From 737eaf79cc7e52ec9c487007f3e4e00d965847a1 Mon Sep 17 00:00:00 2001 From: Joey Orlando Date: Mon, 23 Sep 2024 12:30:31 -0400 Subject: [PATCH 1/4] ci: patch issue in gcom curl command (#5061) ## Which issue(s) this PR closes Fix https://github.com/grafana/oncall/actions/runs/10997991428/job/30535419238#step:9:1 --- .github/actions/build-sign-and-package-plugin/action.yml | 9 +++------ .github/workflows/on-release-published.yml | 3 ++- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/actions/build-sign-and-package-plugin/action.yml b/.github/actions/build-sign-and-package-plugin/action.yml index b4a6321f05..e0a9b6558b 100644 --- a/.github/actions/build-sign-and-package-plugin/action.yml +++ b/.github/actions/build-sign-and-package-plugin/action.yml @@ -7,18 +7,15 @@ inputs: it as the official plugin version. required: true outputs: + authoritative_version_number: + description: "The version number of the plugin used for publishing artifacts" + value: ${{ steps.plugin-version.outputs.version }} artifact_filename: description: "The filename of the plugin artifact" value: ${{ steps.artifact-filename.outputs.filename }} runs: using: "composite" steps: - # This will fetch the secret keys from vault and set them as environment variables for subsequent steps - - name: Get Vault secrets - uses: grafana/shared-workflows/actions/get-vault-secrets@main - with: - repo_secrets: | - GRAFANA_ACCESS_POLICY_TOKEN=github_actions:cloud-access-policy-token - name: Determine official plugin version id: plugin-version shell: bash diff --git a/.github/workflows/on-release-published.yml b/.github/workflows/on-release-published.yml index 82c40e8d77..dcb7fae09a 100644 --- a/.github/workflows/on-release-published.yml +++ b/.github/workflows/on-release-published.yml @@ -36,6 +36,7 @@ jobs: uses: grafana/shared-workflows/actions/get-vault-secrets@main with: repo_secrets: | + GRAFANA_ACCESS_POLICY_TOKEN=github_actions:cloud-access-policy-token GCS_PLUGIN_PUBLISHER_SERVICE_ACCOUNT_JSON=github_actions:gcs-plugin-publisher - name: Build, sign, and package plugin id: build-sign-and-package-plugin @@ -57,7 +58,7 @@ jobs: id: gcs-artifact-url # yamllint disable rule:line-length run: | - echo url="https://storage.googleapis.com/grafana-oncall-app/releases/grafana-oncall-app-${{ github.ref_name }}.zip" >> $GITHUB_OUTPUT + echo url="https://storage.googleapis.com/grafana-oncall-app/releases/grafana-oncall-app-${{ steps.build-sign-and-package-plugin.outputs.authoritative_version_number }}.zip" >> $GITHUB_OUTPUT - name: Publish plugin to grafana.com run: | curl -f -w "status=%{http_code}" -s -H "Authorization: Bearer ${{ env.GRAFANA_ACCESS_POLICY_TOKEN }}" -d "download[any][url]=${{ steps.gcs-artifact-url.outputs.url }}" -d "download[any][md5]=$(curl -sL ${{ steps.gcs-artifact-url.outputs.url }} | md5sum | cut -d'' '' -f1)" -d url=https://github.com/grafana/oncall/grafana-plugin https://grafana.com/api/plugins From 4abfb205ef066cd6ca04a3a4141b308bf74c3dce Mon Sep 17 00:00:00 2001 From: Matias Bordese Date: Mon, 23 Sep 2024 15:01:59 -0300 Subject: [PATCH 2/4] Ignore resolve condition template if source resolving is disabled (#5049) Related to https://github.com/grafana/support-escalations/issues/12528 --- engine/apps/alerts/models/alert_group.py | 3 +- engine/apps/alerts/tests/test_alert_group.py | 38 ++++++++++++++++++++ 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/engine/apps/alerts/models/alert_group.py b/engine/apps/alerts/models/alert_group.py index 44bdab903c..489607a434 100644 --- a/engine/apps/alerts/models/alert_group.py +++ b/engine/apps/alerts/models/alert_group.py @@ -129,7 +129,8 @@ def get_or_create_grouping(self, channel, channel_filter, group_data, received_a pass # If it's an "OK" alert, try to return the latest resolved group - if group_data.is_resolve_signal: + # (only if the channel allows source base resolving and the alert is a resolve signal) + if channel.allow_source_based_resolving and group_data.is_resolve_signal: try: return self.filter(**search_params, resolved=True).latest(), False except self.model.DoesNotExist: diff --git a/engine/apps/alerts/tests/test_alert_group.py b/engine/apps/alerts/tests/test_alert_group.py index ae2aeceedd..ddafe102ff 100644 --- a/engine/apps/alerts/tests/test_alert_group.py +++ b/engine/apps/alerts/tests/test_alert_group.py @@ -1,3 +1,4 @@ +import hashlib from unittest.mock import call, patch import pytest @@ -758,3 +759,40 @@ def test_update_state_by_backsync( assert (last_log.action_source, last_log.author, last_log.step_specific_info) == expected_log_data assert last_log.type == to_firing_log_type mock_start_escalation_if_needed.assert_called_once() + + +@pytest.mark.django_db +def test_alert_group_created_if_resolve_condition_but_auto_resolving_disabled( + make_organization, + make_alert_receive_channel, + make_alert_group, +): + organization = make_organization() + # grouping condition will match. resolve condition will evaluate to True, but auto resolving is disabled + grouping_distinction = "abcdef" + alert_receive_channel = make_alert_receive_channel( + organization, + grouping_id_template=grouping_distinction, + resolve_condition_template="True", + allow_source_based_resolving=False, + ) + # existing alert group, resolved, with a matching grouping distinction + resolved_alert_group = make_alert_group( + alert_receive_channel, + resolved=True, + distinction=hashlib.md5(grouping_distinction.encode()).hexdigest(), + ) + + # an alert for the same integration is received + alert = Alert.create( + title="the title", + message="the message", + alert_receive_channel=alert_receive_channel, + raw_request_data={}, + integration_unique_data={}, + image_url=None, + link_to_upstream_details=None, + ) + + # the alert will create a new alert group + assert alert.group != resolved_alert_group From 5bce7bf9daacbcb8c96974618b91a08d3e5f29d6 Mon Sep 17 00:00:00 2001 From: maltelehmann <54817802+maltelehmann@users.noreply.github.com> Date: Tue, 24 Sep 2024 16:47:43 +0200 Subject: [PATCH 3/4] docs: add `templates.mobile_app` entry to Integrations API docs (#5054) # What this PR does Related to https://github.com/grafana/terraform-provider-grafana/issues/1665 --------- Co-authored-by: Joey Orlando --- .../oncall-api-reference/integrations.md | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/docs/sources/oncall-api-reference/integrations.md b/docs/sources/oncall-api-reference/integrations.md index 5ae6d29214..0d75e4ca5e 100644 --- a/docs/sources/oncall-api-reference/integrations.md +++ b/docs/sources/oncall-api-reference/integrations.md @@ -17,6 +17,10 @@ refs: # Integrations HTTP API +{{< admonition type="note" >}} +⚠️ `msteams` templates are only available on Grafana Cloud +{{< /admonition >}} + ## Create an integration ```shell @@ -72,6 +76,10 @@ The above command returns JSON structured in the following way: "message": null, "image_url": null }, + "mobile_app": { + "title": null, + "message": null + }, "email": { "title": null, "message": null @@ -144,6 +152,10 @@ The above command returns JSON structured in the following way: "message": null, "image_url": null }, + "mobile_app": { + "title": null, + "message": null + }, "email": { "title": null, "message": null @@ -220,6 +232,10 @@ The above command returns JSON structured in the following way: "message": null, "image_url": null }, + "mobile_app": { + "title": null, + "message": null + }, "email": { "title": null, "message": null @@ -308,6 +324,10 @@ The above command returns JSON structured in the following way: "title": null, "message": null, "image_url": null + }, + "mobile_app": { + "title": null, + "message": null } } } From 7586b04f8a5d9ec2de8f6ba620f75b925300edc4 Mon Sep 17 00:00:00 2001 From: Joey Orlando Date: Tue, 24 Sep 2024 13:00:37 -0400 Subject: [PATCH 4/4] fix "on helm release pr merged" GitHub Actions workflow (#5069) # What this PR does - Closes https://github.com/grafana/oncall/issues/5065 - Fixes [failing update Helm repo github workflows](https://github.com/grafana/oncall/actions/workflows/on-helm-release-pr-merged.yml) (due to `secrets. GH_HELM_RELEASE` now seeming to return "Bad credentials") ## TODO - [ ] after this PR is merged and change merged to `main`, remove `GH_HELM_RELEASE` repository secret ## Checklist - [x] Unit, integration, and e2e (if applicable) tests updated - [x] Documentation added (or `pr:no public docs` PR label added if not required) - [x] Added the relevant release notes label (see labels prefixed w/ `release:`). These labels dictate how your PR will show up in the autogenerated release notes. --- .../workflows/on-helm-release-pr-merged.yml | 26 ++++++++++++++++++- helm/oncall/Chart.yaml | 2 +- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/.github/workflows/on-helm-release-pr-merged.yml b/.github/workflows/on-helm-release-pr-merged.yml index 497a5f07f2..9f107bfefd 100644 --- a/.github/workflows/on-helm-release-pr-merged.yml +++ b/.github/workflows/on-helm-release-pr-merged.yml @@ -8,11 +8,35 @@ on: - helm/oncall/Chart.yaml jobs: + get-irm-app-token: + runs-on: ubuntu-latest + outputs: + token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Get Vault secrets + id: get-secrets + uses: grafana/shared-workflows/actions/get-vault-secrets@main + with: + repo_secrets: | + GH_APP_ID=github-app:app-id + GH_APP_PRIVATE_KEY=github-app:private-key + + - name: Generate Github App token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ env.GH_APP_ID }} + private-key: ${{ env.GH_APP_PRIVATE_KEY }} + owner: grafana + repositories: "helm-charts" + call-update-helm-repo: uses: grafana/helm-charts/.github/workflows/update-helm-repo.yaml@main + needs: + - get-irm-app-token with: charts_dir: helm cr_configfile: helm/cr.yaml ct_configfile: helm/ct.yaml secrets: - helm_repo_token: ${{ secrets.GH_HELM_RELEASE }} + helm_repo_token: ${{ needs.get-irm-app-token.outputs.token }} diff --git a/helm/oncall/Chart.yaml b/helm/oncall/Chart.yaml index 8f8494ad62..c3836dbbd8 100644 --- a/helm/oncall/Chart.yaml +++ b/helm/oncall/Chart.yaml @@ -22,7 +22,7 @@ dependencies: repository: https://charts.bitnami.com/bitnami condition: rabbitmq.enabled - name: redis - version: 20.0.5 + version: 16.13.2 repository: https://charts.bitnami.com/bitnami condition: redis.enabled - name: grafana