Michal.Wrobel/stacks_adding_alloy
1
0
Fork 0
forked from DevFW-CICD/stacks
Code Pull requests Activity

Added more Grafana client config to Keycloak

Browse source
This commit is contained in:
Richard Robert Reitz 2025-03-02 13:46:20 +01:00
parent e02d4bb272
commit 688795ffad
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
template/stacks/monitoring/kube-prometheus/values.yaml
View file

@ -40,6 +40,7 @@ grafana:
enabled: true
name: Keycloak-OAuth
allow_sign_up: true
use_refresh_token: true
client_id: $__file{/etc/secrets/auth_generic_oauth/client_id}
client_secret: $__file{/etc/secrets/auth_generic_oauth/client_secret}
scopes: openid email profile offline_access roles
@ -50,7 +51,7 @@ grafana:
token_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/token
api_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/userinfo
redirect_uri: http://{{{ .Env.DOMAIN }}}/grafana/login/generic_oauth
role_attribute_path: "contains(resource_access.\"grafana-oauth\".roles[*], 'admin') && 'Admin' || contains(resource_access.\"grafana-oauth\".roles[*], 'editor') && 'Editor' || 'Viewer'"
role_attribute_path: "contains(resource_access.\"grafana\".roles[*], 'admin') && 'Admin' || contains(resource_access.\"grafana\".roles[*], 'editor') && 'Editor' || 'Viewer'"
extraSecretMounts:
- name: auth-generic-oauth-secret-mount