Loading nixos/doc/manual/release-notes/rl-2211.section.md +1 −1 Original line number Diff line number Diff line Loading @@ -366,7 +366,7 @@ In addition to numerous new and upgraded packages, this release includes the fol __Note:__ secrets from these files will be leaked into the store unless you use a [**file**-provider or env-var](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#file-provider) for secrets! - [services.grafana.provision.notifiers](#opt-services.grafana.provision.notifiers) is not affected by this change because - `services.grafana.provision.notifiers` is not affected by this change because this feature is deprecated by Grafana and will probably be removed in Grafana 10. It's recommended to use `services.grafana.provision.alerting.contactPoints` instead. Loading nixos/modules/services/monitoring/grafana.nix +6 −94 Original line number Diff line number Diff line Loading @@ -47,13 +47,6 @@ let datasourceFileOrDir = mkProvisionCfg "datasource" "datasources" cfg.provision.datasources; dashboardFileOrDir = mkProvisionCfg "dashboard" "providers" cfg.provision.dashboards; notifierConfiguration = { apiVersion = 1; notifiers = cfg.provision.notifiers; }; notifierFileOrDir = pkgs.writeText "notifier.yaml" (builtins.toJSON notifierConfiguration); generateAlertingProvisioningYaml = x: if (cfg.provision.alerting."${x}".path == null) then provisioningSettingsFormat.generate "${x}.yaml" cfg.provision.alerting."${x}".settings Loading @@ -74,10 +67,9 @@ let fi ''; provisionConfDir = pkgs.runCommand "grafana-provisioning" { nativeBuildInputs = [ pkgs.xorg.lndir ]; } '' mkdir -p $out/{alerting,datasources,dashboards,notifiers,plugins} mkdir -p $out/{alerting,datasources,dashboards,plugins} ${ln { src = datasourceFileOrDir; dir = "datasources"; filename = "datasource"; }} ${ln { src = dashboardFileOrDir; dir = "dashboards"; filename = "dashboard"; }} ${ln { src = notifierFileOrDir; dir = "notifiers"; filename = "notifier"; }} ${ln { src = rulesFileOrDir; dir = "alerting"; filename = "rules"; }} ${ln { src = contactPointsFileOrDir; dir = "alerting"; filename = "contactPoints"; }} ${ln { src = policiesFileOrDir; dir = "alerting"; filename = "policies"; }} Loading Loading @@ -161,73 +153,13 @@ let }; }; }; grafanaTypes.notifierConfig = types.submodule { options = { name = mkOption { type = types.str; default = "default"; description = "Notifier name."; }; type = mkOption { type = types.enum [ "dingding" "discord" "email" "googlechat" "hipchat" "kafka" "line" "teams" "opsgenie" "pagerduty" "prometheus-alertmanager" "pushover" "sensu" "sensugo" "slack" "telegram" "threema" "victorops" "webhook" ]; description = "Notifier type."; }; uid = mkOption { type = types.str; description = "Unique notifier identifier."; }; org_id = mkOption { type = types.int; default = 1; description = "Organization ID."; }; org_name = mkOption { type = types.str; default = "Main Org."; description = "Organization name."; }; is_default = mkOption { type = types.bool; description = "Is the default notifier."; default = false; }; send_reminder = mkOption { type = types.bool; default = true; description = "Should the notifier be sent reminder notifications while alerts continue to fire."; }; frequency = mkOption { type = types.str; default = "5m"; description = "How frequently should the notifier be sent reminders."; }; disable_resolve_message = mkOption { type = types.bool; default = false; description = "Turn off the message that sends when an alert returns to OK."; }; settings = mkOption { type = types.nullOr types.attrs; default = null; description = "Settings for the notifier type."; }; secure_settings = mkOption { type = types.nullOr types.attrs; default = null; description = '' Secure settings for the notifier type. Please note that the contents of this option will end up in a world-readable Nix store. Use the file provider pointing at a reasonably secured file in the local filesystem to work around that. Look at the documentation for details: <https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#file-provider> ''; }; }; }; in { imports = [ (mkRemovedOptionModule [ "services" "grafana" "provision" "notifiers" ] '' Notifiers (services.grafana.provision.notifiers) were removed in Grafana 11. '') (mkRenamedOptionModule [ "services" "grafana" "protocol" ] [ "services" "grafana" "settings" "server" "protocol" ]) (mkRenamedOptionModule [ "services" "grafana" "addr" ] [ "services" "grafana" "settings" "server" "http_addr" ]) (mkRenamedOptionModule [ "services" "grafana" "port" ] [ "services" "grafana" "settings" "server" "http_port" ]) Loading Loading @@ -1256,15 +1188,6 @@ in }; }; notifiers = mkOption { description = "Grafana notifier configuration."; default = [ ]; type = types.listOf grafanaTypes.notifierConfig; apply = x: map _filter x; }; alerting = { rules = { path = mkOption { Loading Loading @@ -1746,12 +1669,6 @@ in Use file provider or an env-var instead. ''; # Warn about deprecated notifiers. deprecatedNotifiers = optional (cfg.provision.notifiers != [ ]) '' Notifiers are deprecated upstream and will be removed in Grafana 11. Use `services.grafana.provision.alerting.contactPoints` instead. ''; # Ensure that `secureJsonData` of datasources provisioned via `datasources.settings` # only uses file/env providers. secureJsonDataWithoutFileProvider = optional Loading @@ -1770,15 +1687,10 @@ in Declarations in the `secureJsonData`-block of a datasource will be leaked to the Nix store unless a file-provider or an env-var is used! ''; notifierSecureSettingsWithoutFileProvider = optional (any (x: x.secure_settings != null) cfg.provision.notifiers) "Notifier secure settings will be stored as plaintext in the Nix store! Use file provider instead."; in passwordWithoutFileProvider ++ deprecatedNotifiers ++ secureJsonDataWithoutFileProvider ++ notifierSecureSettingsWithoutFileProvider; ; environment.systemPackages = [ cfg.package ]; Loading nixos/tests/grafana/provision/default.nix +1 −40 Original line number Diff line number Diff line import ../../make-test-python.nix ({ lib, pkgs, ... }: let inherit (lib) mkMerge nameValuePair maintainers; inherit (lib) mkMerge maintainers; baseGrafanaConf = { services.grafana = { Loading Loading @@ -33,35 +33,6 @@ let }; extraNodeConfs = { provisionLegacyNotifiers = { services.grafana.provision = { datasources.settings = { apiVersion = 1; datasources = [{ name = "Test Datasource"; type = "testdata"; access = "proxy"; uid = "test_datasource"; }]; }; dashboards.settings = { apiVersion = 1; providers = [{ name = "default"; options.path = "/var/lib/grafana/dashboards"; }]; }; notifiers = [{ uid = "test_notifiers"; name = "Test Notifiers"; type = "email"; settings = { singleEmail = true; addresses = "test@test.com"; }; }]; }; }; provisionNix = { services.grafana.provision = { datasources.settings = { Loading Loading @@ -242,15 +213,5 @@ in { machine.succeed( "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/v1/provisioning/mute-timings | grep Test\ Mute\ Timing" ) with subtest("Successful notifiers provision"): provisionLegacyNotifiers.wait_for_unit("grafana.service") provisionLegacyNotifiers.wait_for_open_port(3000) print(provisionLegacyNotifiers.succeed( "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/alert-notifications/uid/test_notifiers" )) provisionLegacyNotifiers.succeed( "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/alert-notifications/uid/test_notifiers | grep Test\ Notifiers" ) ''; }) pkgs/servers/monitoring/grafana/default.nix +13 −8 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ , yarn, nodejs, python3, cacert , jq, moreutils , nix-update-script, nixosTests, xcbuild , util-linux }: let Loading @@ -21,7 +22,7 @@ let in buildGoModule rec { pname = "grafana"; version = "10.4.2"; version = "11.0.0"; subPackages = [ "pkg/cmd/grafana" "pkg/cmd/grafana-server" "pkg/cmd/grafana-cli" ]; Loading @@ -29,7 +30,7 @@ buildGoModule rec { owner = "grafana"; repo = "grafana"; rev = "v${version}"; hash = "sha256-ahG9ABJJUUgrFqqNjkJRA1Gia8T4J90jIsCMFOhZ55w="; hash = "sha256-cC1dpgb8IiyPIqlVvn8Qi1l7j6lLtQF+BOOO+DQCp4E="; }; # borrowed from: https://github.com/NixOS/nixpkgs/blob/d70d9425f49f9aba3c49e2c389fe6d42bac8c5b0/pkgs/development/tools/analysis/snyk/default.nix#L20-L22 Loading Loading @@ -65,16 +66,16 @@ buildGoModule rec { dontFixup = true; outputHashMode = "recursive"; outputHash = rec { x86_64-linux = "sha256-3CZgs732c6Z64t2sfWjPAmMFKVTzoolv2TwrbjeRCBA="; x86_64-linux = "sha256-+Udq8oQSIAHku55VKnrfgHHevzBels0QiOZwnwuts8k="; aarch64-linux = x86_64-linux; aarch64-darwin = "sha256-NKEajOe9uDZw0MF5leiKBIRH1CHUELRho7gyCa96BO8="; aarch64-darwin = "sha256-m3jtZNz0J2nZwFHXVp3ApgDfnGBOJvFeUpqOPQqv200="; x86_64-darwin = aarch64-darwin; }.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); }; disallowedRequisites = [ offlineCache ]; vendorHash = "sha256-XmIF/ZWVO1qjSmRPTFnHgxvnliXXicGgsV8gQcKJl9U="; vendorHash = "sha256-kcdW6RQghyAOZUDmIo9G6YBC+YaLHdafvj+fCd+dcDE="; proxyVendor = true; Loading @@ -90,7 +91,6 @@ buildGoModule rec { wire gen -tags oss ./pkg/server wire gen -tags oss ./pkg/cmd/grafana-cli/runner GOARCH= CGO_ENABLED=0 go generate ./pkg/plugins/plugindef GOARCH= CGO_ENABLED=0 go generate ./kinds/gen.go GOARCH= CGO_ENABLED=0 go generate ./public/app/plugins/gen.go # Setup node_modules Loading @@ -105,7 +105,7 @@ buildGoModule rec { yarn config set enableTelemetry 0 yarn config set cacheFolder $offlineCache yarn --immutable-cache yarn install --immutable-cache # The build OOMs on memory constrained aarch64 without this export NODE_OPTIONS=--max_old_space_size=4096 Loading @@ -113,7 +113,9 @@ buildGoModule rec { postBuild = '' # After having built all the Go code, run the JS builders now. yarn run build # Workaround for https://github.com/nrwl/nx/issues/22445 ${util-linux}/bin/script -c 'yarn run build' /dev/null yarn run plugins:build-bundled ''; Loading Loading @@ -154,5 +156,8 @@ buildGoModule rec { maintainers = with maintainers; [ offline fpletz willibutz globin ma27 Frostman ]; platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ]; mainProgram = "grafana-server"; # requires util-linux to work around https://github.com/nrwl/nx/issues/22445 # `script` doesn't seem to be part of util-linux on Darwin though. broken = stdenv.isDarwin; }; } Loading
nixos/doc/manual/release-notes/rl-2211.section.md +1 −1 Original line number Diff line number Diff line Loading @@ -366,7 +366,7 @@ In addition to numerous new and upgraded packages, this release includes the fol __Note:__ secrets from these files will be leaked into the store unless you use a [**file**-provider or env-var](https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#file-provider) for secrets! - [services.grafana.provision.notifiers](#opt-services.grafana.provision.notifiers) is not affected by this change because - `services.grafana.provision.notifiers` is not affected by this change because this feature is deprecated by Grafana and will probably be removed in Grafana 10. It's recommended to use `services.grafana.provision.alerting.contactPoints` instead. Loading
nixos/modules/services/monitoring/grafana.nix +6 −94 Original line number Diff line number Diff line Loading @@ -47,13 +47,6 @@ let datasourceFileOrDir = mkProvisionCfg "datasource" "datasources" cfg.provision.datasources; dashboardFileOrDir = mkProvisionCfg "dashboard" "providers" cfg.provision.dashboards; notifierConfiguration = { apiVersion = 1; notifiers = cfg.provision.notifiers; }; notifierFileOrDir = pkgs.writeText "notifier.yaml" (builtins.toJSON notifierConfiguration); generateAlertingProvisioningYaml = x: if (cfg.provision.alerting."${x}".path == null) then provisioningSettingsFormat.generate "${x}.yaml" cfg.provision.alerting."${x}".settings Loading @@ -74,10 +67,9 @@ let fi ''; provisionConfDir = pkgs.runCommand "grafana-provisioning" { nativeBuildInputs = [ pkgs.xorg.lndir ]; } '' mkdir -p $out/{alerting,datasources,dashboards,notifiers,plugins} mkdir -p $out/{alerting,datasources,dashboards,plugins} ${ln { src = datasourceFileOrDir; dir = "datasources"; filename = "datasource"; }} ${ln { src = dashboardFileOrDir; dir = "dashboards"; filename = "dashboard"; }} ${ln { src = notifierFileOrDir; dir = "notifiers"; filename = "notifier"; }} ${ln { src = rulesFileOrDir; dir = "alerting"; filename = "rules"; }} ${ln { src = contactPointsFileOrDir; dir = "alerting"; filename = "contactPoints"; }} ${ln { src = policiesFileOrDir; dir = "alerting"; filename = "policies"; }} Loading Loading @@ -161,73 +153,13 @@ let }; }; }; grafanaTypes.notifierConfig = types.submodule { options = { name = mkOption { type = types.str; default = "default"; description = "Notifier name."; }; type = mkOption { type = types.enum [ "dingding" "discord" "email" "googlechat" "hipchat" "kafka" "line" "teams" "opsgenie" "pagerduty" "prometheus-alertmanager" "pushover" "sensu" "sensugo" "slack" "telegram" "threema" "victorops" "webhook" ]; description = "Notifier type."; }; uid = mkOption { type = types.str; description = "Unique notifier identifier."; }; org_id = mkOption { type = types.int; default = 1; description = "Organization ID."; }; org_name = mkOption { type = types.str; default = "Main Org."; description = "Organization name."; }; is_default = mkOption { type = types.bool; description = "Is the default notifier."; default = false; }; send_reminder = mkOption { type = types.bool; default = true; description = "Should the notifier be sent reminder notifications while alerts continue to fire."; }; frequency = mkOption { type = types.str; default = "5m"; description = "How frequently should the notifier be sent reminders."; }; disable_resolve_message = mkOption { type = types.bool; default = false; description = "Turn off the message that sends when an alert returns to OK."; }; settings = mkOption { type = types.nullOr types.attrs; default = null; description = "Settings for the notifier type."; }; secure_settings = mkOption { type = types.nullOr types.attrs; default = null; description = '' Secure settings for the notifier type. Please note that the contents of this option will end up in a world-readable Nix store. Use the file provider pointing at a reasonably secured file in the local filesystem to work around that. Look at the documentation for details: <https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#file-provider> ''; }; }; }; in { imports = [ (mkRemovedOptionModule [ "services" "grafana" "provision" "notifiers" ] '' Notifiers (services.grafana.provision.notifiers) were removed in Grafana 11. '') (mkRenamedOptionModule [ "services" "grafana" "protocol" ] [ "services" "grafana" "settings" "server" "protocol" ]) (mkRenamedOptionModule [ "services" "grafana" "addr" ] [ "services" "grafana" "settings" "server" "http_addr" ]) (mkRenamedOptionModule [ "services" "grafana" "port" ] [ "services" "grafana" "settings" "server" "http_port" ]) Loading Loading @@ -1256,15 +1188,6 @@ in }; }; notifiers = mkOption { description = "Grafana notifier configuration."; default = [ ]; type = types.listOf grafanaTypes.notifierConfig; apply = x: map _filter x; }; alerting = { rules = { path = mkOption { Loading Loading @@ -1746,12 +1669,6 @@ in Use file provider or an env-var instead. ''; # Warn about deprecated notifiers. deprecatedNotifiers = optional (cfg.provision.notifiers != [ ]) '' Notifiers are deprecated upstream and will be removed in Grafana 11. Use `services.grafana.provision.alerting.contactPoints` instead. ''; # Ensure that `secureJsonData` of datasources provisioned via `datasources.settings` # only uses file/env providers. secureJsonDataWithoutFileProvider = optional Loading @@ -1770,15 +1687,10 @@ in Declarations in the `secureJsonData`-block of a datasource will be leaked to the Nix store unless a file-provider or an env-var is used! ''; notifierSecureSettingsWithoutFileProvider = optional (any (x: x.secure_settings != null) cfg.provision.notifiers) "Notifier secure settings will be stored as plaintext in the Nix store! Use file provider instead."; in passwordWithoutFileProvider ++ deprecatedNotifiers ++ secureJsonDataWithoutFileProvider ++ notifierSecureSettingsWithoutFileProvider; ; environment.systemPackages = [ cfg.package ]; Loading
nixos/tests/grafana/provision/default.nix +1 −40 Original line number Diff line number Diff line import ../../make-test-python.nix ({ lib, pkgs, ... }: let inherit (lib) mkMerge nameValuePair maintainers; inherit (lib) mkMerge maintainers; baseGrafanaConf = { services.grafana = { Loading Loading @@ -33,35 +33,6 @@ let }; extraNodeConfs = { provisionLegacyNotifiers = { services.grafana.provision = { datasources.settings = { apiVersion = 1; datasources = [{ name = "Test Datasource"; type = "testdata"; access = "proxy"; uid = "test_datasource"; }]; }; dashboards.settings = { apiVersion = 1; providers = [{ name = "default"; options.path = "/var/lib/grafana/dashboards"; }]; }; notifiers = [{ uid = "test_notifiers"; name = "Test Notifiers"; type = "email"; settings = { singleEmail = true; addresses = "test@test.com"; }; }]; }; }; provisionNix = { services.grafana.provision = { datasources.settings = { Loading Loading @@ -242,15 +213,5 @@ in { machine.succeed( "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/v1/provisioning/mute-timings | grep Test\ Mute\ Timing" ) with subtest("Successful notifiers provision"): provisionLegacyNotifiers.wait_for_unit("grafana.service") provisionLegacyNotifiers.wait_for_open_port(3000) print(provisionLegacyNotifiers.succeed( "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/alert-notifications/uid/test_notifiers" )) provisionLegacyNotifiers.succeed( "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/alert-notifications/uid/test_notifiers | grep Test\ Notifiers" ) ''; })
pkgs/servers/monitoring/grafana/default.nix +13 −8 Original line number Diff line number Diff line Loading @@ -3,6 +3,7 @@ , yarn, nodejs, python3, cacert , jq, moreutils , nix-update-script, nixosTests, xcbuild , util-linux }: let Loading @@ -21,7 +22,7 @@ let in buildGoModule rec { pname = "grafana"; version = "10.4.2"; version = "11.0.0"; subPackages = [ "pkg/cmd/grafana" "pkg/cmd/grafana-server" "pkg/cmd/grafana-cli" ]; Loading @@ -29,7 +30,7 @@ buildGoModule rec { owner = "grafana"; repo = "grafana"; rev = "v${version}"; hash = "sha256-ahG9ABJJUUgrFqqNjkJRA1Gia8T4J90jIsCMFOhZ55w="; hash = "sha256-cC1dpgb8IiyPIqlVvn8Qi1l7j6lLtQF+BOOO+DQCp4E="; }; # borrowed from: https://github.com/NixOS/nixpkgs/blob/d70d9425f49f9aba3c49e2c389fe6d42bac8c5b0/pkgs/development/tools/analysis/snyk/default.nix#L20-L22 Loading Loading @@ -65,16 +66,16 @@ buildGoModule rec { dontFixup = true; outputHashMode = "recursive"; outputHash = rec { x86_64-linux = "sha256-3CZgs732c6Z64t2sfWjPAmMFKVTzoolv2TwrbjeRCBA="; x86_64-linux = "sha256-+Udq8oQSIAHku55VKnrfgHHevzBels0QiOZwnwuts8k="; aarch64-linux = x86_64-linux; aarch64-darwin = "sha256-NKEajOe9uDZw0MF5leiKBIRH1CHUELRho7gyCa96BO8="; aarch64-darwin = "sha256-m3jtZNz0J2nZwFHXVp3ApgDfnGBOJvFeUpqOPQqv200="; x86_64-darwin = aarch64-darwin; }.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); }; disallowedRequisites = [ offlineCache ]; vendorHash = "sha256-XmIF/ZWVO1qjSmRPTFnHgxvnliXXicGgsV8gQcKJl9U="; vendorHash = "sha256-kcdW6RQghyAOZUDmIo9G6YBC+YaLHdafvj+fCd+dcDE="; proxyVendor = true; Loading @@ -90,7 +91,6 @@ buildGoModule rec { wire gen -tags oss ./pkg/server wire gen -tags oss ./pkg/cmd/grafana-cli/runner GOARCH= CGO_ENABLED=0 go generate ./pkg/plugins/plugindef GOARCH= CGO_ENABLED=0 go generate ./kinds/gen.go GOARCH= CGO_ENABLED=0 go generate ./public/app/plugins/gen.go # Setup node_modules Loading @@ -105,7 +105,7 @@ buildGoModule rec { yarn config set enableTelemetry 0 yarn config set cacheFolder $offlineCache yarn --immutable-cache yarn install --immutable-cache # The build OOMs on memory constrained aarch64 without this export NODE_OPTIONS=--max_old_space_size=4096 Loading @@ -113,7 +113,9 @@ buildGoModule rec { postBuild = '' # After having built all the Go code, run the JS builders now. yarn run build # Workaround for https://github.com/nrwl/nx/issues/22445 ${util-linux}/bin/script -c 'yarn run build' /dev/null yarn run plugins:build-bundled ''; Loading Loading @@ -154,5 +156,8 @@ buildGoModule rec { maintainers = with maintainers; [ offline fpletz willibutz globin ma27 Frostman ]; platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ]; mainProgram = "grafana-server"; # requires util-linux to work around https://github.com/nrwl/nx/issues/22445 # `script` doesn't seem to be part of util-linux on Darwin though. broken = stdenv.isDarwin; }; }
