fix: v3 filter_suggestions

This reverts commit c8fcc48022.

.github/workflows/goci.yaml

@@ -102,13 +102,3 @@ jobs:
         run: |
           go run cmd/enterprise/*.go generate openapi
           git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in openapi spec. Run go run cmd/enterprise/*.go generate openapi locally and commit."; exit 1)
-      - name: node-install
-        uses: actions/setup-node@v5
-        with:
-          node-version: "22"
-      - name: install-frontend
-        run: cd frontend && yarn install
-      - name: generate-api-clients
-        run: |
-          cd frontend && yarn generate:api
-          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in generated api clients. Run yarn generate:api in frontend/ locally and commit."; exit 1)

.github/workflows/jsci.yaml

@@ -52,16 +52,16 @@ jobs:
     with:
       PRIMUS_REF: main
       JS_SRC: frontend
-  md-languages:
+  languages:
     if: |
       github.event_name == 'merge_group' ||
       (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
       (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
     runs-on: ubuntu-latest
     steps:
-      - name: checkout
+      - name: self-checkout
         uses: actions/checkout@v4
-      - name: validate md languages
+      - name: run
         run: bash frontend/scripts/validate-md-languages.sh
   authz:
     if: |
@@ -70,44 +70,55 @@ jobs:
       (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout code
+      - name: self-checkout
         uses: actions/checkout@v5
-
-      - name: Set up Node.js
+      - name: node-install
         uses: actions/setup-node@v5
         with:
           node-version: "22"
-
-      - name: Install frontend dependencies
+      - name: deps-install
         working-directory: ./frontend
         run: |
           yarn install
-
-      - name: Install uv
+      - name: uv-install
         uses: astral-sh/setup-uv@v5
-
-      - name: Install Python dependencies
+      - name: uv-deps
         working-directory: ./tests/integration
         run: |
           uv sync
-
-      - name: Start test environment
+      - name: setup-test
         run: |
           make py-test-setup
-
-      - name: Generate permissions.type.ts
+      - name: generate
         working-directory: ./frontend
         run: |
           yarn generate:permissions-type
-
-      - name: Teardown test environment
+      - name: teardown-test
         if: always()
         run: |
           make py-test-teardown
-
-      - name: Check for changes
+      - name: validate
         run: |
           if ! git diff --exit-code frontend/src/hooks/useAuthZ/permissions.type.ts; then
             echo "::error::frontend/src/hooks/useAuthZ/permissions.type.ts is out of date. Please run the generator locally and commit the changes: npm run generate:permissions-type (from the frontend directory)"
             exit 1
           fi
+  openapi:
+    if: |
+      github.event_name == 'merge_group' ||
+      (github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: self-checkout
+        uses: actions/checkout@v4
+      - name: node-install
+        uses: actions/setup-node@v5
+        with:
+          node-version: "22"
+      - name: install-frontend
+        run: cd frontend && yarn install
+      - name: generate-api-clients
+        run: |
+          cd frontend && yarn generate:api
+          git diff --compact-summary --exit-code || (echo; echo "Unexpected difference in generated api clients. Run yarn generate:api in frontend/ locally and commit."; exit 1)

conf/example.yaml

@@ -308,6 +308,9 @@ user:
       allow_self: true
       # The duration within which a user can reset their password.
       max_token_lifetime: 6h
+    invite:
+      # The duration within which a user can accept their invite.
+      max_token_lifetime: 48h
   root:
     # Whether to enable the root user. When enabled, a root user is provisioned
     # on startup using the email and password below. The root user cannot be

deploy/docker-swarm/docker-compose.ha.yaml

@@ -190,7 +190,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:v0.115.0
+    image: signoz/signoz:v0.116.1
     ports:
       - "8080:8080" # signoz port
     #   - "6060:6060"     # pprof port

deploy/docker-swarm/docker-compose.yaml

@@ -117,7 +117,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:v0.115.0
+    image: signoz/signoz:v0.116.1
     ports:
       - "8080:8080" # signoz port
     volumes:

deploy/docker/docker-compose.ha.yaml

@@ -181,7 +181,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:${VERSION:-v0.115.0}
+    image: signoz/signoz:${VERSION:-v0.116.1}
     container_name: signoz
     ports:
       - "8080:8080" # signoz port

deploy/docker/docker-compose.yaml

@@ -109,7 +109,7 @@ services:
       # - ../common/clickhouse/storage.xml:/etc/clickhouse-server/config.d/storage.xml
   signoz:
     !!merge <<: *db-depend
-    image: signoz/signoz:${VERSION:-v0.115.0}
+    image: signoz/signoz:${VERSION:-v0.116.1}
     container_name: signoz
     ports:
       - "8080:8080" # signoz port

docs/api/openapi.yml

@@ -220,6 +220,13 @@ components:
       - additions
       - deletions
       type: object
+    AuthtypesPatchableRole:
+      properties:
+        description:
+          type: string
+      required:
+      - description
+      type: object
     AuthtypesPostableAuthDomain:
       properties:
         config:
@@ -236,6 +243,15 @@ components:
         password:
           type: string
       type: object
+    AuthtypesPostableRole:
+      properties:
+        description:
+          type: string
+        name:
+          type: string
+      required:
+      - name
+      type: object
     AuthtypesPostableRotateToken:
       properties:
         refreshToken:
@@ -251,6 +267,31 @@ components:
       - name
       - type
       type: object
+    AuthtypesRole:
+      properties:
+        createdAt:
+          format: date-time
+          type: string
+        description:
+          type: string
+        id:
+          type: string
+        name:
+          type: string
+        orgId:
+          type: string
+        type:
+          type: string
+        updatedAt:
+          format: date-time
+          type: string
+      required:
+      - id
+      - name
+      - description
+      - type
+      - orgId
+      type: object
     AuthtypesRoleMapping:
       properties:
         defaultRole:
@@ -1722,47 +1763,6 @@ components:
       - status
       - error
       type: object
-    RoletypesPatchableRole:
-      properties:
-        description:
-          type: string
-      required:
-      - description
-      type: object
-    RoletypesPostableRole:
-      properties:
-        description:
-          type: string
-        name:
-          type: string
-      required:
-      - name
-      type: object
-    RoletypesRole:
-      properties:
-        createdAt:
-          format: date-time
-          type: string
-        description:
-          type: string
-        id:
-          type: string
-        name:
-          type: string
-        orgId:
-          type: string
-        type:
-          type: string
-        updatedAt:
-          format: date-time
-          type: string
-      required:
-      - id
-      - name
-      - description
-      - type
-      - orgId
-      type: object
     ServiceaccounttypesFactorAPIKey:
       properties:
         createdAt:
@@ -4234,7 +4234,7 @@ paths:
                 properties:
                   data:
                     items:
-                      $ref: '#/components/schemas/RoletypesRole'
+                      $ref: '#/components/schemas/AuthtypesRole'
                     type: array
                   status:
                     type: string
@@ -4277,7 +4277,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/RoletypesPostableRole'
+              $ref: '#/components/schemas/AuthtypesPostableRole'
       responses:
         "201":
           content:
@@ -4422,7 +4422,7 @@ paths:
               schema:
                 properties:
                   data:
-                    $ref: '#/components/schemas/RoletypesRole'
+                    $ref: '#/components/schemas/AuthtypesRole'
                   status:
                     type: string
                 required:
@@ -4470,7 +4470,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/RoletypesPatchableRole'
+              $ref: '#/components/schemas/AuthtypesPatchableRole'
       responses:
         "204":
           content:

ee/authz/openfgaauthz/provider.go

@@ -13,7 +13,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
@@ -23,7 +22,7 @@ type provider struct {
 	pkgAuthzService authz.AuthZ
 	openfgaServer   *openfgaserver.Server
 	licensing       licensing.Licensing
-	store           roletypes.Store
+	store           authtypes.RoleStore
 	registry        []authz.RegisterTypeable
 }
 
@@ -82,23 +81,23 @@ func (provider *provider) Write(ctx context.Context, additions []*openfgav1.Tupl
 	return provider.openfgaServer.Write(ctx, additions, deletions)
 }
 
-func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
+func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*authtypes.Role, error) {
 	return provider.pkgAuthzService.Get(ctx, orgID, id)
 }
 
-func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
+func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*authtypes.Role, error) {
 	return provider.pkgAuthzService.GetByOrgIDAndName(ctx, orgID, name)
 }
 
-func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
+func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*authtypes.Role, error) {
 	return provider.pkgAuthzService.List(ctx, orgID)
 }
 
-func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
+func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*authtypes.Role, error) {
 	return provider.pkgAuthzService.ListByOrgIDAndNames(ctx, orgID, names)
 }
 
-func (provider *provider) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*roletypes.Role, error) {
+func (provider *provider) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*authtypes.Role, error) {
 	return provider.pkgAuthzService.ListByOrgIDAndIDs(ctx, orgID, ids)
 }
 
@@ -114,7 +113,7 @@ func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, names [
 	return provider.pkgAuthzService.Revoke(ctx, orgID, names, subject)
 }
 
-func (provider *provider) CreateManagedRoles(ctx context.Context, orgID valuer.UUID, managedRoles []*roletypes.Role) error {
+func (provider *provider) CreateManagedRoles(ctx context.Context, orgID valuer.UUID, managedRoles []*authtypes.Role) error {
 	return provider.pkgAuthzService.CreateManagedRoles(ctx, orgID, managedRoles)
 }
 
@@ -136,16 +135,16 @@ func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context,
 	return provider.Write(ctx, tuples, nil)
 }
 
-func (provider *provider) Create(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+func (provider *provider) Create(ctx context.Context, orgID valuer.UUID, role *authtypes.Role) error {
 	_, err := provider.licensing.GetActive(ctx, orgID)
 	if err != nil {
 		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
 	}
 
-	return provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+	return provider.store.Create(ctx, authtypes.NewStorableRoleFromRole(role))
 }
 
-func (provider *provider) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) (*roletypes.Role, error) {
+func (provider *provider) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *authtypes.Role) (*authtypes.Role, error) {
 	_, err := provider.licensing.GetActive(ctx, orgID)
 	if err != nil {
 		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
@@ -159,10 +158,10 @@ func (provider *provider) GetOrCreate(ctx context.Context, orgID valuer.UUID, ro
 	}
 
 	if existingRole != nil {
-		return roletypes.NewRoleFromStorableRole(existingRole), nil
+		return authtypes.NewRoleFromStorableRole(existingRole), nil
 	}
 
-	err = provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+	err = provider.store.Create(ctx, authtypes.NewStorableRoleFromRole(role))
 	if err != nil {
 		return nil, err
 	}
@@ -217,13 +216,13 @@ func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id
 	return objects, nil
 }
 
-func (provider *provider) Patch(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+func (provider *provider) Patch(ctx context.Context, orgID valuer.UUID, role *authtypes.Role) error {
 	_, err := provider.licensing.GetActive(ctx, orgID)
 	if err != nil {
 		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
 	}
 
-	return provider.store.Update(ctx, orgID, roletypes.NewStorableRoleFromRole(role))
+	return provider.store.Update(ctx, orgID, authtypes.NewStorableRoleFromRole(role))
 }
 
 func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
@@ -232,12 +231,12 @@ func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, n
 		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
 	}
 
-	additionTuples, err := roletypes.GetAdditionTuples(name, orgID, relation, additions)
+	additionTuples, err := authtypes.GetAdditionTuples(name, orgID, relation, additions)
 	if err != nil {
 		return err
 	}
 
-	deletionTuples, err := roletypes.GetDeletionTuples(name, orgID, relation, deletions)
+	deletionTuples, err := authtypes.GetDeletionTuples(name, orgID, relation, deletions)
 	if err != nil {
 		return err
 	}
@@ -261,7 +260,7 @@ func (provider *provider) Delete(ctx context.Context, orgID valuer.UUID, id valu
 		return err
 	}
 
-	role := roletypes.NewRoleFromStorableRole(storableRole)
+	role := authtypes.NewRoleFromStorableRole(storableRole)
 	err = role.ErrIfManaged()
 	if err != nil {
 		return err
@@ -271,7 +270,7 @@ func (provider *provider) Delete(ctx context.Context, orgID valuer.UUID, id valu
 }
 
 func (provider *provider) MustGetTypeables() []authtypes.Typeable {
-	return []authtypes.Typeable{authtypes.TypeableRole, roletypes.TypeableResourcesRoles}
+	return []authtypes.Typeable{authtypes.TypeableRole, authtypes.TypeableResourcesRoles}
 }
 
 func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID valuer.UUID) ([]*openfgav1.TupleKey, error) {
@@ -283,7 +282,7 @@ func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID va
 		adminSubject,
 		authtypes.RelationAssignee,
 		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAdminRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
 		},
 		orgID,
 	)
@@ -298,7 +297,7 @@ func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID va
 		anonymousSubject,
 		authtypes.RelationAssignee,
 		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAnonymousRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAnonymousRoleName),
 		},
 		orgID,
 	)

ee/licensing/httplicensing/provider.go

@@ -198,7 +198,10 @@ func (provider *provider) Checkout(ctx context.Context, organizationID valuer.UU
 
 	response, err := provider.zeus.GetCheckoutURL(ctx, activeLicense.Key, body)
 	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to generate checkout session")
+		if errors.Ast(err, errors.TypeAlreadyExists) {
+			return nil, errors.WithAdditionalf(err, "checkout has already been completed for this account. Please click 'Refresh Status' to sync your subscription")
+		}
+		return nil, err
 	}
 
 	return &licensetypes.GettableSubscription{RedirectURL: gjson.GetBytes(response, "url").String()}, nil
@@ -217,7 +220,7 @@ func (provider *provider) Portal(ctx context.Context, organizationID valuer.UUID
 
 	response, err := provider.zeus.GetPortalURL(ctx, activeLicense.Key, body)
 	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to generate portal session")
+		return nil, err
 	}
 
 	return &licensetypes.GettableSubscription{RedirectURL: gjson.GetBytes(response, "url").String()}, nil

ee/modules/dashboard/impldashboard/module.go

@@ -19,7 +19,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
 	"github.com/SigNoz/signoz/pkg/types/instrumentationtypes"
 	"github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
@@ -224,7 +223,7 @@ func (module *module) MustGetTypeables() []authtypes.Typeable {
 
 func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
 	return map[string][]*authtypes.Transaction{
-		roletypes.SigNozAnonymousRoleName: {
+		authtypes.SigNozAnonymousRoleName: {
 			{
 				ID:       valuer.GenerateUUID(),
 				Relation: authtypes.RelationRead,

ee/query-service/rules/manager_test.go

@@ -80,6 +80,21 @@ func TestManager_TestNotification_SendUnmatched_ThresholdRule(t *testing.T) {
 					alertDataRows := cmock.NewRows(cols, tc.Values)
 
 					mock := telemetryStore.Mock()
+					// Mock metadata queries for FetchTemporalityAndTypeMulti
+					// First query: fetchMetricsTemporalityAndType (from signoz_metrics time series table)
+					metadataCols := []cmock.ColumnType{
+						{Name: "metric_name", Type: "String"},
+						{Name: "temporality", Type: "String"},
+						{Name: "type", Type: "String"},
+						{Name: "is_monotonic", Type: "Bool"},
+					}
+					metadataRows := cmock.NewRows(metadataCols, [][]any{
+						{"probe_success", metrictypes.Unspecified, metrictypes.GaugeType, false},
+					})
+					mock.ExpectQuery("*distributed_time_series_v4*").WithArgs(nil, nil, nil).WillReturnRows(metadataRows)
+					// Second query: fetchMeterSourceMetricsTemporalityAndType (from signoz_meter table)
+					emptyMetadataRows := cmock.NewRows(metadataCols, [][]any{})
+					mock.ExpectQuery("*meter*").WithArgs(nil).WillReturnRows(emptyMetadataRows)
 
 					// Generate query arguments for the metric query
 					evalTime := time.Now().UTC()

ee/sqlstore/postgressqlstore/provider.go

@@ -101,7 +101,7 @@ func (provider *provider) WrapNotFoundErrf(err error, code errors.Code, format s
 
 func (provider *provider) WrapAlreadyExistsErrf(err error, code errors.Code, format string, args ...any) error {
 	var pgErr *pgconn.PgError
-	if errors.As(err, &pgErr) && pgErr.Code == "23505" {
+	if errors.As(err, &pgErr) && (pgErr.Code == "23505" || pgErr.Code == "23503") {
 		return errors.Wrapf(err, errors.TypeAlreadyExists, code, format, args...)
 	}
 

frontend/jest.config.ts

@@ -24,7 +24,8 @@ const config: Config.InitialOptions = {
 			'<rootDir>/node_modules/@signozhq/icons/dist/index.esm.js',
 		'^react-syntax-highlighter/dist/esm/(.*)$':
 			'<rootDir>/node_modules/react-syntax-highlighter/dist/cjs/$1',
-		'^@signozhq/([^/]+)$': '<rootDir>/node_modules/@signozhq/$1/dist/$1.js',
+		'^@signozhq/(?!ui$)([^/]+)$':
+			'<rootDir>/node_modules/@signozhq/$1/dist/$1.js',
 	},
 	extensionsToTreatAsEsm: ['.ts'],
 	testMatch: ['<rootDir>/src/**/*?(*.)(test).(ts|js)?(x)'],

frontend/package.json

@@ -11,6 +11,7 @@
     "prettify": "prettier --write .",
     "fmt": "prettier --check .",
     "lint": "eslint ./src",
+    "lint:generated": "eslint ./src/api/generated --fix",
     "lint:fix": "eslint ./src --fix",
     "jest": "jest",
     "jest:coverage": "jest --coverage",
@@ -66,6 +67,7 @@
     "@signozhq/table": "0.3.7",
     "@signozhq/toggle-group": "0.0.1",
     "@signozhq/tooltip": "0.0.2",
+    "@signozhq/ui": "0.0.5",
     "@tanstack/react-table": "8.20.6",
     "@tanstack/react-virtual": "3.11.2",
     "@uiw/codemirror-theme-copilot": "4.23.11",
@@ -283,4 +285,4 @@
     "tmp": "0.2.4",
     "vite": "npm:rolldown-vite@7.3.1"
   }
-}
+}

frontend/scripts/post-types-generation.sh

@@ -25,7 +25,7 @@ echo "\n✅ Prettier formatting successful"
 
 # Fix linting issues
 echo "\n\n---\nRunning eslint...\n"
-if ! yarn lint --fix --quiet src/api/generated; then
+if ! yarn lint:generated; then
   echo "ESLint check failed! Please fix linting errors before proceeding."
   exit 1
 fi

frontend/src/api/generated/services/role/index.ts

@@ -21,6 +21,8 @@ import type { BodyType, ErrorType } from '../../../generatedAPIInstance';
 import { GeneratedAPIInstance } from '../../../generatedAPIInstance';
 import type {
 	AuthtypesPatchableObjectsDTO,
+	AuthtypesPatchableRoleDTO,
+	AuthtypesPostableRoleDTO,
 	CreateRole201,
 	DeleteRolePathParameters,
 	GetObjects200,
@@ -31,8 +33,6 @@ import type {
 	PatchObjectsPathParameters,
 	PatchRolePathParameters,
 	RenderErrorResponseDTO,
-	RoletypesPatchableRoleDTO,
-	RoletypesPostableRoleDTO,
 } from '../sigNoz.schemas';
 
 /**
@@ -118,14 +118,14 @@ export const invalidateListRoles = async (
  * @summary Create role
  */
 export const createRole = (
-	roletypesPostableRoleDTO: BodyType<RoletypesPostableRoleDTO>,
+	authtypesPostableRoleDTO: BodyType<AuthtypesPostableRoleDTO>,
 	signal?: AbortSignal,
 ) => {
 	return GeneratedAPIInstance<CreateRole201>({
 		url: `/api/v1/roles`,
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
-		data: roletypesPostableRoleDTO,
+		data: authtypesPostableRoleDTO,
 		signal,
 	});
 };
@@ -137,13 +137,13 @@ export const getCreateRoleMutationOptions = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createRole>>,
 		TError,
-		{ data: BodyType<RoletypesPostableRoleDTO> },
+		{ data: BodyType<AuthtypesPostableRoleDTO> },
 		TContext
 	>;
 }): UseMutationOptions<
 	Awaited<ReturnType<typeof createRole>>,
 	TError,
-	{ data: BodyType<RoletypesPostableRoleDTO> },
+	{ data: BodyType<AuthtypesPostableRoleDTO> },
 	TContext
 > => {
 	const mutationKey = ['createRole'];
@@ -157,7 +157,7 @@ export const getCreateRoleMutationOptions = <
 
 	const mutationFn: MutationFunction<
 		Awaited<ReturnType<typeof createRole>>,
-		{ data: BodyType<RoletypesPostableRoleDTO> }
+		{ data: BodyType<AuthtypesPostableRoleDTO> }
 	> = (props) => {
 		const { data } = props ?? {};
 
@@ -170,7 +170,7 @@ export const getCreateRoleMutationOptions = <
 export type CreateRoleMutationResult = NonNullable<
 	Awaited<ReturnType<typeof createRole>>
 >;
-export type CreateRoleMutationBody = BodyType<RoletypesPostableRoleDTO>;
+export type CreateRoleMutationBody = BodyType<AuthtypesPostableRoleDTO>;
 export type CreateRoleMutationError = ErrorType<RenderErrorResponseDTO>;
 
 /**
@@ -183,13 +183,13 @@ export const useCreateRole = <
 	mutation?: UseMutationOptions<
 		Awaited<ReturnType<typeof createRole>>,
 		TError,
-		{ data: BodyType<RoletypesPostableRoleDTO> },
+		{ data: BodyType<AuthtypesPostableRoleDTO> },
 		TContext
 	>;
 }): UseMutationResult<
 	Awaited<ReturnType<typeof createRole>>,
 	TError,
-	{ data: BodyType<RoletypesPostableRoleDTO> },
+	{ data: BodyType<AuthtypesPostableRoleDTO> },
 	TContext
 > => {
 	const mutationOptions = getCreateRoleMutationOptions(options);
@@ -370,13 +370,13 @@ export const invalidateGetRole = async (
  */
 export const patchRole = (
 	{ id }: PatchRolePathParameters,
-	roletypesPatchableRoleDTO: BodyType<RoletypesPatchableRoleDTO>,
+	authtypesPatchableRoleDTO: BodyType<AuthtypesPatchableRoleDTO>,
 ) => {
 	return GeneratedAPIInstance<string>({
 		url: `/api/v1/roles/${id}`,
 		method: 'PATCH',
 		headers: { 'Content-Type': 'application/json' },
-		data: roletypesPatchableRoleDTO,
+		data: authtypesPatchableRoleDTO,
 	});
 };
 
@@ -389,7 +389,7 @@ export const getPatchRoleMutationOptions = <
 		TError,
 		{
 			pathParams: PatchRolePathParameters;
-			data: BodyType<RoletypesPatchableRoleDTO>;
+			data: BodyType<AuthtypesPatchableRoleDTO>;
 		},
 		TContext
 	>;
@@ -398,7 +398,7 @@ export const getPatchRoleMutationOptions = <
 	TError,
 	{
 		pathParams: PatchRolePathParameters;
-		data: BodyType<RoletypesPatchableRoleDTO>;
+		data: BodyType<AuthtypesPatchableRoleDTO>;
 	},
 	TContext
 > => {
@@ -415,7 +415,7 @@ export const getPatchRoleMutationOptions = <
 		Awaited<ReturnType<typeof patchRole>>,
 		{
 			pathParams: PatchRolePathParameters;
-			data: BodyType<RoletypesPatchableRoleDTO>;
+			data: BodyType<AuthtypesPatchableRoleDTO>;
 		}
 	> = (props) => {
 		const { pathParams, data } = props ?? {};
@@ -429,7 +429,7 @@ export const getPatchRoleMutationOptions = <
 export type PatchRoleMutationResult = NonNullable<
 	Awaited<ReturnType<typeof patchRole>>
 >;
-export type PatchRoleMutationBody = BodyType<RoletypesPatchableRoleDTO>;
+export type PatchRoleMutationBody = BodyType<AuthtypesPatchableRoleDTO>;
 export type PatchRoleMutationError = ErrorType<RenderErrorResponseDTO>;
 
 /**
@@ -444,7 +444,7 @@ export const usePatchRole = <
 		TError,
 		{
 			pathParams: PatchRolePathParameters;
-			data: BodyType<RoletypesPatchableRoleDTO>;
+			data: BodyType<AuthtypesPatchableRoleDTO>;
 		},
 		TContext
 	>;
@@ -453,7 +453,7 @@ export const usePatchRole = <
 	TError,
 	{
 		pathParams: PatchRolePathParameters;
-		data: BodyType<RoletypesPatchableRoleDTO>;
+		data: BodyType<AuthtypesPatchableRoleDTO>;
 	},
 	TContext
 > => {

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -278,6 +278,13 @@ export interface AuthtypesPatchableObjectsDTO {
 	deletions: AuthtypesGettableObjectsDTO[] | null;
 }
 
+export interface AuthtypesPatchableRoleDTO {
+	/**
+	 * @type string
+	 */
+	description: string;
+}
+
 export interface AuthtypesPostableAuthDomainDTO {
 	config?: AuthtypesAuthDomainConfigDTO;
 	/**
@@ -301,6 +308,17 @@ export interface AuthtypesPostableEmailPasswordSessionDTO {
 	password?: string;
 }
 
+export interface AuthtypesPostableRoleDTO {
+	/**
+	 * @type string
+	 */
+	description?: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+}
+
 export interface AuthtypesPostableRotateTokenDTO {
 	/**
 	 * @type string
@@ -319,6 +337,39 @@ export interface AuthtypesResourceDTO {
 	type: string;
 }
 
+export interface AuthtypesRoleDTO {
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	createdAt?: Date;
+	/**
+	 * @type string
+	 */
+	description: string;
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+	/**
+	 * @type string
+	 */
+	orgId: string;
+	/**
+	 * @type string
+	 */
+	type: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	updatedAt?: Date;
+}
+
 /**
  * @nullable
  */
@@ -2039,57 +2090,6 @@ export interface RenderErrorResponseDTO {
 	status: string;
 }
 
-export interface RoletypesPatchableRoleDTO {
-	/**
-	 * @type string
-	 */
-	description: string;
-}
-
-export interface RoletypesPostableRoleDTO {
-	/**
-	 * @type string
-	 */
-	description?: string;
-	/**
-	 * @type string
-	 */
-	name: string;
-}
-
-export interface RoletypesRoleDTO {
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	createdAt?: Date;
-	/**
-	 * @type string
-	 */
-	description: string;
-	/**
-	 * @type string
-	 */
-	id: string;
-	/**
-	 * @type string
-	 */
-	name: string;
-	/**
-	 * @type string
-	 */
-	orgId: string;
-	/**
-	 * @type string
-	 */
-	type: string;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	updatedAt?: Date;
-}
-
 export interface ServiceaccounttypesFactorAPIKeyDTO {
 	/**
 	 * @type string
@@ -3163,7 +3163,7 @@ export type ListRoles200 = {
 	/**
 	 * @type array
 	 */
-	data: RoletypesRoleDTO[];
+	data: AuthtypesRoleDTO[];
 	/**
 	 * @type string
 	 */
@@ -3185,7 +3185,7 @@ export type GetRolePathParameters = {
 	id: string;
 };
 export type GetRole200 = {
-	data: RoletypesRoleDTO;
+	data: AuthtypesRoleDTO;
 	/**
 	 * @type string
 	 */

frontend/src/api/index.ts

@@ -81,7 +81,8 @@ export const interceptorRejected = async (
 				response.config.url !== '/sessions/email_password' &&
 				!(
 					response.config.url === '/sessions' && response.config.method === 'delete'
-				)
+				) &&
+				response.config.url !== '/authz/check'
 			) {
 				try {
 					const accessToken = getLocalStorageApi(LOCALSTORAGE.AUTH_TOKEN);

frontend/src/api/interceptors.test.ts

@@ -0,0 +1,152 @@
+import axios, { AxiosHeaders, AxiosResponse } from 'axios';
+
+import { interceptorRejected } from './index';
+
+jest.mock('api/browser/localstorage/get', () => ({
+	__esModule: true,
+	default: jest.fn(() => 'mock-token'),
+}));
+
+jest.mock('api/v2/sessions/rotate/post', () => ({
+	__esModule: true,
+	default: jest.fn(() =>
+		Promise.resolve({
+			data: { accessToken: 'new-token', refreshToken: 'new-refresh' },
+		}),
+	),
+}));
+
+jest.mock('AppRoutes/utils', () => ({
+	__esModule: true,
+	default: jest.fn(),
+}));
+
+jest.mock('axios', () => {
+	const actualAxios = jest.requireActual('axios');
+	const mockAxios = jest.fn().mockResolvedValue({ data: 'success' });
+
+	return {
+		...actualAxios,
+		default: Object.assign(mockAxios, {
+			...actualAxios.default,
+			isAxiosError: jest.fn().mockReturnValue(true),
+			create: actualAxios.create,
+		}),
+		__esModule: true,
+	};
+});
+
+describe('interceptorRejected', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		((axios as unknown) as jest.Mock).mockResolvedValue({ data: 'success' });
+		((axios.isAxiosError as unknown) as jest.Mock).mockReturnValue(true);
+	});
+
+	it('should preserve array payload structure when retrying a 401 request', async () => {
+		const arrayPayload = [
+			{ relation: 'assignee', object: { resource: { name: 'role' } } },
+			{ relation: 'assignee', object: { resource: { name: 'editor' } } },
+		];
+
+		const error = ({
+			response: {
+				status: 401,
+				config: {
+					url: '/some-endpoint',
+					method: 'POST',
+					baseURL: 'http://localhost/',
+					headers: new AxiosHeaders(),
+					data: JSON.stringify(arrayPayload),
+				},
+			},
+			config: {
+				url: '/some-endpoint',
+				method: 'POST',
+				baseURL: 'http://localhost/',
+				headers: new AxiosHeaders(),
+				data: JSON.stringify(arrayPayload),
+			},
+		} as unknown) as AxiosResponse;
+
+		try {
+			await interceptorRejected(error);
+		} catch {
+			// Expected to reject after retry
+		}
+
+		const mockAxiosFn = (axios as unknown) as jest.Mock;
+		expect(mockAxiosFn.mock.calls.length).toBe(1);
+		const retryCallConfig = mockAxiosFn.mock.calls[0][0];
+		expect(Array.isArray(JSON.parse(retryCallConfig.data))).toBe(true);
+		expect(JSON.parse(retryCallConfig.data)).toEqual(arrayPayload);
+	});
+
+	it('should preserve object payload structure when retrying a 401 request', async () => {
+		const objectPayload = { key: 'value', nested: { data: 123 } };
+
+		const error = ({
+			response: {
+				status: 401,
+				config: {
+					url: '/some-endpoint',
+					method: 'POST',
+					baseURL: 'http://localhost/',
+					headers: new AxiosHeaders(),
+					data: JSON.stringify(objectPayload),
+				},
+			},
+			config: {
+				url: '/some-endpoint',
+				method: 'POST',
+				baseURL: 'http://localhost/',
+				headers: new AxiosHeaders(),
+				data: JSON.stringify(objectPayload),
+			},
+		} as unknown) as AxiosResponse;
+
+		try {
+			await interceptorRejected(error);
+		} catch {
+			// Expected to reject after retry
+		}
+
+		const mockAxiosFn = (axios as unknown) as jest.Mock;
+		expect(mockAxiosFn.mock.calls.length).toBe(1);
+		const retryCallConfig = mockAxiosFn.mock.calls[0][0];
+		expect(JSON.parse(retryCallConfig.data)).toEqual(objectPayload);
+	});
+
+	it('should handle undefined data gracefully when retrying', async () => {
+		const error = ({
+			response: {
+				status: 401,
+				config: {
+					url: '/some-endpoint',
+					method: 'GET',
+					baseURL: 'http://localhost/',
+					headers: new AxiosHeaders(),
+					data: undefined,
+				},
+			},
+			config: {
+				url: '/some-endpoint',
+				method: 'GET',
+				baseURL: 'http://localhost/',
+				headers: new AxiosHeaders(),
+				data: undefined,
+			},
+		} as unknown) as AxiosResponse;
+
+		try {
+			await interceptorRejected(error);
+		} catch {
+			// Expected to reject after retry
+		}
+
+		const mockAxiosFn = (axios as unknown) as jest.Mock;
+		expect(mockAxiosFn.mock.calls.length).toBe(1);
+		const retryCallConfig = mockAxiosFn.mock.calls[0][0];
+		expect(retryCallConfig.data).toBeUndefined();
+	});
+});

frontend/src/assets/UnAuthorized.tsx

@@ -1,8 +1,14 @@
-function UnAuthorized(): JSX.Element {
+function UnAuthorized({
+	width = 137,
+	height = 137,
+}: {
+	height?: number;
+	width?: number;
+}): JSX.Element {
 	return (
 		<svg
-			width="137"
-			height="137"
+			width={width}
+			height={height}
 			viewBox="0 0 137 137"
 			fill="none"
 			xmlns="http://www.w3.org/2000/svg"

frontend/src/auto-import-registry.d.ts

@@ -30,3 +30,4 @@ import '@signozhq/switch';
 import '@signozhq/table';
 import '@signozhq/toggle-group';
 import '@signozhq/tooltip';
+import '@signozhq/ui';

frontend/src/components/ShiftOverlay/ShiftHoldOverlayController.tsx

@@ -1,13 +1,13 @@
 import { createShortcutActions } from '../../constants/shortcutActions';
 import { useCmdK } from '../../providers/cmdKProvider';
+import { ROLES } from '../../types/roles';
 import { ShiftOverlay } from './ShiftOverlay';
 import { useShiftHoldOverlay } from './useShiftHoldOverlay';
 
-type UserRole = 'ADMIN' | 'EDITOR' | 'AUTHOR' | 'VIEWER';
 export function ShiftHoldOverlayController({
 	userRole,
 }: {
-	userRole: UserRole;
+	userRole: ROLES;
 }): JSX.Element | null {
 	const { open: isCmdKOpen } = useCmdK();
 	const noop = (): void => undefined;

frontend/src/components/ShiftOverlay/ShiftOverlay.tsx

@@ -1,18 +1,18 @@
 import { useMemo } from 'react';
 import ReactDOM from 'react-dom';
+import { ROLES } from 'types/roles';
 
 import { formatShortcut } from './formatShortcut';
 
 import './shiftOverlay.scss';
 
-export type UserRole = 'ADMIN' | 'EDITOR' | 'AUTHOR' | 'VIEWER';
 export type CmdAction = {
 	id: string;
 	name: string;
 	shortcut?: string[];
 	keywords?: string;
 	section?: string;
-	roles?: UserRole[];
+	roles?: ROLES[];
 	perform: () => void;
 };
 
@@ -33,7 +33,7 @@ function Shortcut({ label, keyHint }: ShortcutProps): JSX.Element {
 interface ShiftOverlayProps {
 	visible: boolean;
 	actions: CmdAction[];
-	userRole: UserRole;
+	userRole: ROLES;
 }
 
 export function ShiftOverlay({

frontend/src/components/cmdKPalette/cmdKPalette.tsx

@@ -11,6 +11,7 @@ import {
 import logEvent from 'api/common/logEvent';
 import { useThemeMode } from 'hooks/useDarkMode';
 import history from 'lib/history';
+import { ROLES as UserRole } from 'types/roles';
 
 import { createShortcutActions } from '../../constants/shortcutActions';
 import { useCmdK } from '../../providers/cmdKProvider';
@@ -28,7 +29,6 @@ type CmdAction = {
 	perform: () => void;
 };
 
-type UserRole = 'ADMIN' | 'EDITOR' | 'AUTHOR' | 'VIEWER';
 export function CmdKPalette({
 	userRole,
 }: {

frontend/src/constants/shortcutActions.tsx

@@ -18,8 +18,7 @@ import {
 	TowerControl,
 	Workflow,
 } from 'lucide-react';
-
-export type UserRole = 'ADMIN' | 'EDITOR' | 'AUTHOR' | 'VIEWER';
+import { ROLES } from 'types/roles';
 
 export type CmdAction = {
 	id: string;
@@ -28,7 +27,7 @@ export type CmdAction = {
 	keywords?: string;
 	section?: string;
 	icon?: React.ReactNode;
-	roles?: UserRole[];
+	roles?: ROLES[];
 	perform: () => void;
 };
 

frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/StatusCodeBarCharts.tsx

@@ -3,16 +3,14 @@ import { UseQueryResult } from 'react-query';
 import { Color } from '@signozhq/design-tokens';
 import { Button, Card, Skeleton, Typography } from 'antd';
 import cx from 'classnames';
-import { useGetGraphCustomSeries } from 'components/CeleryTask/useGetGraphCustomSeries';
 import { useNavigateToExplorer } from 'components/CeleryTask/useNavigateToExplorer';
-import Uplot from 'components/Uplot';
-import { PANEL_TYPES } from 'constants/queryBuilder';
 import {
 	getCustomFiltersForBarChart,
 	getFormattedEndPointStatusCodeChartData,
 	getStatusCodeBarChartWidgetData,
 	statusCodeWidgetInfo,
 } from 'container/ApiMonitoring/utils';
+import BarChart from 'container/DashboardContainer/visualization/charts/BarChart/BarChart';
 import { handleGraphClick } from 'container/GridCardLayout/GridCard/utils';
 import { useGraphClickToShowButton } from 'container/GridCardLayout/useGraphClickToShowButton';
 import useNavigateToExplorerPages from 'container/GridCardLayout/useNavigateToExplorerPages';
@@ -20,15 +18,16 @@ import { useQueryBuilder } from 'hooks/queryBuilder/useQueryBuilder';
 import { useIsDarkMode } from 'hooks/useDarkMode';
 import { useResizeObserver } from 'hooks/useDimensions';
 import { useNotifications } from 'hooks/useNotifications';
-import { getUPlotChartOptions } from 'lib/uPlotLib/getUplotChartOptions';
 import { getUPlotChartData } from 'lib/uPlotLib/utils/getUplotChartData';
+import { LegendPosition } from 'lib/uPlotV2/components/types';
 import { getStartAndEndTimesInMilliseconds } from 'pages/MessagingQueues/MessagingQueuesUtils';
+import { useTimezone } from 'providers/Timezone';
 import { SuccessResponse } from 'types/api';
 import { Widgets } from 'types/api/dashboard/getAll';
 import { IBuilderQuery } from 'types/api/queryBuilder/queryBuilderData';
-import { Options } from 'uplot';
 
 import ErrorState from './ErrorState';
+import { prepareStatusCodeBarChartsConfig } from './utils';
 
 function StatusCodeBarCharts({
 	endPointStatusCodeBarChartsDataQuery,
@@ -67,13 +66,6 @@ function StatusCodeBarCharts({
 	} = endPointStatusCodeLatencyBarChartsDataQuery;
 
 	const { startTime: minTime, endTime: maxTime } = timeRange;
-	const legendScrollPositionRef = useRef<{
-		scrollTop: number;
-		scrollLeft: number;
-	}>({
-		scrollTop: 0,
-		scrollLeft: 0,
-	});
 
 	const graphRef = useRef<HTMLDivElement>(null);
 	const dimensions = useResizeObserver(graphRef);
@@ -119,6 +111,7 @@ function StatusCodeBarCharts({
 
 	const navigateToExplorer = useNavigateToExplorer();
 	const { currentQuery } = useQueryBuilder();
+	const { timezone } = useTimezone();
 
 	const navigateToExplorerPages = useNavigateToExplorerPages();
 	const { notifications } = useNotifications();
@@ -134,12 +127,6 @@ function StatusCodeBarCharts({
 		[],
 	);
 
-	const { getCustomSeries } = useGetGraphCustomSeries({
-		isDarkMode,
-		drawStyle: 'bars',
-		colorMapping,
-	});
-
 	const widget = useMemo<Widgets>(
 		() =>
 			getStatusCodeBarChartWidgetData(domainName, {
@@ -193,49 +180,36 @@ function StatusCodeBarCharts({
 		],
 	);
 
-	const options = useMemo(
-		() =>
-			getUPlotChartOptions({
-				apiResponse:
-					currentWidgetInfoIndex === 0
-						? formattedEndPointStatusCodeBarChartsDataPayload
-						: formattedEndPointStatusCodeLatencyBarChartsDataPayload,
-				isDarkMode,
-				dimensions,
-				yAxisUnit: statusCodeWidgetInfo[currentWidgetInfoIndex].yAxisUnit,
-				softMax: null,
-				softMin: null,
-				minTimeScale: minTime,
-				maxTimeScale: maxTime,
-				panelType: PANEL_TYPES.BAR,
-				onClickHandler: graphClickHandler,
-				customSeries: getCustomSeries,
-				onDragSelect,
-				colorMapping,
-				query: currentQuery,
-				legendScrollPosition: legendScrollPositionRef.current,
-				setLegendScrollPosition: (position: {
-					scrollTop: number;
-					scrollLeft: number;
-				}) => {
-					legendScrollPositionRef.current = position;
-				},
-			}),
-		[
-			minTime,
-			maxTime,
-			currentWidgetInfoIndex,
-			dimensions,
-			formattedEndPointStatusCodeBarChartsDataPayload,
-			formattedEndPointStatusCodeLatencyBarChartsDataPayload,
+	const config = useMemo(() => {
+		const apiResponse =
+			currentWidgetInfoIndex === 0
+				? formattedEndPointStatusCodeBarChartsDataPayload
+				: formattedEndPointStatusCodeLatencyBarChartsDataPayload;
+		return prepareStatusCodeBarChartsConfig({
+			timezone,
 			isDarkMode,
-			graphClickHandler,
-			getCustomSeries,
+			query: currentQuery,
 			onDragSelect,
+			onClick: graphClickHandler,
+			apiResponse,
+			minTimeScale: minTime,
+			maxTimeScale: maxTime,
+			yAxisUnit: statusCodeWidgetInfo[currentWidgetInfoIndex].yAxisUnit,
 			colorMapping,
-			currentQuery,
-		],
-	);
+		});
+	}, [
+		currentQuery,
+		isDarkMode,
+		minTime,
+		maxTime,
+		graphClickHandler,
+		onDragSelect,
+		formattedEndPointStatusCodeBarChartsDataPayload,
+		formattedEndPointStatusCodeLatencyBarChartsDataPayload,
+		timezone,
+		currentWidgetInfoIndex,
+		colorMapping,
+	]);
 
 	const renderCardContent = useCallback(
 		(query: UseQueryResult<SuccessResponse<any>, unknown>): JSX.Element => {
@@ -253,11 +227,20 @@ function StatusCodeBarCharts({
 							!query.isLoading && !query?.data?.payload?.data?.result?.length,
 					})}
 				>
-					<Uplot options={options as Options} data={chartData} />
+					<BarChart
+						config={config}
+						data={chartData}
+						width={dimensions.width}
+						height={dimensions.height}
+						timezone={timezone}
+						legendConfig={{
+							position: LegendPosition.BOTTOM,
+						}}
+					/>
 				</div>
 			);
 		},
-		[options, chartData],
+		[config, chartData, dimensions, timezone],
 	);
 
 	return (

frontend/src/container/ApiMonitoring/Explorer/Domains/DomainDetails/components/utils.ts

@@ -0,0 +1,83 @@
+import { ExecStats } from 'api/v5/v5';
+import { Timezone } from 'components/CustomTimePicker/timezoneUtils';
+import { PANEL_TYPES } from 'constants/queryBuilder';
+import { buildBaseConfig } from 'container/DashboardContainer/visualization/panels/utils/baseConfigBuilder';
+import { getLegend } from 'lib/dashboard/getQueryResults';
+import getLabelName from 'lib/getLabelName';
+import { OnClickPluginOpts } from 'lib/uPlotLib/plugins/onClickPlugin';
+import { DrawStyle } from 'lib/uPlotV2/config/types';
+import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
+import { get } from 'lodash-es';
+import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';
+import { Query } from 'types/api/queryBuilder/queryBuilderData';
+import { QueryData } from 'types/api/widgets/getQuery';
+import { v4 } from 'uuid';
+
+export const prepareStatusCodeBarChartsConfig = ({
+	timezone,
+	isDarkMode,
+	query,
+	onDragSelect,
+	onClick,
+	apiResponse,
+	minTimeScale,
+	maxTimeScale,
+	yAxisUnit,
+	colorMapping,
+}: {
+	timezone: Timezone;
+	isDarkMode: boolean;
+	query: Query;
+	onDragSelect: (startTime: number, endTime: number) => void;
+	onClick?: OnClickPluginOpts['onClick'];
+	minTimeScale?: number;
+	maxTimeScale?: number;
+	apiResponse: MetricRangePayloadProps;
+	yAxisUnit?: string;
+	colorMapping?: Record<string, string>;
+}): UPlotConfigBuilder => {
+	const stepIntervals: ExecStats['stepIntervals'] = get(
+		apiResponse,
+		'data.newResult.meta.stepIntervals',
+		{},
+	);
+	const minStepInterval = Math.min(...Object.values(stepIntervals));
+
+	const config = buildBaseConfig({
+		id: v4(),
+		yAxisUnit: yAxisUnit,
+		apiResponse,
+		isDarkMode,
+		onDragSelect,
+		timezone,
+		onClick,
+		minTimeScale,
+		maxTimeScale,
+		stepInterval: minStepInterval,
+		panelType: PANEL_TYPES.BAR,
+	});
+
+	const seriesList: QueryData[] = apiResponse?.data?.result || [];
+	seriesList.forEach((series) => {
+		const baseLabelName = getLabelName(
+			series.metric,
+			series.queryName || '', // query
+			series.legend || '',
+		);
+
+		const label = query ? getLegend(series, query, baseLabelName) : baseLabelName;
+
+		const currentStepInterval = get(stepIntervals, series.queryName, undefined);
+
+		config.addSeries({
+			scaleKey: 'y',
+			drawStyle: DrawStyle.Bar,
+			label: label,
+			colorMapping: colorMapping ?? {},
+			isDarkMode,
+			stepInterval: currentStepInterval,
+		});
+	});
+
+	return config;
+};

frontend/src/container/ApiMonitoring/__tests__/StatusCodeBarCharts.test.tsx

@@ -21,10 +21,15 @@ interface MockQueryResult {
 }
 
 // Mocks
-jest.mock('components/Uplot', () => ({
-	__esModule: true,
-	default: jest.fn().mockImplementation(() => <div data-testid="uplot-mock" />),
-}));
+jest.mock(
+	'container/DashboardContainer/visualization/charts/BarChart/BarChart',
+	() => ({
+		__esModule: true,
+		default: jest
+			.fn()
+			.mockImplementation(() => <div data-testid="bar-chart-mock" />),
+	}),
+);
 
 jest.mock('components/CeleryTask/useGetGraphCustomSeries', () => ({
 	useGetGraphCustomSeries: (): { getCustomSeries: jest.Mock } => ({
@@ -70,6 +75,24 @@ jest.mock('hooks/useNotifications', () => ({
 	useNotifications: (): { notifications: [] } => ({ notifications: [] }),
 }));
 
+jest.mock('providers/Timezone', () => ({
+	useTimezone: (): {
+		timezone: {
+			name: string;
+			value: string;
+			offset: string;
+			searchIndex: string;
+		};
+	} => ({
+		timezone: {
+			name: 'UTC',
+			value: 'UTC',
+			offset: '+00:00',
+			searchIndex: 'UTC',
+		},
+	}),
+}));
+
 jest.mock('lib/uPlotLib/getUplotChartOptions', () => ({
 	getUPlotChartOptions: jest.fn().mockReturnValue({}),
 }));
@@ -319,7 +342,7 @@ describe('StatusCodeBarCharts', () => {
 			mockData.payload,
 			'sum',
 		);
-		expect(screen.getByTestId('uplot-mock')).toBeInTheDocument();
+		expect(screen.getByTestId('bar-chart-mock')).toBeInTheDocument();
 		expect(screen.getByText('Number of calls')).toBeInTheDocument();
 		expect(screen.getByText('Latency')).toBeInTheDocument();
 	});

frontend/src/container/Login/Login.styles.scss

@@ -337,31 +337,6 @@
 
 .login-submit-btn {
 	width: 100%;
-	height: 32px;
-	padding: 10px 16px;
-	background: var(--primary);
-	border: none;
-	border-radius: 2px;
-	font-family: Inter, sans-serif;
-	font-size: 11px;
-	font-weight: 500;
-	line-height: 1;
-	color: var(--bg-neutral-dark-50);
-	display: flex;
-	align-items: center;
-	justify-content: center;
-	gap: 8px;
-
-	&:hover:not(:disabled) {
-		background: var(--primary);
-		opacity: 0.9;
-	}
-
-	&:disabled {
-		background: var(--primary);
-		opacity: 0.6;
-		cursor: not-allowed;
-	}
 }
 
 .lightMode {

frontend/src/container/Login/index.tsx

@@ -1,6 +1,6 @@
 import { useCallback, useEffect, useMemo, useState } from 'react';
 import { useQuery } from 'react-query';
-import { Button } from '@signozhq/button';
+import { Button } from '@signozhq/ui';
 import { Form, Input, Select, Typography } from 'antd';
 import getVersion from 'api/v1/version/get';
 import get from 'api/v2/sessions/context/get';
@@ -392,9 +392,9 @@ function Login(): JSX.Element {
 							disabled={!isNextButtonEnabled}
 							variant="solid"
 							onClick={onNextHandler}
-							data-testid="initiate_login"
+							testId="initiate_login"
 							className="login-submit-btn"
-							suffixIcon={<ArrowRight size={12} />}
+							suffix={<ArrowRight />}
 						>
 							Next
 						</Button>
@@ -406,10 +406,10 @@ function Login(): JSX.Element {
 							variant="solid"
 							type="submit"
 							color="primary"
-							data-testid="callback_authn_submit"
+							testId="callback_authn_submit"
 							data-attr="signup"
 							className="login-submit-btn"
-							suffixIcon={<ArrowRight size={12} />}
+							suffix={<ArrowRight />}
 						>
 							Sign in with SSO
 						</Button>
@@ -420,11 +420,11 @@ function Login(): JSX.Element {
 							disabled={!isSubmitButtonEnabled}
 							variant="solid"
 							color="primary"
-							data-testid="password_authn_submit"
+							testId="password_authn_submit"
 							type="submit"
 							data-attr="signup"
 							className="login-submit-btn"
-							suffixIcon={<ArrowRight size={12} />}
+							suffix={<ArrowRight />}
 						>
 							Sign in with Password
 						</Button>

frontend/src/container/RolesSettings/RolesComponents/CreateRoleModal.tsx

@@ -13,8 +13,8 @@ import {
 	usePatchRole,
 } from 'api/generated/services/role';
 import {
+	AuthtypesPostableRoleDTO,
 	RenderErrorResponseDTO,
-	RoletypesPostableRoleDTO,
 } from 'api/generated/services/sigNoz.schemas';
 import { ErrorType } from 'api/generatedAPIInstance';
 import ROUTES from 'constants/routes';
@@ -114,7 +114,7 @@ function CreateRoleModal({
 					data: { description: values.description || '' },
 				});
 			} else {
-				const data: RoletypesPostableRoleDTO = {
+				const data: AuthtypesPostableRoleDTO = {
 					name: values.name,
 					...(values.description ? { description: values.description } : {}),
 				};

frontend/src/container/RolesSettings/RolesComponents/RolesListingTable.tsx

@@ -2,7 +2,7 @@ import { useCallback, useEffect, useMemo } from 'react';
 import { useHistory } from 'react-router-dom';
 import { Pagination, Skeleton } from 'antd';
 import { useListRoles } from 'api/generated/services/role';
-import { RoletypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
+import { AuthtypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
 import ErrorInPlace from 'components/ErrorInPlace/ErrorInPlace';
 import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
 import ROUTES from 'constants/routes';
@@ -20,7 +20,7 @@ const PAGE_SIZE = 20;
 
 type DisplayItem =
 	| { type: 'section'; label: string; count?: number }
-	| { type: 'role'; role: RoletypesRoleDTO };
+	| { type: 'role'; role: AuthtypesRoleDTO };
 
 interface RolesListingTableProps {
 	searchQuery: string;
@@ -187,7 +187,7 @@ function RolesListingTable({
 	};
 
 	// todo: use table from periscope when its available for consumption
-	const renderRow = (role: RoletypesRoleDTO): JSX.Element => (
+	const renderRow = (role: AuthtypesRoleDTO): JSX.Element => (
 		<div
 			key={role.id}
 			className={`roles-table-row ${

frontend/src/hooks/useAuthZ/constants.ts

@@ -0,0 +1,2 @@
+export const SINGLE_FLIGHT_WAIT_TIME_MS = 50;
+export const AUTHZ_CACHE_TIME = 20_000;

frontend/src/hooks/useAuthZ/legacy.ts

@@ -0,0 +1,18 @@
+import { buildPermission } from './utils';
+
+export const IsAdminPermission = buildPermission(
+	'assignee',
+	'role:signoz-admin',
+);
+export const IsEditorPermission = buildPermission(
+	'assignee',
+	'role:signoz-editor',
+);
+export const IsViewerPermission = buildPermission(
+	'assignee',
+	'role:signoz-viewer',
+);
+export const IsAnonymousPermission = buildPermission(
+	'assignee',
+	'role:signoz-anonymous',
+);

frontend/src/hooks/useAuthZ/types.ts

@@ -14,7 +14,7 @@ type ResourceTypeMap = {
 
 type RelationName = keyof RelationsByType;
 
-type ResourcesForRelation<R extends RelationName> = Extract<
+export type ResourcesForRelation<R extends RelationName> = Extract<
 	Resource,
 	{ type: RelationsByType[R][number] }
 >['name'];
@@ -50,8 +50,26 @@ export type AuthZCheckResponse = Record<
 	}
 >;
 
+export type UseAuthZOptions = {
+	/**
+	 * If false, the query/permissions will not be fetched.
+	 * Useful when you want to disable the query/permissions for a specific use case, like logout.
+	 *
+	 * @default true
+	 */
+	enabled?: boolean;
+};
+
 export type UseAuthZResult = {
+	/**
+	 * If query is cached, and refetch happens in background, this is false.
+	 */
 	isLoading: boolean;
+	/**
+	 * If query is fetching, even if happens in background, this is true.
+	 */
+	isFetching: boolean;
 	error: Error | null;
 	permissions: AuthZCheckResponse | null;
+	refetchPermissions: () => void;
 };

frontend/src/hooks/useAuthZ/useAuthZ.tsx

@@ -1,4 +1,4 @@
-import { useMemo } from 'react';
+import { useCallback, useMemo } from 'react';
 import { useQueries } from 'react-query';
 import { authzCheck } from 'api/generated/services/authz';
 import type {
@@ -6,7 +6,13 @@ import type {
 	AuthtypesTransactionDTO,
 } from 'api/generated/services/sigNoz.schemas';
 
-import { AuthZCheckResponse, BrandedPermission, UseAuthZResult } from './types';
+import { AUTHZ_CACHE_TIME, SINGLE_FLIGHT_WAIT_TIME_MS } from './constants';
+import {
+	AuthZCheckResponse,
+	BrandedPermission,
+	UseAuthZOptions,
+	UseAuthZResult,
+} from './types';
 import {
 	gettableTransactionToPermission,
 	permissionToTransactionDto,
@@ -14,8 +20,6 @@ import {
 
 let ctx: Promise<AuthZCheckResponse> | null;
 let pendingPermissions: BrandedPermission[] = [];
-const SINGLE_FLIGHT_WAIT_TIME_MS = 50;
-const AUTHZ_CACHE_TIME = 20_000;
 
 function dispatchPermission(
 	permission: BrandedPermission,
@@ -70,7 +74,12 @@ async function fetchManyPermissions(
 	}, {} as AuthZCheckResponse);
 }
 
-export function useAuthZ(permissions: BrandedPermission[]): UseAuthZResult {
+export function useAuthZ(
+	permissions: BrandedPermission[],
+	options?: UseAuthZOptions,
+): UseAuthZResult {
+	const { enabled } = options ?? { enabled: true };
+
 	const queryResults = useQueries(
 		permissions.map((permission) => {
 			return {
@@ -80,6 +89,7 @@ export function useAuthZ(permissions: BrandedPermission[]): UseAuthZResult {
 				refetchIntervalInBackground: false,
 				refetchOnWindowFocus: false,
 				refetchOnReconnect: true,
+				enabled,
 				queryFn: async (): Promise<AuthZCheckResponse> => {
 					const response = await dispatchPermission(permission);
 
@@ -96,6 +106,10 @@ export function useAuthZ(permissions: BrandedPermission[]): UseAuthZResult {
 	const isLoading = useMemo(() => queryResults.some((q) => q.isLoading), [
 		queryResults,
 	]);
+	const isFetching = useMemo(() => queryResults.some((q) => q.isFetching), [
+		queryResults,
+	]);
+
 	const error = useMemo(
 		() =>
 			!isLoading
@@ -121,9 +135,17 @@ export function useAuthZ(permissions: BrandedPermission[]): UseAuthZResult {
 		}, {} as AuthZCheckResponse);
 	}, [isLoading, error, queryResults]);
 
+	const refetchPermissions = useCallback(() => {
+		for (const query of queryResults) {
+			query.refetch();
+		}
+	}, [queryResults]);
+
 	return {
 		isLoading,
+		isFetching,
 		error,
 		permissions: data ?? null,
+		refetchPermissions,
 	};
 }

frontend/src/hooks/useAuthZ/utils.ts

@@ -3,9 +3,9 @@ import permissionsType from './permissions.type';
 import {
 	AuthZObject,
 	AuthZRelation,
-	AuthZResource,
 	BrandedPermission,
 	ResourceName,
+	ResourcesForRelation,
 	ResourceType,
 } from './types';
 
@@ -19,11 +19,10 @@ export function buildPermission<R extends AuthZRelation>(
 	return `${relation}${PermissionSeparator}${object}` as BrandedPermission;
 }
 
-export function buildObjectString(
-	resource: AuthZResource,
-	objectId: string,
-): `${AuthZResource}${typeof ObjectSeparator}${string}` {
-	return `${resource}${ObjectSeparator}${objectId}` as const;
+export function buildObjectString<
+	R extends 'delete' | 'read' | 'update' | 'assignee'
+>(resource: ResourcesForRelation<R>, objectId: string): AuthZObject<R> {
+	return `${resource}${ObjectSeparator}${objectId}` as AuthZObject<R>;
 }
 
 export function parsePermission(

frontend/src/mocks-server/__mockdata__/roles.ts

@@ -1,8 +1,8 @@
-import { RoletypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
+import { AuthtypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
 
 const orgId = '019ba2bb-2fa1-7b24-8159-cfca08617ef9';
 
-export const managedRoles: RoletypesRoleDTO[] = [
+export const managedRoles: AuthtypesRoleDTO[] = [
 	{
 		id: '019c24aa-2248-756f-9833-984f1ab63819',
 		createdAt: new Date('2026-02-03T18:00:55.624356Z'),
@@ -35,7 +35,7 @@ export const managedRoles: RoletypesRoleDTO[] = [
 	},
 ];
 
-export const customRoles: RoletypesRoleDTO[] = [
+export const customRoles: AuthtypesRoleDTO[] = [
 	{
 		id: '019c24aa-3333-0001-aaaa-111111111111',
 		createdAt: new Date('2026-02-10T10:30:00.000Z'),
@@ -56,7 +56,7 @@ export const customRoles: RoletypesRoleDTO[] = [
 	},
 ];
 
-export const allRoles: RoletypesRoleDTO[] = [...managedRoles, ...customRoles];
+export const allRoles: AuthtypesRoleDTO[] = [...managedRoles, ...customRoles];
 
 export const listRolesSuccessResponse = {
 	status: 'success',

frontend/src/pages/UnAuthorized/index.styles.scss

@@ -0,0 +1,5 @@
+.unauthorized-page {
+	&__description {
+		text-align: center;
+	}
+}

frontend/src/pages/UnAuthorized/index.tsx

@@ -1,20 +1,51 @@
+import { useCallback } from 'react';
 import { Space, Typography } from 'antd';
 import UnAuthorized from 'assets/UnAuthorized';
-import { Button, Container } from 'components/NotFound/styles';
-import ROUTES from 'constants/routes';
+import { Container } from 'components/NotFound/styles';
+import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
+import { useQueryState } from 'nuqs';
+import { handleContactSupport } from 'pages/Integrations/utils';
+
+import { useAppContext } from '../../providers/App/App';
+import { USER_ROLES } from '../../types/roles';
+
+import './index.styles.scss';
 
 function UnAuthorizePage(): JSX.Element {
-	return (
-		<Container>
-			<Space align="center" direction="vertical">
-				<UnAuthorized />
-				<Typography.Title level={3}>
-					Oops.. you don&apos;t have permission to view this page
-				</Typography.Title>
+	const [debugCurrentRole] = useQueryState('currentRole');
+	const { user } = useAppContext();
+	const { isCloudUser: isCloudUserVal } = useGetTenantLicense();
 
-				<Button to={ROUTES.HOME} tabIndex={0} className="periscope-btn primary">
-					Return To Home
-				</Button>
+	const userIsAnonymous =
+		debugCurrentRole === USER_ROLES.ANONYMOUS ||
+		user.role === USER_ROLES.ANONYMOUS;
+	const mistakeMessage = userIsAnonymous
+		? 'If you believe this is a mistake, please contact your administrator or'
+		: 'Please contact your administrator.';
+
+	const handleContactSupportClick = useCallback((): void => {
+		handleContactSupport(isCloudUserVal);
+	}, [isCloudUserVal]);
+
+	return (
+		<Container className="unauthorized-page">
+			<Space align="center" direction="vertical">
+				<UnAuthorized width={64} height={64} />
+				<Typography.Title level={3}>Access Restricted</Typography.Title>
+
+				<p className="unauthorized-page__description">
+					It looks like you don&lsquo;t have permission to view this page. <br />
+					{mistakeMessage}
+					{userIsAnonymous ? (
+						<Typography.Link
+							className="contact-support-link"
+							onClick={handleContactSupportClick}
+						>
+							{' '}
+							reach out to us.
+						</Typography.Link>
+					) : null}
+				</p>
 			</Space>
 		</Container>
 	);

frontend/src/providers/App/App.tsx

@@ -19,6 +19,12 @@ import getUserVersion from 'api/v1/version/get';
 import { LOCALSTORAGE } from 'constants/localStorage';
 import dayjs from 'dayjs';
 import useActiveLicenseV3 from 'hooks/useActiveLicenseV3/useActiveLicenseV3';
+import {
+	IsAdminPermission,
+	IsEditorPermission,
+	IsViewerPermission,
+} from 'hooks/useAuthZ/legacy';
+import { useAuthZ } from 'hooks/useAuthZ/useAuthZ';
 import { useGetFeatureFlag } from 'hooks/useGetFeatureFlag';
 import { useGlobalEventListener } from 'hooks/useGlobalEventListener';
 import { ChangelogSchema } from 'types/api/changelog/getChangelogByVersion';
@@ -34,7 +40,7 @@ import {
 	UserPreference,
 } from 'types/api/preferences/preference';
 import { Organization } from 'types/api/user/getOrganization';
-import { USER_ROLES } from 'types/roles';
+import { ROLES, USER_ROLES } from 'types/roles';
 
 import { IAppContext, IUser } from './types';
 import { getUserDefaults } from './utils';
@@ -43,7 +49,7 @@ export const AppContext = createContext<IAppContext | undefined>(undefined);
 
 export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 	// on load of the provider set the user defaults with access token , refresh token from local storage
-	const [user, setUser] = useState<IUser>(() => getUserDefaults());
+	const [defaultUser, setDefaultUser] = useState<IUser>(() => getUserDefaults());
 	const [activeLicense, setActiveLicense] = useState<LicenseResModel | null>(
 		null,
 	);
@@ -70,18 +76,51 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 	// if logged out and trying to hit any route none of these calls will trigger
 	const {
 		data: userData,
-		isFetching: isFetchingUser,
-		error: userFetchError,
+		isFetching: isFetchingUserData,
+		error: userFetchDataError,
 	} = useQuery({
 		queryFn: get,
 		queryKey: ['/api/v1/user/me'],
 		enabled: isLoggedIn,
 	});
 
+	const {
+		permissions: permissionsResult,
+		isFetching: isFetchingPermissions,
+		error: errorOnPermissions,
+		refetchPermissions,
+	} = useAuthZ([IsAdminPermission, IsEditorPermission, IsViewerPermission], {
+		enabled: isLoggedIn,
+	});
+
+	const isFetchingUser = isFetchingUserData || isFetchingPermissions;
+	const userFetchError = userFetchDataError || errorOnPermissions;
+
+	const userRole = useMemo(() => {
+		if (permissionsResult?.[IsAdminPermission]?.isGranted) {
+			return USER_ROLES.ADMIN;
+		}
+		if (permissionsResult?.[IsEditorPermission]?.isGranted) {
+			return USER_ROLES.EDITOR;
+		}
+		if (permissionsResult?.[IsViewerPermission]?.isGranted) {
+			return USER_ROLES.VIEWER;
+		}
+		// if none of the permissions, so anonymous
+		return USER_ROLES.ANONYMOUS;
+	}, [permissionsResult]);
+
+	const user: IUser = useMemo(() => {
+		return {
+			...defaultUser,
+			role: userRole as ROLES,
+		};
+	}, [defaultUser, userRole]);
+
 	useEffect(() => {
 		if (!isFetchingUser && userData && userData.data) {
 			setLocalStorageApi(LOCALSTORAGE.LOGGED_IN_USER_EMAIL, userData.data.email);
-			setUser((prev) => ({
+			setDefaultUser((prev) => ({
 				...prev,
 				...userData.data,
 			}));
@@ -203,7 +242,7 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 	}, [userPreferencesData, isFetchingUserPreferences, isLoggedIn]);
 
 	function updateUser(user: IUser): void {
-		setUser((prev) => ({
+		setDefaultUser((prev) => ({
 			...prev,
 			...user,
 		}));
@@ -244,7 +283,7 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 					...org.slice(orgIndex + 1, org.length),
 				];
 				setOrg(updatedOrg);
-				setUser((prev) => {
+				setDefaultUser((prev) => {
 					if (prev.orgId === orgId) {
 						return {
 							...prev,
@@ -272,7 +311,7 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 	// global event listener for AFTER_LOGIN event to start the user fetch post all actions are complete
 	useGlobalEventListener('AFTER_LOGIN', (event) => {
 		if (event.detail) {
-			setUser((prev) => ({
+			setDefaultUser((prev) => ({
 				...prev,
 				accessJwt: event.detail.accessJWT,
 				refreshJwt: event.detail.refreshJWT,
@@ -280,12 +319,14 @@ export function AppProvider({ children }: PropsWithChildren): JSX.Element {
 			}));
 			setIsLoggedIn(true);
 		}
+
+		refetchPermissions();
 	});
 
 	// global event listener for LOGOUT event to clean the app context state
 	useGlobalEventListener('LOGOUT', () => {
 		setIsLoggedIn(false);
-		setUser(getUserDefaults());
+		setDefaultUser(getUserDefaults());
 		setActiveLicense(null);
 		setTrialInfo(null);
 		setFeatureFlags(null);

frontend/src/providers/App/__tests__/App.test.tsx

@@ -0,0 +1,273 @@
+import { ReactElement } from 'react';
+import { QueryClient, QueryClientProvider } from 'react-query';
+import { renderHook, waitFor } from '@testing-library/react';
+import setLocalStorageApi from 'api/browser/localstorage/set';
+import {
+	AuthtypesGettableTransactionDTO,
+	AuthtypesTransactionDTO,
+} from 'api/generated/services/sigNoz.schemas';
+import { LOCALSTORAGE } from 'constants/localStorage';
+import { SINGLE_FLIGHT_WAIT_TIME_MS } from 'hooks/useAuthZ/constants';
+import { server } from 'mocks-server/server';
+import { rest } from 'msw';
+import { USER_ROLES } from 'types/roles';
+
+import { AppProvider, useAppContext } from '../App';
+
+const AUTHZ_CHECK_URL = 'http://localhost/api/v1/authz/check';
+
+jest.mock('constants/env', () => ({
+	ENVIRONMENT: { baseURL: 'http://localhost', wsURL: '' },
+}));
+
+/**
+ * Since we are mocking the check permissions, this is needed
+ */
+const waitForSinglePreflightToFinish = async (): Promise<void> =>
+	await new Promise((r) => setTimeout(r, SINGLE_FLIGHT_WAIT_TIME_MS));
+
+function authzMockResponse(
+	payload: AuthtypesTransactionDTO[],
+	authorizedByIndex: boolean[],
+): { data: AuthtypesGettableTransactionDTO[]; status: string } {
+	return {
+		data: payload.map((txn, i) => ({
+			relation: txn.relation,
+			object: txn.object,
+			authorized: authorizedByIndex[i] ?? false,
+		})),
+		status: 'success',
+	};
+}
+
+const queryClient = new QueryClient({
+	defaultOptions: {
+		queries: {
+			refetchOnWindowFocus: false,
+			retry: false,
+		},
+	},
+});
+
+function createWrapper(): ({
+	children,
+}: {
+	children: ReactElement;
+}) => ReactElement {
+	return function Wrapper({
+		children,
+	}: {
+		children: ReactElement;
+	}): ReactElement {
+		return (
+			<QueryClientProvider client={queryClient}>
+				<AppProvider>{children}</AppProvider>
+			</QueryClientProvider>
+		);
+	};
+}
+
+describe('AppProvider user.role from permissions', () => {
+	beforeEach(() => {
+		queryClient.clear();
+		setLocalStorageApi(LOCALSTORAGE.IS_LOGGED_IN, 'true');
+	});
+
+	it('sets user.role to ADMIN and hasEditPermission to true when admin permission is granted', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [true, false, false])),
+				);
+			}),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitForSinglePreflightToFinish();
+
+		await waitFor(
+			() => {
+				expect(result.current.user.role).toBe(USER_ROLES.ADMIN);
+				expect(result.current.hasEditPermission).toBe(true);
+			},
+			{ timeout: 2000 },
+		);
+	});
+
+	it('sets user.role to EDITOR and hasEditPermission to true when only editor permission is granted', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [false, true, false])),
+				);
+			}),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitForSinglePreflightToFinish();
+
+		await waitFor(
+			() => {
+				expect(result.current.user.role).toBe(USER_ROLES.EDITOR);
+				expect(result.current.hasEditPermission).toBe(true);
+			},
+			{ timeout: 2000 },
+		);
+	});
+
+	it('sets user.role to VIEWER and hasEditPermission to false when only viewer permission is granted', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [false, false, true])),
+				);
+			}),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitForSinglePreflightToFinish();
+
+		await waitFor(
+			() => {
+				expect(result.current.user.role).toBe(USER_ROLES.VIEWER);
+				expect(result.current.hasEditPermission).toBe(false);
+			},
+			{ timeout: 2000 },
+		);
+	});
+
+	it('sets user.role to ANONYMOUS and hasEditPermission to false when no role permission is granted', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+				const payload = await req.json();
+				return res(
+					ctx.status(200),
+					ctx.json(authzMockResponse(payload, [false, false, false])),
+				);
+			}),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitForSinglePreflightToFinish();
+
+		await waitFor(
+			() => {
+				expect(result.current.user.role).toBe(USER_ROLES.ANONYMOUS);
+				expect(result.current.hasEditPermission).toBe(false);
+			},
+			{ timeout: 2000 },
+		);
+	});
+
+	/**
+	 * This is expected to not happen, but we'll test it just in case.
+	 */
+	describe('when multiple role permissions are granted', () => {
+		it('prefers ADMIN over EDITOR and VIEWER when multiple role permissions are granted', async () => {
+			server.use(
+				rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+					const payload = await req.json();
+					return res(
+						ctx.status(200),
+						ctx.json(authzMockResponse(payload, [true, true, true])),
+					);
+				}),
+			);
+
+			const wrapper = createWrapper();
+			const { result } = renderHook(() => useAppContext(), { wrapper });
+
+			await waitFor(
+				() => {
+					expect(result.current.user.role).toBe(USER_ROLES.ADMIN);
+					expect(result.current.hasEditPermission).toBe(true);
+				},
+				{ timeout: 300 },
+			);
+		});
+
+		it('prefers EDITOR over VIEWER when editor and viewer permissions are granted', async () => {
+			server.use(
+				rest.post(AUTHZ_CHECK_URL, async (req, res, ctx) => {
+					const payload = await req.json();
+					return res(
+						ctx.status(200),
+						ctx.json(authzMockResponse(payload, [false, true, true])),
+					);
+				}),
+			);
+
+			const wrapper = createWrapper();
+			const { result } = renderHook(() => useAppContext(), { wrapper });
+
+			await waitForSinglePreflightToFinish();
+
+			await waitFor(
+				() => {
+					expect(result.current.user.role).toBe(USER_ROLES.EDITOR);
+					expect(result.current.hasEditPermission).toBe(true);
+				},
+				{ timeout: 2000 },
+			);
+		});
+	});
+});
+
+describe('AppProvider when authz/check fails', () => {
+	beforeEach(() => {
+		queryClient.clear();
+		setLocalStorageApi(LOCALSTORAGE.IS_LOGGED_IN, 'true');
+	});
+
+	it('sets userFetchError when authz/check returns 500 (same as user fetch error)', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_, res, ctx) =>
+				res(ctx.status(500), ctx.json({ error: 'Internal Server Error' })),
+			),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitForSinglePreflightToFinish();
+
+		await waitFor(
+			() => {
+				expect(result.current.userFetchError).toBeTruthy();
+			},
+			{ timeout: 2000 },
+		);
+	});
+
+	it('sets userFetchError when authz/check fails with network error (same as user fetch error)', async () => {
+		server.use(
+			rest.post(AUTHZ_CHECK_URL, (_, res) => res.networkError('Network error')),
+		);
+
+		const wrapper = createWrapper();
+		const { result } = renderHook(() => useAppContext(), { wrapper });
+
+		await waitForSinglePreflightToFinish();
+
+		await waitFor(
+			() => {
+				expect(result.current.userFetchError).toBeTruthy();
+			},
+			{ timeout: 2000 },
+		);
+	});
+});

frontend/src/types/api/user/getUser.ts

@@ -13,6 +13,9 @@ export interface UserResponse {
 	displayName: string;
 	orgId: string;
 	organization: string;
+	/**
+	 * @deprecated This will be removed in the future releases in favor of new AuthZ framework
+	 */
 	role: ROLES;
 	updatedAt?: number;
 }

frontend/src/types/roles.ts

@@ -2,14 +2,16 @@ export type ADMIN = 'ADMIN';
 export type VIEWER = 'VIEWER';
 export type EDITOR = 'EDITOR';
 export type AUTHOR = 'AUTHOR';
+export type ANONYMOUS = 'ANONYMOUS';
 
-export type ROLES = ADMIN | VIEWER | EDITOR | AUTHOR;
+export type ROLES = ADMIN | VIEWER | EDITOR | AUTHOR | ANONYMOUS;
 
 export const USER_ROLES = {
 	ADMIN: 'ADMIN',
 	VIEWER: 'VIEWER',
 	EDITOR: 'EDITOR',
 	AUTHOR: 'AUTHOR',
+	ANONYMOUS: 'ANONYMOUS',
 };
 
 export enum RoleType {

frontend/src/utils/permission/index.ts

@@ -69,7 +69,7 @@ export const routePermission: Record<keyof typeof ROUTES, ROLES[]> = {
 	ALERT_OVERVIEW: ['ADMIN', 'EDITOR', 'VIEWER'],
 	LOGIN: ['ADMIN', 'EDITOR', 'VIEWER'],
 	FORGOT_PASSWORD: ['ADMIN', 'EDITOR', 'VIEWER'],
-	NOT_FOUND: ['ADMIN', 'VIEWER', 'EDITOR'],
+	NOT_FOUND: ['ADMIN', 'VIEWER', 'EDITOR', 'ANONYMOUS'],
 	PASSWORD_RESET: ['ADMIN', 'EDITOR', 'VIEWER'],
 	SERVICE_METRICS: ['ADMIN', 'EDITOR', 'VIEWER'],
 	SETTINGS: ['ADMIN', 'EDITOR', 'VIEWER'],
@@ -77,7 +77,7 @@ export const routePermission: Record<keyof typeof ROUTES, ROLES[]> = {
 	TRACES_EXPLORER: ['ADMIN', 'EDITOR', 'VIEWER'],
 	TRACE: ['ADMIN', 'EDITOR', 'VIEWER'],
 	TRACE_DETAIL: ['ADMIN', 'EDITOR', 'VIEWER'],
-	UN_AUTHORIZED: ['ADMIN', 'EDITOR', 'VIEWER'],
+	UN_AUTHORIZED: ['ADMIN', 'EDITOR', 'VIEWER', 'ANONYMOUS'],
 	USAGE_EXPLORER: ['ADMIN', 'EDITOR', 'VIEWER'],
 	VERSION: ['ADMIN', 'EDITOR', 'VIEWER'],
 	LOGS: ['ADMIN', 'EDITOR', 'VIEWER'],
@@ -101,7 +101,7 @@ export const routePermission: Record<keyof typeof ROUTES, ROLES[]> = {
 	ROLE_DETAILS: ['ADMIN'],
 	MEMBERS_SETTINGS: ['ADMIN'],
 	BILLING: ['ADMIN'],
-	SUPPORT: ['ADMIN', 'EDITOR', 'VIEWER'],
+	SUPPORT: ['ADMIN', 'EDITOR', 'VIEWER', 'ANONYMOUS'],
 	SOMETHING_WENT_WRONG: ['ADMIN', 'EDITOR', 'VIEWER'],
 	LOGS_SAVE_VIEWS: ['ADMIN', 'EDITOR', 'VIEWER'],
 	TRACES_SAVE_VIEWS: ['ADMIN', 'EDITOR', 'VIEWER'],

frontend/yarn.lock

@@ -4506,6 +4506,19 @@
     "@radix-ui/react-use-callback-ref" "1.1.1"
     "@radix-ui/react-use-escape-keydown" "1.1.1"
 
+"@radix-ui/react-dropdown-menu@^2.1.16":
+  version "2.1.16"
+  resolved "https://registry.yarnpkg.com/@radix-ui/react-dropdown-menu/-/react-dropdown-menu-2.1.16.tgz#5ee045c62bad8122347981c479d92b1ff24c7254"
+  integrity sha512-1PLGQEynI/3OX/ftV54COn+3Sud/Mn8vALg2rWnBLnRaGtJDduNW/22XjlGgPdpcIbiQxjKtb7BkcjP00nqfJw==
+  dependencies:
+    "@radix-ui/primitive" "1.1.3"
+    "@radix-ui/react-compose-refs" "1.1.2"
+    "@radix-ui/react-context" "1.1.2"
+    "@radix-ui/react-id" "1.1.1"
+    "@radix-ui/react-menu" "2.1.16"
+    "@radix-ui/react-primitive" "2.1.3"
+    "@radix-ui/react-use-controllable-state" "1.2.2"
+
 "@radix-ui/react-focus-guards@1.0.0":
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/@radix-ui/react-focus-guards/-/react-focus-guards-1.0.0.tgz#339c1c69c41628c1a5e655f15f7020bf11aa01fa"
@@ -4565,6 +4578,30 @@
   dependencies:
     "@radix-ui/react-use-layout-effect" "1.1.1"
 
+"@radix-ui/react-menu@2.1.16":
+  version "2.1.16"
+  resolved "https://registry.yarnpkg.com/@radix-ui/react-menu/-/react-menu-2.1.16.tgz#528a5a973c3a7413d3d49eb9ccd229aa52402911"
+  integrity sha512-72F2T+PLlphrqLcAotYPp0uJMr5SjP5SL01wfEspJbru5Zs5vQaSHb4VB3ZMJPimgHHCHG7gMOeOB9H3Hdmtxg==
+  dependencies:
+    "@radix-ui/primitive" "1.1.3"
+    "@radix-ui/react-collection" "1.1.7"
+    "@radix-ui/react-compose-refs" "1.1.2"
+    "@radix-ui/react-context" "1.1.2"
+    "@radix-ui/react-direction" "1.1.1"
+    "@radix-ui/react-dismissable-layer" "1.1.11"
+    "@radix-ui/react-focus-guards" "1.1.3"
+    "@radix-ui/react-focus-scope" "1.1.7"
+    "@radix-ui/react-id" "1.1.1"
+    "@radix-ui/react-popper" "1.2.8"
+    "@radix-ui/react-portal" "1.1.9"
+    "@radix-ui/react-presence" "1.1.5"
+    "@radix-ui/react-primitive" "2.1.3"
+    "@radix-ui/react-roving-focus" "1.1.11"
+    "@radix-ui/react-slot" "1.2.3"
+    "@radix-ui/react-use-callback-ref" "1.1.1"
+    aria-hidden "^1.2.4"
+    react-remove-scroll "^2.6.3"
+
 "@radix-ui/react-popover@^1.1.15", "@radix-ui/react-popover@^1.1.2":
   version "1.1.15"
   resolved "https://registry.yarnpkg.com/@radix-ui/react-popover/-/react-popover-1.1.15.tgz#9c852f93990a687ebdc949b2c3de1f37cdc4c5d5"
@@ -4804,6 +4841,20 @@
     "@radix-ui/react-roving-focus" "1.0.4"
     "@radix-ui/react-use-controllable-state" "1.0.1"
 
+"@radix-ui/react-tabs@^1.1.3":
+  version "1.1.13"
+  resolved "https://registry.yarnpkg.com/@radix-ui/react-tabs/-/react-tabs-1.1.13.tgz#3537ce379d7e7ff4eeb6b67a0973e139c2ac1f15"
+  integrity sha512-7xdcatg7/U+7+Udyoj2zodtI9H/IIopqo+YOIcZOq1nJwXWBZ9p8xiu5llXlekDbZkca79a/fozEYQXIA4sW6A==
+  dependencies:
+    "@radix-ui/primitive" "1.1.3"
+    "@radix-ui/react-context" "1.1.2"
+    "@radix-ui/react-direction" "1.1.1"
+    "@radix-ui/react-id" "1.1.1"
+    "@radix-ui/react-presence" "1.1.5"
+    "@radix-ui/react-primitive" "2.1.3"
+    "@radix-ui/react-roving-focus" "1.1.11"
+    "@radix-ui/react-use-controllable-state" "1.2.2"
+
 "@radix-ui/react-toggle-group@^1.1.7":
   version "1.1.11"
   resolved "https://registry.yarnpkg.com/@radix-ui/react-toggle-group/-/react-toggle-group-1.1.11.tgz#e513d6ffdb07509b400ab5b26f2523747c0d51c1"
@@ -5675,6 +5726,42 @@
     tailwind-merge "^2.5.2"
     tailwindcss-animate "^1.0.7"
 
+"@signozhq/ui@0.0.5":
+  version "0.0.5"
+  resolved "https://registry.yarnpkg.com/@signozhq/ui/-/ui-0.0.5.tgz#8badef53416b7ace0fe61ff01ff3da679a0e4ba5"
+  integrity sha512-4vPvUh3rwpst068qXUZ26JfCQGv1vo1xMSwtKw6wTjiiq1Bf3geP84HWVXycNMIrIeVnUgDGnqe0D4doh+mL8A==
+  dependencies:
+    "@radix-ui/react-checkbox" "^1.2.3"
+    "@radix-ui/react-dialog" "^1.1.11"
+    "@radix-ui/react-dropdown-menu" "^2.1.16"
+    "@radix-ui/react-icons" "^1.3.0"
+    "@radix-ui/react-popover" "^1.1.15"
+    "@radix-ui/react-radio-group" "^1.3.4"
+    "@radix-ui/react-slot" "^1.2.3"
+    "@radix-ui/react-switch" "^1.1.4"
+    "@radix-ui/react-tabs" "^1.1.3"
+    "@radix-ui/react-toggle" "^1.1.6"
+    "@radix-ui/react-toggle-group" "^1.1.7"
+    "@radix-ui/react-tooltip" "^1.2.6"
+    "@tanstack/react-table" "^8.21.3"
+    "@tanstack/react-virtual" "^3.13.9"
+    "@types/lodash-es" "^4.17.12"
+    class-variance-authority "^0.7.0"
+    clsx "^2.1.1"
+    cmdk "^1.1.1"
+    date-fns "^4.1.0"
+    dayjs "^1.11.10"
+    lodash-es "^4.17.21"
+    lucide-react "^0.445.0"
+    lucide-solid "^0.510.0"
+    motion "^11.11.17"
+    next-themes "^0.4.6"
+    nuqs "^2.8.9"
+    react-day-picker "^9.8.1"
+    react-resizable-panels "^4.7.1"
+    sonner "^2.0.7"
+    tailwind-merge "^3.5.0"
+
 "@sinclair/typebox@^0.25.16":
   version "0.25.24"
   resolved "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.24.tgz"
@@ -9573,6 +9660,11 @@ dayjs@^1.10.7, dayjs@^1.11.1:
   resolved "https://registry.npmjs.org/dayjs/-/dayjs-1.11.7.tgz"
   integrity sha512-+Yw9U6YO5TQohxLcIkrXBeY73WP3ejHWVvx8XCk3gxvQDCTEmS48ZrSZCKciI7Bhl/uCMyxYtE9UqRILmFphkQ==
 
+dayjs@^1.11.10:
+  version "1.11.20"
+  resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.11.20.tgz#88d919fd639dc991415da5f4cb6f1b6650811938"
+  integrity sha512-YbwwqR/uYpeoP4pu043q+LTDLFBLApUP6VxRihdfNTqu4ubqMlGDLd6ErXhEgsyvY0K6nCs7nggYumAN+9uEuQ==
+
 debounce@^1.2.1:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/debounce/-/debounce-1.2.1.tgz#38881d8f4166a5c5848020c11827b834bcb3e0a5"
@@ -11092,6 +11184,15 @@ fraction.js@^4.3.7:
   resolved "https://registry.yarnpkg.com/fraction.js/-/fraction.js-4.3.7.tgz#06ca0085157e42fda7f9e726e79fefc4068840f7"
   integrity sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==
 
+framer-motion@^11.18.2:
+  version "11.18.2"
+  resolved "https://registry.yarnpkg.com/framer-motion/-/framer-motion-11.18.2.tgz#0c6bd05677f4cfd3b3bdead4eb5ecdd5ed245718"
+  integrity sha512-5F5Och7wrvtLVElIpclDT0CBzMVg3dL22B64aZwHtsIY8RB4mXICLrkajK4G9R+ieSAGcgrLeae2SeUTg2pr6w==
+  dependencies:
+    motion-dom "^11.18.1"
+    motion-utils "^11.18.1"
+    tslib "^2.4.0"
+
 framer-motion@^12.4.13:
   version "12.4.13"
   resolved "https://registry.yarnpkg.com/framer-motion/-/framer-motion-12.4.13.tgz#1efd954f95e6a54685b660929c00f5a61e35256a"
@@ -15002,6 +15103,13 @@ moment@^2.29.4:
   resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108"
   integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==
 
+motion-dom@^11.18.1:
+  version "11.18.1"
+  resolved "https://registry.yarnpkg.com/motion-dom/-/motion-dom-11.18.1.tgz#e7fed7b7dc6ae1223ef1cce29ee54bec826dc3f2"
+  integrity sha512-g76KvA001z+atjfxczdRtw/RXOM3OMSdd1f4DL77qCTF/+avrRJiawSG4yDibEQ215sr9kpinSlX2pCTJ9zbhw==
+  dependencies:
+    motion-utils "^11.18.1"
+
 motion-dom@^12.4.11:
   version "12.4.11"
   resolved "https://registry.yarnpkg.com/motion-dom/-/motion-dom-12.4.11.tgz#0419c8686cda4d523f08249deeb8fa6683a9b9d3"
@@ -15009,6 +15117,11 @@ motion-dom@^12.4.11:
   dependencies:
     motion-utils "^12.4.10"
 
+motion-utils@^11.18.1:
+  version "11.18.1"
+  resolved "https://registry.yarnpkg.com/motion-utils/-/motion-utils-11.18.1.tgz#671227669833e991c55813cf337899f41327db5b"
+  integrity sha512-49Kt+HKjtbJKLtgO/LKj9Ld+6vw9BjH5d9sc40R/kVyH8GLAXgT42M2NnuPcJNuA3s9ZfZBUcwIgpmZWGEE+hA==
+
 motion-utils@^12.4.10:
   version "12.4.10"
   resolved "https://registry.yarnpkg.com/motion-utils/-/motion-utils-12.4.10.tgz#3d93acea5454419eaaad8d5e5425cb71cbfa1e7f"
@@ -15022,6 +15135,14 @@ motion@12.4.13:
     framer-motion "^12.4.13"
     tslib "^2.4.0"
 
+motion@^11.11.17:
+  version "11.18.2"
+  resolved "https://registry.yarnpkg.com/motion/-/motion-11.18.2.tgz#17fb372f3ed94fc9ee1384a25a9068e9da1951e7"
+  integrity sha512-JLjvFDuFr42NFtcVoMAyC2sEjnpA8xpy6qWPyzQvCloznAyQ8FIXioxWfHiLtgYhoVpfUqSWpn1h9++skj9+Wg==
+  dependencies:
+    framer-motion "^11.18.2"
+    tslib "^2.4.0"
+
 mri@^1.1.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/mri/-/mri-1.2.0.tgz#6721480fec2a11a4889861115a48b6cbe7cc8f0b"
@@ -15292,6 +15413,13 @@ nuqs@2.8.8:
   dependencies:
     "@standard-schema/spec" "1.0.0"
 
+nuqs@^2.8.9:
+  version "2.8.9"
+  resolved "https://registry.yarnpkg.com/nuqs/-/nuqs-2.8.9.tgz#e2c27d87c0dd0e3b4412fe867bcd0947cc4c998f"
+  integrity sha512-8ou6AEwsxMWSYo2qkfZtYFVzngwbKmg4c00HVxC1fF6CEJv3Fwm6eoZmfVPALB+vw8Udo7KL5uy96PFcYe1BIQ==
+  dependencies:
+    "@standard-schema/spec" "1.0.0"
+
 nwsapi@^2.2.2:
   version "2.2.23"
   resolved "https://registry.yarnpkg.com/nwsapi/-/nwsapi-2.2.23.tgz#59712c3a88e6de2bb0b6ccc1070397267019cf6c"
@@ -16957,6 +17085,11 @@ react-resizable-panels@^3.0.5:
   resolved "https://registry.yarnpkg.com/react-resizable-panels/-/react-resizable-panels-3.0.5.tgz#50a20645263eed02344de4a70d1319bbc0014bbd"
   integrity sha512-3z1yN25DMTXLg2wfyFrW32r5k4WEcUa3F7cJ2EgtNK07lnOs4mpM8yWLGunCpkhcQRwJX4fqoLcIh/pHPxzlmQ==
 
+react-resizable-panels@^4.7.1:
+  version "4.7.3"
+  resolved "https://registry.yarnpkg.com/react-resizable-panels/-/react-resizable-panels-4.7.3.tgz#4040aa0f5c5c4cc4bb685cb69973601ccda3b014"
+  integrity sha512-PYcYMLtvJD+Pr0TQNeMvddcnLOwUa/Yb4iNwU7ThNLlHaQYEEC9MIBWHaBGODzYuXIkPRZ/OWe5sbzG1Rzq5ew==
+
 react-resizable@3.0.4:
   version "3.0.4"
   resolved "https://registry.npmjs.org/react-resizable/-/react-resizable-3.0.4.tgz"
@@ -18797,6 +18930,11 @@ tailwind-merge@^2.5.2:
   resolved "https://registry.yarnpkg.com/tailwind-merge/-/tailwind-merge-2.6.0.tgz#ac5fb7e227910c038d458f396b7400d93a3142d5"
   integrity sha512-P+Vu1qXfzediirmHOC3xKGAYeZtPcV9g76X+xg2FD4tYgR71ewMA35Y3sCz3zhiN/dwefRpJX0yBcgwi1fXNQA==
 
+tailwind-merge@^3.5.0:
+  version "3.5.0"
+  resolved "https://registry.yarnpkg.com/tailwind-merge/-/tailwind-merge-3.5.0.tgz#06502f4496ba15151445d97d916a26564d50d1ca"
+  integrity sha512-I8K9wewnVDkL1NTGoqWmVEIlUcB9gFriAEkXkfCjX5ib8ezGxtR3xD7iZIxrfArjEsH7F1CHD4RFUtxefdqV/A==
+
 tailwindcss-animate@^1.0.7:
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/tailwindcss-animate/-/tailwindcss-animate-1.0.7.tgz#318b692c4c42676cc9e67b19b78775742388bef4"

go.mod

@@ -11,12 +11,10 @@ require (
 	github.com/SigNoz/signoz-otel-collector v0.144.2
 	github.com/antlr4-go/antlr/v4 v4.13.1
 	github.com/antonmedv/expr v1.15.3
-	github.com/bytedance/sonic v1.14.1
 	github.com/cespare/xxhash/v2 v2.3.0
 	github.com/coreos/go-oidc/v3 v3.17.0
 	github.com/dgraph-io/ristretto/v2 v2.3.0
 	github.com/dustin/go-humanize v1.0.1
-	github.com/emersion/go-smtp v0.24.0
 	github.com/gin-gonic/gin v1.11.0
 	github.com/go-co-op/gocron v1.30.1
 	github.com/go-openapi/runtime v0.29.2
@@ -65,7 +63,6 @@ require (
 	github.com/uptrace/bun/dialect/pgdialect v1.2.9
 	github.com/uptrace/bun/dialect/sqlitedialect v1.2.9
 	github.com/uptrace/bun/extra/bunotel v1.2.9
-	github.com/yuin/goldmark v1.7.16
 	go.opentelemetry.io/collector/confmap v1.51.0
 	go.opentelemetry.io/collector/otelcol v0.144.0
 	go.opentelemetry.io/collector/pdata v1.51.0
@@ -108,9 +105,9 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/sts v1.41.6 // indirect
 	github.com/aws/smithy-go v1.24.0 // indirect
 	github.com/bytedance/gopkg v0.1.3 // indirect
+	github.com/bytedance/sonic v1.14.1 // indirect
 	github.com/bytedance/sonic/loader v0.3.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
-	github.com/emersion/go-sasl v0.0.0-20241020182733-b788ff22d5a6 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
 	github.com/go-openapi/swag/cmdutils v0.25.4 // indirect
 	github.com/go-openapi/swag/conv v0.25.4 // indirect
@@ -164,7 +161,7 @@ require (
 	github.com/ClickHouse/ch-go v0.67.0 // indirect
 	github.com/Masterminds/squirrel v1.5.4 // indirect
 	github.com/Yiling-J/theine-go v0.6.2 // indirect
-	github.com/alecthomas/units v0.0.0-20240927000941-0f3dac36c52b
+	github.com/alecthomas/units v0.0.0-20240927000941-0f3dac36c52b // indirect
 	github.com/andybalholm/brotli v1.2.0 // indirect
 	github.com/armon/go-metrics v0.4.1 // indirect
 	github.com/beevik/etree v1.1.0 // indirect

go.sum

@@ -1142,8 +1142,6 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-github.com/yuin/goldmark v1.7.16 h1:n+CJdUxaFMiDUNnWC3dMWCIQJSkxH4uz3ZwQBkAlVNE=
-github.com/yuin/goldmark v1.7.16/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg=
 github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
 github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
 github.com/zeebo/assert v1.3.1 h1:vukIABvugfNMZMQO1ABsyQDJDTVQbn+LWSMy1ol1h6A=

pkg/alertmanager/alertmanagernotify/email/email.go

@@ -1,430 +0,0 @@
-package email
-
-import (
-	"bytes"
-	"context"
-	"crypto/tls"
-	"fmt"
-	"log/slog"
-	"math/rand"
-	"mime"
-	"mime/multipart"
-	"mime/quotedprintable"
-	"net"
-	"net/mail"
-	"net/smtp"
-	"net/textproto"
-	"os"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "email"
-)
-
-// Email implements a Notifier for email notifications.
-type Email struct {
-	conf     *config.EmailConfig
-	tmpl     *template.Template
-	logger   *slog.Logger
-	hostname string
-}
-
-var errNoAuthUserNameConfigured = errors.NewInternalf(errors.CodeInternal, "no auth username configured")
-
-// New returns a new Email notifier.
-func New(c *config.EmailConfig, t *template.Template, l *slog.Logger) *Email {
-	if _, ok := c.Headers["Subject"]; !ok {
-		c.Headers["Subject"] = config.DefaultEmailSubject
-	}
-	if _, ok := c.Headers["To"]; !ok {
-		c.Headers["To"] = c.To
-	}
-	if _, ok := c.Headers["From"]; !ok {
-		c.Headers["From"] = c.From
-	}
-
-	h, err := os.Hostname()
-	// If we can't get the hostname, we'll use localhost
-	if err != nil {
-		h = "localhost.localdomain"
-	}
-	return &Email{conf: c, tmpl: t, logger: l, hostname: h}
-}
-
-// auth resolves a string of authentication mechanisms.
-func (n *Email) auth(mechs string) (smtp.Auth, error) {
-	username := n.conf.AuthUsername
-
-	// If no username is set, return custom error which can be ignored if needed.
-	if n.conf.AuthUsername == "" {
-		return nil, errNoAuthUserNameConfigured
-	}
-
-	err := &types.MultiError{}
-	for mech := range strings.SplitSeq(mechs, " ") {
-		switch mech {
-		case "CRAM-MD5":
-			secret, secretErr := n.getAuthSecret()
-			if secretErr != nil {
-				err.Add(secretErr)
-				continue
-			}
-			if secret == "" {
-				err.Add(errors.NewInternalf(errors.CodeInternal, "missing secret for CRAM-MD5 auth mechanism"))
-				continue
-			}
-			return smtp.CRAMMD5Auth(username, secret), nil
-
-		case "PLAIN":
-			password, passwordErr := n.getPassword()
-			if passwordErr != nil {
-				err.Add(passwordErr)
-				continue
-			}
-			if password == "" {
-				err.Add(errors.NewInternalf(errors.CodeInternal, "missing password for PLAIN auth mechanism"))
-				continue
-			}
-			identity := n.conf.AuthIdentity
-
-			return smtp.PlainAuth(identity, username, password, n.conf.Smarthost.Host), nil
-		case "LOGIN":
-			password, passwordErr := n.getPassword()
-			if passwordErr != nil {
-				err.Add(passwordErr)
-				continue
-			}
-			if password == "" {
-				err.Add(errors.NewInternalf(errors.CodeInternal, "missing password for LOGIN auth mechanism"))
-				continue
-			}
-			return LoginAuth(username, password), nil
-		}
-	}
-	if err.Len() == 0 {
-		err.Add(errors.NewInternalf(errors.CodeInternal, "unknown auth mechanism: %s", mechs))
-	}
-	return nil, err
-}
-
-// Notify implements the Notifier interface.
-func (n *Email) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-	var (
-		c       *smtp.Client
-		conn    net.Conn
-		err     error
-		success = false
-	)
-	// Determine whether to use Implicit TLS
-	var useImplicitTLS bool
-	if n.conf.ForceImplicitTLS != nil {
-		useImplicitTLS = *n.conf.ForceImplicitTLS
-	} else {
-		// Default logic: port 465 uses implicit TLS (backward compatibility)
-		useImplicitTLS = n.conf.Smarthost.Port == "465"
-	}
-
-	if useImplicitTLS {
-		tlsConfig, err := commoncfg.NewTLSConfig(n.conf.TLSConfig)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "parse TLS configuration")
-		}
-		if tlsConfig.ServerName == "" {
-			tlsConfig.ServerName = n.conf.Smarthost.Host
-		}
-
-		conn, err = tls.Dial("tcp", n.conf.Smarthost.String(), tlsConfig)
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "establish TLS connection to server")
-		}
-	} else {
-		var (
-			d   = net.Dialer{}
-			err error
-		)
-		conn, err = d.DialContext(ctx, "tcp", n.conf.Smarthost.String())
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "establish connection to server")
-		}
-	}
-	c, err = smtp.NewClient(conn, n.conf.Smarthost.Host)
-	if err != nil {
-		conn.Close()
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "create SMTP client")
-	}
-	defer func() {
-		// Try to clean up after ourselves but don't log anything if something has failed.
-		if err := c.Quit(); success && err != nil {
-			n.logger.WarnContext(ctx, "failed to close SMTP connection", "err", err)
-		}
-	}()
-
-	if n.conf.Hello != "" {
-		err = c.Hello(n.conf.Hello)
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "send EHLO command")
-		}
-	}
-
-	// Global Config guarantees RequireTLS is not nil.
-	if *n.conf.RequireTLS && !useImplicitTLS {
-		if ok, _ := c.Extension("STARTTLS"); !ok {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "'require_tls' is true (default) but %q does not advertise the STARTTLS extension", n.conf.Smarthost)
-		}
-
-		tlsConf, err := commoncfg.NewTLSConfig(n.conf.TLSConfig)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "parse TLS configuration")
-		}
-		if tlsConf.ServerName == "" {
-			tlsConf.ServerName = n.conf.Smarthost.Host
-		}
-
-		if err := c.StartTLS(tlsConf); err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "send STARTTLS command")
-		}
-	}
-
-	if ok, mech := c.Extension("AUTH"); ok {
-		auth, err := n.auth(mech)
-		if err != nil && err != errNoAuthUserNameConfigured {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "find auth mechanism")
-		} else if err == errNoAuthUserNameConfigured {
-			n.logger.DebugContext(ctx, "no auth username configured. Attempting to send email without authenticating")
-		}
-		if auth != nil {
-			if err := c.Auth(auth); err != nil {
-				return true, errors.WrapInternalf(err, errors.CodeInternal, "%T auth", auth)
-			}
-		}
-	}
-
-	var (
-		tmplErr error
-		data    = notify.GetTemplateData(ctx, n.tmpl, as, n.logger)
-		tmpl    = notify.TmplText(n.tmpl, data, &tmplErr)
-	)
-	from := tmpl(n.conf.From)
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "execute 'from' template")
-	}
-	to := tmpl(n.conf.To)
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "execute 'to' template")
-	}
-
-	addrs, err := mail.ParseAddressList(from)
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "parse 'from' addresses")
-	}
-	if len(addrs) != 1 {
-		return false, errors.NewInternalf(errors.CodeInternal, "must be exactly one 'from' address (got: %d)", len(addrs))
-	}
-	if err = c.Mail(addrs[0].Address); err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "send MAIL command")
-	}
-	addrs, err = mail.ParseAddressList(to)
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "parse 'to' addresses")
-	}
-	for _, addr := range addrs {
-		if err = c.Rcpt(addr.Address); err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "send RCPT command")
-		}
-	}
-
-	// Send the email headers and body.
-	message, err := c.Data()
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "send DATA command")
-	}
-	closeOnce := sync.OnceValue(func() error {
-		return message.Close()
-	})
-	// Close the message when this method exits in order to not leak resources. Even though we're calling this explicitly
-	// further down, the method may exit before then.
-	defer func() {
-		// If we try close an already-closed writer, it'll send a subsequent request to the server which is invalid.
-		_ = closeOnce()
-	}()
-
-	buffer := &bytes.Buffer{}
-	for header, t := range n.conf.Headers {
-		value, err := n.tmpl.ExecuteTextString(t, data)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "execute %q header template", header)
-		}
-		fmt.Fprintf(buffer, "%s: %s\r\n", header, mime.QEncoding.Encode("utf-8", value))
-	}
-
-	if _, ok := n.conf.Headers["Message-Id"]; !ok {
-		fmt.Fprintf(buffer, "Message-Id: %s\r\n", fmt.Sprintf("<%d.%d@%s>", time.Now().UnixNano(), rand.Uint64(), n.hostname))
-	}
-
-	if n.conf.Threading.Enabled {
-		key, err := notify.ExtractGroupKey(ctx)
-		if err != nil {
-			return false, err
-		}
-		// Add threading headers. All notifications for the same alert group
-		// (identified by key hash) are threaded together.
-		threadBy := ""
-		if n.conf.Threading.ThreadByDate != "none" {
-			// ThreadByDate is 'daily':
-			// Use current date so all mails for this alert today thread together.
-			threadBy = time.Now().Format("2006-01-02")
-		}
-		keyHash := key.Hash()
-		if len(keyHash) > 16 {
-			keyHash = keyHash[:16]
-		}
-		// The thread root ID is a Message-ID that doesn't correspond to
-		// any actual email. Email clients following the (commonly used) JWZ
-		// algorithm will create a dummy container to group these messages.
-		threadRootID := fmt.Sprintf("<alert-%s-%s@alertmanager>", keyHash, threadBy)
-		fmt.Fprintf(buffer, "References: %s\r\n", threadRootID)
-		fmt.Fprintf(buffer, "In-Reply-To: %s\r\n", threadRootID)
-	}
-
-	multipartBuffer := &bytes.Buffer{}
-	multipartWriter := multipart.NewWriter(multipartBuffer)
-
-	fmt.Fprintf(buffer, "Date: %s\r\n", time.Now().Format(time.RFC1123Z))
-	fmt.Fprintf(buffer, "Content-Type: multipart/alternative;  boundary=%s\r\n", multipartWriter.Boundary())
-	fmt.Fprintf(buffer, "MIME-Version: 1.0\r\n\r\n")
-
-	// TODO: Add some useful headers here, such as URL of the alertmanager
-	// and active/resolved.
-	_, err = message.Write(buffer.Bytes())
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "write headers")
-	}
-
-	if len(n.conf.Text) > 0 {
-		// Text template
-		w, err := multipartWriter.CreatePart(textproto.MIMEHeader{
-			"Content-Transfer-Encoding": {"quoted-printable"},
-			"Content-Type":              {"text/plain; charset=UTF-8"},
-		})
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "create part for text template")
-		}
-		body, err := n.tmpl.ExecuteTextString(n.conf.Text, data)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "execute text template")
-		}
-		qw := quotedprintable.NewWriter(w)
-		_, err = qw.Write([]byte(body))
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "write text part")
-		}
-		err = qw.Close()
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "close text part")
-		}
-	}
-
-	if len(n.conf.HTML) > 0 {
-		// Html template
-		// Preferred alternative placed last per section 5.1.4 of RFC 2046
-		// https://www.ietf.org/rfc/rfc2046.txt
-		w, err := multipartWriter.CreatePart(textproto.MIMEHeader{
-			"Content-Transfer-Encoding": {"quoted-printable"},
-			"Content-Type":              {"text/html; charset=UTF-8"},
-		})
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "create part for html template")
-		}
-		body, err := n.tmpl.ExecuteHTMLString(n.conf.HTML, data)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "execute html template")
-		}
-		qw := quotedprintable.NewWriter(w)
-		_, err = qw.Write([]byte(body))
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "write HTML part")
-		}
-		err = qw.Close()
-		if err != nil {
-			return true, errors.WrapInternalf(err, errors.CodeInternal, "close HTML part")
-		}
-	}
-
-	err = multipartWriter.Close()
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "close multipartWriter")
-	}
-
-	_, err = message.Write(multipartBuffer.Bytes())
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "write body buffer")
-	}
-
-	// Complete the message and await response.
-	if err = closeOnce(); err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "delivery failure")
-	}
-
-	success = true
-	return false, nil
-}
-
-type loginAuth struct {
-	username, password string
-}
-
-func LoginAuth(username, password string) smtp.Auth {
-	return &loginAuth{username, password}
-}
-
-func (a *loginAuth) Start(server *smtp.ServerInfo) (string, []byte, error) {
-	return "LOGIN", []byte{}, nil
-}
-
-// Used for AUTH LOGIN. (Maybe password should be encrypted).
-func (a *loginAuth) Next(fromServer []byte, more bool) ([]byte, error) {
-	if more {
-		switch strings.ToLower(string(fromServer)) {
-		case "username:":
-			return []byte(a.username), nil
-		case "password:":
-			return []byte(a.password), nil
-		default:
-			return nil, errors.NewInternalf(errors.CodeInternal, "unexpected server challenge")
-		}
-	}
-	return nil, nil
-}
-
-func (n *Email) getPassword() (string, error) {
-	if len(n.conf.AuthPasswordFile) > 0 {
-		content, err := os.ReadFile(n.conf.AuthPasswordFile)
-		if err != nil {
-			return "", errors.NewInternalf(errors.CodeInternal, "could not read %s: %v", n.conf.AuthPasswordFile, err)
-		}
-		return strings.TrimSpace(string(content)), nil
-	}
-	return string(n.conf.AuthPassword), nil
-}
-
-func (n *Email) getAuthSecret() (string, error) {
-	if len(n.conf.AuthSecretFile) > 0 {
-		content, err := os.ReadFile(n.conf.AuthSecretFile)
-		if err != nil {
-			return "", errors.NewInternalf(errors.CodeInternal, "could not read %s: %v", n.conf.AuthSecretFile, err)
-		}
-		return string(content), nil
-	}
-	return string(n.conf.AuthSecret), nil
-}

pkg/alertmanager/alertmanagernotify/email/testdata/auth-local.yml

@@ -1,4 +0,0 @@
-smarthost: 127.0.0.1:1026
-server: http://127.0.0.1:1081/
-username: user
-password: pass

pkg/alertmanager/alertmanagernotify/email/testdata/auth.yml

@@ -1,4 +0,0 @@
-smarthost: maildev-auth:1025
-server: http://maildev-auth:1080/
-username: user
-password: pass

pkg/alertmanager/alertmanagernotify/email/testdata/noauth-local.yml

@@ -1,2 +0,0 @@
-smarthost: 127.0.0.1:1025
-server: http://127.0.0.1:1080/

pkg/alertmanager/alertmanagernotify/email/testdata/noauth.yml

@@ -1,2 +0,0 @@
-smarthost: maildev-noauth:1025
-server: http://maildev-noauth:1080/

pkg/alertmanager/alertmanagernotify/msteamsv2/msteamsv2.go

@@ -27,10 +27,6 @@ const (
 	colorGrey  = "Warning"
 )
 
-const (
-	Integration = "msteamsv2"
-)
-
 type Notifier struct {
 	conf         *config.MSTeamsV2Config
 	titleLink    string
@@ -91,7 +87,7 @@ type teamsMessage struct {
 
 // New returns a new notifier that uses the Microsoft Teams Power Platform connector.
 func New(c *config.MSTeamsV2Config, t *template.Template, titleLink string, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
+	client, err := commoncfg.NewClientFromConfig(*c.HTTPConfig, "msteamsv2", httpOpts...)
 	if err != nil {
 		return nil, err
 	}

pkg/alertmanager/alertmanagernotify/opsgenie/api_key_file

@@ -1,2 +0,0 @@
-my_secret_api_key
-

pkg/alertmanager/alertmanagernotify/opsgenie/opsgenie.go

@@ -1,290 +0,0 @@
-package opsgenie
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"log/slog"
-	"maps"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "opsgenie"
-)
-
-// https://docs.opsgenie.com/docs/alert-api - 130 characters meaning runes.
-const maxMessageLenRunes = 130
-
-// Notifier implements a Notifier for OpsGenie notifications.
-type Notifier struct {
-	conf    *config.OpsGenieConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	client  *http.Client
-	retrier *notify.Retrier
-}
-
-// New returns a new OpsGenie notifier.
-func New(c *config.OpsGenieConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return &Notifier{
-		conf:    c,
-		tmpl:    t,
-		logger:  l,
-		client:  client,
-		retrier: &notify.Retrier{RetryCodes: []int{http.StatusTooManyRequests}},
-	}, nil
-}
-
-type opsGenieCreateMessage struct {
-	Alias       string                           `json:"alias"`
-	Message     string                           `json:"message"`
-	Description string                           `json:"description,omitempty"`
-	Details     map[string]string                `json:"details"`
-	Source      string                           `json:"source"`
-	Responders  []opsGenieCreateMessageResponder `json:"responders,omitempty"`
-	Tags        []string                         `json:"tags,omitempty"`
-	Note        string                           `json:"note,omitempty"`
-	Priority    string                           `json:"priority,omitempty"`
-	Entity      string                           `json:"entity,omitempty"`
-	Actions     []string                         `json:"actions,omitempty"`
-}
-
-type opsGenieCreateMessageResponder struct {
-	ID       string `json:"id,omitempty"`
-	Name     string `json:"name,omitempty"`
-	Username string `json:"username,omitempty"`
-	Type     string `json:"type"` // team, user, escalation, schedule etc.
-}
-
-type opsGenieCloseMessage struct {
-	Source string `json:"source"`
-}
-
-type opsGenieUpdateMessageMessage struct {
-	Message string `json:"message,omitempty"`
-}
-
-type opsGenieUpdateDescriptionMessage struct {
-	Description string `json:"description,omitempty"`
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-	requests, retry, err := n.createRequests(ctx, as...)
-	if err != nil {
-		return retry, err
-	}
-
-	for _, req := range requests {
-		req.Header.Set("User-Agent", notify.UserAgentHeader)
-		resp, err := n.client.Do(req) //nolint:bodyclose
-		if err != nil {
-			return true, err
-		}
-		shouldRetry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-		notify.Drain(resp)
-		if err != nil {
-			return shouldRetry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-		}
-	}
-	return true, nil
-}
-
-// Like Split but filter out empty strings.
-func safeSplit(s, sep string) []string {
-	a := strings.Split(strings.TrimSpace(s), sep)
-	b := a[:0]
-	for _, x := range a {
-		if x != "" {
-			b = append(b, x)
-		}
-	}
-	return b
-}
-
-// Create requests for a list of alerts.
-func (n *Notifier) createRequests(ctx context.Context, as ...*types.Alert) ([]*http.Request, bool, error) {
-	key, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return nil, false, err
-	}
-	logger := n.logger.With("group_key", key)
-	logger.DebugContext(ctx, "extracted group key")
-
-	data := notify.GetTemplateData(ctx, n.tmpl, as, logger)
-
-	tmpl := notify.TmplText(n.tmpl, data, &err)
-
-	details := make(map[string]string)
-
-	maps.Copy(details, data.CommonLabels)
-
-	for k, v := range n.conf.Details {
-		details[k] = tmpl(v)
-	}
-
-	requests := []*http.Request{}
-
-	var (
-		alias  = key.Hash()
-		alerts = types.Alerts(as...)
-	)
-	switch alerts.Status() {
-	case model.AlertResolved:
-		resolvedEndpointURL := n.conf.APIURL.Copy()
-		resolvedEndpointURL.Path += fmt.Sprintf("v2/alerts/%s/close", alias)
-		q := resolvedEndpointURL.Query()
-		q.Set("identifierType", "alias")
-		resolvedEndpointURL.RawQuery = q.Encode()
-		msg := &opsGenieCloseMessage{Source: tmpl(n.conf.Source)}
-		var buf bytes.Buffer
-		if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-			return nil, false, err
-		}
-		req, err := http.NewRequest("POST", resolvedEndpointURL.String(), &buf)
-		if err != nil {
-			return nil, true, err
-		}
-		requests = append(requests, req.WithContext(ctx))
-	default:
-		message, truncated := notify.TruncateInRunes(tmpl(n.conf.Message), maxMessageLenRunes)
-		if truncated {
-			logger.WarnContext(ctx, "Truncated message", "alert", key, "max_runes", maxMessageLenRunes)
-		}
-
-		createEndpointURL := n.conf.APIURL.Copy()
-		createEndpointURL.Path += "v2/alerts"
-
-		var responders []opsGenieCreateMessageResponder
-		for _, r := range n.conf.Responders {
-			responder := opsGenieCreateMessageResponder{
-				ID:       tmpl(r.ID),
-				Name:     tmpl(r.Name),
-				Username: tmpl(r.Username),
-				Type:     tmpl(r.Type),
-			}
-
-			if responder == (opsGenieCreateMessageResponder{}) {
-				// Filter out empty responders. This is useful if you want to fill
-				// responders dynamically from alert's common labels.
-				continue
-			}
-
-			if responder.Type == "teams" {
-				teams := safeSplit(responder.Name, ",")
-				for _, team := range teams {
-					newResponder := opsGenieCreateMessageResponder{
-						Name: tmpl(team),
-						Type: tmpl("team"),
-					}
-					responders = append(responders, newResponder)
-				}
-				continue
-			}
-
-			responders = append(responders, responder)
-		}
-
-		msg := &opsGenieCreateMessage{
-			Alias:       alias,
-			Message:     message,
-			Description: tmpl(n.conf.Description),
-			Details:     details,
-			Source:      tmpl(n.conf.Source),
-			Responders:  responders,
-			Tags:        safeSplit(tmpl(n.conf.Tags), ","),
-			Note:        tmpl(n.conf.Note),
-			Priority:    tmpl(n.conf.Priority),
-			Entity:      tmpl(n.conf.Entity),
-			Actions:     safeSplit(tmpl(n.conf.Actions), ","),
-		}
-		var buf bytes.Buffer
-		if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-			return nil, false, err
-		}
-		req, err := http.NewRequest("POST", createEndpointURL.String(), &buf)
-		if err != nil {
-			return nil, true, err
-		}
-		requests = append(requests, req.WithContext(ctx))
-
-		if n.conf.UpdateAlerts {
-			updateMessageEndpointURL := n.conf.APIURL.Copy()
-			updateMessageEndpointURL.Path += fmt.Sprintf("v2/alerts/%s/message", alias)
-			q := updateMessageEndpointURL.Query()
-			q.Set("identifierType", "alias")
-			updateMessageEndpointURL.RawQuery = q.Encode()
-			updateMsgMsg := &opsGenieUpdateMessageMessage{
-				Message: msg.Message,
-			}
-			var updateMessageBuf bytes.Buffer
-			if err := json.NewEncoder(&updateMessageBuf).Encode(updateMsgMsg); err != nil {
-				return nil, false, err
-			}
-			req, err := http.NewRequest("PUT", updateMessageEndpointURL.String(), &updateMessageBuf)
-			if err != nil {
-				return nil, true, err
-			}
-			requests = append(requests, req)
-
-			updateDescriptionEndpointURL := n.conf.APIURL.Copy()
-			updateDescriptionEndpointURL.Path += fmt.Sprintf("v2/alerts/%s/description", alias)
-			q = updateDescriptionEndpointURL.Query()
-			q.Set("identifierType", "alias")
-			updateDescriptionEndpointURL.RawQuery = q.Encode()
-			updateDescMsg := &opsGenieUpdateDescriptionMessage{
-				Description: msg.Description,
-			}
-
-			var updateDescriptionBuf bytes.Buffer
-			if err := json.NewEncoder(&updateDescriptionBuf).Encode(updateDescMsg); err != nil {
-				return nil, false, err
-			}
-			req, err = http.NewRequest("PUT", updateDescriptionEndpointURL.String(), &updateDescriptionBuf)
-			if err != nil {
-				return nil, true, err
-			}
-			requests = append(requests, req.WithContext(ctx))
-		}
-	}
-
-	var apiKey string
-	if n.conf.APIKey != "" {
-		apiKey = tmpl(string(n.conf.APIKey))
-	} else {
-		content, err := os.ReadFile(n.conf.APIKeyFile)
-		if err != nil {
-			return nil, false, errors.WrapInternalf(err, errors.CodeInternal, "read key_file error")
-		}
-		apiKey = tmpl(string(content))
-		apiKey = strings.TrimSpace(string(apiKey))
-	}
-
-	if err != nil {
-		return nil, false, errors.WrapInternalf(err, errors.CodeInternal, "templating error")
-	}
-
-	for _, req := range requests {
-		req.Header.Set("Content-Type", "application/json")
-		req.Header.Set("Authorization", fmt.Sprintf("GenieKey %s", apiKey))
-	}
-
-	return requests, true, nil
-}

pkg/alertmanager/alertmanagernotify/opsgenie/opsgenie_test.go

@@ -1,333 +0,0 @@
-package opsgenie
-
-import (
-	"context"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"os"
-	"testing"
-	"time"
-
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestOpsGenieRetry(t *testing.T) {
-	notifier, err := New(
-		&config.OpsGenieConfig{
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	retryCodes := append(test.DefaultRetryCodes(), http.StatusTooManyRequests)
-	for statusCode, expected := range test.RetryTests(retryCodes) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "error on status %d", statusCode)
-	}
-}
-
-func TestOpsGenieRedactedURL(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "key"
-	notifier, err := New(
-		&config.OpsGenieConfig{
-			APIURL:     &config.URL{URL: u},
-			APIKey:     config.Secret(key),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestGettingOpsGegineApikeyFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "key"
-
-	f, err := os.CreateTemp(t.TempDir(), "opsgenie_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(key)
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.OpsGenieConfig{
-			APIURL:     &config.URL{URL: u},
-			APIKeyFile: f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestOpsGenie(t *testing.T) {
-	u, err := url.Parse("https://opsgenie/api")
-	if err != nil {
-		t.Fatalf("failed to parse URL: %v", err)
-	}
-	logger := promslog.NewNopLogger()
-	tmpl := test.CreateTmpl(t)
-
-	for _, tc := range []struct {
-		title string
-		cfg   *config.OpsGenieConfig
-
-		expectedEmptyAlertBody string
-		expectedBody           string
-	}{
-		{
-			title: "config without details",
-			cfg: &config.OpsGenieConfig{
-				NotifierConfig: config.NotifierConfig{
-					VSendResolved: true,
-				},
-				Message:     `{{ .CommonLabels.Message }}`,
-				Description: `{{ .CommonLabels.Description }}`,
-				Source:      `{{ .CommonLabels.Source }}`,
-				Responders: []config.OpsGenieConfigResponder{
-					{
-						Name: `{{ .CommonLabels.ResponderName1 }}`,
-						Type: `{{ .CommonLabels.ResponderType1 }}`,
-					},
-					{
-						Name: `{{ .CommonLabels.ResponderName2 }}`,
-						Type: `{{ .CommonLabels.ResponderType2 }}`,
-					},
-				},
-				Tags:       `{{ .CommonLabels.Tags }}`,
-				Note:       `{{ .CommonLabels.Note }}`,
-				Priority:   `{{ .CommonLabels.Priority }}`,
-				Entity:     `{{ .CommonLabels.Entity }}`,
-				Actions:    `{{ .CommonLabels.Actions }}`,
-				APIKey:     `{{ .ExternalURL }}`,
-				APIURL:     &config.URL{URL: u},
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-			},
-			expectedEmptyAlertBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"","details":{},"source":""}
-`,
-			expectedBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"message","description":"description","details":{"Actions":"doThis,doThat","Description":"description","Entity":"test-domain","Message":"message","Note":"this is a note","Priority":"P1","ResponderName1":"TeamA","ResponderName2":"EscalationA","ResponderName3":"TeamA,TeamB","ResponderType1":"team","ResponderType2":"escalation","ResponderType3":"teams","Source":"http://prometheus","Tags":"tag1,tag2"},"source":"http://prometheus","responders":[{"name":"TeamA","type":"team"},{"name":"EscalationA","type":"escalation"}],"tags":["tag1","tag2"],"note":"this is a note","priority":"P1","entity":"test-domain","actions":["doThis","doThat"]}
-`,
-		},
-		{
-			title: "config with details",
-			cfg: &config.OpsGenieConfig{
-				NotifierConfig: config.NotifierConfig{
-					VSendResolved: true,
-				},
-				Message:     `{{ .CommonLabels.Message }}`,
-				Description: `{{ .CommonLabels.Description }}`,
-				Source:      `{{ .CommonLabels.Source }}`,
-				Details: map[string]string{
-					"Description": `adjusted {{ .CommonLabels.Description }}`,
-				},
-				Responders: []config.OpsGenieConfigResponder{
-					{
-						Name: `{{ .CommonLabels.ResponderName1 }}`,
-						Type: `{{ .CommonLabels.ResponderType1 }}`,
-					},
-					{
-						Name: `{{ .CommonLabels.ResponderName2 }}`,
-						Type: `{{ .CommonLabels.ResponderType2 }}`,
-					},
-				},
-				Tags:       `{{ .CommonLabels.Tags }}`,
-				Note:       `{{ .CommonLabels.Note }}`,
-				Priority:   `{{ .CommonLabels.Priority }}`,
-				Entity:     `{{ .CommonLabels.Entity }}`,
-				Actions:    `{{ .CommonLabels.Actions }}`,
-				APIKey:     `{{ .ExternalURL }}`,
-				APIURL:     &config.URL{URL: u},
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-			},
-			expectedEmptyAlertBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"","details":{"Description":"adjusted "},"source":""}
-`,
-			expectedBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"message","description":"description","details":{"Actions":"doThis,doThat","Description":"adjusted description","Entity":"test-domain","Message":"message","Note":"this is a note","Priority":"P1","ResponderName1":"TeamA","ResponderName2":"EscalationA","ResponderName3":"TeamA,TeamB","ResponderType1":"team","ResponderType2":"escalation","ResponderType3":"teams","Source":"http://prometheus","Tags":"tag1,tag2"},"source":"http://prometheus","responders":[{"name":"TeamA","type":"team"},{"name":"EscalationA","type":"escalation"}],"tags":["tag1","tag2"],"note":"this is a note","priority":"P1","entity":"test-domain","actions":["doThis","doThat"]}
-`,
-		},
-		{
-			title: "config with multiple teams",
-			cfg: &config.OpsGenieConfig{
-				NotifierConfig: config.NotifierConfig{
-					VSendResolved: true,
-				},
-				Message:     `{{ .CommonLabels.Message }}`,
-				Description: `{{ .CommonLabels.Description }}`,
-				Source:      `{{ .CommonLabels.Source }}`,
-				Details: map[string]string{
-					"Description": `adjusted {{ .CommonLabels.Description }}`,
-				},
-				Responders: []config.OpsGenieConfigResponder{
-					{
-						Name: `{{ .CommonLabels.ResponderName3 }}`,
-						Type: `{{ .CommonLabels.ResponderType3 }}`,
-					},
-				},
-				Tags:       `{{ .CommonLabels.Tags }}`,
-				Note:       `{{ .CommonLabels.Note }}`,
-				Priority:   `{{ .CommonLabels.Priority }}`,
-				APIKey:     `{{ .ExternalURL }}`,
-				APIURL:     &config.URL{URL: u},
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-			},
-			expectedEmptyAlertBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"","details":{"Description":"adjusted "},"source":""}
-`,
-			expectedBody: `{"alias":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","message":"message","description":"description","details":{"Actions":"doThis,doThat","Description":"adjusted description","Entity":"test-domain","Message":"message","Note":"this is a note","Priority":"P1","ResponderName1":"TeamA","ResponderName2":"EscalationA","ResponderName3":"TeamA,TeamB","ResponderType1":"team","ResponderType2":"escalation","ResponderType3":"teams","Source":"http://prometheus","Tags":"tag1,tag2"},"source":"http://prometheus","responders":[{"name":"TeamA","type":"team"},{"name":"TeamB","type":"team"}],"tags":["tag1","tag2"],"note":"this is a note","priority":"P1"}
-`,
-		},
-	} {
-		t.Run(tc.title, func(t *testing.T) {
-			notifier, err := New(tc.cfg, tmpl, logger)
-			require.NoError(t, err)
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			expectedURL, _ := url.Parse("https://opsgenie/apiv2/alerts")
-
-			// Empty alert.
-			alert1 := &types.Alert{
-				Alert: model.Alert{
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-
-			req, retry, err := notifier.createRequests(ctx, alert1)
-			require.NoError(t, err)
-			require.Len(t, req, 1)
-			require.True(t, retry)
-			require.Equal(t, expectedURL, req[0].URL)
-			require.Equal(t, "GenieKey http://am", req[0].Header.Get("Authorization"))
-			require.Equal(t, tc.expectedEmptyAlertBody, readBody(t, req[0]))
-
-			// Fully defined alert.
-			alert2 := &types.Alert{
-				Alert: model.Alert{
-					Labels: model.LabelSet{
-						"Message":        "message",
-						"Description":    "description",
-						"Source":         "http://prometheus",
-						"ResponderName1": "TeamA",
-						"ResponderType1": "team",
-						"ResponderName2": "EscalationA",
-						"ResponderType2": "escalation",
-						"ResponderName3": "TeamA,TeamB",
-						"ResponderType3": "teams",
-						"Tags":           "tag1,tag2",
-						"Note":           "this is a note",
-						"Priority":       "P1",
-						"Entity":         "test-domain",
-						"Actions":        "doThis,doThat",
-					},
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			req, retry, err = notifier.createRequests(ctx, alert2)
-			require.NoError(t, err)
-			require.True(t, retry)
-			require.Len(t, req, 1)
-			require.Equal(t, tc.expectedBody, readBody(t, req[0]))
-
-			// Broken API Key Template.
-			tc.cfg.APIKey = "{{ kaput "
-			_, _, err = notifier.createRequests(ctx, alert2)
-			require.Error(t, err)
-			require.Equal(t, "template: :1: function \"kaput\" not defined", err.Error())
-		})
-	}
-}
-
-func TestOpsGenieWithUpdate(t *testing.T) {
-	u, err := url.Parse("https://test-opsgenie-url")
-	require.NoError(t, err)
-	tmpl := test.CreateTmpl(t)
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "1")
-	opsGenieConfigWithUpdate := config.OpsGenieConfig{
-		Message:      `{{ .CommonLabels.Message }}`,
-		Description:  `{{ .CommonLabels.Description }}`,
-		UpdateAlerts: true,
-		APIKey:       "test-api-key",
-		APIURL:       &config.URL{URL: u},
-		HTTPConfig:   &commoncfg.HTTPClientConfig{},
-	}
-	notifierWithUpdate, err := New(&opsGenieConfigWithUpdate, tmpl, promslog.NewNopLogger())
-	alert := &types.Alert{
-		Alert: model.Alert{
-			StartsAt: time.Now(),
-			EndsAt:   time.Now().Add(time.Hour),
-			Labels: model.LabelSet{
-				"Message":     "new message",
-				"Description": "new description",
-			},
-		},
-	}
-	require.NoError(t, err)
-	requests, retry, err := notifierWithUpdate.createRequests(ctx, alert)
-	require.NoError(t, err)
-	require.True(t, retry)
-	require.Len(t, requests, 3)
-
-	body0 := readBody(t, requests[0])
-	body1 := readBody(t, requests[1])
-	body2 := readBody(t, requests[2])
-	key, _ := notify.ExtractGroupKey(ctx)
-	alias := key.Hash()
-
-	require.Equal(t, "https://test-opsgenie-url/v2/alerts", requests[0].URL.String())
-	require.NotEmpty(t, body0)
-
-	require.Equal(t, requests[1].URL.String(), fmt.Sprintf("https://test-opsgenie-url/v2/alerts/%s/message?identifierType=alias", alias))
-	require.JSONEq(t, `{"message":"new message"}`, body1)
-	require.Equal(t, requests[2].URL.String(), fmt.Sprintf("https://test-opsgenie-url/v2/alerts/%s/description?identifierType=alias", alias))
-	require.JSONEq(t, `{"description":"new description"}`, body2)
-}
-
-func TestOpsGenieApiKeyFile(t *testing.T) {
-	u, err := url.Parse("https://test-opsgenie-url")
-	require.NoError(t, err)
-	tmpl := test.CreateTmpl(t)
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "1")
-	opsGenieConfigWithUpdate := config.OpsGenieConfig{
-		APIKeyFile: `./api_key_file`,
-		APIURL:     &config.URL{URL: u},
-		HTTPConfig: &commoncfg.HTTPClientConfig{},
-	}
-	notifierWithUpdate, err := New(&opsGenieConfigWithUpdate, tmpl, promslog.NewNopLogger())
-
-	require.NoError(t, err)
-	requests, _, err := notifierWithUpdate.createRequests(ctx)
-	require.NoError(t, err)
-	require.Equal(t, "GenieKey my_secret_api_key", requests[0].Header.Get("Authorization"))
-}
-
-func readBody(t *testing.T, r *http.Request) string {
-	t.Helper()
-	body, err := io.ReadAll(r.Body)
-	require.NoError(t, err)
-	return string(body)
-}

pkg/alertmanager/alertmanagernotify/pagerduty/pagerduty.go

@@ -1,374 +0,0 @@
-package pagerduty
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log/slog"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/alecthomas/units"
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "pagerduty"
-)
-
-const (
-	maxEventSize int = 512000
-	// https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTc4-send-a-v1-event - 1024 characters or runes.
-	maxV1DescriptionLenRunes = 1024
-	// https://developer.pagerduty.com/docs/ZG9jOjExMDI5NTgx-send-an-alert-event - 1024 characters or runes.
-	maxV2SummaryLenRunes = 1024
-)
-
-// Notifier implements a Notifier for PagerDuty notifications.
-type Notifier struct {
-	conf    *config.PagerdutyConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	apiV1   string // for tests.
-	client  *http.Client
-	retrier *notify.Retrier
-}
-
-// New returns a new PagerDuty notifier.
-func New(c *config.PagerdutyConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-	n := &Notifier{conf: c, tmpl: t, logger: l, client: client}
-	if c.ServiceKey != "" || c.ServiceKeyFile != "" {
-		n.apiV1 = "https://events.pagerduty.com/generic/2010-04-15/create_event.json"
-		// Retrying can solve the issue on 403 (rate limiting) and 5xx response codes.
-		// https://developer.pagerduty.com/docs/events-api-v1-overview#api-response-codes--retry-logic
-		n.retrier = &notify.Retrier{RetryCodes: []int{http.StatusForbidden}, CustomDetailsFunc: errDetails}
-	} else {
-		// Retrying can solve the issue on 429 (rate limiting) and 5xx response codes.
-		// https://developer.pagerduty.com/docs/events-api-v2-overview#response-codes--retry-logic
-		n.retrier = &notify.Retrier{RetryCodes: []int{http.StatusTooManyRequests}, CustomDetailsFunc: errDetails}
-	}
-	return n, nil
-}
-
-const (
-	pagerDutyEventTrigger = "trigger"
-	pagerDutyEventResolve = "resolve"
-)
-
-type pagerDutyMessage struct {
-	RoutingKey  string            `json:"routing_key,omitempty"`
-	ServiceKey  string            `json:"service_key,omitempty"`
-	DedupKey    string            `json:"dedup_key,omitempty"`
-	IncidentKey string            `json:"incident_key,omitempty"`
-	EventType   string            `json:"event_type,omitempty"`
-	Description string            `json:"description,omitempty"`
-	EventAction string            `json:"event_action"`
-	Payload     *pagerDutyPayload `json:"payload"`
-	Client      string            `json:"client,omitempty"`
-	ClientURL   string            `json:"client_url,omitempty"`
-	Details     map[string]any    `json:"details,omitempty"`
-	Images      []pagerDutyImage  `json:"images,omitempty"`
-	Links       []pagerDutyLink   `json:"links,omitempty"`
-}
-
-type pagerDutyLink struct {
-	HRef string `json:"href"`
-	Text string `json:"text"`
-}
-
-type pagerDutyImage struct {
-	Src  string `json:"src"`
-	Alt  string `json:"alt"`
-	Href string `json:"href"`
-}
-
-type pagerDutyPayload struct {
-	Summary       string         `json:"summary"`
-	Source        string         `json:"source"`
-	Severity      string         `json:"severity"`
-	Timestamp     string         `json:"timestamp,omitempty"`
-	Class         string         `json:"class,omitempty"`
-	Component     string         `json:"component,omitempty"`
-	Group         string         `json:"group,omitempty"`
-	CustomDetails map[string]any `json:"custom_details,omitempty"`
-}
-
-func (n *Notifier) encodeMessage(ctx context.Context, msg *pagerDutyMessage) (bytes.Buffer, error) {
-	var buf bytes.Buffer
-	if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-		return buf, errors.WrapInternalf(err, errors.CodeInternal, "failed to encode PagerDuty message")
-	}
-
-	if buf.Len() > maxEventSize {
-		truncatedMsg := fmt.Sprintf("Custom details have been removed because the original event exceeds the maximum size of %s", units.MetricBytes(maxEventSize).String())
-
-		if n.apiV1 != "" {
-			msg.Details = map[string]any{"error": truncatedMsg}
-		} else {
-			msg.Payload.CustomDetails = map[string]any{"error": truncatedMsg}
-		}
-
-		n.logger.WarnContext(ctx, "Truncated Details because message of size exceeds limit", "message_size", units.MetricBytes(buf.Len()).String(), "max_size", units.MetricBytes(maxEventSize).String())
-
-		buf.Reset()
-		if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-			return buf, errors.WrapInternalf(err, errors.CodeInternal, "failed to encode PagerDuty message")
-		}
-	}
-
-	return buf, nil
-}
-
-func (n *Notifier) notifyV1(
-	ctx context.Context,
-	eventType string,
-	key notify.Key,
-	data *template.Data,
-	details map[string]any,
-) (bool, error) {
-	var tmplErr error
-	tmpl := notify.TmplText(n.tmpl, data, &tmplErr)
-
-	description, truncated := notify.TruncateInRunes(tmpl(n.conf.Description), maxV1DescriptionLenRunes)
-	if truncated {
-		n.logger.WarnContext(ctx, "Truncated description", "key", key, "max_runes", maxV1DescriptionLenRunes)
-	}
-
-	serviceKey := string(n.conf.ServiceKey)
-	if serviceKey == "" {
-		content, fileErr := os.ReadFile(n.conf.ServiceKeyFile)
-		if fileErr != nil {
-			return false, errors.WrapInternalf(fileErr, errors.CodeInternal, "failed to read service key from file")
-		}
-		serviceKey = strings.TrimSpace(string(content))
-	}
-
-	msg := &pagerDutyMessage{
-		ServiceKey:  tmpl(serviceKey),
-		EventType:   eventType,
-		IncidentKey: key.Hash(),
-		Description: description,
-		Details:     details,
-	}
-
-	if eventType == pagerDutyEventTrigger {
-		msg.Client = tmpl(n.conf.Client)
-		msg.ClientURL = tmpl(n.conf.ClientURL)
-	}
-
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "failed to template PagerDuty v1 message")
-	}
-
-	// Ensure that the service key isn't empty after templating.
-	if msg.ServiceKey == "" {
-		return false, errors.NewInternalf(errors.CodeInternal, "service key cannot be empty")
-	}
-
-	encodedMsg, err := n.encodeMessage(ctx, msg)
-	if err != nil {
-		return false, err
-	}
-
-	resp, err := notify.PostJSON(ctx, n.client, n.apiV1, &encodedMsg) //nolint:bodyclose
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "failed to post message to PagerDuty v1")
-	}
-	defer notify.Drain(resp)
-
-	return n.retrier.Check(resp.StatusCode, resp.Body)
-}
-
-func (n *Notifier) notifyV2(
-	ctx context.Context,
-	eventType string,
-	key notify.Key,
-	data *template.Data,
-	details map[string]any,
-) (bool, error) {
-	var tmplErr error
-	tmpl := notify.TmplText(n.tmpl, data, &tmplErr)
-
-	if n.conf.Severity == "" {
-		n.conf.Severity = "error"
-	}
-
-	summary, truncated := notify.TruncateInRunes(tmpl(n.conf.Description), maxV2SummaryLenRunes)
-	if truncated {
-		n.logger.WarnContext(ctx, "Truncated summary", "key", key, "max_runes", maxV2SummaryLenRunes)
-	}
-
-	routingKey := string(n.conf.RoutingKey)
-	if routingKey == "" {
-		content, fileErr := os.ReadFile(n.conf.RoutingKeyFile)
-		if fileErr != nil {
-			return false, errors.WrapInternalf(fileErr, errors.CodeInternal, "failed to read routing key from file")
-		}
-		routingKey = strings.TrimSpace(string(content))
-	}
-
-	msg := &pagerDutyMessage{
-		Client:      tmpl(n.conf.Client),
-		ClientURL:   tmpl(n.conf.ClientURL),
-		RoutingKey:  tmpl(routingKey),
-		EventAction: eventType,
-		DedupKey:    key.Hash(),
-		Images:      make([]pagerDutyImage, 0, len(n.conf.Images)),
-		Links:       make([]pagerDutyLink, 0, len(n.conf.Links)),
-		Payload: &pagerDutyPayload{
-			Summary:       summary,
-			Source:        tmpl(n.conf.Source),
-			Severity:      tmpl(n.conf.Severity),
-			CustomDetails: details,
-			Class:         tmpl(n.conf.Class),
-			Component:     tmpl(n.conf.Component),
-			Group:         tmpl(n.conf.Group),
-		},
-	}
-
-	for _, item := range n.conf.Images {
-		image := pagerDutyImage{
-			Src:  tmpl(item.Src),
-			Alt:  tmpl(item.Alt),
-			Href: tmpl(item.Href),
-		}
-
-		if image.Src != "" {
-			msg.Images = append(msg.Images, image)
-		}
-	}
-
-	for _, item := range n.conf.Links {
-		link := pagerDutyLink{
-			HRef: tmpl(item.Href),
-			Text: tmpl(item.Text),
-		}
-
-		if link.HRef != "" {
-			msg.Links = append(msg.Links, link)
-		}
-	}
-
-	if tmplErr != nil {
-		return false, errors.WrapInternalf(tmplErr, errors.CodeInternal, "failed to template PagerDuty v2 message")
-	}
-
-	// Ensure that the routing key isn't empty after templating.
-	if msg.RoutingKey == "" {
-		return false, errors.NewInternalf(errors.CodeInternal, "routing key cannot be empty")
-	}
-
-	encodedMsg, err := n.encodeMessage(ctx, msg)
-	if err != nil {
-		return false, err
-	}
-
-	resp, err := notify.PostJSON(ctx, n.client, n.conf.URL.String(), &encodedMsg) //nolint:bodyclose
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "failed to post message to PagerDuty")
-	}
-	defer notify.Drain(resp)
-
-	retry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-	if err != nil {
-		return retry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-	}
-	return retry, err
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-	key, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return false, err
-	}
-	logger := n.logger.With("group_key", key)
-
-	var (
-		alerts    = types.Alerts(as...)
-		data      = notify.GetTemplateData(ctx, n.tmpl, as, logger)
-		eventType = pagerDutyEventTrigger
-	)
-
-	if alerts.Status() == model.AlertResolved {
-		eventType = pagerDutyEventResolve
-	}
-
-	logger.DebugContext(ctx, "extracted group key", "event_type", eventType)
-
-	details, err := n.renderDetails(data)
-	if err != nil {
-		return false, errors.WrapInternalf(err, errors.CodeInternal, "failed to render details: %v", err)
-	}
-
-	if n.conf.Timeout > 0 {
-		nfCtx, cancel := context.WithTimeoutCause(ctx, n.conf.Timeout, errors.NewInternalf(errors.CodeTimeout, "configured pagerduty timeout reached (%s)", n.conf.Timeout))
-		defer cancel()
-		ctx = nfCtx
-	}
-
-	nf := n.notifyV2
-	if n.apiV1 != "" {
-		nf = n.notifyV1
-	}
-	retry, err := nf(ctx, eventType, key, data, details)
-	if err != nil {
-		if ctx.Err() != nil {
-			err = errors.WrapInternalf(err, errors.CodeInternal, "failed to notify PagerDuty: %v", context.Cause(ctx))
-		}
-		return retry, err
-	}
-	return retry, nil
-}
-
-func errDetails(status int, body io.Reader) string {
-	// See https://v2.developer.pagerduty.com/docs/trigger-events for the v1 events API.
-	// See https://v2.developer.pagerduty.com/docs/send-an-event-events-api-v2 for the v2 events API.
-	if status != http.StatusBadRequest || body == nil {
-		return ""
-	}
-	var pgr struct {
-		Status  string   `json:"status"`
-		Message string   `json:"message"`
-		Errors  []string `json:"errors"`
-	}
-	if err := json.NewDecoder(body).Decode(&pgr); err != nil {
-		return ""
-	}
-	return fmt.Sprintf("%s: %s", pgr.Message, strings.Join(pgr.Errors, ","))
-}
-
-func (n *Notifier) renderDetails(
-	data *template.Data,
-) (map[string]any, error) {
-	var (
-		tmplTextErr  error
-		tmplText     = notify.TmplText(n.tmpl, data, &tmplTextErr)
-		tmplTextFunc = func(tmpl string) (string, error) {
-			return tmplText(tmpl), tmplTextErr
-		}
-	)
-	var err error
-	rendered := make(map[string]any, len(n.conf.Details))
-	for k, v := range n.conf.Details {
-		rendered[k], err = template.DeepCopyWithTemplate(v, tmplTextFunc)
-		if err != nil {
-			return nil, err
-		}
-	}
-	return rendered, nil
-}

pkg/alertmanager/alertmanagernotify/pagerduty/pagerduty_test.go

@@ -1,879 +0,0 @@
-package pagerduty
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"os"
-	"strings"
-	"testing"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestPagerDutyRetryV1(t *testing.T) {
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			ServiceKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	retryCodes := append(test.DefaultRetryCodes(), http.StatusForbidden)
-	for statusCode, expected := range test.RetryTests(retryCodes) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "retryv1 - error on status %d", statusCode)
-	}
-}
-
-func TestPagerDutyRetryV2(t *testing.T) {
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			RoutingKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	retryCodes := append(test.DefaultRetryCodes(), http.StatusTooManyRequests)
-	for statusCode, expected := range test.RetryTests(retryCodes) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "retryv2 - error on status %d", statusCode)
-	}
-}
-
-func TestPagerDutyRedactedURLV1(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "01234567890123456789012345678901"
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			ServiceKey: config.Secret(key),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-	notifier.apiV1 = u.String()
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyRedactedURLV2(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	key := "01234567890123456789012345678901"
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			URL:        &config.URL{URL: u},
-			RoutingKey: config.Secret(key),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyV1ServiceKeyFromFile(t *testing.T) {
-	key := "01234567890123456789012345678901"
-	f, err := os.CreateTemp(t.TempDir(), "pagerduty_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(key)
-	require.NoError(t, err, "writing to temp file failed")
-
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			ServiceKeyFile: f.Name(),
-			HTTPConfig:     &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-	notifier.apiV1 = u.String()
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyV2RoutingKeyFromFile(t *testing.T) {
-	key := "01234567890123456789012345678901"
-	f, err := os.CreateTemp(t.TempDir(), "pagerduty_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(key)
-	require.NoError(t, err, "writing to temp file failed")
-
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	notifier, err := New(
-		&config.PagerdutyConfig{
-			URL:            &config.URL{URL: u},
-			RoutingKeyFile: f.Name(),
-			HTTPConfig:     &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, key)
-}
-
-func TestPagerDutyTemplating(t *testing.T) {
-	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		dec := json.NewDecoder(r.Body)
-		out := make(map[string]any)
-		err := dec.Decode(&out)
-		if err != nil {
-			panic(err)
-		}
-	}))
-	defer srv.Close()
-	u, _ := url.Parse(srv.URL)
-
-	for _, tc := range []struct {
-		title string
-		cfg   *config.PagerdutyConfig
-
-		retry  bool
-		errMsg string
-	}{
-		{
-			title: "full-blown legacy message",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Images: []config.PagerdutyImage{
-					{
-						Src:  "{{ .Status }}",
-						Alt:  "{{ .Status }}",
-						Href: "{{ .Status }}",
-					},
-				},
-				Links: []config.PagerdutyLink{
-					{
-						Href: "{{ .Status }}",
-						Text: "{{ .Status }}",
-					},
-				},
-				Details: map[string]any{
-					"firing":       `{{ .Alerts.Firing | toJson }}`,
-					"resolved":     `{{ .Alerts.Resolved | toJson }}`,
-					"num_firing":   `{{ .Alerts.Firing | len }}`,
-					"num_resolved": `{{ .Alerts.Resolved | len }}`,
-				},
-			},
-		},
-		{
-			title: "full-blown legacy message",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Images: []config.PagerdutyImage{
-					{
-						Src:  "{{ .Status }}",
-						Alt:  "{{ .Status }}",
-						Href: "{{ .Status }}",
-					},
-				},
-				Links: []config.PagerdutyLink{
-					{
-						Href: "{{ .Status }}",
-						Text: "{{ .Status }}",
-					},
-				},
-				Details: map[string]any{
-					"firing":       `{{ template "pagerduty.default.instances" .Alerts.Firing }}`,
-					"resolved":     `{{ template "pagerduty.default.instances" .Alerts.Resolved }}`,
-					"num_firing":   `{{ .Alerts.Firing | len }}`,
-					"num_resolved": `{{ .Alerts.Resolved | len }}`,
-				},
-			},
-		},
-		{
-			title: "nested details",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": map[string]any{
-								"firing":       `{{ .Alerts.Firing | toJson }}`,
-								"resolved":     `{{ .Alerts.Resolved | toJson }}`,
-								"num_firing":   `{{ .Alerts.Firing | len }}`,
-								"num_resolved": `{{ .Alerts.Resolved | len }}`,
-							},
-						},
-					},
-				},
-			},
-		},
-		{
-			title: "nested details with template error",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": map[string]any{
-								"firing": `{{ template "pagerduty.default.instances" .Alerts.Firing`,
-							},
-						},
-					},
-				},
-			},
-			errMsg: "failed to render details: template: :1: unclosed action",
-		},
-		{
-			title: "details with templating errors",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Details: map[string]any{
-					"firing":       `{{ .Alerts.Firing | toJson`,
-					"resolved":     `{{ .Alerts.Resolved | toJson }}`,
-					"num_firing":   `{{ .Alerts.Firing | len }}`,
-					"num_resolved": `{{ .Alerts.Resolved | len }}`,
-				},
-			},
-			errMsg: "failed to render details: template: :1: unclosed action",
-		},
-		{
-			title: "v2 message with templating errors",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				Severity:   "{{ ",
-			},
-			errMsg: "failed to template",
-		},
-		{
-			title: "v1 message with templating errors",
-			cfg: &config.PagerdutyConfig{
-				ServiceKey: config.Secret("01234567890123456789012345678901"),
-				Client:     "{{ ",
-			},
-			errMsg: "failed to template",
-		},
-		{
-			title: "routing key cannot be empty",
-			cfg: &config.PagerdutyConfig{
-				RoutingKey: config.Secret(`{{ "" }}`),
-			},
-			errMsg: "routing key cannot be empty",
-		},
-		{
-			title: "service_key cannot be empty",
-			cfg: &config.PagerdutyConfig{
-				ServiceKey: config.Secret(`{{ "" }}`),
-			},
-			errMsg: "service key cannot be empty",
-		},
-	} {
-		t.Run(tc.title, func(t *testing.T) {
-			tc.cfg.URL = &config.URL{URL: u}
-			tc.cfg.HTTPConfig = &commoncfg.HTTPClientConfig{}
-			pd, err := New(tc.cfg, test.CreateTmpl(t), promslog.NewNopLogger())
-			require.NoError(t, err)
-			if pd.apiV1 != "" {
-				pd.apiV1 = u.String()
-			}
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			ok, err := pd.Notify(ctx, []*types.Alert{
-				{
-					Alert: model.Alert{
-						Labels: model.LabelSet{
-							"lbl1": "val1",
-						},
-						StartsAt: time.Now(),
-						EndsAt:   time.Now().Add(time.Hour),
-					},
-				},
-			}...)
-			if tc.errMsg == "" {
-				require.NoError(t, err)
-			} else {
-				require.Error(t, err)
-				if errors.Asc(err, errors.CodeInternal) {
-					_, _, errMsg, _, _, _ := errors.Unwrapb(err)
-					require.Contains(t, errMsg, tc.errMsg)
-				} else {
-					require.Contains(t, err.Error(), tc.errMsg)
-				}
-			}
-			require.Equal(t, tc.retry, ok)
-		})
-	}
-}
-
-func TestErrDetails(t *testing.T) {
-	for _, tc := range []struct {
-		status int
-		body   io.Reader
-
-		exp string
-	}{
-		{
-			status: http.StatusBadRequest,
-			body: bytes.NewBuffer([]byte(
-				`{"status":"invalid event","message":"Event object is invalid","errors":["Length of 'routing_key' is incorrect (should be 32 characters)"]}`,
-			)),
-
-			exp: "Length of 'routing_key' is incorrect",
-		},
-		{
-			status: http.StatusBadRequest,
-			body:   bytes.NewBuffer([]byte(`{"status"}`)),
-
-			exp: "",
-		},
-		{
-			status: http.StatusBadRequest,
-
-			exp: "",
-		},
-		{
-			status: http.StatusTooManyRequests,
-
-			exp: "",
-		},
-	} {
-		t.Run("", func(t *testing.T) {
-			err := errDetails(tc.status, tc.body)
-			require.Contains(t, err, tc.exp)
-		})
-	}
-}
-
-func TestEventSizeEnforcement(t *testing.T) {
-	bigDetailsV1 := map[string]any{
-		"firing": strings.Repeat("a", 513000),
-	}
-	bigDetailsV2 := map[string]any{
-		"firing": strings.Repeat("a", 513000),
-	}
-
-	// V1 Messages
-	msgV1 := &pagerDutyMessage{
-		ServiceKey: "01234567890123456789012345678901",
-		EventType:  "trigger",
-		Details:    bigDetailsV1,
-	}
-
-	notifierV1, err := New(
-		&config.PagerdutyConfig{
-			ServiceKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	encodedV1, err := notifierV1.encodeMessage(context.Background(), msgV1)
-	require.NoError(t, err)
-	require.Contains(t, encodedV1.String(), `"details":{"error":"Custom details have been removed because the original event exceeds the maximum size of 512KB"}`)
-
-	// V2 Messages
-	msgV2 := &pagerDutyMessage{
-		RoutingKey:  "01234567890123456789012345678901",
-		EventAction: "trigger",
-		Payload: &pagerDutyPayload{
-			CustomDetails: bigDetailsV2,
-		},
-	}
-
-	notifierV2, err := New(
-		&config.PagerdutyConfig{
-			RoutingKey: config.Secret("01234567890123456789012345678901"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	encodedV2, err := notifierV2.encodeMessage(context.Background(), msgV2)
-	require.NoError(t, err)
-	require.Contains(t, encodedV2.String(), `"custom_details":{"error":"Custom details have been removed because the original event exceeds the maximum size of 512KB"}`)
-}
-
-func TestPagerDutyEmptySrcHref(t *testing.T) {
-	type pagerDutyEvent struct {
-		RoutingKey  string           `json:"routing_key"`
-		EventAction string           `json:"event_action"`
-		DedupKey    string           `json:"dedup_key"`
-		Payload     pagerDutyPayload `json:"payload"`
-		Images      []pagerDutyImage
-		Links       []pagerDutyLink
-	}
-
-	images := []config.PagerdutyImage{
-		{
-			Src:  "",
-			Alt:  "Empty src",
-			Href: "https://example.com/",
-		},
-		{
-			Src:  "https://example.com/cat.jpg",
-			Alt:  "Empty href",
-			Href: "",
-		},
-		{
-			Src:  "https://example.com/cat.jpg",
-			Alt:  "",
-			Href: "https://example.com/",
-		},
-	}
-
-	links := []config.PagerdutyLink{
-		{
-			Href: "",
-			Text: "Empty href",
-		},
-		{
-			Href: "https://example.com/",
-			Text: "",
-		},
-	}
-
-	expectedImages := make([]pagerDutyImage, 0, len(images))
-	for _, image := range images {
-		if image.Src == "" {
-			continue
-		}
-		expectedImages = append(expectedImages, pagerDutyImage{
-			Src:  image.Src,
-			Alt:  image.Alt,
-			Href: image.Href,
-		})
-	}
-
-	expectedLinks := make([]pagerDutyLink, 0, len(links))
-	for _, link := range links {
-		if link.Href == "" {
-			continue
-		}
-		expectedLinks = append(expectedLinks, pagerDutyLink{
-			HRef: link.Href,
-			Text: link.Text,
-		})
-	}
-
-	server := httptest.NewServer(http.HandlerFunc(
-		func(w http.ResponseWriter, r *http.Request) {
-			decoder := json.NewDecoder(r.Body)
-			var event pagerDutyEvent
-			if err := decoder.Decode(&event); err != nil {
-				panic(err)
-			}
-
-			if event.RoutingKey == "" || event.EventAction == "" {
-				http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
-				return
-			}
-
-			for _, image := range event.Images {
-				if image.Src == "" {
-					http.Error(w, "Event object is invalid: 'image src' is missing or blank", http.StatusBadRequest)
-					return
-				}
-			}
-
-			for _, link := range event.Links {
-				if link.HRef == "" {
-					http.Error(w, "Event object is invalid: 'link href' is missing or blank", http.StatusBadRequest)
-					return
-				}
-			}
-
-			require.Equal(t, expectedImages, event.Images)
-			require.Equal(t, expectedLinks, event.Links)
-		},
-	))
-	defer server.Close()
-
-	url, err := url.Parse(server.URL)
-	require.NoError(t, err)
-
-	pagerDutyConfig := config.PagerdutyConfig{
-		HTTPConfig: &commoncfg.HTTPClientConfig{},
-		RoutingKey: config.Secret("01234567890123456789012345678901"),
-		URL:        &config.URL{URL: url},
-		Images:     images,
-		Links:      links,
-	}
-
-	pagerDuty, err := New(&pagerDutyConfig, test.CreateTmpl(t), promslog.NewNopLogger())
-	require.NoError(t, err)
-
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "1")
-
-	_, err = pagerDuty.Notify(ctx, []*types.Alert{
-		{
-			Alert: model.Alert{
-				Labels: model.LabelSet{
-					"lbl1": "val1",
-				},
-				StartsAt: time.Now(),
-				EndsAt:   time.Now().Add(time.Hour),
-			},
-		},
-	}...)
-	require.NoError(t, err)
-}
-
-func TestPagerDutyTimeout(t *testing.T) {
-	type pagerDutyEvent struct {
-		RoutingKey  string           `json:"routing_key"`
-		EventAction string           `json:"event_action"`
-		DedupKey    string           `json:"dedup_key"`
-		Payload     pagerDutyPayload `json:"payload"`
-		Images      []pagerDutyImage
-		Links       []pagerDutyLink
-	}
-
-	tests := map[string]struct {
-		latency time.Duration
-		timeout time.Duration
-		wantErr bool
-	}{
-		"success": {latency: 100 * time.Millisecond, timeout: 120 * time.Millisecond, wantErr: false},
-		"error":   {latency: 100 * time.Millisecond, timeout: 80 * time.Millisecond, wantErr: true},
-	}
-
-	for name, tt := range tests {
-		t.Run(name, func(t *testing.T) {
-			srv := httptest.NewServer(http.HandlerFunc(
-				func(w http.ResponseWriter, r *http.Request) {
-					decoder := json.NewDecoder(r.Body)
-					var event pagerDutyEvent
-					if err := decoder.Decode(&event); err != nil {
-						panic(err)
-					}
-
-					if event.RoutingKey == "" || event.EventAction == "" {
-						http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
-						return
-					}
-					time.Sleep(tt.latency)
-				},
-			))
-			defer srv.Close()
-			u, err := url.Parse(srv.URL)
-			require.NoError(t, err)
-
-			cfg := config.PagerdutyConfig{
-				HTTPConfig: &commoncfg.HTTPClientConfig{},
-				RoutingKey: config.Secret("01234567890123456789012345678901"),
-				URL:        &config.URL{URL: u},
-				Timeout:    tt.timeout,
-			}
-
-			pd, err := New(&cfg, test.CreateTmpl(t), promslog.NewNopLogger())
-			require.NoError(t, err)
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-			alert := &types.Alert{
-				Alert: model.Alert{
-					Labels: model.LabelSet{
-						"lbl1": "val1",
-					},
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			_, err = pd.Notify(ctx, alert)
-			require.Equal(t, tt.wantErr, err != nil)
-		})
-	}
-}
-
-func TestRenderDetails(t *testing.T) {
-	type args struct {
-		details map[string]any
-		data    *template.Data
-	}
-	tests := []struct {
-		name    string
-		args    args
-		want    map[string]any
-		wantErr bool
-	}{
-		{
-			name: "flat",
-			args: args{
-				details: map[string]any{
-					"a": "{{ .Status }}",
-					"b": "String",
-				},
-				data: &template.Data{
-					Status: "Flat",
-				},
-			},
-			want: map[string]any{
-				"a": "Flat",
-				"b": "String",
-			},
-			wantErr: false,
-		},
-		{
-			name: "flat error",
-			args: args{
-				details: map[string]any{
-					"a": "{{ .Status",
-				},
-				data: &template.Data{
-					Status: "Error",
-				},
-			},
-			want:    nil,
-			wantErr: true,
-		},
-		{
-			name: "nested",
-			args: args{
-				details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": "{{ .Status }}",
-							"d": "String",
-						},
-					},
-				},
-				data: &template.Data{
-					Status: "Nested",
-				},
-			},
-			want: map[string]any{
-				"a": map[string]any{
-					"b": map[string]any{
-						"c": "Nested",
-						"d": "String",
-					},
-				},
-			},
-			wantErr: false,
-		},
-		{
-			name: "nested error",
-			args: args{
-				details: map[string]any{
-					"a": map[string]any{
-						"b": map[string]any{
-							"c": "{{ .Status",
-						},
-					},
-				},
-				data: &template.Data{
-					Status: "Error",
-				},
-			},
-			want:    nil,
-			wantErr: true,
-		},
-		{
-			name: "alerts",
-			args: args{
-				details: map[string]any{
-					"alerts": map[string]any{
-						"firing":       "{{ .Alerts.Firing | toJson }}",
-						"resolved":     "{{ .Alerts.Resolved | toJson }}",
-						"num_firing":   "{{ len .Alerts.Firing }}",
-						"num_resolved": "{{ len .Alerts.Resolved }}",
-					},
-				},
-				data: &template.Data{
-					Alerts: template.Alerts{
-						{
-							Status: "firing",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Firing1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint1",
-							GeneratorURL: "http://generator1",
-							StartsAt:     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-						{
-							Status: "firing",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Firing2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint2",
-							GeneratorURL: "http://generator2",
-							StartsAt:     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-						{
-							Status: "resolved",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Resolved1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint3",
-							GeneratorURL: "http://generator3",
-							StartsAt:     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-						{
-							Status: "resolved",
-							Annotations: template.KV{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							Labels: template.KV{
-								"alertname": "Resolved2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							Fingerprint:  "fingerprint4",
-							GeneratorURL: "http://generator4",
-							StartsAt:     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC),
-							EndsAt:       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC),
-						},
-					},
-				},
-			},
-			want: map[string]any{
-				"alerts": map[string]any{
-					"firing": []any{
-						map[string]any{
-							"status": "firing",
-							"labels": map[string]any{
-								"alertname": "Firing1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint1",
-							"generatorURL": "http://generator1",
-						},
-						map[string]any{
-							"status": "firing",
-							"labels": map[string]any{
-								"alertname": "Firing2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint2",
-							"generatorURL": "http://generator2",
-						},
-					},
-					"resolved": []any{
-						map[string]any{
-							"status": "resolved",
-							"labels": map[string]any{
-								"alertname": "Resolved1",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2001, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2001, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint3",
-							"generatorURL": "http://generator3",
-						},
-						map[string]any{
-							"status": "resolved",
-							"labels": map[string]any{
-								"alertname": "Resolved2",
-								"label1":    "value1",
-								"label2":    "value2",
-							},
-							"annotations": map[string]any{
-								"annotation1": "value1",
-								"annotation2": "value2",
-							},
-							"startsAt":     time.Date(2002, time.January, 1, 0, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"endsAt":       time.Date(2002, time.January, 1, 1, 0, 0, 0, time.UTC).Format(time.RFC3339),
-							"fingerprint":  "fingerprint4",
-							"generatorURL": "http://generator4",
-						},
-					},
-					"num_firing":   2,
-					"num_resolved": 2,
-				},
-			},
-			wantErr: false,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			n := &Notifier{
-				conf: &config.PagerdutyConfig{
-					Details: tt.args.details,
-				},
-				tmpl: test.CreateTmpl(t),
-			}
-			got, err := n.renderDetails(tt.args.data)
-			if (err != nil) != tt.wantErr {
-				t.Errorf("renderDetails() error = %v, wantErr %v", err, tt.wantErr)
-				return
-			}
-			require.Equal(t, tt.want, got)
-		})
-	}
-}

pkg/alertmanager/alertmanagernotify/receiver.go

@@ -2,14 +2,8 @@ package alertmanagernotify
 
 import (
 	"log/slog"
-	"slices"
 
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/email"
 	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/msteamsv2"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/opsgenie"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/pagerduty"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/slack"
-	"github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/webhook"
 	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
 	"github.com/prometheus/alertmanager/config/receiver"
 	"github.com/prometheus/alertmanager/notify"
@@ -17,15 +11,6 @@ import (
 	"github.com/prometheus/alertmanager/types"
 )
 
-var customNotifierIntegrations = []string{
-	webhook.Integration,
-	email.Integration,
-	pagerduty.Integration,
-	opsgenie.Integration,
-	slack.Integration,
-	msteamsv2.Integration,
-}
-
 func NewReceiverIntegrations(nc alertmanagertypes.Receiver, tmpl *template.Template, logger *slog.Logger) ([]notify.Integration, error) {
 	upstreamIntegrations, err := receiver.BuildReceiverIntegrations(nc, tmpl, logger)
 	if err != nil {
@@ -46,29 +31,14 @@ func NewReceiverIntegrations(nc alertmanagertypes.Receiver, tmpl *template.Templ
 	)
 
 	for _, integration := range upstreamIntegrations {
-		// skip upstream integration if we support custom integration for it
-		if !slices.Contains(customNotifierIntegrations, integration.Name()) {
+		// skip upstream msteamsv2 integration
+		if integration.Name() != "msteamsv2" {
 			integrations = append(integrations, integration)
 		}
 	}
 
-	for i, c := range nc.WebhookConfigs {
-		add(webhook.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return webhook.New(c, tmpl, l) })
-	}
-	for i, c := range nc.EmailConfigs {
-		add(email.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return email.New(c, tmpl, l), nil })
-	}
-	for i, c := range nc.PagerdutyConfigs {
-		add(pagerduty.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return pagerduty.New(c, tmpl, l) })
-	}
-	for i, c := range nc.OpsGenieConfigs {
-		add(opsgenie.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return opsgenie.New(c, tmpl, l) })
-	}
-	for i, c := range nc.SlackConfigs {
-		add(slack.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) { return slack.New(c, tmpl, l) })
-	}
 	for i, c := range nc.MSTeamsV2Configs {
-		add(msteamsv2.Integration, i, c, func(l *slog.Logger) (notify.Notifier, error) {
+		add("msteamsv2", i, c, func(l *slog.Logger) (notify.Notifier, error) {
 			return msteamsv2.New(c, tmpl, `{{ template "msteamsv2.default.titleLink" . }}`, l)
 		})
 	}

pkg/alertmanager/alertmanagernotify/slack/slack.go

@@ -1,278 +0,0 @@
-package slack
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"io"
-	"log/slog"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "slack"
-)
-
-// https://api.slack.com/reference/messaging/attachments#legacy_fields - 1024, no units given, assuming runes or characters.
-const maxTitleLenRunes = 1024
-
-// Notifier implements a Notifier for Slack notifications.
-type Notifier struct {
-	conf    *config.SlackConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	client  *http.Client
-	retrier *notify.Retrier
-
-	postJSONFunc func(ctx context.Context, client *http.Client, url string, body io.Reader) (*http.Response, error)
-}
-
-// New returns a new Slack notification handler.
-func New(c *config.SlackConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*c.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-
-	return &Notifier{
-		conf:         c,
-		tmpl:         t,
-		logger:       l,
-		client:       client,
-		retrier:      &notify.Retrier{},
-		postJSONFunc: notify.PostJSON,
-	}, nil
-}
-
-// request is the request for sending a slack notification.
-type request struct {
-	Channel     string       `json:"channel,omitempty"`
-	Username    string       `json:"username,omitempty"`
-	IconEmoji   string       `json:"icon_emoji,omitempty"`
-	IconURL     string       `json:"icon_url,omitempty"`
-	LinkNames   bool         `json:"link_names,omitempty"`
-	Text        string       `json:"text,omitempty"`
-	Attachments []attachment `json:"attachments"`
-}
-
-// attachment is used to display a richly-formatted message block.
-type attachment struct {
-	Title      string               `json:"title,omitempty"`
-	TitleLink  string               `json:"title_link,omitempty"`
-	Pretext    string               `json:"pretext,omitempty"`
-	Text       string               `json:"text"`
-	Fallback   string               `json:"fallback"`
-	CallbackID string               `json:"callback_id"`
-	Fields     []config.SlackField  `json:"fields,omitempty"`
-	Actions    []config.SlackAction `json:"actions,omitempty"`
-	ImageURL   string               `json:"image_url,omitempty"`
-	ThumbURL   string               `json:"thumb_url,omitempty"`
-	Footer     string               `json:"footer"`
-	Color      string               `json:"color,omitempty"`
-	MrkdwnIn   []string             `json:"mrkdwn_in,omitempty"`
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
-	var err error
-
-	key, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return false, err
-	}
-	logger := n.logger.With("group_key", key)
-	logger.DebugContext(ctx, "extracted group key")
-
-	var (
-		data     = notify.GetTemplateData(ctx, n.tmpl, as, logger)
-		tmplText = notify.TmplText(n.tmpl, data, &err)
-	)
-	var markdownIn []string
-
-	if len(n.conf.MrkdwnIn) == 0 {
-		markdownIn = []string{"fallback", "pretext", "text"}
-	} else {
-		markdownIn = n.conf.MrkdwnIn
-	}
-
-	title, truncated := notify.TruncateInRunes(tmplText(n.conf.Title), maxTitleLenRunes)
-	if truncated {
-		logger.WarnContext(ctx, "Truncated title", "max_runes", maxTitleLenRunes)
-	}
-	att := &attachment{
-		Title:      title,
-		TitleLink:  tmplText(n.conf.TitleLink),
-		Pretext:    tmplText(n.conf.Pretext),
-		Text:       tmplText(n.conf.Text),
-		Fallback:   tmplText(n.conf.Fallback),
-		CallbackID: tmplText(n.conf.CallbackID),
-		ImageURL:   tmplText(n.conf.ImageURL),
-		ThumbURL:   tmplText(n.conf.ThumbURL),
-		Footer:     tmplText(n.conf.Footer),
-		Color:      tmplText(n.conf.Color),
-		MrkdwnIn:   markdownIn,
-	}
-
-	numFields := len(n.conf.Fields)
-	if numFields > 0 {
-		fields := make([]config.SlackField, numFields)
-		for index, field := range n.conf.Fields {
-			// Check if short was defined for the field otherwise fallback to the global setting
-			var short bool
-			if field.Short != nil {
-				short = *field.Short
-			} else {
-				short = n.conf.ShortFields
-			}
-
-			// Rebuild the field by executing any templates and setting the new value for short
-			fields[index] = config.SlackField{
-				Title: tmplText(field.Title),
-				Value: tmplText(field.Value),
-				Short: &short,
-			}
-		}
-		att.Fields = fields
-	}
-
-	numActions := len(n.conf.Actions)
-	if numActions > 0 {
-		actions := make([]config.SlackAction, numActions)
-		for index, action := range n.conf.Actions {
-			slackAction := config.SlackAction{
-				Type:  tmplText(action.Type),
-				Text:  tmplText(action.Text),
-				URL:   tmplText(action.URL),
-				Style: tmplText(action.Style),
-				Name:  tmplText(action.Name),
-				Value: tmplText(action.Value),
-			}
-
-			if action.ConfirmField != nil {
-				slackAction.ConfirmField = &config.SlackConfirmationField{
-					Title:       tmplText(action.ConfirmField.Title),
-					Text:        tmplText(action.ConfirmField.Text),
-					OkText:      tmplText(action.ConfirmField.OkText),
-					DismissText: tmplText(action.ConfirmField.DismissText),
-				}
-			}
-
-			actions[index] = slackAction
-		}
-		att.Actions = actions
-	}
-
-	req := &request{
-		Channel:     tmplText(n.conf.Channel),
-		Username:    tmplText(n.conf.Username),
-		IconEmoji:   tmplText(n.conf.IconEmoji),
-		IconURL:     tmplText(n.conf.IconURL),
-		LinkNames:   n.conf.LinkNames,
-		Text:        tmplText(n.conf.MessageText),
-		Attachments: []attachment{*att},
-	}
-	if err != nil {
-		return false, err
-	}
-
-	var buf bytes.Buffer
-	if err := json.NewEncoder(&buf).Encode(req); err != nil {
-		return false, err
-	}
-
-	var u string
-	if n.conf.APIURL != nil {
-		u = n.conf.APIURL.String()
-	} else {
-		content, err := os.ReadFile(n.conf.APIURLFile)
-		if err != nil {
-			return false, err
-		}
-		u = strings.TrimSpace(string(content))
-	}
-
-	if n.conf.Timeout > 0 {
-		postCtx, cancel := context.WithTimeoutCause(ctx, n.conf.Timeout, errors.NewInternalf(errors.CodeTimeout, "configured slack timeout reached (%s)", n.conf.Timeout))
-		defer cancel()
-		ctx = postCtx
-	}
-
-	resp, err := n.postJSONFunc(ctx, n.client, u, &buf) //nolint:bodyclose
-	if err != nil {
-		if ctx.Err() != nil {
-			err = errors.NewInternalf(errors.CodeInternal, "failed to post JSON to slack: %v", context.Cause(ctx))
-		}
-		return true, notify.RedactURL(err)
-	}
-	defer notify.Drain(resp)
-
-	// Use a retrier to generate an error message for non-200 responses and
-	// classify them as retriable or not.
-	retry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-	if err != nil {
-		err = errors.NewInternalf(errors.CodeInternal, "channel %q: %v", req.Channel, err)
-		return retry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-	}
-
-	// Slack web API might return errors with a 200 response code.
-	// https://slack.dev/node-slack-sdk/web-api#handle-errors
-	retry, err = checkResponseError(resp)
-	if err != nil {
-		err = errors.NewInternalf(errors.CodeInternal, "channel %q: %v", req.Channel, err)
-		return retry, notify.NewErrorWithReason(notify.ClientErrorReason, err)
-	}
-
-	return retry, nil
-}
-
-// checkResponseError parses out the error message from Slack API response.
-func checkResponseError(resp *http.Response) (bool, error) {
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return true, errors.WrapInternalf(err, errors.CodeInternal, "could not read response body")
-	}
-
-	if strings.HasPrefix(resp.Header.Get("Content-Type"), "application/json") {
-		return checkJSONResponseError(body)
-	}
-	return checkTextResponseError(body)
-}
-
-// checkTextResponseError classifies plaintext responses from Slack.
-// A plaintext (non-JSON) response is successful if it's a string "ok".
-// This is typically a response for an Incoming Webhook
-// (https://api.slack.com/messaging/webhooks#handling_errors)
-func checkTextResponseError(body []byte) (bool, error) {
-	if !bytes.Equal(body, []byte("ok")) {
-		return false, errors.NewInternalf(errors.CodeInternal, "received an error response from Slack: %s", string(body))
-	}
-	return false, nil
-}
-
-// checkJSONResponseError classifies JSON responses from Slack.
-func checkJSONResponseError(body []byte) (bool, error) {
-	// response is for parsing out errors from the JSON response.
-	type response struct {
-		OK    bool   `json:"ok"`
-		Error string `json:"error"`
-	}
-
-	var data response
-	if err := json.Unmarshal(body, &data); err != nil {
-		return true, errors.NewInternalf(errors.CodeInternal, "could not unmarshal JSON response %q: %v", string(body), err)
-	}
-	if !data.OK {
-		return false, errors.NewInternalf(errors.CodeInternal, "error response from Slack: %s", data.Error)
-	}
-	return false, nil
-}

pkg/alertmanager/alertmanagernotify/slack/slack_test.go

@@ -1,339 +0,0 @@
-package slack
-
-import (
-	"context"
-	"encoding/json"
-	"io"
-	"log/slog"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"os"
-	"strings"
-	"testing"
-	"time"
-
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestSlackRetry(t *testing.T) {
-	notifier, err := New(
-		&config.SlackConfig{
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	for statusCode, expected := range test.RetryTests(test.DefaultRetryCodes()) {
-		actual, _ := notifier.retrier.Check(statusCode, nil)
-		require.Equal(t, expected, actual, "error on status %d", statusCode)
-	}
-}
-
-func TestSlackRedactedURL(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	notifier, err := New(
-		&config.SlackConfig{
-			APIURL:     &config.SecretURL{URL: u},
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestGettingSlackURLFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	f, err := os.CreateTemp(t.TempDir(), "slack_test")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(u.String())
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.SlackConfig{
-			APIURLFile: f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestTrimmingSlackURLFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	f, err := os.CreateTemp(t.TempDir(), "slack_test_newline")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(u.String() + "\n\n")
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.SlackConfig{
-			APIURLFile: f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestNotifier_Notify_WithReason(t *testing.T) {
-	tests := []struct {
-		name           string
-		statusCode     int
-		responseBody   string
-		expectedReason notify.Reason
-		expectedErr    string
-		expectedRetry  bool
-		noError        bool
-	}{
-		{
-			name:           "with a 4xx status code",
-			statusCode:     http.StatusUnauthorized,
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  false,
-			expectedErr:    "unexpected status code 401",
-		},
-		{
-			name:           "with a 5xx status code",
-			statusCode:     http.StatusInternalServerError,
-			expectedReason: notify.ServerErrorReason,
-			expectedRetry:  true,
-			expectedErr:    "unexpected status code 500",
-		},
-		{
-			name:           "with a 3xx status code",
-			statusCode:     http.StatusTemporaryRedirect,
-			expectedReason: notify.DefaultReason,
-			expectedRetry:  false,
-			expectedErr:    "unexpected status code 307",
-		},
-		{
-			name:           "with a 1xx status code",
-			statusCode:     http.StatusSwitchingProtocols,
-			expectedReason: notify.DefaultReason,
-			expectedRetry:  false,
-			expectedErr:    "unexpected status code 101",
-		},
-		{
-			name:           "2xx response with invalid JSON",
-			statusCode:     http.StatusOK,
-			responseBody:   `{"not valid json"}`,
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  true,
-			expectedErr:    "could not unmarshal",
-		},
-		{
-			name:           "2xx response with a JSON error",
-			statusCode:     http.StatusOK,
-			responseBody:   `{"ok":false,"error":"error_message"}`,
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  false,
-			expectedErr:    "error response from Slack: error_message",
-		},
-		{
-			name:           "2xx response with a plaintext error",
-			statusCode:     http.StatusOK,
-			responseBody:   "no_channel",
-			expectedReason: notify.ClientErrorReason,
-			expectedRetry:  false,
-			expectedErr:    "error response from Slack: no_channel",
-		},
-		{
-			name:         "successful JSON response",
-			statusCode:   http.StatusOK,
-			responseBody: `{"ok":true}`,
-			noError:      true,
-		},
-		{
-			name:         "successful plaintext response",
-			statusCode:   http.StatusOK,
-			responseBody: "ok",
-			noError:      true,
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			apiurl, _ := url.Parse("https://slack.com/post.Message")
-			notifier, err := New(
-				&config.SlackConfig{
-					NotifierConfig: config.NotifierConfig{},
-					HTTPConfig:     &commoncfg.HTTPClientConfig{},
-					APIURL:         &config.SecretURL{URL: apiurl},
-					Channel:        "channelname",
-				},
-				test.CreateTmpl(t),
-				promslog.NewNopLogger(),
-			)
-			require.NoError(t, err)
-
-			notifier.postJSONFunc = func(ctx context.Context, client *http.Client, url string, body io.Reader) (*http.Response, error) {
-				resp := httptest.NewRecorder()
-				if strings.HasPrefix(tt.responseBody, "{") {
-					resp.Header().Add("Content-Type", "application/json; charset=utf-8")
-				}
-				resp.WriteHeader(tt.statusCode)
-				_, _ = resp.WriteString(tt.responseBody)
-				return resp.Result(), nil
-			}
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			alert1 := &types.Alert{
-				Alert: model.Alert{
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			retry, err := notifier.Notify(ctx, alert1)
-			require.Equal(t, tt.expectedRetry, retry)
-			if tt.noError {
-				require.NoError(t, err)
-			} else {
-				var reasonError *notify.ErrorWithReason
-				require.ErrorAs(t, err, &reasonError)
-				require.Equal(t, tt.expectedReason, reasonError.Reason)
-				require.Contains(t, err.Error(), tt.expectedErr)
-				require.Contains(t, err.Error(), "channelname")
-			}
-		})
-	}
-}
-
-func TestSlackTimeout(t *testing.T) {
-	tests := map[string]struct {
-		latency time.Duration
-		timeout time.Duration
-		wantErr bool
-	}{
-		"success": {latency: 100 * time.Millisecond, timeout: 120 * time.Millisecond, wantErr: false},
-		"error":   {latency: 100 * time.Millisecond, timeout: 80 * time.Millisecond, wantErr: true},
-	}
-
-	for name, tt := range tests {
-		t.Run(name, func(t *testing.T) {
-			u, _ := url.Parse("https://slack.com/post.Message")
-			notifier, err := New(
-				&config.SlackConfig{
-					NotifierConfig: config.NotifierConfig{},
-					HTTPConfig:     &commoncfg.HTTPClientConfig{},
-					APIURL:         &config.SecretURL{URL: u},
-					Channel:        "channelname",
-					Timeout:        tt.timeout,
-				},
-				test.CreateTmpl(t),
-				promslog.NewNopLogger(),
-			)
-			require.NoError(t, err)
-			notifier.postJSONFunc = func(ctx context.Context, client *http.Client, url string, body io.Reader) (*http.Response, error) {
-				select {
-				case <-ctx.Done():
-					return nil, ctx.Err()
-				case <-time.After(tt.latency):
-					resp := httptest.NewRecorder()
-					resp.Header().Set("Content-Type", "application/json; charset=utf-8")
-					resp.WriteHeader(http.StatusOK)
-					_, _ = resp.WriteString(`{"ok":true}`)
-
-					return resp.Result(), nil
-				}
-			}
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "1")
-
-			alert := &types.Alert{
-				Alert: model.Alert{
-					StartsAt: time.Now(),
-					EndsAt:   time.Now().Add(time.Hour),
-				},
-			}
-			_, err = notifier.Notify(ctx, alert)
-			require.Equal(t, tt.wantErr, err != nil)
-		})
-	}
-}
-
-func TestSlackMessageField(t *testing.T) {
-	// 1. Setup a fake Slack server
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		var body map[string]any
-		if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
-			t.Fatal(err)
-		}
-
-		// 2. VERIFY: Top-level text exists
-		if body["text"] != "My Top Level Message" {
-			t.Errorf("Expected top-level 'text' to be 'My Top Level Message', got %v", body["text"])
-		}
-
-		// 3. VERIFY: Old attachments still exist
-		attachments, ok := body["attachments"].([]any)
-		if !ok || len(attachments) == 0 {
-			t.Errorf("Expected attachments to exist")
-		} else {
-			first := attachments[0].(map[string]any)
-			if first["title"] != "Old Attachment Title" {
-				t.Errorf("Expected attachment title 'Old Attachment Title', got %v", first["title"])
-			}
-		}
-
-		w.Header().Set("Content-Type", "application/json")
-		w.WriteHeader(http.StatusOK)
-		_, _ = w.Write([]byte(`{"ok": true}`))
-	}))
-	defer server.Close()
-
-	// 4. Configure Notifier with BOTH new and old fields
-	u, _ := url.Parse(server.URL)
-	conf := &config.SlackConfig{
-		APIURL:      &config.SecretURL{URL: u},
-		MessageText: "My Top Level Message", // Your NEW field
-		Title:       "Old Attachment Title", // An OLD field
-		Channel:     "#test-channel",
-		HTTPConfig:  &commoncfg.HTTPClientConfig{},
-	}
-
-	tmpl, err := template.FromGlobs([]string{})
-	if err != nil {
-		t.Fatal(err)
-	}
-	tmpl.ExternalURL = u
-
-	logger := slog.New(slog.DiscardHandler)
-	notifier, err := New(conf, tmpl, logger)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "test-group-key")
-
-	if _, err := notifier.Notify(ctx); err != nil {
-		t.Fatal("Notify failed:", err)
-	}
-}

pkg/alertmanager/alertmanagernotify/webhook/webhook.go

@@ -1,136 +0,0 @@
-package webhook
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"log/slog"
-	"net/http"
-	"os"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	commoncfg "github.com/prometheus/common/config"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-)
-
-const (
-	Integration = "webhook"
-)
-
-// Notifier implements a Notifier for generic webhooks.
-type Notifier struct {
-	conf    *config.WebhookConfig
-	tmpl    *template.Template
-	logger  *slog.Logger
-	client  *http.Client
-	retrier *notify.Retrier
-}
-
-// New returns a new Webhook.
-func New(conf *config.WebhookConfig, t *template.Template, l *slog.Logger, httpOpts ...commoncfg.HTTPClientOption) (*Notifier, error) {
-	client, err := notify.NewClientWithTracing(*conf.HTTPConfig, Integration, httpOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return &Notifier{
-		conf:   conf,
-		tmpl:   t,
-		logger: l,
-		client: client,
-		// Webhooks are assumed to respond with 2xx response codes on a successful
-		// request and 5xx response codes are assumed to be recoverable.
-		retrier: &notify.Retrier{},
-	}, nil
-}
-
-// Message defines the JSON object send to webhook endpoints.
-type Message struct {
-	*template.Data
-
-	// The protocol version.
-	Version         string `json:"version"`
-	GroupKey        string `json:"groupKey"`
-	TruncatedAlerts uint64 `json:"truncatedAlerts"`
-}
-
-func truncateAlerts(maxAlerts uint64, alerts []*types.Alert) ([]*types.Alert, uint64) {
-	if maxAlerts != 0 && uint64(len(alerts)) > maxAlerts {
-		return alerts[:maxAlerts], uint64(len(alerts)) - maxAlerts
-	}
-
-	return alerts, 0
-}
-
-// Notify implements the Notifier interface.
-func (n *Notifier) Notify(ctx context.Context, alerts ...*types.Alert) (bool, error) {
-	alerts, numTruncated := truncateAlerts(n.conf.MaxAlerts, alerts)
-	data := notify.GetTemplateData(ctx, n.tmpl, alerts, n.logger)
-
-	groupKey, err := notify.ExtractGroupKey(ctx)
-	if err != nil {
-		return false, err
-	}
-
-	logger := n.logger.With("group_key", groupKey)
-	logger.DebugContext(ctx, "extracted group key")
-
-	msg := &Message{
-		Version:         "4",
-		Data:            data,
-		GroupKey:        groupKey.String(),
-		TruncatedAlerts: numTruncated,
-	}
-
-	var buf bytes.Buffer
-	if err := json.NewEncoder(&buf).Encode(msg); err != nil {
-		return false, err
-	}
-
-	var url string
-	var tmplErr error
-	tmpl := notify.TmplText(n.tmpl, data, &tmplErr)
-
-	if n.conf.URL != "" {
-		url = tmpl(string(n.conf.URL))
-	} else {
-		content, err := os.ReadFile(n.conf.URLFile)
-		if err != nil {
-			return false, errors.WrapInternalf(err, errors.CodeInternal, "read url_file")
-		}
-		url = tmpl(strings.TrimSpace(string(content)))
-	}
-
-	if tmplErr != nil {
-		return false, errors.NewInternalf(errors.CodeInternal, "failed to template webhook URL: %v", tmplErr)
-	}
-
-	if url == "" {
-		return false, errors.NewInternalf(errors.CodeInternal, "webhook URL is empty after templating")
-	}
-
-	if n.conf.Timeout > 0 {
-		postCtx, cancel := context.WithTimeoutCause(ctx, n.conf.Timeout, errors.NewInternalf(errors.CodeTimeout, "configured webhook timeout reached (%s)", n.conf.Timeout))
-		defer cancel()
-		ctx = postCtx
-	}
-
-	resp, err := notify.PostJSON(ctx, n.client, url, &buf) //nolint:bodyclose
-	if err != nil {
-		if ctx.Err() != nil {
-			err = errors.NewInternalf(errors.CodeInternal, "failed to post JSON to webhook: %v", context.Cause(ctx))
-		}
-		return true, notify.RedactURL(err)
-	}
-	defer notify.Drain(resp)
-
-	shouldRetry, err := n.retrier.Check(resp.StatusCode, resp.Body)
-	if err != nil {
-		return shouldRetry, notify.NewErrorWithReason(notify.GetFailureReasonFromStatusCode(resp.StatusCode), err)
-	}
-	return shouldRetry, err
-}

pkg/alertmanager/alertmanagernotify/webhook/webhook_test.go

@@ -1,214 +0,0 @@
-package webhook
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"os"
-	"testing"
-	"time"
-
-	commoncfg "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	"github.com/prometheus/common/promslog"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/config"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/notify/test"
-	"github.com/prometheus/alertmanager/types"
-)
-
-func TestWebhookRetry(t *testing.T) {
-	notifier, err := New(
-		&config.WebhookConfig{
-			URL:        config.SecretTemplateURL("http://example.com"),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	if err != nil {
-		require.NoError(t, err)
-	}
-
-	t.Run("test retry status code", func(t *testing.T) {
-		for statusCode, expected := range test.RetryTests(test.DefaultRetryCodes()) {
-			actual, _ := notifier.retrier.Check(statusCode, nil)
-			require.Equal(t, expected, actual, "error on status %d", statusCode)
-		}
-	})
-
-	t.Run("test retry error details", func(t *testing.T) {
-		for _, tc := range []struct {
-			status int
-			body   io.Reader
-
-			exp string
-		}{
-			{
-				status: http.StatusBadRequest,
-				body: bytes.NewBuffer([]byte(
-					`{"status":"invalid event"}`,
-				)),
-
-				exp: fmt.Sprintf(`unexpected status code %d: {"status":"invalid event"}`, http.StatusBadRequest),
-			},
-			{
-				status: http.StatusBadRequest,
-
-				exp: fmt.Sprintf(`unexpected status code %d`, http.StatusBadRequest),
-			},
-		} {
-			t.Run("", func(t *testing.T) {
-				_, err = notifier.retrier.Check(tc.status, tc.body)
-				require.Equal(t, tc.exp, err.Error())
-			})
-		}
-	})
-}
-
-func TestWebhookTruncateAlerts(t *testing.T) {
-	alerts := make([]*types.Alert, 10)
-
-	truncatedAlerts, numTruncated := truncateAlerts(0, alerts)
-	require.Len(t, truncatedAlerts, 10)
-	require.EqualValues(t, 0, numTruncated)
-
-	truncatedAlerts, numTruncated = truncateAlerts(4, alerts)
-	require.Len(t, truncatedAlerts, 4)
-	require.EqualValues(t, 6, numTruncated)
-
-	truncatedAlerts, numTruncated = truncateAlerts(100, alerts)
-	require.Len(t, truncatedAlerts, 10)
-	require.EqualValues(t, 0, numTruncated)
-}
-
-func TestWebhookRedactedURL(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	secret := "secret"
-	notifier, err := New(
-		&config.WebhookConfig{
-			URL:        config.SecretTemplateURL(u.String()),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, secret)
-}
-
-func TestWebhookReadingURLFromFile(t *testing.T) {
-	ctx, u, fn := test.GetContextWithCancelingURL()
-	defer fn()
-
-	f, err := os.CreateTemp(t.TempDir(), "webhook_url")
-	require.NoError(t, err, "creating temp file failed")
-	_, err = f.WriteString(u.String() + "\n")
-	require.NoError(t, err, "writing to temp file failed")
-
-	notifier, err := New(
-		&config.WebhookConfig{
-			URLFile:    f.Name(),
-			HTTPConfig: &commoncfg.HTTPClientConfig{},
-		},
-		test.CreateTmpl(t),
-		promslog.NewNopLogger(),
-	)
-	require.NoError(t, err)
-
-	test.AssertNotifyLeaksNoSecret(ctx, t, notifier, u.String())
-}
-
-func TestWebhookURLTemplating(t *testing.T) {
-	var calledURL string
-	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		calledURL = r.URL.Path
-		w.WriteHeader(http.StatusOK)
-	}))
-	defer srv.Close()
-
-	tests := []struct {
-		name           string
-		url            string
-		groupLabels    model.LabelSet
-		alertLabels    model.LabelSet
-		expectError    bool
-		expectedErrMsg string
-		expectedPath   string
-	}{
-		{
-			name:         "templating with alert labels",
-			url:          srv.URL + "/{{ .GroupLabels.alertname }}/{{ .CommonLabels.severity }}",
-			groupLabels:  model.LabelSet{"alertname": "TestAlert"},
-			alertLabels:  model.LabelSet{"alertname": "TestAlert", "severity": "critical"},
-			expectError:  false,
-			expectedPath: "/TestAlert/critical",
-		},
-		{
-			name:           "invalid template field",
-			url:            srv.URL + "/{{ .InvalidField }}",
-			groupLabels:    model.LabelSet{"alertname": "TestAlert"},
-			alertLabels:    model.LabelSet{"alertname": "TestAlert"},
-			expectError:    true,
-			expectedErrMsg: "failed to template webhook URL",
-		},
-		{
-			name:           "template renders to empty string",
-			url:            "{{ if .CommonLabels.nonexistent }}http://example.com{{ end }}",
-			groupLabels:    model.LabelSet{"alertname": "TestAlert"},
-			alertLabels:    model.LabelSet{"alertname": "TestAlert"},
-			expectError:    true,
-			expectedErrMsg: "webhook URL is empty after templating",
-		},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			calledURL = "" // Reset for each test
-
-			notifier, err := New(
-				&config.WebhookConfig{
-					URL:        config.SecretTemplateURL(tc.url),
-					HTTPConfig: &commoncfg.HTTPClientConfig{},
-				},
-				test.CreateTmpl(t),
-				promslog.NewNopLogger(),
-			)
-			require.NoError(t, err)
-
-			ctx := context.Background()
-			ctx = notify.WithGroupKey(ctx, "test-group")
-			if tc.groupLabels != nil {
-				ctx = notify.WithGroupLabels(ctx, tc.groupLabels)
-			}
-
-			alerts := []*types.Alert{
-				{
-					Alert: model.Alert{
-						Labels:   tc.alertLabels,
-						StartsAt: time.Now(),
-						EndsAt:   time.Now().Add(time.Hour),
-					},
-				},
-			}
-
-			_, err = notifier.Notify(ctx, alerts...)
-
-			if tc.expectError {
-				require.Error(t, err)
-				require.Contains(t, err.Error(), tc.expectedErrMsg)
-			} else {
-				require.NoError(t, err)
-				require.Equal(t, tc.expectedPath, calledURL)
-			}
-		})
-	}
-}

pkg/alertmanager/alertmanagertemplate/alertmanagertemplate.go

@@ -1,254 +0,0 @@
-package alertmanagertemplate
-
-import (
-	"context"
-	"log/slog"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-	"github.com/prometheus/common/model"
-)
-
-// AlertManagerTemplater processes alert notification templates.
-type AlertManagerTemplater interface {
-	// ProcessTemplates expands the title and body templates from input
-	// against the provided alerts and returns the expanded templates.
-	ProcessTemplates(ctx context.Context, input TemplateInput, alerts []*types.Alert) (*ExpandedTemplates, error)
-}
-
-type alertManagerTemplater struct {
-	tmpl   *template.Template
-	logger *slog.Logger
-}
-
-func New(tmpl *template.Template, logger *slog.Logger) AlertManagerTemplater {
-	return &alertManagerTemplater{tmpl: tmpl, logger: logger}
-}
-
-// ProcessTemplates expands the title and body templates from input
-// against the provided alerts and returns the expanded templates.
-func (at *alertManagerTemplater) ProcessTemplates(
-	ctx context.Context,
-	input TemplateInput,
-	alerts []*types.Alert,
-) (*ExpandedTemplates, error) {
-	ntd := at.buildNotificationTemplateData(ctx, alerts)
-
-	title, titleMissingVars, err := at.expandTitle(ctx, input, alerts, ntd)
-	if err != nil {
-		return nil, err
-	}
-
-	body, bodyMissingVars, err := at.expandBody(ctx, input, alerts, ntd)
-	if err != nil {
-		return nil, err
-	}
-
-	missingVars := make(map[string]bool)
-	for k := range titleMissingVars {
-		missingVars[k] = true
-	}
-	for k := range bodyMissingVars {
-		missingVars[k] = true
-	}
-
-	return &ExpandedTemplates{Title: title, Body: body, MissingVars: missingVars}, nil
-}
-
-// expandTitle expands the title template. Falls back to the default if the custom template
-// result in empty string.
-func (at *alertManagerTemplater) expandTitle(
-	ctx context.Context,
-	input TemplateInput,
-	alerts []*types.Alert,
-	ntd *NotificationTemplateData,
-) (string, map[string]bool, error) {
-	if input.TitleTemplate != "" {
-		processRes, err := PreProcessTemplateAndData(input.TitleTemplate, ntd)
-		if err != nil {
-			return "", nil, err
-		}
-		result, err := at.tmpl.ExecuteTextString(processRes.Template, processRes.Data)
-		if err != nil {
-			return "", nil, errors.NewInternalf(errors.CodeInvalidInput, "failed to execute template: %s", err.Error())
-		}
-		if strings.TrimSpace(result) != "" {
-			return result, processRes.UnknownVars, nil
-		}
-	}
-
-	if input.DefaultTitleTemplate == "" {
-		return "", nil, nil
-	}
-	// Fall back to the default title template if present in the input
-	data := notify.GetTemplateData(ctx, at.tmpl, alerts, at.logger)
-	result, err := at.tmpl.ExecuteTextString(input.DefaultTitleTemplate, data)
-	return result, nil, err
-}
-
-// expandBody expands the body template once per alert and concatenates the results to return resulting body template
-// it falls back to the default templates if body template is empty or result in empty string.
-func (at *alertManagerTemplater) expandBody(
-	ctx context.Context,
-	input TemplateInput,
-	alerts []*types.Alert,
-	ntd *NotificationTemplateData,
-) (string, map[string]bool, error) {
-	if input.BodyTemplate != "" {
-		var sb strings.Builder
-		missingVars := make(map[string]bool)
-		for i := range ntd.Alerts {
-			processRes, err := PreProcessTemplateAndData(input.BodyTemplate, &ntd.Alerts[i])
-			if err != nil {
-				return "", nil, err
-			}
-			for k := range processRes.UnknownVars {
-				missingVars[k] = true
-			}
-			part, err := at.tmpl.ExecuteTextString(processRes.Template, processRes.Data)
-			if err != nil {
-				return "", nil, errors.NewInternalf(errors.CodeInvalidInput, "failed to execute template: %s", err.Error())
-			}
-			sb.WriteString(part)
-			// Add separator if not last alert
-			if i < len(ntd.Alerts)-1 {
-				sb.WriteString("<br><br>")
-			}
-		}
-		result := sb.String()
-		if strings.TrimSpace(result) != "" {
-			return result, missingVars, nil
-		}
-	}
-
-	if input.DefaultBodyTemplate == "" {
-		return "", nil, nil
-	}
-	// Fall back to the default body template if present in the input
-	data := notify.GetTemplateData(ctx, at.tmpl, alerts, at.logger)
-	result, err := at.tmpl.ExecuteTextString(input.DefaultBodyTemplate, data)
-	return result, nil, err
-}
-
-// buildNotificationTemplateData creates the NotificationTemplateData using
-// info from context and the raw alerts.
-func (at *alertManagerTemplater) buildNotificationTemplateData(
-	ctx context.Context,
-	alerts []*types.Alert,
-) *NotificationTemplateData {
-	// extract the required data from the context
-	receiver, ok := notify.ReceiverName(ctx)
-	if !ok {
-		at.logger.WarnContext(ctx, "missing receiver name in context")
-	}
-
-	groupLabels, ok := notify.GroupLabels(ctx)
-	if !ok {
-		at.logger.WarnContext(ctx, "missing group labels in context")
-	}
-
-	// extract the external URL from the template
-	externalURL := ""
-	if at.tmpl.ExternalURL != nil {
-		externalURL = at.tmpl.ExternalURL.String()
-	}
-
-	commonAnnotations := extractCommonKV(alerts, func(a *types.Alert) model.LabelSet { return a.Annotations })
-	commonLabels := extractCommonKV(alerts, func(a *types.Alert) model.LabelSet { return a.Labels })
-
-	// aggregate labels and annotations from all alerts
-	labels := aggregateKV(alerts, func(a *types.Alert) model.LabelSet { return a.Labels })
-	annotations := aggregateKV(alerts, func(a *types.Alert) model.LabelSet { return a.Annotations })
-
-	// build the alert data slice
-	alertDataSlice := make([]AlertData, 0, len(alerts))
-	for _, a := range alerts {
-		ad := buildAlertData(a, receiver)
-		alertDataSlice = append(alertDataSlice, ad)
-	}
-
-	// count the number of firing and resolved alerts
-	var firing, resolved int
-	for _, ad := range alertDataSlice {
-		if ad.IsFiring {
-			firing++
-		} else if ad.IsResolved {
-			resolved++
-		}
-	}
-
-	// extract the rule-level convenience fields from common labels
-	alertName := commonLabels[ruletypes.LabelAlertName]
-	ruleID := commonLabels[ruletypes.LabelRuleId]
-	ruleLink := commonLabels[ruletypes.LabelRuleSource]
-
-	// build the group labels
-	gl := make(template.KV, len(groupLabels))
-	for k, v := range groupLabels {
-		gl[string(k)] = string(v)
-	}
-
-	// build the notification template data
-	return &NotificationTemplateData{
-		Receiver:          receiver,
-		Status:            string(types.Alerts(alerts...).Status()),
-		AlertName:         alertName,
-		RuleID:            ruleID,
-		RuleLink:          ruleLink,
-		TotalFiring:       firing,
-		TotalResolved:     resolved,
-		Alerts:            alertDataSlice,
-		GroupLabels:       gl,
-		CommonLabels:      commonLabels,
-		CommonAnnotations: commonAnnotations,
-		ExternalURL:       externalURL,
-		Labels:            labels,
-		Annotations:       annotations,
-	}
-}
-
-// buildAlertData converts a single *types.Alert into an AlertData.
-func buildAlertData(a *types.Alert, receiver string) AlertData {
-	labels := make(template.KV, len(a.Labels))
-	for k, v := range a.Labels {
-		labels[string(k)] = string(v)
-	}
-
-	annotations := make(template.KV, len(a.Annotations))
-	for k, v := range a.Annotations {
-		annotations[string(k)] = string(v)
-	}
-
-	status := string(a.Status())
-	isFiring := a.Status() == model.AlertFiring
-	isResolved := a.Status() == model.AlertResolved
-	isMissingData := labels[ruletypes.LabelNoData] == "true"
-
-	return AlertData{
-		Receiver:      receiver,
-		Status:        status,
-		Labels:        labels,
-		Annotations:   annotations,
-		StartsAt:      a.StartsAt,
-		EndsAt:        a.EndsAt,
-		GeneratorURL:  a.GeneratorURL,
-		Fingerprint:   a.Fingerprint().String(),
-		AlertName:     labels[ruletypes.LabelAlertName],
-		RuleID:        labels[ruletypes.LabelRuleId],
-		RuleLink:      labels[ruletypes.LabelRuleSource],
-		Severity:      labels[ruletypes.LabelSeverityName],
-		LogLink:       annotations[ruletypes.AnnotationRelatedLogs],
-		TraceLink:     annotations[ruletypes.AnnotationRelatedTraces],
-		Value:         annotations[ruletypes.AnnotationValue],
-		Threshold:     annotations[ruletypes.AnnotationThreshold],
-		CompareOp:     annotations[ruletypes.AnnotationCompareOp],
-		MatchType:     annotations[ruletypes.AnnotationMatchType],
-		IsFiring:      isFiring,
-		IsResolved:    isResolved,
-		IsMissingData: isMissingData,
-	}
-}

pkg/alertmanager/alertmanagertemplate/alertmanagertemplate_test.go

@@ -1,272 +0,0 @@
-package alertmanagertemplate
-
-import (
-	"context"
-	"log/slog"
-	"testing"
-	"time"
-
-	test "github.com/SigNoz/signoz/pkg/alertmanager/alertmanagernotify/alertmanagernotifytest"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
-	"github.com/prometheus/common/model"
-	"github.com/stretchr/testify/require"
-
-	"github.com/prometheus/alertmanager/notify"
-	"github.com/prometheus/alertmanager/types"
-)
-
-// testSetup returns an AlertTemplater and a context pre-populated with group key,
-// receiver name, and group labels for use in tests.
-func testSetup(t *testing.T) (AlertManagerTemplater, context.Context) {
-	t.Helper()
-	tmpl := test.CreateTmpl(t)
-	ctx := context.Background()
-	ctx = notify.WithGroupKey(ctx, "test-group")
-	ctx = notify.WithReceiverName(ctx, "slack")
-	ctx = notify.WithGroupLabels(ctx, model.LabelSet{"alertname": "TestAlert", "severity": "critical"})
-	logger := slog.New(slog.DiscardHandler)
-	return New(tmpl, logger), ctx
-}
-
-func createAlert(labels, annotations map[string]string, isFiring bool) *types.Alert {
-	ls := model.LabelSet{}
-	for k, v := range labels {
-		ls[model.LabelName(k)] = model.LabelValue(v)
-	}
-	ann := model.LabelSet{}
-	for k, v := range annotations {
-		ann[model.LabelName(k)] = model.LabelValue(v)
-	}
-	startsAt := time.Now()
-	var endsAt time.Time
-	if isFiring {
-		endsAt = startsAt.Add(time.Hour)
-	} else {
-		startsAt = startsAt.Add(-2 * time.Hour)
-		endsAt = startsAt.Add(-time.Hour)
-	}
-	return &types.Alert{Alert: model.Alert{Labels: ls, Annotations: ann, StartsAt: startsAt, EndsAt: endsAt}}
-}
-
-func TestExpandTemplates(t *testing.T) {
-	at, ctx := testSetup(t)
-
-	tests := []struct {
-		name            string
-		alerts          []*types.Alert
-		input           TemplateInput
-		wantTitle       string
-		wantBody        string
-		wantMissingVars []string
-		errorContains   string
-	}{
-		{
-			// High request throughput on a service — service is a custom label.
-			// $labels.service extracts the label value; $annotations.description pulls the annotation.
-			name: "new template: high request throughput for a service",
-			alerts: []*types.Alert{
-				createAlert(
-					map[string]string{
-						ruletypes.LabelAlertName:    "HighRequestThroughput",
-						ruletypes.LabelSeverityName: "warning",
-						"service":                   "payment-service",
-					},
-					map[string]string{"description": "Request rate exceeded 10k/s"},
-					true,
-				),
-			},
-			input: TemplateInput{
-				TitleTemplate: "High request throughput for $service",
-				BodyTemplate: `The service $service is getting high request. Please investigate.
-Severity: $severity
-Status: $status
-Service: $service
-Description: $description`,
-			},
-			wantTitle: "High request throughput for payment-service",
-			wantBody: `The service payment-service is getting high request. Please investigate.
-Severity: warning
-Status: firing
-Service: payment-service
-Description: Request rate exceeded 10k/s`,
-		},
-		{
-			// Disk usage alert using old Go template syntax throughout.
-			// No custom templates — both title and body use the default fallback path.
-			name: "old template: disk usage high on database host",
-			alerts: []*types.Alert{
-				createAlert(
-					map[string]string{ruletypes.LabelAlertName: "DiskUsageHigh",
-						ruletypes.LabelSeverityName: "critical",
-						"instance":                  "db-primary-01",
-					},
-					map[string]string{
-						"summary":        "Disk usage high on database host",
-						"description":    "Disk usage is high on the database host",
-						"related_logs":   "https://logs.example.com/search?q=DiskUsageHigh",
-						"related_traces": "https://traces.example.com/search?q=DiskUsageHigh",
-					},
-					true,
-				),
-			},
-			input: TemplateInput{
-				DefaultTitleTemplate: `[{{ .Status | toUpper }}{{ if eq .Status "firing" }}:{{ .Alerts.Firing | len }}{{ end }}] {{ .CommonLabels.alertname }} for {{ .CommonLabels.job }}
-     {{- if gt (len .CommonLabels) (len .GroupLabels) -}}
-       {{" "}}(
-       {{- with .CommonLabels.Remove .GroupLabels.Names }}
-         {{- range $index, $label := .SortedPairs -}}
-           {{ if $index }}, {{ end }}
-           {{- $label.Name }}="{{ $label.Value -}}"
-         {{- end }}
-       {{- end -}}
-       )
-     {{- end }}`,
-				DefaultBodyTemplate: `{{ range .Alerts -}}
-     *Alert:* {{ .Labels.alertname }}{{ if .Labels.severity }} - {{ .Labels.severity }}{{ end }}
-
-     *Summary:* {{ .Annotations.summary }}
-     *Description:* {{ .Annotations.description }}
-     *RelatedLogs:* {{ if gt (len .Annotations.related_logs) 0 -}} View in <{{ .Annotations.related_logs }}|logs explorer> {{- end}}
-     *RelatedTraces:* {{ if gt (len .Annotations.related_traces) 0 -}} View in <{{ .Annotations.related_traces }}|traces explorer> {{- end}}
-
-     *Details:*
-       {{ range .Labels.SortedPairs }} • *{{ .Name }}:* {{ .Value }}
-       {{ end }}
-     {{ end }}`,
-			},
-			wantTitle: "[FIRING:1] DiskUsageHigh for  (instance=\"db-primary-01\")",
-			wantBody: `*Alert:* DiskUsageHigh - critical
-
-     *Summary:* Disk usage high on database host
-     *Description:* Disk usage is high on the database host
-     *RelatedLogs:* View in <https://logs.example.com/search?q=DiskUsageHigh|logs explorer>
-     *RelatedTraces:* View in <https://traces.example.com/search?q=DiskUsageHigh|traces explorer>
-
-     *Details:*
-        • *alertname:* DiskUsageHigh
-        • *instance:* db-primary-01
-        • *severity:* critical
-       
-     `,
-		},
-		{
-			// Pod crash loop on multiple pods — body is expanded once per alert
-			// and joined with "<br><br>", with the pod name pulled from labels.
-			name: "new template: pod crash loop on multiple pods, body per-alert",
-			alerts: []*types.Alert{
-				createAlert(map[string]string{ruletypes.LabelAlertName: "PodCrashLoop", "pod": "api-worker-1"}, nil, true),
-				createAlert(map[string]string{ruletypes.LabelAlertName: "PodCrashLoop", "pod": "api-worker-2"}, nil, true),
-				createAlert(map[string]string{ruletypes.LabelAlertName: "PodCrashLoop", "pod": "api-worker-3"}, nil, true),
-			},
-			input: TemplateInput{
-				TitleTemplate: "$rule_name: $total_firing pods affected",
-				BodyTemplate:  "$labels.pod is crash looping",
-			},
-			wantTitle: "PodCrashLoop: 3 pods affected",
-			wantBody:  "api-worker-1 is crash looping<br><br>api-worker-2 is crash looping<br><br>api-worker-3 is crash looping",
-		},
-		{
-			// Incident partially resolved — one service still down, one recovered.
-			// Title shows the aggregate counts; body shows per-service status.
-			name: "new template: service degradation with mixed firing and resolved alerts",
-			alerts: []*types.Alert{
-				createAlert(map[string]string{ruletypes.LabelAlertName: "ServiceDown", "service": "auth-service"}, nil, true),
-				createAlert(map[string]string{ruletypes.LabelAlertName: "ServiceDown", "service": "payment-service"}, nil, false),
-			},
-			input: TemplateInput{
-				TitleTemplate: "$total_firing firing, $total_resolved resolved",
-				BodyTemplate:  "$labels.service ($status)",
-			},
-			wantTitle: "1 firing, 1 resolved",
-			wantBody:  "auth-service (firing)<br><br>payment-service (resolved)",
-		},
-		{
-			// $environment is not a known AlertData or NotificationTemplateData field,
-			// so it lands in MissingVars and renders as "<no value>" in the output.
-			name: "missing vars: unknown $environment variable in title",
-			alerts: []*types.Alert{
-				createAlert(map[string]string{ruletypes.LabelAlertName: "HighCPU", ruletypes.LabelSeverityName: "critical"}, nil, true),
-			},
-			input: TemplateInput{
-				TitleTemplate: "[$environment] $rule_name",
-			},
-			wantTitle:       "[<no value>] HighCPU",
-			wantMissingVars: []string{"environment"},
-		},
-		{
-			// $runbook_url is not a known field — someone tried to embed a runbook link
-			// directly as a variable instead of via annotations.
-			name: "missing vars: unknown $runbook_url variable in body",
-			alerts: []*types.Alert{
-				createAlert(map[string]string{ruletypes.LabelAlertName: "PodOOMKilled", ruletypes.LabelSeverityName: "warning"}, nil, true),
-			},
-			input: TemplateInput{
-				BodyTemplate: "$rule_name: see runbook at $runbook_url",
-			},
-			wantBody:        "PodOOMKilled: see runbook at <no value>",
-			wantMissingVars: []string{"runbook_url"},
-		},
-		{
-			// Both title and body use unknown variables; MissingVars is the union of both.
-			name: "missing vars: unknown variables in both title and body",
-			alerts: []*types.Alert{
-				createAlert(map[string]string{ruletypes.LabelAlertName: "HighMemory", ruletypes.LabelSeverityName: "critical"}, nil, true),
-			},
-			input: TemplateInput{
-				TitleTemplate: "[$environment] $rule_name and [{{ $service }}]",
-				BodyTemplate:  "$rule_name: see runbook at $runbook_url",
-			},
-			wantTitle:       "[<no value>] HighMemory and [<no value>]",
-			wantBody:        "HighMemory: see runbook at <no value>",
-			wantMissingVars: []string{"environment", "runbook_url", "service"},
-		},
-		{
-			// Custom title template that expands to only whitespace triggers the fallback,
-			// so the default title template is used instead.
-			name: "fallback: whitespace-only custom title falls back to default",
-			alerts: []*types.Alert{
-				createAlert(map[string]string{ruletypes.LabelAlertName: "HighCPU", ruletypes.LabelSeverityName: "critical"}, nil, false),
-			},
-			input: TemplateInput{
-				TitleTemplate:        "   ",
-				DefaultTitleTemplate: "{{ .CommonLabels.alertname }} ({{ .Status | toUpper }})",
-				BodyTemplate:         "$rule_name ($severity) for $alertname",
-			},
-			wantTitle: "HighCPU (RESOLVED)",
-			wantBody:  "HighCPU (critical) for HighCPU",
-		},
-		{
-			name: "using non-existing function in template",
-			alerts: []*types.Alert{
-				createAlert(map[string]string{ruletypes.LabelAlertName: "HighCPU", ruletypes.LabelSeverityName: "critical"}, nil, true),
-			},
-			input: TemplateInput{
-				TitleTemplate: "$rule_name ({{$severity | toUpperAndTrim}}) for $alertname",
-			},
-			errorContains: "function \"toUpperAndTrim\" not defined",
-		},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			got, err := at.ProcessTemplates(ctx, tc.input, tc.alerts)
-			if tc.errorContains != "" {
-				require.ErrorContains(t, err, tc.errorContains)
-				return
-			}
-			require.NoError(t, err)
-
-			if tc.wantTitle != "" {
-				require.Equal(t, tc.wantTitle, got.Title)
-			}
-			if tc.wantBody != "" {
-				require.Equal(t, tc.wantBody, got.Body)
-			}
-
-			require.Len(t, got.MissingVars, len(tc.wantMissingVars))
-			for _, v := range tc.wantMissingVars {
-				require.True(t, got.MissingVars[v], "expected %q in MissingVars", v)
-			}
-		})
-	}
-}

pkg/alertmanager/alertmanagertemplate/preprocessor.go

@@ -1,242 +0,0 @@
-package alertmanagertemplate
-
-import (
-	"fmt"
-	"reflect"
-	"strings"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/go-viper/mapstructure/v2"
-)
-
-// fieldMapping represents a mapping from a JSON tag name to its struct field name.
-type fieldMapping struct {
-	VarName   string // JSON tag name (e.g., "receiver", "rule_name")
-	FieldName string // Struct field name (e.g., "Receiver", "AlertName")
-}
-
-// extractFieldMappings uses reflection to extract field mappings from a struct.
-func extractFieldMappings(data any) []fieldMapping {
-	val := reflect.ValueOf(data)
-	// Handle pointer types
-	if val.Kind() == reflect.Ptr {
-		if val.IsNil() {
-			return nil
-		}
-		val = val.Elem()
-	}
-	// return nil if the given data is not a struct
-	if val.Kind() != reflect.Struct {
-		return nil
-	}
-	typ := val.Type()
-
-	var mappings []fieldMapping
-	for i := 0; i < typ.NumField(); i++ {
-		field := typ.Field(i)
-		// Skip unexported fields
-		if !field.IsExported() {
-			continue
-		}
-		// Get JSON tag name
-		jsonTag := field.Tag.Get("json")
-		if jsonTag == "" || jsonTag == "-" {
-			continue
-		}
-		// Extract the name part (before any comma options like omitempty)
-		varName := strings.Split(jsonTag, ",")[0]
-		if varName == "" {
-			continue
-		}
-		varFieldName := field.Tag.Get("mapstructure")
-		if varFieldName == "" {
-			varFieldName = field.Name
-		}
-		// Skip complex types: slices and interfaces
-		kind := field.Type.Kind()
-		if kind == reflect.Slice || kind == reflect.Interface {
-			continue
-		}
-		// For struct types, we skip all but with few exceptions like time.Time
-		if kind == reflect.Struct {
-			// Allow time.Time which is commonly used
-			if field.Type.String() != "time.Time" {
-				continue
-			}
-		}
-
-		mappings = append(mappings, fieldMapping{
-			VarName:   varName,
-			FieldName: varFieldName,
-		})
-	}
-
-	return mappings
-}
-
-// extractNestedFieldsDefinitions adds the labels and annotations keys from the data struct to the template variable definitions
-// it takes the known data struct and extracts the labels and annotations maps and adds their keys to template variable definitions to be used in the template
-func extractNestedFieldsDefinitions(data any) map[string]string {
-	variables := make(map[string]string)
-
-	addLabelsAndAnnotations := func(labels, annotations map[string]string) {
-		for k := range annotations {
-			variables[k] = fmt.Sprintf("index .annotations \"%s\"", k)
-		}
-		for k := range labels {
-			variables[k] = fmt.Sprintf("index .labels \"%s\"", k)
-		}
-	}
-
-	switch data := data.(type) {
-	case *NotificationTemplateData:
-		addLabelsAndAnnotations(data.Labels, data.Annotations)
-	case *AlertData:
-		addLabelsAndAnnotations(data.Labels, data.Annotations)
-	default:
-		return variables
-	}
-
-	return variables
-}
-
-// prepareDataForTemplating prepares the data for templating by adding the labels and annotations values to the resulting map
-// so they can be accessed directly from root level, the predefined values takes precedence over the labels and annotations values
-// for example, if labels has a value called rule_name, which collides with the rule_name field in the data struct, the value from the data struct will take precedence
-func prepareDataForTemplating(data any) (map[string]interface{}, error) {
-	var result map[string]interface{}
-	if err := mapstructure.Decode(data, &result); err != nil {
-		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "failed to prepare data for templating")
-	}
-
-	addLabelsAndAnnotationsValues := func(labels, annotations map[string]string) {
-		for k, v := range labels {
-			if _, ok := result[k]; !ok {
-				result[k] = v
-			}
-		}
-		for k, v := range annotations {
-			if _, ok := result[k]; !ok {
-				result[k] = v
-			}
-		}
-	}
-
-	switch data := data.(type) {
-	case *NotificationTemplateData:
-		addLabelsAndAnnotationsValues(data.Labels, data.Annotations)
-	case *AlertData:
-		addLabelsAndAnnotationsValues(data.Labels, data.Annotations)
-	default:
-		return result, nil
-	}
-
-	return result, nil
-}
-
-// generateVariableDefinitions creates `{{ $varname := "" }}` declarations for each variable name.
-func generateVariableDefinitions(varNames map[string]string) string {
-	if len(varNames) == 0 {
-		return ""
-	}
-	var sb strings.Builder
-	for name := range varNames {
-		fmt.Fprintf(&sb, `{{ $%s := %s }}`, name, varNames[name])
-	}
-	return sb.String()
-}
-
-// buildVariableDefinitions constructs the full variable definition preamble for a template.
-// containing all known and unknown variables, the reason to include unknown variables is to
-// populate them with "<no value>" in template so go-text-template don't throw errors
-// when these variables are used in the template.
-func buildVariableDefinitions(tmpl string, data any) (string, map[string]bool, error) {
-	// Extract the initial fields from the data struct and add to the definitions
-	mappings := extractFieldMappings(data)
-
-	// Add variables from struct root level fields to the definitions
-	variables := make(map[string]string)
-	for _, m := range mappings {
-		variables[m.VarName] = fmt.Sprintf(".%s", m.FieldName)
-	}
-
-	// Extract the nested fields definitions from the data struct, like labels, annotations, etc.
-	// once extracted we add them to the variables map along with the field address
-	nestedVariables := extractNestedFieldsDefinitions(data)
-	for k, v := range nestedVariables {
-		variables[k] = v
-	}
-
-	// variables that are used throughout the template
-	usedVars, err := ExtractUsedVariables(tmpl)
-	if err != nil {
-		return "", nil, err
-	}
-
-	// Compute unknown variables: used in template but not covered by a field mapping
-	probableUnknownVars := make(map[string]bool)
-	for name := range usedVars {
-		_, ok := variables[name]
-		if !ok {
-			probableUnknownVars[name] = true
-		}
-	}
-
-	// Add missing variables to the definitions with "<no value>"
-	// missingkey=zero is used to replace the missing value with "<no value>"
-	// but it only works when getting map values like {{ .keyfrommap }} from map and in struct this breaks
-	// with missing variable errors, we add missing variables in map so when directly variables
-	// are accessed directly in template block like {{ $variable }} it's handled and doesn't throw errors.
-	for name := range probableUnknownVars {
-		variables[name] = `"<no value>"`
-	}
-
-	return generateVariableDefinitions(variables), probableUnknownVars, nil
-}
-
-type ProcessingResult struct {
-	Template string
-	Data     map[string]interface{}
-	// UnknownVars is the set of possible unknown variables exptracted using regex
-	UnknownVars map[string]bool
-}
-
-// PreProcessTemplateAndData prepares a template string and struct data for Go template execution.
-//
-//	Input:  "$receiver has $rule_name in $status state"
-//	Output: "{{ $receiver := .Receiver }}...{{ $receiver }} has {{ $rule_name }} in {{ $status }} state"
-func PreProcessTemplateAndData(tmpl string, data any) (*ProcessingResult, error) {
-	// Handle empty template
-	unknownVars := make(map[string]bool)
-	if tmpl == "" {
-		result, err := prepareDataForTemplating(data)
-		if err != nil {
-			return nil, err
-		}
-		return &ProcessingResult{Data: result, UnknownVars: unknownVars}, nil
-	}
-
-	// Build variable definitions: known struct fields + fallback empty-string declarations
-	definitions, unknownVars, err := buildVariableDefinitions(tmpl, data)
-	if err != nil {
-		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "failed to build template definitions")
-	}
-
-	// Attach definitions prefix so WrapDollarVariables can parse the AST without "undefined variable" errors.
-	finalTmpl := definitions + tmpl
-
-	// Call WrapDollarVariables to transform bare $variable references to go-text-template format
-	// with {{ $variable }} syntax from $variable syntax
-	wrappedTmpl, err := WrapDollarVariables(finalTmpl)
-	if err != nil {
-		return nil, errors.WrapInvalidInputf(err, errors.CodeInvalidInput, "failed to prepare template for templating")
-	}
-
-	// Convert struct to map using mapstructure to be used for template execution
-	result, err := prepareDataForTemplating(data)
-	if err != nil {
-		return nil, err
-	}
-
-	return &ProcessingResult{Template: wrappedTmpl, Data: result, UnknownVars: unknownVars}, nil
-}

pkg/alertmanager/alertmanagertemplate/preprocessor_test.go

@@ -1,316 +0,0 @@
-package alertmanagertemplate
-
-import (
-	"testing"
-	"time"
-
-	"github.com/prometheus/alertmanager/template"
-	"github.com/stretchr/testify/require"
-)
-
-func TestExtractFieldMappings(t *testing.T) {
-	// Struct with various field types to test extraction logic
-	type TestStruct struct {
-		Name            string    `json:"name"`
-		Status          string    `json:"status"`
-		ActiveUserCount int       `json:"user_count" mapstructure:"active_user_count"`
-		IsActive        bool      `json:"is_active"`
-		CreatedAt       time.Time `json:"created_at"` // time.Time allowed
-		Items           []string  `json:"items"`      // slice skipped
-		unexported      string    // unexported skipped (no tag needed)
-		NoTag           string    // no json tag skipped
-		SkippedTag      string    `json:"-"` // json:"-" skipped
-	}
-
-	testCases := []struct {
-		name     string
-		data     any
-		expected []fieldMapping
-	}{
-		{
-			name: "struct with mixed field types",
-			data: TestStruct{Name: "test", ActiveUserCount: 5, unexported: ""},
-			expected: []fieldMapping{
-				{VarName: "name", FieldName: "Name"},
-				{VarName: "status", FieldName: "Status"},
-				{VarName: "user_count", FieldName: "active_user_count"},
-				{VarName: "is_active", FieldName: "IsActive"},
-				{VarName: "created_at", FieldName: "CreatedAt"},
-			},
-		},
-		{
-			name:     "nil data",
-			data:     nil,
-			expected: nil,
-		},
-		{
-			name:     "non-struct type",
-			data:     "string",
-			expected: nil,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result := extractFieldMappings(tc.data)
-			require.Equal(t, tc.expected, result)
-		})
-	}
-}
-
-func TestBuildVariableDefinitions(t *testing.T) {
-	testCases := []struct {
-		name         string
-		tmpl         string
-		data         any
-		expectedVars []string // substrings that must appear in result
-		expectError  bool
-	}{
-		{
-			name: "empty template still returns struct field definitions",
-			tmpl: "",
-			data: &NotificationTemplateData{Receiver: "test"},
-			expectedVars: []string{
-				"{{ $receiver := .receiver }}",
-				"{{ $status := .status }}",
-			},
-		},
-		{
-			name: "mix of known and unknown vars",
-			tmpl: "$rule_name: $custom_label",
-			data: &AlertData{AlertName: "test", Status: "ok", Severity: "critical"},
-			expectedVars: []string{
-				"{{ $rule_name := .rule_name }}",
-				"{{ $status := .status }}",
-				"{{ $severity := .severity }}",
-				`{{ $custom_label := "<no value>" }}`,
-			},
-		},
-		{
-			name: "nested fields definitions coming from NotificationTemplateData",
-			tmpl: "$severity for $service",
-			data: &NotificationTemplateData{Labels: template.KV{
-				"severity": "critical",
-				"service":  "test",
-			}},
-			expectedVars: []string{
-				"{{ $severity := index .labels \"severity\" }}",
-				"{{ $service := index .labels \"service\" }}",
-			},
-		},
-		{
-			name: "nested fields definitions coming from AlertData",
-			tmpl: "$severity for $service",
-			data: &AlertData{Labels: template.KV{
-				"severity": "critical",
-				"service":  "test",
-			}},
-			expectedVars: []string{
-				"{{ $severity := index .labels \"severity\" }}",
-				"{{ $service := index .labels \"service\" }}",
-			},
-		},
-		{
-			name:        "invalid template syntax returns error",
-			tmpl:        "{{invalid",
-			data:        &NotificationTemplateData{},
-			expectError: true,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result, _, err := buildVariableDefinitions(tc.tmpl, tc.data)
-			if tc.expectError {
-				require.Error(t, err)
-				return
-			}
-			require.NoError(t, err)
-			if len(tc.expectedVars) == 0 {
-				require.Empty(t, result)
-				return
-			}
-			for _, expected := range tc.expectedVars {
-				require.Contains(t, result, expected)
-			}
-		})
-	}
-}
-
-func TestPreProcessTemplateAndData(t *testing.T) {
-	testCases := []struct {
-		name                     string
-		tmpl                     string
-		data                     any
-		expectedTemplateContains []string
-		expectedData             map[string]any
-		expectedUnknownVars      map[string]bool
-		expectError              bool
-	}{
-		{
-			name: "NotificationTemplateData with dollar variables",
-			tmpl: "[$status] $rule_name (ID: $rule_id) - Firing: $total_firing, Resolved: $total_resolved, Severity: $severity",
-			data: &NotificationTemplateData{
-				Receiver:  "pagerduty",
-				Status:    "firing",
-				AlertName: "HighMemory",
-				RuleID:    "rule-123",
-				Labels: template.KV{
-					"severity": "critical",
-				},
-				TotalFiring:   3,
-				TotalResolved: 1,
-			},
-			expectedTemplateContains: []string{
-				"{{$status := .status}}",
-				"{{$rule_name := .rule_name}}",
-				"{{$rule_id := .rule_id}}",
-				"{{$total_firing := .total_firing}}",
-				"{{$total_resolved := .total_resolved}}",
-				"{{$severity := index .labels \"severity\"}}",
-				"[{{ .status }}] {{ .rule_name }} (ID: {{ .rule_id }}) - Firing: {{ .total_firing }}, Resolved: {{ .total_resolved }}",
-			},
-			expectedData: map[string]any{
-				"status":         "firing",
-				"rule_name":      "HighMemory",
-				"rule_id":        "rule-123",
-				"total_firing":   3,
-				"total_resolved": 1,
-				"severity":       "critical",
-			},
-			expectedUnknownVars: map[string]bool{},
-		},
-		{
-			name: "AlertData with dollar variables",
-			tmpl: "$rule_name: Value $value exceeded $threshold (Status: $status, Severity: $severity, Description: $description)",
-			data: &AlertData{
-				Receiver:  "webhook",
-				Status:    "resolved",
-				AlertName: "DiskFull",
-				RuleID:    "disk-001",
-				Severity:  "warning",
-				Annotations: template.KV{
-					"description": "Disk full and cannot be written to",
-				},
-				Value:      "85%",
-				Threshold:  "80%",
-				IsFiring:   false,
-				IsResolved: true,
-			},
-			expectedTemplateContains: []string{
-				"{{$rule_name := .rule_name}}",
-				"{{$value := .value}}",
-				"{{$threshold := .threshold}}",
-				"{{$status := .status}}",
-				"{{$severity := .severity}}",
-				"{{$description := index .annotations \"description\"}}",
-				"{{ .rule_name }}: Value {{ .value }} exceeded {{ .threshold }} (Status: {{ .status }}, Severity: {{ .severity }}, Description: {{ .description }})",
-			},
-			expectedData: map[string]any{
-				"status":      "resolved",
-				"rule_name":   "DiskFull",
-				"rule_id":     "disk-001",
-				"severity":    "warning",
-				"value":       "85%",
-				"threshold":   "80%",
-				"description": "Disk full and cannot be written to",
-			},
-			expectedUnknownVars: map[string]bool{},
-		},
-		{
-			name: "mixed dollar and dot notation with both labels and annotations",
-			tmpl: "Alert $rule_name has {{.total_firing}} firing alerts",
-			data: &NotificationTemplateData{
-				AlertName:   "HighCPU",
-				TotalFiring: 5,
-				Labels: template.KV{
-					"value": "<MASKED VALUE>",
-				},
-				Annotations: template.KV{
-					"value": "85%",
-				},
-			},
-			expectedTemplateContains: []string{
-				"{{$rule_name := .rule_name}}",
-				"{{$value := index .labels \"value\"}}",
-				"Alert {{ .rule_name }} has {{.total_firing}} firing alerts",
-			},
-			expectedData: map[string]any{
-				"rule_name":    "HighCPU",
-				"total_firing": 5,
-				"value":        "<MASKED VALUE>",
-			},
-			expectedUnknownVars: map[string]bool{},
-		},
-		{
-			name: "empty template",
-			tmpl: "",
-			data: &NotificationTemplateData{Receiver: "slack"},
-		},
-		{
-			name:        "invalid template syntax",
-			tmpl:        "{{invalid",
-			data:        &NotificationTemplateData{},
-			expectError: true,
-		},
-		{
-			name: "unknown dollar var in text renders empty",
-			tmpl: "alert $custom_note fired",
-			data: &NotificationTemplateData{AlertName: "HighCPU"},
-			expectedTemplateContains: []string{
-				`{{$custom_note := "<no value>"}}`,
-				"alert {{ .custom_note }} fired",
-			},
-			expectedUnknownVars: map[string]bool{"custom_note": true},
-		},
-		{
-			name: "unknown dollar var in action block renders empty",
-			tmpl: "alert {{ $custom_note }} fired",
-			data: &NotificationTemplateData{AlertName: "HighCPU"},
-			expectedTemplateContains: []string{
-				`{{$custom_note := "<no value>"}}`,
-				`alert {{$custom_note}} fired`,
-			},
-			expectedUnknownVars: map[string]bool{"custom_note": true},
-		},
-		{
-			name: "mix of known and unknown vars",
-			tmpl: "$rule_name: $custom_label",
-			data: &NotificationTemplateData{AlertName: "HighCPU"},
-			expectedTemplateContains: []string{
-				"{{$rule_name := .rule_name}}",
-				`{{$custom_label := "<no value>"}}`,
-				"{{ .rule_name }}: {{ .custom_label }}",
-			},
-			expectedData:        map[string]any{"rule_name": "HighCPU"},
-			expectedUnknownVars: map[string]bool{"custom_label": true},
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result, err := PreProcessTemplateAndData(tc.tmpl, tc.data)
-
-			if tc.expectError {
-				require.Error(t, err)
-				return
-			}
-			require.NoError(t, err)
-
-			if tc.tmpl == "" {
-				require.Equal(t, "", result.Template)
-				return
-			}
-
-			for _, substr := range tc.expectedTemplateContains {
-				require.Contains(t, result.Template, substr)
-			}
-			for k, v := range tc.expectedData {
-				require.Equal(t, v, result.Data[k])
-			}
-			if tc.expectedUnknownVars != nil {
-				require.Equal(t, tc.expectedUnknownVars, result.UnknownVars)
-			}
-		})
-	}
-}

pkg/alertmanager/alertmanagertemplate/types.go

@@ -1,86 +0,0 @@
-package alertmanagertemplate
-
-import (
-	"time"
-
-	"github.com/prometheus/alertmanager/template"
-)
-
-// TemplateInput carries the title/body templates
-// and their defaults to apply in case the custom templates
-// are result in empty strings.
-type TemplateInput struct {
-	TitleTemplate        string
-	BodyTemplate         string
-	DefaultTitleTemplate string
-	DefaultBodyTemplate  string
-}
-
-// ExpandedTemplates is the result of ExpandTemplates.
-type ExpandedTemplates struct {
-	Title       string
-	Body        string
-	MissingVars map[string]bool // union of unknown vars from title + body templates
-}
-
-// AlertData holds per-alert data used when expanding body templates
-type AlertData struct {
-	Receiver     string      `json:"receiver" mapstructure:"receiver"`
-	Status       string      `json:"status" mapstructure:"status"`
-	Labels       template.KV `json:"labels" mapstructure:"labels"`
-	Annotations  template.KV `json:"annotations" mapstructure:"annotations"`
-	StartsAt     time.Time   `json:"starts_at" mapstructure:"starts_at"`
-	EndsAt       time.Time   `json:"ends_at" mapstructure:"ends_at"`
-	GeneratorURL string      `json:"generator_url" mapstructure:"generator_url"`
-	Fingerprint  string      `json:"fingerprint" mapstructure:"fingerprint"`
-
-	// Convenience fields extracted from well-known labels/annotations.
-	AlertName string `json:"rule_name" mapstructure:"rule_name"`
-	RuleID    string `json:"rule_id" mapstructure:"rule_id"`
-	RuleLink  string `json:"rule_link" mapstructure:"rule_link"`
-	Severity  string `json:"severity" mapstructure:"severity"`
-
-	// Alert internal data fields
-	Value     string `json:"value" mapstructure:"value"`
-	Threshold string `json:"threshold" mapstructure:"threshold"`
-	CompareOp string `json:"compare_op" mapstructure:"compare_op"`
-	MatchType string `json:"match_type" mapstructure:"match_type"`
-
-	// Link annotations added by the rule evaluator.
-	LogLink   string `json:"log_link" mapstructure:"log_link"`
-	TraceLink string `json:"trace_link" mapstructure:"trace_link"`
-
-	// Status booleans for easy conditional templating.
-	IsFiring      bool `json:"is_firing" mapstructure:"is_firing"`
-	IsResolved    bool `json:"is_resolved" mapstructure:"is_resolved"`
-	IsMissingData bool `json:"is_missing_data" mapstructure:"is_missing_data"`
-	IsRecovering  bool `json:"is_recovering" mapstructure:"is_recovering"`
-}
-
-// NotificationTemplateData is the top-level data struct provided to custom templates.
-type NotificationTemplateData struct {
-	Receiver string `json:"receiver" mapstructure:"receiver"`
-	Status   string `json:"status" mapstructure:"status"`
-
-	// Convenience fields for title templates.
-	AlertName     string `json:"rule_name" mapstructure:"rule_name"`
-	RuleID        string `json:"rule_id" mapstructure:"rule_id"`
-	RuleLink      string `json:"rule_link" mapstructure:"rule_link"`
-	TotalFiring   int    `json:"total_firing" mapstructure:"total_firing"`
-	TotalResolved int    `json:"total_resolved" mapstructure:"total_resolved"`
-
-	// Per-alert data, also available as filtered sub-slices.
-	Alerts []AlertData `json:"-" mapstructure:"-"`
-
-	// Cross-alert aggregates, computed as intersection across all alerts.
-	GroupLabels       template.KV `json:"group_labels" mapstructure:"group_labels"`
-	CommonLabels      template.KV `json:"common_labels" mapstructure:"common_labels"`
-	CommonAnnotations template.KV `json:"common_annotations" mapstructure:"common_annotations"`
-	ExternalURL       string      `json:"external_url" mapstructure:"external_url"`
-	// Labels and Annotations that are collection of labels
-	// and annotations from all alerts, it includes only the common labels and annotations
-	// and for non-common labels and annotations, it picks some first few labels/annotations
-	// and joins them with ", " to avoid blank values in the template
-	Labels      template.KV `json:"labels" mapstructure:"labels"`
-	Annotations template.KV `json:"annotations" mapstructure:"annotations"`
-}

pkg/alertmanager/alertmanagertemplate/utils.go

@@ -1,234 +0,0 @@
-package alertmanagertemplate
-
-import (
-	"fmt"
-	"reflect"
-	"regexp"
-	"strings"
-	"text/template/parse"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-	"github.com/prometheus/common/model"
-)
-
-// maxAggregatedValues is the maximum number of unique values to include
-// when aggregating non-common label/annotation values across alerts.
-const maxAggregatedValues = 5
-
-// bareVariableRegex matches bare $variable references including dotted paths like $service.name.
-var bareVariableRegex = regexp.MustCompile(`\$(\w+(?:\.\w+)*)`)
-
-// bareVariableRegexFirstSeg matches only the base $variable name, stopping before any dotted path.
-// e.g. "$labels.severity" matches "$labels", "$name" matches "$name".
-var bareVariableRegexFirstSeg = regexp.MustCompile(`\$\w+`)
-
-// ExtractTemplatesFromAnnotations computes the common annotations across all alerts
-// and returns the values for the title_template and body_template annotation keys as title and body templates.
-func ExtractTemplatesFromAnnotations(alerts []*types.Alert) (titleTemplate, bodyTemplate string) {
-	if len(alerts) == 0 {
-		return "", ""
-	}
-
-	commonAnnotations := extractCommonKV(alerts, func(a *types.Alert) model.LabelSet { return a.Annotations })
-	return commonAnnotations[ruletypes.AnnotationTitleTemplate], commonAnnotations[ruletypes.AnnotationBodyTemplate]
-}
-
-// WrapDollarVariables wraps bare $variable references in Go template syntax.
-// Example transformations:
-//   - "$name is $status" -> "{{ $name }} is {{ $status }}"
-//   - "$labels.severity" -> "{{ index .labels \"severity\" }}"
-//   - "$labels.http.status" -> "{{ index .labels \"http.status\" }}"
-//   - "$annotations.summary" -> "{{ index .annotations \"summary\" }}"
-//   - "$service.name" -> "{{ index . \"service.name\" }}"
-//   - "$name is {{ .Status }}" -> "{{ $name }} is {{ .Status }}"
-func WrapDollarVariables(src string) (string, error) {
-	if src == "" {
-		return src, nil
-	}
-
-	funcMap := alertmanagertypes.AdditionalFuncMap()
-	// Create a new parse.Tree directly
-	tree := parse.New("template")
-	tree.Mode = parse.SkipFuncCheck
-
-	// Parse the template
-	_, err := tree.Parse(src, "{{", "}}", make(map[string]*parse.Tree), funcMap)
-	if err != nil {
-		return "", err
-	}
-
-	// Walk the AST and transform TextNodes
-	walkAndWrapTextNodes(tree.Root)
-
-	// Return the reassembled template
-	return tree.Root.String(), nil
-}
-
-// walkAndWrapTextNodes recursively walks the parse tree trying to find a text node
-// once text node is found it wraps the bare $variable and changes it to index based
-// element access form datamap like .key or .key.subkey
-func walkAndWrapTextNodes(node parse.Node) {
-	if reflect.ValueOf(node).IsNil() {
-		return
-	}
-
-	switch n := node.(type) {
-	// `$name is {{.Status}}` is a list node with one text and one action node
-	case *parse.ListNode:
-		// Recurse into all child nodes
-		if n.Nodes != nil {
-			for _, child := range n.Nodes {
-				walkAndWrapTextNodes(child)
-			}
-		}
-
-	// `$name is ` is a text node with plain text in root
-	// we try to find the $name variable and wrap it with template block
-	// like `{{ .name }}`, for labels and annotations we use the index to access the value
-	// so `$labels.service` becomes `{{ index .labels "service" }}`
-	case *parse.TextNode:
-		// Transform $variable based on its pattern
-		n.Text = bareVariableRegex.ReplaceAllFunc(n.Text, func(match []byte) []byte {
-			// Extract variable name without the $
-			varName := string(match[1:])
-
-			// Check if variable contains dots
-			if strings.Contains(varName, ".") {
-				// Check for reserved prefixes: labels.* or annotations.*
-				if strings.HasPrefix(varName, "labels.") {
-					key := strings.TrimPrefix(varName, "labels.")
-					return []byte(fmt.Sprintf(`{{ index .labels "%s" }}`, key))
-				}
-				if strings.HasPrefix(varName, "annotations.") {
-					key := strings.TrimPrefix(varName, "annotations.")
-					return []byte(fmt.Sprintf(`{{ index .annotations "%s" }}`, key))
-				}
-				// Other dotted variables: index into root context
-				return []byte(fmt.Sprintf(`{{ index . "%s" }}`, varName))
-			}
-
-			// Simple variables: use dot notation to directly access the field
-			// without raising any error due to missing variables
-			return []byte(fmt.Sprintf("{{ .%s }}", varName))
-		})
-
-	// `{{if pipeline}} T1 {{else}} T0 {{end}}` is a if node with T1 part of List and T0 part of ElseList
-	case *parse.IfNode:
-		// Recurse into both branches
-		walkAndWrapTextNodes(n.List)
-		walkAndWrapTextNodes(n.ElseList)
-
-	// `{{range pipeline}} T1 {{else}} T0 {{end}}` is a range node with T1 part of List and T0 part of ElseList
-	case *parse.RangeNode:
-		// Recurse into both branches
-		walkAndWrapTextNodes(n.List)
-		walkAndWrapTextNodes(n.ElseList)
-
-		// All other node types (ActionNode, PipeNode, VariableNode, etc.) are already
-		// inside {{ }} action blocks and don't need transformation
-
-		// Support for `with` can be added later when we start supporting it in editor block
-	}
-}
-
-// ExtractUsedVariables returns the set of all $variable referenced in template
-// — text nodes, action blocks, branch conditions, and loop declarations — regardless of scope.
-// After finding all variables we find the ones which are not part of our alert data and handle them so
-// Go-text-template parser doesn't rejects undefined $variables
-func ExtractUsedVariables(src string) (map[string]bool, error) {
-	if src == "" {
-		return map[string]bool{}, nil
-	}
-
-	// Regex-scan raw template string to collect all $var base names.
-	// bareVariableRegexFirstSeg stops before dots, so "$labels.severity" yields "$labels".
-	used := make(map[string]bool)
-	for _, m := range bareVariableRegexFirstSeg.FindAll([]byte(src), -1) {
-		used[string(m[1:])] = true // strip leading "$"
-	}
-
-	// Build a preamble that pre-declares every found variable.
-	// This prevents "undefined variable" parse errors for $vars used in action
-	// blocks while still letting genuine syntax errors propagate.
-	var preamble strings.Builder
-	for name := range used {
-		fmt.Fprintf(&preamble, `{{$%s := ""}}`, name)
-	}
-
-	// Validate template syntax.
-	funcMap := alertmanagertypes.AdditionalFuncMap()
-	tree := parse.New("template")
-	tree.Mode = parse.SkipFuncCheck
-	if _, err := tree.Parse(preamble.String()+src, "{{", "}}", make(map[string]*parse.Tree), funcMap); err != nil {
-		return nil, errors.WrapInvalidInputf(err, errors.CodeInternal, "failed to extract used variables")
-	}
-
-	return used, nil
-}
-
-// aggregateKV aggregates key-value pairs (labels or annotations) from all alerts into a single template.KV
-// the result is used to populate the labels and annotations in the notification template data.
-// this is done to avoid blank values in the template when labels and annotations used are not common throughout the alerts
-func aggregateKV(alerts []*types.Alert, extractFn func(*types.Alert) model.LabelSet) template.KV {
-	// track unique values per key in order of first appearance
-	valuesPerKey := make(map[string][]string)
-	// track which values have been seen for deduplication
-	seenValues := make(map[string]map[string]bool)
-
-	for _, alert := range alerts {
-		kvPairs := extractFn(alert)
-		for k, v := range kvPairs {
-			key := string(k)
-			value := string(v)
-
-			if seenValues[key] == nil {
-				seenValues[key] = make(map[string]bool)
-			}
-
-			// only add if not already seen and under the limit of maxAggregatedValues
-			if !seenValues[key][value] && len(valuesPerKey[key]) < maxAggregatedValues {
-				seenValues[key][value] = true
-				valuesPerKey[key] = append(valuesPerKey[key], value)
-			}
-		}
-	}
-
-	// build the result by joining values
-	result := make(template.KV, len(valuesPerKey))
-	for key, values := range valuesPerKey {
-		result[key] = strings.Join(values, ", ")
-	}
-
-	return result
-}
-
-// extractCommonKV returns the intersection of key-value pairs across all alerts.
-// A key/value pair is included only if it appears identically on every alert.
-func extractCommonKV(alerts []*types.Alert, extractFn func(*types.Alert) model.LabelSet) template.KV {
-	if len(alerts) == 0 {
-		return template.KV{}
-	}
-
-	common := make(template.KV, len(extractFn(alerts[0])))
-	for k, v := range extractFn(alerts[0]) {
-		common[string(k)] = string(v)
-	}
-
-	for _, a := range alerts[1:] {
-		kv := extractFn(a)
-		for k := range common {
-			if string(kv[model.LabelName(k)]) != common[k] {
-				delete(common, k)
-			}
-		}
-		if len(common) == 0 {
-			break
-		}
-	}
-
-	return common
-}

pkg/alertmanager/alertmanagertemplate/utils_test.go

@@ -1,348 +0,0 @@
-package alertmanagertemplate
-
-import (
-	"testing"
-
-	"github.com/prometheus/alertmanager/template"
-	"github.com/prometheus/alertmanager/types"
-	"github.com/prometheus/common/model"
-	"github.com/stretchr/testify/require"
-)
-
-func TestWrapBareVars(t *testing.T) {
-	testCases := []struct {
-		name        string
-		input       string
-		expected    string
-		expectError bool
-	}{
-		{
-			name:     "mixed variables with actions",
-			input:    "$name is {{.Status}}",
-			expected: "{{ .name }} is {{.Status}}",
-		},
-		{
-			name: "nested variables in range",
-			input: `{{range .items}}
-				$title
-				{{end}}`,
-			expected: `{{range .items}}
-				{{ .title }}
-				{{end}}`,
-		},
-		{
-			name:     "nested variables in if else",
-			input:    "{{if .ok}}$a{{else}}$b{{end}}",
-			expected: "{{if .ok}}{{ .a }}{{else}}{{ .b }}{{end}}",
-		},
-		// Labels prefix: index into .labels map
-		{
-			name:     "labels variables prefix simple",
-			input:    "$labels.service",
-			expected: `{{ index .labels "service" }}`,
-		},
-		{
-			name:     "labels variables prefix nested with multiple dots",
-			input:    "$labels.http.status",
-			expected: `{{ index .labels "http.status" }}`,
-		},
-		{
-			name:     "multiple labels variables simple and nested",
-			input:    "$labels.service and $labels.instance.id",
-			expected: `{{ index .labels "service" }} and {{ index .labels "instance.id" }}`,
-		},
-		// Annotations prefix: index into .annotations map
-		{
-			name:     "annotations variables prefix simple",
-			input:    "$annotations.summary",
-			expected: `{{ index .annotations "summary" }}`,
-		},
-		{
-			name:     "annotations variables prefix nested with multiple dots",
-			input:    "$annotations.alert.url",
-			expected: `{{ index .annotations "alert.url" }}`,
-		},
-		// Other dotted paths: index into root context
-		{
-			name:     "other variables with multiple dots",
-			input:    "$service.name",
-			expected: `{{ index . "service.name" }}`,
-		},
-		{
-			name:     "other variables with multiple dots nested",
-			input:    "$http.status.code",
-			expected: `{{ index . "http.status.code" }}`,
-		},
-		// Hybrid: all types combined
-		{
-			name:     "hybrid - all variables types",
-			input:    "Alert: $alert_name Labels: $labels.severity Annotations: $annotations.desc Service: $service.name Count: $error_count",
-			expected: `Alert: {{ .alert_name }} Labels: {{ index .labels "severity" }} Annotations: {{ index .annotations "desc" }} Service: {{ index . "service.name" }} Count: {{ .error_count }}`,
-		},
-		{
-			name:     "already wrapped should not be changed",
-			input:    "{{$status := .status}}{{.name}} is {{$status | toUpper}}",
-			expected: "{{$status := .status}}{{.name}} is {{$status | toUpper}}",
-		},
-		{
-			name:     "no variables should not be changed",
-			input:    "Hello world",
-			expected: "Hello world",
-		},
-		{
-			name:     "empty string",
-			input:    "",
-			expected: "",
-		},
-		{
-			name:     "deeply nested",
-			input:    "{{range .items}}{{if .ok}}$deep{{end}}{{end}}",
-			expected: "{{range .items}}{{if .ok}}{{ .deep }}{{end}}{{end}}",
-		},
-		{
-			name: "complex example",
-			input: `Hello $name, your score is $score.
-				{{if .isAdmin}}
-					Welcome back $name, you have {{.unreadCount}} messages.
-				{{end}}`,
-			expected: `Hello {{ .name }}, your score is {{ .score }}.
-				{{if .isAdmin}}
-					Welcome back {{ .name }}, you have {{.unreadCount}} messages.
-				{{end}}`,
-		},
-		{
-			name:     "with custom function",
-			input:    "$name triggered at {{urlescape .url}}",
-			expected: "{{ .name }} triggered at {{urlescape .url}}",
-		},
-		{
-			name:        "invalid template",
-			input:       "{{invalid",
-			expectError: true,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result, err := WrapDollarVariables(tc.input)
-
-			if tc.expectError {
-				require.Error(t, err, "should error on invalid template syntax")
-			} else {
-				require.NoError(t, err)
-				require.Equal(t, tc.expected, result)
-			}
-		})
-	}
-}
-
-func TestExtractUsedVariables(t *testing.T) {
-	testCases := []struct {
-		name        string
-		input       string
-		expected    map[string]bool
-		expectError bool
-	}{
-		{
-			name:     "simple usage in text",
-			input:    "$name is $status",
-			expected: map[string]bool{"name": true, "status": true},
-		},
-		{
-			name:     "declared in action block",
-			input:    "{{ $name := .name }}",
-			expected: map[string]bool{"name": true},
-		},
-		{
-			name:     "range loop vars",
-			input:    "{{ range $i, $v := .items }}{{ end }}",
-			expected: map[string]bool{"i": true, "v": true},
-		},
-		{
-			name:     "mixed text and action",
-			input:    "$x and {{ $y }}",
-			expected: map[string]bool{"x": true, "y": true},
-		},
-		{
-			name:     "dotted path in text extracts base only",
-			input:    "$labels.severity",
-			expected: map[string]bool{"labels": true},
-		},
-		{
-			name:     "nested if else",
-			input:    "{{ if .ok }}{{ $a }}{{ else }}{{ $b }}{{ end }}",
-			expected: map[string]bool{"a": true, "b": true},
-		},
-		{
-			name:     "empty string",
-			input:    "",
-			expected: map[string]bool{},
-		},
-		{
-			name:     "no variables",
-			input:    "Hello world",
-			expected: map[string]bool{},
-		},
-		{
-			name:        "invalid template returns error",
-			input:       "{{invalid",
-			expectError: true,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result, err := ExtractUsedVariables(tc.input)
-
-			if tc.expectError {
-				require.Error(t, err)
-			} else {
-				require.NoError(t, err)
-				require.Equal(t, tc.expected, result)
-			}
-		})
-	}
-}
-
-func TestAggregateKV(t *testing.T) {
-	extractLabels := func(a *types.Alert) model.LabelSet { return a.Labels }
-
-	testCases := []struct {
-		name      string
-		alerts    []*types.Alert
-		extractFn func(*types.Alert) model.LabelSet
-		expected  template.KV
-	}{
-		{
-			name:      "empty alerts slice",
-			alerts:    []*types.Alert{},
-			extractFn: extractLabels,
-			expected:  template.KV{},
-		},
-		{
-			name: "single alert",
-			alerts: []*types.Alert{
-				{
-					Alert: model.Alert{
-						Labels: model.LabelSet{
-							"env":     "production",
-							"service": "backend",
-						},
-					},
-				},
-			},
-			extractFn: extractLabels,
-			expected: template.KV{
-				"env":     "production",
-				"service": "backend",
-			},
-		},
-		{
-			name: "varying values with duplicates deduped",
-			alerts: []*types.Alert{
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "production", "service": "backend"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "production", "service": "api"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "production", "service": "frontend"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "production", "service": "api"}}},
-			},
-			extractFn: extractLabels,
-			expected: template.KV{
-				"env":     "production",
-				"service": "backend, api, frontend",
-			},
-		},
-		{
-			name: "more than 5 unique values truncates to 5",
-			alerts: []*types.Alert{
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "svc1"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "svc2"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "svc3"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "svc4"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "svc5"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "svc6"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "svc7"}}},
-			},
-			extractFn: extractLabels,
-			expected: template.KV{
-				"service": "svc1, svc2, svc3, svc4, svc5",
-			},
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result := aggregateKV(tc.alerts, tc.extractFn)
-			require.Equal(t, tc.expected, result)
-		})
-	}
-}
-
-func TestExtractCommonKV(t *testing.T) {
-	extractLabels := func(a *types.Alert) model.LabelSet { return a.Labels }
-	extractAnnotations := func(a *types.Alert) model.LabelSet { return a.Annotations }
-
-	testCases := []struct {
-		name      string
-		alerts    []*types.Alert
-		extractFn func(*types.Alert) model.LabelSet
-		expected  template.KV
-	}{
-		{
-			name:      "empty alerts slice",
-			alerts:    []*types.Alert{},
-			extractFn: extractLabels,
-			expected:  template.KV{},
-		},
-		{
-			name: "single alert returns all labels",
-			alerts: []*types.Alert{
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "prod", "service": "api"}}},
-			},
-			extractFn: extractLabels,
-			expected:  template.KV{"env": "prod", "service": "api"},
-		},
-		{
-			name: "multiple alerts with fully common labels",
-			alerts: []*types.Alert{
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "prod", "region": "us-east"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "prod", "region": "us-east"}}},
-			},
-			extractFn: extractLabels,
-			expected:  template.KV{"env": "prod", "region": "us-east"},
-		},
-		{
-			name: "multiple alerts with partially common labels",
-			alerts: []*types.Alert{
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "prod", "service": "api"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"env": "prod", "service": "worker"}}},
-			},
-			extractFn: extractLabels,
-			expected:  template.KV{"env": "prod"},
-		},
-		{
-			name: "multiple alerts with no common labels",
-			alerts: []*types.Alert{
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "api"}}},
-				{Alert: model.Alert{Labels: model.LabelSet{"service": "worker"}}},
-			},
-			extractFn: extractLabels,
-			expected:  template.KV{},
-		},
-		{
-			name: "annotations extract common annotations",
-			alerts: []*types.Alert{
-				{Alert: model.Alert{Annotations: model.LabelSet{"summary": "high cpu", "runbook": "http://x"}}},
-				{Alert: model.Alert{Annotations: model.LabelSet{"summary": "high cpu", "runbook": "http://y"}}},
-			},
-			extractFn: extractAnnotations,
-			expected:  template.KV{"summary": "high cpu"},
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			result := extractCommonKV(tc.alerts, tc.extractFn)
-			require.Equal(t, tc.expected, result)
-		})
-	}
-}

pkg/apiserver/signozapiserver/role.go

@@ -6,7 +6,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/handler"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/gorilla/mux"
 )
 
@@ -16,7 +15,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Tags:                []string{"role"},
 		Summary:             "Create role",
 		Description:         "This endpoint creates a role",
-		Request:             new(roletypes.PostableRole),
+		Request:             new(authtypes.PostableRole),
 		RequestContentType:  "",
 		Response:            new(types.Identifiable),
 		ResponseContentType: "application/json",
@@ -35,7 +34,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Description:         "This endpoint lists all roles",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            make([]*roletypes.Role, 0),
+		Response:            make([]*authtypes.Role, 0),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
@@ -52,7 +51,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Description:         "This endpoint gets a role",
 		Request:             nil,
 		RequestContentType:  "",
-		Response:            new(roletypes.Role),
+		Response:            new(authtypes.Role),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
 		ErrorStatusCodes:    []int{},
@@ -84,7 +83,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		Tags:                []string{"role"},
 		Summary:             "Patch role",
 		Description:         "This endpoint patches a role",
-		Request:             new(roletypes.PatchableRole),
+		Request:             new(authtypes.PatchableRole),
 		RequestContentType:  "",
 		Response:            nil,
 		ResponseContentType: "application/json",

pkg/authz/authz.go

@@ -6,7 +6,6 @@ import (
 
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 )
@@ -30,10 +29,10 @@ type AuthZ interface {
 	ListObjects(context.Context, string, authtypes.Relation, authtypes.Typeable) ([]*authtypes.Object, error)
 
 	// Creates the role.
-	Create(context.Context, valuer.UUID, *roletypes.Role) error
+	Create(context.Context, valuer.UUID, *authtypes.Role) error
 
 	// Gets the role if it exists or creates one.
-	GetOrCreate(context.Context, valuer.UUID, *roletypes.Role) (*roletypes.Role, error)
+	GetOrCreate(context.Context, valuer.UUID, *authtypes.Role) (*authtypes.Role, error)
 
 	// Gets the objects associated with the given role and relation.
 	GetObjects(context.Context, valuer.UUID, valuer.UUID, authtypes.Relation) ([]*authtypes.Object, error)
@@ -42,7 +41,7 @@ type AuthZ interface {
 	GetResources(context.Context) []*authtypes.Resource
 
 	// Patches the role.
-	Patch(context.Context, valuer.UUID, *roletypes.Role) error
+	Patch(context.Context, valuer.UUID, *authtypes.Role) error
 
 	// Patches the objects in authorization server associated with the given role and relation
 	PatchObjects(context.Context, valuer.UUID, string, authtypes.Relation, []*authtypes.Object, []*authtypes.Object) error
@@ -51,19 +50,19 @@ type AuthZ interface {
 	Delete(context.Context, valuer.UUID, valuer.UUID) error
 
 	// Gets the role
-	Get(context.Context, valuer.UUID, valuer.UUID) (*roletypes.Role, error)
+	Get(context.Context, valuer.UUID, valuer.UUID) (*authtypes.Role, error)
 
 	// Gets the role by org_id and name
-	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*roletypes.Role, error)
+	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*authtypes.Role, error)
 
 	// Lists all the roles for the organization.
-	List(context.Context, valuer.UUID) ([]*roletypes.Role, error)
+	List(context.Context, valuer.UUID) ([]*authtypes.Role, error)
 
 	//  Lists all the roles for the organization filtered by name
-	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
+	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*authtypes.Role, error)
 
 	//  Lists all the roles for the organization filtered by ids
-	ListByOrgIDAndIDs(context.Context, valuer.UUID, []valuer.UUID) ([]*roletypes.Role, error)
+	ListByOrgIDAndIDs(context.Context, valuer.UUID, []valuer.UUID) ([]*authtypes.Role, error)
 
 	// Grants a role to the subject based on role name.
 	Grant(context.Context, valuer.UUID, []string, string) error
@@ -75,7 +74,7 @@ type AuthZ interface {
 	ModifyGrant(context.Context, valuer.UUID, []string, []string, string) error
 
 	// Bootstrap the managed roles.
-	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error
+	CreateManagedRoles(context.Context, valuer.UUID, []*authtypes.Role) error
 
 	// Bootstrap managed roles transactions and user assignments
 	CreateManagedUserRoleTransactions(context.Context, valuer.UUID, valuer.UUID) error

pkg/authz/authzstore/sqlauthzstore/store.go

@@ -5,7 +5,7 @@ import (
 
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
@@ -14,11 +14,11 @@ type store struct {
 	sqlstore sqlstore.SQLStore
 }
 
-func NewSqlAuthzStore(sqlstore sqlstore.SQLStore) roletypes.Store {
+func NewSqlAuthzStore(sqlstore sqlstore.SQLStore) authtypes.RoleStore {
 	return &store{sqlstore: sqlstore}
 }
 
-func (store *store) Create(ctx context.Context, role *roletypes.StorableRole) error {
+func (store *store) Create(ctx context.Context, role *authtypes.StorableRole) error {
 	_, err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -32,8 +32,8 @@ func (store *store) Create(ctx context.Context, role *roletypes.StorableRole) er
 	return nil
 }
 
-func (store *store) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.StorableRole, error) {
-	role := new(roletypes.StorableRole)
+func (store *store) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*authtypes.StorableRole, error) {
+	role := new(authtypes.StorableRole)
 	err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -43,14 +43,14 @@ func (store *store) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID)
 		Where("id = ?", id).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, roletypes.ErrCodeRoleNotFound, "role with id: %s doesn't exist", id)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, authtypes.ErrCodeRoleNotFound, "role with id: %s doesn't exist", id)
 	}
 
 	return role, nil
 }
 
-func (store *store) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.StorableRole, error) {
-	role := new(roletypes.StorableRole)
+func (store *store) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*authtypes.StorableRole, error) {
+	role := new(authtypes.StorableRole)
 	err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -60,14 +60,14 @@ func (store *store) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, na
 		Where("name = ?", name).
 		Scan(ctx)
 	if err != nil {
-		return nil, store.sqlstore.WrapNotFoundErrf(err, roletypes.ErrCodeRoleNotFound, "role with name: %s doesn't exist", name)
+		return nil, store.sqlstore.WrapNotFoundErrf(err, authtypes.ErrCodeRoleNotFound, "role with name: %s doesn't exist", name)
 	}
 
 	return role, nil
 }
 
-func (store *store) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.StorableRole, error) {
-	roles := make([]*roletypes.StorableRole, 0)
+func (store *store) List(ctx context.Context, orgID valuer.UUID) ([]*authtypes.StorableRole, error) {
+	roles := make([]*authtypes.StorableRole, 0)
 	err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -82,8 +82,8 @@ func (store *store) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.S
 	return roles, nil
 }
 
-func (store *store) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.StorableRole, error) {
-	roles := make([]*roletypes.StorableRole, 0)
+func (store *store) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*authtypes.StorableRole, error) {
+	roles := make([]*authtypes.StorableRole, 0)
 	err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -99,7 +99,7 @@ func (store *store) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID,
 	if len(roles) != len(names) {
 		return nil, store.sqlstore.WrapNotFoundErrf(
 			nil,
-			roletypes.ErrCodeRoleNotFound,
+			authtypes.ErrCodeRoleNotFound,
 			"not all roles found for the provided names: %v", names,
 		)
 	}
@@ -107,8 +107,8 @@ func (store *store) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID,
 	return roles, nil
 }
 
-func (store *store) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*roletypes.StorableRole, error) {
-	roles := make([]*roletypes.StorableRole, 0)
+func (store *store) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*authtypes.StorableRole, error) {
+	roles := make([]*authtypes.StorableRole, 0)
 	err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -124,7 +124,7 @@ func (store *store) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, id
 	if len(roles) != len(ids) {
 		return nil, store.sqlstore.WrapNotFoundErrf(
 			nil,
-			roletypes.ErrCodeRoleNotFound,
+			authtypes.ErrCodeRoleNotFound,
 			"not all roles found for the provided ids: %v", ids,
 		)
 	}
@@ -132,7 +132,7 @@ func (store *store) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, id
 	return roles, nil
 }
 
-func (store *store) Update(ctx context.Context, orgID valuer.UUID, role *roletypes.StorableRole) error {
+func (store *store) Update(ctx context.Context, orgID valuer.UUID, role *authtypes.StorableRole) error {
 	_, err := store.
 		sqlstore.
 		BunDBCtx(ctx).
@@ -153,12 +153,12 @@ func (store *store) Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUI
 		sqlstore.
 		BunDBCtx(ctx).
 		NewDelete().
-		Model(new(roletypes.StorableRole)).
+		Model(new(authtypes.StorableRole)).
 		Where("org_id = ?", orgID).
 		Where("id = ?", id).
 		Exec(ctx)
 	if err != nil {
-		return store.sqlstore.WrapNotFoundErrf(err, roletypes.ErrCodeRoleNotFound, "role with id %s doesn't exist", id)
+		return store.sqlstore.WrapNotFoundErrf(err, authtypes.ErrCodeRoleNotFound, "role with id %s doesn't exist", id)
 	}
 
 	return nil

pkg/authz/openfgaauthz/provider.go

@@ -8,7 +8,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 
 	"github.com/SigNoz/signoz/pkg/factory"
@@ -19,7 +18,7 @@ import (
 
 type provider struct {
 	server *openfgaserver.Server
-	store  roletypes.Store
+	store  authtypes.RoleStore
 }
 
 func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) factory.ProviderFactory[authz.AuthZ, authz.Config] {
@@ -68,61 +67,61 @@ func (provider *provider) ListObjects(ctx context.Context, subject string, relat
 	return provider.server.ListObjects(ctx, subject, relation, typeable)
 }
 
-func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
+func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*authtypes.Role, error) {
 	storableRole, err := provider.store.Get(ctx, orgID, id)
 	if err != nil {
 		return nil, err
 	}
 
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
+	return authtypes.NewRoleFromStorableRole(storableRole), nil
 }
 
-func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
+func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*authtypes.Role, error) {
 	storableRole, err := provider.store.GetByOrgIDAndName(ctx, orgID, name)
 	if err != nil {
 		return nil, err
 	}
 
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
+	return authtypes.NewRoleFromStorableRole(storableRole), nil
 }
 
-func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
+func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*authtypes.Role, error) {
 	storableRoles, err := provider.store.List(ctx, orgID)
 	if err != nil {
 		return nil, err
 	}
 
-	roles := make([]*roletypes.Role, len(storableRoles))
+	roles := make([]*authtypes.Role, len(storableRoles))
 	for idx, storableRole := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storableRole)
+		roles[idx] = authtypes.NewRoleFromStorableRole(storableRole)
 	}
 
 	return roles, nil
 }
 
-func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
+func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*authtypes.Role, error) {
 	storableRoles, err := provider.store.ListByOrgIDAndNames(ctx, orgID, names)
 	if err != nil {
 		return nil, err
 	}
 
-	roles := make([]*roletypes.Role, len(storableRoles))
+	roles := make([]*authtypes.Role, len(storableRoles))
 	for idx, storable := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
+		roles[idx] = authtypes.NewRoleFromStorableRole(storable)
 	}
 
 	return roles, nil
 }
 
-func (provider *provider) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*roletypes.Role, error) {
+func (provider *provider) ListByOrgIDAndIDs(ctx context.Context, orgID valuer.UUID, ids []valuer.UUID) ([]*authtypes.Role, error) {
 	storableRoles, err := provider.store.ListByOrgIDAndIDs(ctx, orgID, ids)
 	if err != nil {
 		return nil, err
 	}
 
-	roles := make([]*roletypes.Role, len(storableRoles))
+	roles := make([]*authtypes.Role, len(storableRoles))
 	for idx, storable := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
+		roles[idx] = authtypes.NewRoleFromStorableRole(storable)
 	}
 
 	return roles, nil
@@ -179,10 +178,10 @@ func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, names [
 	return provider.Write(ctx, nil, tuples)
 }
 
-func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*roletypes.Role) error {
+func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*authtypes.Role) error {
 	err := provider.store.RunInTx(ctx, func(ctx context.Context) error {
 		for _, role := range managedRoles {
-			err := provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+			err := provider.store.Create(ctx, authtypes.NewStorableRoleFromRole(role))
 			if err != nil {
 				return err
 			}
@@ -199,15 +198,15 @@ func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID,
 }
 
 func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
-	return provider.Grant(ctx, orgID, []string{roletypes.SigNozAdminRoleName}, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
+	return provider.Grant(ctx, orgID, []string{authtypes.SigNozAdminRoleName}, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
 }
 
-func (setter *provider) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+func (setter *provider) Create(_ context.Context, _ valuer.UUID, _ *authtypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, authtypes.ErrCodeRoleUnsupported, "not implemented")
 }
 
-func (provider *provider) GetOrCreate(_ context.Context, _ valuer.UUID, _ *roletypes.Role) (*roletypes.Role, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+func (provider *provider) GetOrCreate(_ context.Context, _ valuer.UUID, _ *authtypes.Role) (*authtypes.Role, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, authtypes.ErrCodeRoleUnsupported, "not implemented")
 }
 
 func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
@@ -215,19 +214,19 @@ func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource
 }
 
 func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+	return nil, errors.Newf(errors.TypeUnsupported, authtypes.ErrCodeRoleUnsupported, "not implemented")
 }
 
-func (provider *provider) Patch(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+func (provider *provider) Patch(_ context.Context, _ valuer.UUID, _ *authtypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, authtypes.ErrCodeRoleUnsupported, "not implemented")
 }
 
 func (provider *provider) PatchObjects(_ context.Context, _ valuer.UUID, _ string, _ authtypes.Relation, _, _ []*authtypes.Object) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+	return errors.Newf(errors.TypeUnsupported, authtypes.ErrCodeRoleUnsupported, "not implemented")
 }
 
 func (provider *provider) Delete(_ context.Context, _ valuer.UUID, _ valuer.UUID) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+	return errors.Newf(errors.TypeUnsupported, authtypes.ErrCodeRoleUnsupported, "not implemented")
 }
 
 func (provider *provider) MustGetTypeables() []authtypes.Typeable {

pkg/authz/signozauthzapi/handler.go

@@ -9,7 +9,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/gorilla/mux"
 )
@@ -30,13 +29,13 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	req := new(roletypes.PostableRole)
+	req := new(authtypes.PostableRole)
 	if err := binding.JSON.BindBody(r.Body, req); err != nil {
 		render.Error(rw, err)
 		return
 	}
 
-	role := roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID))
+	role := authtypes.NewRole(req.Name, req.Description, authtypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID))
 	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), role)
 	if err != nil {
 		render.Error(rw, err)
@@ -56,7 +55,7 @@ func (handler *handler) Get(rw http.ResponseWriter, r *http.Request) {
 
 	id, ok := mux.Vars(r)["id"]
 	if !ok {
-		render.Error(rw, errors.New(errors.TypeInvalidInput, roletypes.ErrCodeRoleInvalidInput, "id is missing from the request"))
+		render.Error(rw, errors.New(errors.TypeInvalidInput, authtypes.ErrCodeRoleInvalidInput, "id is missing from the request"))
 		return
 	}
 	roleID, err := valuer.NewUUID(id)
@@ -84,7 +83,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 
 	id, ok := mux.Vars(r)["id"]
 	if !ok {
-		render.Error(rw, errors.New(errors.TypeInvalidInput, roletypes.ErrCodeRoleInvalidInput, "id is missing from the request"))
+		render.Error(rw, errors.New(errors.TypeInvalidInput, authtypes.ErrCodeRoleInvalidInput, "id is missing from the request"))
 		return
 	}
 	roleID, err := valuer.NewUUID(id)
@@ -95,7 +94,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 
 	relationStr, ok := mux.Vars(r)["relation"]
 	if !ok {
-		render.Error(rw, errors.New(errors.TypeInvalidInput, roletypes.ErrCodeRoleInvalidInput, "relation is missing from the request"))
+		render.Error(rw, errors.New(errors.TypeInvalidInput, authtypes.ErrCodeRoleInvalidInput, "relation is missing from the request"))
 		return
 	}
 	relation, err := authtypes.NewRelation(relationStr)
@@ -150,7 +149,7 @@ func (handler *handler) Patch(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	req := new(roletypes.PatchableRole)
+	req := new(authtypes.PatchableRole)
 	if err := binding.JSON.BindBody(r.Body, req); err != nil {
 		render.Error(rw, err)
 		return

pkg/errors/errors.go

@@ -147,7 +147,7 @@ func Ast(cause error, typ typ) bool {
 	return t == typ
 }
 
-// Asc checks if the provided error matches the specified custom error code.
+// Ast checks if the provided error matches the specified custom error code.
 func Asc(cause error, code Code) bool {
 	_, c, _, _, _, _ := Unwrapb(cause)
 

pkg/http/middleware/authz.go

@@ -9,8 +9,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/gorilla/mux"
 )
@@ -42,9 +40,7 @@ func (middleware *AuthZ) ViewAccess(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
-		commentCtx := ctxtypes.CommentFromContext(ctx)
-		authtype, ok := commentCtx.Map()["auth_type"]
-		if ok && (authtype == authtypes.IdentNProviderAPIkey.StringValue()) {
+		if claims.IdentNProvider == authtypes.IdentNProviderAPIkey.StringValue() {
 			if err := claims.IsViewer(); err != nil {
 				middleware.logger.WarnContext(ctx, authzDeniedMessage, "claims", claims)
 				render.Error(rw, err)
@@ -56,9 +52,9 @@ func (middleware *AuthZ) ViewAccess(next http.HandlerFunc) http.HandlerFunc {
 		}
 
 		selectors := []authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAdminRoleName),
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozEditorRoleName),
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozViewerRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozEditorRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozViewerRoleName),
 		}
 
 		err = middleware.authzService.CheckWithTupleCreation(
@@ -94,9 +90,7 @@ func (middleware *AuthZ) EditAccess(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
-		commentCtx := ctxtypes.CommentFromContext(ctx)
-		authtype, ok := commentCtx.Map()["auth_type"]
-		if ok && (authtype == authtypes.IdentNProviderAPIkey.StringValue()) {
+		if claims.IdentNProvider == authtypes.IdentNProviderAPIkey.StringValue() {
 			if err := claims.IsEditor(); err != nil {
 				middleware.logger.WarnContext(ctx, authzDeniedMessage, "claims", claims)
 				render.Error(rw, err)
@@ -108,8 +102,8 @@ func (middleware *AuthZ) EditAccess(next http.HandlerFunc) http.HandlerFunc {
 		}
 
 		selectors := []authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAdminRoleName),
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozEditorRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozEditorRoleName),
 		}
 
 		err = middleware.authzService.CheckWithTupleCreation(
@@ -145,9 +139,7 @@ func (middleware *AuthZ) AdminAccess(next http.HandlerFunc) http.HandlerFunc {
 			return
 		}
 
-		commentCtx := ctxtypes.CommentFromContext(ctx)
-		authtype, ok := commentCtx.Map()["auth_type"]
-		if ok && (authtype == authtypes.IdentNProviderAPIkey.StringValue()) {
+		if claims.IdentNProvider == authtypes.IdentNProviderAPIkey.StringValue() {
 			if err := claims.IsAdmin(); err != nil {
 				middleware.logger.WarnContext(ctx, authzDeniedMessage, "claims", claims)
 				render.Error(rw, err)
@@ -159,7 +151,7 @@ func (middleware *AuthZ) AdminAccess(next http.HandlerFunc) http.HandlerFunc {
 		}
 
 		selectors := []authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAdminRoleName),
+			authtypes.MustNewSelector(authtypes.TypeRole, authtypes.SigNozAdminRoleName),
 		}
 
 		err = middleware.authzService.CheckWithTupleCreation(

pkg/identn/apikeyidentn/identn.go

@@ -101,13 +101,8 @@ func (provider *provider) GetIdentity(req *http.Request) (*authtypes.Identity, e
 		return nil, err
 	}
 
-	identity := authtypes.Identity{
-		UserID: user.ID,
-		Role:   apiKey.Role,
-		Email:  user.Email,
-		OrgID:  user.OrgID,
-	}
-	return &identity, nil
+	identity := authtypes.NewIdentity(user.ID, user.OrgID, user.Email, apiKey.Role, provider.Name())
+	return identity, nil
 }
 
 func (provider *provider) Post(ctx context.Context, _ *http.Request, _ authtypes.Claims) {

pkg/modules/cloudintegration/cloudintegration.go

@@ -0,0 +1,65 @@
+package cloudintegration
+
+import (
+	"context"
+	"net/http"
+
+	citypes "github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type Module interface {
+	CreateAccount(ctx context.Context, account *citypes.Account) error
+
+	// GetAccount returns cloud integration account
+	GetAccount(ctx context.Context, orgID, accountID valuer.UUID) (*citypes.Account, error)
+
+	// ListAccounts lists accounts where agent is connected
+	ListAccounts(ctx context.Context, orgID valuer.UUID) ([]*citypes.Account, error)
+
+	// UpdateAccount updates the cloud integration account for a specific organization.
+	UpdateAccount(ctx context.Context, account *citypes.Account) error
+
+	// DisconnectAccount soft deletes/removes a cloud integration account.
+	DisconnectAccount(ctx context.Context, orgID, accountID valuer.UUID) error
+
+	// GetConnectionArtifact returns cloud provider specific connection information,
+	// client side handles how this information is shown
+	GetConnectionArtifact(ctx context.Context, account *citypes.Account, req *citypes.ConnectionArtifactRequest) (*citypes.ConnectionArtifact, error)
+
+	// ListServicesMetadata returns the list of services metadata for a cloud provider attached with the integrationID.
+	// This just returns a summary of the service and not the whole service definition
+	ListServicesMetadata(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID) ([]*citypes.ServiceMetadata, error)
+
+	// GetService returns service definition details for a serviceID. This returns config and
+	// other details required to show in service details page on web client.
+	GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID string) (*citypes.Service, error)
+
+	// UpdateService updates cloud integration service
+	UpdateService(ctx context.Context, orgID valuer.UUID, service *citypes.CloudIntegrationService) error
+
+	// AgentCheckIn is called by agent to heartbeat and get latest config in response.
+	AgentCheckIn(ctx context.Context, orgID valuer.UUID, req *citypes.AgentCheckInRequest) (*citypes.AgentCheckInResponse, error)
+
+	// GetDashboardByID returns dashboard JSON for a given dashboard id.
+	// this only returns the dashboard when the service (embedded in dashboard id) is enabled
+	// in the org for any cloud integration account
+	GetDashboardByID(ctx context.Context, orgID valuer.UUID, id string) (*dashboardtypes.Dashboard, error)
+
+	// ListDashboards returns list of dashboards across all connected cloud integration accounts
+	// for enabled services in the org. This list gets added to dashboard list page
+	ListDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error)
+}
+
+type Handler interface {
+	GetConnectionArtifact(http.ResponseWriter, *http.Request)
+	ListAccounts(http.ResponseWriter, *http.Request)
+	GetAccount(http.ResponseWriter, *http.Request)
+	UpdateAccount(http.ResponseWriter, *http.Request)
+	DisconnectAccount(http.ResponseWriter, *http.Request)
+	ListServicesMetadata(http.ResponseWriter, *http.Request)
+	GetService(http.ResponseWriter, *http.Request)
+	UpdateService(http.ResponseWriter, *http.Request)
+	AgentCheckIn(http.ResponseWriter, *http.Request)
+}

pkg/modules/promote/implpromote/module.go

@@ -78,7 +78,7 @@ func (m *module) ListPromotedAndIndexedPaths(ctx context.Context) ([]promotetype
 
 	// add the paths that are not promoted but have indexes
 	for path, indexes := range aggr {
-		path := strings.TrimPrefix(path, telemetrylogs.BodyJSONColumnPrefix)
+		path := strings.TrimPrefix(path, telemetrylogs.BodyV2ColumnPrefix)
 		path = telemetrytypes.BodyJSONStringSearchPrefix + path
 		response = append(response, promotetypes.PromotePath{
 			Path:    path,
@@ -163,7 +163,7 @@ func (m *module) PromoteAndIndexPaths(
 			}
 		}
 		if len(it.Indexes) > 0 {
-			parentColumn := telemetrylogs.LogsV2BodyJSONColumn
+			parentColumn := telemetrylogs.LogsV2BodyV2Column
 			// if the path is already promoted or is being promoted, add it to the promoted column
 			if _, promoted := existingPromotedPaths[it.Path]; promoted || it.Promote {
 				parentColumn = telemetrylogs.LogsV2BodyPromotedColumn

pkg/modules/user/config.go

@@ -27,7 +27,12 @@ type OrgConfig struct {
 }
 
 type PasswordConfig struct {
-	Reset ResetConfig `mapstructure:"reset"`
+	Invite InviteConfig `mapstructure:"invite"`
+	Reset  ResetConfig  `mapstructure:"reset"`
+}
+
+type InviteConfig struct {
+	MaxTokenLifetime time.Duration `mapstructure:"max_token_lifetime"`
 }
 
 type ResetConfig struct {
@@ -46,6 +51,9 @@ func newConfig() factory.Config {
 				AllowSelf:        false,
 				MaxTokenLifetime: 6 * time.Hour,
 			},
+			Invite: InviteConfig{
+				MaxTokenLifetime: 48 * time.Hour,
+			},
 		},
 		Root: RootConfig{
 			Enabled: false,
@@ -61,6 +69,10 @@ func (c Config) Validate() error {
 		return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::password::reset::max_token_lifetime must be positive")
 	}
 
+	if c.Password.Invite.MaxTokenLifetime <= 0 {
+		return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::password::invite::max_token_lifetime must be positive")
+	}
+
 	if c.Root.Enabled {
 		if c.Root.Email.IsZero() {
 			return errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "user::root::email is required when root user is enabled")

pkg/modules/user/impluser/module.go

@@ -19,7 +19,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/emailtypes"
 	"github.com/SigNoz/signoz/pkg/types/integrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/dustin/go-humanize"
 )
@@ -204,7 +203,7 @@ func (m *Module) CreateBulkInvite(ctx context.Context, orgID valuer.UUID, userID
 
 		resetLink := userWithToken.ResetPasswordToken.FactorPasswordResetLink(frontendBaseUrl)
 
-		tokenLifetime := m.config.Password.Reset.MaxTokenLifetime
+		tokenLifetime := m.config.Password.Invite.MaxTokenLifetime
 		humanizedTokenLifetime := strings.TrimSpace(humanize.RelTime(time.Now(), time.Now().Add(tokenLifetime), "", ""))
 
 		if err := m.emailing.SendHTML(ctx, userWithToken.User.Email.String(), "You're Invited to Join SigNoz", emailtypes.TemplateNameInvitationEmail, map[string]any{
@@ -263,7 +262,7 @@ func (module *Module) CreateUser(ctx context.Context, input *types.User, opts ..
 	createUserOpts := root.NewCreateUserOptions(opts...)
 
 	// since assign is idempotant multiple calls to assign won't cause issues in case of retries.
-	err := module.authz.Grant(ctx, input.OrgID, []string{roletypes.MustGetSigNozManagedRoleFromExistingRole(input.Role)}, authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
+	err := module.authz.Grant(ctx, input.OrgID, []string{authtypes.MustGetSigNozManagedRoleFromExistingRole(input.Role)}, authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
 	if err != nil {
 		return err
 	}
@@ -333,8 +332,8 @@ func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, u
 	if user.Role != "" && user.Role != existingUser.Role {
 		err = m.authz.ModifyGrant(ctx,
 			orgID,
-			[]string{roletypes.MustGetSigNozManagedRoleFromExistingRole(existingUser.Role)},
-			[]string{roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)},
+			[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(existingUser.Role)},
+			[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)},
 			authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil),
 		)
 		if err != nil {
@@ -395,7 +394,7 @@ func (module *Module) DeleteUser(ctx context.Context, orgID valuer.UUID, id stri
 	}
 
 	// since revoke is idempotant multiple calls to revoke won't cause issues in case of retries
-	err = module.authz.Revoke(ctx, orgID, []string{roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)}, authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
+	err = module.authz.Revoke(ctx, orgID, []string{authtypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)}, authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
 	if err != nil {
 		return err
 	}
@@ -461,7 +460,11 @@ func (module *Module) GetOrCreateResetPasswordToken(ctx context.Context, userID
 	}
 
 	// create a new token
-	resetPasswordToken, err := types.NewResetPasswordToken(password.ID, time.Now().Add(module.config.Password.Reset.MaxTokenLifetime))
+	tokenLifetime := module.config.Password.Reset.MaxTokenLifetime
+	if user.Status == types.UserStatusPendingInvite {
+		tokenLifetime = module.config.Password.Invite.MaxTokenLifetime
+	}
+	resetPasswordToken, err := types.NewResetPasswordToken(password.ID, time.Now().Add(tokenLifetime))
 	if err != nil {
 		return nil, err
 	}
@@ -501,6 +504,9 @@ func (module *Module) ForgotPassword(ctx context.Context, orgID valuer.UUID, ema
 	resetLink := token.FactorPasswordResetLink(frontendBaseURL)
 
 	tokenLifetime := module.config.Password.Reset.MaxTokenLifetime
+	if user.Status == types.UserStatusPendingInvite {
+		tokenLifetime = module.config.Password.Invite.MaxTokenLifetime
+	}
 	humanizedTokenLifetime := strings.TrimSpace(humanize.RelTime(time.Now(), time.Now().Add(tokenLifetime), "", ""))
 
 	if err := module.emailing.SendHTML(
@@ -558,7 +564,7 @@ func (module *Module) UpdatePasswordByResetPasswordToken(ctx context.Context, to
 		if err = module.authz.Grant(
 			ctx,
 			user.OrgID,
-			[]string{roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)},
+			[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)},
 			authtypes.MustNewSubject(authtypes.TypeableUser, user.ID.StringValue(), user.OrgID, nil),
 		); err != nil {
 			return err
@@ -692,7 +698,7 @@ func (module *Module) CreateFirstUser(ctx context.Context, organization *types.O
 		return nil, err
 	}
 
-	managedRoles := roletypes.NewManagedRoles(organization.ID)
+	managedRoles := authtypes.NewManagedRoles(organization.ID)
 	err = module.authz.CreateManagedUserRoleTransactions(ctx, organization.ID, user.ID)
 	if err != nil {
 		return nil, err
@@ -793,7 +799,7 @@ func (module *Module) activatePendingUser(ctx context.Context, user *types.User)
 	err := module.authz.Grant(
 		ctx,
 		user.OrgID,
-		[]string{roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)},
+		[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(user.Role)},
 		authtypes.MustNewSubject(authtypes.TypeableUser, user.ID.StringValue(), user.OrgID, nil),
 	)
 	if err != nil {

pkg/modules/user/impluser/service.go

@@ -11,7 +11,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
@@ -159,8 +158,8 @@ func (s *service) createOrPromoteRootUser(ctx context.Context, orgID valuer.UUID
 		if oldRole != types.RoleAdmin {
 			if err := s.authz.ModifyGrant(ctx,
 				orgID,
-				[]string{roletypes.MustGetSigNozManagedRoleFromExistingRole(oldRole)},
-				[]string{roletypes.MustGetSigNozManagedRoleFromExistingRole(types.RoleAdmin)},
+				[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(oldRole)},
+				[]string{authtypes.MustGetSigNozManagedRoleFromExistingRole(types.RoleAdmin)},
 				authtypes.MustNewSubject(authtypes.TypeableUser, existingUser.ID.StringValue(), orgID, nil),
 			); err != nil {
 				return err

pkg/querier/builder_query.go

@@ -10,13 +10,11 @@ import (
 
 	"github.com/ClickHouse/clickhouse-go/v2"
 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/telemetrylogs"
 	"github.com/SigNoz/signoz/pkg/telemetrystore"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	"github.com/SigNoz/signoz/pkg/types/instrumentationtypes"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/bytedance/sonic"
 )
 
 type builderQuery[T any] struct {
@@ -262,40 +260,6 @@ func (q *builderQuery[T]) executeWithContext(ctx context.Context, query string,
 		return nil, err
 	}
 
-	// merge body_json and promoted into body
-	if q.spec.Signal == telemetrytypes.SignalLogs {
-		switch typedPayload := payload.(type) {
-		case *qbtypes.RawData:
-			for _, rr := range typedPayload.Rows {
-				seeder := func() error {
-					body, ok := rr.Data[telemetrylogs.LogsV2BodyJSONColumn].(map[string]any)
-					if !ok {
-						return nil
-					}
-					promoted, ok := rr.Data[telemetrylogs.LogsV2BodyPromotedColumn].(map[string]any)
-					if !ok {
-						return nil
-					}
-					seed(promoted, body)
-					str, err := sonic.MarshalString(body)
-					if err != nil {
-						return errors.Wrapf(err, errors.TypeInternal, errors.CodeInternal, "failed to marshal body")
-					}
-					rr.Data["body"] = str
-					return nil
-				}
-				err := seeder()
-				if err != nil {
-					return nil, err
-				}
-
-				delete(rr.Data, telemetrylogs.LogsV2BodyJSONColumn)
-				delete(rr.Data, telemetrylogs.LogsV2BodyPromotedColumn)
-			}
-			payload = typedPayload
-		}
-	}
-
 	return &qbtypes.Result{
 		Type:  q.kind,
 		Value: payload,
@@ -423,18 +387,3 @@ func decodeCursor(cur string) (int64, error) {
 	}
 	return strconv.ParseInt(string(b), 10, 64)
 }
-
-func seed(promoted map[string]any, body map[string]any) {
-	for key, fromValue := range promoted {
-		if toValue, ok := body[key]; !ok {
-			body[key] = fromValue
-		} else {
-			if fromValue, ok := fromValue.(map[string]any); ok {
-				if toValue, ok := toValue.(map[string]any); ok {
-					seed(fromValue, toValue)
-					body[key] = toValue
-				}
-			}
-		}
-	}
-}

pkg/querier/consume.go

@@ -14,7 +14,6 @@ import (
 	"github.com/ClickHouse/clickhouse-go/v2/lib/driver"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/bytedance/sonic"
 )
 
 var (
@@ -394,17 +393,11 @@ func readAsRaw(rows driver.Rows, queryName string) (*qbtypes.RawData, error) {
 
 			// de-reference the typed pointer to any
 			val := reflect.ValueOf(cellPtr).Elem().Interface()
-
-			// Post-process JSON columns: normalize into structured values
+			// Post-process JSON columns: normalize into String value
 			if strings.HasPrefix(strings.ToUpper(colTypes[i].DatabaseTypeName()), "JSON") {
 				switch x := val.(type) {
 				case []byte:
-					if len(x) > 0 {
-						var v any
-						if err := sonic.Unmarshal(x, &v); err == nil {
-							val = v
-						}
-					}
+					val = string(x)
 				default:
 					// already a structured type (map[string]any, []any, etc.)
 				}

pkg/querier/querier.go

@@ -20,6 +20,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/instrumentationtypes"
 	"github.com/SigNoz/signoz/pkg/types/metrictypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+	"github.com/dustin/go-humanize"
 	"golang.org/x/exp/maps"
 
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
@@ -158,7 +159,8 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 	metricNames := make([]string, 0)
 	for idx, query := range req.CompositeQuery.Queries {
 		event.QueryType = query.Type.StringValue()
-		if query.Type == qbtypes.QueryTypeBuilder {
+		switch query.Type {
+		case qbtypes.QueryTypeBuilder:
 			if spec, ok := query.Spec.(qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]); ok {
 				for _, agg := range spec.Aggregations {
 					if agg.MetricName != "" {
@@ -236,7 +238,7 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 				}
 				req.CompositeQuery.Queries[idx].Spec = spec
 			}
-		} else if query.Type == qbtypes.QueryTypePromQL {
+		case qbtypes.QueryTypePromQL:
 			event.MetricsUsed = true
 			switch spec := query.Spec.(type) {
 			case qbtypes.PromQuery:
@@ -247,7 +249,7 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 				}
 				req.CompositeQuery.Queries[idx].Spec = spec
 			}
-		} else if query.Type == qbtypes.QueryTypeClickHouseSQL {
+		case qbtypes.QueryTypeClickHouseSQL:
 			switch spec := query.Spec.(type) {
 			case qbtypes.ClickHouseQuery:
 				if strings.TrimSpace(spec.Query) != "" {
@@ -256,7 +258,7 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 					event.TracesUsed = strings.Contains(spec.Query, "signoz_traces")
 				}
 			}
-		} else if query.Type == qbtypes.QueryTypeTraceOperator {
+		case qbtypes.QueryTypeTraceOperator:
 			if spec, ok := query.Spec.(qbtypes.QueryBuilderTraceOperator); ok {
 				if spec.StepInterval.Seconds() == 0 {
 					spec.StepInterval = qbtypes.Step{
@@ -276,23 +278,9 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 		}
 	}
 
-	// Fetch temporality for all metrics at once
-	var metricTemporality map[string]metrictypes.Temporality
-	var metricTypes map[string]metrictypes.Type
-	if len(metricNames) > 0 {
-		var err error
-		metricTemporality, metricTypes, err = q.metadataStore.FetchTemporalityAndTypeMulti(ctx, req.Start, req.End, metricNames...)
-		if err != nil {
-			q.logger.WarnContext(ctx, "failed to fetch metric temporality", "error", err, "metrics", metricNames)
-			// Continue without temporality - statement builder will handle unspecified
-			metricTemporality = make(map[string]metrictypes.Temporality)
-			metricTypes = make(map[string]metrictypes.Type)
-		}
-		q.logger.DebugContext(ctx, "fetched metric temporalities and types", "metric_temporality", metricTemporality, "metric_types", metricTypes)
-	}
-
 	queries := make(map[string]qbtypes.Query)
 	steps := make(map[string]qbtypes.Step)
+	missingMetrics := []string{}
 
 	for _, query := range req.CompositeQuery.Queries {
 		var queryName string
@@ -374,15 +362,26 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 				queries[spec.Name] = bq
 				steps[spec.Name] = spec.StepInterval
 			case qbtypes.QueryBuilderQuery[qbtypes.MetricAggregation]:
+				var metricTemporality map[string]metrictypes.Temporality
+				var metricTypes map[string]metrictypes.Type
+				if len(metricNames) > 0 {
+					var err error
+					metricTemporality, metricTypes, err = q.metadataStore.FetchTemporalityAndTypeMulti(ctx, req.Start, req.End, metricNames...)
+					if err != nil {
+						q.logger.WarnContext(ctx, "failed to fetch metric temporality", "error", err, "metrics", metricNames)
+						return nil, errors.NewInternalf(errors.CodeInternal, "failed to fetch metrics temporality")
+					}
+					q.logger.DebugContext(ctx, "fetched metric temporalities and types", "metric_temporality", metricTemporality, "metric_types", metricTypes)
+				}
 				for i := range spec.Aggregations {
 					if spec.Aggregations[i].MetricName != "" && spec.Aggregations[i].Temporality == metrictypes.Unknown {
 						if temp, ok := metricTemporality[spec.Aggregations[i].MetricName]; ok && temp != metrictypes.Unknown {
 							spec.Aggregations[i].Temporality = temp
 						}
 					}
-					// TODO(srikanthccv): warn when the metric is missing
 					if spec.Aggregations[i].Temporality == metrictypes.Unknown {
-						spec.Aggregations[i].Temporality = metrictypes.Unspecified
+						missingMetrics = append(missingMetrics, spec.Aggregations[i].MetricName)
+						continue
 					}
 
 					if spec.Aggregations[i].MetricName != "" && spec.Aggregations[i].Type == metrictypes.UnspecifiedType {
@@ -409,6 +408,24 @@ func (q *querier) QueryRange(ctx context.Context, orgID valuer.UUID, req *qbtype
 			}
 		}
 	}
+	if len(missingMetrics) > 0 {
+		lastSeenInfo, _ := q.metadataStore.FetchLastSeenInfoMulti(ctx, missingMetrics...)
+		lastSeenStr := func(name string) string {
+			if ts, ok := lastSeenInfo[name]; ok && ts > 0 {
+				ago := humanize.RelTime(time.UnixMilli(ts), time.Now(), "ago", "from now")
+				return fmt.Sprintf("%s (last seen %s)", name, ago)
+			}
+			return name
+		}
+		if len(missingMetrics) == 1 {
+			return nil, errors.NewNotFoundf(errors.CodeNotFound, "no data found for the metric %s in the query time range", lastSeenStr(missingMetrics[0]))
+		}
+		parts := make([]string, len(missingMetrics))
+		for i, m := range missingMetrics {
+			parts[i] = lastSeenStr(m)
+		}
+		return nil, errors.NewNotFoundf(errors.CodeNotFound, "no data found for the following metrics in the query time range: %s", strings.Join(parts, ", "))
+	}
 	qbResp, qbErr := q.run(ctx, orgID, queries, req, steps, event)
 	if qbResp != nil {
 		qbResp.QBEvent = event
@@ -663,7 +680,7 @@ func (q *querier) run(
 }
 
 // executeWithCache executes a query using the bucket cache
-func (q *querier) executeWithCache(ctx context.Context, orgID valuer.UUID, query qbtypes.Query, step qbtypes.Step, noCache bool) (*qbtypes.Result, error) {
+func (q *querier) executeWithCache(ctx context.Context, orgID valuer.UUID, query qbtypes.Query, step qbtypes.Step, _ bool) (*qbtypes.Result, error) {
 	// Get cached data and missing ranges
 	cachedResult, missingRanges := q.bucketCache.GetMissRanges(ctx, orgID, query, step)
 

pkg/query-service/agentConf/db.go

@@ -115,7 +115,6 @@ func (r *Repo) GetLatestVersion(
 func (r *Repo) insertConfig(
 	ctx context.Context, orgId valuer.UUID, userId valuer.UUID, c *opamptypes.AgentConfigVersion, elements []string,
 ) error {
-
 	if c.ElementType.StringValue() == "" {
 		return errors.NewInvalidInputf(CodeElementTypeRequired, "element type is required for creating agent config version")
 	}
@@ -229,6 +228,25 @@ func (r *Repo) updateDeployStatus(ctx context.Context,
 	return nil
 }
 
+// GetDeployStatusByHash returns the DeployStatus for the given config hash
+// (stored with orgId prefix). Returns DeployStatusUnknown when no matching row exists.
+func (r *Repo) GetDeployStatusByHash(ctx context.Context, orgId valuer.UUID, configHash string) (opamptypes.DeployStatus, error) {
+	var version opamptypes.AgentConfigVersion
+	err := r.store.BunDB().NewSelect().
+		Model(&version).
+		ColumnExpr("deploy_status").
+		Where("hash = ?", configHash).
+		Where("org_id = ?", orgId).
+		Scan(ctx)
+	if err != nil {
+		if errors.Is(err, sql.ErrNoRows) {
+			return opamptypes.DeployStatusUnknown, nil
+		}
+		return opamptypes.DeployStatusUnknown, errors.WrapInternalf(err, errors.CodeInternal, "failed to query deploy status by hash")
+	}
+	return version.DeployStatus, nil
+}
+
 func (r *Repo) updateDeployStatusByHash(
 	ctx context.Context, orgId valuer.UUID, confighash string, status string, result string,
 ) error {

pkg/query-service/agentConf/manager.go

@@ -180,6 +180,12 @@ func (m *Manager) ReportConfigDeploymentStatus(
 	}
 }
 
+// Implements model.AgentConfigProvider
+func (m *Manager) GetDeployStatusByHash(ctx context.Context, orgId valuer.UUID, configHash string) (opamptypes.DeployStatus, error) {
+	return m.Repo.GetDeployStatusByHash(ctx, orgId, configHash)
+}
+
+
 func GetLatestVersion(
 	ctx context.Context, orgId valuer.UUID, elementType opamptypes.ElementType,
 ) (*opamptypes.AgentConfigVersion, error) {

pkg/query-service/app/clickhouseReader/reader.go

@@ -3945,53 +3945,67 @@ func (r *ClickHouseReader) GetLogAttributeKeys(ctx context.Context, req *v3.Filt
 		instrumentationtypes.CodeNamespace:    "clickhouse-reader",
 		instrumentationtypes.CodeFunctionName: "GetLogAttributeKeys",
 	})
-	var query string
-	var err error
-	var rows driver.Rows
 	var response v3.FilterAttributeKeyResponse
 
-	tagTypeFilter := `tag_type != 'logfield'`
-	if req.TagType != "" {
-		tagTypeFilter = fmt.Sprintf(`tag_type != 'logfield' and tag_type = '%s'`, req.TagType)
-	}
+	attributeKeysTable := r.logsDB + "." + r.logsAttributeKeys
+	resourceAttrKeysTable := r.logsDB + "." + r.logsResourceKeys
 
-	if len(req.SearchText) != 0 {
-		query = fmt.Sprintf("select distinct tag_key, tag_type, tag_data_type from  %s.%s where %s and tag_key ILIKE $1 limit $2", r.logsDB, r.logsTagAttributeTableV2, tagTypeFilter)
-		rows, err = r.db.Query(ctx, query, fmt.Sprintf("%%%s%%", req.SearchText), req.Limit)
-	} else {
-		query = fmt.Sprintf("select distinct tag_key, tag_type, tag_data_type from %s.%s where %s limit $1", r.logsDB, r.logsTagAttributeTableV2, tagTypeFilter)
-		rows, err = r.db.Query(ctx, query, req.Limit)
+	var tagTypes []string
+	var tables []string
+	switch req.TagType {
+	case v3.TagTypeTag:
+		tables, tagTypes = []string{attributeKeysTable}, []string{"tag"}
+	case v3.TagTypeResource:
+		tables, tagTypes = []string{resourceAttrKeysTable}, []string{"resource"}
+	case "":
+		tables, tagTypes = []string{attributeKeysTable, resourceAttrKeysTable}, []string{"tag", "resource"}
+	default:
+		return nil, errorsV2.Newf(errorsV2.TypeInvalidInput, errorsV2.CodeInvalidInput, "unsupported tag type: %s", req.TagType)
 	}
 
-	if err != nil {
-		r.logger.Error("Error while executing query", "error", err)
-		return nil, fmt.Errorf("error while executing query: %s", err.Error())
-	}
-	defer rows.Close()
-
 	statements := []model.ShowCreateTableStatement{}
-	query = fmt.Sprintf("SHOW CREATE TABLE %s.%s", r.logsDB, r.logsLocalTableName)
-	err = r.db.Select(ctx, &statements, query)
-	if err != nil {
-		return nil, fmt.Errorf("error while fetching logs schema: %s", err.Error())
+	stmtQuery := fmt.Sprintf("SHOW CREATE TABLE %s.%s", r.logsDB, r.logsLocalTableName)
+	if err := r.db.Select(ctx, &statements, stmtQuery); err != nil {
+		return nil, errorsV2.Wrapf(err, errorsV2.TypeInternal, errorsV2.CodeInternal, "error while fetching logs schema")
 	}
 
-	var attributeKey string
-	var attributeDataType string
-	var tagType string
-	for rows.Next() {
-		if err := rows.Scan(&attributeKey, &tagType, &attributeDataType); err != nil {
-			return nil, fmt.Errorf("error while scanning rows: %s", err.Error())
+	for i, table := range tables {
+		tagType := tagTypes[i]
+		var query string
+		if len(req.SearchText) != 0 {
+			query = fmt.Sprintf("select distinct name, lower(datatype) from %s where name ILIKE $1 limit $2", table)
+		} else {
+			query = fmt.Sprintf("select distinct name, lower(datatype) from %s limit $1", table)
 		}
 
-		key := v3.AttributeKey{
-			Key:      attributeKey,
-			DataType: v3.AttributeKeyDataType(attributeDataType),
-			Type:     v3.AttributeKeyType(tagType),
-			IsColumn: isColumn(statements[0].Statement, tagType, attributeKey, attributeDataType),
+		var rows driver.Rows
+		var err error
+		if len(req.SearchText) != 0 {
+			rows, err = r.db.Query(ctx, query, fmt.Sprintf("%%%s%%", req.SearchText), req.Limit)
+		} else {
+			rows, err = r.db.Query(ctx, query, req.Limit)
+		}
+		if err != nil {
+			return nil, errorsV2.Wrapf(err, errorsV2.TypeInternal, errorsV2.CodeInternal, "error while executing query")
 		}
 
-		response.AttributeKeys = append(response.AttributeKeys, key)
+		for rows.Next() {
+			var keyName string
+			var datatype string
+			if err := rows.Scan(&keyName, &datatype); err != nil {
+				rows.Close()
+				return nil, errorsV2.Wrapf(err, errorsV2.TypeInternal, errorsV2.CodeInternal, "error while scanning rows")
+			}
+
+			key := v3.AttributeKey{
+				Key:      keyName,
+				DataType: v3.AttributeKeyDataType(datatype),
+				Type:     v3.AttributeKeyType(tagType),
+				IsColumn: isColumn(statements[0].Statement, tagType, keyName, datatype),
+			}
+			response.AttributeKeys = append(response.AttributeKeys, key)
+		}
+		rows.Close()
 	}
 
 	// add other attributes only when the tagType is not specified

pkg/query-service/app/cloudintegrations/accountsRepo.go

@@ -177,7 +177,7 @@ func (r *cloudProviderAccountsSQLRepository) upsert(
 	onConflictClause := ""
 	if len(onConflictSetStmts) > 0 {
 		onConflictClause = fmt.Sprintf(
-			"conflict(id, provider, org_id) do update SET\n%s",
+			"conflict(id) do update SET\n%s",
 			strings.Join(onConflictSetStmts, ",\n"),
 		)
 	}
@@ -202,6 +202,8 @@ func (r *cloudProviderAccountsSQLRepository) upsert(
 		Exec(ctx)
 
 	if dbErr != nil {
+		// for now returning internal error even if there is a conflict,
+		// will be handled better in the future iteration
 		return nil, model.InternalError(fmt.Errorf(
 			"could not upsert cloud account record: %w", dbErr,
 		))

pkg/query-service/app/opamp/config_provider.go

@@ -1,6 +1,8 @@
 package opamp
 
-import "github.com/SigNoz/signoz/pkg/query-service/app/opamp/model"
+import (
+	"github.com/SigNoz/signoz/pkg/query-service/app/opamp/model"
+)
 
 // Interface for a source of otel collector config recommendations.
 type AgentConfigProvider interface {

pkg/query-service/app/opamp/mocks.go

@@ -5,6 +5,7 @@ import (
 	"log"
 	"net"
 
+	"github.com/SigNoz/signoz/pkg/types/opamptypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/google/uuid"
 	"github.com/knadh/koanf"
@@ -127,6 +128,11 @@ func (ta *MockAgentConfigProvider) HasReportedDeploymentStatus(orgID valuer.UUID
 	return exists
 }
 
+// AgentConfigProvider interface
+func (ta *MockAgentConfigProvider) GetDeployStatusByHash(_ context.Context, _ valuer.UUID, _ string) (opamptypes.DeployStatus, error) {
+	return opamptypes.DeployStatusUnknown, nil
+}
+
 // AgentConfigProvider interface
 func (ta *MockAgentConfigProvider) SubscribeToConfigUpdates(callback func()) func() {
 	subscriberId := uuid.NewString()

pkg/query-service/app/opamp/model/agent.go

@@ -111,90 +111,99 @@ func ExtractLbFlag(agentDescr *protobufs.AgentDescription) bool {
 	return false
 }
 
-func (agent *Agent) updateAgentDescription(newStatus *protobufs.AgentToServer) (agentDescrChanged bool) {
-	prevStatus := agent.Status
-
-	if agent.Status == nil {
-		// First time this Agent reports a status, remember it.
-		agent.Status = newStatus
-		agentDescrChanged = true
-	} else {
-		// Not a new Agent. Update the Status.
-		agent.Status.SequenceNum = newStatus.SequenceNum
-
-		// Check what's changed in the AgentDescription.
-		if newStatus.AgentDescription != nil {
-			// If the AgentDescription field is set it means the Agent tells us
-			// something is changed in the field since the last status report
-			// (or this is the first report).
-			// Make full comparison of previous and new descriptions to see if it
-			// really is different.
-			if prevStatus != nil && proto.Equal(prevStatus.AgentDescription, newStatus.AgentDescription) {
-				// Agent description didn't change.
-				agentDescrChanged = false
-			} else {
-				// Yes, the description is different, update it.
-				agent.Status.AgentDescription = newStatus.AgentDescription
-				agentDescrChanged = true
-			}
-		} else {
-			// AgentDescription field is not set, which means description didn't change.
-			agentDescrChanged = false
-		}
-
-		// Update remote config status if it is included and is different from what we have.
-		if newStatus.RemoteConfigStatus != nil &&
-			!proto.Equal(agent.Status.RemoteConfigStatus, newStatus.RemoteConfigStatus) {
-			agent.Status.RemoteConfigStatus = newStatus.RemoteConfigStatus
-
-			// todo: need to address multiple agent scenario here
-			// for now, the first response will be sent back to the UI
-			if agent.Status.RemoteConfigStatus.Status == protobufs.RemoteConfigStatuses_RemoteConfigStatuses_APPLIED {
-				onConfigSuccess(agent.OrgID, agent.AgentID, string(agent.Status.RemoteConfigStatus.LastRemoteConfigHash))
-			}
-
-			if agent.Status.RemoteConfigStatus.Status == protobufs.RemoteConfigStatuses_RemoteConfigStatuses_FAILED {
-				onConfigFailure(agent.OrgID, agent.AgentID, string(agent.Status.RemoteConfigStatus.LastRemoteConfigHash), agent.Status.RemoteConfigStatus.ErrorMessage)
-			}
-		}
+// agentDescriptionChanged returns true when the agent sends updated properties
+// (e.g. capability flag, version) mid-connection, signalling the server to
+// recompute and push a new RemoteConfig.
+//
+// On reconnect this always returns false: handleFirstStatus pre-copies
+// AgentDescription into agent.Status so no diff is detected, avoiding a
+// redundant config recompute.
+func (agent *Agent) agentDescriptionChanged(newStatus *protobufs.AgentToServer) bool {
+	// nil AgentDescription means no change per OpAMP protocol.
+	if newStatus.AgentDescription == nil {
+		return false
 	}
-
-	if agentDescrChanged {
-		agent.CanLB = ExtractLbFlag(newStatus.AgentDescription)
+	if proto.Equal(agent.Status.AgentDescription, newStatus.AgentDescription) {
+		return false
 	}
-
-	return agentDescrChanged
+	agent.CanLB = ExtractLbFlag(newStatus.AgentDescription)
+	return true
 }
 
-func (agent *Agent) updateHealth(newStatus *protobufs.AgentToServer) {
-	if newStatus.Health == nil {
+// updateRemoteConfigStatus updates the stored RemoteConfigStatus and notifies
+// subscribers if the status has changed relative to what we have stored.
+func (agent *Agent) updateRemoteConfigStatus(newStatus *protobufs.AgentToServer) {
+	if newStatus.RemoteConfigStatus == nil ||
+		proto.Equal(agent.Status.RemoteConfigStatus, newStatus.RemoteConfigStatus) {
 		return
 	}
 
-	agent.Status.Health = newStatus.Health
-
-	if agent.Status != nil && agent.Status.Health != nil && agent.Status.Health.Healthy {
-		agent.TimeAuditable.UpdatedAt = time.Unix(0, int64(agent.Status.Health.StartTimeUnixNano)).UTC()
+	// todo: need to address multiple agent scenario here
+	// for now, the first response will be sent back to the UI
+	hash := string(newStatus.RemoteConfigStatus.LastRemoteConfigHash)
+	switch newStatus.RemoteConfigStatus.Status {
+	case protobufs.RemoteConfigStatuses_RemoteConfigStatuses_APPLIED:
+		onConfigSuccess(agent.OrgID, agent.AgentID, hash)
+	case protobufs.RemoteConfigStatuses_RemoteConfigStatuses_FAILED:
+		onConfigFailure(agent.OrgID, agent.AgentID, hash, newStatus.RemoteConfigStatus.ErrorMessage)
 	}
 }
 
-func (agent *Agent) updateRemoteConfigStatus(newStatus *protobufs.AgentToServer) {
-	// Update remote config status if it is included and is different from what we have.
-	if newStatus.RemoteConfigStatus != nil {
-		agent.Status.RemoteConfigStatus = newStatus.RemoteConfigStatus
+// handleFirstStatus initializes agent.Status on the first message received from
+// this agent instance. It is a no-op for all subsequent messages.
+func (agent *Agent) handleFirstStatus(newStatus *protobufs.AgentToServer, configProvider AgentConfigProvider) {
+	if agent.Status != nil {
+		return
+	}
+
+	// Initialize with a clean slate.
+	agent.Status = &protobufs.AgentToServer{
+		RemoteConfigStatus: &protobufs.RemoteConfigStatus{
+			Status: protobufs.RemoteConfigStatuses_RemoteConfigStatuses_UNSET,
+		},
+	}
+
+	if newStatus.RemoteConfigStatus == nil ||
+		newStatus.RemoteConfigStatus.Status == protobufs.RemoteConfigStatuses_RemoteConfigStatuses_UNSET {
+		// Agent just started fresh — no prior deployment to reconcile with the DB.
+		return
+	}
+
+	// Since the server's connection is restarted;
+	// copy the agent description; so no change is detected by agentDescriptionChanged
+	agent.Status.AgentDescription = newStatus.AgentDescription
+
+	// Server reconnected while the agent was already running.
+	// Reconcile deployment status with DB; DB is the source of truth.
+	// If DB says in_progress but agent now reports APPLIED/FAILED,
+	// updateRemoteConfigStatus will detect the transition and notify subscribers.
+	rawHash := string(newStatus.RemoteConfigStatus.LastRemoteConfigHash)
+	deployStatus, err := configProvider.GetDeployStatusByHash(context.Background(), agent.OrgID, agent.OrgID.String()+rawHash)
+	if err != nil {
+		return
+	}
+
+	agent.Status.RemoteConfigStatus.Status = opamptypes.DeployStatusToProtoStatus[deployStatus]
+
+	// If the deployment is still in-flight, rehydrate the subscriber so that
+	// updateRemoteConfigStatus can fire onConfigSuccess/onConfigFailure when
+	// the agent next reports a terminal status.
+	if deployStatus != opamptypes.Deployed && deployStatus != opamptypes.DeployFailed {
+		ListenToConfigUpdate(agent.OrgID, agent.AgentID, rawHash, configProvider.ReportConfigDeploymentStatus)
 	}
 }
 
-func (agent *Agent) updateStatusField(newStatus *protobufs.AgentToServer) (agentDescrChanged bool) {
-	if agent.Status == nil {
-		// First time this Agent reports a status, remember it.
-		agent.Status = newStatus
-		agentDescrChanged = true
+func (agent *Agent) updateStatusField(newStatus *protobufs.AgentToServer, configProvider AgentConfigProvider) bool {
+	agent.handleFirstStatus(newStatus, configProvider)
+	agentDescrChanged := agent.agentDescriptionChanged(newStatus)
+	// record healthy timestamp
+	if newStatus.Health != nil && newStatus.Health.Healthy {
+		agent.TimeAuditable.UpdatedAt = time.Unix(0, int64(newStatus.Health.StartTimeUnixNano)).UTC()
 	}
-
-	agentDescrChanged = agent.updateAgentDescription(newStatus) || agentDescrChanged
+	// notify subscribers first; this will update the status in the DB
 	agent.updateRemoteConfigStatus(newStatus)
-	agent.updateHealth(newStatus)
+	// update local reference in last.
+	agent.Status = newStatus
 	return agentDescrChanged
 }
 
@@ -237,7 +246,7 @@ func (agent *Agent) processStatusUpdate(
 	// current status is not up-to-date.
 	lostPreviousUpdate := (agent.Status == nil) || (agent.Status != nil && agent.Status.SequenceNum+1 != newStatus.SequenceNum)
 
-	agentDescrChanged := agent.updateStatusField(newStatus)
+	agentDescrChanged := agent.updateStatusField(newStatus, configProvider)
 
 	// Check if any fields were omitted in the status report.
 	effectiveConfigOmitted := newStatus.EffectiveConfig == nil &&

pkg/query-service/app/opamp/model/config.go

@@ -1,6 +1,11 @@
 package model
 
-import "github.com/SigNoz/signoz/pkg/valuer"
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/types/opamptypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
 
 // Interface for source of otel collector config recommendations.
 type AgentConfigProvider interface {
@@ -20,4 +25,10 @@ type AgentConfigProvider interface {
 		configId string,
 		err error,
 	)
+
+	// GetDeployStatusByHash returns the DeployStatus for the given config hash
+	// (with orgId prefix as stored in the DB). Returns DeployStatusUnknown when
+	// no matching row exists. Used by the agent's first-connect handler to
+	// determine whether the reported RemoteConfigStatus resolves a pending deployment.
+	GetDeployStatusByHash(ctx context.Context, orgId valuer.UUID, configHash string) (opamptypes.DeployStatus, error)
 }

pkg/query-service/app/opamp/model/coordinator.go

@@ -66,6 +66,7 @@ func ListenToConfigUpdate(orgId valuer.UUID, agentId string, hash string, ss OnC
 	defer coordinator.mutex.Unlock()
 
 	key := getSubscriberKey(orgId, hash)
+
 	if subs, ok := coordinator.subscribers[key]; ok {
 		subs = append(subs, ss)
 		coordinator.subscribers[key] = subs

pkg/query-service/rules/manager_test.go

@@ -76,6 +76,21 @@ func TestManager_TestNotification_SendUnmatched_ThresholdRule(t *testing.T) {
 					alertDataRows := cmock.NewRows(cols, tc.Values)
 
 					mock := mockStore.Mock()
+					// Mock metadata queries for FetchTemporalityAndTypeMulti
+					// First query: fetchMetricsTemporalityAndType (from signoz_metrics time series table)
+					metadataCols := []cmock.ColumnType{
+						{Name: "metric_name", Type: "String"},
+						{Name: "temporality", Type: "String"},
+						{Name: "type", Type: "String"},
+						{Name: "is_monotonic", Type: "Bool"},
+					}
+					metadataRows := cmock.NewRows(metadataCols, [][]any{
+						{"probe_success", metrictypes.Unspecified, metrictypes.GaugeType, false},
+					})
+					mock.ExpectQuery("*distributed_time_series_v4*").WithArgs(nil, nil, nil).WillReturnRows(metadataRows)
+					// Second query: fetchMeterSourceMetricsTemporalityAndType (from signoz_meter table)
+					emptyMetadataRows := cmock.NewRows(metadataCols, [][]any{})
+					mock.ExpectQuery("*meter*").WithArgs(nil).WillReturnRows(emptyMetadataRows)
 
 					// Generate query arguments for the metric query
 					evalTime := time.Now().UTC()

pkg/query-service/rules/prom_rule_task.go

@@ -7,12 +7,14 @@ import (
 	"sync"
 	"time"
 
+	"log/slog"
+
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	opentracing "github.com/opentracing/opentracing-go"
 	plabels "github.com/prometheus/prometheus/model/labels"
-	"log/slog"
 )
 
 // PromRuleTask is a promql rule executor
@@ -371,7 +373,7 @@ func (g *PromRuleTask) Eval(ctx context.Context, ts time.Time) {
 
 			comment := ctxtypes.CommentFromContext(ctx)
 			comment.Set("rule_id", rule.ID())
-			comment.Set("auth_type", "internal")
+			comment.Set("identn_provider", authtypes.IdentNProviderInternal.StringValue())
 			ctx = ctxtypes.NewContextWithComment(ctx, comment)
 
 			_, err := rule.Eval(ctx, ts)