Skip to content
Snippets Groups Projects
Commit 066b0432 authored by Frederic Branczyk's avatar Frederic Branczyk
Browse files

grafana-watcher: allow credentials from env variable

parent b3716f5b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
hack/scripts/generate-grafana-credentials-secret.sh 0 → 100755
+ 20
0
View file @ 066b0432
#!/bin/bash
if [ "$#" -ne 2 ]; then
echo "Usage: $0 user password"
exit 1
fi
user=$1
password=$2
cat <<-EOF
apiVersion: v1
kind: Secret
metadata:
name: grafana-credentials
data:
user: $(echo -n ${user} | base64 --wrap=0)
password: $(echo -n ${password} | base64 --wrap=0)
EOF
hack/scripts/generate-manifests.sh
+ 3
0
View file @ 066b0432
...@@ -6,6 +6,9 @@ hack/scripts/generate-rules-configmap.sh > manifests/prometheus/prometheus-k8s-r ...@@ -6,6 +6,9 @@ hack/scripts/generate-rules-configmap.sh > manifests/prometheus/prometheus-k8s-r
# Generate Dashboard ConfigMap # Generate Dashboard ConfigMap
hack/scripts/generate-dashboards-configmap.sh > manifests/grafana/grafana-dashboards.yaml hack/scripts/generate-dashboards-configmap.sh > manifests/grafana/grafana-dashboards.yaml
# Generate Grafana Credentials Secret
hack/scripts/generate-grafana-credentials-secret.sh admin admin > manifests/grafana/grafana-credentials.yaml
# Generate Secret for Alertmanager config # Generate Secret for Alertmanager config
hack/scripts/generate-alertmanager-config-secret.sh > manifests/alertmanager/alertmanager-config.yaml hack/scripts/generate-alertmanager-config-secret.sh > manifests/alertmanager/alertmanager-config.yaml
manifests/grafana/grafana-credentials.yaml 0 → 100644
+ 7
0
View file @ 066b0432
apiVersion: v1
kind: Secret
metadata:
name: grafana-credentials
data:
user: YWRtaW4=
password: YWRtaW4=
manifests/grafana/grafana-deployment.yaml
+ 26
4
View file @ 066b0432
...@@ -17,6 +17,16 @@ spec: ...@@ -17,6 +17,16 @@ spec:
value: "true" value: "true"
- name: GF_AUTH_ANONYMOUS_ENABLED - name: GF_AUTH_ANONYMOUS_ENABLED
value: "true" value: "true"
- name: GF_SECURITY_ADMIN_USER
valueFrom:
secretKeyRef:
name: grafana-credentials
key: user
- name: GF_SECURITY_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: grafana-credentials
key: password
volumeMounts: volumeMounts:
- name: grafana-storage - name: grafana-storage
mountPath: /var/grafana-storage mountPath: /var/grafana-storage
...@@ -28,13 +38,25 @@ spec: ...@@ -28,13 +38,25 @@ spec:
memory: 100Mi memory: 100Mi
cpu: 100m cpu: 100m
limits: limits:
memory: 300Mi memory: 200Mi
cpu: 300m cpu: 200m
- name: grafana-watcher - name: grafana-watcher
image: quay.io/coreos/grafana-watcher:v0.0.2 image: quay.io/coreos/grafana-watcher:v0.0.3
imagePullPolicy: Never
args: args:
- '--watch-dir=/var/grafana-dashboards' - '--watch-dir=/var/grafana-dashboards'
- '--grafana-url=http://admin:admin@localhost:3000' - '--grafana-url=http://localhost:3000'
env:
- name: GRAFANA_USER
valueFrom:
secretKeyRef:
name: grafana-credentials
key: user
- name: GRAFANA_PASSWORD
valueFrom:
secretKeyRef:
name: grafana-credentials
key: password
volumeMounts: volumeMounts:
- name: grafana-dashboards - name: grafana-dashboards
mountPath: /var/grafana-dashboards mountPath: /var/grafana-dashboards
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment