UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit 8ad877f0 authored by Ryan Garcia's avatar Ryan Garcia :dizzy: Committed by Micah Nagel
Browse files

Improving Grafana SecretMounts handling

parent 84b86b4d
No related branches found
No related tags found
1 merge request!2547Improving Grafana SecretMounts handling
Hide whitespace changes
Inline Side-by-side
chart/templates/monitoring/values.yaml
+ 28
3
View file @ 8ad877f0
......@@ -339,13 +339,22 @@ grafana:
{{- list "tls_client_key" .tls_client_key | include "bigbang.addValueIfSet" | indent 6 }}
{{- end }}
{{- if and .Values.monitoring.sso.enabled .Values.monitoring.sso.grafana.client_id }}
{{- if and .Values.monitoring.sso.enabled (or .Values.monitoring.sso.grafana.client_id (or .Values.sso.certificate_authority (dig "certificateAuthority" "cert" false .Values.sso))) }}
extraSecretMounts:
{{- if .Values.monitoring.sso.grafana.client_id }}
- name: auth-generic-oauth-secret
mountPath: /etc/secrets/auth_generic_oauth
secretName: grafana-sso
defaultMode: 0440
readOnly: true
{{- end }}
{{- if (or .Values.sso.certificate_authority (dig "certificateAuthority" "cert" false .Values.sso)) }}
- name: "oidc-ca-certificate"
mountPath: "/etc/oidc/ca.pem"
secretName: "tls-ca-sso"
readOnly: true
subPath: "ca.pem"
{{- end }}
{{- end }}
{{- if $istioInjection }}
......@@ -420,8 +429,8 @@ prometheusOperator:
{{- end }}
{{- /* This function merges defaults in lists from above into overlays */ -}}
{{- /* The end user will not have to replicate additionalScrapeConfigs from above when providing an overlay */ -}}
{{- /* There is a hidden flag `skipOverlayMerge` that can be added to any additionalScrapeConfigs to ignore the defaults */ -}}
{{- /* The end user will not have to replicate `prometheus.prometheusSpec.additionalScrapeConfigs` or `grafana.extraSecretMounts` from above when providing an overlay */ -}}
{{- /* There is a hidden flag `skipOverlayMerge` that can be added to `prometheus.prometheusSpec` or `grafana` overlays to ignore the defaults */ -}}
{{- define "bigbang.overlays.monitoring" }}
{{- $defaults := fromYaml (include "bigbang.defaults.monitoring" .) }}
......@@ -439,5 +448,21 @@ prometheusOperator:
{{- end }}
{{- end }}
{{- range $monitoringConfig, $default := $defaults }}
{{- $overlay := (dig $monitoringConfig dict $overlays) }}
# Only continue if an overlay matches a default constriant and hidden "skipOverlayMerge" is not set
{{- if and $overlay (not $overlay.skipOverlayMerge) }}
# Add any default extraSecretMounts to overlay
{{- if and (dig "extraSecretMounts" list $default) (dig "extraSecretMounts" list $overlay) }}
{{ $_ := set $overlay "extraSecretMounts" (concat $default.extraSecretMounts $overlay.extraSecretMounts) }}
{{- end }}
# Add any default additionalDataSources to overlay
{{- if and (dig "additionalDataSources" list $default) (dig "additionalDataSources" list $overlay) }}
{{ $_ := set $overlay "additionalDataSources" (concat $default.additionalDataSources $overlay.additionalDataSources) }}
{{- end }}
{{- end }}
{{- end }}
{{ toYaml $overlays }}
{{- end }}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI