introduce terraform module for grafana cloud dashboard IaC

terraform/main.tf

@@ -141,10 +141,17 @@ module "runtime_secrets" {
 }
 
 # Datasource for manually entered ci secrets, must exist on HCP
+# Example to access a particular secret:
+# data.hcp_vault_secrets_app.ci_secrets_manual.secrets["DOCKER_USERNAME"]
 data "hcp_vault_secrets_app" "ci_secrets_manual" {
   app_name = "ci-secrets-manual"
 }
 
+# Datasource for manually entered runtime secrets, must exist on HCP
+# E.g. for Grafana Credentials
+data "hcp_vault_secrets_app" "rt_secrets_manual" {
+  app_name = "rt-secrets-manual"
+}
 
 locals {
   cluster_endpoint_no_protocol = trimprefix(module.confluent.cluster_rest_endpoint, "https://")
@@ -254,3 +261,10 @@ module "confluent" {
     }
   ]
 }
+
+module "grafana" {
+  source = "./modules/grafana"
+  # todo don't inherit prefix from cognito_auth_domain_prefix
+  url  = "https://${var.cognito_auth_domain_prefix}.grafana.net/"
+  auth = data.hcp_vault_secrets_app.rt_secrets_manual.secrets["GRAFANA_SA_TOKEN"]
+}

terraform/modules/grafana/README.adoc

@@ -0,0 +1,7 @@
+= Grafana Module
+
+* https://registry.terraform.io/providers/grafana/grafana/latest/docs[Terraform Registry Grafana Provider Docs]
+* https://grafana.com/docs/grafana-cloud/developer-resources/infrastructure-as-code/terraform/[Grafana Cloud  Developer resources  Infrastructure as code  Terraform]
+* https://github.com/grafana/terraform-provider-grafana[Terraform Provider for Grafana GitHub Project]
+* https://grafana.com/docs/grafana-cloud/developer-resources/infrastructure-as-code/terraform/dashboards-github-action/#terraform-configuration-for-grafana-provider[Terraform configuration for Grafana provider]
+* https://newrelic.com/blog/how-to-relic/create-nr-dashboards-with-terraform-part-1[Creating dashboards with Terraform and JSON templates]

terraform/modules/grafana/main.tf

@@ -0,0 +1,28 @@
+# url and credentials must be passed to the module
+provider "grafana" {
+  url  = var.url
+  auth = var.auth
+}
+
+// Create resources (optional: within the organization)
+resource "grafana_folder" "my_folder" {
+  #org_id = grafana_organization.my_org.org_id # not for Grafana Cloud !
+  title = "Terraform Folder"
+}
+
+locals {
+  dashboard_title = "Fancy generated dashboard 22"
+}
+
+resource "grafana_dashboard" "test_folder" {
+  folder = grafana_folder.my_folder.id
+  config_json = templatefile("${path.module}/templates/dashboard.json", {
+    title        = local.dashboard_title
+    panel_title  = "Room Temperature"
+    panel_metric = "till_test_heat_metric"
+  })
+  #config_json = jsonencode({
+  #  "title" : "Fancy generated dashboard",
+  #  "uid" : "my-dashboard-uid"
+  #})
+}

terraform/modules/grafana/output.tf

@@ -0,0 +1,4 @@
+#output "something" {
+#  value = resource.value
+#}
+

terraform/modules/grafana/templates/dashboard.json

@@ -0,0 +1,140 @@
+{
+  "title" : "${title}",
+  "uid" : "my-dashboard-uid",
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": {
+          "type": "grafana",
+          "uid": "-- Grafana --"
+        },
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "fiscalYearStartMonth": 0,
+  "graphTooltip": 0,
+  "id": 16,
+  "links": [],
+  "liveNow": false,
+  "panels": [
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "grafanacloud-prom"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisBorderShow": false,
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 0,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "insertNulls": false,
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "auto",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unitScale": true
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 0,
+        "y": 0
+      },
+      "id": 1,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": true
+        },
+        "tooltip": {
+          "mode": "single",
+          "sort": "none"
+        }
+      },
+      "targets": [
+        {
+          "datasource": {
+            "type": "prometheus",
+            "uid": "grafanacloud-prom"
+          },
+          "disableTextWrap": false,
+          "editorMode": "builder",
+          "expr": "${panel_metric}",
+          "fullMetaSearch": false,
+          "includeNullMetadata": true,
+          "instant": false,
+          "legendFormat": "__auto",
+          "range": true,
+          "refId": "A",
+          "useBackend": false
+        }
+      ],
+      "title": "${panel_title}",
+      "type": "timeseries"
+    }
+  ],
+  "refresh": "",
+  "schemaVersion": 39,
+  "tags": [],
+  "templating": {
+    "list": []
+  },
+  "time": {
+    "from": "now-6h",
+    "to": "now"
+  },
+  "timepicker": {},
+  "timezone": ""
+}

terraform/modules/grafana/variables.tf

@@ -0,0 +1,19 @@
+variable "url" {
+  description = "<Grafana-instance-url> The root URL of a Grafana server. May alternatively be set via the GRAFANA_URL environment variable"
+}
+
+variable "auth" {
+  description = "<Grafana-Service-Account-token> or API token, basic auth in the username:password format or anonymous (string literal). May alternatively be set via the GRAFANA_AUTH environment variable."
+}
+
+## more complex
+#variable "topics" {
+#  description = "List of Kafka Topics"
+#  type = list(object({
+#    name             = string
+#    partitions_count = number
+#    retention_hours  = number
+#  }))
+#  default = []
+#}
+

terraform/modules/grafana/versions.tf

@@ -0,0 +1,12 @@
+# don't configure provider in modules (e.g. credentials for hcp),
+# only declare what's required here and use relaxed version ranges
+# since callers of the module may run different versions
+terraform {
+  required_version = "~>1.5"
+  required_providers {
+    grafana = {
+      source  = "grafana/grafana"
+      version = "~> 2.11"
+    }
+  }
+}

terraform/versions.tf

@@ -42,5 +42,9 @@ terraform {
       source  = "hashicorp/hcp"
       version = "~> 0.71"
     }
+    grafana = {
+      source  = "grafana/grafana"
+      version = "~> 2.11"
+    }
   }
 }