* refactor(ruler): add Rule v2 read type and rename storage Rule to StorableRule
* refactor(ruler): map GettableRule to Rule before responding on v2 routes
* docs(openapi): regenerate spec with RuletypesRule on v2 rules routes
* docs(frontend): regenerate API clients with RuletypesRuleDTO
* refactor(ruler): validate uuid-v7 on delete rule handler
* refactor(ruler): add Enum() on AlertType
* refactor(ruler): convert RepeatType and RepeatOn to valuer.String with Enum()
* refactor(ruler): mark required fields on Recurrence
* refactor(ruler): mark required tag on CumulativeSchedule.Type
* refactor(ruler): rename GettablePlannedMaintenance to PlannedMaintenance
* docs: regenerate OpenAPI spec and frontend clients with tightened schema
* refactor(ruler): add PostablePlannedMaintenance input type with Validate
* refactor(ruler): rename EditPlannedMaintenance to Update and GetAll to List
* refactor(ruler): switch Create/Update to *PostablePlannedMaintenance
* refactor(ruler): convert PlannedMaintenance.Id string to ID valuer.UUID
* refactor(ruler): return *PlannedMaintenance from CreatePlannedMaintenance
* docs: regenerate OpenAPI spec and frontend clients for Postable/ID changes
* refactor(ruler): type PlannedMaintenance.Status as MaintenanceStatus enum
* refactor(ruler): type PlannedMaintenance.Kind as MaintenanceKind enum
* refactor(ruler): mark GettableRule.Id required
* refactor(ruler): mark GettableRule.State required
* refactor(ruler): make GettableRule timestamps non-pointer and users nullable
* refactor(ruler): return bare array from v2 ListRules instead of wrapped object
* docs: regenerate OpenAPI spec and frontend clients for schema pass
* refactor(ruler): define Ruler and Handler interfaces with signozruler implementation
Expand the Ruler interface with rule management and planned maintenance
methods matching rules.Manager signatures. Add Handler interface for
HTTP endpoints. Implement handler in signozruler wrapping ruler.Ruler,
and update provider to embed *rules.Manager for interface satisfaction.
* refactor(ruler): move eval_delay from query-service constants to ruler config
Replace constants.GetEvalDelay() with config.EvalDelay on ruler.Config,
defaulting to 2m. This removes the signozruler dependency on
pkg/query-service/constants.
* refactor(ruler): use time.Duration for eval_delay config
Match the convention used by all other configs in the codebase.
TextDuration is for preserving human-readable text through JSON
round-trips in user-facing rule definitions, not for internal config.
* refactor(ruler): add godoc comments and spacing to Ruler interface
* refactor(ruler): wire ruler handler through signoz.New and signozapiserver
- Add Start/Stop to Ruler interface for lifecycle management
- Add rulerCallback to signoz.New() for EE customization
- Wire ruler.Handler through Handlers, signozapiserver provider
- Register 12 routes in signozapiserver/ruler.go (7 rules, 5 downtime)
- Update cmd/community and cmd/enterprise to pass rulerCallback
- Move rules.Manager creation from server.go to signoz.New via callback
- Change APIHandler.ruleManager type from *rules.Manager to ruler.Ruler
- Remove makeRulesManager from both OSS and EE server.go
* refactor(ruler): remove old rules and downtime_schedules routes from http_handler
Remove 7 rules CRUD routes and 5 downtime_schedules routes plus their
handler methods from http_handler.go. These are now served by
signozapiserver/ruler.go via handler.New() with OpenAPIDef.
The 4 v1 history routes (stats, timeline, top_contributors,
overall_status) remain in http_handler.go as they depend on
interfaces.Reader and have v2 equivalents already in signozapiserver.
* refactor(ruler): use ProviderFactory pattern and register in factory.Registry
Replace the rulerCallback with rulerProviderFactories following the
standard ProviderFactory pattern (like auditorProviderFactories). The
ruler is now created via factory.NewProviderFromNamedMap and registered
in factory.Registry for lifecycle management. Start/Stop are no longer
called manually in server.go.
- Ruler interface embeds factory.Service (Start/Stop return error)
- signozruler.NewFactory accepts all deps including EE task funcs
- provider uses named field (not embedding) with explicit delegation
- cmd/community passes nil task funcs, cmd/enterprise passes EE funcs
- Remove NewRulerProviderFactories (replaced by callback from cmd/)
- Remove manual Start/Stop from both OSS and EE server.go
* fix(ruler): make Start block on stopC per factory.Service contract
rules.Manager.Start is non-blocking (run() just closes a channel).
Add stopC to provider so Start blocks until Stop closes it, matching
the factory.Service contract used by the Registry.
* refactor(ruler): remove unused RM() accessor from EE APIHandler
* refactor(ruler): remove RuleManager from APIHandlerOpts
Use Signoz.Ruler directly instead of passing it through opts.
* refactor(ruler): add /api/v1/rules/test and mark /api/v1/testRule as deprecated
* refactor(ruler): use binding.JSON.BindBody for downtime schedule decode
* refactor(ruler): add TODOs for raw string params on Ruler interface
Mark CreateRule, EditRule, PatchRule, TestNotification, and DeleteRule
with TODOs to accept typed params instead of raw JSON strings. Requires
changing the storage model since the manager stores raw JSON as Data.
* refactor(ruler): add TODO on MaintenanceStore to not expose store directly
* docs: regenerate OpenAPI spec and frontend API clients with ruler routes
* refactor(ruler): rename downtime_schedules tag to downtimeschedules
* refactor(ruler): add query params to ListDowntimeSchedules OpenAPIDef
Add ListPlannedMaintenanceParams struct with active/recurring fields.
Use binding.Query.BindQuery in the handler instead of raw URL parsing.
Add RequestQuery to the OpenAPIDef so params appear in the OpenAPI spec
and generated frontend client.
* refactor(ruler): add GettableTestRule response type to TestRule endpoint
Define GettableTestRule struct with AlertCount and Message fields.
Use it as the Response in TestRule OpenAPIDef so the generated frontend
client has a proper response type instead of string.
* refactor(ruler): tighten schema with oneOf unions and required fields
Surface the polymorphism in RuleThresholdData and EvaluationEnvelope via
JSONSchemaOneOf (the same pattern as QueryEnvelope), so the generated
TS types are discriminated unions with typed `spec` instead of unknown.
Also mark `alert`, `ruleType`, and `condition` required on PostableRule
so the generated TS types are non-optional for callers.
* refactor(ruler): add Enum() on EvaluationKind, ScheduleType, ThresholdKind
Surface the fixed set of accepted values for these valuer-wrapped kind
types so OpenAPI emits proper string-enum schemas and the generated TS
types become string-literal unions instead of plain string.
* refactor(ruler): mark required fields on nested rule and maintenance types
Surface fields already enforced by Validate()/UnmarshalJSON as required
in the OpenAPI schema so the generated TS types match runtime behavior.
Touches RuleCondition (compositeQuery, op, matchType), RuleThresholdData
(kind, spec), BasicRuleThreshold (name, target, op, matchType),
RollingWindow (evalWindow, frequency), CumulativeWindow (schedule,
frequency, timezone), EvaluationEnvelope (kind, spec), Schedule
(timezone), GettablePlannedMaintenance (name, schedule).
Does not mark server-populated fields (id, createdAt, updatedAt, status,
kind) on GettablePlannedMaintenance required, since the same struct is
reused for request bodies in MaintenanceStore.CreatePlannedMaintenance.
* refactor(ruler): tighten AlertCompositeQuery, QueryType, PanelType schema
Missed in the earlier tightening pass. AlertCompositeQuery.queries,
panelType, queryType are all required for a valid composite query;
QueryType and PanelType are valuer-wrapped with fixed value sets, so
expose them as enums in the OpenAPI schema.
* refactor(ruler): wrap sql.ErrNoRows as TypeNotFound in by-ID lookups
GetStoredRule and GetPlannedMaintenanceByID previously returned bun's
raw Scan error, so a missing ID leaked "sql: no rows in result set" to
the HTTP response with a 500 status. WrapNotFoundErrf converts
sql.ErrNoRows into TypeNotFound so render.Error emits 404 with a stable
`not_found` code, and passes other errors through unchanged.
* refactor(ruler): move migrated rules routes to /api/v2/rules
The 7 rules routes now live at /api/v2/rules, /api/v2/rules/{id}, and
/api/v2/rules/test — served via handler.New with render.Success and
render.Error. The legacy /api/v1/rules paths will be restored in the
query-service http handler in a follow-up so existing clients keep
receiving the SuccessResponse envelope unchanged.
Drop the /api/v1/testRule deprecated alias from signozapiserver; the
original lives on main's http_handler.go and is restored alongside the
other v1 paths.
Downtime schedule routes stay at /api/v1/downtime_schedules — single
track, no legacy restore planned.
* refactor(ruler): restore /api/v1/rules legacy handlers for back-compat
Bring the 7 rule CRUD/test handlers and their router.HandleFunc lines
back to http_handler.go so /api/v1/rules, /api/v1/rules/{id}, and
/api/v1/testRule continue to emit the legacy SuccessResponse envelope.
The v2 versions under signozapiserver are the new home for the render
envelope used by generated clients.
Delegation uses aH.ruleManager (populated from opts.Signoz.Ruler in
NewAPIHandler), so a single ruler.Ruler instance serves both paths — no
second rules.Manager is instantiated.
Downtime schedules stay single-track under signozapiserver; the 5
downtime handlers are not restored.
* docs: regenerate OpenAPI spec and frontend clients for /api/v2/rules
* refactor(ruler): return 201 Created on POST /api/v2/rules
A successful create now responds with 201 Created and the full
GettableRule body, matching REST convention for resource creation.
Regenerates the OpenAPI spec and frontend clients to reflect the new
status code.
* refactor(ruler): restore dropped sorter TODO in legacy listRules
The legacy listRules handler was copied verbatim from main during the
v1 back-compat restore, but an inner blank line and the load-bearing
`// todo(amol): need to add sorter` comment were stripped. Put them
back so the legacy block round-trips cleanly against main.
* refactor(ruler): return 201 Created on POST /api/v1/downtime_schedules
Match the REST convention already applied to POST /api/v2/rules:
successful creates respond with 201 Created. Response body remains
empty (nil); the generated frontend client surface is unchanged since
no response type was declared.
A richer "return the created resource" response body is a separate
follow-up — holding off until the ruletypes naming cleanup lands.
* fix(ruler): signal Healthy only after manager.Start closes m.block
The ruler provider didn't implement factory.Healthy, so the registry
fell back to factory.closedC and marked the service StateRunning the
instant its Start goroutine spawned — before rules.Manager.Start had
closed m.block. /api/v2/healthz therefore returned 200 while rule
evaluation was still gated, and integration tests that POSTed a rule
immediately after the readiness check saw their task goroutines stuck
on <-m.block until the next frequency tick.
Add a healthyC channel and close it inside Start only after
manager.Start returns; implement factory.Healthy so the registry and
/api/v2/healthz wait on the real readiness signal.
* fix: add the withhealthy interface
* fix(ruler): alias legacy RULES_EVAL_DELAY env var in backward-compat
The eval_delay config was moved from query-service constants (read from
RULES_EVAL_DELAY) onto ruler.Config (read via mapstructure from
SIGNOZ_RULER_EVAL__DELAY). That silently broke the legacy env var for
any existing deployment — notably the alerts integration-test fixture
which sets RULES_EVAL_DELAY=0s to let rules evaluate against just-
inserted data. The resulting default 2m delay pushed the query window
far enough back that the fixture's rate spike fell outside it, causing
8 of 24 parametrize cases in 02_basic_alert_conditions.py to fail with
"Expected N alerts to be fired but got 0 alerts".
Add RULES_EVAL_DELAY to mergeAndEnsureBackwardCompatibility alongside
the ~10 other aliased legacy env vars. Emits the standard deprecation
warning and overrides config.Ruler.EvalDelay.
* fix(member): better UX for pending invite users
* fix(member): add integration tests and reuse timezone util
* fix(member): rename deprecated and remove dead files
* fix(member): do not use hypened endpoints
* fix(member): user friendly button text
* fix(member): update the API endpoints and integration tests
* fix(member): simplify handler naming convention
* fix(member): added v2 API for update my password
* fix(member): remove more dead code
* fix(member): fix integration tests
* fix(member): fix integration tests
* refactor(alertmanager): move API handlers to signozapiserver
Extract Handler interface in pkg/alertmanager/handler.go and move
the implementation from api.go to signozalertmanager/handler.go.
Register all alertmanager routes (channels, route policies, alerts)
in signozapiserver via handler.New() with OpenAPIDef. Remove
AlertmanagerAPI injection from http_handler.go.
This enables future AuditDef instrumentation on these routes.
* fix(review): rename param, add /api/v1/channels/test endpoint
- Rename `am` to `alertmanagerService` in NewHandlers
- Add /api/v1/channels/test as the canonical test endpoint
- Mark /api/v1/testChannel as deprecated
- Regenerate OpenAPI spec
* fix(review): use camelCase for channel orgId json tag
* fix(review): remove section comments from alertmanager routes
* fix(review): use routepolicies tag without hyphen
* chore: regenerate frontend API clients for alertmanager routes
* fix: add required/nullable/enum tags to alertmanager OpenAPI types
- PostableRoutePolicy: mark expression, name, channels as required
- GettableRoutePolicy: change CreatedAt/UpdatedAt from pointer to value
- Channel: mark name, type, data, orgId as required
- ExpressionKind: add Enum() for rule/policy values
- Regenerate OpenAPI spec and frontend clients
* fix: use typed response for GetAlerts endpoint
* fix: add Receiver request type to channel mutation endpoints
CreateChannel, UpdateChannelByID, TestChannel, and TestChannelDeprecated
all read req.Body as a Receiver config. The OpenAPIDef must declare
the request type so the generated SDK includes the body parameter.
* fix: change CreateChannel access from EditAccess to AdminAccess
Aligns CreateChannel endpoint with the rest of the channel mutation
endpoints (update/delete) which all require admin access. This is
consistent with the frontend where notifications are not accessible
to editors.
* chore: initial commit
* chore: added metricNamespace as a new param
* chore: go generate openapi, update spec
* chore: frontend yarn generate:api
* chore: added metricnamespace support in /fields/values as well as added integration tests
* chore: corrected comment
* chore: added unit tests for getMetricsKeys and getMeterSourceMetricKeys
---------
Co-authored-by: Srikanth Chekuri <srikanth.chekuri92@gmail.com>
* feat: updated user api to v2 and accordingly update members page and role management
* feat: updated members page to use new role management and v2 user api
* feat: updated test cases
* feat: code refactor
* feat: refactored code and addressed feedbacks
* feat: refactored code and addressed feedbacks
* feat: refactored code and addressed feedbacks
* fix(user): fix openapi spec
* feat: handle isRoot user and self user cases and added test cases
---------
Co-authored-by: vikrantgupta25 <vikrant@signoz.io>
* feat(serviceaccount): integrate service account
* feat(serviceaccount): integrate service account with better types
* feat(serviceaccount): fix lint and testing changes
* feat(serviceaccount): update integration tests
* feat(serviceaccount): fix formatting
* feat(serviceaccount): fix openapi spec
* feat(serviceaccount): update txlock to immediate to avoid busy snapshot errors
* feat(serviceaccount): add restrictions for factor_api_key
* feat(serviceaccount): add restrictions for factor_api_key
* feat: enabled service account and deprecated API Keys (#10715)
* feat: enabled service account and deprecated API Keys
* feat: deprecated API Keys
* feat: service account spec updates and role management changes
* feat: updated the error component for roles management
* feat: updated test case
* feat: updated the error component and added retries
* feat: refactored code and added retry to happend 3 times total
* feat: fixed feedbacks and added test case
* feat: refactored code and removed retry
* feat: updated the test cases
---------
Co-authored-by: SagarRajput-7 <162284829+SagarRajput-7@users.noreply.github.com>
* feat: user v2 apis
* fix: openapi specs
* chore: address review comments
* fix: proper handling if invalid roles are passed
* chore: address review comments
* refactor: frontend to use deprecated apis after id rename
* feat: separate apis for adding and deleting user role
* fix: invalidate token when roles are updated
* fix: openapi specs and frontend test
* fix: openapi schema
* fix: openapi spec and move to snakecasing for json
* feat: adding cloud integration type for refactor
* refactor: store interfaces to use local types and error
* feat: adding sql store implementation
* refactor: removing interface check
* feat: adding updated types for cloud integration
* refactor: using struct for map
* refactor: update cloud integration types and module interface
* fix: correct GetService signature and remove shadowed Data field
* feat: implement cloud integration store
* refactor: adding comments and removed wrong code
* refactor: streamlining types
* refactor: add comments for backward compatibility in PostableAgentCheckInRequest
* refactor: update Dashboard struct comments and remove unused fields
* refactor: split upsert store method
* feat: adding integration test
* refactor: clean up types
* refactor: renaming service type to service id
* refactor: using serviceID type
* feat: adding method for service id creation
* refactor: updating store methods
* refactor: clean up
* refactor: clean up
* refactor: review comments
* refactor: clean up
* feat: adding handlers
* fix: lint and ci issues
* fix: lint issues
* fix: update error code for service not found
* feat: adding handler skeleton
* chore: removing todo comment
* feat: adding frontend openapi schema
* refactor: making review changes
* feat: regenerating openapi specs
* feat(factory): add service state tracking, AwaitHealthy, depends_on, and /healthz endpoint
Add explicit lifecycle state tracking to factory.Registry services
(starting/running/failed) modeled after Guava's ServiceManager. Services
can declare dependencies via NewNamedService(..., dependsOn) which are
validated for unknown refs and cycles at registry creation. AwaitHealthy
blocks until all services reach running state. A /healthz endpoint is
wired through signozapiserver returning 200/503 with per-service state.
* feat(apiserver): move health endpoints to /api/v2/ and register readyz, livez
* refactor(factory): use gonum for cycle detection, return error on cycles, fix test assertions
Replace custom DFS cycle detection with gonum's topo.Sort + TarjanSCC.
Dependency cycles now return an error from NewRegistry instead of being
silently dropped. Use assert for final test assertions and require only
for intermediate setup errors.
* chore: go mod tidy
* refactor(factory): decouple Handler from Registry, wire through Handlers struct
Move Handler implementation to a private handler struct with NewHandler
constructor instead of methods on *Registry. Route handler through the
existing Handlers struct as RegistryHandler. Rename healthz.go to
registry.go in signozapiserver. Fix handler_test.go for new param.
* feat(factory): add ServiceWithHealthy interface, add Healthy to authz, user depends on authz
Add ServiceWithHealthy interface embedding Service + Healthy. NamedService
now delegates Healthy() to the underlying service, eliminating unwrapService.
AuthZ interface requires Healthy(), implemented in both pkg and ee providers.
User service declares dependency on authz via dependsOn.
* test(integration): use /api/v2/healthz for readiness check, log 503 response body
* fix(factory): replace fmt.Errorf with errors.Newf in tests to satisfy linter
* feat: generate openapi spec
* fix(integration): log errors at error level in healthz readiness check
* test(integration): log and assert healthz response in test_setup
* feat(user): implement ServiceWithHealthy for user service
User service signals healthy after successful root user reconciliation
or immediately when disabled. User Service interface now embeds
factory.ServiceWithHealthy.
* fix(factory): reflect service names as strings
* fix(apiserver): document health 503 responses
* feat: generate openapi spec
* feat: introduce user_role table
* fix: golint and register migrations
* fix: user types and order of update user
* feat: add migration to drop role column from users table
* fix: raw queries pointing to role column in users table
* chore: remove storable user struct and minor other changes
* chore: remove refs of calling vars as storable users
* chore: user 0th role instead of highest
* chore: address pr comments
* chore: rename userrolestore to user_role_store
* chore: return userroles with user in getter where possible
* chore: move user module as user setter
* chore: arrange getter and setter methods
* fix: nil pointer for update user in integration test due to half payload being passed
* chore: update openapi specs
* fix: nil errors without making frontend changes
* fix: empty array check everywhere for user roles array and minor other changes
* fix: imports
* fix: rebase changes
* chore: renaming functions
* chore: simplified getorcreateuser user setter method and call sites
* fix: golint
* fix: remove redundant authz migration, remove fk enforcement for drop migration
* fix: add new event for user activation
* chore: deprecate old user invite apis
* chore: add back validation for pending user in list user apis for integration tests
* fix: allow pending user to be updated
* feat: updated members page with new status response and remove invite endpoint api (#10624)
* feat: updated members page with new status response and remove invite endpoint api
* feat: removed deprecated invite endpoint apis
* feat: delete orphaned type files
* feat: changed text for copy, cancel and ingeneral messaging for invited users
* feat: test case and pagination fix
* feat: feedback, refactor and test mock update
* feat: updated the confirmation dialog description as now the we cant permanently delete the member
* feat: refactored the member status mapping
* feat: used the open api spec hooks in editmember and updated the test cases
* feat: added error handling
---------
Co-authored-by: SagarRajput-7 <162284829+SagarRajput-7@users.noreply.github.com>
Co-authored-by: SagarRajput-7 <sagar@signoz.io>
* feat: deprecate user invite table
* fix: handle soft deleted users flow
* fix: handle edge cases for authentication and reset password flow
* feat: integration tests with fixes for new flow
* fix: array for grants
* fix: edge cases for reset token and context api
* chore: remove all code related to old invite flow
* fix: openapi specs
* fix: integration tests and minor naming change
* fix: integration tests fmtlint
* feat: improve invitation email template
* fix: role tests
* fix: context api
* fix: openapi frontend
* chore: rename countbyorgid to activecountbyorgid
* fix: a deleted user cannot recycled, creating a new one
* feat: migrate existing invites to user as pending invite status
* fix: error from GetUsersByEmailAndOrgID
* feat: add backward compatibility to existing apis using new invite flow
* chore: change ordering of apis in server
* chore: change ordering of apis in server
* fix: filter active users in role and org id check
* fix: check deleted user in reset password flow
* chore: address some review comments, add back countbyorgid method
* chore: move to bulk inserts for migrating existing invites
* fix: wrap funcs to transactions, and fix openapi specs
* fix: move reset link method to types, also move authz grants outside transation
* fix: transaction issues
* feat: helper method ErrIfDeleted for user
* fix: error code for errifdeleted in user
* fix: soft delete store method
* fix: password authn tests also add old invite flow test
* fix: callbackauthn tests
* fix: remove extra oidc tests
* fix: callback authn tests oidc
* chore: address review comments and optimise bulk invite api
* fix: use db ctx in various places
* fix: fix duplicate email invite issue and add partial invite
* fix: openapi specs
* fix: errifpending
* fix: user status persistence
* fix: edge cases
* chore: add tests for partial index too
* feat: use composite unique index on users table instead of partial one
* chore: move duplicate email check to unmarshaljson and query user again in accept invite
* fix: make 068 migratin idempotent
* chore: remove unused emails var
* chore: add a temp filter to show only active users in frontend until next frontend fix
* chore: remove one check from register flow testing until temp code is removed
* chore: remove commented code from tests
* chore: address frontend review comments
* chore: address frontend review comments
* fix: limit value size and count to pointers with omitempty
* fix: openapi specs backend
* fix: openapi specs frontend
* chore: add go tests for limits validations
* fix: liniting issues
* test: remove go test and add gateway integration tests with mocked gateway for all gateway apis
* feat: add gateway in integration ci src matrix
* chore: divide tests into multiple files for keys and limits and utilities
* fix: creation ingestion key returns 201, check for actual values in tests
* fix: creation ingestion key returns 201, check for actual values in tests
* fix: create ingestion key gateway api mock status code as 201
### 📄 Summary
- Expose Zeus PutProfile, PutHost and GetHost APIs as first-class OpenAPI-spec endpoints, replacing the previous proxy-based approach
- Introduce typed request structs (PostableProfile, PostableHost) instead of raw []byte for type safety and OpenAPI documentation
- Wire Zeus handler through the standard dependency chain: handler interface, handler implementation, Handlers struct, signozapiserver provider
#### Changes
- PUT /api/v2/zeus/profiles - saves deployment profile to Zeus
- PUT /api/v2/zeus/hosts - saves deployment host to Zeus
- GET /api/v2/zeus/hosts - gets the deployment host from Zeus
- All the above new APIs need Admin access
Also:
- httpzeus provider — marshaling now happens in the provider; upstream error messages are passed through instead of being swallowed; fixes wrong upstream path (/hosts → /host); adds 409 Conflict mapping; replaces errors.Newf with errors.New
#### Issues closed by this PR
Closes https://github.com/SigNoz/platform-pod/issues/1722
## Summary
- Adds root user support with environment-based provisioning, protection guards, and automatic reconciliation. A root user is a special admin user that is provisioned via configuration (environment variables) rather than the UI, designed for automated/headless deployments.
## Key Features
- Environment-based provisioning: Configure root user via user.root.enabled, user.root.email, user.root.password, and user.root.org_name settings
- Automatic reconciliation: A background service runs on startup that:
- Looks up the organization by configured org_name
- If no matching org exists, creates the organization and root user via CreateFirstUser
- If the org exists, reconciles the root user (creates, promotes existing user, or updates email/password to match config)
- Retries every 10 seconds until successful
- Protection guards: Root users cannot be:
- Updated or deleted through the API
- Invited or have their password changed through the UI
- Authenticated via SSO/SAML (password-only authentication enforced)
- Self-registration disabled: When root user provisioning is enabled, the self-registration endpoint (/register) is blocked to prevent creating duplicate organizations
- Idempotent password sync: On every reconciliation, the root user's password is synced with the configured value — if it differs, it's updated; if it matches, no-op
* fix: make size and count included in json if zero
* fix: make forgot password api fields required
* fix: openapi spec
* fix: error message casing for frontend
* chore: fix openapi spec
* fix: openapi specs
* feat(authz): initial commit for migrating rbac to openfga
* feat(authz): make the role updates idempotant
* feat(authz): split role module into role and grant
* feat(authz): some naming changes
* feat(authz): integrate the grant module
* feat(authz): add support for migrating existing user role
* feat(authz): add support for migrating existing user role
* feat(authz): figure out the * selector
* feat(authz): merge main
* feat(authz): merge main
* feat(authz): address couple of todos
* feat(authz): address couple of todos
* feat(authz): fix tests and revert public dashboard change
* feat(authz): fix tests and revert public dashboard change
* feat(authz): add open api spec
* feat(authz): add open api spec
* feat(authz): add api key changes and missing migration
* feat(authz): split role into getter and setter
* feat(authz): add integration tests for authz register
* feat(authz): add more tests for user invite and delete
* feat(authz): update user tests
* feat(authz): rename grant to granter
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): add the migration for existing roles
* feat(authz): go mod tidy
* feat(authz): fix integration tests
* feat(authz): handle community changes
* feat(authz): handle community changes
* feat(authz): role selectors for open claims
* feat(authz): role selectors for open claims
* feat(authz): prevent duplicate entries for changelog
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
