From c46536467f461405c4e9dc2f65abf68fb016f786 Mon Sep 17 00:00:00 2001 From: SeanOMik Date: Fri, 20 Oct 2023 20:42:21 -0400 Subject: [PATCH] fix(grafana): Give GrafanaAdmin from OAuth2 groups, include kube-prometheus-stack dashbaords --- cluster/apps/monitoring/grafana/helm-release.yaml | 8 +++++++- .../monitoring/kube-prometheus-stack/helm-release.yaml | 3 +++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/cluster/apps/monitoring/grafana/helm-release.yaml b/cluster/apps/monitoring/grafana/helm-release.yaml index 4c49fbb..83f2153 100644 --- a/cluster/apps/monitoring/grafana/helm-release.yaml +++ b/cluster/apps/monitoring/grafana/helm-release.yaml @@ -47,6 +47,10 @@ spec: auth_url: https://auth.${SECRET_NEW_DOMAIN}/application/o/authorize/ token_url: https://auth.${SECRET_NEW_DOMAIN}/application/o/token/ api_url: https://auth.${SECRET_NEW_DOMAIN}/application/o/userinfo/ + role_attribute_path: contains(groups[*], 'authentik Admins') && 'GrafanaAdmin' #|| contains(info.groups[*], 'editor') && 'Editor' || 'Viewer' + groups_attribute_path: groups + name_attribute_path: preferred_username + login_attribute_path: email allow_assign_grafana_admin: true use_pkce: true use_refresh_token: true @@ -66,8 +70,10 @@ spec: datasources: - name: Victoria type: prometheus - editable: false + jsonData: + tlsSkipVerify: true url: http://victoria-metrics-server.monitoring.svc:8428 + editable: false isDefault: true # datasources: diff --git a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml index 7995dc8..6773cfd 100644 --- a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml +++ b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml @@ -39,6 +39,9 @@ spec: grafana: enabled: false + # enabled dashboards even with grafana being disabled + forceDeployDashboards: true + defaultDashboardsTimezone: America/New_York prometheus: ingress: