DevFW-CICD/stacks
12
0
Fork 1
Code Issues Pull requests 3 Projects Releases Packages Wiki Activity Actions

Update template/stacks/monitoring/kube-prometheus/values.yaml

Browse source
This commit is contained in:
richardrobertreitz 2025-02-28 14:08:07 +00:00
parent 88d599a691
commit 0f8282ead6
1 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
template/stacks/monitoring/kube-prometheus/values.yaml
View file

@ -30,7 +30,7 @@ grafana:
grafana.ini:
server:
domain: {{{ .Env.DOMAIN }}}
domain: factory-172-18-0-2.traefik.me
root_url: "%(protocol)s://%(domain)s/grafana"
serve_from_sub_path: true
auth:
@ -41,19 +41,26 @@ grafana:
enabled: true
name: Keycloak-OAuth
allow_sign_up: true
client_id: grafana-oauth
#client_secret: todo need to be set elsewhere
client_id: $__file{/etc/secrets/auth_generic_oauth/client_id}
client_secret: $__file{/etc/secrets/auth_generic_oauth/client_secret}
scopes: openid email profile offline_access roles
email_attribute_path: email
login_attribute_path: username
name_attribute_path: full_name
tls_skip_verify_insecure: true
auth_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/auth
token_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/token
api_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/userinfo
redirect_uri: http://{{{ .Env.DOMAIN }}}/grafana/login/generic_oauth
auth_url: https://factory-172-18-0-2.traefik.me/keycloak/realms/cnoe/protocol/openid-connect/auth
token_url: https://factory-172-18-0-2.traefik.me/keycloak/realms/cnoe/protocol/openid-connect/token
api_url: https://factory-172-18-0-2.traefik.me/keycloak/realms/cnoe/protocol/openid-connect/userinfo
redirect_uri: http://factory-172-18-0-2.traefik.me/grafana/login/generic_oauth
role_attribute_path: contains(roles[*], 'admin') && 'Admin' || contains(roles[*], 'editor') && 'Editor' || 'Viewer'
extraSecretMounts:
- name: auth-generic-oauth-secret-mount
secretName: auth-generic-oauth-secret
defaultMode: 0440
mountPath: /etc/secrets/auth_generic_oauth
readOnly: true
serviceMonitor:
# If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator
enabled: true