Update helm chart for newer grafana + enable externalServiceAccounts (#…

…4876) # What this PR does Updates the helm chart and docker compose files with the required changes to support the plugin initialization changes. Updated instructions on the README.md show how to setup & intialize OnCall without needing to go to the configuration page, this is currently the preferred method. ## Which issue(s) this PR closes Related to [issue link here]  ## Checklist - [ ] Unit, integration, and e2e (if applicable) tests updated - [ ] Documentation added (or `pr:no public docs` PR label added if not required) - [ ] Added the relevant release notes label (see labels prefixed w/ `release:`). These labels dictate how your PR will show up in the autogenerated release notes. --------- Co-authored-by: GitHub Actions <[email protected]>
grafana · Sep 5, 2024 · 0efe51d · 0efe51d
1 parent a0a5482
commit 0efe51d
Show file tree

Hide file tree

Showing 15 changed files with 84 additions and 28 deletions.
diff --git a/README.md b/README.md
@@ -28,6 +28,11 @@ Developer-friendly incident response with brilliant Slack integration.
 
 ## Getting Started
 
+> [!IMPORTANT]  
+> These instructions are for using Grafana 11 or newer. You must enable the feature toggle for
+> `externalServiceAccounts`. This is already done for the docker files and helm charts.  If you are running Grafana
+> separately see the Grafana documentation on how to enable this.
+
 We prepared multiple environments:
 
 - [production](https://grafana.com/docs/oncall/latest/open-source/#production-environment)
@@ -82,17 +87,41 @@ We prepared multiple environments:
    docker-compose pull && docker-compose up -d
    ```
 
-5. Go to [OnCall Plugin Configuration](http://localhost:3000/plugins/grafana-oncall-app), using log in credentials
-   as defined above: `admin`/`admin` (or find OnCall plugin in configuration->plugins) and connect OnCall _plugin_
-   with OnCall _backend_:
+5. Provision the plugin (If you run Grafana outside the included docker files install the plugin before these steps):
+
+   If you are using the included docker compose file use `admin`/`admin` credentials and `localhost:3000` to
+   perform this task.  If you have configured Grafana differently adjust your credentials and hostnames accordingly.
 
-   ```text
-   OnCall backend URL: http://engine:8080
+   ```bash
+   # Note: onCallApiUrl 'engine' and grafanaUrl 'grafana' use the name from the docker compose file.  If you are 
+   # running your grafana or oncall engine instance with another hostname adjust accordingly. 
+   curl -X POST 'http://admin:admin@localhost:3000/api/plugins/grafana-oncall-app/settings' -H "Content-Type: application/json" -d '{"enabled":true, "jsonData":{"stackId":5, "orgId":100, "onCallApiUrl":"http://engine:8080", "grafanaUrl":"http://grafana:3000"}}'
+   curl -X POST 'http://admin:admin@localhost:3000/api/plugins/grafana-oncall-app/resources/plugin/install'
    ```
 
-6. Enjoy! Check our [OSS docs](https://grafana.com/docs/oncall/latest/open-source/) if you want to set up
+6. Start using OnCall, log in to Grafana with credentials
+   as defined above: `admin`/`admin`
+
+7. Enjoy! Check our [OSS docs](https://grafana.com/docs/oncall/latest/open-source/) if you want to set up
    Slack, Telegram, Twilio or SMS/calls through Grafana Cloud.
 
+## Troubleshooting
+
+Here are some API calls that can be made to help if you are having difficulty connecting Grafana and OnCall.
+(Modify parameters to match your credentials and environment)
+
+   ```bash
+   # Use this to get more information about the connection between Grafana and OnCall
+   curl -X GET 'http://admin:admin@localhost:3000/api/plugins/grafana-oncall-app/resources/plugin/status'
+   ```
+
+   ```bash
+   # If you added a user or changed permissions and don't see it show up in OnCall you can manually trigger sync.
+   # Note: This is called automatically when the app is loaded (page load/refresh) but there is a 5 min timeout so 
+   # that it does not generate unnecessary activity.
+   curl -X POST 'http://admin:admin@localhost:3000/api/plugins/grafana-oncall-app/resources/plugin/sync'
+   ```
+
 ## Update version
 
 To update your Grafana OnCall hobby environment:

diff --git a/docker-compose-mysql-rabbitmq.yml b/docker-compose-mysql-rabbitmq.yml
@@ -139,6 +139,7 @@ services:
       GF_DATABASE_HOST: ${MYSQL_HOST:-mysql}
       GF_DATABASE_USER: ${MYSQL_USER:-root}
       GF_DATABASE_PASSWORD: ${MYSQL_PASSWORD:?err}
+      GF_FEATURE_TOGGLES_ENABLE: externalServiceAccounts
       GF_SECURITY_ADMIN_USER: ${GRAFANA_USER:-admin}
       GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_PASSWORD:-admin}
       GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS: grafana-oncall-app

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -89,6 +89,7 @@ services:
     ports:
       - "3000:3000"
     environment:
+      GF_FEATURE_TOGGLES_ENABLE: externalServiceAccounts
       GF_SECURITY_ADMIN_USER: ${GRAFANA_USER:-admin}
       GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_PASSWORD:-admin}
       GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS: grafana-oncall-app

diff --git a/helm/README.md b/helm/README.md
@@ -2,8 +2,7 @@
 
 1. Create the cluster with [kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation)
 
-   > Make sure ports 30001, 30002 (Grafana, optional) and
-   > 30003 (detached integrations server, optional) are free on your machine
+   > Make sure ports 30001, 30002 (Grafana, optional) are available
 
    ```bash
    kind create cluster --image kindest/node:v1.24.7 --config kind.yml

diff --git a/helm/oncall/Chart.yaml b/helm/oncall/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
 name: oncall
 description: Developer-friendly incident response with brilliant Slack integration
 type: application
-version: 1.7.2
-appVersion: v1.7.2
+version: 1.9.20
+appVersion: v1.9.20
 dependencies:
   - name: cert-manager
     version: v1.8.0
@@ -26,7 +26,7 @@ dependencies:
     repository: https://charts.bitnami.com/bitnami
     condition: redis.enabled
   - name: grafana
-    version: 6.57.1
+    version: 8.4.6
     repository: https://grafana.github.io/helm-charts
     condition: grafana.enabled
   - name: ingress-nginx

diff --git a/helm/oncall/charts/grafana-6.57.1.tgz b/helm/oncall/charts/grafana-6.57.1.tgz
diff --git a/helm/oncall/charts/grafana-8.4.6.tgz b/helm/oncall/charts/grafana-8.4.6.tgz
diff --git a/helm/oncall/templates/_env.tpl b/helm/oncall/templates/_env.tpl
@@ -106,7 +106,7 @@
   value: {{ .Values.telegramPolling.enabled | toString | title | quote }}
 {{- end }}
 - name: TELEGRAM_WEBHOOK_HOST
-  value: {{ .Values.oncall.telegram.webhookUrl | default (printf "https://%s" .Values.base_url) | quote }}
+  value: {{ .Values.oncall.telegram.webhookUrl | default (printf "%s://%s" .Values.base_url_protocol .Values.base_url) | quote }}
 {{- if .Values.oncall.telegram.existingSecret }}
 - name: TELEGRAM_TOKEN
   valueFrom:

diff --git a/helm/oncall/templates/plugin-provisioning.yaml b/helm/oncall/templates/plugin-provisioning.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-testing-grafana-plugin-provisioning
+  labels:
+    app: {{ include "oncall.name" . }}
+data:
+  grafana-oncall-app-provisioning.yaml: |
+    apps:
+      - type: grafana-oncall-app
+        name: grafana-oncall-app
+        disabled: false
+        jsonData:
+          stackId: 5
+          orgId: 100
+          onCallApiUrl: http://helm-testing-oncall-engine:8080
diff --git a/helm/oncall/tests/__snapshot__/integrations_deployment_test.yaml.snap b/helm/oncall/tests/__snapshot__/integrations_deployment_test.yaml.snap
@@ -2,7 +2,7 @@ detached_integrations.enabled=true -> should create integrations deployment:
   1: |
     - env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:

diff --git a/helm/oncall/tests/__snapshot__/telegram_polling_deployment_test.yaml.snap b/helm/oncall/tests/__snapshot__/telegram_polling_deployment_test.yaml.snap
@@ -6,7 +6,7 @@ telegramPolling.enabled=true -> should create telegram polling deployment:
         - python manage.py start_telegram_polling
       env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:
@@ -38,7 +38,7 @@ telegramPolling.enabled=true -> should create telegram polling deployment:
         - name: FEATURE_TELEGRAM_LONG_POLLING_ENABLED
           value: "True"
         - name: TELEGRAM_WEBHOOK_HOST
-          value: https://example.com
+          value: http://example.com
         - name: TELEGRAM_TOKEN
           value: ""
         - name: MYSQL_HOST

diff --git a/helm/oncall/tests/__snapshot__/wait_for_db_test.yaml.snap b/helm/oncall/tests/__snapshot__/wait_for_db_test.yaml.snap
@@ -6,7 +6,7 @@ database.type=mysql -> should create initContainer for MySQL database (default):
         - until (python manage.py migrate --check); do echo Waiting for database migrations; sleep 2; done
       env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:
@@ -94,7 +94,7 @@ database.type=mysql -> should create initContainer for MySQL database (default):
         - until (python manage.py migrate --check); do echo Waiting for database migrations; sleep 2; done
       env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:
@@ -182,7 +182,7 @@ database.type=mysql -> should create initContainer for MySQL database (default):
         - until (python manage.py migrate --check); do echo Waiting for database migrations; sleep 2; done
       env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:
@@ -271,7 +271,7 @@ database.type=postgresql -> should create initContainer for PostgreSQL database:
         - until (python manage.py migrate --check); do echo Waiting for database migrations; sleep 2; done
       env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:
@@ -361,7 +361,7 @@ database.type=postgresql -> should create initContainer for PostgreSQL database:
         - until (python manage.py migrate --check); do echo Waiting for database migrations; sleep 2; done
       env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:
@@ -451,7 +451,7 @@ database.type=postgresql -> should create initContainer for PostgreSQL database:
         - until (python manage.py migrate --check); do echo Waiting for database migrations; sleep 2; done
       env:
         - name: BASE_URL
-          value: https://example.com
+          value: http://example.com
         - name: SECRET_KEY
           valueFrom:
             secretKeyRef:

diff --git a/helm/oncall/tests/telegram_env_test.yaml b/helm/oncall/tests/telegram_env_test.yaml
@@ -24,7 +24,7 @@ tests:
     set:
       oncall.telegram:
         enabled: true
-        webhookUrl: https://example.com
+        webhookUrl: http://example.com
         token: "abcd:123"
     asserts:
       - contains:
@@ -36,7 +36,7 @@ tests:
           path: spec.template.spec.containers[0].env
           content:
             name: TELEGRAM_WEBHOOK_HOST
-            value: "https://example.com"
+            value: "http://example.com"
       - contains:
           path: spec.template.spec.containers[0].env
           content:

diff --git a/helm/oncall/values.yaml b/helm/oncall/values.yaml
@@ -3,7 +3,7 @@
 # Set the domain name Grafana OnCall will be installed on.
 # If you want to install grafana as a part of this release make sure to configure grafana.grafana.ini.server.domain too
 base_url: example.com
-base_url_protocol: https
+base_url_protocol: http
 
 ## Optionally specify an array of imagePullSecrets.
 ## Secrets must be manually created in the namespace.
@@ -634,16 +634,26 @@ grafana:
   enabled: true
   grafana.ini:
     server:
-      domain: example.com
-      root_url: "%(protocol)s://%(domain)s/grafana"
+      domain: helm-testing-grafana
+      root_url: "%(protocol)s://%(domain)s/grafana/"
       serve_from_sub_path: true
+    feature_toggles:
+      enable: externalServiceAccounts
   persistence:
     enabled: true
   # Disable psp as PodSecurityPolicy is deprecated in v1.21+, unavailable in v1.25+
   rbac:
     pspEnabled: false
   plugins:
     - grafana-oncall-app
+  extraVolumes:
+    - name: provisioning
+      configMap:
+        name: helm-testing-grafana-plugin-provisioning
+  extraVolumeMounts:
+    - name: provisioning
+      mountPath: /etc/grafana/provisioning/plugins/grafana-oncall-app-provisioning.yaml
+      subPath: grafana-oncall-app-provisioning.yaml
 
 externalGrafana:
   # Example: https://grafana.mydomain.com

diff --git a/helm/simple.yml b/helm/simple.yml
@@ -15,9 +15,9 @@ grafana:
     type: NodePort
     nodePort: 30002
 detached_integrations:
-  enabled: true
+  enabled: false
 detached_integrations_service:
-  enabled: true
+  enabled: false
   type: NodePort
   port: 8080
   nodePort: 30003