* fix: limit value size and count to pointers with omitempty
* fix: openapi specs backend
* fix: openapi specs frontend
* chore: add go tests for limits validations
* fix: liniting issues
* test: remove go test and add gateway integration tests with mocked gateway for all gateway apis
* feat: add gateway in integration ci src matrix
* chore: divide tests into multiple files for keys and limits and utilities
* fix: creation ingestion key returns 201, check for actual values in tests
* fix: creation ingestion key returns 201, check for actual values in tests
* fix: create ingestion key gateway api mock status code as 201
## Summary
- Remove the legacy `/api/gateway` reverse proxy from `ee/query-service/integrations/gateway/` — it has been superseded by the new provider-pattern-based `pkg/gateway/` package (serving
`/api/v2/gateway/ingestion_keys`)
- Delete dead frontend code: manual IngestionKeys API clients and hooks that targeted the old gateway routes
- Clean up `GatewayApiV1`/`GatewayApiV2` axios instances and route constants from the frontend API layer
## What's retained
- `--gateway-url` flag and `GatewayUrl` field in `APIHandlerOptions` (still used by `cloudIntegrations.go`)
- `pkg/gateway/` package (the new gateway provider)
- `frontend/src/api/generated/services/gateway/` (generated client for the new endpoints)
* feat: upgraded custom domain apis and used new open api spec
* feat: upgraded api in DataSourceInfo
* feat: upgraded the update profile api
* feat: added test cases all the upgraded apis
* feat: updated test cases
### 📄 Summary
- Expose Zeus PutProfile, PutHost and GetHost APIs as first-class OpenAPI-spec endpoints, replacing the previous proxy-based approach
- Introduce typed request structs (PostableProfile, PostableHost) instead of raw []byte for type safety and OpenAPI documentation
- Wire Zeus handler through the standard dependency chain: handler interface, handler implementation, Handlers struct, signozapiserver provider
#### Changes
- PUT /api/v2/zeus/profiles - saves deployment profile to Zeus
- PUT /api/v2/zeus/hosts - saves deployment host to Zeus
- GET /api/v2/zeus/hosts - gets the deployment host from Zeus
- All the above new APIs need Admin access
Also:
- httpzeus provider — marshaling now happens in the provider; upstream error messages are passed through instead of being swallowed; fixes wrong upstream path (/hosts → /host); adds 409 Conflict mapping; replaces errors.Newf with errors.New
#### Issues closed by this PR
Closes https://github.com/SigNoz/platform-pod/issues/1722
* feat: enhancement in the authn providers with new fields and new ui
* feat: added error handling, integrated generate apis and form validation
* feat: error handling and code refactor
* feat: cleanup and refactor
* feat: cleanup and refactor
* feat: added test cases for the auth domain flow
* feat: used signozhq instead of antd and lucide icons
* feat: toggle consistency fix
* feat: added redirect uri field in google auth
* feat: addressed comments and feedback
* feat: addressed comments and feedback
* feat: removed redirecturi and added error helper for collapsed sections
* feat: refactored code and added email field
* feat: addressed comments and feedback
* feat: added delete confirmation modal for domain list
* feat: addressed comments and feedback
## Summary
- Adds root user support with environment-based provisioning, protection guards, and automatic reconciliation. A root user is a special admin user that is provisioned via configuration (environment variables) rather than the UI, designed for automated/headless deployments.
## Key Features
- Environment-based provisioning: Configure root user via user.root.enabled, user.root.email, user.root.password, and user.root.org_name settings
- Automatic reconciliation: A background service runs on startup that:
- Looks up the organization by configured org_name
- If no matching org exists, creates the organization and root user via CreateFirstUser
- If the org exists, reconciles the root user (creates, promotes existing user, or updates email/password to match config)
- Retries every 10 seconds until successful
- Protection guards: Root users cannot be:
- Updated or deleted through the API
- Invited or have their password changed through the UI
- Authenticated via SSO/SAML (password-only authentication enforced)
- Self-registration disabled: When root user provisioning is enabled, the self-registration endpoint (/register) is blocked to prevent creating duplicate organizations
- Idempotent password sync: On every reconciliation, the root user's password is synced with the configured value — if it differs, it's updated; if it matches, no-op
* feature: init open api ts code gen
* chore: update custom instance to a separate axios instance
* chore: update code owners
* chore: set up node version in CI
* fix: node version
* chore: update jsci.yaml
* chore: update goci.yaml
* chore: rename instance
* chore: resolve comments
* feat: use global config api to fetch ingestion url in ingestion and mutli ingestion settings
* feat: update types for global config api
* feat: show tooltip on global config error
* feat: address review comments
* chore: rename globalConfig to getGlobalConfig
* chore: hide ingestion url section if globalConfig fetch isn't enabled
* feat: enable global config API for all users
* feat: update logEvent, rename `tenant_url` to `deployment_url`
* feat: Update telemetry attributes, add logs format options tooltip, enable login form submission with Enter
* test: update test
* feat: migrate top 10 errors query_range request to v5
* chore: remove unnecessary tests
* chore: improve the top error tests
* fix: send status_message EXISTS only if the toggle is on
* fix: get the count value and simplify the null check
* fix: send has_error = true
* chore: fall back to url.full if url.path doesn't exist
* refactor: address the PR review requested changes
* chore: add test to check if we're sending the correct filters
---------
Co-authored-by: Nityananda Gohain <nityanandagohain@gmail.com>
* feat: show span percentile in span details
* feat: resource attribute selection for span percentile
* feat: wait for 2 secs for the first fetch of span percentile
* feat: add unit test cases for span percentiles
* feat: use style tokens
* feat: remove redundant test assertion
* chore: resolve conflicts
* feat: reset initial wait state on span change
* feat: update payload , endpoint as per new backend changes
* feat: address review comments
* feat: fetch span percentile without specific resource attributes - first time
* feat(s3-retention): enhance S3 logs retention handling
* chore: overall improvements
* test: add tests for GeneralSettings S3 logs retention functionality
* test: improve S3 logs retention dropdown interaction and validation
* refactor: change s3 and logs response / payload keys
* chore: update the teststo adjust based on the recent payload keys changes
* chore: update the test mock value
* chore: update tests
* chore: skip the flaky test
* fix: fix the condition that would cause infinite loop and the test would fail as a result
---------
Co-authored-by: Nityananda Gohain <nityanandagohain@gmail.com>
## 📄 Summary
- Instead of relying on JWT for session management, we are adding another token system: opaque. This gives the benefits of expiration and revocation.
- We are now ensuring that emails are regex checked throughout the backend.
- Support has been added for OIDC protocol
