* feat: user v2 apis
* fix: openapi specs
* chore: address review comments
* fix: proper handling if invalid roles are passed
* chore: address review comments
* refactor: frontend to use deprecated apis after id rename
* feat: separate apis for adding and deleting user role
* fix: invalidate token when roles are updated
* fix: openapi specs and frontend test
* fix: openapi schema
* fix: openapi spec and move to snakecasing for json
* fix(querier): return proper HTTP status for PromQL timeout errors
PromQL queries hitting the context deadline were incorrectly returning
400 Bad Request with "invalid_input" because enhancePromQLError
unconditionally wrapped all errors as TypeInvalidInput. Extract
tryEnhancePromQLExecError to properly classify timeout, cancellation,
and storage errors before falling through to parse error handling.
Also make the PromQL engine timeout configurable via prometheus.timeout
config (default 2m) instead of hardcoding it.
* chore: refactor files
* fix(prometheus): validate timeout config and fix test setups
Add validation in prometheus.Config to reject zero timeout. Update all
test files to explicitly set Timeout: 2 * time.Minute in prometheus.Config
literals to avoid immediate query timeouts.
* feat: adding cloud integration type for refactor
* refactor: store interfaces to use local types and error
* feat: adding sql store implementation
* refactor: removing interface check
* feat: adding updated types for cloud integration
* refactor: using struct for map
* refactor: update cloud integration types and module interface
* fix: correct GetService signature and remove shadowed Data field
* feat: implement cloud integration store
* refactor: adding comments and removed wrong code
* refactor: streamlining types
* refactor: add comments for backward compatibility in PostableAgentCheckInRequest
* refactor: update Dashboard struct comments and remove unused fields
* refactor: split upsert store method
* feat: adding integration test
* refactor: clean up types
* refactor: renaming service type to service id
* refactor: using serviceID type
* feat: adding method for service id creation
* refactor: updating store methods
* refactor: clean up
* refactor: clean up
* refactor: review comments
* refactor: clean up
* feat: adding handlers
* fix: lint and ci issues
* fix: lint issues
* fix: update error code for service not found
* feat: adding handler skeleton
* chore: removing todo comment
* feat: adding frontend openapi schema
* refactor: making review changes
* feat: regenerating openapi specs
* feat(factory): add service state tracking, AwaitHealthy, depends_on, and /healthz endpoint
Add explicit lifecycle state tracking to factory.Registry services
(starting/running/failed) modeled after Guava's ServiceManager. Services
can declare dependencies via NewNamedService(..., dependsOn) which are
validated for unknown refs and cycles at registry creation. AwaitHealthy
blocks until all services reach running state. A /healthz endpoint is
wired through signozapiserver returning 200/503 with per-service state.
* feat(apiserver): move health endpoints to /api/v2/ and register readyz, livez
* refactor(factory): use gonum for cycle detection, return error on cycles, fix test assertions
Replace custom DFS cycle detection with gonum's topo.Sort + TarjanSCC.
Dependency cycles now return an error from NewRegistry instead of being
silently dropped. Use assert for final test assertions and require only
for intermediate setup errors.
* chore: go mod tidy
* refactor(factory): decouple Handler from Registry, wire through Handlers struct
Move Handler implementation to a private handler struct with NewHandler
constructor instead of methods on *Registry. Route handler through the
existing Handlers struct as RegistryHandler. Rename healthz.go to
registry.go in signozapiserver. Fix handler_test.go for new param.
* feat(factory): add ServiceWithHealthy interface, add Healthy to authz, user depends on authz
Add ServiceWithHealthy interface embedding Service + Healthy. NamedService
now delegates Healthy() to the underlying service, eliminating unwrapService.
AuthZ interface requires Healthy(), implemented in both pkg and ee providers.
User service declares dependency on authz via dependsOn.
* test(integration): use /api/v2/healthz for readiness check, log 503 response body
* fix(factory): replace fmt.Errorf with errors.Newf in tests to satisfy linter
* feat: generate openapi spec
* fix(integration): log errors at error level in healthz readiness check
* test(integration): log and assert healthz response in test_setup
* feat(user): implement ServiceWithHealthy for user service
User service signals healthy after successful root user reconciliation
or immediately when disabled. User Service interface now embeds
factory.ServiceWithHealthy.
* fix(factory): reflect service names as strings
* fix(apiserver): document health 503 responses
* feat: generate openapi spec
* chore: move dashboard provider from redux to zustand
* chore: replace useDashboard with useDashboardStore (#10629)
* chore: derive dashboard locked state from global state (#10645)
* chore: remove usage of updatedTimeRef in dashboard provider (#10551)
* chore: removed updatedTimeRef from global store
* chore: removed updatedTimeRef from global store
* chore: remove dashboardQueryRangeCalled from global dashboard state (#10650)
* chore: remove dashboardQueryRangeCalled from global dashboard state
* chore: cleanup dashboard page setup (#10652)
* chore: update tests from dashboard provider migration (#10653)
* chore: update tests from dashboard provider migration
* chore: cleaner local storage variable update (#10656)
* feat: adding cloud integration type for refactor
* refactor: store interfaces to use local types and error
* feat: adding sql store implementation
* refactor: removing interface check
* feat: adding updated types for cloud integration
* refactor: using struct for map
* refactor: update cloud integration types and module interface
* fix: correct GetService signature and remove shadowed Data field
* feat: implement cloud integration store
* refactor: adding comments and removed wrong code
* refactor: streamlining types
* refactor: add comments for backward compatibility in PostableAgentCheckInRequest
* refactor: update Dashboard struct comments and remove unused fields
* refactor: split upsert store method
* feat: adding integration test
* refactor: clean up types
* refactor: renaming service type to service id
* refactor: using serviceID type
* feat: adding method for service id creation
* refactor: updating store methods
* refactor: clean up
* refactor: clean up
* refactor: review comments
* refactor: clean up
* fix: update error code for service not found
* refactor: returning error only for create methods
* refactor: method chaining formatting
* feat: introduce user_role table
* fix: golint and register migrations
* fix: user types and order of update user
* feat: add migration to drop role column from users table
* fix: raw queries pointing to role column in users table
* chore: remove storable user struct and minor other changes
* chore: remove refs of calling vars as storable users
* chore: user 0th role instead of highest
* chore: address pr comments
* chore: rename userrolestore to user_role_store
* chore: return userroles with user in getter where possible
* chore: move user module as user setter
* chore: arrange getter and setter methods
* fix: nil pointer for update user in integration test due to half payload being passed
* chore: update openapi specs
* fix: nil errors without making frontend changes
* fix: empty array check everywhere for user roles array and minor other changes
* fix: imports
* fix: rebase changes
* chore: renaming functions
* chore: simplified getorcreateuser user setter method and call sites
* fix: golint
* fix: remove redundant authz migration, remove fk enforcement for drop migration
* fix: add new event for user activation
* feat(middleware): add panic recovery middleware with TypeFatal error type
Add a global HTTP recovery middleware that catches panics, logs them
with OTel exception semantic conventions via errors.Attr, and returns
a safe user-facing error response. Introduce TypeFatal/CodeFatal for
unrecoverable failures and WithStacktrace to attach pre-formatted
stack traces to errors. Remove redundant per-handler panic recovery
blocks in querier APIs.
* style(errors): keep WithStacktrace call on same line in test
* fix(middleware): replace fmt.Errorf with errors.New in recovery test
* feat(middleware): add request context to panic recovery logs
Capture request body before handler runs and include method, path, and
body in panic recovery logs using OTel semconv attributes. Improve error
message to direct users to GitHub issues or support.
Replace the nested `slog.Source` group with flat OTel semantic convention
keys by adding a Source log handler wrapper that extracts source info
from record.PC. Remove AddSource from the JSON handler since the wrapper
handles it directly.
* feat(instrumentation): add OTel exception semantic convention log handler
Add a loghandler.Wrapper that enriches error log records with OpenTelemetry
exception semantic convention attributes (exception.type, exception.code,
exception.message, exception.stacktrace).
- Add errors.Attr() helper for standardized error logging under "exception" key
- Add exception log handler that replaces raw error attrs with structured group
- Wire exception handler into the instrumentation SDK logger chain
- Remove LogValue() from errors.base as the handler now owns structuring
* refactor: replace "error", err with errors.Attr(err) across codebase
Migrate all slog error logging from ad-hoc "error", err key-value pairs
to the standardized errors.Attr(err) helper, enabling the exception log
handler to enrich these logs with OTel semantic convention attributes.
* refactor: enforce attr-only slog style across codebase
Change sloglint from kv-only to attr-only, requiring all slog calls to
use typed attributes (slog.String, slog.Any, etc.) instead of key-value
pairs. Convert all existing kv-style slog calls in non-excluded paths.
* refactor: tighten slog.Any to specific types and standardize error attrs
- Replace slog.Any with slog.String for string values (action, key, where_clause)
- Replace slog.Any with slog.Uint64 for uint64 values (start, end, step, etc.)
- Replace slog.Any("err", err) with errors.Attr(err) in dispatcher and segment analytics
- Replace slog.Any("error", ctx.Err()) with errors.Attr in factory registry
* fix(instrumentation): use Unwrapb message for exception.message
Use the explicit error message (m) from Unwrapb instead of
foundErr.Error(), which resolves to the inner cause's message
for wrapped errors.
* feat(errors): capture stacktrace at error creation time
Store program counters ([]uintptr) in base errors at creation time
using runtime.Callers, inspired by thanos-io/thanos/pkg/errors. The
exception log handler reads the stacktrace from the error instead of
capturing at log time, showing where the error originated.
* fix(instrumentation): apply default log wrappers uniformly in NewLogger
Move correlation, filtering, and exception wrappers into NewLogger so
all call sites (including CLI loggers in cmd/) get them automatically.
* refactor(instrumentation): remove variadic wrappers from NewLogger
NewLogger no longer accepts arbitrary wrappers. The core wrappers
(correlation, filtering, exception) are hardcoded, preventing callers
from accidentally duplicating behavior.
* refactor: migrate remaining "error", <var> to errors.Attr across legacy paths
Replace all remaining "error", <variable> key-value pairs with
errors.Attr(<variable>) in pkg/query-service/ and ee/query-service/
paths that were missed in the initial migration due to non-standard
variable names (res.Err, filterErr, apiErrorObj.Err, etc).
* refactor(instrumentation): use flat exception.* keys instead of nested group
Use flat keys (exception.type, exception.code, exception.message,
exception.stacktrace) instead of a nested slog.Group in the exception
log handler.
* feat: change the cursor to pointer on hovering domain rows
* feat: external api -> domains table -> right drawer -> all the columns have same color
* feat: hover style of the left tab when the right tab is active
The domain rows in the External APIs table are clickable
(they open a detail drawer) but showed the default cursor,
giving no visual affordance. Added cursor: pointer to the
.expanded-clickable-row class that is already applied via
onRow() in DomainList.tsx.
Fixes#9403
* chore: deprecate old user invite apis
* chore: add back validation for pending user in list user apis for integration tests
* fix: allow pending user to be updated
* feat: updated members page with new status response and remove invite endpoint api (#10624)
* feat: updated members page with new status response and remove invite endpoint api
* feat: removed deprecated invite endpoint apis
* feat: delete orphaned type files
* feat: changed text for copy, cancel and ingeneral messaging for invited users
* feat: test case and pagination fix
* feat: feedback, refactor and test mock update
* feat: updated the confirmation dialog description as now the we cant permanently delete the member
* feat: refactored the member status mapping
* feat: used the open api spec hooks in editmember and updated the test cases
* feat: added error handling
---------
Co-authored-by: SagarRajput-7 <162284829+SagarRajput-7@users.noreply.github.com>
Co-authored-by: SagarRajput-7 <sagar@signoz.io>
* fix(tests): fix flaky rootuser integration tests
setupCompleted becomes true before the root user is actually created
because the reconciliation runs in an async goroutine. Add a second
polling phase that waits for /api/v1/user to return 200, confirming
the root user exists and the impersonation provider can resolve.
* fix(ci): fail py-fmt check when formatter changes files
Add git diff --exit-code after make py-fmt so CI fails if any files
are not properly formatted, instead of silently passing.
Also includes black formatting fix for 01_rootuser.py.
* refactor(tests): remove redundant unauthenticated request test
test_unauthenticated_request_succeeds is redundant now that
test_root_user_created already polls /api/v1/user without auth
and waits for 200.
* feat: new service_account page with crud and listing
* feat: multiple style and functionality fixes
* feat: multiple style and functionality fixes
* feat: feedback fix
* feat: added pagination and sorter
* feat: feedback fix
* feat: feedback and refactor
* feat: updated with new schemas changes
* feat: feedback and refactor
* feat: added announcement banner
* feat: added IS_SERVICE_ACCOUNTS_ENABLED to hide Service Account feature and announcement banner
* feat: added test cases
* feat: updated subtitle
* feat: feedback, refactor and test enhancments
* feat: enhancement in role select component
* feat: enhancement and implemented nuqs usage across the Service account feature
* feat: refactor drawer page to have api fetch and added cache on the list call for faster lookup
* feat: refactor edit key modal to be more url controlled than props
* feat: moved onsucess and onerror inside the hook
* feat: enhancement in createserviceaccount modal with nuqs and refactor
* feat: enhancement in addkey, editkey and disable modal
* feat: refactor in revoke key modal to make it isolated and url controlled
* feat: updated types after latest rebase change
* feat: feedback, refactor and cleanup
* feat: udpate test case
Remove the DeprecatedFlags struct and all associated CLI flags
(--max-idle-conns, --max-open-conns, --dial-timeout, --flux-interval,
--flux-interval-for-trace-detail, --prefer-span-metrics, --cluster,
--gateway-url) that were superseded by environment variable-based
configuration. Deprecated environment variable handling is retained.
Closes#6805
* feat(authz): migrate authorization to authz instead of user.role
* fixup! feat(authz): migrate authorization to authz instead of user.role
address comments
* fixup! fixup! feat(authz): migrate authorization to authz instead of user.role
Allow anonymous to go to unauthorized, otherwise it will loop in errors
* fixup! fixup! fixup! feat(authz): migrate authorization to authz instead of user.role
Improve error message when anonymous
* fixup! fixup! fixup! fixup! feat(authz): migrate authorization to authz instead of user.role
Format breaking with new css
