diff options
| author | 2023-12-06 11:34:54 +0000 | |
|---|---|---|
| committer | 2023-12-06 11:34:55 +0000 | |
| commit | 0b2ab88e80d4a3525c8ecc27e40b849c9e06221a (patch) | |
| tree | 7f512f241752918dfabab4f5c92a1b7c0bef45c6 | |
| parent | Update grafana admin password (diff) | |
Add grafana role attribute path setting
This maps github teams to roles on grafana, now that manually updating roles for users from external auth providers isn't possible
| -rw-r--r-- | kubernetes/namespaces/default/grafana/configmap.yaml | 3 | 
1 files changed, 2 insertions, 1 deletions
| diff --git a/kubernetes/namespaces/default/grafana/configmap.yaml b/kubernetes/namespaces/default/grafana/configmap.yaml index 87eeba9..0e719c8 100644 --- a/kubernetes/namespaces/default/grafana/configmap.yaml +++ b/kubernetes/namespaces/default/grafana/configmap.yaml @@ -13,7 +13,8 @@ data:    GF_AUTH_GITHUB_ENABLED: "true"    GF_AUTH_GITHUB_SCOPES: "user:email,read:org"    # IDs can be retrieved via `gh api orgs/python-discord/teams`. -  GF_AUTH_GITHUB_TEAM_IDS: "2638565,3854739,3114246" +  GF_AUTH_GITHUB_TEAM_IDS: "2638565,3854739,3114246,7361120,9120709" +  GF_AUTH_GITHUB_ROLE_ATTRIBUTE_PATH: "contains(groups[*], ['@python-discord/directors', '@python-discord/sudo-devops']) && 'Admin' || contains(groups[*], '@python-discord/admins') && 'Editor' || 'Viewer'"    GF_AUTH_GITHUB_AUTH_URL: "https://github.com/login/oauth/authorize"    GF_AUTH_GITHUB_TOKEN_URL: "https://github.com/login/oauth/access_token"    GF_AUTH_GITHUB_API_URL: "https://api.github.com/user" | 
