coderabbitai
diff --git a/‎pkg/apis/alerting_notifications/v0alpha1/receiver_spec.go
+5-3 b/‎pkg/apis/alerting_notifications/v0alpha1/receiver_spec.go
+5-3
diff --git a/‎pkg/apis/alerting_notifications/v0alpha1/zz_generated.deepcopy.go
+3-1 b/‎pkg/apis/alerting_notifications/v0alpha1/zz_generated.deepcopy.go
+3-1
diff --git a/‎pkg/generated/applyconfiguration/alerting_notifications/v0alpha1/integration.go
+14-12 b/‎pkg/generated/applyconfiguration/alerting_notifications/v0alpha1/integration.go
+14-12
diff --git a/‎pkg/registry/apis/alerting/notifications/receiver/conversions.go
+3-2 b/‎pkg/registry/apis/alerting/notifications/receiver/conversions.go
+3-2
diff --git a/‎pkg/registry/apis/alerting/notifications/receiver/legacy_storage.go
+11-10 b/‎pkg/registry/apis/alerting/notifications/receiver/legacy_storage.go
+11-10
diff --git a/‎pkg/registry/apis/alerting/notifications/register.go
+1-1 b/‎pkg/registry/apis/alerting/notifications/register.go
+1-1
diff --git a/‎pkg/services/ngalert/notifier/receiver_svc.go
+149-2 b/‎pkg/services/ngalert/notifier/receiver_svc.go
+149-2
@@ -1,15 +1,17 @@
 package v0alpha1
 
+import "encoding/json"
+
 // Integration defines model for Integration.
 // +k8s:openapi-gen=true
 type Integration struct {
 	DisableResolveMessage *bool `json:"disableResolveMessage,omitempty"`
 	// +mapType=atomic
 	SecureFields map[string]bool `json:"SecureFields,omitempty"`
 	// +listType=atomic
-	Settings []byte  `json:"settings"`
-	Type     string  `json:"type"`
-	Uid      *string `json:"uid,omitempty"`
+	Settings json.RawMessage `json:"settings"`
+	Type     string          `json:"type"`
+	Uid      *string         `json:"uid,omitempty"`
 }
 
 // ReceiverSpec defines model for Spec.
 
@@ -1,6 +1,7 @@
 package receiver
 
 import (
+	"encoding/json"
 	"fmt"
 	"hash/fnv"
 
@@ -48,7 +49,7 @@ func convertToK8sResource(orgID int64, receiver definitions.GettableApiReceiver,
 			Uid:                   &integration.UID,
 			Type:                  integration.Type,
 			DisableResolveMessage: &integration.DisableResolveMessage,
-			Settings:              integration.Settings,
+			Settings:              json.RawMessage(integration.Settings),
 			SecureFields:          integration.SecureFields,
 		})
 	}
@@ -83,7 +84,7 @@ func convertToDomainModel(receiver *model.Receiver) (definitions.GettableApiRece
 		grafanaIntegration := definitions.GettableGrafanaReceiver{
 			Name:         receiver.Spec.Title,
 			Type:         integration.Type,
-			Settings:     integration.Settings,
+			Settings:     definitions.RawMessage(integration.Settings),
 			SecureFields: integration.SecureFields,
 			//Provenance:   "", //TODO: Convert provenance?
 		}
 
@@ -93,9 +93,8 @@ func (s *legacyStorage) Get(ctx context.Context, uid string, _ *metav1.GetOption
 		return nil, err
 	}
 
-	q := models.GetReceiverQuery{
+	q := models.GetReceiversQuery{
 		OrgID: info.OrgID,
-		Name:  uid, // TODO: Name/UID mapping or change signature of service.
 		//Decrypt: ctx.QueryBool("decrypt"), // TODO: Query params.
 	}
 
@@ -104,12 +103,18 @@ func (s *legacyStorage) Get(ctx context.Context, uid string, _ *metav1.GetOption
 		return nil, err
 	}
 
-	res, err := s.service.GetReceiver(ctx, q, user)
+	res, err := s.service.GetReceivers(ctx, q, user)
 	if err != nil {
 		return nil, err
 	}
 
-	return convertToK8sResource(info.OrgID, res, s.namespacer)
+	for _, r := range res {
+		if getUID(r) == uid {
+			return convertToK8sResource(info.OrgID, r, s.namespacer)
+		}
+	}
+
+	return nil, errors.NewNotFound(resourceInfo.GroupResource(), uid)
 }
 
 func (s *legacyStorage) Create(ctx context.Context,
@@ -211,13 +216,9 @@ func (s *legacyStorage) Delete(ctx context.Context, uid string, deleteValidation
 	if options.Preconditions != nil && options.Preconditions.ResourceVersion != nil {
 		version = *options.Preconditions.ResourceVersion
 	}
-	p, ok := old.(*notifications.Receiver)
-	if !ok {
-		return nil, false, fmt.Errorf("expected receiver but got %s", old.GetObjectKind().GroupVersionKind())
-	}
 
-	err = s.service.DeleteReceiver(ctx, p.Spec.Title, info.OrgID, definitions.Provenance(models.ProvenanceNone), version) // TODO add support for dry-run option
-	return old, false, err                                                                                                // false - will be deleted async
+	err = s.service.DeleteReceiver(ctx, uid, info.OrgID, definitions.Provenance(models.ProvenanceNone), version) // TODO add support for dry-run option
+	return old, false, err                                                                                       // false - will be deleted async
 }
 
 func (s *legacyStorage) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *internalversion.ListOptions) (runtime.Object, error) {
 
@@ -80,7 +80,7 @@ func (t NotificationsAPIBuilder) GetAPIGroupInfo(
 		return nil, fmt.Errorf("failed to initialize time-interval storage: %w", err)
 	}
 
-	recvStorage, err := receiver.NewStorage(nil, t.namespacer, scheme, optsGetter, dualWriteBuilder) // TODO: add receiver service
+	recvStorage, err := receiver.NewStorage(t.ng.Api.ReceiverService, t.namespacer, scheme, optsGetter, dualWriteBuilder)
 	if err != nil {
 		return nil, fmt.Errorf("failed to initialize receiver storage: %w", err)
 	}
 
@@ -5,13 +5,17 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"errors"
+	"fmt"
+	"hash/fnv"
 	"slices"
 
+	"github.com/grafana/grafana/pkg/apimachinery/errutil"
 	"github.com/grafana/grafana/pkg/apimachinery/identity"
 	"github.com/grafana/grafana/pkg/infra/log"
 	"github.com/grafana/grafana/pkg/services/accesscontrol"
 	"github.com/grafana/grafana/pkg/services/ngalert/api/tooling/definitions"
 	"github.com/grafana/grafana/pkg/services/ngalert/models"
+	"github.com/grafana/grafana/pkg/services/ngalert/provisioning/validation"
 	"github.com/grafana/grafana/pkg/services/secrets"
 )
 
@@ -22,6 +26,11 @@ var (
 	ErrNotFound = errors.New("not found") // TODO: convert to errutil
 )
 
+var (
+	ErrReceiverInUse   = errutil.Conflict("alerting.notifications.receiver.used", errutil.WithPublicMessage("Receiver is used by one or many notification policies"))
+	ErrVersionConflict = errutil.Conflict("alerting.notifications.receiver.conflict")
+)
+
 // ReceiverService is the service for managing alertmanager receivers.
 type ReceiverService struct {
 	ac                accesscontrol.AccessControl
@@ -30,6 +39,7 @@ type ReceiverService struct {
 	encryptionService secrets.Service
 	xact              transactionManager
 	log               log.Logger
+	validator         validation.ProvenanceStatusTransitionValidator
 }
 
 type configStore interface {
@@ -39,6 +49,7 @@ type configStore interface {
 
 type provisoningStore interface {
 	GetProvenances(ctx context.Context, org int64, resourceType string) (map[string]models.Provenance, error)
+	DeleteProvenance(ctx context.Context, o models.Provisionable, org int64) error
 }
 
 type transactionManager interface {
@@ -60,6 +71,7 @@ func NewReceiverService(
 		encryptionService: encryptionService,
 		xact:              xact,
 		log:               log,
+		validator:         validation.ValidateProvenanceRelaxed,
 	}
 }
 
@@ -119,7 +131,7 @@ func (rs *ReceiverService) GetReceiver(ctx context.Context, q models.GetReceiver
 		return definitions.GettableApiReceiver{}, err
 	}
 
-	provenances, err := rs.provisioningStore.GetProvenances(ctx, q.OrgID, "contactPoint")
+	provenances, err := rs.provisioningStore.GetProvenances(ctx, q.OrgID, (&definitions.EmbeddedContactPoint{}).ResourceType())
 	if err != nil {
 		return definitions.GettableApiReceiver{}, err
 	}
@@ -158,7 +170,7 @@ func (rs *ReceiverService) GetReceivers(ctx context.Context, q models.GetReceive
 		return nil, err
 	}
 
-	provenances, err := rs.provisioningStore.GetProvenances(ctx, q.OrgID, "contactPoint")
+	provenances, err := rs.provisioningStore.GetProvenances(ctx, q.OrgID, (&definitions.EmbeddedContactPoint{}).ResourceType())
 	if err != nil {
 		return nil, err
 	}
@@ -213,6 +225,83 @@ func (rs *ReceiverService) GetReceivers(ctx context.Context, q models.GetReceive
 	return output, nil
 }
 
+// DeleteReceiver deletes a receiver by uid.
+// UID field currently does not exist, we assume the uid is a particular hashed value of the receiver name.
+func (rs *ReceiverService) DeleteReceiver(ctx context.Context, uid string, orgID int64, callerProvenance definitions.Provenance, version string) error {
+	//TODO: Check delete permissions.
+	baseCfg, err := rs.cfgStore.GetLatestAlertmanagerConfiguration(ctx, orgID)
+	if err != nil {
+		return err
+	}
+
+	cfg := definitions.PostableUserConfig{}
+	err = json.Unmarshal([]byte(baseCfg.AlertmanagerConfiguration), &cfg)
+	if err != nil {
+		return err
+	}
+
+	idx, recv := getReceiverByUID(cfg, uid)
+	if recv == nil {
+		return ErrNotFound // TODO: nil?
+	}
+
+	// TODO: Implement + check optimistic concurrency.
+
+	storedProvenance, err := rs.getContactPointProvenance(ctx, recv, orgID)
+	if err != nil {
+		return err
+	}
+
+	if err := rs.validator(storedProvenance, models.Provenance(callerProvenance)); err != nil {
+		return err
+	}
+
+	if isReceiverInUse(recv.Name, []*definitions.Route{cfg.AlertmanagerConfig.Route}) {
+		return ErrReceiverInUse.Errorf("")
+	}
+
+	// Remove the receiver from the configuration.
+	cfg.AlertmanagerConfig.Receivers = append(cfg.AlertmanagerConfig.Receivers[:idx], cfg.AlertmanagerConfig.Receivers[idx+1:]...)
+
+	return rs.xact.InTransaction(ctx, func(ctx context.Context) error {
+		serialized, err := json.Marshal(cfg)
+		if err != nil {
+			return err
+		}
+		cmd := models.SaveAlertmanagerConfigurationCmd{
+			AlertmanagerConfiguration: string(serialized),
+			ConfigurationVersion:      baseCfg.ConfigurationVersion,
+			FetchedConfigurationHash:  baseCfg.ConfigurationHash,
+			Default:                   false,
+			OrgID:                     orgID,
+		}
+
+		err = rs.cfgStore.UpdateAlertmanagerConfiguration(ctx, &cmd)
+		if err != nil {
+			return err
+		}
+
+		// Remove provenance for all integrations in the receiver.
+		for _, integration := range recv.GrafanaManagedReceivers {
+			target := definitions.EmbeddedContactPoint{UID: integration.UID}
+			if err := rs.provisioningStore.DeleteProvenance(ctx, &target, orgID); err != nil {
+				return err
+			}
+		}
+		return nil
+	})
+}
+
+func (rs *ReceiverService) CreateReceiver(ctx context.Context, r definitions.GettableApiReceiver, orgID int64) (definitions.GettableApiReceiver, error) {
+	// TODO: Stub
+	panic("not implemented")
+}
+
+func (rs *ReceiverService) UpdateReceiver(ctx context.Context, r definitions.GettableApiReceiver, orgID int64) (definitions.GettableApiReceiver, error) {
+	// TODO: Stub
+	panic("not implemented")
+}
+
 func (rs *ReceiverService) decryptOrRedact(ctx context.Context, decrypt bool, name, fallback string) func(value string) string {
 	return func(value string) string {
 		if !decrypt {
@@ -232,3 +321,61 @@ func (rs *ReceiverService) decryptOrRedact(ctx context.Context, decrypt bool, na
 		return string(decrypted)
 	}
 }
+
+// getContactPointProvenance determines the provenance of a definitions.PostableApiReceiver based on the provenance of its integrations.
+func (rs *ReceiverService) getContactPointProvenance(ctx context.Context, r *definitions.PostableApiReceiver, orgID int64) (models.Provenance, error) {
+	if len(r.GrafanaManagedReceivers) == 0 {
+		return models.ProvenanceNone, nil
+	}
+
+	storedProvenances, err := rs.provisioningStore.GetProvenances(ctx, orgID, (&definitions.EmbeddedContactPoint{}).ResourceType())
+	if err != nil {
+		return "", err
+	}
+
+	// Current provisioning works on the integration level, so we need some way to determine the provenance of the
+	// entire receiver. All integrations in a receiver should have the same provenance, but we don't want to rely on
+	// this assumption in case the first provenance is None and a later one is not. To this end, we return the first
+	// non-zero provenance we find.
+	for _, contactPoint := range r.GrafanaManagedReceivers {
+		if p, exists := storedProvenances[contactPoint.UID]; exists && p != models.ProvenanceNone {
+			return p, nil
+		}
+	}
+	return models.ProvenanceNone, nil
+}
+
+// getReceiverByUID returns the index and receiver with the given UID.
+func getReceiverByUID(cfg definitions.PostableUserConfig, uid string) (int, *definitions.PostableApiReceiver) {
+	for i, r := range cfg.AlertmanagerConfig.Receivers {
+		if getUID(r) == uid {
+			return i, r
+		}
+	}
+	return 0, nil
+}
+
+// getUID returns the UID of a PostableApiReceiver.
+// Currently, the UID is a hash of the receiver name.
+func getUID(t *definitions.PostableApiReceiver) string { // TODO replace to stable UID when we switch to normal storage
+	sum := fnv.New64()
+	_, _ = sum.Write([]byte(t.Name))
+	return fmt.Sprintf("%016x", sum.Sum64())
+}
+
+// TODO: Check if the contact point is used directly in an alert rule.
+// isReceiverInUse checks if a receiver is used in a route or any of its sub-routes.
+func isReceiverInUse(name string, routes []*definitions.Route) bool {
+	if len(routes) == 0 {
+		return false
+	}
+	for _, route := range routes {
+		if route.Receiver == name {
+			return true
+		}
+		if isReceiverInUse(name, route.Routes) {
+			return true
+		}
+	}
+	return false
+}
Original file line number	Diff line number	Diff line change
`@@ -93,9 +93,8 @@ func (s legacyStorage) Get(ctx context.Context, uid string, _ metav1.GetOption`
`93`	`93`	`return nil, err`
`94`	`94`	`}`
`95`	`95`
`96`		`- q := models.GetReceiverQuery{`
	`96`	`+ q := models.GetReceiversQuery{`
`97`	`97`	`OrgID: info.OrgID,`
`98`		`- Name: uid, // TODO: Name/UID mapping or change signature of service.`
`99`	`98`	`//Decrypt: ctx.QueryBool("decrypt"), // TODO: Query params.`
`100`	`99`	`}`
`101`	`100`
`@@ -104,12 +103,18 @@ func (s legacyStorage) Get(ctx context.Context, uid string, _ metav1.GetOption`
`104`	`103`	`return nil, err`
`105`	`104`	`}`
`106`	`105`
`107`		`- res, err := s.service.GetReceiver(ctx, q, user)`
	`106`	`+ res, err := s.service.GetReceivers(ctx, q, user)`
`108`	`107`	`if err != nil {`
`109`	`108`	`return nil, err`
`110`	`109`	`}`
`111`	`110`
`112`		`- return convertToK8sResource(info.OrgID, res, s.namespacer)`
	`111`	`+ for _, r := range res {`
	`112`	`+ if getUID(r) == uid {`
	`113`	`+ return convertToK8sResource(info.OrgID, r, s.namespacer)`
	`114`	`+ }`
	`115`	`+ }`
	`116`	`+`
	`117`	`+ return nil, errors.NewNotFound(resourceInfo.GroupResource(), uid)`
`113`	`118`	`}`
`114`	`119`
`115`	`120`	`func (s *legacyStorage) Create(ctx context.Context,`
`@@ -211,13 +216,9 @@ func (s *legacyStorage) Delete(ctx context.Context, uid string, deleteValidation`
`211`	`216`	`if options.Preconditions != nil && options.Preconditions.ResourceVersion != nil {`
`212`	`217`	`version = *options.Preconditions.ResourceVersion`
`213`	`218`	`}`
`214`		`- p, ok := old.(*notifications.Receiver)`
`215`		`- if !ok {`
`216`		`- return nil, false, fmt.Errorf("expected receiver but got %s", old.GetObjectKind().GroupVersionKind())`
`217`		`- }`
`218`	`219`
`219`		`- err = s.service.DeleteReceiver(ctx, p.Spec.Title, info.OrgID, definitions.Provenance(models.ProvenanceNone), version) // TODO add support for dry-run option`
`220`		`- return old, false, err // false - will be deleted async`
	`220`	`+ err = s.service.DeleteReceiver(ctx, uid, info.OrgID, definitions.Provenance(models.ProvenanceNone), version) // TODO add support for dry-run option`
	`221`	`+ return old, false, err // false - will be deleted async`
`221`	`222`	`}`
`222`	`223`
`223`	`224`	`func (s legacyStorage) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options metav1.DeleteOptions, listOptions *internalversion.ListOptions) (runtime.Object, error) {`
Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,7 @@ func (t NotificationsAPIBuilder) GetAPIGroupInfo(`
`80`	`80`	`return nil, fmt.Errorf("failed to initialize time-interval storage: %w", err)`
`81`	`81`	`}`
`82`	`82`
`83`		`- recvStorage, err := receiver.NewStorage(nil, t.namespacer, scheme, optsGetter, dualWriteBuilder) // TODO: add receiver service`
	`83`	`+ recvStorage, err := receiver.NewStorage(t.ng.Api.ReceiverService, t.namespacer, scheme, optsGetter, dualWriteBuilder)`
`84`	`84`	`if err != nil {`
`85`	`85`	`return nil, fmt.Errorf("failed to initialize receiver storage: %w", err)`
`86`	`86`	`}`