* fix: add missing filtering for ip address for scalar data
In domain listing api for external api monitoring,
we have option to filter out the IP address but
it only handles timeseries and raw type data while
domain list handler returns scalar data.
* fix: switch to new derived attributes for ip filtering
---------
Co-authored-by: Nityananda Gohain <nityanandagohain@gmail.com>
* fix: fix incosistent use of http attribute in ext. api
HTTP attributes like http.url, url.full along with server.name and net.peer.name
were used inconsitantly leading to bugs in aggregation query and they were
expensive to query as well since these attr are stored as json instead of
direct columns. Using columns like http_url optimises these queries since
it gets populated using all relevant attributes during ingestion itself.
* fix: switch to using http_host instead of external_http_url
external_http_url stores the hostname but the name
is confusing, so switching to http_host
* fix: use constants defined where possible
* fix: fix old attribute usage in tests
## Summary
- Adds root user support with environment-based provisioning, protection guards, and automatic reconciliation. A root user is a special admin user that is provisioned via configuration (environment variables) rather than the UI, designed for automated/headless deployments.
## Key Features
- Environment-based provisioning: Configure root user via user.root.enabled, user.root.email, user.root.password, and user.root.org_name settings
- Automatic reconciliation: A background service runs on startup that:
- Looks up the organization by configured org_name
- If no matching org exists, creates the organization and root user via CreateFirstUser
- If the org exists, reconciles the root user (creates, promotes existing user, or updates email/password to match config)
- Retries every 10 seconds until successful
- Protection guards: Root users cannot be:
- Updated or deleted through the API
- Invited or have their password changed through the UI
- Authenticated via SSO/SAML (password-only authentication enforced)
- Self-registration disabled: When root user provisioning is enabled, the self-registration endpoint (/register) is blocked to prevent creating duplicate organizations
- Idempotent password sync: On every reconciliation, the root user's password is synced with the configured value — if it differs, it's updated; if it matches, no-op
* feat(authz): remove unnecessary dependency injection for role setter
* feat(authz): deprecate role module
* feat(authz): deprecate role module
* feat(authz): split between server and sql actions
* feat(authz): add bootstrap for managed role transactions
* feat(authz): update and add integration tests
* feat(authz): match names for factory and migration
* feat(authz): fix integration tests
* feat(authz): reduce calls on organisation creeation
* fix: make size and count included in json if zero
* fix: make forgot password api fields required
* fix: openapi spec
* fix: error message casing for frontend
* chore: fix openapi spec
* fix: openapi specs
* feat(authz): initial commit for migrating rbac to openfga
* feat(authz): make the role updates idempotant
* feat(authz): split role module into role and grant
* feat(authz): some naming changes
* feat(authz): integrate the grant module
* feat(authz): add support for migrating existing user role
* feat(authz): add support for migrating existing user role
* feat(authz): figure out the * selector
* feat(authz): merge main
* feat(authz): merge main
* feat(authz): address couple of todos
* feat(authz): address couple of todos
* feat(authz): fix tests and revert public dashboard change
* feat(authz): fix tests and revert public dashboard change
* feat(authz): add open api spec
* feat(authz): add open api spec
* feat(authz): add api key changes and missing migration
* feat(authz): split role into getter and setter
* feat(authz): add integration tests for authz register
* feat(authz): add more tests for user invite and delete
* feat(authz): update user tests
* feat(authz): rename grant to granter
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): address review comments
* feat(authz): add the migration for existing roles
* feat(authz): go mod tidy
* feat(authz): fix integration tests
* feat(authz): handle community changes
* feat(authz): handle community changes
* feat(authz): role selectors for open claims
* feat(authz): role selectors for open claims
* feat(authz): prevent duplicate entries for changelog
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(authz): scafolding for rbac migration
* feat(dashboard): add public dashboard APIs to open-api spec
* feat(dashboard): split the ee and pkg modules
* feat(dashboard): commit open api spec
* feat(dashboard): fix signoz module test
* feat(dashboard): add license checks
* feat(dashboard): merge main
* feat(dashboard): add anonymous scheme
