opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-31 13:22:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
60,980 Commits 2,376 Branches 619 Tags
Commit Graph

12 Commits

Author SHA1 Message Date
Mihai Turdean
a3af6023c3 Zanzana: Support more cache configuration options (#107155) 2025-07-10 19:51:02 +00:00
Alexander Zobnin
57c59cf3cb Zanzana: Fix setting override with env variable (#107306) 2025-06-30 10:24:45 +02:00
Cory Forseth
41a4841e57 Zanzana: add flag for running zanzana server insecurely (#107130) 
* add flag for running zanzana server insecurely

* Only allow insecure connections in dev environment

Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>

---------

Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
 2025-06-25 22:47:53 +00:00
mohammad-hamid
a255ae6b0b Read in cert file path from env vars (#103643) 
use cert file path
 2025-04-10 09:56:41 -04:00
mohammad-hamid
192d3783d5 Zanzana/enable TLS for client side gRPC (#103000) 
* zanzana - add tls to the client

* remove todo

* gofmt

* adjust comment
 2025-04-02 09:12:58 -04:00
Karl Persson
2187a66f2b Zanzana: Split up settings into client and server sections (#99066) 
* Split up zanzana settings into client and server sections

* Update workspace
 2025-01-16 13:39:39 +01:00
Alexander Zobnin
5922015fec Zanzana: Setup GRPC authentication in client/server mode (#98680) 
* Zanzana: Setup GRPC authentication in client/server mode

* don't use grpcutils

* refactor

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

* Add a namespace stub for in-proc mode

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

* Read parameters from config

* authorize server requests

* add namespace to the tests context

* use stack id from config

* simplify authorize func

* properly format namespace

* return Unauthenticated if namespace is empty

* use insecure cred only in dev env

* check request namespace

* Use CallCredentials API for client auth

* provide config

* fail if stack id is missing

* improve error message

* use insecure connection by default

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
 2025-01-13 10:02:15 +01:00
Alexander Zobnin
5a91ab46af Zanzana: Use StreamedListObjects to fetch full list of resources (#97025) 
* Initial streamed version of list

* instantiate openfga client to use StreamedListObjects

* Add config option for using streamed version

* Use caching

* fix cache init

* Fix hashing

* refactor
 2024-11-27 14:05:41 +02:00
Alexander Zobnin
fcfa4aa777 Zanzana: Add config options for Check and ListObjects queries (#94619) 
* Zanzana: Add config options for Check and ListObjects queries

* remove fixme

* pass only zanzana settings
 2024-10-14 14:44:47 +03:00
Alexander Zobnin
5d724c2482 Zanzana: Initial dashboard search (#93093) 
* Zanzana: Search in a background and compare results

* refactor

* Search with check

* instrument zanzana client

* add single_read option

* refactor

* refactor move check into separate function

* Fix tests

* refactor

* refactor getFindDashboardsFn

* add resource type to span attributes

* run ListObjects concurrently

* Use list and search in less cases

* adjust metrics buckets

* refactor: move Check and ListObjects to AccessControl implementation

* Revert "Fix tests"

This reverts commit b0c2f072a25029905fdbd26625fdc7a243d4a308.

* refactor: use own types for Check and ListObjects inside accesscontrol package

* Fix search scenario with low limit and empty query string

* more accurate search with checks

* revert

* fix linter

* Revert "revert"

This reverts commit ee5f14eea8c2f69e0b59f4a5094d708ac58b0169.

* add search errors metric

* fix query performance under some conditions

* simplify check strategy

* fix pagination

* refactor findDashboardsZanzanaList

* Iterate over multiple pages while making check request

* refactor listUserResources

* avoid unnecessary db call

* remove unused zclient

* Add notes for SkipAccessControlFilter

* use more accurate check loop

* always use check for search with provided UIDs

* rename single_read to zanzana_only_evaluation

* refactor

* update go workspace

* fix linter

* don't use deprecated fields

* refactor

* fail if no org specified

* refactor

* initial integration tests

* Fix tests

* fix linter errors

* fix linter

* Fix tests

* review suggestions

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* fix limit

* refactor

* refactor tests

* fix db config in tests

* fix migrator (postgres)

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
 2024-10-04 12:27:10 +02:00
Alexander Zobnin
f1968bbcbb Zanzana: Run OpenFGA HTTP server in standalone mode (#89914) 
* Zanzana: Listen http to handle fga cli requests.

* make configurable

* start http server during service run

* wait for GRPC server is ready

* remove unnecessary logs

* fix linter errors

* run only in devenv

* make address configurable
 2024-07-02 11:14:09 +02:00
Karl Persson
606a74d0af Zanzana: Initial work to run openFGA as embedded or standalone service (#89211) 
* Zanana: Initial work to run zanana as ebeddedn or standalone

* Add addr settings for when remote client is used.

* sync dependencies

* Lock mysql driver version
---------

Co-authored-by: Dan Cech <dcech@grafana.com>
 2024-06-18 10:04:18 +02:00