--- /dev/null
+---
+schema: armada/Chart/v1
+metadata:
+ schema: metadata/Document/v1
+ name: grafana
+ layeringDefinition:
+ abstract: false
+ layer: global
+ storagePolicy: cleartext
+ substitutions:
+ # Chart source
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .charts.osh_infra.grafana
+ dest:
+ path: .source
+
+ # Images
+ - src:
+ schema: pegleg/SoftwareVersions/v1
+ name: software-versions
+ path: .images.osh_infra.grafana
+ dest:
+ path: .values.images.tags
+
+ # Endpoints
+ - src:
+ schema: pegleg/EndpointCatalogue/v1
+ name: osh_infra_endpoints
+ path: .osh_infra.oslo_db
+ dest:
+ path: .values.endpoints.oslo_db
+ - src:
+ schema: pegleg/EndpointCatalogue/v1
+ name: osh_infra_endpoints
+ path: .osh_infra.oslo_db
+ dest:
+ path: .values.endpoints.oslo_db_session
+ - src:
+ schema: pegleg/EndpointCatalogue/v1
+ name: osh_infra_endpoints
+ path: .osh_infra.grafana
+ dest:
+ path: .values.endpoints.grafana
+ - src:
+ schema: pegleg/EndpointCatalogue/v1
+ name: osh_infra_endpoints
+ path: .osh_infra.monitoring
+ dest:
+ path: .values.endpoints.monitoring
+ - src:
+ schema: pegleg/EndpointCatalogue/v1
+ name: osh_infra_endpoints
+ path: .osh_infra.ldap
+ dest:
+ path: .values.endpoints.ldap
+ # Accounts
+ - src:
+ schema: pegleg/AccountCatalogue/v1
+ name: osh_infra_service_accounts
+ path: .osh_infra.grafana.admin
+ dest:
+ path: .values.endpoints.grafana.auth.admin
+ - src:
+ schema: pegleg/AccountCatalogue/v1
+ name: osh_infra_service_accounts
+ path: .osh_infra.grafana.oslo_db
+ dest:
+ path: .values.endpoints.oslo_db.auth.user
+ - src:
+ schema: pegleg/AccountCatalogue/v1
+ name: osh_infra_service_accounts
+ path: .osh_infra.grafana.oslo_db.database
+ dest:
+ path: .values.endpoints.oslo_db.path
+ pattern: DB_NAME
+ - src:
+ schema: pegleg/AccountCatalogue/v1
+ name: osh_infra_service_accounts
+ path: .osh_infra.grafana.oslo_db_session
+ dest:
+ path: .values.endpoints.oslo_db_session.auth.user
+ - src:
+ schema: pegleg/AccountCatalogue/v1
+ name: osh_infra_service_accounts
+ path: .osh_infra.grafana.oslo_db_session.database
+ dest:
+ path: .values.endpoints.oslo_db_session.path
+ pattern: DB_NAME
+
+ # Secrets
+ - dest:
+ path: .values.endpoints.grafana.auth.admin.password
+ src:
+ schema: deckhand/Passphrase/v1
+ name: osh_infra_grafana_admin_password
+ path: .
+ - dest:
+ path: .values.endpoints.oslo_db.auth.user.password
+ src:
+ schema: deckhand/Passphrase/v1
+ name: osh_infra_grafana_oslo_db_password
+ path: .
+ - dest:
+ path: .values.endpoints.oslo_db_session.auth.user.password
+ src:
+ schema: deckhand/Passphrase/v1
+ name: osh_infra_grafana_oslo_db_session_password
+ path: .
+ - dest:
+ path: .values.endpoints.oslo_db.auth.admin.password
+ src:
+ schema: deckhand/Passphrase/v1
+ name: osh_infra_oslo_db_admin_password
+ path: .
+ - dest:
+ path: .values.endpoints.oslo_db_session.auth.admin.password
+ src:
+ schema: deckhand/Passphrase/v1
+ name: osh_infra_oslo_db_admin_password
+ path: .
+
+ # LDAP Configuration Details
+ - src:
+ schema: pegleg/AccountCatalogue/v1
+ name: osh_infra_service_accounts
+ path: .osh_infra.ldap.admin.bind
+ dest:
+ path: .values.endpoints.ldap.auth.admin.bind_dn
+ - dest:
+ path: .values.endpoints.ldap.auth.admin.password
+ src:
+ schema: deckhand/Passphrase/v1
+ name: osh_keystone_ldap_password
+ path: .
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .ldap.subdomain
+ dest:
+ path: .values.conf.ldap.config.base_dns.search
+ pattern: SUBDOMAIN
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .ldap.domain
+ dest:
+ path: .values.conf.ldap.config.base_dns.search
+ pattern: DOMAIN
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .ldap.subdomain
+ dest:
+ path: .values.conf.ldap.config.base_dns.group_search
+ pattern: SUBDOMAIN
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .ldap.domain
+ dest:
+ path: .values.conf.ldap.config.base_dns.group_search
+ pattern: DOMAIN
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .ldap.common_name
+ dest:
+ path: .values.conf.ldap.config.filters.group_search
+ pattern: COMMON_NAME
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .ldap.subdomain
+ dest:
+ path: .values.conf.ldap.config.filters.group_search
+ pattern: SUBDOMAIN
+ - src:
+ schema: pegleg/CommonAddresses/v1
+ name: common-addresses
+ path: .ldap.domain
+ dest:
+ path: .values.conf.ldap.config.filters.group_search
+ pattern: DOMAIN
+data:
+ chart_name: grafana
+ release: grafana
+ namespace: osh-infra
+ wait:
+ timeout: 900
+ labels:
+ release_group: airship-grafana
+ install:
+ no_hooks: false
+ upgrade:
+ no_hooks: false
+ pre:
+ delete:
+ - type: job
+ labels:
+ release_group: airship-grafana
+ post:
+ create: []
+ values:
+ labels:
+ grafana:
+ node_selector_key: openstack-control-plane
+ node_selector_value: enabled
+ job:
+ node_selector_key: openstack-control-plane
+ node_selector_value: enabled
+ conf:
+ ldap:
+ config:
+ base_dns:
+ search: "DC=SUBDOMAIN,DC=DOMAIN,DC=com"
+ group_search: "OU=Groups,DC=SUBDOMAIN,DC=DOMAIN,DC=com"
+ filters:
+ search: "(sAMAccountName=%s)"
+ group_search: "(memberof=CN=COMMON_NAME,OU=Application,OU=Groups,DC=SUBDOMAIN,DC=DOMAIN,DC=com)"
+ template: |
+ verbose_logging = true
+ [[servers]]
+ host = "{{ tuple "ldap" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}"
+ port = {{ tuple "ldap" "public" "ldap" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ use_ssl = false
+ start_tls = false
+ ssl_skip_verify = false
+ bind_dn = "{{ .Values.endpoints.ldap.auth.admin.bind_dn }}"
+ bind_password = '{{ .Values.endpoints.ldap.auth.admin.password }}'
+ search_filter = "{{ .Values.conf.ldap.config.filters.search }}"
+ search_base_dns = ["{{ .Values.conf.ldap.config.base_dns.search }}"]
+ group_search_base_dns = ["{{ .Values.conf.ldap.config.base_dns.group_search }}"]
+ [servers.attributes]
+ username = "sAMAccountName"
+ surname = "sn"
+ member_of = "memberof"
+ email = "mail"
+ [[servers.group_mappings]]
+ group_dn = "{{.Values.endpoints.ldap.auth.admin.bind_dn }}"
+ org_role = "Admin"
+ [[servers.group_mappings]]
+ group_dn = "*"
+ org_role = "Viewer"
+ pod:
+ replicas:
+ grafana: 2
+ dependencies:
+ - osh-infra-helm-toolkit
+...