance mode.
1. Perform distribution/escalation maintenance checks in send_signal...
tasks.
2. Use usual alert distribution flow for the maintenance incident.
3. Decouple maintenance mode from slack (all, except
**notify_about_maintenance_action** methods, I don't want to make this
PR too big)
As a bonus from these changes, maintenance mode now mute alert group
delivery in all chatops integrations, not only in slack. (Before,
incidents happened while maintenance were posted to telegram and msteams
anyway)
## Checklist
- [ ] Tests updated
- [ ] Documentation added
- [ ] `CHANGELOG.md` updated
Reverts grafana/oncall#1312
This change seems to have introduced some unexpected behavior with slack
user groups. Reverting to reproduce locally and push an improved update.
# What this PR does
This PR cleanup ScenarioStep. It's needed to simplify moving Slack to
the messaging backends in future.
1. Introduce AlertGroupSlackService to move logic from ScenarioStep.
Also it allowed to get rid of importing ScenarioSteps in the code not
related to processing of slack callbacks.
2. Remove tags from ScenarioSteps, they are unused.
3. Remove ScenarioStep.dispatch method. It just was calling
ScenarioStep.process_scenario.
4. Remove "action" param from process_scenario, it was unused.
5. Remove creation of SlackActionRecord on handling SlackEvents. We are
not using it, but it generates INSERT query on most of the user-slack
interactions.
6. Remove "random_prefix_for_routing" from ScenarioStep, it was unused.
## Which issue(s) this PR fixes
## Checklist
- [ ] Tests updated
- [ ] Documentation added
- [ ] `CHANGELOG.md` updated
---------
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
# What this PR does
Adds reCAPTCHA validation to the get mobile verification code endpoint
## Which issue(s) this PR fixes
## Checklist
- [x] Tests updated
- [ ] Documentation added (N/A)
- [x] `CHANGELOG.md` updated
---------
Co-authored-by: Maxim <maxim.mordasov@grafana.com>
Also:
- Remove unused slack login views in `social_auth` app
- Disable unlink actions in the profile if user is not owner (otherwise
it will disconnect the logged in user, not the one being shown on
screen)
# What this PR does
Fixes a bug when current on-call users for web UI and Slack user group
are incorrect.
This happens when both conditions below are true:
- Using an ICal schedule
- Email of a user in Grafana has a different case than an event in ICal
(e.g. `User@gmail.com` in Grafana, `user@gmail.com` in ICal event)
The bug was introduced by https://github.com/grafana/oncall/pull/1169
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/1296
## Checklist
- [x] Tests updated
- [x] `CHANGELOG.md` updated
# What this PR does
This PR adds
[django-migration-linter](https://github.com/3YOURMIND/django-migration-linter)
to keep database migrations
backwards compatible
- we can automatically run migrations and they are zero-downtime, e.g.
old code can work with the migrated database
- we can run and rollback migrations without worrying about data safety
- OnCall is deployed to the multiple environments core team is not able
to control
See [django-migration-linter
checklist](https://github.com/3YOURMIND/django-migration-linter/blob/main/docs/incompatibilities.md)
for the common mistakes and best practices
## Which issue(s) this PR fixes
## Checklist
- [ ] Tests updated
- [ ] Documentation added
- [ ] `CHANGELOG.md` updated
---------
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Bumps [django](https://github.com/django/django) from 3.2.16 to 3.2.17.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aed1bb56d1"><code>aed1bb5</code></a>
[3.2.x] Bumped version for 3.2.17 release.</li>
<li><a
href="c7e0151fdf"><code>c7e0151</code></a>
[3.2.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values
for Ac...</li>
<li><a
href="9da46345d8"><code>9da4634</code></a>
[3.2.x] Fixed inspectdb.tests.InspectDBTestCase.test_custom_fields() on
SQLit...</li>
<li><a
href="4c2b26174f"><code>4c2b261</code></a>
[3.2.x] Removed 'tests' path prefix in a couple tests.</li>
<li><a
href="d21543182d"><code>d215431</code></a>
[3.2.x] Adjusted release notes for 3.2.17.</li>
<li><a
href="4e31d3ea55"><code>4e31d3e</code></a>
[3.2.x] Added stub release notes for 3.2.17.</li>
<li><a
href="238e8898ac"><code>238e889</code></a>
[3.2.x] Corrected passenv value for tox 4.0.6+.</li>
<li><a
href="b381ab4906"><code>b381ab4</code></a>
[3.2.x] Disabled auto-created table of contents entries on Sphinx
5.2+.</li>
<li><a
href="f6f0699d01"><code>f6f0699</code></a>
[3.2.x] Removed obsolete doc reference to
asyncio.iscoroutinefunction.</li>
<li><a
href="accdd0576d"><code>accdd05</code></a>
[3.2.x] Added CVE-2022-36359 to security archive.</li>
<li>Additional commits viewable in <a
href="https://github.com/django/django/compare/3.2.16...3.2.17">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the
default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as
the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as
the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/grafana/oncall/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Grafana Incident API only ever accesses individual alert groups by ID.
Using the /api/gi/v1/alert-groups endpoint without an ID would list
every
single alert group in the database (from what I can tell), since the
auth
isn't org-specific.
This is a precursor to another PR which adds more details to the alert
group
serializer, which makes the query more resource intensive, so I thought
it
best to disable listing first.
# What this PR does
First draft of documentation. @alyssawada please use it as a starting
point :)
## Which issue(s) this PR fixes
## Checklist
- [ ] Tests updated
- [x] Documentation added
- [ ] `CHANGELOG.md` updated
---------
Co-authored-by: alyssa wada <alyssa.wada@grafana.com>
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Co-authored-by: Alyssa Wada <101596687+alyssawada@users.noreply.github.com>
Co-authored-by: Vadim Stepanov <vadimkerr@gmail.com>
# What this PR does
Remove checks for `mobile_app_settings` DynamicSetting, so changing
`FEATURE_MOBILE_APP_INTEGRATION_ENABLED` is enough for toggling the
mobile app backend (aka remove per-org feature flag)
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
