Open Ennakin opened 1 week ago
I am getting the same error :(
curl -X GET 'https://my-user:mypassword@mygrafana.com/api/plugins/grafana-oncall-app/resources/plugin/status'
"error setting up request headers: failed to parse JSON response: json: cannot unmarshal object into Go value of type []plugin.OrgUser "
Grafana v10.2.2
Grafana OnCall Version v.1.9.31
I should mention that i have self-hosted grafana with multiple organizations, so enabling the externalServiceAccounts didn't work for me (as I learned from this https://github.com/grafana/grafana-plugin-examples/blob/main/examples/app-with-service-account/README.md). My error is "failed to parse JSON response: json: cannot unmarshal object into Go value of type []plugin.OnCallPermission body={"message":"Unlicensed","traceID":""}". I'm not running Grafana in the Enterprise mode. What's with the license?
@Ennakin Multiple organizations in Grafana is not supported by OnCall.
Is accessControlOncall
feature flag enabled? if you are not running enterprise it should not be on. This is what is telling OnCall to check for RBAC permissions.
@Ennakin Multiple organizations in Grafana is not supported by OnCall.
Is
accessControlOncall
feature flag enabled? if you are not running enterprise it should not be on. This is what is telling OnCall to check for RBAC permissions.
accessControlOncall flag isn't enabled nor through config file, nor through docker-compose envs. RBAC section in grafana.ini looks like this the toggler section:
so should the externalServiceAccounts toggler be enabled? If so I get "PluginAppClientSecret not set in config" error.
externalServiceAccounts
should be on accessControlOnCall
should be off, may want to double check the feature_toggles section in the UI under Administration->General->Settings as well.
externalServiceAccounts
should be onaccessControlOnCall
should be off, may want to double check the feature_toggles section in the UI under Administration->General->Settings as well.
Thank you! I checked settings area, externalServiceAccounts is only feature that is on. What PluginAppClientSecret is?
PluginAppClientSecret
is the token for the external service account associated with the Plugin.
Under Administration->Users and Access->Service accounts there should be one called extsvc-grafana-oncall-app
and it should have 1 token.
there is only sa-autogen-OnCall account wich was generated a few month ago with the installation of grafana-oncall. and it has 1 token
Try going to Administration->Plugins and data->Plugins Grafana OnCall make sure there is an IAM tab on that screen and also check in the grafana log file if there is any errors on startup regarding the plugin. That service account should get created when the plugin is loaded.
IAM tab is in place. I still get 'msg="Request Completed" method=GET path=/api/plugins/grafana-oncall-app/resources/plugin/status status=500 ... msg="Error making sync request" error="error getting settings from context: PluginAppClientSecret not set in config "' in grafana logs
Is there any chance I can use a post method to create this service account?
Try going to Administration->Plugins and data->Plugins Grafana OnCall make sure there is an IAM tab on that screen and also check in the grafana log file if there is any errors on startup regarding the plugin. That service account should get created when the plugin is loaded.
And if I switched to grafana-enterprise would I need a license to use oncall plugin?
Is there any chance I can use a post method to create this service account?
This service account can't be created by the user it should be created automatically by the plugin.
And if I switched to grafana-enterprise would I need a license to use oncall plugin?
You need a license to use all the features of grafana-enterprise, oncall does not have a license it just conforms to the Grafana version it is installed on.
In the enterprise mode with 'enable = externalServiceAccounts, accessControlOncall' setting I still get 'PluginAppClientSecret not set in config' error. Please let me know, if I missed anything
This service account can't be created by the user it should be created automatically by the plugin.
Is it supposed to work even without kubernetes? And why doesn't oncall plugin have a permission to create service account in IAM section?
What went wrong?
What happened:
I have a hobby mode of grafana running in containers. The engine version is also 1.9.30, grafana version is 11.3.0-76679. The integrations is still working, alerts are still being sent. There is an error In grafana container logs: " level=error msg="Request Completed" method=POST path=/api/ds/query status=500" What did you expect to happen:
How do we reproduce it?
Grafana OnCall Version
v.1.9.30
Product Area
Helm/Kubernetes/Docker
Grafana OnCall Platform?
Docker
User's Browser?
Google Chrome
Anything else to add?
No response