Replace password and authorization header fields with placeholders when
returning data to the UI. Mask the authorization header field when
editing and in the status logs.
# What this PR does
Closes https://github.com/grafana/oncall-private/issues/1632
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
In the web plugin UI Settings -> Env Variables if variable is not
secret, do not hide its value.
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Joey Orlando <joseph.t.orlando@gmail.com>
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Co-authored-by: Vadim Stepanov <vadimkerr@gmail.com>
If a page is removed in a future version, the presence of a "latest"
absolute alias in a previous version can redirect that removed page.
**Notes for reviewer:**
I would like to make similar changes for older, previously published
versions.
I believe you are only publishing documentation on specific tag events
and are not maintaining long lived release branches for backporting
fixes into.
If my understanding is correct, I will make the changes in the website
repository
(https://github.com/grafana/website/tree/master/content/docs/oncall).
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
RequestBodyReadingMiddleware is excess as [post-buffering is
enabled](https://github.com/grafana/oncall/blob/dev/engine/uwsgi.ini#L17):
If an HTTP request has a body (like a POST request generated by a form),
you have to read (consume) it in your application. If you do not do
this, the communication socket with your webserver may be clobbered. If
you are lazy you can use the post-buffering option that will
automatically read data for you. For Rack applications this is
automatically enabled.
(https://uwsgi-docs.readthedocs.io/en/latest/ThingsToKnow.html)
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
When checking current shifts to trigger slack notifications, a stable
value for timezone should be used (to avoid triggering multiple
duplicated notifications; using the first `VTIMEZONE` value available
may change on refresh, besides being potentially incorrect).
Also, `VTIMEZONE` shouldn't be used as the calendar timezone, it just
describes a [timezone
definition](https://icalendar.org/iCalendar-RFC-5545/3-6-5-time-zone-component.html)
which can later be [used when specifying a start/end
date/datetime](https://icalendar.org/iCalendar-RFC-5545/3-2-19-time-zone-identifier.html)
("The parameter MUST be specified on properties with a DATE-TIME value
if the DATE-TIME is not either a UTC or a "floating" time.").
OTOH, Google uses the non-standard[ `X-WR-TIMEZONE`
](https://github.com/collective/icalendar/issues/343)field as fallback
TZ for date-times without a `TZID`. Try to use this when available,
otherwise fallback to `UTC`.
Fixes an issue where if a sender is defined for a certain country code
and that sender belongs to a different account than the default from the
environment the status callback would get a 443 response from OnCall
back to Twilio. Checking permission on status callbacks will now use the
same account as was used to send the original message, verify, or make
the call.
This will vastly improve troubleshooting when an unexpected error
occurs.
# What this PR does
Enables logging of the exception that might be thrown by
SocialAuthExceptionMiddleware. It vastly improves the speed and accuracy
of troubleshooting requests to external applications with the aim to
authenticate, since there is usually no response to look at.
## Which issue(s) this PR fixes
Closes [#2035](https://github.com/grafana/oncall/issues/2035)
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Innokentii Konstantinov <innokenty.konstantinov@grafana.com>
# What this PR does
Fix HTTP 500 when sending demo alert for inbound integration email.
- Make all integration configs have consistent `is_demo_alert_enabled`
and `example_payload` values
- Add tests
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
Before this change, a diff ical check (which happens with frequency with
imported ical), particularly with overrides in an API/terraform schedule
would trigger unexpected slack notifications because the prev vs current
ical comparison will flag a diff, but when comparing current and
previous shifts, `current_shifts` will have the shift in progress while
the `prev_shifts` calculated from the overrides-only diff will most of
the time be empty (unless you set/change an override at current time).
Simplified the checks to always compare previous current shifts (ie. the
ones in the schedule from the DB) vs the recalculated ones using the
(refreshed) ical data from the schedule.
# What this PR does
Reworks Slack handlers for buttons and select menus for AG Slack
messages.
<img width="602" alt="Screenshot 2023-05-31 at 19 34 05"
src="https://github.com/grafana/oncall/assets/20116910/857bf096-7bdd-427b-94b6-15aad873a8ac">
## Current implementation
- It's possible to end up with orphaned Slack messages that are posted
to Slack but have no `SlackMessage` instance in the DB. For such
messages, clicking buttons will result in an exception and HTTP 500. See
private repo
[issue](https://github.com/grafana/oncall-private/issues/1841) for more
info.
- Bug in authorization system, which effectively bypasses any permission
checks. For example, it's possible to resolve an alert group while being
a Viewer.
- No tests covering most buttons.
## Changes in this PR
- Make the system more robust, don't use `SlackMessage` model to figure
out the alert group being interacted on, instead embed `alert_group_pk`
to every button and use it when receiving interaction requests from
Slack.
- Existing orphaned Slack messages will be repaired. Clicking buttons
under orphaned messages will work (and missing `SlackMessage` instance
will be created on interaction). This is possible because some buttons
already have `alert_group_pk` embedded, and it's possible to get this
data on button clicks (even if the clicked button itself doesn't have
`alert_group_pk` embedded).
- Fix authorization. Show warning window when unauthorized:
<img width="511" alt="Screenshot 2023-05-31 at 19 40 02"
src="https://github.com/grafana/oncall/assets/20116910/5abeeaa7-1b61-4a47-b3af-0e21d5cd1907">
- Added tests for all the buttons under AG message. Add tests checking
authorization, actual execution of scenario steps, orphan message
repairing, backward compatibility, etc. Also add tests on
`AlertGroupSlackRenderer` checking that correct data is embedded into
buttons.
- Cosmetic changes such as renaming `incident` to `Alert Group`.
## Which issue(s) this PR fixes
Related to https://github.com/grafana/oncall-private/issues/1841
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Changes a required role for telegram user settings from Admin to Editor.
## Which issue(s) this PR fixes
closes https://github.com/grafana/oncall/issues/1617
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
Reduce number of alert groups returned for grouping on slack request to
20 to avoid event trigger expiry.
## Which issue(s) this PR fixes
https://github.com/grafana/oncall-private/issues/1835
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Yulia Shanyrova <yulia.shanyrova@grafana.com>
## Which issue(s) this PR fixes
- Wrong field name in validation (Verbal name is required, but should be
Name is required)
- For messenger templates we need to keep \n in the beginning of the
result
-Save and Open in slack button should not close drawer
- If user edit templates, button Cancel should return to templates
drawer
- Cheatsheet should have a scroll, not main drawer
- narrow screen issues in cheatsheet
- How integration works should have the dynamic integration name (first
red mark). Alerting Contact point and notification policy should be
mentioned only for Grafana Alerting
https://files.slack.com/files-pri/T02S4RCS0-F0592BHP42G/screenshot_2023-05-23_at_11.45.29_am.png
- Cheatsheet title doesn't match to template
- Image is not rendered in Result of Edit Template
https://files.slack.com/files-tmb/T02S4RCS0-F058TEPD214-27c1136ad2/screenshot_2023-05-23_at_1.02.47_pm_720.png
- Add description to the Result of conditional template: if True
Selected alert will resolve alert group else Selected alert will not
resolve alert group. And change the icon from Warning to X
- Opening cheatsheet resets the non-saved
template](https://github.com/grafana/oncall-private/issues/1824#issuecomment-1560348999)
# What this PR does
Better docs for mobile app push notifications and shift pages
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
# What this PR does
- Edits the send important notification button to be send critical
notification button to align with the app conventions
## Which issue(s) this PR fixes
Ref #2043
Fixes issue when syncing contact points and there are receiver configs
with no `grafana_managed_receiver_configs` key.
(eg. `{"name": "autogen-contact-point-default"}`)
# What this PR does
Adds `uwsgi` configuration to helm chart.
Sets environment variables with name capitalized and prefixed with
`UWSGI_`, and dashes are substituted with underscores like described
[here](https://uwsgi-docs.readthedocs.io/en/latest/Configuration.html#environment-variables)
Sets `UWSGI_LISTEN=1024` by default, but can be overwritten or
completely removed by `uwsgi: null`
Or is it better to not specify default value (it's not backward
compatible)?
Also, small indentation fixes for postgresql configuration.
## Which issue(s) this PR fixes
closes https://github.com/grafana/oncall/issues/562
Also, [this PR](https://github.com/grafana/oncall/pull/856) has been
closed because of this PR
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
# What this PR does
This is the first of many mobile app doc tweaks.
Note that right now the docs are very much out of date.
To make this a smooth process, I recommend to merge if it looks "good
enough", don't sweat details at this time. We can make further
refinements later.
If @imtoori approves, this PR may be merged as is, and i'll make new
ones in the future, or i will just keep pushing more and more tweaks
over the next few business days
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [x] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Salvatore Giordano <salvatoregiordanoo@gmail.com>
Co-authored-by: Matvey Kukuy <Matvey-Kuk@users.noreply.github.com>
Co-authored-by: Matvey Kukuy <motakuk@gmail.com>
# What this PR does
Fixing some bugs with external Postgresql configuration.
Also I added some unit tests for helm chart using
[helm-unittest](https://github.com/helm-unittest/helm-unittest). If it's
not an appropriate tool, please suggest another, or I can remove that
test. I added
[this](https://github.com/marketplace/actions/helm-unit-tests) Github
Action to run helm unit tests.
## Which issue(s) this PR fixes
closes#1727closes#1923closes#1245closes#845
## Checklist
- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Co-authored-by: Joey Orlando <joseph.t.orlando@gmail.com>
# What this PR does
## Which issue(s) this PR fixes
## Checklist
- [ ] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [ ] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)
---------
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Adds a ratelimit for AmazonSNS.
AlertChannelDefining mixin is now injecting alert_receive_channel only
in request, not in kwargs to not to break AmazonSNS.
