From 3e8284ac635e8bf046843c729344aa91cd97ab09 Mon Sep 17 00:00:00 2001
From: dvirlabs <dvirlabs@gmail.com>
Date: Thu, 8 May 2025 07:41:28 +0300
Subject: [PATCH] Add oauth to grafana

---
 charts/grafana/my-values/values-int.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/charts/grafana/my-values/values-int.yaml b/charts/grafana/my-values/values-int.yaml
index 7ec0c99..cfd84c7 100644
--- a/charts/grafana/my-values/values-int.yaml
+++ b/charts/grafana/my-values/values-int.yaml
@@ -29,3 +29,22 @@ datasources:
         access: proxy
         url: http://prometheus-server
         isDefault: true
+
+grafana.ini:
+  server:
+    root_url: https://grafana-int.dvirlabs.com
+  auth:
+    disable_login_form: true
+    disable_signout_menu: false
+  auth.generic_oauth:
+    enabled: true
+    name: Keycloak
+    allow_sign_up: true
+    client_id: grafana
+    client_secret: Tpec9uA2R6vZ3DgD74WUxN2UoZbwnKJ9
+    scopes: openid profile email
+    auth_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/auth
+    token_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/token
+    api_url: https://keycloak.dvirlabs.com/realms/lab/protocol/openid-connect/userinfo
+    role_attribute_path: contains(groups[*], 'grafana-admins') && 'Admin' || 'Viewer'
+    allow_assign_grafana_admin: true