Chore: Temporary set backend test timeout to 30 min (#42321)

* "Release: Updated versions in package to 8.3.0-beta.2"

* Update yarn.lock

Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>

.eslintignore

@@ -7,3 +7,4 @@ data
 dist
 e2e/tmp
 public/lib/monaco
+deployment_tools_config.json

.gitignore

@@ -149,3 +149,5 @@ compilation-stats.json
 
 # auto generated Go files
 *_gen.go
+
+deployment_tools_config.json

.pa11yci-pr.conf.js

@@ -6,6 +6,7 @@ var config = {
     chromeLaunchConfig: {
       args: ['--no-sandbox'],
     },
+    hideElements: '#updateVersion',
   },
 
   urls: [

.pa11yci.conf.js

@@ -6,6 +6,7 @@ var config = {
     chromeLaunchConfig: {
       args: ['--no-sandbox'],
     },
+    hideElements: '#updateVersion',
   },
 
   urls: [

CHANGELOG.md

@@ -1,3 +1,76 @@
+<!-- 8.3.0-beta1 START -->
+
+# 8.3.0-beta1 (2021-11-18)
+
+### Features and enhancements
+
+- **AccessControl:** Apply fine-grained access control to licensing. (Enterprise)
+- **Alerting:** Add UI for contact point testing with custom annotations and labels. [#40491](https://github.com/grafana/grafana/pull/40491), [@nathanrodman](https://github.com/nathanrodman)
+- **Alerting:** Make alert state indicator in panel header work with Grafana 8 alerts. [#38713](https://github.com/grafana/grafana/pull/38713), [@domasx2](https://github.com/domasx2)
+- **Alerting:** Option for Discord notifier to use webhook name. [#40463](https://github.com/grafana/grafana/pull/40463), [@Skyebold](https://github.com/Skyebold)
+- **Annotations:** Deprecate AnnotationsSrv. [#39631](https://github.com/grafana/grafana/pull/39631), [@hugohaggmark](https://github.com/hugohaggmark)
+- **Auditing:** Add audit logs for unified alerting endpoints. (Enterprise)
+- **Auditing:** Add endpoints (plugins, datasources, library elements). (Enterprise)
+- **Auth:** Omit all base64 paddings in JWT tokens for the JWT auth. [#35602](https://github.com/grafana/grafana/pull/35602), [@gillg](https://github.com/gillg)
+- **Azure Monitor:** Clean up fields when editing Metrics. [#41762](https://github.com/grafana/grafana/pull/41762), [@andresmgot](https://github.com/andresmgot)
+- **AzureMonitor:** Add new starter dashboards. [#39876](https://github.com/grafana/grafana/pull/39876), [@jcolladokuri](https://github.com/jcolladokuri)
+- **AzureMonitor:** Add starter dashboard for app monitoring with Application Insights. [#40725](https://github.com/grafana/grafana/pull/40725), [@jcolladokuri](https://github.com/jcolladokuri)
+- **Barchart/Time series:** Allow x axis label. [#41142](https://github.com/grafana/grafana/pull/41142), [@oscarkilhed](https://github.com/oscarkilhed)
+- **CLI:** Improve error handling for installing plugins. [#41257](https://github.com/grafana/grafana/pull/41257), [@marefr](https://github.com/marefr)
+- **CloudMonitoring:** Migrate to use backend plugin SDK contracts. [#38650](https://github.com/grafana/grafana/pull/38650), [@idafurjes](https://github.com/idafurjes)
+- **CloudWatch Logs:** Add retry strategy for hitting max concurrent queries. [#39290](https://github.com/grafana/grafana/pull/39290), [@aocenas](https://github.com/aocenas)
+- **CloudWatch:** Add AWS RoboMaker metrics and dimension. [#41450](https://github.com/grafana/grafana/pull/41450), [@ilyastoli](https://github.com/ilyastoli)
+- **CloudWatch:** Add AWS Transfer metrics and dimension. [#41168](https://github.com/grafana/grafana/pull/41168), [@ilyastoli](https://github.com/ilyastoli)
+- **Dashboard:** replace datasource name with a reference object. [#33817](https://github.com/grafana/grafana/pull/33817), [@ryantxu](https://github.com/ryantxu)
+- **Dashboards:** Show logs on time series when hovering. [#40110](https://github.com/grafana/grafana/pull/40110), [@ryantxu](https://github.com/ryantxu)
+- **Elasticsearch:** Add support for Elasticsearch 8.0 (Beta). [#41729](https://github.com/grafana/grafana/pull/41729), [@Elfo404](https://github.com/Elfo404)
+- **Elasticsearch:** Add time zone setting to Date Histogram aggregation. [#40882](https://github.com/grafana/grafana/pull/40882), [@Elfo404](https://github.com/Elfo404)
+- **Elasticsearch:** Enable full range log volume histogram. [#41202](https://github.com/grafana/grafana/pull/41202), [@ifrost](https://github.com/ifrost)
+- **Elasticsearch:** Full range logs volume. [#40700](https://github.com/grafana/grafana/pull/40700), [@ifrost](https://github.com/ifrost)
+- **Explore:** Allow changing the graph type. [#40522](https://github.com/grafana/grafana/pull/40522), [@gabor](https://github.com/gabor)
+- **Explore:** Show ANSI colors when highlighting matched words in the logs panel. [#40971](https://github.com/grafana/grafana/pull/40971), [@oliverfrye](https://github.com/oliverfrye)
+- **Graph(old) panel:** Listen to events from Time series panel. [#41033](https://github.com/grafana/grafana/pull/41033), [@zoltanbedi](https://github.com/zoltanbedi)
+- **Import:** Load gcom dashboards from URL. [#41799](https://github.com/grafana/grafana/pull/41799), [@ashharrison90](https://github.com/ashharrison90)
+- **LibraryPanels:** Improves export and import of library panels between orgs. [#39214](https://github.com/grafana/grafana/pull/39214), [@hugohaggmark](https://github.com/hugohaggmark)
+- **OAuth:** Support PKCE. [#39948](https://github.com/grafana/grafana/pull/39948), [@sakjur](https://github.com/sakjur)
+- **Panel edit:** Overrides now highlight correctly when searching. [#41684](https://github.com/grafana/grafana/pull/41684), [@ashharrison90](https://github.com/ashharrison90)
+- **PanelEdit:** Display drag indicators on draggable sections. [#41711](https://github.com/grafana/grafana/pull/41711), [@ashharrison90](https://github.com/ashharrison90)
+- **Plugins:** Refactor Plugin Management. [#40477](https://github.com/grafana/grafana/pull/40477), [@wbrowne](https://github.com/wbrowne)
+- **Prometheus:** Add custom query parameters when creating PromLink url. [#41213](https://github.com/grafana/grafana/pull/41213), [@Ian-Yy](https://github.com/Ian-Yy)
+- **Prometheus:** Remove limits on metrics, labels, and values in Metrics Browser. [#40660](https://github.com/grafana/grafana/pull/40660), [@autoric](https://github.com/autoric)
+- **StateTimeline:** Share cursor with rest of the panels. [#41038](https://github.com/grafana/grafana/pull/41038), [@zoltanbedi](https://github.com/zoltanbedi)
+- **Tempo:** Add error details when json upload fails. [#41803](https://github.com/grafana/grafana/pull/41803), [@aocenas](https://github.com/aocenas)
+- **Tempo:** Add filtering for service graph query. [#41162](https://github.com/grafana/grafana/pull/41162), [@aocenas](https://github.com/aocenas)
+- **Tempo:** Add links to nodes in Service Graph pointing to Prometheus metrics. [#41135](https://github.com/grafana/grafana/pull/41135), [@aocenas](https://github.com/aocenas)
+- **Time series/Bar chart panel:** Add ability to sort series via legend. [#40226](https://github.com/grafana/grafana/pull/40226), [@zoltanbedi](https://github.com/zoltanbedi)
+- **TimeSeries:** Allow multiple axes for the same unit. [#41635](https://github.com/grafana/grafana/pull/41635), [@dprokop](https://github.com/dprokop)
+- **TraceView:** Allow span links defined on dataFrame. [#40563](https://github.com/grafana/grafana/pull/40563), [@aocenas](https://github.com/aocenas)
+- **Transformations:** Support a rows mode in labels to fields. [#41020](https://github.com/grafana/grafana/pull/41020), [@ryantxu](https://github.com/ryantxu)
+- **ValueMappings:** Don't apply field config defaults to time fields. [#41132](https://github.com/grafana/grafana/pull/41132), [@torkelo](https://github.com/torkelo)
+- **Variables:** Only update panels that are impacted by variable change. [#39420](https://github.com/grafana/grafana/pull/39420), [@hugohaggmark](https://github.com/hugohaggmark)
+
+### Bug fixes
+
+- **API:** Fix dashboard quota limit for imports. [#41495](https://github.com/grafana/grafana/pull/41495), [@yangkb09](https://github.com/yangkb09)
+- **Alerting:** Fix rule editor issues with Azure Monitor data source. [#41317](https://github.com/grafana/grafana/pull/41317), [@domasx2](https://github.com/domasx2)
+- **Azure monitor:** Make sure alert rule editor is not enabled when template variables are being used. [#41335](https://github.com/grafana/grafana/pull/41335), [@sunker](https://github.com/sunker)
+- **CloudMonitoring:** Fix annotation queries. [#41529](https://github.com/grafana/grafana/pull/41529), [@sunker](https://github.com/sunker)
+- **CodeEditor:** Trigger the latest getSuggestions() passed to CodeEditor. [#40544](https://github.com/grafana/grafana/pull/40544), [@DukeManh](https://github.com/DukeManh)
+- **Dashboard:** Remove the current panel from the list of options in the Dashboard datasource. [#41826](https://github.com/grafana/grafana/pull/41826), [@ashharrison90](https://github.com/ashharrison90)
+- **Encryption:** Fix decrypting secrets in alerting migration. [#41061](https://github.com/grafana/grafana/pull/41061), [@undef1nd](https://github.com/undef1nd)
+- **InfluxDB:** Fix corner case where index is too large in ALIAS field. [#41562](https://github.com/grafana/grafana/pull/41562), [@gabor](https://github.com/gabor)
+- **NavBar:** Order App plugins alphabetically. [#40078](https://github.com/grafana/grafana/pull/40078), [@ashharrison90](https://github.com/ashharrison90)
+- **NodeGraph:** Fix zooming sensitivity on touchpads. [#40718](https://github.com/grafana/grafana/pull/40718), [@aocenas](https://github.com/aocenas)
+- **Plugins:** Add OAuth pass-through logic to api/ds/query endpoint. [#41352](https://github.com/grafana/grafana/pull/41352), [@wbrowne](https://github.com/wbrowne)
+- **Snapshots:** Fix panel inspector for snapshot data. [#41530](https://github.com/grafana/grafana/pull/41530), [@joshhunt](https://github.com/joshhunt)
+- **Tempo:** Fix basic auth password reset on adding tag. [#41808](https://github.com/grafana/grafana/pull/41808), [@aocenas](https://github.com/aocenas)
+- **ValueMapping:** Fixes issue with regex mappings. [#41515](https://github.com/grafana/grafana/pull/41515), [@mcdee](https://github.com/mcdee)
+
+### Plugin development fixes & changes
+
+- **grafana/ui:** Enable slider marks display. [#41275](https://github.com/grafana/grafana/pull/41275), [@dprokop](https://github.com/dprokop)
+
+<!-- 8.3.0-beta1 END -->
 <!-- 8.2.5 START -->
 
 # 8.2.5 (2021-11-18)
@@ -5,6 +78,7 @@
 ### Bug fixes
 
 - **Alerting:** Fix a bug where the metric in the evaluation string was not correctly populated. [#41731](https://github.com/grafana/grafana/pull/41731), [@JohnnyQQQQ](https://github.com/JohnnyQQQQ)
+- **Alerting:** Fix no data behaviour in Legacy Alerting for alert rules using the AND operator. [#41305](https://github.com/grafana/grafana/pull/41305), [@gerobinson](https://github.com/gerobinson)
 - **CloudMonitoring:** Ignore min and max aggregation in MQL queries. [#41302](https://github.com/grafana/grafana/pull/41302), [@sunker](https://github.com/sunker)
 - **Dashboards:** 'Copy' is no longer added to new dashboard titles. [#41344](https://github.com/grafana/grafana/pull/41344), [@joshhunt](https://github.com/joshhunt)
 - **DataProxy:** Fix overriding response body when response is a WebSocket upgrade. [#41364](https://github.com/grafana/grafana/pull/41364), [@marefr](https://github.com/marefr)
@@ -15,6 +89,14 @@
 - **Tempo:** Fix validation of float durations. [#41400](https://github.com/grafana/grafana/pull/41400), [@ivanahuckova](https://github.com/ivanahuckova)
 - **Tracing:** Correct tags for each span are shown. [#41473](https://github.com/grafana/grafana/pull/41473), [@ivanahuckova](https://github.com/ivanahuckova)
 
+### Breaking changes
+
+### Fix No Data behaviour in Legacy Alerting
+
+In Grafana 8.2.5 and later, this change fixes a bug in the evaluation of alert rules when using the AND operator to compare two or more conditions. In Grafana 8.2.4 and earlier such alert rules would evaluate to `OK` if at least one, but not all, conditions returned no data. This change fixes that bug such that in Grafana 8.2.5 these alert rules now evaluate to `No Data`.
+
+If an alert should evaluate to `OK` when one or all conditions return `No Data` then this can be done via changing `If no data or all values are null` to `OK`. However, this will not preserve the old behaviour in 8.2.4 where an alert will be `OK` if at least one, but not all, conditions return no data and then `No Data` if all conditions return `No Data`. Issue [#41305](https://github.com/grafana/grafana/issues/41305)
+
 <!-- 8.2.5 END -->
 <!-- 8.2.4 START -->
 

Dockerfile

@@ -20,7 +20,7 @@ COPY emails emails
 ENV NODE_ENV production
 RUN yarn build
 
-FROM golang:1.17.0-alpine3.14 as go-builder
+FROM golang:1.17.3-alpine3.14 as go-builder
 
 RUN apk add --no-cache gcc g++ make
 
@@ -40,7 +40,7 @@ RUN go mod verify
 RUN make build-go
 
 # Final stage
-FROM alpine:3.14.2
+FROM alpine:3.14.3
 
 LABEL maintainer="Grafana team <hello@grafana.com>"
 

Dockerfile.ubuntu

@@ -21,7 +21,7 @@ COPY emails emails
 ENV NODE_ENV production
 RUN yarn build
 
-FROM golang:1.17.0 AS go-builder
+FROM golang:1.17.3 AS go-builder
 
 WORKDIR /src/grafana
 

conf/defaults.ini

@@ -228,9 +228,12 @@ admin_password = admin
 # used for signing
 secret_key = SW2YcwTIb9zpOOhoPsMm
 
-# key provider used for envelope encryption, default to static value specified by secret_key
+# current key provider used for envelope encryption, default to static value specified by secret_key
 encryption_provider = secretKey
 
+# list of configured key providers, space separated (Enterprise only): e.g., awskms.v1 azurekv.v1
+available_encryption_providers =
+
 # disable gravatar profile images
 disable_gravatar = false
 
@@ -735,8 +738,8 @@ global_alert_rule = -1
 
 #################################### Unified Alerting ####################
 [unified_alerting]
-# Enable the Unified Alerting sub-system and interface. When enabled we'll migrate all of your alert rules and notification channels to the new system. New alert rules will be created and your notification channels will be converted into an Alertmanager configuration. Previous data is preserved to enable backwards compatibility but new data is removed.
-enabled = false
+# Enable the Unified Alerting sub-system and interface. When enabled we'll migrate all of your alert rules and notification channels to the new system. New alert rules will be created and your notification channels will be converted into an Alertmanager configuration. Previous data is preserved to enable backwards compatibility but new data is removed when switching. When this configuration section and flag are not defined, the state is defined at runtime. See the documentation for more details.
+enabled =
 
 # Comma-separated list of organization IDs for which to disable unified alerting. Only supported if unified alerting is enabled.
 disabled_orgs =
@@ -790,8 +793,8 @@ min_interval = 10s
 
 #################################### Alerting ############################
 [alerting]
-# Disable legacy alerting engine & UI features
-enabled = true
+# Enable the legacy alerting sub-system and interface. If Unified Alerting is already enabled and you try to go back to legacy alerting, all data that is part of Unified Alerting will be deleted. When this configuration section and flag are not defined, the state is defined at runtime. See the documentation for more details.
+enabled =
 
 # Makes it possible to turn off alert execution but alerting UI is visible
 execute_alerts = true
@@ -968,7 +971,7 @@ enable_alpha = false
 app_tls_skip_verify_insecure = false
 # Enter a comma-separated list of plugin identifiers to identify plugins to load even if they are unsigned. Plugins with modified signatures are never loaded.
 allow_loading_unsigned_plugins =
-# Enable or disable installing plugins directly from within Grafana.
+# Enable or disable installing / uninstalling / updating plugins directly from within Grafana.
 plugin_admin_enabled = true
 plugin_admin_external_manage_enabled = false
 plugin_catalog_url = https://grafana.com/grafana/plugins/
@@ -1040,12 +1043,14 @@ rendering_chrome_bin =
 # Mode 'reusable' will have one browser instance and will create a new incognito page on each request.
 rendering_mode =
 
-# When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently. Default is 'browser'
+# When rendering_mode = clustered, you can instruct how many browsers or incognito pages can execute concurrently. Default is 'browser'
 # and will cluster using browser instances.
 # Mode 'context' will cluster using incognito pages.
 rendering_clustering_mode =
-# When rendering_mode = clustered you can define maximum number of browser instances/incognito pages that can execute concurrently..
+# When rendering_mode = clustered, you can define the maximum number of browser instances/incognito pages that can execute concurrently. Default is '5'.
 rendering_clustering_max_concurrency =
+# When rendering_mode = clustered, you can specify the duration a rendering request can take before it will time out. Default is `30` seconds.
+rendering_clustering_timeout =
 
 # Limit the maximum viewport width, height and device scale factor that can be requested.
 rendering_viewport_max_width =

conf/sample.ini

@@ -222,9 +222,12 @@
 # used for signing
 ;secret_key = SW2YcwTIb9zpOOhoPsMm
 
-# key provider used for envelope encryption, default to static value specified by secret_key
+# current key provider used for envelope encryption, default to static value specified by secret_key
 ;encryption_provider = secretKey
 
+# list of configured key providers, space separated (Enterprise only): e.g., awskms.v1 azurekv.v1
+;available_encryption_providers =
+
 # disable gravatar profile images
 ;disable_gravatar = false
 
@@ -713,7 +716,7 @@
 #################################### Unified Alerting ####################
 [unified_alerting]
 #Enable the Unified Alerting sub-system and interface. When enabled we'll migrate all of your alert rules and notification channels to the new system. New alert rules will be created and your notification channels will be converted into an Alertmanager configuration. Previous data is preserved to enable backwards compatibility but new data is removed.```
-;enabled = false
+;enabled = true
 
 # Comma-separated list of organization IDs for which to disable unified alerting. Only supported if unified alerting is enabled.
 ;disabled_orgs =
@@ -768,7 +771,7 @@
 #################################### Alerting ############################
 [alerting]
 # Disable legacy alerting engine & UI features
-;enabled = true
+;enabled = false
 
 # Makes it possible to turn off alert execution but alerting UI is visible
 ;execute_alerts = true
@@ -941,7 +944,7 @@
 ;app_tls_skip_verify_insecure = false
 # Enter a comma-separated list of plugin identifiers to identify plugins to load even if they are unsigned. Plugins with modified signatures are never loaded.
 ;allow_loading_unsigned_plugins =
-# Enable or disable installing plugins directly from within Grafana.
+# Enable or disable installing / uninstalling / updating plugins directly from within Grafana.
 ;plugin_admin_enabled = false
 ;plugin_admin_external_manage_enabled = false
 ;plugin_catalog_url = https://grafana.com/grafana/plugins/
@@ -1012,12 +1015,14 @@
 # Mode 'reusable' will have one browser instance and will create a new incognito page on each request.
 ;rendering_mode =
 
-# When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently. Default is 'browser'
+# When rendering_mode = clustered, you can instruct how many browsers or incognito pages can execute concurrently. Default is 'browser'
 # and will cluster using browser instances.
 # Mode 'context' will cluster using incognito pages.
 ;rendering_clustering_mode =
-# When rendering_mode = clustered you can define maximum number of browser instances/incognito pages that can execute concurrently..
+# When rendering_mode = clustered, you can define the maximum number of browser instances/incognito pages that can execute concurrently. Default is '5'.
 ;rendering_clustering_max_concurrency =
+# When rendering_mode = clustered, you can specify the duration a rendering request can take before it will time out. Default is `30` seconds.
+;rendering_clustering_timeout =
 
 # Limit the maximum viewport width, height and device scale factor that can be requested.
 ;rendering_viewport_max_width =

devenv/dev-dashboards/datasource-testdata/new_features_in_v74.json

@@ -2054,6 +2054,18 @@
                 "value": 0
               }
             ]
+          },
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "value"
+            },
+            "properties": [
+              {
+                "id": "custom.fillOpacity",
+                "value": 0
+              }
+            ]
           }
         ]
       },

devenv/dev-dashboards/panel-candlestick/candlestick.json

@@ -1,522 +1,481 @@
 {
-    "annotations": {
-      "list": [
-        {
-          "builtIn": 1,
-          "datasource": "-- Grafana --",
-          "enable": true,
-          "hide": true,
-          "iconColor": "rgba(0, 211, 255, 1)",
-          "name": "Annotations & Alerts",
-          "target": {
-            "limit": 100,
-            "matchAny": false,
-            "tags": [],
-            "type": "dashboard"
-          },
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "target": {
+          "limit": 100,
+          "matchAny": false,
+          "tags": [],
           "type": "dashboard"
-        }
-      ]
-    },
-    "editable": true,
-    "fiscalYearStartMonth": 0,
-    "graphTooltip": 2,
-    "id": 319,
-    "links": [],
-    "liveNow": false,
-    "panels": [
-      {
-        "fieldConfig": {
-          "defaults": {
-            "color": {
-              "mode": "palette-classic"
-            },
-            "custom": {
-              "axisLabel": "",
-              "axisPlacement": "auto",
-              "barAlignment": 0,
-              "drawStyle": "line",
-              "fillOpacity": 0,
-              "gradientMode": "none",
-              "hideFrom": {
-                "legend": false,
-                "tooltip": false,
-                "viz": false
-              },
-              "lineInterpolation": "linear",
-              "lineStyle": {
-                "dash": [
-                  10,
-                  10
-                ],
-                "fill": "dash"
-              },
-              "lineWidth": 1,
-              "pointSize": 5,
-              "scaleDistribution": {
-                "type": "linear"
-              },
-              "showPoints": "never",
-              "spanNulls": false,
-              "stacking": {
-                "group": "A",
-                "mode": "none"
-              },
-              "thresholdsStyle": {
-                "mode": "off"
-              }
-            },
-            "mappings": [],
-            "thresholds": {
-              "mode": "absolute",
-              "steps": [
-                {
-                  "color": "green"
-                },
-                {
-                  "color": "red",
-                  "value": 80
-                }
-              ]
-            },
-            "unit": "currencyUSD"
-          },
-          "overrides": [
-            {
-              "matcher": {
-                "id": "byName",
-                "options": "sma"
-              },
-              "properties": [
-                {
-                  "id": "color",
-                  "value": {
-                    "fixedColor": "orange",
-                    "mode": "fixed"
-                  }
-                },
-                {
-                  "id": "custom.lineWidth",
-                  "value": 5
-                },
-                {
-                  "id": "custom.lineStyle",
-                  "value": {
-                    "dash": [
-                      0,
-                      20
-                    ],
-                    "fill": "dot"
-                  }
-                }
-              ]
-            },
-            {
-              "matcher": {
-                "id": "byName",
-                "options": "bolup"
-              },
-              "properties": [
-                {
-                  "id": "custom.fillBelowTo",
-                  "value": "boldn"
-                },
-                {
-                  "id": "custom.fillOpacity",
-                  "value": 8
-                },
-                {
-                  "id": "color",
-                  "value": {
-                    "fixedColor": "blue",
-                    "mode": "fixed"
-                  }
-                }
-              ]
-            }
-          ]
         },
-        "gridPos": {
-          "h": 16,
-          "w": 12,
-          "x": 0,
-          "y": 0
-        },
-        "id": 2,
-        "options": {
-          "colorStrategy": "open-close",
-          "colors": {
-            "down": "red",
-            "up": "green"
-          },
-          "fields": {},
-          "legend": {
-            "calcs": [],
-            "displayMode": "list",
-            "placement": "bottom"
-          },
-          "mode": "candles+volume",
-          "candleStyle": "candles"
-        },
-        "targets": [
-          {
-            "csvFileName": "ohlc_dogecoin.csv",
-            "refId": "A",
-            "scenarioId": "csv_file"
-          }
-        ],
-        "title": "Price & Volume",
-        "type": "candlestick"
-      },
-      {
-        "fieldConfig": {
-          "defaults": {
-            "color": {
-              "mode": "palette-classic"
-            },
-            "custom": {
-              "axisLabel": "",
-              "axisPlacement": "auto",
-              "barAlignment": 0,
-              "drawStyle": "line",
-              "fillOpacity": 0,
-              "gradientMode": "none",
-              "hideFrom": {
-                "legend": false,
-                "tooltip": false,
-                "viz": false
-              },
-              "lineInterpolation": "linear",
-              "lineWidth": 1,
-              "pointSize": 5,
-              "scaleDistribution": {
-                "type": "linear"
-              },
-              "showPoints": "auto",
-              "spanNulls": false,
-              "stacking": {
-                "group": "A",
-                "mode": "none"
-              },
-              "thresholdsStyle": {
-                "mode": "off"
-              }
-            },
-            "mappings": [],
-            "thresholds": {
-              "mode": "absolute",
-              "steps": [
-                {
-                  "color": "green"
-                },
-                {
-                  "color": "red",
-                  "value": 80
-                }
-              ]
-            },
-            "unit": "currencyUSD"
-          },
-          "overrides": []
-        },
-        "gridPos": {
-          "h": 20,
-          "w": 12,
-          "x": 12,
-          "y": 0
-        },
-        "id": 7,
-        "options": {
-          "colorStrategy": "close-close",
-          "colors": {
-            "down": "red",
-            "up": "green"
-          },
-          "fields": {},
-          "legend": {
-            "calcs": [],
-            "displayMode": "list",
-            "placement": "bottom"
-          },
-          "mode": "candles",
-          "candleStyle": "candles"
-        },
-        "targets": [
-          {
-            "csvFileName": "ohlc_dogecoin.csv",
-            "refId": "A",
-            "scenarioId": "csv_file"
-          }
-        ],
-        "title": "Price Only, Hollow Candles",
-        "transformations": [
-          {
-            "id": "filterFieldsByName",
-            "options": {
-              "include": {
-                "names": [
-                  "time",
-                  "open",
-                  "high",
-                  "low",
-                  "close"
-                ]
-              }
-            }
-          }
-        ],
-        "type": "candlestick"
-      },
-      {
-        "fieldConfig": {
-          "defaults": {
-            "color": {
-              "mode": "palette-classic"
-            },
-            "custom": {
-              "axisLabel": "",
-              "axisPlacement": "auto",
-              "barAlignment": 0,
-              "drawStyle": "line",
-              "fillOpacity": 0,
-              "gradientMode": "none",
-              "hideFrom": {
-                "legend": false,
-                "tooltip": false,
-                "viz": false
-              },
-              "lineInterpolation": "linear",
-              "lineWidth": 1,
-              "pointSize": 5,
-              "scaleDistribution": {
-                "type": "linear"
-              },
-              "showPoints": "auto",
-              "spanNulls": false,
-              "stacking": {
-                "group": "A",
-                "mode": "none"
-              },
-              "thresholdsStyle": {
-                "mode": "off"
-              }
-            },
-            "mappings": [],
-            "thresholds": {
-              "mode": "absolute",
-              "steps": [
-                {
-                  "color": "green"
-                },
-                {
-                  "color": "red",
-                  "value": 80
-                }
-              ]
-            },
-            "unit": "currencyUSD"
-          },
-          "overrides": []
-        },
-        "gridPos": {
-          "h": 10,
-          "w": 12,
-          "x": 0,
-          "y": 16
-        },
-        "id": 6,
-        "options": {
-          "colorStrategy": "open-close",
-          "colors": {
-            "down": "red",
-            "up": "blue"
-          },
-          "fields": { },
-          "legend": {
-            "calcs": [],
-            "displayMode": "list",
-            "placement": "bottom"
-          },
-          "mode": "candles",
-          "candleStyle": "ohlcbars"
-        },
-        "targets": [
-          {
-            "csvFileName": "ohlc_dogecoin.csv",
-            "refId": "A",
-            "scenarioId": "csv_file"
-          }
-        ],
-        "title": "Price Only, OHLC Bars",
-        "transformations": [
-          {
-            "id": "filterFieldsByName",
-            "options": {
-              "include": {
-                "names": [
-                  "time",
-                  "open",
-                  "high",
-                  "low",
-                  "close"
-                ]
-              }
-            }
-          }
-        ],
-        "type": "candlestick"
-      },
-      {
-        "fieldConfig": {
-          "defaults": {
-            "color": {
-              "mode": "palette-classic"
-            },
-            "custom": {
-              "axisLabel": "",
-              "axisPlacement": "auto",
-              "barAlignment": 0,
-              "drawStyle": "line",
-              "fillOpacity": 100,
-              "gradientMode": "none",
-              "hideFrom": {
-                "legend": false,
-                "tooltip": false,
-                "viz": false
-              },
-              "lineInterpolation": "linear",
-              "lineWidth": 1,
-              "pointSize": 5,
-              "scaleDistribution": {
-                "type": "linear"
-              },
-              "showPoints": "auto",
-              "spanNulls": false,
-              "stacking": {
-                "group": "A",
-                "mode": "none"
-              },
-              "thresholdsStyle": {
-                "mode": "off"
-              }
-            },
-            "mappings": [],
-            "thresholds": {
-              "mode": "absolute",
-              "steps": [
-                {
-                  "color": "green"
-                },
-                {
-                  "color": "red",
-                  "value": 80
-                }
-              ]
-            },
-            "unit": "currencyUSD"
-          },
-          "overrides": [
-            {
-              "matcher": {
-                "id": "byName",
-                "options": "open"
-              },
-              "properties": [
-                {
-                  "id": "custom.hideFrom",
-                  "value": {
-                    "legend": true,
-                    "tooltip": true,
-                    "viz": true
-                  }
-                }
-              ]
-            },
-            {
-              "matcher": {
-                "id": "byName",
-                "options": "close"
-              },
-              "properties": [
-                {
-                  "id": "custom.hideFrom",
-                  "value": {
-                    "legend": true,
-                    "tooltip": true,
-                    "viz": true
-                  }
-                }
-              ]
-            }
-          ]
-        },
-        "gridPos": {
-          "h": 6,
-          "w": 12,
-          "x": 12,
-          "y": 20
-        },
-        "id": 4,
-        "options": {
-          "colorStrategy": "open-close",
-          "colors": {
-            "down": "red",
-            "up": "yellow"
-          },
-          "fields": {},
-          "legend": {
-            "calcs": [],
-            "displayMode": "list",
-            "placement": "bottom"
-          },
-          "mode": "volume",
-          "candleStyle": "candles"
-        },
-        "targets": [
-          {
-            "csvFileName": "ohlc_dogecoin.csv",
-            "refId": "A",
-            "scenarioId": "csv_file"
-          }
-        ],
-        "title": "Volume Only,  Alt Colors, 100% Opacity",
-        "transformations": [
-          {
-            "id": "filterFieldsByName",
-            "options": {
-              "include": {
-                "names": [
-                  "time",
-                  "volume",
-                  "open",
-                  "close"
-                ]
-              }
-            }
-          }
-        ],
-        "type": "candlestick"
+        "type": "dashboard"
       }
-    ],
-    "refresh": false,
-    "schemaVersion": 33,
-    "style": "dark",
-    "tags": [
-      "gdev",
-      "panel-tests",
-      "graph-ng"
-    ],
-    "templating": {
-      "list": []
+    ]
+  },
+  "editable": true,
+  "fiscalYearStartMonth": 0,
+  "graphTooltip": 2,
+  "links": [],
+  "liveNow": false,
+  "panels": [
+    {
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 0,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineStyle": {
+              "dash": [
+                10,
+                10
+              ],
+              "fill": "dash"
+            },
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green"
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "currencyUSD"
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "sma"
+            },
+            "properties": [
+              {
+                "id": "color",
+                "value": {
+                  "fixedColor": "orange",
+                  "mode": "fixed"
+                }
+              },
+              {
+                "id": "custom.lineWidth",
+                "value": 5
+              },
+              {
+                "id": "custom.lineStyle",
+                "value": {
+                  "dash": [
+                    0,
+                    20
+                  ],
+                  "fill": "dot"
+                }
+              }
+            ]
+          },
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "bolup"
+            },
+            "properties": [
+              {
+                "id": "custom.fillBelowTo",
+                "value": "boldn"
+              },
+              {
+                "id": "custom.fillOpacity",
+                "value": 8
+              },
+              {
+                "id": "color",
+                "value": {
+                  "fixedColor": "blue",
+                  "mode": "fixed"
+                }
+              }
+            ]
+          }
+        ]
+      },
+      "gridPos": {
+        "h": 16,
+        "w": 12,
+        "x": 0,
+        "y": 0
+      },
+      "id": 2,
+      "options": {
+        "candleStyle": "candles",
+        "colorStrategy": "open-close",
+        "colors": {
+          "down": "red",
+          "up": "green"
+        },
+        "fields": {},
+        "includeAllFields": true,
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom"
+        },
+        "mode": "candles+volume"
+      },
+      "targets": [
+        {
+          "csvFileName": "ohlc_dogecoin.csv",
+          "refId": "A",
+          "scenarioId": "csv_file"
+        }
+      ],
+      "title": "Price & Volume",
+      "type": "candlestick"
     },
-    "time": {
-      "from": "2021-07-13T22:13:30.740Z",
-      "to": "2021-07-13T22:46:18.921Z"
+    {
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 0,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "auto",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green"
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "currencyUSD"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 20,
+        "w": 12,
+        "x": 12,
+        "y": 0
+      },
+      "id": 7,
+      "options": {
+        "candleStyle": "candles",
+        "colorStrategy": "close-close",
+        "colors": {
+          "down": "red",
+          "up": "green"
+        },
+        "fields": {},
+        "includeAllFields": false,
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom"
+        },
+        "mode": "candles"
+      },
+      "targets": [
+        {
+          "csvFileName": "ohlc_dogecoin.csv",
+          "refId": "A",
+          "scenarioId": "csv_file"
+        }
+      ],
+      "title": "Price Only, Hollow Candles",
+      "transformations": [],
+      "type": "candlestick"
     },
-    "timepicker": {},
-    "timezone": "",
-    "title": "Candlestick",
-    "uid": "MP-Di9F7k",
-    "version": 7,
-    "weekStart": ""
-  }
+    {
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 0,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "auto",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green"
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "currencyUSD"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 10,
+        "w": 12,
+        "x": 0,
+        "y": 16
+      },
+      "id": 6,
+      "options": {
+        "candleStyle": "ohlcbars",
+        "colorStrategy": "open-close",
+        "colors": {
+          "down": "red",
+          "up": "blue"
+        },
+        "fields": {},
+        "includeAllFields": false,
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom"
+        },
+        "mode": "candles"
+      },
+      "targets": [
+        {
+          "csvFileName": "ohlc_dogecoin.csv",
+          "refId": "A",
+          "scenarioId": "csv_file"
+        }
+      ],
+      "title": "Price Only, OHLC Bars",
+      "transformations": [],
+      "type": "candlestick"
+    },
+    {
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 100,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "auto",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green"
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "currencyUSD"
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "open"
+            },
+            "properties": [
+              {
+                "id": "custom.hideFrom",
+                "value": {
+                  "legend": true,
+                  "tooltip": true,
+                  "viz": true
+                }
+              }
+            ]
+          },
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "close"
+            },
+            "properties": [
+              {
+                "id": "custom.hideFrom",
+                "value": {
+                  "legend": true,
+                  "tooltip": true,
+                  "viz": true
+                }
+              }
+            ]
+          }
+        ]
+      },
+      "gridPos": {
+        "h": 6,
+        "w": 12,
+        "x": 12,
+        "y": 20
+      },
+      "id": 4,
+      "options": {
+        "candleStyle": "candles",
+        "colorStrategy": "open-close",
+        "colors": {
+          "down": "red",
+          "up": "yellow"
+        },
+        "fields": {},
+        "includeAllFields": false,
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom"
+        },
+        "mode": "volume"
+      },
+      "targets": [
+        {
+          "csvFileName": "ohlc_dogecoin.csv",
+          "refId": "A",
+          "scenarioId": "csv_file"
+        }
+      ],
+      "title": "Volume Only,  Alt Colors, 100% Opacity",
+      "transformations": [],
+      "type": "candlestick"
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 33,
+  "style": "dark",
+  "tags": [
+    "gdev",
+    "panel-tests",
+    "graph-ng"
+  ],
+  "templating": {
+    "list": []
+  },
+  "time": {
+    "from": "2021-07-13T22:13:30.740Z",
+    "to": "2021-07-13T22:46:18.921Z"
+  },
+  "timepicker": {},
+  "timezone": "",
+  "title": "Candlestick",
+  "uid": "MP-Di9F7k",
+  "version": 2,
+  "weekStart": ""
+}

devenv/dev-dashboards/panel-graph/graph-ng.json

@@ -1426,6 +1426,10 @@
                   "fixedColor": "blue",
                   "mode": "fixed"
                 }
+              },
+              {
+                "id": "custom.fillOpacity",
+                "value": 0
               }
             ]
           }

docs/sources/administration/configuration.md

@@ -1582,7 +1582,7 @@ We do _not_ recommend using this option. For more information, refer to [Plugin
 
 ### plugin_admin_enabled
 
-Available to Grafana administrators only, the plugin admin app is set to `true` by default. Set it to `false` to disable the app.
+Available to Grafana administrators only, enables installing / uninstalling / updating plugins directly from the Grafana UI. Set to `true` by default. Setting it to `false` will hide the install / uninstall / update controls.
 
 For more information, refer to [Plugin catalog]({{< relref "../plugins/catalog.md" >}}).
 
@@ -1711,13 +1711,19 @@ Mode `reusable` will have one browser instance and will create a new incognito p
 
 ### rendering_clustering_mode
 
-When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently. Default is `browser` and will cluster using browser instances.
+When rendering_mode = clustered, you can instruct how many browsers or incognito pages can execute concurrently. Default is `browser` and will cluster using browser instances.
 
 Mode `context` will cluster using incognito pages.
 
 ### rendering_clustering_max_concurrency
 
-When rendering_mode = clustered you can define the maximum number of browser instances/incognito pages that can execute concurrently.
+When rendering_mode = clustered, you can define the maximum number of browser instances/incognito pages that can execute concurrently. Default is `5`.
+
+### rendering_clustering_timeout
+
+> **Note**: Available in grafana-image-renderer v3.3.0 and later versions.
+
+When rendering_mode = clustered, you can specify the duration a rendering request can take before it will time out. Default is `30` seconds.
 
 ### rendering_viewport_max_width
 

docs/sources/administration/database-encryption-enterprise.md

@@ -0,0 +1,22 @@
++++
+title = "Database encryption (Enterprise)"
+description = "Grafana Enterprise database encryption"
+keywords = ["grafana", "enterprise", "database", "encryption", "documentation"]
+aliases = [""]
+weight = 440
++++
+
+# Grafana Enterprise database encryption
+
+If you are using Grafana Enterprise, you can change Grafana’s cryptographic mode of operation from AES-CFB to AES-GCM, and integrate with a key management system (KMS) provider.
+
+## Changing your encryption mode to AES-GCM
+
+Grafana encrypts secrets using Advanced Encryption Standard in Cipher
+FeedBack mode (AES-CFB). You might prefer to use AES in Galois/Counter
+Mode (AES-GCM) instead, to meet your company’s security requirements or
+in order to maintain consistency with other services.
+
+To change your encryption mode, update the `algorithm` value in the
+`[security.encryption]` section of your Grafana configuration file.
+For details, refer to Enterprise configuration.

docs/sources/administration/database-encryption.md

@@ -0,0 +1,15 @@
++++
+title = "Database encryption"
+description = "Grafana database encryption"
+keywords = ["grafana", "database", "encryption", "documentation"]
+aliases = [""]
+weight = 450
++++
+
+# Grafana database encryption
+
+Grafana’s database contains secrets, which are used to query data sources, send alert notifications and perform other functions within Grafana.
+
+Grafana encrypts these secrets before they are written to the database, by using a symmetric-key encryption algorithm called Advanced Encryption Standard (AES), and using a [secret key]({{< relref "../administration/configuration/#secret_key" >}}) that you can change when you configure a new Grafana instance.
+
+You can also use envelope encryption, which complements a KMS integration by adding a layer of indirection to the encryption process.

docs/sources/alerting/unified-alerting/_index.md

@@ -23,3 +23,4 @@ Before you begin using Grafana 8 alerting, we recommend that you familiarize you
 ## Limitations
 
 - The Grafana 8 alerting system can retrieve rules from all available Prometheus, Loki, and Alertmanager data sources. It might not be able to fetch rules from other supported data sources.
+- Our aim is to support the latest two [minor](https://semver.org/) versions of both Prometheus and Alertmanager, older versions might work without any guarantees. As an example, if the current Prometheus version is `2.31.1`, we would support `>= 2.29.0`.

docs/sources/alerting/unified-alerting/alerting-rules/create-grafana-managed-rule.md

@@ -48,7 +48,7 @@ Use the classic condition expression to create a rule that triggers a single ale
 
 To generate a separate alert for each series, create a multi-dimensional rule. Use `Math`, `Reduce`, or `Resample` expressions to create a multi-dimensional rule. For example:
 
-- Add a `Reduce` expression for each query to aggregate values in the selected time range into a single value. (Not needed for [rules using numeric data]({{< relref "../fundamentals/grafana-managed-numeric-rule.md" >}})).
+- Add a `Reduce` expression for each query to aggregate values in the selected time range into a single value. (Not needed for [rules using numeric data]({{< relref "../fundamentals/evaluate-grafana-alerts.md#alerting-on-numeric-data-1" >}})).
 - Add a `Math` expression with the condition for the rule. Not needed in case a query or a reduce expression already returns 0 if rule should not fire, or a positive number if it should fire. Some examples: `$B > 70` if it should fire in case value of B query/expression is more than 70. `$B < $C * 100` in case it should fire if value of B is less than value of C multiplied by 100. If queries being compared have multiple series in their results, series from different queries are matched if they have the same labels or one is a subset of the other.
 
 ![Query section multi dimensional](/static/img/docs/alerting/unified/rule-edit-multi-8-0.png 'Query section multi dimensional screenshot')
@@ -63,13 +63,14 @@ For more information, see [expressions documentation]({{< relref "../../../panel
 
 Configure alerting behavior in the absence of data using information in the following tables.
 
-| No Data Option | Description                                                                                           |
-| -------------- | ----------------------------------------------------------------------------------------------------- |
-| No Data        | Set alert state to `NoData` and rule state to `Normal` (notifications are not sent on NoData states). |
-| Alerting       | Set alert rule state to `Alerting`.                                                                   |
-| Ok             | Set alert rule state to `Normal`.                                                                     |
+| No Data Option | Description                                                                                                                               |
+| -------------- | ----------------------------------------------------------------------------------------------------------------------------------------- |
+| No Data        | Create a new alert `DatasourceNoData` with the name and UID of the alert rule, and UID of the datasource that returned no data as labels. |
+| Alerting       | Set alert rule state to `Alerting`.                                                                                                       |
+| Ok             | Set alert rule state to `Normal`.                                                                                                         |
 
-| Error or timeout option | Description                        |
-| ----------------------- | ---------------------------------- |
-| Alerting                | Set alert rule state to `Alerting` |
-| OK                      | Set alert rule state to `Normal`   |
+| Error or timeout option | Description                                                                                                                              |
+| ----------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- |
+| Alerting                | Set alert rule state to `Alerting`                                                                                                       |
+| OK                      | Set alert rule state to `Normal`                                                                                                         |
+| Error                   | Create a new alert `DatasourceError` with the name and UID of the alert rule, and UID of the datasource that returned no data as labels. |

docs/sources/datasources/elasticsearch.md

@@ -20,12 +20,12 @@ visualize logs or metrics stored in Elasticsearch. You can also annotate your gr
 
 > **Note:** If you're not seeing the `Data Sources` link in your side menu it means that your current user does not have the `Admin` role for the current organization.
 
-| Name      | Description                                                                                                                           |
-| --------- | ------------------------------------------------------------------------------------------------------------------------------------- |
-| `Name`    | The data source name. This is how you refer to the data source in panels and queries.                                                 |
-| `Default` | Default data source means that it will be pre-selected for new panels.                                                                |
-| `Url`     | The HTTP protocol, IP, and port of your Elasticsearch server.                                                                         |
-| `Access`  | Server (default) = URL needs to be accessible from the Grafana backend/server, Browser = URL needs to be accessible from the browser. |
+| Name      | Description                                                                                                                                                                                                                    |
+| --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `Name`    | The data source name. This is how you refer to the data source in panels and queries.                                                                                                                                          |
+| `Default` | Default data source means that it will be pre-selected for new panels.                                                                                                                                                         |
+| `Url`     | The HTTP protocol, IP, and port of your Elasticsearch server.                                                                                                                                                                  |
+| `Access`  | Server (default) = URL needs to be accessible from the Grafana backend/server, Browser = URL needs to be accessible from the browser. **Note**: Browser (direct) access is deprecated and will be removed in a future release. |
 
 Access mode controls how requests to the data source will be handled. Server should be the preferred way if nothing else stated.
 

docs/sources/datasources/influxdb/_index.md

@@ -27,21 +27,19 @@ InfluxDB data source options differ depending on which [query language](#query-l
 
 These options apply if you are using the InfluxQL query language. If you are using Flux, refer to [Flux support in Grafana]({{< relref "influxdb-flux.md" >}}).
 
-| Name      | Description                                                                                                                            |
-| --------- | -------------------------------------------------------------------------------------------------------------------------------------- |
-| `Name`    | The data source name. This is how you refer to the data source in panels and queries. We recommend something like `InfluxDB-InfluxQL`. |
-| `Default` | Default data source means that it will be pre-selected for new panels.                                                                 |
-| `URL`     | The HTTP protocol, IP address and port of your InfluxDB API. InfluxDB API port is by default 8086.                                     |
-| `Access`  | Server (default) = URL needs to be accessible from the Grafana backend/server, Browser = URL needs to be accessible from the browser.  |
-
-**Note**: Browser access is deprecated and will be removed in a future release.
-`Allowed cookies`| Cookies that will be forwarded to the data source. All other cookies will be deleted.
-`Database` | The ID of the bucket you want to query from, copied from the [Buckets page](https://docs.influxdata.com/influxdb/v2.0/organizations/buckets/view-buckets/) of the InfluxDB UI.
-`User` | The username you use to sign into InfluxDB.
-`Password` | The token you use to query the bucket above, copied from the [Tokens page](https://docs.influxdata.com/influxdb/v2.0/security/tokens/view-tokens/) of the InfluxDB UI.
-`HTTP mode` | How to query the database (`GET` or `POST` HTTP verb). The `POST` verb allows heavy queries that would return an error using the `GET` verb. Default is `GET`.
-`Min time interval` | (Optional) Refer to [Min time interval]({{< relref "#min-time-interval" >}}).
-`Max series`| (Optional) Limits the number of series/tables that Grafana processes. Lower this number to prevent abuse, and increase it if you have lots of small time series and not all are shown. Defaults to 1000.
+| Name                | Description                                                                                                                                                                                                                    |
+| ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `Name`              | The data source name. This is how you refer to the data source in panels and queries. We recommend something like `InfluxDB-InfluxQL`.                                                                                         |
+| `Default`           | Default data source means that it will be pre-selected for new panels.                                                                                                                                                         |
+| `URL`               | The HTTP protocol, IP address and port of your InfluxDB API. InfluxDB API port is by default 8086.                                                                                                                             |
+| `Access`            | Server (default) = URL needs to be accessible from the Grafana backend/server, Browser = URL needs to be accessible from the browser. **Note**: Browser (direct) access is deprecated and will be removed in a future release. |
+| `Allowed cookies`   | Cookies that will be forwarded to the data source. All other cookies will be deleted.                                                                                                                                          |
+| `Database`          | The ID of the bucket you want to query from, copied from the [Buckets page](https://docs.influxdata.com/influxdb/v2.0/organizations/buckets/view-buckets/) of the InfluxDB UI.                                                 |
+| `User`              | The username you use to sign into InfluxDB.                                                                                                                                                                                    |
+| `Password`          | The token you use to query the bucket above, copied from the [Tokens page](https://docs.influxdata.com/influxdb/v2.0/security/tokens/view-tokens/) of the InfluxDB UI.                                                         |
+| `HTTP mode`         | How to query the database (`GET` or `POST` HTTP verb). The `POST` verb allows heavy queries that would return an error using the `GET` verb. Default is `GET`.                                                                 |
+| `Min time interval` | (Optional) Refer to [Min time interval]({{< relref "#min-time-interval" >}}).                                                                                                                                                  |
+| `Max series`        | (Optional) Limits the number of series/tables that Grafana processes. Lower this number to prevent abuse, and increase it if you have lots of small time series and not all are shown. Defaults to 1000.                       |
 
 ### Flux
 

docs/sources/datasources/tempo.md

@@ -36,7 +36,7 @@ This is a configuration for the [trace to logs feature]({{< relref "../explore/t
 - **Filter by Trace ID -** Toggle to append the trace ID to the Loki query.
 - **Filter by Span ID -** Toggle to append the span ID to the Loki query.
 
-![Trace to logs settings](/static/img/docs/explore/trace-to-logs-settings-8-2.png 'Screenshot of the trace to logs settings')
+{{< figure src="/static/img/docs/explore/traces-to-logs-settings-8-2.png" class="docs-image--no-shadow" caption="Screenshot of the trace to logs settings" >}}
 
 ### Node Graph
 
@@ -49,18 +49,16 @@ This is a configuration for the beta Node Graph visualization. The Node Graph is
 You can query and display traces from Tempo via [Explore]({{< relref "../explore/_index.md" >}}).
 You can search for traces if you set up the trace to logs setting in the data source configuration page. To find traces to visualize, use the [Loki query editor]({{< relref "loki.md#loki-query-editor" >}}). To get search results, you must have [derived fields]({{< relref "loki.md#derived-fields" >}}) configured, which point to this data source.
 
-{{< figure src="/static/img/docs/tempo/query-editor-search.png" class="docs-image--no-shadow" caption="Screenshot of the Tempo query editor showing the search tab" >}}
+{{< figure src="/static/img/docs/tempo/query-editor-search.png" class="docs-image--no-shadow" max-width="750px" caption="Screenshot of the Tempo query editor showing the search tab" >}}
 
 To query a particular trace, select the **TraceID** query type, and then put the ID into the Trace ID field.
 
-{{< figure src="/static/img/docs/tempo/query-editor-traceid.png" class="docs-image--no-shadow" caption="Screenshot of the Tempo TraceID query type" >}}
+{{< figure src="/static/img/docs/tempo/query-editor-traceid.png" class="docs-image--no-shadow" max-width="750px" caption="Screenshot of the Tempo TraceID query type" >}}
 
 ## Upload JSON trace file
 
 You can upload a JSON file that contains a single trace to visualize it. If the file has multiple traces then the first trace is used for visualization.
 
-{{< figure src="/static/img/docs/explore/tempo-upload-json.png" class="docs-image--no-shadow" caption="Screenshot of the Tempo data source in explore with upload selected" >}}
-
 Here is an example JSON:
 
 ```json

docs/sources/developers/plugins/_index.md

@@ -76,9 +76,9 @@ Learn more about Grafana options and packages.
 
 #### Typescript
 
-- [Grafana Data]({{< relref "../../packages_api/data/_index.md" >}})
-- [Grafana Runtime]({{< relref "../../packages_api/runtime/_index.md" >}})
-- [Grafana UI]({{< relref "../../packages_api/ui/_index.md" >}})
+- Grafana Data
+- Grafana Runtime
+- Grafana UI
 
 #### Go
 

docs/sources/developers/plugins/add-support-for-explore-queries.md

@@ -46,7 +46,7 @@ The query editor for Explore is similar to the query editor for the data source
      .setExploreQueryField(ExploreQueryEditor);
    ```
 
-1. Add a [QueryField]({{< relref "../../packages_api/ui/queryfield.md" >}}) to `ExploreQueryEditor`.
+1. Add a `QueryField` to `ExploreQueryEditor`.
 
    ```ts
    import { QueryField } from '@grafana/ui';

docs/sources/developers/plugins/add-support-for-variables.md

@@ -24,7 +24,7 @@ Grafana provides a couple of helper functions to interpolate variables in a stri
 
 ## Interpolate variables in panel plugins
 
-For panels, the [replaceVariables]({{< relref "../../packages_api/data/panelprops.md#replacevariables-property" >}}) function is available in the [PanelProps]({{< relref "../../packages_api/data/panelprops.md" >}}).
+For panels, the `replaceVariables` function is available in the PanelProps.
 
 Add `replaceVariables` to the argument list, and pass it a user-defined template string.
 
@@ -38,7 +38,7 @@ export const SimplePanel: React.FC<Props> = ({ options, data, width, height, rep
 
 ## Interpolate variables in data source plugins
 
-For data sources, you need to use the [getTemplateSrv]({{< relref "../../packages_api/runtime/gettemplatesrv.md" >}}), which returns an instance of [TemplateSrv]({{< relref "../../packages_api/runtime/templatesrv.md" >}}).
+For data sources, you need to use the getTemplateSrv, which returns an instance of TemplateSrv.
 
 1. Import `getTemplateSrv` from the `runtime` package.
 
@@ -80,7 +80,7 @@ For more information on the available variable formats, refer to [Advanced varia
 
 ## Set a variable from your plugin
 
-Not only can you read the value of a variable, you can also update the variable from your plugin. Use [LocationSrv.update()]({{< relref "../../packages_api/runtime/locationsrv.md/#update-method" >}}) to update a variable using query parameters.
+Not only can you read the value of a variable, you can also update the variable from your plugin. Use LocationSrv.update()
 
 The following example shows how to update a variable called `service`.
 
@@ -117,7 +117,7 @@ export interface MyVariableQuery {
 }
 ```
 
-For a data source to support query variables, you must override the [`metricFindQuery`]({{< relref "../../packages_api/data/datasourceapi.md#metricfindquery-method" >}}) in your `DataSourceApi` class. `metricFindQuery` returns an array of [`MetricFindValue`]({{< relref "../../packages_api/data/metricfindvalue.md" >}}) which has a single property, `text`:
+For a data source to support query variables, you must override the `metricFindQuery` in your `DataSourceApi` class. `metricFindQuery` returns an array of `MetricFindValue` which has a single property, `text`:
 
 ```ts
 async metricFindQuery(query: MyVariableQuery, options?: any) {

docs/sources/developers/plugins/build-a-logs-data-source-plugin.md

@@ -74,7 +74,7 @@ const frame = new MutableDataFrame({
 
 To help filter log lines, many log systems let you query logs based on metadata, or _labels_.
 
-You can add labels to a stream of logs by setting the [labels](../../packages_api/data/field.md#labels-property) property on the [Field]({{< relref "../../packages_api/data/field.md" >}}).
+You can add labels to a stream of logs by setting the labels property on the Field.
 
 **Example**:
 

docs/sources/developers/plugins/working-with-data-frames.md

@@ -6,7 +6,7 @@ title = "Working with data frames"
 
 The data frame is a columnar data structure which allows efficient querying of large amounts of data. Since data frames are a central concept when developing plugins for Grafana, in this guide we'll look at some ways you can use them.
 
-The [DataFrame]({{< relref "../../packages_api/data/dataframe.md" >}}) interface contains a `name` and an array of `fields` where each field contains the name, type, and the values for the field.
+The DataFrame interface contains a `name` and an array of `fields` where each field contains the name, type, and the values for the field.
 
 > **Note:** If you're looking to migrate an existing plugin to use the data frame format, refer to [Migrate to data frames]({{< relref "migration-guide.md#migrate-to-data-frames" >}}).
 
@@ -14,7 +14,7 @@ The [DataFrame]({{< relref "../../packages_api/data/dataframe.md" >}}) interface
 
 If you build a data source plugin, then you'll most likely want to convert a response from an external API to a data frame. Let's look at how to create a data frame.
 
-Let's start with creating a simple data frame that represents a time series. The easiest way to create a data frame is to use the [toDataFrame]({{< relref "../../packages_api/data/todataframe.md" >}}) function.
+Let's start with creating a simple data frame that represents a time series. The easiest way to create a data frame is to use the toDataFrame function.
 
 ```ts
 // Need to be of the same length.
@@ -78,7 +78,7 @@ for (let i = 0; i < frame.length; i++) {
 }
 ```
 
-Alternatively, you can use the [DataFrameView]({{< relref "../../packages_api/data/dataframeview.md" >}}), which gives you an array of objects that contain a property for each field in the frame.
+Alternatively, you can use the DataFrameView, which gives you an array of objects that contain a property for each field in the frame.
 
 ```ts
 const view = new DataFrameView(frame);
@@ -113,7 +113,7 @@ return (
 );
 ```
 
-To apply field options to the name of a field, use [getFieldDisplayName]({{< relref "../../packages_api/data/getfielddisplayname.md" >}}).
+To apply field options to the name of a field, use getFieldDisplayName.
 
 ```ts
 const valueField = frame.fields.find((field) => field.type === FieldType.number);

docs/sources/enterprise/access-control/_index.md

@@ -21,18 +21,23 @@ Fine-grained access control considers a) _who_ has an access (`identity`), and b
 
 You can grant, change, or revoke access to _users_ (`identity`). When an authenticated user tries to access a Grafana resource, the authorization system checks the required fine-grained permissions for the resource and determines whether or not the action is allowed. Refer to [Fine-grained permissions]({{< relref "./permissions.md" >}}) for a complete list of available permissions.
 
-To grant or revoke access to your users, create or remove built-in role assignments. For more information, refer to [Built-in role assignments]({{< relref "./roles.md#built-in-role-assignments" >}}).
+Refer to [Assign roles]({{< relref "./roles.md#assign-roles" >}}) to learn about grant or revoke access to your users.
 
 ## Resources with fine-grained permissions
 
-Fine-grained access control is currently available for [Reporting]({{< relref "../reporting.md" >}}) and [Managing Users]({{< relref "../../manage-users/_index.md" >}}).
-To learn more about specific endpoints where you can use access control, refer to [Permissions]({{< relref "./permissions.md" >}}) and to the relevant API guide:
+Fine-grained access control is available for the following capabilities:
 
-- [Fine-grained access control API]({{< relref "../../http_api/access_control.md" >}})
-- [Admin API]({{< relref "../../http_api/admin.md" >}})
-- [Organization API]({{< relref "../../http_api/org.md" >}})
-- [Reporting API]({{< relref "../../http_api/reporting.md" >}})
-- [User API]({{< relref "../../http_api/user.md" >}})
+- [Use Explore mode]({{< relref "../../explore/_index.md" >}})
+- [Manage users]({{< relref "../../manage-users/_index.md" >}})
+- [Manage LDAP authentication]({{< relref "../../auth/ldap/_index.md" >}})
+- [Manage data sources]({{< relref "../../datasources/_index.md" >}})
+- [Manage data source permissions]({{< relref "../datasource_permissions.md" >}})
+- [Manage a Grafana Enterprise license]({{< relref "../license/_index.md" >}})
+- [Provision Grafana]({{< relref "../../administration/provisioning/_index.md" >}})
+- [Manage reports]({{< relref "../reporting.md" >}})
+- [View server information]({{< relref "../../administration/view-server/_index.md" >}})
+
+To learn about specific endpoints where you can use fine-grained access control, refer to [Permissions]({{< relref "./permissions.md" >}}) and to the relevant [API]({{< relref "../../http_api/_index.md" >}}) documentation.
 
 ## Enable fine-grained access control
 

docs/sources/enterprise/access-control/fine-grained-access-control-references.md

@@ -13,8 +13,8 @@ The reference information that follows complements conceptual information about
 
 | Fixed roles                            | Permissions                                                                                                                                                                                                                                                              | Descriptions                                                                                                                                                                                                                                                                          |
 | -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `fixed:roles:reader`                   | `roles:read`<br>`roles:list`<br>`roles.builtin:list`                                                                                                                                                                                                                     | Read all access control roles and built-in role assignments.                                                                                                                                                                                                                          |
-| `fixed:roles:writer`                   | All permissions from `fixed:roles:reader` and <br>`roles:write`<br>`roles:delete`<br>`roles.builtin:add`<br>`roles.builtin:remove`                                                                                                                                       | Create, read, update, or delete all roles and built-in role assignments.                                                                                                                                                                                                              |
+| `fixed:roles:reader`                   | `roles:read`<br>`roles:list`<br>`users.roles:list`<br>`users.permissions:list`<br>`roles.builtin:list`                                                                                                                                                                   | Read all access control roles, roles and permissions assigned to users and built-in role assignments.                                                                                                                                                                                 |
+| `fixed:roles:writer`                   | All permissions from `fixed:roles:reader` and <br>`roles:write`<br>`roles:delete`<br>`users.roles:add`<br>`users.roles:remove`<br>`roles.builtin:add`<br>`roles.builtin:remove`                                                                                          | Create, read, update, or delete all roles, assign or unassign roles to users and built-in role assignments.                                                                                                                                                                           |
 | `fixed:reports:reader`                 | `reports:read`<br>`reports:send`<br>`reports.settings:read`                                                                                                                                                                                                              | Read all reports and shared report settings.                                                                                                                                                                                                                                          |
 | `fixed:reports:writer`                 | All permissions from `fixed:reports:reader` and <br>`reports.admin:write`<br>`reports:delete`<br>`reports.settings:write`                                                                                                                                                | Create, read, update, or delete all reports and shared report settings.                                                                                                                                                                                                               |
 | `fixed:users:reader`                   | `users:read`<br>`users.quotas:list`<br>`users.authtoken:list`<br>`users.teams:read`                                                                                                                                                                                      | Read all users and their information, such as team memberships, authentication tokens, and quotas.                                                                                                                                                                                    |
@@ -35,16 +35,16 @@ The reference information that follows complements conceptual information about
 | `fixed:licensing:reader`               | `licensing:read`<br>`licensing.reports:read`                                                                                                                                                                                                                             | Read licensing information and licensing reports.                                                                                                                                                                                                                                     |
 | `fixed:licensing:writer`               | All permissions from `fixed:licensing:viewer` and <br>`licensing:update`<br>`licensing:delete`                                                                                                                                                                           | Read licensing information and licensing reports, update and delete the license token.                                                                                                                                                                                                |
 | `fixed:provisioning:writer`            | `provisioning:reload`                                                                                                                                                                                                                                                    | Reload provisioning.                                                                                                                                                                                                                                                                  |
-| `fixed:orgs:reader`                    | `orgs:read`<br>`orgs.quotas:read`                                                                                                                                                                                                                                        | Read the organization and its quotas.                                                                                                                                                                                                                                                 |
-| `fixed:orgs:writer`                    | All permissions from `fixed:orgs:reader` and <br> `orgs:write`<br>`orgs:delete`<br>`orgs.quotas:write`                                                                                                                                                                   | Create, read, write, or delete an organization. Read or write its quotas.                                                                                                                                                                                                             |
-| `fixed:current.org:reader`             | `orgs:read`<br>`orgs.quotas:read`                                                                                                                                                                                                                                        | Read the current organization, such as its ID, name, address, or quotas.                                                                                                                                                                                                              |
-| `fixed:current.org:writer`             | All permissions from `fixed:current.orgs:reader` and <br> `orgs:write`<br>`orgs.quotas:write`<br>`orgs.preferences:read`<br>`orgs.preferences:write`                                                                                                                     | Read the current organization, its quotas, or its preferences. Update the current organization properties, or its preferences.                                                                                                                                                        |
+| `fixed:organization:reader`            | `orgs:read`<br>`orgs.quotas:read`                                                                                                                                                                                                                                        | Read an organization and its quotas.                                                                                                                                                                                                                                                  |
+| `fixed:organization:writer`            | All permissions from `fixed:organization:reader` and <br> `orgs:write`<br>`orgs.preferences:read`<br>`orgs.preferences:write`                                                                                                                                            | Read an organization, its quotas, or its preferences. Update organization properties, or its preferences.                                                                                                                                                                             |
+| `fixed:organization:maintainer`        | All permissions from `fixed:organization:reader` and <br> `orgs:write`<br>`orgs:create`<br>`orgs:delete`<br>`orgs.quotas:write`                                                                                                                                          | Create, read, write, or delete an organization. Read or write its quotas. This role needs to be assigned globally.                                                                                                                                                                    |
+|                                        |
 
 ## Default built-in role assignments
 
-| Built-in role | Associated role                                                                                                                                                                                                                                                                                                                                                                                                       | Description                                                                                                                 |
-| ------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- |
-| Grafana Admin | `fixed:roles:reader`<br>`fixed:roles:writer`<br>`fixed:users:reader`<br>`fixed:users:writer`<br>`fixed:org.users:reader`<br>`fixed:org.users:writer`<br>`fixed:ldap:reader`<br>`fixed:ldap:writer`<br>`fixed:stats:reader`<br>`fixed:settings:reader`<br>`fixed:settings:writer`<br>`fixed:provisioning:writer`<br>`fixed:orgs:reader`<br>`fixed:orgs:writer`<br>`fixed:licensing:reader`<br>`fixed:licensing:writer` | Default [Grafana server administrator]({{< relref "../../permissions/_index.md#grafana-server-admin-role" >}}) assignments. |
-| Admin         | `fixed:reports:reader`<br>`fixed:reports:writer`<br>`fixed:datasources:reader`<br>`fixed:datasources:writer`<br>`fixed:current.org:writer`<br>`fixed:datasources.permissions:reader`<br>`fixed:datasources.permissions:writer`<br>                                                                                                                                                                                    | Default [Grafana organization administrator]({{< relref "../../permissions/organization_roles.md" >}}) assignments.         |
-| Editor        | `fixed:datasources:explorer`                                                                                                                                                                                                                                                                                                                                                                                          | Default [Editor]({{< relref "../../permissions/organization_roles.md" >}}) assignments.                                     |
-| Viewer        | `fixed:datasources:id:reader`                                                                                                                                                                                                                                                                                                                                                                                         | Default [Viewer]({{< relref "../../permissions/organization_roles.md" >}}) assignments.                                     |
+| Built-in role | Associated role                                                                                                                                                                                                                                                                                                                                                                                                                           | Description                                                                                                                 |
+| ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- |
+| Grafana Admin | `fixed:roles:reader`<br>`fixed:roles:writer`<br>`fixed:users:reader`<br>`fixed:users:writer`<br>`fixed:org.users:reader`<br>`fixed:org.users:writer`<br>`fixed:ldap:reader`<br>`fixed:ldap:writer`<br>`fixed:stats:reader`<br>`fixed:settings:reader`<br>`fixed:settings:writer`<br>`fixed:provisioning:writer`<br>`fixed:organization:reader`<br>`fixed:organization:maintainer`<br>`fixed:licensing:reader`<br>`fixed:licensing:writer` | Default [Grafana server administrator]({{< relref "../../permissions/_index.md#grafana-server-admin-role" >}}) assignments. |
+| Admin         | `fixed:reports:reader`<br>`fixed:reports:writer`<br>`fixed:datasources:reader`<br>`fixed:datasources:writer`<br>`fixed:organization:writer`<br>`fixed:datasources.permissions:reader`<br>`fixed:datasources.permissions:writer`<br>                                                                                                                                                                                                       | Default [Grafana organization administrator]({{< relref "../../permissions/organization_roles.md" >}}) assignments.         |
+| Editor        | `fixed:datasources:explorer`                                                                                                                                                                                                                                                                                                                                                                                                              | Default [Editor]({{< relref "../../permissions/organization_roles.md" >}}) assignments.                                     |
+| Viewer        | `fixed:datasources:id:reader`<br>`fixed:organization:reader`                                                                                                                                                                                                                                                                                                                                                                              | Default [Viewer]({{< relref "../../permissions/organization_roles.md" >}}) assignments.                                     |

docs/sources/enterprise/access-control/manage-role-assignments/_index.md

@@ -0,0 +1,15 @@
++++
+title = "Manage role assignments"
+description = ""
+keywords = ["grafana", "fine-grained-access-control", "roles", "permissions", "enterprise"]
+weight = 115
++++
+
+# Manage role assignments
+
+To grant or revoke access to your users, you can assign [Roles]({{< relref "../roles.md" >}}) to users, [Organization roles]({{< relref "../../../permissions/organization_roles.md" >}}) and [Grafana Server Admin]({{< relref "../../../permissions/_index.md#grafana-server-admin-role" >}}) role.
+
+The following pages provide more information on how to manage role assignments:
+
+- [Manage user role assignments]({{< relref "manage-user-role-assignments.md" >}}).
+- [Manage role assignments to Organization roles and Grafana Server Admin role]({{< relref "manage-built-in-role-assignments.md" >}}).

docs/sources/enterprise/access-control/manage-role-assignments/manage-built-in-role-assignments.md

@@ -0,0 +1,19 @@
++++
+title = "Manage built-in role assignments"
+description = "Manage built-in role assignments"
+keywords = ["grafana", "fine-grained-access-control", "roles", "permissions", "fine-grained-access-control-usage", "enterprise"]
+weight = 210
++++
+
+# Built-in role assignments
+
+To control what your users can access or not, you can assign or unassign [Custom roles]({{< ref "#custom-roles" >}}) or [Fixed roles]({{< ref "#fixed-roles" >}}) to the existing [Organization roles]({{< relref "../../../permissions/organization_roles.md" >}}) or to [Grafana Server Admin]({{< relref "../../../permissions/_index.md#grafana-server-admin-role" >}}) role.
+These assignments are called built-in role assignments.
+
+During startup, Grafana will create default assignments for you. When you make any changes to the built-on role assignments, Grafana will take them into account and won’t overwrite during next start.
+
+For more information, refer to [Fine-grained access control references]({{< relref "../fine-grained-access-control-references.md#default-built-in-role-assignments" >}}).
+
+# Manage built-in role assignments
+
+You can create or remove built-in role assignments using [Fine-grained access control API]({{< relref "../../../http_api/access_control.md#create-and-remove-built-in-role-assignments" >}}) or using [Grafana Provisioning]({{< relref "../provisioning.md#manage-default-built-in-role-assignments" >}}).

docs/sources/enterprise/access-control/manage-role-assignments/manage-user-role-assignments.md

@@ -0,0 +1,64 @@
++++
+title = "Manage user role assignments"
+description = "Manage user role assignments"
+keywords = ["grafana", "fine-grained-access-control", "roles", "permissions", "fine-grained-access-control-usage", "enterprise"]
+weight = 200
++++
+
+# Manage user role assignments
+
+There are two ways to assign roles directly to users: in the UI using the role picker, and using the API.
+
+## Manage users' roles within a specific Organization using the role picker
+
+In order to assign roles to a user within a specific Organization using the role picker, you must have a user account with one of the following:
+
+- The Admin built-in role.
+- The Server Admin role.
+- The fixed role `fixed:permissions:writer`, [assigned for the given Organization]({{< relref "../roles/#scope-of-assignments" >}}).
+- A custom role with `users.roles:add` and `users.roles:remove` permissions.
+
+You must also have the permissions granted by the roles that you want to assign or revoke.
+
+Steps:
+
+1. Navigate to the Users Configuration page by hovering over **Configuration** (the gear icon) in the left navigation menu and selecting **Users**.
+1. Click on the **Role** column in the row for the user whose role you would like to edit.
+1. Deselect one or more selected roles that you would like to remove from that user.
+1. Select one or more roles that you would like to assign to that user.
+1. Click the **Apply** button to apply the selected roles to that user.
+
+![User role picker in Organization](/static/img/docs/enterprise/user_role_picker_global.png)
+
+The user's permissions will update immediately, and the UI will reflect their new permissions the next time they reload their browser or visit a new page.
+
+**Note**: The roles that you select will be assigned only within the given Organization. For example, if you grant the user the "Data source editor" role while you are in the main Organization, then that user will be able to edit data source in the main Organization but not in others.
+
+## Manage users' roles in multiple Organizations using the role picker
+
+In order to assign roles across multiple Organizations to a user using the role picker, you must have a user account with one of the following:
+
+- The Server Admin built-in role
+- The fixed role `fixed:permissions:writer`, [assigned globally]({{< relref "../roles/#scope-of-assignments" >}}).
+- A custom role with `users.roles:add` and `users.roles:remove` permissions, [assigned globally]({{< relref "../roles/#scope-of-assignments" >}}).
+
+You must also have the permissions granted by the roles that you want to assign or revoke within the Organization in which you're making changes.
+
+Steps:
+
+1. Navigate to the Users Admin page by hovering over **Server Admin** (the shield icon) in the left navigation menu and selecting **Users**.
+1. Click on a user row to edit that user's roles.
+1. Under the **Organizations** header, you will see a list of roles assigned to that user within each of their Organizations. Click on the roles in an organization to open the role picker.
+1. Deselect one or more selected roles that you would like to remove from that user.
+1. Select one or more roles that you would like to assign to that user.
+1. Click the **Apply** button to apply the selected roles to that user.
+
+![User role picker in Organization](/static/img/docs/enterprise/user_role_picker_in_org.png)
+
+The user's permissions will update immediately, and the UI will reflect their new permissions the next time they reload their browser or visit a new page.
+
+**Note**: The roles that you select will be assigned only within one Organization. For example, if you grant the user the "Data source editor" role in the row for the main Organization, then that user will be able to edit data source in the main Organization but not in others.
+
+## Manage users' roles via API
+
+To manage user role assignment via API, refer to the [fine-grained access control HTTP API docs]({{< relref "../../../http_api/access_control.md#create-and-remove-user-role-assignments" >}}).

docs/sources/enterprise/access-control/permissions.md

@@ -2,7 +2,7 @@
 title = "Permissions"
 description = "Understand fine-grained access control permissions"
 keywords = ["grafana", "fine-grained access-control", "roles", "permissions", "enterprise"]
-weight = 115
+weight = 110
 +++
 
 # Permissions
@@ -54,6 +54,10 @@ The following list contains fine-grained access control actions.
 | `users:logout`                   | `global:users:*` <br> `global:users:id:*`                                                   | Sign out a user.                                                                                                                                           |
 | `users.quotas:list`              | `global:users:*` <br> `global:users:id:*`                                                   | List a user’s quotas.                                                                                                                                      |
 | `users.quotas:update`            | `global:users:*` <br> `global:users:id:*`                                                   | Update a user’s quotas.                                                                                                                                    |
+| `users.roles:list`               | `users:*`                                                                                   | List roles assigned directly to a user.                                                                                                                    |
+| `users.roles:add`                | `permissions:delegate`                                                                      | Assign a role to a user.                                                                                                                                   |
+| `users.roles:remove`             | `permissions:delegate`                                                                      | Unassign a role from a auser.                                                                                                                              |
+| `users.permissions:list`         | `users:*`                                                                                   | List permissions of a user.                                                                                                                                |
 | `org.users:read`                 | `users:*` <br> `users:id:*`                                                                 | Get user profiles within an organization.                                                                                                                  |
 | `org.users:add`                  | `users:*`                                                                                   | Add a user to an organization.                                                                                                                             |
 | `org.users:remove`               | `users:*` <br> `users:id:*`                                                                 | Remove a user from an organization.                                                                                                                        |

docs/sources/enterprise/access-control/provisioning.md

@@ -25,7 +25,7 @@ You can create, update, and delete custom roles, as well as create and remove bu
 
 To create or update custom roles, you can add a list of `roles` in the configuration.
 
-Every role has a [version]({{< relref "./roles.md#custom-roles" >}}) number. For each role you update, you must remember to increment it, otherwise changes won't be accounted for.
+Every role has a [version]({{< relref "./roles.md#custom-roles" >}}) number. For each role you update, you must remember to increment it, otherwise changes won't be applied.
 
 When you update a role, the existing role inside Grafana is altered to be exactly what is specified in the YAML file, including permissions.
 

docs/sources/enterprise/access-control/roles.md

@@ -44,6 +44,14 @@ Role names must be unique within an organization.
 
 Roles with names prefixed by `fixed:` are fixed roles created by Grafana and cannot be created or modified by users.
 
+### Display name
+
+A role's display name is intended as a human friendly identifier for the role, helping users understand the purpose of a role. The display name of the role is displayed in the role picker in the UI.
+
+### Group
+
+A role's group is used to organize roles in the role picker in the UI.
+
 ### Role version
 
 The version of a role is a positive integer which defines the current version of the role. When updating a role, you can either omit the version field to increment the previous value by 1 or set a new version which must be strictly larger than the previous version for the update to succeed.
@@ -67,20 +75,13 @@ If a Grafana Server Admin wants to delegate that privilege to other users, they
 
 Note that you won't be able to create, update or delete a custom role with permissions which you yourself do not have. For example, if the only permission you have is a `users:create`, you won't be able to create a role with other permissions.
 
-## Built-in role assignments
+## Assign roles
 
-To control what your users can access or not, you can assign or unassign [Custom roles]({{< ref "#custom-roles" >}}) or [Fixed roles]({{< ref "#fixed-roles" >}}) to the existing [Organization roles]({{< relref "../../permissions/organization_roles.md" >}}) or to [Grafana Server Admin]({{< relref "../../permissions/_index.md#grafana-server-admin-role" >}}) role.
-These assignments are called built-in role assignments.
+[Custom roles]({{< ref "#custom-roles" >}}) and [Fixed roles]({{< ref "#fixed-roles" >}}) can be assigned to users, the existing [Organization roles]({{< relref "../../permissions/organization_roles.md" >}}) and to [Grafana Server Admin]({{< relref "../../permissions/_index.md#grafana-server-admin-role" >}}) role.
 
-During startup, Grafana will create default assignments for you. When you make any changes to the built-on role assignments, Grafana will take them into account and won’t overwrite during next start.
-
-For more information, refer to [Fine-grained access control references]({{< relref "./fine-grained-access-control-references.md#default-built-in-role-assignments" >}}).
-
-## Create and remove built-in role assignments
-
-You can create or remove built-in role assignments using [Fine-grained access control API]({{< relref "../../http_api/access_control.md" >}}) or using [Grafana Provisioning]({{< relref "./provisioning" >}}).
+Visit [Manage role assignments]({{< relref "manage-role-assignments/_index.md" >}}) page for more details.
 
 ### Scope of assignments
 
-A built-in role assignment can be either _global_ or _organization local_. _Global_ assignments are not mapped to any specific organization and will be applied to all organizations, whereas _organization local_ assignments are only applied for that specific organization.
+A role assignment can be either _global_ or _organization local_. _Global_ assignments are not mapped to any specific organization and will be applied to all organizations, whereas _organization local_ assignments are only applied for that specific organization.
 You can only create _organization local_ assignments for _organization local_ roles.

docs/sources/enterprise/access-control/usage-scenarios.md

@@ -132,6 +132,10 @@ Example response:
 }
 ```
 
+## Manage roles granted directly to users
+
+To learn about granting roles to users, refer to [Manage user role assignments]({{< relref "manage-role-assignments/manage-user-role-assignments.md" >}}) page.
+
 ## Create your first custom role
 
 You can create your custom role by either using an [HTTP API]({{< relref "../../http_api/access_control.md#create-a-new-custom-role" >}}) or by using [Grafana provisioning]({{< relref "./provisioning.md" >}}).

docs/sources/enterprise/auditing.md

@@ -181,6 +181,14 @@ external group.
 | Restore old dashboard version | `{"action": "restore", "resources": [{"type": "dashboard"}]}`            |
 | Delete dashboard              | `{"action": "delete", "resources": [{"type": "dashboard"}]}`             |
 
+#### Library elements management
+
+| Action                 | Distinguishing fields                                              |
+| ---------------------- | ------------------------------------------------------------------ |
+| Create library element | `{"action": "create", "resources": [{"type": "library-element"}]}` |
+| Update library element | `{"action": "update", "resources": [{"type": "library-element"}]}` |
+| Delete library element | `{"action": "delete", "resources": [{"type": "library-element"}]}` |
+
 #### Data sources management
 
 | Action                                             | Distinguishing fields                                                                     |
@@ -192,11 +200,37 @@ external group.
 | Disable permissions for datasource                 | `{"action": "disable-permissions", "resources": [{"type": "datasource"}]}`                |
 | Grant datasource permission to role, team, or user | `{"action": "create", "resources": [{"type": "datasource"}, {"type": "dspermission"}]}`\* |
 | Remove datasource permission                       | `{"action": "delete", "resources": [{"type": "datasource"}, {"type": "dspermission"}]}`   |
+| Enable caching for datasource                      | `{"action": "enable-cache", "resources": [{"type": "datasource"}]}`                       |
+| Disable caching for datasource                     | `{"action": "disable-cache", "resources": [{"type": "datasource"}]}`                      |
+| Update datasource caching configuration            | `{"action": "update", "resources": [{"type": "datasource"}]}`                             |
 
 \* `resources` may also contain a third item with `"type":` set to `"user"` or `"team"`.
 
 #### Alerts and notification channels management
 
+| Action                                                                | Distinguishing fields                                                                          |
+| --------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------- |
+| Save alert manager configuration                                      | `{"action": "update", "requestUri": "/api/alertmanager/RECIPIENT/config/api/v1/alerts"}`       |
+| Reset alert manager configuration                                     | `{"action": "delete", "requestUri": "/api/alertmanager/RECIPIENT/config/api/v1/alerts"}`       |
+| Create silence                                                        | `{"action": "create", "requestUri": "/api/alertmanager/RECIPIENT/api/v2/silences"}`            |
+| Delete silence                                                        | `{"action": "delete", "requestUri": "/api/alertmanager/RECIPIENT/api/v2/silences/SILENCE-ID"}` |
+| Create alert                                                          | `{"action": "create", "requestUri": "/api/ruler/RECIPIENT/api/v2/alerts"}`                     |
+| Create or update rule group                                           | `{"action": "create-update", "requestUri": "/api/ruler/RECIPIENT/api/v1/rules/NAMESPACE"}`     |
+| Delete rule group                                                     | `{"action": "delete", "requestUri": "/api/ruler/RECIPIENT/api/v1/rules/NAMESPACE/GROUP-NAME"}` |
+| Delete namespace                                                      | `{"action": "delete", "requestUri": "/api/ruler/RECIPIENT/api/v1/rules/NAMESPACE"}`            |
+| Test Grafana managed receivers                                        | `{"action": "test", "requestUri": "/api/alertmanager/RECIPIENT/config/api/v1/receivers/test"}` |
+| Create or update the NGalert configuration of the user's organization | `{"action": "create-update", "requestUri": "/api/v1/ngalert/admin_config"}`                    |
+| Delete the NGalert configuration of the user's organization           | `{"action": "delete", "requestUri": "/api/v1/ngalert/admin_config"}`                           |
+
+Where the following:
+
+- `RECIPIENT` is `grafana` for requests handled by Grafana or the numeric data source ID for requests forwarded to a data source.
+- `NAMESPACE` is the string identifier for the rules namespace.
+- `GROUP-NAME` is the string identifier for the rules group.
+- `SILENCE-ID` is the ID of the affected silence.
+
+The following legacy alerting actions are still supported:
+
 | Action                            | Distinguishing fields                                                 |
 | --------------------------------- | --------------------------------------------------------------------- |
 | Test alert rule                   | `{"action": "test", "resources": [{"type": "panel"}]}`                |
@@ -235,13 +269,6 @@ external group.
 
 #### Provisioning
 
-"resources": [
-{
-"id": 1,
-"type": "api-key"
-}
-],
-
 | Action                           | Distinguishing fields                      |
 | -------------------------------- | ------------------------------------------ |
 | Reload provisioned dashboards    | `{"action": "provisioning-dashboards"}`    |
@@ -249,6 +276,13 @@ external group.
 | Reload provisioned plugins       | `{"action": "provisioning-plugins"}`       |
 | Reload provisioned notifications | `{"action": "provisioning-notifications"}` |
 
+#### Plugins management
+
+| Action           | Distinguishing fields     |
+| ---------------- | ------------------------- |
+| Install plugin   | `{"action": "install"}`   |
+| Uninstall plugin | `{"action": "uninstall"}` |
+
 #### Miscellaneous
 
 | Action              | Distinguishing fields                                        |

docs/sources/enterprise/kms-integration/_index.md

@@ -0,0 +1,15 @@
++++
+title = "KMS integration"
+description = ""
+keywords = ["grafana", "kms", "key management system integration"]
+weight = 1200
++++
+
+# Key management systems (KMSs)
+
+You can choose to encrypt secrets stored in the Grafana database using a key from a KMS, which is a secure central storage location that is designed to help you to create and manage cryptographic keys and control their use across many services. When you integrate with a KMS, Grafana does not directly store your encryption key. Instead, Grafana stores KMS credentials and the identifier of the key, which Grafana uses to encrypt the database.
+
+Grafana integrates with the following key management systems:
+
+- AWS KMS
+- Azure Key Vault

docs/sources/enterprise/kms-integration/using-aws-kms-to-encrypt-database-secrets.md

@@ -0,0 +1,86 @@
++++
+title = "AMS KMS"
+description = "Using AWS KMS to encrypt database secrets"
+keywords = ["grafana", "AWS KMS integration"]
+weight = 3
++++
+
+# Using AWS KMS to encrypt database secrets
+
+You can use an encryption key from AWS Key Management Service to encrypt secrets in the Grafana database.
+
+**Prerequisites:**
+
+- An AWS account with permission to view and create KMS keys and programmatic credentials to access those keys
+- Access to the Grafana [configuration]({{< relref "../../administration/configuration/#config-file-locations" >}}) file
+
+1. Create a symmetric API key either from the AWS Management Console or by using the AWS KMS API.
+   <br><br>For detailed instructions, refer to [Creating keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html).
+
+2. Retrieve the Key ID.
+   <br><br>In AWS terms, this can be a key ID, a key ARN (Amazon Resource Name), an alias name, or an alias ARN. For more information about how to retrieve a key ID from AWS, refer to [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html).
+
+3. Create a [programmatic credential](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys) (access key ID and secret access key), which has permission to view the key that you created.
+   <br><br>In AWS, you can control access to your KMS keys by using [key policies](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html), [IAM policies](https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html), and [grants](https://docs.aws.amazon.com/kms/latest/developerguide/grants.html). You can also create [temporary credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html), which must provide a session token along with an access key ID and a secret access key.
+
+4. From within Grafana, turn on [envelope encryption]({{< relref "../../administration/envelope-encryption.md" >}}).
+5. Add your AWS KMS details to the Grafana configuration file; depending on your operating system, it is usually named `grafana.ini`:
+   <br><br>a. Add a new section to the configuration file, with a name in the format of `[security.encryption.awskms.<KEY-NAME>]`, where `<KEY-NAME>` is any name that uniquely identifies this key among other provider keys.
+   <br><br>b. Fill in the section with the following values:
+   <br>
+
+   - `key_id`: a reference to a key stored in the KMS. This can be a key ID, a key Amazon Resource Name (ARN), an alias name, or an alias ARN. If you are using an alias, use the prefix `alias/`. To specify a KMS key in a different AWS account, use its ARN or alias. For more information about how to retrieve a key ID from AWS, refer to [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html).<br>
+     | `key_id` option | Example value |
+     | --- | --- |
+     | Key ID | `1234abcd-12ab-34cd-56ef-1234567890ab` |
+     | Key ARN | `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` |
+     | Alias name | `alias/ExampleAlias` |
+     | Alias ARN | `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias` |
+
+   - `access_key_id`: The AWS Access Key ID that you previously generated.
+   - `secret_access_key`: The AWS Secret Access Key you previously generated.
+   - `token`: (Optional) An AWS Session Token, which you must provide if you created temporary credentials.
+   - `region`: The AWS region where you created the KMS key. The region is contained in the key’s ARN. For example: `arn:aws:kms:*us-east-2*:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
+
+   An example of an AWS KMS provider section in the `grafana.ini` file is as follows:
+
+   ```
+   # AWS key management service provider setup
+   ;[security.encryption.awskms.example-encryption-key]
+   # Reference to a KMS key - either key ID, key ARN, alias name, or ARN
+   ;key_id = 1234abcd-12ab-34cd-56ef-1234567890ab
+   # AWS access key ID
+   ;access_key_id = AKIAIOSFODNN7EXAMPLE
+   # AWS secret access key
+   ;secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+   # AWS session token, optional
+   ;token = AQoDYXdzEJr...<REMAINDER OF SECURITY TOKEN>
+   # AWS region, for example eu-north-1
+   ;region = eu-north-1
+   ```
+
+6. Update the `[security]` section of the `grafana.ini` configuration file with the new Encryption Provider key that you created:
+
+   ```
+   [security]
+   # previous encryption key, used for legacy alerts, decrypting existing secrets or used as default provider when external providers are not configured
+   secret_key = AaaaAaaa
+   # encryption provider key in the format <PROVIDER>.<KEY_NAME>
+   encryption_provider = awskms.example-encryption-key
+   # list of configured key providers, space separated
+   available_encryption_providers = awskms.example-encryption-key
+   ```
+
+   **> Note:** The encryption key that is stored in the `secret_key` field is still used by Grafana’s legacy alerting system to encrypt secrets, for decrypting existing secrets, or it is used as the default provider when external providers are not configured. Do not change or remove that value when adding a new KMS provider.
+
+7. [Restart Grafana](https://grafana.com/docs/grafana/latest/installation/restart-grafana/).
+
+8. (Optional) From the command line and the root directory of Grafana, re-encrypt all of the secrets within the Grafana database with the new key using the following command:
+
+   `grafana-cli admin secrets-migration re-encrypt`
+
+   If you do not re-encrypt existing secrets, then they will remain encrypted by the previous encryption key. Users will still be able to access them.
+
+   **> Note:** This process could take a few minutes to complete, depending on the number of secrets (such as data sources or alert notification channels) in your database. Users might experience errors while this process is running, and alert notifications might not be sent.
+
+   **> Note:** If you are updating this encryption key during the initial setup of Grafana before any data sources, alert notification channels, or dashboards have been created, then this step is not necessary because there are no secrets in Grafana to migrate.

docs/sources/enterprise/kms-integration/using-azure-key-vault-to-encrypt-database-secrets.md

@@ -0,0 +1,81 @@
++++
+title = "Azure Key Vault"
+description = "Using Azure Key Vault to encrypt database secrets"
+keywords = ["grafana", "Azure key vault"]
+weight = 2
++++
+
+# Using Azure Key Vault to encrypt database secrets
+
+You can use an encryption key from Azure Key Vault to encrypt secrets in the Grafana database.
+
+**Prerequisites:**
+
+- An Azure account with permission to view and create Key Vault keys and programmatic credentials to access those keys
+- Access to the Grafana [configuration]({{< relref "../../administration/configuration/#config-file-locations" >}}) file
+
+1. [Create a vault](https://docs.microsoft.com/en-us/azure/key-vault/general/quick-create-portal#create-a-vault).
+
+2. Create a key in the **Key Vault** with the name that you want by using **RSA** as the type and `2048` as the size with encrypt and decrypt permissions.
+
+3. [Register an application](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-an-application) and generate a client secret for it.
+
+4. [Assign a Key Vault access policy](https://docs.microsoft.com/en-us/azure/key-vault/general/assign-access-policy?tabs=azure-portal) for the key vault that you created:
+
+5. In the Key Permissions section, set encrypt and decrypt permissions, and click **Save**.
+
+6. From within Grafana, turn on [envelope encryption]({{< relref "../../administration/envelope-encryption.md" >}}).
+
+7. Add your Azure Key Vault details to the Grafana configuration file; depending on your operating system, is usually named `grafana.ini`:
+   <br><br>a. Add a new section to the configuration file, with a name in the format of `[security.encryption.azurekv.<KEY-NAME>]`, where `<KEY-NAME>` is any name that uniquely identifies this key among other provider keys.
+   <br><br>b. Fill in the section with the following values:
+   <br>
+
+   - `tenant_id`: the **Directory ID** (tenant) from the application that you registered.
+   - `client_id`: the **Application ID** (client) from the application that you registered.
+   - `client_secret`: the VALUE of the secret that you generated in your app. (Don't use the Secret ID).
+   - `key_id`: the key name that you created in the key vault.
+   - `vault_uri`: the URL of your key vault.
+
+   An example of an Azure Key Vault provider section in the `grafana.ini` file is as follows:
+
+   ```
+   # Azure Key Vault provider setup
+   ;[security.encryption.azurekv.example-encryption-key]
+   # Azure Application directory ID (tenant)
+   tenant_id = 1234abcd-12ab-34cd-56ef-1234567890ab
+   # Azure Application application ID (client).
+   client_id = 1356dfgh-12ab-34cd-56ef-3322114455cc
+   # Azure Application client secret.
+   client_secret = FbE4X~4Jq45ERKxx823Aheb9plBjQqHHe81Sc
+   # Azure Key Vault key name.
+   key_id = mysecretkey
+   # Azure Key Vault uri.
+   vault_uri = https://my-vault-name.vault.azure.net
+   ```
+
+8. Update the `[security]` section of the `grafana.ini` configuration file with the new Encryption Provider key that you created:
+
+   ```
+   [security]
+   # previous encryption key, used for legacy alerts, decrypting existing secrets or used as default provider when external providers are not configured
+   secret_key = AaaaAaaa
+   # encryption provider key in the format <PROVIDER>.<KEY-NAME>
+   encryption_provider = azurekv.example-encryption-key
+   # list of configured key providers, space separated
+   available_encryption_providers =  azurekv.example-encryption-key
+   ```
+
+   **> Note:** The encryption key stored in the `secret_key` field is still used by Grafana’s legacy alerting system to encrypt secrets. Do not change or remove that value.
+
+9. [Restart Grafana](https://grafana.com/docs/grafana/latest/installation/restart-grafana/).
+
+10. (Optional) From the command line and the root directory of Grafana Enterprise, re-encrypt all of the secrets within the Grafana database with the new key using the following command:
+
+    `grafana-cli admin secrets-migration re-encrypt`
+
+    If you do not re-encrypt existing secrets, then they will remain encrypted by the previous encryption key. Users will still be able to access them.
+
+    **> Note:** This process could take a few minutes to complete, depending on the number of secrets (such as data sources or alert notification channels) in your database. Users might experience errors while this process is running, and alert notifications might not be sent.
+
+    **> Note:** If you are updating this encryption key during the initial setup of Grafana before any data sources, alert notification channels, or dashboards have been created, then this step is not necessary because there are no secrets in Grafana to migrate.

docs/sources/http_api/access_control.md

@@ -86,23 +86,27 @@ Content-Type: application/json; charset=UTF-8
 #### Status codes
 
 | Code | Description                                                          |
-| ---- | -------------------------------------------------------------------- |
-| 200  | Global and organization local roles are returned.                    |
-| 403  | Access denied                                                        |
-| 500  | Unexpected error. Refer to body and/or server logs for more details. |
-
-### Get a role
-
+| ---- | -------------------------------------------------------------------- |
+| 200  | Global and organization local roles are returned.                    |
+| 403  | Access denied                                                        |
+| 500  | Unexpected error. Refer to body and/or server logs for more details. |
+
+### Get a role
+
+`GET /api/access-control/roles/:uid`
+
 Get a role for the given UID.
 
-Get a role for the given UID.
-
-#### Required permissions
-
-| Action     | Scope    |
-| ---------- | -------- |
-| roles:read | roles:\* |
-
+#### Required permissions
+
+| Action     | Scope    |
+| ---------- | -------- |
+| roles:read | roles:\* |
+
+#### Example request
+
+```http
+GET /api/access-control/roles/PYnDO3rMk
 Accept: application/json
 Content-Type: application/json
 ```
@@ -141,27 +145,59 @@ HTTP/1.1 200 OK
 #### Example request
 
 ```http
-
-#### Example request
-
-```http
-POST /api/access-control/roles
+POST /api/access-control/roles
+Accept: application/json
+Content-Type: application/json
+
+{
+    "version": 1,
     "uid": "jZrmlLCGka",
     "name": "custom:delete:roles",
-
-{
-    "version": 1,
-    "uid": "jZrmlLCGka",
+    "description": "My custom role which gives users permissions to delete roles",
+    "group":"My Group",
+    "displayName": "My Custom Role",
+    "global": false,
     "permissions": [
         {
-    "global": true,
-    "permissions": [
-        {
-            "action": "roles:delete",
+            "action": "roles:delete",
+            "scope": "permissions:delegate"
+        }
+    ]
+}
+```
+
+#### JSON body schema
+
+| Field Name  | Date Type  | Required | Description                                                                                                                                                                                                                                                         |
+| ----------- | ---------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| uid         | string     | No       | UID of the role. If not present, the UID will be automatically created for you and returned in response. Refer to the [Custom roles]({{< relref "../enterprise/access-control/roles.md#custom-roles" >}}) for more information.                                     |
+| global      | boolean    | No       | A flag indicating if the role is global or not. If set to `false`, the default org ID of the authenticated user will be used from the request. Refer to the [Role scopes]({{< relref "../enterprise/access-control/roles.md#role-scopes" >}}) for more information. |
+| version     | number     | No       | Version of the role. If not present, version 0 will be assigned to the role and returned in the response. Refer to the [Custom roles]({{< relref "../enterprise/access-control/roles.md#custom-roles" >}}) for more information.                                    |
+| name        | string     | Yes      | Name of the role. Refer to [Custom roles]({{< relref "../enterprise/access-control/roles.md#custom-roles" >}}) for more information.                                                                                                                                |
+| description | string     | No       | Description of the role.                                                                                                                                                                                                                                            |
+| displayName | string     | No       | Display name of the role, visible in the UI.                                                                                                                                                                                                                        |
+| group       | string     | No       | The group name the role belongs to.                                                                                                                                                                                                                                 |
+| permissions | Permission | No       | If not present, the role will be created without any permissions.                                                                                                                                                                                                   |
+
+**Permission**
+
+| Field Name | Data Type | Required | Description                                                                                                                                                                                          |
+| ---------- | --------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| action     | string    | Yes      | Refer to [Permissions]({{< relref "../enterprise/access-control/permissions.md" >}}) for full list of available actions.                                                                             |
+| scope      | string    | No       | If not present, no scope will be mapped to the permission. Refer to [Permissions]({{< relref "../enterprise/access-control/permissions.md#scope-definitions" >}}) for full list of available scopes. |
+
+#### Example response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+
+```
 
 #### Status codes
-    ]
-}
+
+| Code | Description                                                                        |
+| ---- | ---------------------------------------------------------------------------------- |
 | 200  | Role is updated.                                                                   |
 | 400  | Bad request (invalid json, missing content-type, missing or invalid fields, etc.). |
 | 403  | Access denied                                                                      |
@@ -170,7 +206,7 @@ Content-Type: application/json; charset=UTF-8
 ### Update a custom role
 
 `PUT /api/access-control/roles/:uid`
-| version     | number     | No       | Version of the role. If not present, version 0 will be assigned to the role and returned in the response. Refer to the [Custom roles]({{< relref "../enterprise/access-control/roles.md#custom-roles" >}}) for more information.                                    |
+
 Update the role with the given UID, and it's permissions with the given UID. The operation is idempotent and all permissions of the role will be replaced with what is in the request. You would need to increment the version of the role with each update, otherwise the request will fail.
 
 #### Required permissions
@@ -200,7 +236,9 @@ Content-Type: application/json
         {
             "action": "roles:delete",
             "scope": "permissions:delegate"
-
+        },
+        {
+            "action": "roles:write",
             "scope": "permissions:delegate"
         }
     ]
@@ -219,6 +257,8 @@ Content-Type: application/json
 | permissions | List of Permissions | No       | The full list of permissions the role should have after the update. |
 
 **Permission**
+
+| Field Name | Data Type | Required | Description                                                                                                                                                                                          |
 | ---------- | --------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | action     | string    | Yes      | Refer to [Permissions]({{< relref "../enterprise/access-control/permissions.md" >}}) for full list of available actions.                                                                             |
 | scope      | string    | No       | If not present, no scope will be mapped to the permission. Refer to [Permissions]({{< relref "../enterprise/access-control/permissions.md#scope-definitions" >}}) for full list of available scopes. |
@@ -239,7 +279,9 @@ Content-Type: application/json; charset=UTF-8
 | 400  | Bad request (invalid json, missing content-type, missing or invalid fields, etc.). |
 | 403  | Access denied                                                                      |
 | 404  | Role was not found to update.                                                      |
-#### JSON body schema
+| 500  | Unexpected error. Refer to body and/or server logs for more details.               |
+
+### Delete a custom role
 
 `DELETE /api/access-control/roles/:uid?force=false`
 
@@ -288,7 +330,9 @@ Content-Type: application/json
 
 ### List roles assigned to a user
 
-#### Example request
+`GET /api/access-control/users/:userId/roles`
+
+Lists the roles that have been directly assigned to a given user. The list does not include built-in roles (Viewer, Editor, Admin or Grafana Admin), and it does not include roles that have been inherited from a team.
 
 #### Required permissions
 
@@ -309,6 +353,8 @@ Content-Type: application/json
 HTTP/1.1 200 OK
 Content-Type: application/json; charset=UTF-8
 
+```
+
 #### Status codes
 
 | Code | Description                                                          |
@@ -329,6 +375,8 @@ Content-Type: application/json; charset=UTF-8
 | ---------------------- | -------------------- |
 | users.permissions:list | users:id:`<user ID>` |
 
+#### Example request
+
 ```http
 GET /api/access-control/users/1/permissions
 Accept: application/json
@@ -345,7 +393,7 @@ Content-Type: application/json; charset=UTF-8
 #### Status codes
 
 | Code | Description                                                          |
-HTTP/1.1 200 OK
+| ---- | -------------------------------------------------------------------- |
 | 200  | Set of assigned permissions is returned.                             |
 | 403  | Access denied.                                                       |
 | 500  | Unexpected error. Refer to body and/or server logs for more details. |
@@ -377,7 +425,7 @@ For example, if a user does not have required permissions for creating users, th
 
 {
     "global": false,
-Accept: application/json
+    "roleUid": "XvHQJq57z"
 }
 ```
 
@@ -407,6 +455,275 @@ Content-Type: application/json; charset=UTF-8
 
 ## Remove a user role assignment
 
+`DELETE /api/access-control/users/:userId/roles/:roleUID`
+
+Revoke a role from a user.
+
+For bulk updates consider
+[Set user role assignments]({{< ref "#set-user-role-assignments" >}}).
+
+#### Required permissions
+
+`permission:delegate` scope ensures that users can only unassign roles which have same, or a subset of permissions which the user has.
+For example, if a user does not have required permissions for creating users, they won't be able to unassign a role which will allow to do that. This is done to prevent escalation of privileges.
+
+| Action             | Scope                |
+| ------------------ | -------------------- |
+| users.roles:remove | permissions:delegate |
+
+#### Query parameters
+
+| Param  | Type    | Required | Description                                                                                                                                                               |
+| ------ | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| global | boolean | No       | A flag indicating if the assignment is global or not. If set to `false`, the default org ID of the authenticated user will be used from the request to remove assignment. |
+
+#### Example request
+
+```http
+DELETE /api/access-control/users/1/roles/AFUXBHKnk
+Accept: application/json
+```
+
+#### Example response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+
+```
+
+#### Status codes
+
+| Code | Description                                                          |
+| ---- | -------------------------------------------------------------------- |
+| 200  | Role is unassigned.                                                  |
+| 403  | Access denied.                                                       |
+| 500  | Unexpected error. Refer to body and/or server logs for more details. |
+
+### Set user role assignments
+
+`PUT /api/access-control/users/:userId/roles`
+
+Update the user's role assignments to match the provided set of UIDs.
+This will remove any assigned roles that aren't in the request and add
+roles that are in the set but are not already assigned to the user.
+
+If you want to add or remove a single role, consider using
+[Add a user role assignment]({{< ref "#add-a-user-role-assignment" >}}) or
+[Remove a user role assignment]({{< ref "#remove-a-user-role-assignment" >}})
+instead.
+
+#### Required permissions
+
+`permission:delegate` scope ensures that users can only assign or unassign roles which have same, or a subset of permissions which the user has.
+For example, if a user does not have required permissions for creating users, they won't be able to assign or unassign a role which will allow to do that. This is done to prevent escalation of privileges.
+
+| Action             | Scope                |
+| ------------------ | -------------------- |
+| users.roles:add    | permissions:delegate |
+| users.roles:remove | permissions:delegate |
+
+#### Example request
+
+```http
+PUT /api/access-control/users/1/roles
+Accept: application/json
+Content-Type: application/json
+
+{
+    "global": false,
+    "roleUids": [
+        "ZiHQJq5nk",
+        "GzNQ1357k"
+    ]
+}
+```
+
+#### JSON body schema
+
+| Field Name | Date Type | Required | Description                                                                                                                                          |
+| ---------- | --------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
+| global     | boolean   | No       | A flag indicating if the assignment is global or not. If set to `false`, the default org ID of the authenticated user will be used from the request. |
+| roleUids   | list      | Yes      | List of role UIDs.                                                                                                                                   |
+
+#### Example response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+
+```
+
+#### Status codes
+
+| Code | Description                                                          |
+| ---- | -------------------------------------------------------------------- |
+| 200  | Roles have been assigned.                                            |
+| 403  | Access denied.                                                       |
+| 404  | Role not found.                                                      |
+| 500  | Unexpected error. Refer to body and/or server logs for more details. |
+
+## Create and remove built-in role assignments
+
+API set allows to create or remove [built-in role assignments]({{< relref "../enterprise/access-control/roles.md#built-in-role-assignments" >}}) and list current assignments.
+
+### Get all built-in role assignments
+
+`GET /api/access-control/builtin-roles`
+
+Gets all built-in role assignments.
+
+#### Required permissions
+
+| Action             | Scope    |
+| ------------------ | -------- |
+| roles.builtin:list | roles:\* |
+
+#### Example request
+
+```http
+GET /api/access-control/builtin-roles
+Accept: application/json
+Content-Type: application/json
+```
+
+#### Example response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+
+```
+
+#### Status codes
+
+| Code | Description                                                          |
+| ---- | -------------------------------------------------------------------- |
+| 200  | Built-in role assignments are returned.                              |
+| 403  | Access denied                                                        |
+| 500  | Unexpected error. Refer to body and/or server logs for more details. |
+
+### Create a built-in role assignment
+
+`POST /api/access-control/builtin-roles`
+
+Creates a new built-in role assignment.
+
+#### Required permissions
+
+`permission:delegate` scope ensures that users can only create built-in role assignments with the roles which have same, or a subset of permissions which the user has.
+For example, if a user does not have required permissions for creating users, they won't be able to create a built-in role assignment which will allow to do that. This is done to prevent escalation of privileges.
+
+| Action            | Scope                |
+| ----------------- | -------------------- |
+| roles.builtin:add | permissions:delegate |
+
+#### Example request
+
+```http
+POST /api/access-control/builtin-roles
+Accept: application/json
+Content-Type: application/json
+
+{
+    "roleUid": "LPMGN99Mk",
+    "builtinRole": "Grafana Admin",
+    "global": false
+}
+```
+
+#### JSON body schema
+
+| Field Name  | Date Type | Required | Description                                                                                                                                                                                                                                                                                                                                   |
+| ----------- | --------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| roleUid     | string    | Yes      | UID of the role.                                                                                                                                                                                                                                                                                                                              |
+| builtinRole | boolean   | Yes      | Can be one of `Viewer`, `Editor`, `Admin` or `Grafana Admin`.                                                                                                                                                                                                                                                                                 |
+| global      | boolean   | No       | A flag indicating if the assignment is global or not. If set to `false`, the default org ID of the authenticated user will be used from the request to create organization local assignment. Refer to the [Built-in role assignments]({{< relref "../enterprise/access-control/roles.md#built-in-role-assignments" >}}) for more information. |
+
+#### Example response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+
+```
+
+#### Status codes
+
+| Code | Description                                                                        |
+| ---- | ---------------------------------------------------------------------------------- |
+| 200  | Role was assigned to built-in role.                                                |
+| 400  | Bad request (invalid json, missing content-type, missing or invalid fields, etc.). |
+| 403  | Access denied                                                                      |
+| 404  | Role not found                                                                     |
+| 500  | Unexpected error. Refer to body and/or server logs for more details.               |
+
+### Remove a built-in role assignment
+
+`DELETE /api/access-control/builtin-roles/:builtinRole/roles/:roleUID`
+
+Deletes a built-in role assignment (for one of _Viewer_, _Editor_, _Admin_, or _Grafana Admin_) to the role with the provided UID.
+
+#### Required permissions
+
+`permission:delegate` scope ensures that users can only remove built-in role assignments with the roles which have same, or a subset of permissions which the user has.
+For example, if a user does not have required permissions for creating users, they won't be able to remove a built-in role assignment which allows to do that.
+
+| Action               | Scope                |
+| -------------------- | -------------------- |
+| roles.builtin:remove | permissions:delegate |
+
+#### Example request
+
+```http
+DELETE /api/access-control/builtin-roles/Grafana%20Admin/roles/LPMGN99Mk?global=false
+Accept: application/json
+```
+
+#### Query parameters
+
+| Param  | Type    | Required | Description                                                                                                                                                                                                                                                                                                                |
+| ------ | ------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| global | boolean | No       | A flag indicating if the assignment is global or not. If set to `false`, the default org ID of the authenticated user will be used from the request to remove assignment. Refer to the [Built-in role assignments]({{< relref "../enterprise/access-control/roles.md#built-in-role-assignments" >}}) for more information. |
+
+#### Example response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+
+```
+
+#### Status codes
+
+| Code | Description                                                                        |
+| ---- | ---------------------------------------------------------------------------------- |
+| 200  | Role was unassigned from built-in role.                                            |
+| 400  | Bad request (invalid json, missing content-type, missing or invalid fields, etc.). |
+| 403  | Access denied                                                                      |
+| 404  | Role not found.                                                                    |
+| 500  | Unexpected error. Refer to body and/or server logs for more details.               |
+
+#### Example response
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+
+{
+    "message": "User roles have been updated."
+}
+```
+
+#### Status codes
+
+| Code | Description                                                          |
+| ---- | -------------------------------------------------------------------- |
+| 200  | Roles have been assigned.                                            |
+| 403  | Access denied.                                                       |
+| 404  | Role not found.                                                      |
+| 500  | Unexpected error. Refer to body and/or server logs for more details. |
+
 ## Create and remove built-in role assignments
 
 API set allows to create or remove [built-in role assignments]({{< relref "../enterprise/access-control/roles.md#built-in-role-assignments" >}}) and list current assignments.
@@ -444,7 +761,7 @@ Content-Type: application/json; charset=UTF-8
             "uid": "qQui_LCMk",
             "name": "fixed:users:org:edit",
             "description": "",
-HTTP/1.1 200 OK
+            "global": false,
             "updated": "2021-05-13T16:24:26+02:00",
             "created": "2021-05-13T16:24:26+02:00"
         },
@@ -453,7 +770,7 @@ Content-Type: application/json; charset=UTF-8
             "uid": "PeXmlYjMk",
             "name": "fixed:users:org:read",
             "description": "",
-| 200  | Role was unassigned from built-in role.                                            |
+            "global": false,
             "updated": "2021-05-13T16:24:26+02:00",
             "created": "2021-05-13T16:24:26+02:00"
         }
@@ -464,7 +781,7 @@ Content-Type: application/json; charset=UTF-8
             "uid": "qQui_LCMk",
             "name": "fixed:users:org:edit",
             "description": "",
-            "global": true,
+            "global": false,
             "updated": "2021-05-13T16:24:26+02:00",
             "created": "2021-05-13T16:24:26+02:00"
         }

docs/sources/http_api/org.md

@@ -20,6 +20,14 @@ the admin of all organizations API only works with basic authentication, see [Ad
 
 `GET /api/org/`
 
+#### Required permissions
+
+See note in the [introduction]({{< ref "#organization-api" >}}) for an explanation.
+
+| Action    | Scope |
+| --------- | ----- |
+| orgs:read | N/A   |
+
 **Example Request**:
 
 ```http
@@ -94,6 +102,14 @@ Accessible to users with org admin role, admin in any folder or admin of any tea
 Content-Type: application/json
 Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
 ```
+
+**Example Response**:
+
+```http
+HTTP/1.1 200
+Content-Type: application/json
+
+```
 
 ### Updates the given user
 
@@ -186,6 +202,14 @@ Content-Type: application/json
 
 ### Add a new user to the current organization
 
+`POST /api/org/users`
+
+Adds a global user to the current organization.
+
+#### Required permissions
+
+See note in the [introduction]({{< ref "#organization-api" >}}) for an explanation.
+
 | Action        | Scope    |
 | ------------- | -------- |
 | org.users:add | users:\* |
@@ -259,6 +283,14 @@ is called `admin` and has permission to use this API).
 | Action    | Scope | Note                           |
 | --------- | ----- | ------------------------------ |
 | orgs:read | N/A   | Needs to be assigned globally. |
+
+**Example Request**:
+
+```http
+GET /api/orgs/name/Main%20Org%2E HTTP/1.1
+Accept: application/json
+Content-Type: application/json
+```
 
 **Example Response**:
 
@@ -293,6 +325,14 @@ Content-Type: application/json
 
 Note: The api will work in the following two ways
 
+1. Need to set GF_USERS_ALLOW_ORG_CREATE=true
+2. Set the config value users.allow_org_create to true in ini file
+
+**Example Response**:
+
+```http
+HTTP/1.1 200
+Content-Type: application/json
 
 ```
 
@@ -327,6 +367,14 @@ Content-Type: application/json
 
 ```http
 HTTP/1.1 200
+Content-Type: application/json
+
+```
+
+### Update Organization
+
+`PUT /api/orgs/:orgId`
+
 Update Organization, fields _Address 1_, _Address 2_, _City_ are not implemented yet.
 Only works with Basic Authentication (username and password), see [introduction](#admin-organizations-api).
 
@@ -362,6 +410,14 @@ Content-Type: application/json
 Only works with Basic Authentication (username and password), see [introduction](#admin-organizations-api).
 
 #### Required permissions
+
+See note in the [introduction]({{< ref "#organization-api" >}}) for an explanation.
+
+| Action      | Scope |
+| ----------- | ----- |
+| orgs:delete | N/A   |
+
+**Example Request**:
 
 ```http
 DELETE /api/orgs/1 HTTP/1.1
@@ -396,6 +452,14 @@ Content-Type: application/json
 GET /api/orgs/1/users HTTP/1.1
 Accept: application/json
 Content-Type: application/json
+```
+
+Note: The api will only work when you pass the admin name and password
+to the request HTTP URL, like http://admin:admin@localhost:3000/api/orgs/1/users
+
+**Example Response**:
+
+```http
 HTTP/1.1 200
 Content-Type: application/json
 [
@@ -423,6 +487,14 @@ Content-Type: application/json
 Content-Type: application/json
 
 ```
+
+**Example Response**:
+
+```http
+HTTP/1.1 200
+Content-Type: application/json
+
+```
 
 ### Update Users in Organization
 

docs/sources/image-rendering/_index.md

@@ -72,7 +72,7 @@ RENDERING_MODE=default
 
 #### Clustered
 
-With the `clustered` mode, you can configure how many browser instances or incognito pages can execute concurrently. Default is `browser` and will ensure a maximum amount of browser instances can execute concurrently. Mode `context` will ensure a maximum amount of incognito pages can execute concurrently. You can also configure the maximum concurrency allowed, which per default is `5`.
+With the `clustered` mode, you can configure how many browser instances or incognito pages can execute concurrently. Default is `browser` and will ensure a maximum amount of browser instances can execute concurrently. Mode `context` will ensure a maximum amount of incognito pages can execute concurrently. You can also configure the maximum concurrency allowed, which per default is `5`, and the maximum duration of a rendering request, which per default is `30` seconds.
 
 Using a cluster of incognito pages is more performant and consumes less CPU and memory than a cluster of browsers. However, if one page crashes it can bring down the entire browser with it (making all the rendering requests happening at the same time fail). Also, each page isn't guaranteed to be totally clean (cookies and storage might bleed-through as seen [here](https://bugs.chromium.org/p/chromium/issues/detail?id=754576)).
 
@@ -80,6 +80,7 @@ Using a cluster of incognito pages is more performant and consumes less CPU and
 RENDERING_MODE=clustered
 RENDERING_CLUSTERING_MODE=browser
 RENDERING_CLUSTERING_MAX_CONCURRENCY=5
+RENDERING_CLUSTERING_TIMEOUT=30
 ```
 
 ```json
@@ -88,7 +89,8 @@ RENDERING_CLUSTERING_MAX_CONCURRENCY=5
     "mode": "clustered",
     "clustering": {
       "mode": "browser",
-      "maxConcurrency": 5
+      "maxConcurrency": 5,
+      "timeout": 30
     }
   }
 }

docs/sources/plugins/catalog.md

@@ -23,7 +23,7 @@ The Plugin catalog allows you to browse and manage plugins from within Grafana.
   </video>
 </div>
 
-Before you can use the Plugin catalog, you must enable it in the Grafana [configuration]({{< relref "../administration/configuration.md#plugin_admin_enabled" >}}) file.
+In order to be able to install / uninstall / update plugins using plugin catalog, you must enable it via the `plugin_admin_enabled` flag in the [configuration]({{< relref "../administration/configuration.md#plugin_admin_enabled" >}}) file.
 Before following the steps below, make sure you are logged in as a Grafana administrator.
 
 <a id="#plugin-catalog-entry"></a>

docs/sources/release-notes/release-notes-8-2-5.md

@@ -11,6 +11,7 @@ list = false
 ### Bug fixes
 
 - **Alerting:** Fix a bug where the metric in the evaluation string was not correctly populated. [#41731](https://github.com/grafana/grafana/pull/41731), [@JohnnyQQQQ](https://github.com/JohnnyQQQQ)
+- **Alerting:** Fix no data behaviour in Legacy Alerting for alert rules using the AND operator. [#41305](https://github.com/grafana/grafana/pull/41305), [@gerobinson](https://github.com/gerobinson)
 - **CloudMonitoring:** Ignore min and max aggregation in MQL queries. [#41302](https://github.com/grafana/grafana/pull/41302), [@sunker](https://github.com/sunker)
 - **Dashboards:** 'Copy' is no longer added to new dashboard titles. [#41344](https://github.com/grafana/grafana/pull/41344), [@joshhunt](https://github.com/joshhunt)
 - **DataProxy:** Fix overriding response body when response is a WebSocket upgrade. [#41364](https://github.com/grafana/grafana/pull/41364), [@marefr](https://github.com/marefr)
@@ -20,3 +21,11 @@ list = false
 - **Plugins:** Ensure consistent plugin settings list response. [#41346](https://github.com/grafana/grafana/pull/41346), [@wbrowne](https://github.com/wbrowne)
 - **Tempo:** Fix validation of float durations. [#41400](https://github.com/grafana/grafana/pull/41400), [@ivanahuckova](https://github.com/ivanahuckova)
 - **Tracing:** Correct tags for each span are shown. [#41473](https://github.com/grafana/grafana/pull/41473), [@ivanahuckova](https://github.com/ivanahuckova)
+
+### Breaking changes
+
+### Fix No Data behaviour in Legacy Alerting
+
+In Grafana 8.2.5 and later, this change fixes a bug in the evaluation of alert rules when using the AND operator to compare two or more conditions. In Grafana 8.2.4 and earlier such alert rules would evaluate to `OK` if at least one, but not all, conditions returned no data. This change fixes that bug such that in Grafana 8.2.5 these alert rules now evaluate to `No Data`.
+
+If an alert should evaluate to `OK` when one or all conditions return `No Data` then this can be done via changing `If no data or all values are null` to `OK`. However, this will not preserve the old behaviour in 8.2.4 where an alert will be `OK` if at least one, but not all, conditions return no data and then `No Data` if all conditions return `No Data`. Issue [#41305](https://github.com/grafana/grafana/issues/41305)

docs/sources/release-notes/release-notes-8-3-0-beta1.md

@@ -0,0 +1,77 @@
++++
+title = "Release notes for Grafana 8.3.0-beta1"
+[_build]
+list = false
++++
+
+<!-- Auto generated by update changelog github action -->
+
+# Release notes for Grafana 8.3.0-beta1
+
+### Features and enhancements
+
+- **AccessControl:** Apply fine-grained access control to licensing. (Enterprise)
+- **Alerting:** Add UI for contact point testing with custom annotations and labels. [#40491](https://github.com/grafana/grafana/pull/40491), [@nathanrodman](https://github.com/nathanrodman)
+- **Alerting:** Make alert state indicator in panel header work with Grafana 8 alerts. [#38713](https://github.com/grafana/grafana/pull/38713), [@domasx2](https://github.com/domasx2)
+- **Alerting:** Option for Discord notifier to use webhook name. [#40463](https://github.com/grafana/grafana/pull/40463), [@Skyebold](https://github.com/Skyebold)
+- **Annotations:** Deprecate AnnotationsSrv. [#39631](https://github.com/grafana/grafana/pull/39631), [@hugohaggmark](https://github.com/hugohaggmark)
+- **Auditing:** Add audit logs for unified alerting endpoints. (Enterprise)
+- **Auditing:** Add endpoints (plugins, datasources, library elements). (Enterprise)
+- **Auth:** Omit all base64 paddings in JWT tokens for the JWT auth. [#35602](https://github.com/grafana/grafana/pull/35602), [@gillg](https://github.com/gillg)
+- **Azure Monitor:** Clean up fields when editing Metrics. [#41762](https://github.com/grafana/grafana/pull/41762), [@andresmgot](https://github.com/andresmgot)
+- **AzureMonitor:** Add new starter dashboards. [#39876](https://github.com/grafana/grafana/pull/39876), [@jcolladokuri](https://github.com/jcolladokuri)
+- **AzureMonitor:** Add starter dashboard for app monitoring with Application Insights. [#40725](https://github.com/grafana/grafana/pull/40725), [@jcolladokuri](https://github.com/jcolladokuri)
+- **Barchart/Time series:** Allow x axis label. [#41142](https://github.com/grafana/grafana/pull/41142), [@oscarkilhed](https://github.com/oscarkilhed)
+- **CLI:** Improve error handling for installing plugins. [#41257](https://github.com/grafana/grafana/pull/41257), [@marefr](https://github.com/marefr)
+- **CloudMonitoring:** Migrate to use backend plugin SDK contracts. [#38650](https://github.com/grafana/grafana/pull/38650), [@idafurjes](https://github.com/idafurjes)
+- **CloudWatch Logs:** Add retry strategy for hitting max concurrent queries. [#39290](https://github.com/grafana/grafana/pull/39290), [@aocenas](https://github.com/aocenas)
+- **CloudWatch:** Add AWS RoboMaker metrics and dimension. [#41450](https://github.com/grafana/grafana/pull/41450), [@ilyastoli](https://github.com/ilyastoli)
+- **CloudWatch:** Add AWS Transfer metrics and dimension. [#41168](https://github.com/grafana/grafana/pull/41168), [@ilyastoli](https://github.com/ilyastoli)
+- **Dashboard:** replace datasource name with a reference object. [#33817](https://github.com/grafana/grafana/pull/33817), [@ryantxu](https://github.com/ryantxu)
+- **Dashboards:** Show logs on time series when hovering. [#40110](https://github.com/grafana/grafana/pull/40110), [@ryantxu](https://github.com/ryantxu)
+- **Elasticsearch:** Add support for Elasticsearch 8.0 (Beta). [#41729](https://github.com/grafana/grafana/pull/41729), [@Elfo404](https://github.com/Elfo404)
+- **Elasticsearch:** Add time zone setting to Date Histogram aggregation. [#40882](https://github.com/grafana/grafana/pull/40882), [@Elfo404](https://github.com/Elfo404)
+- **Elasticsearch:** Enable full range log volume histogram. [#41202](https://github.com/grafana/grafana/pull/41202), [@ifrost](https://github.com/ifrost)
+- **Elasticsearch:** Full range logs volume. [#40700](https://github.com/grafana/grafana/pull/40700), [@ifrost](https://github.com/ifrost)
+- **Explore:** Allow changing the graph type. [#40522](https://github.com/grafana/grafana/pull/40522), [@gabor](https://github.com/gabor)
+- **Explore:** Show ANSI colors when highlighting matched words in the logs panel. [#40971](https://github.com/grafana/grafana/pull/40971), [@oliverfrye](https://github.com/oliverfrye)
+- **Graph(old) panel:** Listen to events from Time series panel. [#41033](https://github.com/grafana/grafana/pull/41033), [@zoltanbedi](https://github.com/zoltanbedi)
+- **Import:** Load gcom dashboards from URL. [#41799](https://github.com/grafana/grafana/pull/41799), [@ashharrison90](https://github.com/ashharrison90)
+- **LibraryPanels:** Improves export and import of library panels between orgs. [#39214](https://github.com/grafana/grafana/pull/39214), [@hugohaggmark](https://github.com/hugohaggmark)
+- **OAuth:** Support PKCE. [#39948](https://github.com/grafana/grafana/pull/39948), [@sakjur](https://github.com/sakjur)
+- **Panel edit:** Overrides now highlight correctly when searching. [#41684](https://github.com/grafana/grafana/pull/41684), [@ashharrison90](https://github.com/ashharrison90)
+- **PanelEdit:** Display drag indicators on draggable sections. [#41711](https://github.com/grafana/grafana/pull/41711), [@ashharrison90](https://github.com/ashharrison90)
+- **Plugins:** Refactor Plugin Management. [#40477](https://github.com/grafana/grafana/pull/40477), [@wbrowne](https://github.com/wbrowne)
+- **Prometheus:** Add custom query parameters when creating PromLink url. [#41213](https://github.com/grafana/grafana/pull/41213), [@Ian-Yy](https://github.com/Ian-Yy)
+- **Prometheus:** Remove limits on metrics, labels, and values in Metrics Browser. [#40660](https://github.com/grafana/grafana/pull/40660), [@autoric](https://github.com/autoric)
+- **StateTimeline:** Share cursor with rest of the panels. [#41038](https://github.com/grafana/grafana/pull/41038), [@zoltanbedi](https://github.com/zoltanbedi)
+- **Tempo:** Add error details when json upload fails. [#41803](https://github.com/grafana/grafana/pull/41803), [@aocenas](https://github.com/aocenas)
+- **Tempo:** Add filtering for service graph query. [#41162](https://github.com/grafana/grafana/pull/41162), [@aocenas](https://github.com/aocenas)
+- **Tempo:** Add links to nodes in Service Graph pointing to Prometheus metrics. [#41135](https://github.com/grafana/grafana/pull/41135), [@aocenas](https://github.com/aocenas)
+- **Time series/Bar chart panel:** Add ability to sort series via legend. [#40226](https://github.com/grafana/grafana/pull/40226), [@zoltanbedi](https://github.com/zoltanbedi)
+- **TimeSeries:** Allow multiple axes for the same unit. [#41635](https://github.com/grafana/grafana/pull/41635), [@dprokop](https://github.com/dprokop)
+- **TraceView:** Allow span links defined on dataFrame. [#40563](https://github.com/grafana/grafana/pull/40563), [@aocenas](https://github.com/aocenas)
+- **Transformations:** Support a rows mode in labels to fields. [#41020](https://github.com/grafana/grafana/pull/41020), [@ryantxu](https://github.com/ryantxu)
+- **ValueMappings:** Don't apply field config defaults to time fields. [#41132](https://github.com/grafana/grafana/pull/41132), [@torkelo](https://github.com/torkelo)
+- **Variables:** Only update panels that are impacted by variable change. [#39420](https://github.com/grafana/grafana/pull/39420), [@hugohaggmark](https://github.com/hugohaggmark)
+
+### Bug fixes
+
+- **API:** Fix dashboard quota limit for imports. [#41495](https://github.com/grafana/grafana/pull/41495), [@yangkb09](https://github.com/yangkb09)
+- **Alerting:** Fix rule editor issues with Azure Monitor data source. [#41317](https://github.com/grafana/grafana/pull/41317), [@domasx2](https://github.com/domasx2)
+- **Azure monitor:** Make sure alert rule editor is not enabled when template variables are being used. [#41335](https://github.com/grafana/grafana/pull/41335), [@sunker](https://github.com/sunker)
+- **CloudMonitoring:** Fix annotation queries. [#41529](https://github.com/grafana/grafana/pull/41529), [@sunker](https://github.com/sunker)
+- **CodeEditor:** Trigger the latest getSuggestions() passed to CodeEditor. [#40544](https://github.com/grafana/grafana/pull/40544), [@DukeManh](https://github.com/DukeManh)
+- **Dashboard:** Remove the current panel from the list of options in the Dashboard datasource. [#41826](https://github.com/grafana/grafana/pull/41826), [@ashharrison90](https://github.com/ashharrison90)
+- **Encryption:** Fix decrypting secrets in alerting migration. [#41061](https://github.com/grafana/grafana/pull/41061), [@undef1nd](https://github.com/undef1nd)
+- **InfluxDB:** Fix corner case where index is too large in ALIAS field. [#41562](https://github.com/grafana/grafana/pull/41562), [@gabor](https://github.com/gabor)
+- **NavBar:** Order App plugins alphabetically. [#40078](https://github.com/grafana/grafana/pull/40078), [@ashharrison90](https://github.com/ashharrison90)
+- **NodeGraph:** Fix zooming sensitivity on touchpads. [#40718](https://github.com/grafana/grafana/pull/40718), [@aocenas](https://github.com/aocenas)
+- **Plugins:** Add OAuth pass-through logic to api/ds/query endpoint. [#41352](https://github.com/grafana/grafana/pull/41352), [@wbrowne](https://github.com/wbrowne)
+- **Snapshots:** Fix panel inspector for snapshot data. [#41530](https://github.com/grafana/grafana/pull/41530), [@joshhunt](https://github.com/joshhunt)
+- **Tempo:** Fix basic auth password reset on adding tag. [#41808](https://github.com/grafana/grafana/pull/41808), [@aocenas](https://github.com/aocenas)
+- **ValueMapping:** Fixes issue with regex mappings. [#41515](https://github.com/grafana/grafana/pull/41515), [@mcdee](https://github.com/mcdee)
+
+### Plugin development fixes & changes
+
+- **grafana/ui:** Enable slider marks display. [#41275](https://github.com/grafana/grafana/pull/41275), [@dprokop](https://github.com/dprokop)

docs/sources/whatsnew/whats-new-in-v8-3.md

@@ -0,0 +1,69 @@
++++
+title = "What's new in Grafana v8.3"
+description = "Feature and improvement highlights for Grafana v8.3"
+keywords = ["grafana", "new", "documentation", "8.3", "release notes"]
+weight = -33
+aliases = ["/docs/grafana/latest/guides/whats-new-in-v8-3/"]
+[_build]
+list = false
++++
+
+# What’s new in Grafana v8.3
+
+Grafana 8.3 is an exciting release for Grafana Labs. This release includes the new Candlestick Panel, a new visualization suggestions engine and, for enterprise users, Recorded Queries.
+
+For Open Source users it also marks the first time Grafana Alerting, formerly unified alerting, is enabled by default for new Grafana installations. Grafana Alerting in 8.3 is the flexible, single pane of glass for all your alerts. Included in this release is expanded provisioning support for notifiers, contact points, and alert rules, alongside auditing and fine-grained access control for our Enterprise customers.
+
+We’ve summarized what’s new in the release here, but you might also be interested in the announcement blog post as well. If you’d like all the details you can check out the complete [CHANGELOG.md](https://github.com/grafana/grafana/blob/master/CHANGELOG.md).
+
+# Grafana OSS
+
+## Accessibility
+
+We’ve continued to make progress on improving Grafana’s accessibility. In Grafana 8.3 we’ve updated the main menu with improved keyboard navigation. We’ve also improved Grafana’s behavior when navigating through elements with the tab key (tab stops) and finished our work to make Grafana’s viewer roles compatible with assistive technologies such as screen readers. You can read our accessibility statement here and reach out to us with accessibility issues using our community Slack or our community forums.
+
+## Dashboards and Visualizations
+
+### Panel Suggestions
+
+Grafana will now make suggestions for visualization types based on the current data surfaced by a query or queries in a panel. This makes seeing available, possible interpretations of your data more straightforward and can be a useful jumping-off point when building panels and dashboards with specific goals in mind.
+
+### Candlestick Panel (Beta)
+
+Grafana 8.3 is shipping with a new Candlestick panel that is so much more. Beyond candlesticks and open, high, low, high, close, behaviors, it includes customizable up/down colors, bar color determined by intra-period or inter-period movement of the data, volume histogram with matching colors, and the ability to detach or create a separate volume histogram to allow for more flexible dashboard design. You can read more about it here [link to do].
+
+# Grafana Enterprise
+
+## Recorded Queries
+
+Recorded queries turn “point in time” data into time series.
+
+Recorded queries allow you to export the results of certain non-time series queries to the Enterprise backend in order to store data over time and allow customers to construct their own time series.
+
+This new feature is especially helpful for Enterprise customers using plugins because many new plugins, like ServiceNow and Jira, don’t return time series so customers weren’t able to plot historical data over time. With recorded queries, now they can! For more information
+
+## Assign fine-grained permissions directly to users with the new role picker (beta)
+
+Sometimes the Viewer, Editor, and Admin roles just don’t fit what a certain user needs to do in Grafana. Now you can assign fine-grained roles directly to users, so they can create reports, use Explore mode, create data sources, and perform other specific actions in Grafana. The role picker can be access from the Grafana Admin user management page.
+
+## Use fine-grained access control for Organizations and Licensing (beta)
+
+We’ve added new permissions to fine-grained access control to help you specify actions that users can perform. Now you can assign permissions to manage Organizations and License functions in Grafana, in addition to Users, Data Sources, Reports, and other resources. Fine-grained access control remains in beta and we will continue to add new permissions until all of Grafana’s endpoints are covered. For a complete list of the actions you can permit using fine-grained access control, see the [reference](https://grafana.com/docs/grafana/next/enterprise/access-control/fine-grained-access-control-references/).
+
+## Get your encryption key from a Key Management Service
+
+Grafana’s database contains secrets, like the credentials used to query data sources, send alert notifications and perform other functions within Grafana. These secrets are encrypted using keys, which are usually stored in Grafana’s configuration file. Now you can get your encryption key from Amazon KMS, Azure Key Vault, or Hashicorp Vault. This allows you to centrally manage your Grafana encryption key and reduce the chances it will leak.
+
+In order to support this, we’ve upgraded Grafana Enterprise to use envelope encryption, which complements the KMS integration by adding a layer of indirection to the encryption process. Instead of encrypting all secrets with a single key, Grafana uses a set of keys called data encryption keys (DEKs) to encrypt them. These data encryption keys are themselves encrypted with a single key encryption key (KEK). With envelope encryption, you can store a KEK in your KMS, and still quickly encrypt and decrypt data using DEKs stored within the Grafana database.
+
+## Pay the same for all users, regardless of their permissions
+
+Are you tired of managing user permissions because your license only allows a certain number of Viewers and Editors or Admins? So were we. We’ve added support for combined user pricing, where all users cost the same and fall into the same license bucket in Grafana Enterprise. This is a specific license option and must be updated in your contract. To learn more, refer to our [licensing docs](https://grafana.com/docs/grafana/latest/enterprise/license/license-restrictions/). To switch to combined user pricing, contact your Grafana Labs account team.
+
+## Author dashboards faster with resource caching
+
+Your query editor just became faster. [Query caching](https://grafana.com/docs/grafana/latest/enterprise/query-caching/) improves query performance and sometimes reduces cost, by reducing the number of repetitive queries performed against data sources. Resource caching does the same thing but for resource calls, like retrieving the list of applications in the AppDynamics editor, the list of metrics from Datadog, or the list of values in a template variable dropdown. This makes for a zippier user experience for everyone writing queries in Grafana.
+
+## Review audit logs for more services, like alerting
+
+[Audit logs](https://grafana.com/docs/grafana/latest/enterprise/auditing/) are a record of the actions users perform in Grafana, which you can investigate in case of a security incident or to understand Grafana usage better. We’ve added audit logs for new actions performed against plugins, data sources, library elements, and Grafana’s new alerting service. This ensures that if a user makes a change anywhere in Grafana Enterprise, you’ll have a record of it. For details, refer to the [Auditing docs](https://grafana.com/docs/grafana/latest/enterprise/auditing/).

e2e/dashboards-suite/import-dashboard.spec.ts

@@ -5,7 +5,7 @@ e2e.scenario({
   itName: 'Ensure you can import a number of json test dashboards from a specific test directory',
   addScenarioDataSource: false,
   addScenarioDashBoard: false,
-  skipScenario: false,
+  skipScenario: true,
   scenario: () => {
     e2e.flows.importDashboards('/dashboards', 1000);
   },

e2e/panels-suite/panelEdit_base.spec.ts

@@ -9,7 +9,9 @@ e2e.scenario({
   addScenarioDashBoard: false,
   skipScenario: false,
   scenario: () => {
+    e2e().intercept('/api/ds/query').as('query');
     e2e.flows.openDashboard({ uid: 'TkZXxlNG3' });
+    e2e().wait('@query');
 
     e2e.flows.openPanelMenuItem(e2e.flows.PanelMenuItems.Edit, PANEL_UNDER_TEST);
 
@@ -43,13 +45,12 @@ e2e.scenario({
 
         //  Can change to Alerts tab (graph panel is the default vis so the alerts tab should be rendered)
         e2e.components.Tab.title('Alert').should('be.visible').click();
-        e2e.components.Tab.active().within((li: JQuery<HTMLLIElement>) => {
-          expect(li.text()).equals('Alert0'); // there's no alert so therefore Alert + 0
-        });
-        e2e.components.AlertTab.content().should('be.visible');
+        e2e.components.Tab.active().should('have.text', 'Alert0'); // there's no alert so therefore Alert + 0
+        e2e.components.AlertTab.content().should('not.exist');
         e2e.components.QueryTab.content().should('not.exist');
         e2e.components.TransformTab.content().should('not.exist');
-        e2e.components.PanelAlertTabContent.content().should('not.exist');
+        e2e.components.PanelAlertTabContent.content().should('exist');
+        e2e.components.PanelAlertTabContent.content().should('be.visible');
 
         e2e.components.Tab.title('Query').should('be.visible').click();
       });

e2e/panels-suite/panelEdit_queries.spec.ts

@@ -1,5 +1,5 @@
 import { e2e } from '@grafana/e2e';
-import { expect } from '../../../public/test/lib/common';
+import { expect } from '../../public/test/lib/common';
 
 const flakyTimeout = 10000;
 

e2e/run-suite

@@ -8,25 +8,35 @@ PORT=${PORT:-$DEFAULT_PORT}
 
 echo -e "Starting Cypress scenarios"
 
+args=("$@")
+
 CMD="start"
 PARAMS=""
 SLOWMO=0
 URL=${BASE_URL:-"http://$HOST:$PORT"}
-SUITE=${SUITE:-$DEFAULT_SUITE}
-
-if [ "$1" == "debug" ]; then
-    echo -e "Debug mode"
-    SLOWMO=1
-    PARAMS="--no-exit"
-fi
-
-if [ "$1" == "dev" ]; then
-    echo "Dev mode"
-    CMD="open"
-fi
+integrationFolder=../../e2e
+testFiles=*-suite/*spec.ts
 
 cd packages/grafana-e2e
 
+case "$1" in
+    "debug")
+        echo -e "Debug mode"
+        SLOWMO=1
+        PARAMS="--no-exit"
+        ;;
+    "dev")
+        echo "Dev mode"
+        CMD="open"
+        ;;
+    "")
+        ;;
+    *)
+        integrationFolder=../../e2e/"${args[0]}"
+        testFiles="*.spec.ts"
+        ;;
+esac
+
 yarn $CMD --env BASE_URL=$URL,SLOWMO=$SLOWMO \
-  --config defaultCommandTimeout=30000,integrationFolder=../../e2e/$SUITE/specs,screenshotsFolder=../../e2e/$SUITE/screenshots,videosFolder=../../e2e/$SUITE/videos,fileServerFolder=./cypress,viewportWidth=1920,viewportHeight=1080,trashAssetsBeforeRuns=false,videoUploadOnPasses=false \
+  --config defaultCommandTimeout=30000,testFiles=$testFiles,integrationFolder=$integrationFolder,screenshotsFolder=../../e2e/"${args[0]}"/screenshots,videosFolder=../../e2e/"${args[0]}"/videos,fileServerFolder=./cypress,viewportWidth=1920,viewportHeight=1080,trashAssetsBeforeRuns=false,videoUploadOnPasses=false \
   $PARAMS

e2e/smoke-tests-suite/1-smoketests.spec.ts

@@ -1,4 +1,4 @@
 import { e2e } from '@grafana/e2e';
-import { smokeTestScenario } from '../../shared/smokeTestScenario';
+import { smokeTestScenario } from '../shared/smokeTestScenario';
 
 e2e.scenario(smokeTestScenario);

e2e/variables

@@ -8,4 +8,3 @@ DEFAULT_PACKAGE_FILE=dist/grafana-*linux-amd64.tar.gz
 PROV_DIR=$RUNDIR/conf/provisioning
 DEFAULT_HOST=localhost
 DEFAULT_PORT=3001
-DEFAULT_SUITE=suite1

e2e/various-suite/exemplars.spec.ts

@@ -4,7 +4,7 @@ const dataSourceName = 'PromExemplar';
 const addDataSource = () => {
   e2e.flows.addDataSource({
     type: 'Prometheus',
-    expectedAlertMessage: 'Bad Gateway',
+    expectedAlertMessage: 'Error reading Prometheus',
     name: dataSourceName,
     form: () => {
       e2e.components.DataSource.Prometheus.configPage.exemplarsAddButton().click();

emails/templates/ng_alert_notification.html

@@ -1,6 +1,11 @@
 [[Subject .Subject "[[.Title]]"]]
 
 [[ define "alert" ]]
+<tr>
+  <td colspan="2" class="value">
+    <span class="value-heading">Value:</span> <span class="value-value">[[ .ValueString ]]</span>
+  </td>
+</tr>
   [[ if gt (len .Annotations.SortedPairs) 0 ]]
       <tr>
         <td colspan="2" class="annotations">
@@ -108,6 +113,16 @@
     margin: 0 10px 0 0;
     padding: 5px 9px;
   }
+  .value {
+    font-size: 14px;
+    padding-top: 24px;
+  }
+  .value-heading {
+    font-weight: bold;
+  }
+  .value-value {
+    padding-left: 8px;
+  }
   .annotations {
     font-size: 14px;
     padding: 24px 0 12px 0;

go.mod

@@ -55,7 +55,7 @@ require (
 	github.com/gosimple/slug v1.9.0
 	github.com/grafana/cuetsy v0.0.0-20210928021233-5ddfb47f9a7d
 	github.com/grafana/grafana-aws-sdk v0.7.0
-	github.com/grafana/grafana-plugin-sdk-go v0.116.0
+	github.com/grafana/grafana-plugin-sdk-go v0.118.0
 	github.com/grafana/loki v1.6.2-0.20211015002020-7832783b1caa
 	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
 	github.com/hashicorp/go-hclog v0.16.1
@@ -81,7 +81,7 @@ require (
 	github.com/patrickmn/go-cache v2.1.0+incompatible
 	github.com/pkg/browser v0.0.0-20210904010418-6d279e18f982 // indirect
 	github.com/pkg/errors v0.9.1
-	github.com/prometheus/alertmanager v0.23.1-0.20211021072955-1b8afe7cb5aa
+	github.com/prometheus/alertmanager v0.23.1-0.20211116083607-e2a10119aaf7
 	github.com/prometheus/client_golang v1.11.0
 	github.com/prometheus/client_model v0.2.0
 	github.com/prometheus/common v0.32.1
@@ -225,7 +225,7 @@ require (
 	github.com/opentracing-contrib/go-stdlib v1.0.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/common/sigv4 v0.1.0 // indirect
-	github.com/prometheus/exporter-toolkit v0.6.1 // indirect
+	github.com/prometheus/exporter-toolkit v0.7.0 // indirect
 	github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289 // indirect
 	github.com/prometheus/procfs v0.6.0 // indirect
 	github.com/protocolbuffers/txtpbfmt v0.0.0-20201118171849-f6a6b3f636fc // indirect

go.sum

@@ -1227,8 +1227,8 @@ github.com/grafana/grafana-google-sdk-go v0.0.0-20211104130251-b190293eaf58 h1:2
 github.com/grafana/grafana-google-sdk-go v0.0.0-20211104130251-b190293eaf58/go.mod h1:Vo2TKWfDVmNTELBUM+3lkrZvFtBws0qSZdXhQxRdJrE=
 github.com/grafana/grafana-plugin-sdk-go v0.79.0/go.mod h1:NvxLzGkVhnoBKwzkst6CFfpMFKwAdIUZ1q8ssuLeF60=
 github.com/grafana/grafana-plugin-sdk-go v0.114.0/go.mod h1:D7x3ah+1d4phNXpbnOaxa/osSaZlwh9/ZUnGGzegRbk=
-github.com/grafana/grafana-plugin-sdk-go v0.116.0 h1:I3BN7tc2jdXNRI8/3g+Pmf/NgJFbSudQslMESF10qD0=
-github.com/grafana/grafana-plugin-sdk-go v0.116.0/go.mod h1:F3F8qNzdsf6e+Yq35AgwaNOiCv+txpzGURyz+gJ5CuM=
+github.com/grafana/grafana-plugin-sdk-go v0.118.0 h1:n2hU2Hkq0vzUG7g1meS77/yvZZWgEPiPtGuG4I1Jl94=
+github.com/grafana/grafana-plugin-sdk-go v0.118.0/go.mod h1:Mhy+5mC6rSqEhnzop1wEh//n/fgkzNK5pRgg3DfCp4g=
 github.com/grafana/loki v1.6.2-0.20211015002020-7832783b1caa h1:+pXjAxavVR2FKKNsuuCXGCWEj8XGc1Af6SPiyBpzU2A=
 github.com/grafana/loki v1.6.2-0.20211015002020-7832783b1caa/go.mod h1:0O8o/juxNSKN/e+DzWDTRkl7Zm8CkZcz0NDqEdojlrk=
 github.com/grafana/saml v0.0.0-20211007135653-aed1b2edd86b h1:YiSGp34F4V0G08HHx1cJBf2GVgwYAkXQjzuVs1t8jYk=
@@ -1967,8 +1967,8 @@ github.com/prometheus/alertmanager v0.21.1-0.20210422101724-8176f78a70e1/go.mod
 github.com/prometheus/alertmanager v0.22.2/go.mod h1:rYinOWxFuCnNssc3iOjn2oMTlhLaPcUuqV5yk5JKUAE=
 github.com/prometheus/alertmanager v0.23.0/go.mod h1:0MLTrjQI8EuVmvykEhcfr/7X0xmaDAZrqMgxIq3OXHk=
 github.com/prometheus/alertmanager v0.23.1-0.20210914172521-e35efbddb66a/go.mod h1:U7pGu+z7A9ZKhK8lq1MvIOp5GdVlZjwOYk+S0h3LSbA=
-github.com/prometheus/alertmanager v0.23.1-0.20211021072955-1b8afe7cb5aa h1:KKgVswVOfDYOn9GNtO7bR3r4vyM77WXuJsyGxMl1Zgs=
-github.com/prometheus/alertmanager v0.23.1-0.20211021072955-1b8afe7cb5aa/go.mod h1:pRqzxS2B4tciJfx2JUvR67udJrQeSUZ603OQQFFUrIQ=
+github.com/prometheus/alertmanager v0.23.1-0.20211116083607-e2a10119aaf7 h1:OMwDo53awRp+UzaBrwmVC7HJiAMYP/niBJfKcGpPiac=
+github.com/prometheus/alertmanager v0.23.1-0.20211116083607-e2a10119aaf7/go.mod h1:1UH4XA4DAXzsvofKVzcXmC0mqt6Y8BZP9JcQWKDmbFc=
 github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
@@ -2030,8 +2030,9 @@ github.com/prometheus/common/sigv4 v0.1.0 h1:qoVebwtwwEhS85Czm2dSROY5fTo2PAPEVdD
 github.com/prometheus/common/sigv4 v0.1.0/go.mod h1:2Jkxxk9yYvCkE5G1sQT7GuEXm57JrvHu9k5YwTjsNtI=
 github.com/prometheus/exporter-toolkit v0.5.0/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
 github.com/prometheus/exporter-toolkit v0.5.1/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
-github.com/prometheus/exporter-toolkit v0.6.1 h1:Aqk75wQD92N9CqmTlZwjKwq6272nOGrWIbc8Z7+xQO0=
 github.com/prometheus/exporter-toolkit v0.6.1/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g=
+github.com/prometheus/exporter-toolkit v0.7.0 h1:XtYeVeeC5daG4txbc9+mieKq+/AK4gtIBLl9Mulrjnk=
+github.com/prometheus/exporter-toolkit v0.7.0/go.mod h1:ZUBIj498ePooX9t/2xtDjeQYwvRpiPP2lh5u4iblj2g=
 github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289 h1:dTUS1vaLWq+Y6XKOTnrFpoVsQKLCbCp1OLj24TDi7oM=
 github.com/prometheus/node_exporter v1.0.0-rc.0.0.20200428091818-01054558c289/go.mod h1:FGbBv5OPKjch+jNUJmEQpMZytIdyW0NdBtWFcfSKusc=
 github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=

lerna.json

@@ -1,6 +1,8 @@
 {
   "npmClient": "yarn",
   "useWorkspaces": true,
-  "packages": ["packages/*"],
-  "version": "8.3.0-pre"
+  "packages": [
+    "packages/*"
+  ],
+  "version": "8.3.0-beta.2"
 }

package.json

@@ -3,7 +3,7 @@
   "license": "AGPL-3.0-only",
   "private": true,
   "name": "grafana",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "repository": "github:grafana/grafana",
   "scripts": {
     "api-tests": "jest --notify --watch --config=devenv/e2e-api-tests/jest.js",
@@ -48,7 +48,7 @@
     "postinstall": "husky install"
   },
   "grafana": {
-    "whatsNewUrl": "https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v8-2/",
+    "whatsNewUrl": "https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v8-3/",
     "releaseNotesUrl": "https://grafana.com/docs/grafana/next/release-notes/"
   },
   "lint-staged": {

packages/grafana-data/package.json

@@ -2,7 +2,7 @@
   "author": "Grafana Labs",
   "license": "Apache-2.0",
   "name": "@grafana/data",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "description": "Grafana Data Library",
   "keywords": [
     "typescript"
@@ -22,7 +22,7 @@
   },
   "dependencies": {
     "@braintree/sanitize-url": "5.0.2",
-    "@grafana/schema": "8.3.0-pre",
+    "@grafana/schema": "8.3.0-beta.2",
     "@types/d3-interpolate": "^1.4.0",
     "d3-interpolate": "1.4.0",
     "date-fns": "2.21.3",

packages/grafana-data/src/dataframe/processDataFrame.test.ts

@@ -11,6 +11,7 @@ import { DataFrameDTO, FieldType, TableData, TimeSeries } from '../types/index';
 import { dateTime } from '../datetime/moment_wrapper';
 import { MutableDataFrame } from './MutableDataFrame';
 import { ArrayDataFrame } from './ArrayDataFrame';
+import { getFieldTypeFromValue } from '.';
 
 describe('toDataFrame', () => {
   it('converts timeseries to series', () => {
@@ -118,15 +119,13 @@ describe('toDataFrame', () => {
     expect(guessFieldTypeFromValue('xxxx')).toBe(FieldType.string);
   });
 
-  it('Guess Column Types from strings', () => {
-    expect(guessFieldTypeFromValue('1')).toBe(FieldType.number);
-    expect(guessFieldTypeFromValue('1.234')).toBe(FieldType.number);
-    expect(guessFieldTypeFromValue('NaN')).toBe(FieldType.number);
-    expect(guessFieldTypeFromValue('3.125e7')).toBe(FieldType.number);
-    expect(guessFieldTypeFromValue('True')).toBe(FieldType.boolean);
-    expect(guessFieldTypeFromValue('FALSE')).toBe(FieldType.boolean);
-    expect(guessFieldTypeFromValue('true')).toBe(FieldType.boolean);
-    expect(guessFieldTypeFromValue('xxxx')).toBe(FieldType.string);
+  it('Get column types from values', () => {
+    expect(getFieldTypeFromValue(1)).toBe(FieldType.number);
+    expect(getFieldTypeFromValue(1.234)).toBe(FieldType.number);
+    expect(getFieldTypeFromValue(NaN)).toBe(FieldType.number);
+    expect(getFieldTypeFromValue(3.125e7)).toBe(FieldType.number);
+    expect(getFieldTypeFromValue(true)).toBe(FieldType.boolean);
+    expect(getFieldTypeFromValue('xxxx')).toBe(FieldType.string);
   });
 
   it('Guess Column Types from series', () => {

packages/grafana-data/src/dataframe/processDataFrame.ts

@@ -32,7 +32,7 @@ function convertTableToDataFrame(table: TableData): DataFrame {
     // TODO: should be Column but type does not exists there so not sure whats up here.
     const { text, type, ...disp } = c as any;
     return {
-      name: text, // rename 'text' to the 'name' field
+      name: text?.length ? text : c, // rename 'text' to the 'name' field
       config: (disp || {}) as FieldConfig,
       values: new ArrayVector(),
       type: type && Object.values(FieldType).includes(type as FieldType) ? (type as FieldType) : FieldType.other,
@@ -189,10 +189,33 @@ export function guessFieldTypeFromNameAndValue(name: string, v: any): FieldType
   return guessFieldTypeFromValue(v);
 }
 
+/**
+ * Check the field type to see what the contents are
+ */
+export function getFieldTypeFromValue(v: any): FieldType {
+  if (v instanceof Date || isDateTime(v)) {
+    return FieldType.time;
+  }
+
+  if (isNumber(v)) {
+    return FieldType.number;
+  }
+
+  if (isString(v)) {
+    return FieldType.string;
+  }
+
+  if (isBoolean(v)) {
+    return FieldType.boolean;
+  }
+
+  return FieldType.other;
+}
+
 /**
  * Given a value this will guess the best column type
  *
- * TODO: better Date/Time support!  Look for standard date strings?
+ * NOTE: this is will try to see if string values can be mapped to other types (like number)
  */
 export function guessFieldTypeFromValue(v: any): FieldType {
   if (v instanceof Date || isDateTime(v)) {
@@ -237,7 +260,7 @@ export function guessFieldTypeForField(field: Field): FieldType | undefined {
   // 2. Check the first non-null value
   for (let i = 0; i < field.values.length; i++) {
     const v = field.values.get(i);
-    if (v !== null) {
+    if (v != null) {
       return guessFieldTypeFromValue(v);
     }
   }

packages/grafana-data/src/field/displayProcessor.test.ts

@@ -70,11 +70,11 @@ describe('Process simple display values', () => {
   });
 
   it('array of text', () => {
-    assertSame(['a', 'b', 'c'], processors, { text: 'a,b,c', numeric: NaN });
+    assertSame(['a', 'b', 'c'], processors, { text: 'a, b, c', numeric: NaN });
   });
 
   it('array of numbers', () => {
-    assertSame([1, 2, 3], processors, { text: '1,2,3', numeric: NaN });
+    assertSame([1, 2, 3], processors, { text: '1, 2, 3', numeric: NaN });
   });
 
   it('empty object', () => {

packages/grafana-data/src/field/displayProcessor.ts

@@ -1,5 +1,5 @@
 // Libraries
-import { toString, toNumber as _toNumber, isEmpty, isBoolean } from 'lodash';
+import { toString, toNumber as _toNumber, isEmpty, isBoolean, isArray, join } from 'lodash';
 
 // Types
 import { Field, FieldType } from '../types/dataFrame';
@@ -116,6 +116,10 @@ export function getDisplayProcessor(options?: DisplayProcessorOptions): DisplayP
       }
     }
 
+    if (text == null && isArray(value)) {
+      text = join(value, ', ');
+    }
+
     if (text == null) {
       text = toString(value);
       if (!text) {

packages/grafana-data/src/transformations/matchers/valueMatchers/numericMatchers.ts

@@ -26,7 +26,7 @@ const isGreaterValueMatcher: ValueMatcherInfo<BasicValueMatcherOptions<number>>
 const isGreaterOrEqualValueMatcher: ValueMatcherInfo<BasicValueMatcherOptions<number>> = {
   id: ValueMatcherID.greaterOrEqual,
   name: 'Is greater or equal',
-  description: 'Match when field value is lower or greater than option.',
+  description: 'Match when field value is greater than or equal to option.',
   get: (options) => {
     return (valueIndex: number, field: Field) => {
       const value = field.values.get(valueIndex);
@@ -37,7 +37,7 @@ const isGreaterOrEqualValueMatcher: ValueMatcherInfo<BasicValueMatcherOptions<nu
     };
   },
   getOptionsDisplayText: (options) => {
-    return `Matches all rows where field value is lower or greater than: ${options.value}.`;
+    return `Matches all rows where field value is greater than or equal to: ${options.value}.`;
   },
   isApplicable: (field) => field.type === FieldType.number,
   getDefaultOptions: () => ({ value: 0 }),

packages/grafana-data/src/transformations/transformers/ids.ts

@@ -28,4 +28,5 @@ export enum DataTransformerID {
   prepareTimeSeries = 'prepareTimeSeries',
   convertFieldType = 'convertFieldType',
   fieldLookup = 'fieldLookup',
+  extractFields = 'extractFields',
 }

packages/grafana-data/src/types/datasource.ts

@@ -487,7 +487,7 @@ export interface DataQueryRequest<TQuery extends DataQuery = DataQuery> {
   timezone: string;
   app: CoreApp | string;
 
-  cacheTimeout?: string;
+  cacheTimeout?: string | null;
   rangeRaw?: RawTimeRange;
   timeInfo?: string; // The query time description (blue text in the upper right)
   panelId?: number;

packages/grafana-data/src/types/panel.ts

@@ -201,12 +201,20 @@ export interface VisualizationSuggestion<TOptions = any, TFieldConfig = any> {
   fieldConfig?: FieldConfigSource<Partial<TFieldConfig>>;
   /** Data transformations */
   transformations?: DataTransformerConfig[];
-  /** Tweak for small preview */
-  previewModifier?: (suggestion: VisualizationSuggestion) => void;
+  /** Options for how to render suggestion card */
+  cardOptions?: {
+    /** Tweak for small preview */
+    previewModifier?: (suggestion: VisualizationSuggestion) => void;
+    icon?: string;
+    imgSrc?: string;
+  };
   /** A value between 0-100 how suitable suggestion is */
   score?: VisualizationSuggestionScore;
 }
 
+/**
+ * @alpha
+ */
 export enum VisualizationSuggestionScore {
   /** We are pretty sure this is the best possible option */
   Best = 100,

packages/grafana-e2e-selectors/package.json

@@ -2,7 +2,7 @@
   "author": "Grafana Labs",
   "license": "Apache-2.0",
   "name": "@grafana/e2e-selectors",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "description": "Grafana End-to-End Test Selectors Library",
   "keywords": [
     "cli",

packages/grafana-e2e/package.json

@@ -2,7 +2,7 @@
   "author": "Grafana Labs",
   "license": "Apache-2.0",
   "name": "@grafana/e2e",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "description": "Grafana End-to-End Test Library",
   "keywords": [
     "cli",
@@ -49,7 +49,7 @@
     "@babel/core": "7.14.6",
     "@babel/preset-env": "7.14.7",
     "@cypress/webpack-preprocessor": "5.9.1",
-    "@grafana/e2e-selectors": "8.3.0-pre",
+    "@grafana/e2e-selectors": "8.3.0-beta.2",
     "@grafana/tsconfig": "^1.0.0-rc1",
     "@mochajs/json-file-reporter": "^1.2.0",
     "babel-loader": "8.2.2",

packages/grafana-runtime/package.json

@@ -2,7 +2,7 @@
   "author": "Grafana Labs",
   "license": "Apache-2.0",
   "name": "@grafana/runtime",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "description": "Grafana Runtime Library",
   "keywords": [
     "grafana",
@@ -23,9 +23,9 @@
   },
   "dependencies": {
     "@emotion/css": "11.1.3",
-    "@grafana/data": "8.3.0-pre",
-    "@grafana/e2e-selectors": "8.3.0-pre",
-    "@grafana/ui": "8.3.0-pre",
+    "@grafana/data": "8.3.0-beta.2",
+    "@grafana/e2e-selectors": "8.3.0-beta.2",
+    "@grafana/ui": "8.3.0-beta.2",
     "@sentry/browser": "5.25.0",
     "history": "4.10.1",
     "lodash": "4.17.21",

packages/grafana-runtime/src/components/PanelDataErrorView.tsx

@@ -0,0 +1,43 @@
+import React from 'react';
+import { PanelData } from '@grafana/data';
+
+/**
+ * Describes the properties that can be passed to the PanelDataErrorView.
+ *
+ * @alpha
+ */
+export interface PanelDataErrorViewProps {
+  message?: string;
+  panelId: number;
+  data: PanelData;
+  needsTimeField?: boolean;
+  needsNumberField?: boolean;
+  // suggestions?: VisualizationSuggestion[]; <<< for sure optional
+}
+
+/**
+ * Simplified type with defaults that describes the PanelDataErrorView.
+ *
+ * @internal
+ */
+export type PanelDataErrorViewType = React.ComponentType<PanelDataErrorViewProps>;
+
+/**
+ * PanelDataErrorView allows panels to show a consistent error message when
+ * the result structure does not meet expected criteria
+ *
+ * @alpha
+ */
+export let PanelDataErrorView: PanelDataErrorViewType = ({ message }) => {
+  return <div>Unable to render data: {message}.</div>;
+};
+
+/**
+ * Used to bootstrap the PanelDataErrorView during application start so the
+ * PanelDataErrorView is exposed via runtime.
+ *
+ * @internal
+ */
+export function setPanelDataErrorView(renderer: PanelDataErrorViewType) {
+  PanelDataErrorView = renderer;
+}

packages/grafana-runtime/src/index.ts

@@ -22,7 +22,8 @@ export {
   BackendDataSourceResponse,
   DataResponse,
 } from './utils/queryResponse';
+export { PanelRenderer, PanelRendererProps } from './components/PanelRenderer';
+export { PanelDataErrorView, PanelDataErrorViewProps } from './components/PanelDataErrorView';
 export { toDataQueryError } from './utils/toDataQueryError';
-export { PanelRenderer, PanelRendererProps, PanelRendererType, setPanelRenderer } from './components/PanelRenderer';
 export { setQueryRunnerFactory, createQueryRunner, QueryRunnerFactory } from './services/QueryRunner';
 export { DataSourcePicker, DataSourcePickerProps, DataSourcePickerState } from './components/DataSourcePicker';

packages/grafana-schema/package.json

@@ -2,7 +2,7 @@
   "author": "Grafana Labs",
   "license": "Apache-2.0",
   "name": "@grafana/schema",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "description": "Grafana Schema Library",
   "keywords": [
     "typescript"

packages/grafana-toolkit/docker/grafana-plugin-ci-alpine/Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine:3.14.2
+FROM alpine:3.14.3
 
 USER root
 

packages/grafana-toolkit/package.json

@@ -2,7 +2,7 @@
   "author": "Grafana Labs",
   "license": "Apache-2.0",
   "name": "@grafana/toolkit",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "description": "Grafana Toolkit",
   "keywords": [
     "grafana",
@@ -28,10 +28,10 @@
   "dependencies": {
     "@babel/core": "7.13.14",
     "@babel/preset-env": "7.13.12",
-    "@grafana/data": "8.3.0-pre",
+    "@grafana/data": "8.3.0-beta.2",
     "@grafana/eslint-config": "2.5.1",
     "@grafana/tsconfig": "^1.0.0-rc1",
-    "@grafana/ui": "8.3.0-pre",
+    "@grafana/ui": "8.3.0-beta.2",
     "@jest/core": "26.6.3",
     "@rushstack/eslint-patch": "1.0.6",
     "@types/command-exists": "^1.2.0",

packages/grafana-ui/package.json

@@ -2,7 +2,7 @@
   "author": "Grafana Labs",
   "license": "Apache-2.0",
   "name": "@grafana/ui",
-  "version": "8.3.0-pre",
+  "version": "8.3.0-beta.2",
   "description": "Grafana Components Library",
   "keywords": [
     "grafana",
@@ -33,9 +33,9 @@
     "@emotion/css": "11.1.3",
     "@emotion/react": "11.1.5",
     "@grafana/aws-sdk": "0.0.3",
-    "@grafana/data": "8.3.0-pre",
-    "@grafana/e2e-selectors": "8.3.0-pre",
-    "@grafana/schema": "8.3.0-pre",
+    "@grafana/data": "8.3.0-beta.2",
+    "@grafana/e2e-selectors": "8.3.0-beta.2",
+    "@grafana/schema": "8.3.0-beta.2",
     "@grafana/slate-react": "0.22.10-grafana",
     "@monaco-editor/react": "4.2.2",
     "@popperjs/core": "2.5.4",

packages/grafana-ui/src/components/Alert/Alert.tsx

@@ -53,7 +53,7 @@ export const Alert = React.forwardRef<HTMLDivElement, Props>(
         <div className={styles.icon}>
           <Icon size="xl" name={getIconFromSeverity(severity) as IconName} />
         </div>
-        <div className={styles.body}>
+        <div className={styles.body} role="alert">
           <div className={styles.title}>{title}</div>
           {children && <div className={styles.content}>{children}</div>}
         </div>