Add oidc to grafana

charts/rancher-monitoring/my-values/values-prod.yaml

@@ -27,6 +27,7 @@ grafana:
     storageClassName: nfs-client
     accessModes: ["ReadWriteOnce"]
     size: 2Gi
+
   ingress:
     enabled: true
     hosts:
@@ -37,3 +38,24 @@ grafana:
       - hosts:
           - grafana.dvirlabs.com
         secretName: tls-grafana
+
+  envFromSecret: grafana-oidc-secret
+
+  grafana.ini:
+    server:
+      root_url: https://grafana.dvirlabs.com
+    auth:
+      disable_login_form: true
+      disable_signout_menu: false
+    auth.generic_oauth:
+      enabled: true
+      name: Keycloak
+      allow_sign_up: true
+      client_id: grafana
+      client_secret: ${client_secret}
+      scopes: openid profile email
+      auth_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
+      token_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
+      api_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
+      role_attribute_path: contains(groups[*], 'grafana-admins') && 'Admin' || 'Viewer'
+      allow_assign_grafana_admin: true