diff --git a/ops/monitoring/templates/grafana-config.yaml b/ops/monitoring/templates/grafana-config.yaml new file mode 100644 index 00000000..d3754604 --- /dev/null +++ b/ops/monitoring/templates/grafana-config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana + labels: + app: grafana +data: + GF_SERVER_ROOT_URL: https://grafana.{{.Values.baseDomain}} + # 1 refers to org id 1 (default main org) + GITHUB_ORG_MAPPING: "@FAForever/gitops-argocd:1:Admin @FAForever/grafana-editor-{{ .Values.environment }}:1:Editor @FAForever/grafana-viewer-{{ .Values.environment }}:1:Viewer" diff --git a/ops/monitoring/templates/secret.yaml b/ops/monitoring/templates/grafana-secret.yaml similarity index 100% rename from ops/monitoring/templates/secret.yaml rename to ops/monitoring/templates/grafana-secret.yaml diff --git a/ops/monitoring/values.yaml b/ops/monitoring/values.yaml index 4eb3e51c..553ce0f1 100644 --- a/ops/monitoring/values.yaml +++ b/ops/monitoring/values.yaml @@ -23,6 +23,12 @@ victoria-metrics-k8s-stack: test: test grafana: + # Inject env specific values + envFromConfigMaps: + - name: grafana + # Inject Github OAuth credentials + envFromSecret: grafana + # Disable sidecar installing default dashboards to allow custom dashboards # https://docs.victoriametrics.com/helm/victoriametrics-k8s-stack/#adding-external-dashboards sidecar: @@ -34,7 +40,17 @@ victoria-metrics-k8s-stack: grafana.ini: security: angular_support_enabled: false - + auth.github: + enabled: true + allow_sign_up: true + client_id: $__env{GITHUB_CLIENT_ID} + client_secret: $__env{GITHUB_CLIENT_SECRET} + scopes: read:org + auth_url: https://github.com/login/oauth/authorize + token_url: https://github.com/login/oauth/access_token + api_url: https://api.github.com/user + org_name: FAForever + org_mapping: $__env{GITHUB_ORG_MAPPING} admin: existingSecret: grafana userKey: admin-user