* feat(authz): initial commit for migrating rbac to openfga
* feat(authz): make the role updates idempotant
* feat(authz): split role module into role and grant
* feat(authz): some naming changes
* feat(authz): integrate the grant module
* feat(authz): add support for migrating existing user role
* feat(authz): add support for migrating existing user role
* feat(authz): figure out the * selector
* feat(authz): merge main
* feat(authz): merge main
* feat(authz): address couple of todos
* feat(authz): address couple of todos
* feat(authz): fix tests and revert public dashboard change
* feat(authz): fix tests and revert public dashboard change
* feat(authz): add open api spec
* feat(authz): add open api spec
* feat(authz): add api key changes and missing migration
* feat(authz): split role into getter and setter
* feat(authz): add integration tests for authz register
* feat(authz): add more tests for user invite and delete
* feat(authz): update user tests
* feat(authz): rename grant to granter
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): add the migration for existing roles
* feat(authz): go mod tidy
* feat(authz): fix integration tests
* feat(authz): handle community changes
* feat(authz): handle community changes
* feat(authz): role selectors for open claims
* feat(authz): role selectors for open claims
* feat(authz): prevent duplicate entries for changelog
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): base setup for public shareable dashboards
* feat(authz): add support for public masking
* feat(authz): added public path for gettable public dashboard
* feat(authz): checkpoint-1 for widget query to query range conversion
* feat(authz): checkpoint-2 for widget query to query range conversion
* feat(authz): fix widget index issue
* feat(authz): better handling for dashboard json and query
* feat(authz): use the default time range if timerange is disabled
* feat(authz): use the default time range if timerange is disabled
* feat(authz): add authz changes
* feat(authz): integrate role with dashboard anonymous access
* feat(authz): integrate the new middleware
* feat(authz): integrate the new middleware
* feat(authz): add back licensing
* feat(authz): renaming selector callback
* feat(authz): self review
* feat(authz): self review
* feat(authz): change to promql
This PR fulfills the requirements of #9069 by:
- Adding a golangci-lint directive (forbidigo) to disallow all fmt.Errorf usages.
- Replacing existing fmt.Errorf instances with structured errors from github.com/SigNoz/signoz/pkg/errors for consistent error classification and lint compliance.
- Verified lint and build integrity.
## 📄 Summary
- Instead of relying on JWT for session management, we are adding another token system: opaque. This gives the benefits of expiration and revocation.
- We are now ensuring that emails are regex checked throughout the backend.
- Support has been added for OIDC protocol
* feat(authz): address tenant isolation for authz
* feat(authz): handle role module self registry
* feat(authz): keep role / user / resource sync in naming
* feat(authz): rename orgId to orgID
* feat(authz): add the missing / for user
* feat(authz): remove embedding for pkgopenfgaauthz service
## 📄 Summary
implement strong controls for password. Now the password requirement is :
password must be at least 12 characters long, should contain at least one uppercase letter [A-Z], one lowercase letter [a-z], one number [0-9], and one symbol
## 📄 Summary
- Fix the order by for the time series result
- Add the statement builder for trace query (was supposed to be replaced with new development but that never happened, so we continue the old table)
- Removed `pkg/types/telemetrytypes/virtualfield.go`, not used currently anywhere but causing circular import. Will re-introduce later.
* feat(user): support sso and api key
* feat(user): remove ee references from pkg
* feat(user): remove ee references from pkg
* feat(user): related client changes
* feat(user): remove the sso available check
* feat(user): fix go tests
* feat(user): move the middleware from ee to pkg
* feat(user): some more error code cleanup
* feat(user): some more error code cleanup
* feat(user): skip flaky UI tests
* feat(user): some more error code cleanup
* chore(linter): add more linters and deprecate zap
* chore(linter): add more linters and deprecate zap
* chore(linter): add more linters and deprecate zap
* chore(linter): add more linters and deprecate zap
* feat(zeus): add zeus package
* feat(signoz): add DI for zeus
* feat(zeus): integrate with the codebase
* ci(make): change makefile
* ci: change workflows to point to the new zeus url
* Update ee/query-service/usage/manager.go
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* Update ee/query-service/license/manager.go
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* fix: fix nil retriable
* fix: fix zeus DI
* fix: fix path of ldflag
* feat(zeus): added zeus integration tests
* feat(zeus): added zeus integration tests
* feat(zeus): format the pytest
---------
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Co-authored-by: vikrantgupta25 <vikrant.thomso@gmail.com>
Co-authored-by: Vikrant Gupta <vikrant@signoz.io>
### Summary
Integrate the new implementations of the alertmanager along with changes to the ruler. This change can be broadly categoried into 3 parts:
#### Frontend
- The earlier `/api/v1/alerts` api was double encoding the response in json and sending it to the frontend. This PR fixes the json response object.
For instance, we have gone from the response `{
"status": "success",
"data": "{\"status\":\"success\",\"data\":[{\"labels\":{\"alertname\":\"[platform][consumer] consumer is above 100% memory utilization\",\"bu\":\"platform\",\"......
}` to the response `{"status":"success","data":[{"labels":{"alertname":"[Metrics] Pod CP......`
- `msteams` has been changed to `msteamsv2` wherever applicable
#### Ruler
The following changes have been done in the ruler component:
- Removal of the old alertmanager and notifier
- The RuleDB methods `Create`, `Edit` and `Delete` have been made transactional
- Introduction of a new `testPrepareNotifyFunc` for sending test notifications
- Integration with the new alertmanager
#### Alertmanager
Although a huge chunk of the alertmanagers have been merged in previous PRs (the list can be found at https://github.com/SigNoz/platform-pod/issues/404), this PR takes care of changes needed in order to incorporate it with the ruler
- Addition of ruleId based matching
- Support for marshalling the global configuration directly from the upstream alertmanager
- Addition of orgId to the legacy alertmanager
- Support for always adding defaults to both routes and receivers while creating them
- Migration to create the required alertmanager tables
- Migration for msteams to msteamsv2 has been added. We will start using msteamv2 config for the new alertmanager and keep using msteams for the old one.
#### Related Issues / PR's
Closes https://github.com/SigNoz/platform-pod/issues/404
Closes https://github.com/SigNoz/platform-pod/issues/176
* fix: use common timeout middleware
* fix: use apiserver factory for config
* fix: add backward compatibility for old variables
* fix: remove apiserver provider and use config directly
* fix: remove apiserver interface
* fix: address comments
* fix: address minor comments
* fix: address minor comments
