--- # Source: grafana/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm name: graphs-grafana namespace: graphs --- # Source: grafana/templates/tests/test-serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm name: graphs-grafana-test namespace: graphs --- # Source: grafana/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: graphs-grafana namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm data: grafana.ini: | [analytics] check_for_updates = true [grafana_net] url = https://grafana.net [log] mode = console [paths] data = /var/lib/grafana/ logs = /var/log/grafana plugins = /var/lib/grafana/plugins provisioning = /etc/grafana/provisioning [server] domain = graphs.tbrnt.ch --- # Source: grafana/templates/tests/test-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: graphs-grafana-test namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm data: run.sh: |- @test "Test Health" { url="http://graphs-grafana/api/health" code=$(wget --server-response --spider --timeout 90 --tries 10 ${url} 2>&1 | awk '/^ HTTP/{print $2}') [ "$code" == "200" ] } --- # Source: grafana/templates/pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: graphs-grafana namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm finalizers: - kubernetes.io/pvc-protection spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "1Gi" storageClassName: local-path --- # Source: grafana/templates/role.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: graphs-grafana namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm rules: - apiGroups: ['extensions'] resources: ['podsecuritypolicies'] verbs: ['use'] resourceNames: [graphs-grafana] --- # Source: grafana/templates/tests/test-role.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: graphs-grafana-test namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm rules: - apiGroups: ['policy'] resources: ['podsecuritypolicies'] verbs: ['use'] resourceNames: [graphs-grafana-test] --- # Source: grafana/templates/rolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: graphs-grafana namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: graphs-grafana subjects: - kind: ServiceAccount name: graphs-grafana namespace: graphs --- # Source: grafana/templates/tests/test-rolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: graphs-grafana-test namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: graphs-grafana-test subjects: - kind: ServiceAccount name: graphs-grafana-test namespace: graphs --- # Source: grafana/templates/service.yaml apiVersion: v1 kind: Service metadata: name: graphs-grafana namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP ports: - name: service port: 80 protocol: TCP targetPort: 3000 selector: app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs --- # Source: grafana/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: graphs-grafana namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs strategy: type: RollingUpdate template: metadata: labels: app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs annotations: checksum/config: 92c6c3be43039977139ad66d2fc29e36e4a7473258afa4e2372a0a95a5e9e2cf checksum/dashboards-json-config: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b checksum/sc-dashboard-provider-config: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b spec: serviceAccountName: graphs-grafana automountServiceAccountToken: true securityContext: fsGroup: 472 runAsGroup: 472 runAsUser: 472 initContainers: - name: init-chown-data image: "busybox:1.31.1" imagePullPolicy: IfNotPresent securityContext: runAsNonRoot: false runAsUser: 0 command: ["chown", "-R", "472:472", "/var/lib/grafana"] volumeMounts: - name: storage mountPath: "/var/lib/grafana" enableServiceLinks: true containers: - name: grafana image: "grafana/grafana:9.1.5" imagePullPolicy: IfNotPresent volumeMounts: - name: config mountPath: "/etc/grafana/grafana.ini" subPath: grafana.ini - name: storage mountPath: "/var/lib/grafana" ports: - name: grafana containerPort: 3000 protocol: TCP env: - name: GF_SECURITY_ADMIN_USER valueFrom: secretKeyRef: name: admin-creds key: admin-user - name: GF_SECURITY_ADMIN_PASSWORD valueFrom: secretKeyRef: name: admin-creds key: admin-password - name: GF_PATHS_DATA value: /var/lib/grafana/ - name: GF_PATHS_LOGS value: /var/log/grafana - name: GF_PATHS_PLUGINS value: /var/lib/grafana/plugins - name: GF_PATHS_PROVISIONING value: /etc/grafana/provisioning - name: "GF_AUTH_ANONYMOUS_ENABLED" value: "true" - name: "GF_SERVER_DOMAIN" value: "graphs.tbrnt.ch" - name: "GF_SERVER_ROOT_URL" value: "https://graphs.tbrnt.ch" livenessProbe: failureThreshold: 10 httpGet: path: /api/health port: 3000 initialDelaySeconds: 60 timeoutSeconds: 30 readinessProbe: httpGet: path: /api/health port: 3000 volumes: - name: config configMap: name: graphs-grafana - name: storage persistentVolumeClaim: claimName: graphs-grafana --- # Source: grafana/templates/ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: graphs-grafana namespace: graphs labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm annotations: cert-manager.io/cluster-issuer: "letsencrypt-prod" ingress.kubernetes.io/ssl-redirect: "true" spec: tls: - hosts: - graphs.tbrnt.ch secretName: graphs-tbrnt-ch-cert rules: - host: graphs.tbrnt.ch http: paths: - path: / pathType: Prefix backend: service: name: graphs-grafana port: number: 80 --- # Source: grafana/templates/tests/test.yaml apiVersion: v1 kind: Pod metadata: name: graphs-grafana-test labels: helm.sh/chart: grafana-6.38.3 app.kubernetes.io/name: grafana app.kubernetes.io/instance: graphs app.kubernetes.io/version: "9.1.5" app.kubernetes.io/managed-by: Helm annotations: "helm.sh/hook": test-success "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" namespace: graphs spec: serviceAccountName: graphs-grafana-test containers: - name: graphs-test image: "bats/bats:v1.4.1" imagePullPolicy: "IfNotPresent" command: ["/opt/bats/bin/bats", "-t", "/tests/run.sh"] volumeMounts: - mountPath: /tests name: tests readOnly: true volumes: - name: tests configMap: name: graphs-grafana-test restartPolicy: Never