Bumps [django](https://github.com/django/django) from 3.2.18 to 3.2.19.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fc42edd2e6"><code>fc42edd</code></a>
[3.2.x] Bumped version for 3.2.19 release.</li>
<li><a
href="eed53d0011"><code>eed53d0</code></a>
[3.2.x] Fixed CVE-2023-31047, Fixed <a
href="https://redirect.github.com/django/django/issues/31710">#31710</a>
-- Prevented potential bypass of v...</li>
<li><a
href="007e46d815"><code>007e46d</code></a>
[3.2.x] Added missing backticks in docs/releases/1.7.txt.</li>
<li><a
href="a37e4d5d6e"><code>a37e4d5</code></a>
[3.2.x] Added stub release notes for 3.2.19.</li>
<li><a
href="963f24cff2"><code>963f24c</code></a>
[3.2.x] Added CVE-2023-24580 to security archive.</li>
<li><a
href="e34a2283f2"><code>e34a228</code></a>
[3.2.x] Post-release version bump.</li>
<li>See full diff in <a
href="https://github.com/django/django/compare/3.2.18...3.2.19">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/grafana/oncall/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
# What this PR does
https://www.loom.com/share/18cc445117de4895a10892d56c7d3699
In preparation to upgrade our cloud databases, this PR makes some minor
changes which, after testing locally, allowed the `POST
/<integration_type>/<alert_channel_key>` endpoints to successfully
receive incoming alerts and queue the celery tasks.
I've tested all of the defined `POST
/integrations/v1/<integration_type>/<alert_channel_key>` endpoints by
sending `POST` requests to an integrations' URL while the MySQL database
was down, bringing the database back up, and ensuring the alerts were
created.
## Some other findings
- the integration heartbeat endpoints will not work as we interact w/
the database to persist the incoming heartbeat instance
- if the integration was created in the last 180 seconds, incoming
alerts will fail due to the way we cache the integration IDs
([code](https://github.com/grafana/oncall/blob/dev/engine/apps/integrations/mixins/alert_channel_defining_mixin.py#L47-L50))
- The `create_alert` celery task is set to `max_retries=None` and
`retry_backoff=True`. This means that the queued tasks will continue
retrying forever w/ an exponential backoff, until the alerts can be
created in the database (ie. when the database is back online).
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required) (N/A)
# What this PR does
add `important_notification_volume_override` to mobile app user settings
model
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
`SOURCE_CHOICES` was updated in #1779 but we forgot to include the
accompanying database migration. If you run `make engine-manage
CMD="makemigrations"`, this migration is output. This PR simply adds
that.
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required) (N/A)
# What this PR does
Upgrades the backend to Python 3.11.3 (latest stable release) + update
linting step on Drone builds to run **all** the linting steps, not just
the Python ones.
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
There was an unnecessary indentation in the `rules:` key which made it
invalid YAML.
Also replaced the mentions to Amixr with Grafana OnCall, used some
`<code>` tags and reworded some sentences.
Also removed the anchor tag from the webhook link: we don't want people
to follow that in their browser, we want them to copy it
## Result screenshot
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Signed-off-by: Oleg Zaytsev <mail@olegzaytsev.com>
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
# What this PR does
https://www.loom.com/share/c5deb35309604cfdab6176c44de7b15e
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required) (N/A)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
…ive_channels endpoint
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
May be related to https://github.com/grafana/oncall/issues/1553.
We got feedback about that happening for Google Calendar imported icals.
Google Calendar exported ics URL was returning different VTIMEZONE
components on different requests, triggering differences in the imported
ical. Updated the comparison to only consider events (while keep
assuming the sequence will reflect if there are any particular event
change).
# What this PR does
Main Grouping&Templating PR fro all frontend changes:
Includes:
1. Integration table view
2. Integration form using Drawer component
3. Integration landing page with routes/escalation chains
4. Templates
5. Groupong
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/1620https://github.com/grafana/oncall/issues/1621
---------
Co-authored-by: Rares Mardare <rares.mardare@grafana.com>
Co-authored-by: Ildar Iskhakov <ildar.iskhakov@grafana.com>
# What this PR does
Add docs & logo for Zendesk integration. Main PR in private repo:
https://github.com/grafana/oncall-private/pull/1772
## Which issue(s) this PR fixes
https://github.com/grafana/oncall-private/issues/1627
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] No changelog (Zendesk integration will be only available in cloud)
# What this PR does
Closes#1651
Plus, add developer instructions on how to run `grafana-enterprise` with
RBAC for OnCall, enabled locally.
## Todo
- [x] add API integration test for new `permission` query param filter
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Add docs & logo for Jira integration. Main PR in private repo:
https://github.com/grafana/oncall-private/pull/1769
## Which issue(s) this PR fixes
https://github.com/grafana/oncall-private/issues/1620
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] No changelog (Jira integration will be only available in cloud)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
<img width="521" alt="Screenshot 2023-04-28 at 5 36 10 PM"
src="https://user-images.githubusercontent.com/2262529/235112636-56fe0b48-1cda-4ba7-8a09-1cfb0ced2222.png">
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
<img width="954" alt="Screenshot 2023-04-28 at 9 33 16 AM"
src="https://user-images.githubusercontent.com/2262529/235033175-6a94ffb2-3a39-4730-b855-5b1c5dff8fda.png">
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
start_sync_organization is scheduled to run every 30 mins. Countdown is
not specified so the default countdown with exponential backoff will
result in retries happening after the next 30 min trigger. If it is in a
state where it is retrying for a long period of time (>30 mins) it will
stack up too many redundant sync_organization_async tasks when it
finally does succeed.
# What this PR does
Fix [flaky
test](https://github.com/grafana/oncall/actions/runs/4821277510/jobs/8586941639#step:5:706)
`test_get_user_groups_filter_by_handle` using `UniqueFaker` on
`SlackUserGroupFactory.handle` to make handles always unique.
Before:
```shell
>>> len(set([SlackUserGroupFactory().handle for _ in range(100)]))
93
```
After:
```shell
>>> len(set([SlackUserGroupFactory().handle for _ in range(100)]))
100
```
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
https://www.loom.com/share/1a6ef0d00c3b46ca80c120579d512dcc
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated (N/A)
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
- Rename Firing to Alert Group Created to reduce confusion as to why the
event only first once and not when unresolve or unacknowledge returns
the alert group to the firing state.
- Increase password field length
- Do not filter webhook execution by team, team is just for filtering
ownership now
- Do not log webhook triggers in alert group escalation log if the
webhook does not trigger (Status/response will still be stored)
- Fix formatting for response content and data fields on the Status page
- Add a content length limit for responses being stored (50000
characters)
# What this PR does
In `AlertGroupFilter` we currently have 11 duplicate queries which add
~1-2secs of unecessary request latency to `GET
/api/internal/v1/alertgroups` calls.
The queries originate from the `queryset` callable arguments on several
of the fields of the `AlertGroupFilter` class. These callables basically
filter down their respective querysets to include only objects that
belong to the currently authenticated user's organization.
The duplicate queries are
- 2 queries to fetch integrations
- 2 queries to fetch escalation chains
- 10 queries to fetch users
At the moment, this PR is still a draft and doesn't work as intended.
It's based off of [a suggestion from this
discussion](https://github.com/carltongibson/django-filter/discussions/1572#discussioncomment-5676042)
in the `django-filter` repo. See [this DjangoCon
talk](https://youtu.be/e52S1SjuUeM?t=841) for more context.
---------
Co-authored-by: Ildar Iskhakov <Ildar.iskhakov@grafana.com>
# What this PR does
This PR adds additional silence options in the UI. Currently we only
have 1 hour, 4 hours and 12 hours silence options. I think it's worth it
to have finer silence options.
## Which issue(s) this PR fixes
No issue ticket but I can create one.
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
This PR set the limit so that workers won't attempt to autoresolve too
big alertmanager alert groups.
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
Locally I reproduced a slow `GET /api/internal/v1/alertgroups` query
(took 9s - 10s). After adding this line to the alert group serializer
for the internal api it:
- cut the response time in half
- cut the number of executed SQL queries from 52 to 30
- Change FIRING trigger for webhooks to be sent after escalation
snapshot has been computed
- Extract users from `notify_to_users_queue` and `notify_schedule` from
escalation snapshot to populate `users_to_be_notified` in webhook
payload
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Fixes team update endpoint for internal API + adds a unit test for this
scenario.
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/1774
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Add docs for schedule quality report feature.
## Which issue(s) this PR fixes
https://github.com/grafana/oncall/issues/1552
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
