From 329ced88434542155a3b0af792d007bc9476fc94 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Sep 21 2022 12:28:28 +0000 Subject: update to upstream Grafana 9.0.9 --- diff --git a/0001-update-grafana-cli-script-with-distro-specific-paths.patch b/0001-update-grafana-cli-script-with-distro-specific-paths.patch index 3ceb1eb..8d639a1 100644 --- a/0001-update-grafana-cli-script-with-distro-specific-paths.patch +++ b/0001-update-grafana-cli-script-with-distro-specific-paths.patch @@ -1,4 +1,4 @@ -From 055e0dd18587a4fb04d314527a39e419989b6cd3 Mon Sep 17 00:00:00 2001 +From 8ec3bc255d50a53ab206a59d9c0a5bd6560d12b1 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 16:57:52 +0200 Subject: [PATCH] update grafana-cli script with distro-specific paths and diff --git a/0002-add-manpages.patch b/0002-add-manpages.patch index dd30b49..e128789 100644 --- a/0002-add-manpages.patch +++ b/0002-add-manpages.patch @@ -1,4 +1,4 @@ -From af9688a2f1d15fa4b4840a0224ec159a97bcc411 Mon Sep 17 00:00:00 2001 +From 2af478556ea021b939381cdf69582cd045dd6c85 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:01:09 +0200 Subject: [PATCH] add manpages @@ -6,11 +6,11 @@ Subject: [PATCH] add manpages diff --git a/docs/man/man1/grafana-cli.1 b/docs/man/man1/grafana-cli.1 new file mode 100644 -index 0000000000..081d35bfae +index 0000000000..2dc5073206 --- /dev/null +++ b/docs/man/man1/grafana-cli.1 @@ -0,0 +1,63 @@ -+.TH GRAFANA "1" "September 2022" "Grafana cli version 9.0.8" "User Commands" ++.TH GRAFANA "1" "September 2022" "Grafana cli version 9.0.9" "User Commands" +.SH NAME +grafana-cli \- command line administration for the Grafana metrics dashboard and graph editor +.SH DESCRIPTION @@ -75,11 +75,11 @@ index 0000000000..081d35bfae +.BR http://docs.grafana.org/ . diff --git a/docs/man/man1/grafana-server.1 b/docs/man/man1/grafana-server.1 new file mode 100644 -index 0000000000..a10acbb253 +index 0000000000..7f33239ea4 --- /dev/null +++ b/docs/man/man1/grafana-server.1 @@ -0,0 +1,80 @@ -+.TH VERSION "1" "September 2022" "Version 9.0.8" "User Commands" ++.TH VERSION "1" "September 2022" "Version 9.0.9" "User Commands" +.SH NAME +grafana-server \- back-end server for the Grafana metrics dashboard and graph editor +.SH DESCRIPTION diff --git a/0003-update-default-configuration.patch b/0003-update-default-configuration.patch index 97ec495..328007c 100644 --- a/0003-update-default-configuration.patch +++ b/0003-update-default-configuration.patch @@ -1,11 +1,11 @@ -From 4e98684081dff58ff4159e7c4af46227c85b77c6 Mon Sep 17 00:00:00 2001 +From 1a5bc46ab64b80717ff9f17d194171db76a0507d Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:05:48 +0200 Subject: [PATCH] update default configuration diff --git a/conf/defaults.ini b/conf/defaults.ini -index b2034acc9a..7137cd5707 100644 +index dbb7143be4..4a3cf0a21d 100644 --- a/conf/defaults.ini +++ b/conf/defaults.ini @@ -190,7 +190,7 @@ row_limit = 1000000 @@ -27,7 +27,7 @@ index b2034acc9a..7137cd5707 100644 # Set to false to disable all checks to https://grafana.com # for new versions of plugins. The check is used diff --git a/conf/sample.ini b/conf/sample.ini -index b5c2e2eae2..24e77d5233 100644 +index d44532f346..1ede932e1e 100644 --- a/conf/sample.ini +++ b/conf/sample.ini @@ -196,7 +196,7 @@ @@ -57,7 +57,7 @@ index b5c2e2eae2..24e77d5233 100644 # Path to the default home dashboard. If this value is empty, then Grafana uses StaticRootPath + "dashboards/home.json" ;default_home_dashboard_path = -@@ -1026,7 +1026,7 @@ +@@ -1028,7 +1028,7 @@ ;enable_alpha = false ;app_tls_skip_verify_insecure = false # Enter a comma-separated list of plugin identifiers to identify plugins to load even if they are unsigned. Plugins with modified signatures are never loaded. diff --git a/0004-remove-unused-backend-dependencies.patch b/0004-remove-unused-backend-dependencies.patch index af9fb9f..0db9996 100644 --- a/0004-remove-unused-backend-dependencies.patch +++ b/0004-remove-unused-backend-dependencies.patch @@ -1,4 +1,4 @@ -From 64155b6b75589f127b304c1bc04a21baaaf92961 Mon Sep 17 00:00:00 2001 +From 9fa3bbb227b19b13b02fa7e24cb4331e4918cc06 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:18:56 +0200 Subject: [PATCH] remove unused backend dependencies diff --git a/0005-remove-unused-frontend-crypto.patch b/0005-remove-unused-frontend-crypto.patch index 6e660d7..a874271 100644 --- a/0005-remove-unused-frontend-crypto.patch +++ b/0005-remove-unused-frontend-crypto.patch @@ -1,4 +1,4 @@ -From 7aacc4ad1439e13a0b1aee0f5775819fb1434ebf Mon Sep 17 00:00:00 2001 +From 8a665403e0dfad72eede05b6088a6851776a6489 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Wed, 22 Jun 2022 17:36:47 +0200 Subject: [PATCH] remove unused frontend crypto @@ -7,7 +7,7 @@ update `package.json` and then run `yarn install` to update the `yarn.lock` lockfile diff --git a/package.json b/package.json -index 2741ac47bf..9c2e666bf2 100644 +index 5e2875090b..137a307f14 100644 --- a/package.json +++ b/package.json @@ -396,6 +396,9 @@ @@ -18,13 +18,13 @@ index 2741ac47bf..9c2e666bf2 100644 + "selfsigned": "https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz", + "http-signature": "https://registry.yarnpkg.com/@favware/skip-dependency/-/skip-dependency-1.1.3.tgz", "underscore": "1.13.3", - "@types/slate": "0.47.2", + "@types/slate": "0.47.9", "@microsoft/api-extractor-model": "7.17.3", diff --git a/yarn.lock b/yarn.lock -index 1bb1a2f2f5..27fd81c9be 100644 +index 8132e0f942..b41c0efb1b 100644 --- a/yarn.lock +++ b/yarn.lock -@@ -12285,34 +12285,6 @@ __metadata: +@@ -12256,34 +12256,6 @@ __metadata: languageName: node linkType: hard @@ -59,7 +59,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "assert@npm:2.0.0": version: 2.0.0 resolution: "assert@npm:2.0.0" -@@ -12899,15 +12871,6 @@ __metadata: +@@ -12870,15 +12842,6 @@ __metadata: languageName: node linkType: hard @@ -75,7 +75,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "before-after-hook@npm:^2.2.0": version: 2.2.2 resolution: "before-after-hook@npm:2.2.2" -@@ -12999,20 +12962,6 @@ __metadata: +@@ -12970,20 +12933,6 @@ __metadata: languageName: node linkType: hard @@ -96,7 +96,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "body-parser@npm:1.19.0": version: 1.19.0 resolution: "body-parser@npm:1.19.0" -@@ -13137,13 +13086,6 @@ __metadata: +@@ -13108,13 +13057,6 @@ __metadata: languageName: node linkType: hard @@ -110,7 +110,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "browser-process-hrtime@npm:^1.0.0": version: 1.0.0 resolution: "browser-process-hrtime@npm:1.0.0" -@@ -13158,70 +13100,6 @@ __metadata: +@@ -13129,70 +13071,6 @@ __metadata: languageName: node linkType: hard @@ -181,7 +181,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "browserify-zlib@npm:^0.2.0": version: 0.2.0 resolution: "browserify-zlib@npm:0.2.0" -@@ -13323,13 +13201,6 @@ __metadata: +@@ -13294,13 +13172,6 @@ __metadata: languageName: node linkType: hard @@ -195,7 +195,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "buffer@npm:^4.3.0": version: 4.9.2 resolution: "buffer@npm:4.9.2" -@@ -13925,16 +13796,6 @@ __metadata: +@@ -13896,16 +13767,6 @@ __metadata: languageName: node linkType: hard @@ -212,7 +212,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "cjs-module-lexer@npm:^1.0.0": version: 1.2.2 resolution: "cjs-module-lexer@npm:1.2.2" -@@ -14835,13 +14696,6 @@ __metadata: +@@ -14806,13 +14667,6 @@ __metadata: languageName: node linkType: hard @@ -226,7 +226,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "core-util-is@npm:~1.0.0": version: 1.0.3 resolution: "core-util-is@npm:1.0.3" -@@ -14911,16 +14765,6 @@ __metadata: +@@ -14882,16 +14736,6 @@ __metadata: languageName: node linkType: hard @@ -243,7 +243,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "create-emotion@npm:^10.0.14, create-emotion@npm:^10.0.27": version: 10.0.27 resolution: "create-emotion@npm:10.0.27" -@@ -14933,33 +14777,6 @@ __metadata: +@@ -14904,33 +14748,6 @@ __metadata: languageName: node linkType: hard @@ -277,7 +277,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "create-require@npm:^1.1.0": version: 1.1.1 resolution: "create-require@npm:1.1.1" -@@ -14991,22 +14808,10 @@ __metadata: +@@ -14962,22 +14779,10 @@ __metadata: languageName: node linkType: hard @@ -304,7 +304,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 languageName: node linkType: hard -@@ -15957,15 +15762,6 @@ __metadata: +@@ -15928,15 +15733,6 @@ __metadata: languageName: node linkType: hard @@ -320,7 +320,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "data-urls@npm:^2.0.0": version: 2.0.0 resolution: "data-urls@npm:2.0.0" -@@ -16280,16 +16076,6 @@ __metadata: +@@ -16251,16 +16047,6 @@ __metadata: languageName: node linkType: hard @@ -337,7 +337,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "destroy@npm:~1.0.4": version: 1.0.4 resolution: "destroy@npm:1.0.4" -@@ -16426,17 +16212,6 @@ __metadata: +@@ -16397,17 +16183,6 @@ __metadata: languageName: node linkType: hard @@ -355,7 +355,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "dir-glob@npm:^2.2.2": version: 2.2.2 resolution: "dir-glob@npm:2.2.2" -@@ -16723,16 +16498,6 @@ __metadata: +@@ -16694,16 +16469,6 @@ __metadata: languageName: node linkType: hard @@ -372,7 +372,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "ee-first@npm:1.1.1": version: 1.1.1 resolution: "ee-first@npm:1.1.1" -@@ -16777,21 +16542,6 @@ __metadata: +@@ -16748,21 +16513,6 @@ __metadata: languageName: node linkType: hard @@ -394,7 +394,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "emitter-component@npm:^1.1.1": version: 1.1.1 resolution: "emitter-component@npm:1.1.1" -@@ -17745,17 +17495,6 @@ __metadata: +@@ -17716,17 +17466,6 @@ __metadata: languageName: node linkType: hard @@ -412,7 +412,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "exec-sh@npm:^0.3.2": version: 0.3.6 resolution: "exec-sh@npm:0.3.6" -@@ -18035,20 +17774,6 @@ __metadata: +@@ -18006,20 +17745,6 @@ __metadata: languageName: node linkType: hard @@ -433,7 +433,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "fast-deep-equal@npm:^3.0.0, fast-deep-equal@npm:^3.1.1, fast-deep-equal@npm:^3.1.3": version: 3.1.3 resolution: "fast-deep-equal@npm:3.1.3" -@@ -19075,15 +18800,6 @@ __metadata: +@@ -19046,15 +18771,6 @@ __metadata: languageName: node linkType: hard @@ -449,7 +449,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "git-raw-commits@npm:^2.0.8": version: 2.0.10 resolution: "git-raw-commits@npm:2.0.10" -@@ -19916,27 +19632,6 @@ __metadata: +@@ -19887,27 +19603,6 @@ __metadata: languageName: node linkType: hard @@ -477,7 +477,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "hast-to-hyperscript@npm:^9.0.0": version: 9.0.1 resolution: "hast-to-hyperscript@npm:9.0.1" -@@ -20072,17 +19767,6 @@ __metadata: +@@ -20043,17 +19738,6 @@ __metadata: languageName: node linkType: hard @@ -495,7 +495,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "hoist-non-react-statics@npm:3.3.2, hoist-non-react-statics@npm:^3.1.0, hoist-non-react-statics@npm:^3.3.0, hoist-non-react-statics@npm:^3.3.1, hoist-non-react-statics@npm:^3.3.2": version: 3.3.2 resolution: "hoist-non-react-statics@npm:3.3.2" -@@ -20423,25 +20107,10 @@ __metadata: +@@ -20394,25 +20078,10 @@ __metadata: languageName: node linkType: hard @@ -525,7 +525,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 languageName: node linkType: hard -@@ -22591,13 +22260,6 @@ __metadata: +@@ -22562,13 +22231,6 @@ __metadata: languageName: node linkType: hard @@ -539,7 +539,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "jsdoc-type-pratt-parser@npm:~2.2.5": version: 2.2.5 resolution: "jsdoc-type-pratt-parser@npm:2.2.5" -@@ -22712,13 +22374,6 @@ __metadata: +@@ -22683,13 +22345,6 @@ __metadata: languageName: node linkType: hard @@ -553,7 +553,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "json-source-map@npm:0.6.1": version: 0.6.1 resolution: "json-source-map@npm:0.6.1" -@@ -22822,30 +22477,6 @@ __metadata: +@@ -22793,30 +22448,6 @@ __metadata: languageName: node linkType: hard @@ -584,7 +584,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "jsurl@npm:^0.1.5": version: 0.1.5 resolution: "jsurl@npm:0.1.5" -@@ -23847,17 +23478,6 @@ __metadata: +@@ -23818,17 +23449,6 @@ __metadata: languageName: node linkType: hard @@ -602,7 +602,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "mdast-squeeze-paragraphs@npm:^4.0.0": version: 4.0.0 resolution: "mdast-squeeze-paragraphs@npm:4.0.0" -@@ -24137,18 +23757,6 @@ __metadata: +@@ -24108,18 +23728,6 @@ __metadata: languageName: node linkType: hard @@ -621,7 +621,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "mime-db@npm:1.50.0, mime-db@npm:>= 1.43.0 < 2": version: 1.50.0 resolution: "mime-db@npm:1.50.0" -@@ -24276,20 +23884,13 @@ __metadata: +@@ -24247,20 +23855,13 @@ __metadata: languageName: node linkType: hard @@ -643,7 +643,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "minimatch@npm:3.0.4, minimatch@npm:^3.0.4": version: 3.0.4 resolution: "minimatch@npm:3.0.4" -@@ -24932,13 +24533,6 @@ __metadata: +@@ -24903,13 +24504,6 @@ __metadata: languageName: node linkType: hard @@ -657,7 +657,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "node-gettext@npm:^3.0.0": version: 3.0.0 resolution: "node-gettext@npm:3.0.0" -@@ -26053,19 +25647,6 @@ __metadata: +@@ -26024,19 +25618,6 @@ __metadata: languageName: node linkType: hard @@ -677,7 +677,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "parse-entities@npm:^2.0.0": version: 2.0.0 resolution: "parse-entities@npm:2.0.0" -@@ -26287,19 +25868,6 @@ __metadata: +@@ -26258,19 +25839,6 @@ __metadata: languageName: node linkType: hard @@ -697,7 +697,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "pend@npm:~1.2.0": version: 1.2.0 resolution: "pend@npm:1.2.0" -@@ -27988,20 +27556,6 @@ __metadata: +@@ -27959,20 +27527,6 @@ __metadata: languageName: node linkType: hard @@ -718,7 +718,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "pump@npm:^2.0.0": version: 2.0.1 resolution: "pump@npm:2.0.1" -@@ -28210,7 +27764,7 @@ __metadata: +@@ -28181,7 +27735,7 @@ __metadata: languageName: node linkType: hard @@ -727,7 +727,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 version: 2.1.0 resolution: "randombytes@npm:2.1.0" dependencies: -@@ -28219,16 +27773,6 @@ __metadata: +@@ -28190,16 +27744,6 @@ __metadata: languageName: node linkType: hard @@ -744,7 +744,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "range-parser@npm:^1.2.1, range-parser@npm:~1.2.1": version: 1.2.1 resolution: "range-parser@npm:1.2.1" -@@ -30472,16 +30016,6 @@ __metadata: +@@ -30443,16 +29987,6 @@ __metadata: languageName: node linkType: hard @@ -761,7 +761,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "rollup-plugin-copy@npm:3.4.0": version: 3.4.0 resolution: "rollup-plugin-copy@npm:3.4.0" -@@ -30667,7 +30201,7 @@ __metadata: +@@ -30638,7 +30172,7 @@ __metadata: languageName: node linkType: hard @@ -770,7 +770,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 version: 5.2.1 resolution: "safe-buffer@npm:5.2.1" checksum: b99c4b41fdd67a6aaf280fcd05e9ffb0813654894223afb78a31f14a19ad220bba8aba1cb14eddce1fcfb037155fe6de4e861784eb434f7d11ed58d1e70dd491 -@@ -30683,7 +30217,7 @@ __metadata: +@@ -30654,7 +30188,7 @@ __metadata: languageName: node linkType: hard @@ -779,7 +779,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 version: 2.1.2 resolution: "safer-buffer@npm:2.1.2" checksum: cab8f25ae6f1434abee8d80023d7e72b598cf1327164ddab31003c51215526801e40b66c5e65d658a0af1e9d6478cadcb4c745f4bd6751f97d8644786c0978b0 -@@ -30920,12 +30454,10 @@ __metadata: +@@ -30891,12 +30425,10 @@ __metadata: languageName: node linkType: hard @@ -796,7 +796,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 languageName: node linkType: hard -@@ -31162,18 +30694,6 @@ __metadata: +@@ -31133,18 +30665,6 @@ __metadata: languageName: node linkType: hard @@ -815,7 +815,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "shallow-clone@npm:^3.0.0": version: 3.0.1 resolution: "shallow-clone@npm:3.0.1" -@@ -31821,27 +31341,6 @@ __metadata: +@@ -31830,27 +31350,6 @@ __metadata: languageName: node linkType: hard @@ -843,7 +843,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "ssri@npm:^6.0.1": version: 6.0.2 resolution: "ssri@npm:6.0.2" -@@ -33500,13 +32999,6 @@ __metadata: +@@ -33509,13 +33008,6 @@ __metadata: languageName: node linkType: hard @@ -857,7 +857,7 @@ index 1bb1a2f2f5..27fd81c9be 100644 "type-check@npm:^0.4.0, type-check@npm:~0.4.0": version: 0.4.0 resolution: "type-check@npm:0.4.0" -@@ -34320,17 +33812,6 @@ __metadata: +@@ -34329,17 +33821,6 @@ __metadata: languageName: node linkType: soft diff --git a/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch b/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch index c065d2e..5bc27ab 100644 --- a/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch +++ b/0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch @@ -1,4 +1,4 @@ -From b540a2caa038568c39456c6a8189664d51ba5236 Mon Sep 17 00:00:00 2001 +From ee7dfe8a877a5a20e38896c2115aeb236ca7d453 Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr Date: Thu, 25 Nov 2021 18:49:52 +0100 Subject: [PATCH] notifications: use HMAC-SHA256 to generate password reset diff --git a/0007-skip-marketplace-plugin-install-test.patch b/0007-skip-marketplace-plugin-install-test.patch new file mode 100644 index 0000000..77d76e1 --- /dev/null +++ b/0007-skip-marketplace-plugin-install-test.patch @@ -0,0 +1,21 @@ +From 547c09f8771dac1ee451aa1761af9d50697d3888 Mon Sep 17 00:00:00 2001 +From: Andreas Gerstmayr +Date: Thu, 23 Jun 2022 17:00:46 +0200 +Subject: [PATCH] skip marketplace plugin install test + +This test (tries to) install a plugin from the Grafana marketplace. +Network connectivity is disabled in the build environment for security +reasons, therefore we need to disable this test. + +diff --git a/pkg/tests/api/plugins/api_plugins_test.go b/pkg/tests/api/plugins/api_plugins_test.go +index e86ce50830..fd60fbe67c 100644 +--- a/pkg/tests/api/plugins/api_plugins_test.go ++++ b/pkg/tests/api/plugins/api_plugins_test.go +@@ -55,6 +55,7 @@ func TestPlugins(t *testing.T) { + }) + + t.Run("Request is not forbidden if from an admin", func(t *testing.T) { ++ t.Skip("this test requires connectivity to the Grafana plugin marketplace (fetching metadata)") + statusCode, body := makePostRequest(t, grafanaAPIURL(usernameAdmin, grafanaListedAddr, "plugins/test/install")) + + assert.Equal(t, 404, statusCode) diff --git a/0008-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch b/0008-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch new file mode 100644 index 0000000..71eef60 --- /dev/null +++ b/0008-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch @@ -0,0 +1,20 @@ +From 37aed65376760b8459f4588a15ba55fe43131a8b Mon Sep 17 00:00:00 2001 +From: Andreas Gerstmayr +Date: Mon, 27 Jun 2022 17:12:27 +0200 +Subject: [PATCH] Prometheus: Fix integer overflow in rate interval calculation + on 32-bit architectures + + +diff --git a/pkg/tsdb/prometheus/buffered/time_series_query.go b/pkg/tsdb/prometheus/buffered/time_series_query.go +index 40db2d9100..0af2d3ecab 100644 +--- a/pkg/tsdb/prometheus/buffered/time_series_query.go ++++ b/pkg/tsdb/prometheus/buffered/time_series_query.go +@@ -326,7 +326,7 @@ func calculateRateInterval(interval time.Duration, scrapeInterval string, interv + return time.Duration(0) + } + +- rateInterval := time.Duration(int(math.Max(float64(interval+scrapeIntervalDuration), float64(4)*float64(scrapeIntervalDuration)))) ++ rateInterval := time.Duration(int64(math.Max(float64(interval+scrapeIntervalDuration), float64(4)*float64(scrapeIntervalDuration)))) + return rateInterval + } + diff --git a/0008-skip-marketplace-plugin-install-test.patch b/0008-skip-marketplace-plugin-install-test.patch deleted file mode 100644 index a6538dd..0000000 --- a/0008-skip-marketplace-plugin-install-test.patch +++ /dev/null @@ -1,21 +0,0 @@ -From 6cd629300d5cb10218ac9b4b23e3f97381acf502 Mon Sep 17 00:00:00 2001 -From: Andreas Gerstmayr -Date: Thu, 23 Jun 2022 17:00:46 +0200 -Subject: [PATCH] skip marketplace plugin install test - -This test (tries to) install a plugin from the Grafana marketplace. -Network connectivity is disabled in the build environment for security -reasons, therefore we need to disable this test. - -diff --git a/pkg/tests/api/plugins/api_plugins_test.go b/pkg/tests/api/plugins/api_plugins_test.go -index e86ce50830..fd60fbe67c 100644 ---- a/pkg/tests/api/plugins/api_plugins_test.go -+++ b/pkg/tests/api/plugins/api_plugins_test.go -@@ -55,6 +55,7 @@ func TestPlugins(t *testing.T) { - }) - - t.Run("Request is not forbidden if from an admin", func(t *testing.T) { -+ t.Skip("this test requires connectivity to the Grafana plugin marketplace (fetching metadata)") - statusCode, body := makePostRequest(t, grafanaAPIURL(usernameAdmin, grafanaListedAddr, "plugins/test/install")) - - assert.Equal(t, 404, statusCode) diff --git a/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch b/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch index c14fa0c..3e67d66 100644 --- a/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch +++ b/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch @@ -1,15 +1,15 @@ -From bcb0dae049ae5684762bf46fbee68e915fffca99 Mon Sep 17 00:00:00 2001 +From 9c3f27a440c515c3b8949c981a58666c7de3c8bc Mon Sep 17 00:00:00 2001 From: Andreas Gerstmayr -Date: Mon, 27 Jun 2022 17:12:27 +0200 +Date: Tue, 5 Jul 2022 17:04:13 +0200 Subject: [PATCH] Prometheus: Fix integer overflow in rate interval calculation - on 32-bit architectures + on 32-bit architectures 2 -diff --git a/pkg/tsdb/prometheus/buffered/time_series_query.go b/pkg/tsdb/prometheus/buffered/time_series_query.go -index 40db2d9100..0af2d3ecab 100644 ---- a/pkg/tsdb/prometheus/buffered/time_series_query.go -+++ b/pkg/tsdb/prometheus/buffered/time_series_query.go -@@ -326,7 +326,7 @@ func calculateRateInterval(interval time.Duration, scrapeInterval string, interv +diff --git a/pkg/tsdb/prometheus/models/query.go b/pkg/tsdb/prometheus/models/query.go +index bdd48d08ed..aa2b1f9945 100644 +--- a/pkg/tsdb/prometheus/models/query.go ++++ b/pkg/tsdb/prometheus/models/query.go +@@ -181,7 +181,7 @@ func calculateRateInterval(interval time.Duration, scrapeInterval string, interv return time.Duration(0) } diff --git a/0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch b/0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch deleted file mode 100644 index 743f1ee..0000000 --- a/0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch +++ /dev/null @@ -1,20 +0,0 @@ -From 1582ba252ce38745283b2ed4d3e573ec3e445c28 Mon Sep 17 00:00:00 2001 -From: Andreas Gerstmayr -Date: Tue, 5 Jul 2022 17:04:13 +0200 -Subject: [PATCH] Prometheus: Fix integer overflow in rate interval calculation - on 32-bit architectures 2 - - -diff --git a/pkg/tsdb/prometheus/models/query.go b/pkg/tsdb/prometheus/models/query.go -index bdd48d08ed..aa2b1f9945 100644 ---- a/pkg/tsdb/prometheus/models/query.go -+++ b/pkg/tsdb/prometheus/models/query.go -@@ -181,7 +181,7 @@ func calculateRateInterval(interval time.Duration, scrapeInterval string, interv - return time.Duration(0) - } - -- rateInterval := time.Duration(int(math.Max(float64(interval+scrapeIntervalDuration), float64(4)*float64(scrapeIntervalDuration)))) -+ rateInterval := time.Duration(int64(math.Max(float64(interval+scrapeIntervalDuration), float64(4)*float64(scrapeIntervalDuration)))) - return rateInterval - } - diff --git a/grafana.spec b/grafana.spec index 3cfbed1..ffb455c 100644 --- a/grafana.spec +++ b/grafana.spec @@ -22,7 +22,7 @@ end} %global gotestflags %{gotestflags} -tags=integration Name: grafana -Version: 9.0.8 +Version: 9.0.9 Release: 1%{?dist} Summary: Metrics dashboard and graph editor License: AGPLv3 @@ -66,10 +66,10 @@ Patch4: 0004-remove-unused-backend-dependencies.patch Patch5: 0005-remove-unused-frontend-crypto.patch # https://github.com/grafana/grafana/pull/42334 Patch6: 0006-notifications-use-HMAC-SHA256-to-generate-password-r.patch -Patch8: 0008-skip-marketplace-plugin-install-test.patch +Patch7: 0007-skip-marketplace-plugin-install-test.patch # https://github.com/grafana/grafana/pull/51508 +Patch8: 0008-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch Patch9: 0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch -Patch10: 0010-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch # Patches affecting the vendor tarball Patch1001: 1001-vendor-patch-removed-backend-crypto.patch @@ -297,7 +297,6 @@ Provides: bundled(npm(@grafana/google-sdk)) = 0.0.3 Provides: bundled(npm(@grafana/lezer-logql)) = 0.0.12 Provides: bundled(npm(@grafana/runtime)) = 0.0.0-use.local Provides: bundled(npm(@grafana/schema)) = 0.0.0-use.local -Provides: bundled(npm(@grafana/slate-react)) = 0.22.10-grafana Provides: bundled(npm(@grafana/toolkit)) = 0.0.0-use.local Provides: bundled(npm(@grafana/tsconfig)) = 1.2.0rc1 Provides: bundled(npm(@grafana/ui)) = 0.0.0-use.local @@ -381,7 +380,6 @@ Provides: bundled(npm(@types/eslint)) = 7.28.2 Provides: bundled(npm(@types/file-saver)) = 2.0.5 Provides: bundled(npm(@types/fs-extra)) = 8.1.2 Provides: bundled(npm(@types/google.analytics)) = 0.0.42 -Provides: bundled(npm(@types/grafana__slate-react)) = 0.22.5 Provides: bundled(npm(@types/history)) = 4.7.9 Provides: bundled(npm(@types/hoist-non-react-statics)) = 3.3.1 Provides: bundled(npm(@types/inquirer)) = 8.2.1 @@ -427,8 +425,9 @@ Provides: bundled(npm(@types/reselect)) = 2.2.0 Provides: bundled(npm(@types/rimraf)) = 3.0.2 Provides: bundled(npm(@types/semver)) = 7.3.9 Provides: bundled(npm(@types/sinon)) = 10.0.11 -Provides: bundled(npm(@types/slate)) = 0.47.2 +Provides: bundled(npm(@types/slate)) = 0.47.9 Provides: bundled(npm(@types/slate-plain-serializer)) = 0.7.2 +Provides: bundled(npm(@types/slate-react)) = 0.22.9 Provides: bundled(npm(@types/systemjs)) = 0.20.8 Provides: bundled(npm(@types/testing-library__jest-dom)) = 5.14.1 Provides: bundled(npm(@types/testing-library__react-hooks)) = 3.4.1 @@ -642,8 +641,9 @@ Provides: bundled(npm(selecto)) = 1.16.2 Provides: bundled(npm(semver)) = 5.7.1 Provides: bundled(npm(simple-git)) = 3.7.1 Provides: bundled(npm(sinon)) = 14.0.0 -Provides: bundled(npm(slate)) = 0.47.8 -Provides: bundled(npm(slate-plain-serializer)) = 0.7.10 +Provides: bundled(npm(slate)) = 0.47.9 +Provides: bundled(npm(slate-plain-serializer)) = 0.7.11 +Provides: bundled(npm(slate-react)) = 0.22.10 Provides: bundled(npm(storybook-dark-mode)) = 1.1.0 Provides: bundled(npm(style-loader)) = 1.3.0 Provides: bundled(npm(stylelint)) = 14.8.2 @@ -703,9 +703,9 @@ rm -r plugins-bundled %if 0%{?fedora} || 0%{?rhel} > 8 %patch6 -p1 %endif +%patch7 -p1 %patch8 -p1 %patch9 -p1 -%patch10 -p1 %patch1001 -p1 %if %{enable_fips_mode} @@ -889,6 +889,10 @@ OPENSSL_FORCE_FIPS_MODE=1 GOLANG_FIPS=1 go test -v ./pkg/util -run TestEncryptio %changelog +* Wed Sep 21 2022 Andreas Gerstmayr 9.0.9-1 +- update to 9.0.9 tagged upstream community sources, see CHANGELOG +- resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2128565) + * Thu Sep 15 2022 Andreas Gerstmayr 9.0.8-1 - update to 9.0.8 tagged upstream community sources, see CHANGELOG - do not list /usr/share/grafana/conf twice diff --git a/sources b/sources index 66988bd..c17ef41 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (grafana-9.0.8.tar.gz) = faa8497512f31646ad2391f080452b8d2fd7b6077df566f304d3d2aad22ea164d0f06dd03cf9af87be513ee1feea935562cbd264d5e58c0fd3dff3dd960f6afc -SHA512 (grafana-webpack-9.0.8-1.tar.gz) = 9bd7180b80363925ec0a8adf40316923e3f28aa6ce3980d20b82b84515ae72665cb6d6aa7ae878b26e17a64b84d0b19231eedc57d2d2dd78542ac70095335b51 -SHA512 (grafana-vendor-9.0.8-1.tar.xz) = 669f1a470ab011b0dee57438591a1be3d9597af912484862b6dfe7456450132267791034beadb8dc7f96eced7a77db675471f6fb1dd373928fab4317e429102c +SHA512 (grafana-9.0.9.tar.gz) = fe75923db2c3c6644f43de540c9357cb4bdb8b4a2f266488ae9bee5337039239581593de01b1504731167a8ab28004e542918ba2e1f2d11719052883a4c4d4da +SHA512 (grafana-webpack-9.0.9-1.tar.gz) = 7a78a8bb9f274bdf88405ebbd2805181417a9c7d3297d9e8b61894fb2a296cd550952e64a12e7de1b3771be2af63659d20f17e204d5f56fa057604d0afa9ee1a +SHA512 (grafana-vendor-9.0.9-1.tar.xz) = 25e9720035681c12664e47223516136ff6655d015c27cffdd16e753a77795b5db227be7ee80837d70b0c194239fcda6d9affcce37695fc4dc5dd8639e10d9ee7