aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Chris Lovering <[email protected]>2023-12-06 11:34:54 +0000
committerGravatar Chris Lovering <[email protected]>2023-12-06 11:34:55 +0000
commit0b2ab88e80d4a3525c8ecc27e40b849c9e06221a (patch)
tree7f512f241752918dfabab4f5c92a1b7c0bef45c6
parentUpdate grafana admin password (diff)
Add grafana role attribute path setting
This maps github teams to roles on grafana, now that manually updating roles for users from external auth providers isn't possible
Diffstat
-rw-r--r--kubernetes/namespaces/default/grafana/configmap.yaml3
1 files changed, 2 insertions, 1 deletions
diff --git a/kubernetes/namespaces/default/grafana/configmap.yaml b/kubernetes/namespaces/default/grafana/configmap.yaml
index 87eeba9..0e719c8 100644
--- a/kubernetes/namespaces/default/grafana/configmap.yaml
+++ b/kubernetes/namespaces/default/grafana/configmap.yaml
@@ -13,7 +13,8 @@ data:
GF_AUTH_GITHUB_ENABLED: "true"
GF_AUTH_GITHUB_SCOPES: "user:email,read:org"
# IDs can be retrieved via `gh api orgs/python-discord/teams`.
- GF_AUTH_GITHUB_TEAM_IDS: "2638565,3854739,3114246"
+ GF_AUTH_GITHUB_TEAM_IDS: "2638565,3854739,3114246,7361120,9120709"
+ GF_AUTH_GITHUB_ROLE_ATTRIBUTE_PATH: "contains(groups[*], ['@python-discord/directors', '@python-discord/sudo-devops']) && 'Admin' || contains(groups[*], '@python-discord/admins') && 'Editor' || 'Viewer'"
GF_AUTH_GITHUB_AUTH_URL: "https://github.com/login/oauth/authorize"
GF_AUTH_GITHUB_TOKEN_URL: "https://github.com/login/oauth/access_token"
GF_AUTH_GITHUB_API_URL: "https://api.github.com/user"
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-21 15:35:16 +0000