From a344242bd509e1e4f0151217ec1d8f479f15cd17 Mon Sep 17 00:00:00 2001 From: Daniel Sy Date: Wed, 13 Aug 2025 14:28:40 +0200 Subject: [PATCH] =?UTF-8?q?refactor(auth):=20=F0=9F=94=A7=20Update=20authe?= =?UTF-8?q?ntication=20configuration=20to=20use=20strings?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Refactors the authentication settings in the Grafana configuration to use string values for boolean flags and nested properties. This change enhances consistency and may improve compatibility with other components expecting string representations. --- .../grafana-operator/manifests/grafana.yaml | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/otc/observability.t09.de/stacks/observability/grafana-operator/manifests/grafana.yaml b/otc/observability.t09.de/stacks/observability/grafana-operator/manifests/grafana.yaml index 40b2d34..0d90fa2 100644 --- a/otc/observability.t09.de/stacks/observability/grafana-operator/manifests/grafana.yaml +++ b/otc/observability.t09.de/stacks/observability/grafana-operator/manifests/grafana.yaml @@ -41,18 +41,18 @@ spec: secretName: grafana-net-tls config: auth: - disable_login: true - disable_login_form: true - generic_oauth: - enabled: true - name: Forgejo - allow_sign_up: false - use_refresh_token: true - client_id: grafana - client_secret: "thisisasecret" # $__file{/etc/secrets/auth_generic_oauth/client_secret} - scopes: openid email profile offline_access roles - auth_url: https://dex.observability.t09.de/auth - token_url: https://dex.observability.t09.de/token - api_url: https://dex.observability.t09.de/userinfo - redirect_uri: https://grafana.observability.t09.de/login/generic_oauth - role_attribute_path: "contains(groups[*], 'admin') && 'Admin' || contains(groups[*], 'editor') && 'Editor' || 'Viewer'" + disable_login: "true" + disable_login_form: "true" + auth.generic_oauth: + enabled: "true" + name: Forgejo + allow_sign_up: "false" + use_refresh_token: "true" + client_id: grafana + client_secret: "thisisasecret" # $__file{/etc/secrets/auth_generic_oauth/client_secret} + scopes: openid email profile offline_access roles + auth_url: https://dex.observability.t09.de/auth + token_url: https://dex.observability.t09.de/token + api_url: https://dex.observability.t09.de/userinfo + redirect_uri: https://grafana.observability.t09.de/login/generic_oauth + role_attribute_path: "contains(groups[*], 'admin') && 'Admin' || contains(groups[*], 'editor') && 'Editor' || 'Viewer'"