Add role attribute to Grafana generic auth settings

To map the OIDC default admin user `[email protected]` to a Grafana admin role, we need to make use of Grafana role attributes. This commit attaches an OIDC admin user using role_attribute_path for generic oauth to a Grafana admin role.
scality · Aug 17, 2020 · ac1fc80 · ac1fc80
1 parent 8af781e
commit ac1fc80
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/charts/prometheus-operator.yaml b/charts/prometheus-operator.yaml
@@ -164,6 +164,7 @@ grafana:
       auth_url: '__escape__(https://{{ grains.metalk8s.control_plane_ip }}:8443/oidc/auth)'
       token_url:  '__escape__(https://{{ grains.metalk8s.control_plane_ip }}:8443/oidc/token)'
       api_url: '__escape__(https://{{ grains.metalk8s.control_plane_ip }}:8443/oidc/userinfo)'
+      role_attribute_path: contains(email, '{% endraw -%}{{ dex.spec.localuserstore.userlist[0]['email'] }}{%- raw %}') && 'Admin'
 
   testFramework:
     enabled: false