update the variables and remove sph okta values

Author: franklinpashok

README.md

@@ -28,16 +28,15 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_GRAFANA_OAUTH_CLIENT_ID"></a> [GRAFANA\_OAUTH\_CLIENT\_ID](#input\_GRAFANA\_OAUTH\_CLIENT\_ID) | GRAFANA\_OAUTH\_CLIENT\_ID | `string` | `""` | no |
-| <a name="input_GRAFANA_OAUTH_CLIENT_SECRET"></a> [GRAFANA\_OAUTH\_CLIENT\_SECRET](#input\_GRAFANA\_OAUTH\_CLIENT\_SECRET) | GRAFANA\_OAUTH\_CLIENT\_SECRET | `string` | `""` | no |
 | <a name="input_chart_name"></a> [chart\_name](#input\_chart\_name) | Helm chart name to provision | `string` | `"kube-prometheus-stack"` | no |
 | <a name="input_chart_namespace"></a> [chart\_namespace](#input\_chart\_namespace) | Namespace to install the chart into | `string` | `"monitoring"` | no |
 | <a name="input_chart_repository"></a> [chart\_repository](#input\_chart\_repository) | Helm repository for the chart | `string` | `"https://prometheus-community.github.io/helm-charts"` | no |
 | <a name="input_chart_timeout"></a> [chart\_timeout](#input\_chart\_timeout) | Timeout to wait for the Chart to be deployed. | `number` | `300` | no |
-| <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | Version of Chart to install. Set to empty to install the latest version | `string` | `"36.2.1"` | no |
+| <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | Version of Chart to install. Set to empty to install the latest version | `string` | `"39.11.0"` | no |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Cluster Name where Grafana is deployed | `string` | `""` | no |
 | <a name="input_cluster_oidc_issuer_arn"></a> [cluster\_oidc\_issuer\_arn](#input\_cluster\_oidc\_issuer\_arn) | Cluster OIDC URL | `string` | `""` | no |
 | <a name="input_cluster_oidc_issuer_url"></a> [cluster\_oidc\_issuer\_url](#input\_cluster\_oidc\_issuer\_url) | Cluster OIDC URL | `string` | `""` | no |
+| <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | Namespace to install the chart into | `bool` | `false` | no |
 | <a name="input_grafana_admin_password_key"></a> [grafana\_admin\_password\_key](#input\_grafana\_admin\_password\_key) | Key in the secret containing the admin password | `string` | `"admin-password"` | no |
 | <a name="input_grafana_affinity"></a> [grafana\_affinity](#input\_grafana\_affinity) | Pod affinity | `map(any)` | `{}` | no |
 | <a name="input_grafana_annotations"></a> [grafana\_annotations](#input\_grafana\_annotations) | Deployment annotations | `map(any)` | `{}` | no |
@@ -56,10 +55,9 @@ No modules.
 | <a name="input_grafana_extra_init_containers"></a> [grafana\_extra\_init\_containers](#input\_grafana\_extra\_init\_containers) | Extra init containers | `list(any)` | `[]` | no |
 | <a name="input_grafana_extra_secret_mounts"></a> [grafana\_extra\_secret\_mounts](#input\_grafana\_extra\_secret\_mounts) | Additional grafana server secret mounts | `list(any)` | `[]` | no |
 | <a name="input_grafana_extra_volume_mounts"></a> [grafana\_extra\_volume\_mounts](#input\_grafana\_extra\_volume\_mounts) | Additional grafana server volume mounts | `list(any)` | `[]` | no |
-| <a name="input_grafana_host_url"></a> [grafana\_host\_url](#input\_grafana\_host\_url) | Grafana Host URL | `string` | `""` | no |
 | <a name="input_grafana_image_pull_policy"></a> [grafana\_image\_pull\_policy](#input\_grafana\_image\_pull\_policy) | Image Pull Policy for Grafana | `string` | `"IfNotPresent"` | no |
 | <a name="input_grafana_image_repository"></a> [grafana\_image\_repository](#input\_grafana\_image\_repository) | Grafana Image repository on Dockerhub | `string` | `"grafana/grafana"` | no |
-| <a name="input_grafana_image_tag"></a> [grafana\_image\_tag](#input\_grafana\_image\_tag) | Grafana Image tag | `string` | `"9.0.2"` | no |
+| <a name="input_grafana_image_tag"></a> [grafana\_image\_tag](#input\_grafana\_image\_tag) | Grafana Image tag | `string` | `"9.0.3"` | no |
 | <a name="input_grafana_ingress_annotations"></a> [grafana\_ingress\_annotations](#input\_grafana\_ingress\_annotations) | Annotations for ingress | `map(any)` | `{}` | no |
 | <a name="input_grafana_ingress_enabled"></a> [grafana\_ingress\_enabled](#input\_grafana\_ingress\_enabled) | Enable Ingress | `bool` | `false` | no |
 | <a name="input_grafana_ingress_hosts"></a> [grafana\_ingress\_hosts](#input\_grafana\_ingress\_hosts) | Hosts for ingress | `list(any)` | `[]` | no |
@@ -72,6 +70,8 @@ No modules.
 | <a name="input_grafana_main_config"></a> [grafana\_main\_config](#input\_grafana\_main\_config) | Main Config file in YAML | `string` | `"paths:\n  data: /var/lib/grafana/data\n  logs: /var/log/grafana\n  plugins: /var/lib/grafana/plugins\n  provisioning: /etc/grafana/provisioning\nanalytics:\n  check_for_updates: true\nlog:\n  mode: console\ngrafana_net:\n  url: https://grafana.netn"` | no |
 | <a name="input_grafana_node_selector"></a> [grafana\_node\_selector](#input\_grafana\_node\_selector) | Node selector for Pods | `map(any)` | `{}` | no |
 | <a name="input_grafana_notifiers"></a> [grafana\_notifiers](#input\_grafana\_notifiers) | YAML string to configure notifiers http://docs.grafana.org/administration/provisioning/#alert-notification-channels | `string` | `""` | no |
+| <a name="input_grafana_oauth_client_id"></a> [grafana\_oauth\_client\_id](#input\_grafana\_oauth\_client\_id) | client\_id of the App | `string` | `""` | no |
+| <a name="input_grafana_oauth_client_secret"></a> [grafana\_oauth\_client\_secret](#input\_grafana\_oauth\_client\_secret) | client\_secret between app and authorisation server | `string` | `""` | no |
 | <a name="input_grafana_okta_config"></a> [grafana\_okta\_config](#input\_grafana\_okta\_config) | okta config for grafana | `string` | `""` | no |
 | <a name="input_grafana_okta_enabled"></a> [grafana\_okta\_enabled](#input\_grafana\_okta\_enabled) | okta config to enable | `bool` | `false` | no |
 | <a name="input_grafana_pdb"></a> [grafana\_pdb](#input\_grafana\_pdb) | PodDisruptionBudget for Grafana | `map(any)` | <pre>{<br>  "minAvailable": 1<br>}</pre> | no |
@@ -86,45 +86,48 @@ No modules.
 | <a name="input_grafana_psp_enable"></a> [grafana\_psp\_enable](#input\_grafana\_psp\_enable) | Enable PSP | `bool` | `true` | no |
 | <a name="input_grafana_psp_use_app_armor"></a> [grafana\_psp\_use\_app\_armor](#input\_grafana\_psp\_use\_app\_armor) | Use AppAmor in the PSP | `bool` | `true` | no |
 | <a name="input_grafana_resources"></a> [grafana\_resources](#input\_grafana\_resources) | Resources for Grafana container | `map(any)` | `{}` | no |
-| <a name="input_grafana_s3_image_bucket"></a> [grafana\_s3\_image\_bucket](#input\_grafana\_s3\_image\_bucket) | Grafana S3 image bucket | `string` | `""` | no |
-| <a name="input_grafana_s3_image_bucket_region"></a> [grafana\_s3\_image\_bucket\_region](#input\_grafana\_s3\_image\_bucket\_region) | Region of the Grafana S3 image bucket | `string` | `""` | no |
 | <a name="input_grafana_security_context"></a> [grafana\_security\_context](#input\_grafana\_security\_context) | Security context for pods defined as a map which will be serialized to JSON. | `any` | <pre>{<br>  "fsGroup": 472,<br>  "runAsGroup": 472,<br>  "runAsUser": 472<br>}</pre> | no |
-| <a name="input_grafana_server_root_url"></a> [grafana\_server\_root\_url](#input\_grafana\_server\_root\_url) | Grafana Server Root URL | `string` | `""` | no |
 | <a name="input_grafana_service_account"></a> [grafana\_service\_account](#input\_grafana\_service\_account) | Name of the Service Account for Grafana | `string` | `""` | no |
 | <a name="input_grafana_service_account_annotations"></a> [grafana\_service\_account\_annotations](#input\_grafana\_service\_account\_annotations) | Annotations for service account | `map(any)` | `{}` | no |
 | <a name="input_grafana_service_annotations"></a> [grafana\_service\_annotations](#input\_grafana\_service\_annotations) | Annotations for the service | `map(any)` | `{}` | no |
 | <a name="input_grafana_service_labels"></a> [grafana\_service\_labels](#input\_grafana\_service\_labels) | Labels for the service | `map(any)` | `{}` | no |
-| <a name="input_grafana_service_port"></a> [grafana\_service\_port](#input\_grafana\_service\_port) | Port of the service | `string` | `"80"` | no |
-| <a name="input_grafana_service_target_port"></a> [grafana\_service\_target\_port](#input\_grafana\_service\_target\_port) | Port in container to expose service | `string` | `"3000"` | no |
+| <a name="input_grafana_service_port"></a> [grafana\_service\_port](#input\_grafana\_service\_port) | Port of the service | `number` | `80` | no |
+| <a name="input_grafana_service_target_port"></a> [grafana\_service\_target\_port](#input\_grafana\_service\_target\_port) | Port in container to expose service | `number` | `3000` | no |
 | <a name="input_grafana_service_type"></a> [grafana\_service\_type](#input\_grafana\_service\_type) | Service type | `string` | `"ClusterIP"` | no |
 | <a name="input_grafana_smtp_existing_secret"></a> [grafana\_smtp\_existing\_secret](#input\_grafana\_smtp\_existing\_secret) | Existing secret containing the SMTP credentials | `string` | `""` | no |
 | <a name="input_grafana_smtp_password_key"></a> [grafana\_smtp\_password\_key](#input\_grafana\_smtp\_password\_key) | Key in the secret containing the SMTP password | `string` | `"password"` | no |
 | <a name="input_grafana_smtp_user_key"></a> [grafana\_smtp\_user\_key](#input\_grafana\_smtp\_user\_key) | Key in the secret containing the SMTP username | `string` | `"user"` | no |
 | <a name="input_grafana_tolerations"></a> [grafana\_tolerations](#input\_grafana\_tolerations) | Tolerations for pods | `list(any)` | `[]` | no |
-| <a name="input_image"></a> [image](#input\_image) | Docker Image for Grafana | `string` | `"grafana/grafana"` | no |
 | <a name="input_image_renderer_annotations"></a> [image\_renderer\_annotations](#input\_image\_renderer\_annotations) | image-renderer deployment annotations | `map(any)` | `{}` | no |
 | <a name="input_image_renderer_enabled"></a> [image\_renderer\_enabled](#input\_image\_renderer\_enabled) | Enable the image-renderer deployment and service | `bool` | `true` | no |
 | <a name="input_image_renderer_env"></a> [image\_renderer\_env](#input\_image\_renderer\_env) | image-renderer extra environment variables | `map(any)` | <pre>{<br>  "HTTP_HOST": "0.0.0.0"<br>}</pre> | no |
 | <a name="input_image_renderer_image_repository"></a> [image\_renderer\_image\_repository](#input\_image\_renderer\_image\_repository) | image-renderer Image repository | `string` | `"grafana/grafana-image-renderer"` | no |
 | <a name="input_image_renderer_image_tag"></a> [image\_renderer\_image\_tag](#input\_image\_renderer\_image\_tag) | image-renderer Image tag | `string` | `"latest"` | no |
 | <a name="input_image_renderer_pod_annotations"></a> [image\_renderer\_pod\_annotations](#input\_image\_renderer\_pod\_annotations) | image-renderer pod annotations | `map(any)` | `{}` | no |
-| <a name="input_image_renderer_port"></a> [image\_renderer\_port](#input\_image\_renderer\_port) | image-renderer service port used by both service and deployment | `string` | `"8081"` | no |
+| <a name="input_image_renderer_port"></a> [image\_renderer\_port](#input\_image\_renderer\_port) | image-renderer service port used by both service and deployment | `number` | `8081` | no |
 | <a name="input_image_renderer_priority_class_name"></a> [image\_renderer\_priority\_class\_name](#input\_image\_renderer\_priority\_class\_name) | image-renderer deployment priority class | `string` | `""` | no |
 | <a name="input_image_renderer_replicas"></a> [image\_renderer\_replicas](#input\_image\_renderer\_replicas) | Number of replicas of image-renderer to run | `number` | `1` | no |
 | <a name="input_image_renderer_resources"></a> [image\_renderer\_resources](#input\_image\_renderer\_resources) | Resources for image-renderer container | `map(any)` | `{}` | no |
 | <a name="input_image_renderer_security_context"></a> [image\_renderer\_security\_context](#input\_image\_renderer\_security\_context) | image-renderer deployment securityContext | `any` | `{}` | no |
 | <a name="input_image_renderer_service_account"></a> [image\_renderer\_service\_account](#input\_image\_renderer\_service\_account) | image-renderer deployment serviceAccount | `string` | `""` | no |
-| <a name="input_image_renderer_target_port"></a> [image\_renderer\_target\_port](#input\_image\_renderer\_target\_port) | image-renderer service targetPort used by both service and deployment | `string` | `"8081"` | no |
+| <a name="input_image_renderer_target_port"></a> [image\_renderer\_target\_port](#input\_image\_renderer\_target\_port) | image-renderer service targetPort used by both service and deployment | `number` | `8081` | no |
 | <a name="input_max_history"></a> [max\_history](#input\_max\_history) | Max History for Helm | `number` | `20` | no |
+| <a name="input_prometheusSpec_nodeSelector"></a> [prometheusSpec\_nodeSelector](#input\_prometheusSpec\_nodeSelector) | prometheus Spec node selector | `any` | `""` | no |
+| <a name="input_prometheus_alertmanagerSpec_nodeSelector"></a> [prometheus\_alertmanagerSpec\_nodeSelector](#input\_prometheus\_alertmanagerSpec\_nodeSelector) | Alertmanager Spec node selector | `any` | `""` | no |
 | <a name="input_prometheus_host_url"></a> [prometheus\_host\_url](#input\_prometheus\_host\_url) | Prometheus Host URL | `string` | `""` | no |
 | <a name="input_prometheus_image_repository"></a> [prometheus\_image\_repository](#input\_prometheus\_image\_repository) | Prometheus Image repository | `string` | `"quay.io/prometheus/prometheus"` | no |
 | <a name="input_prometheus_image_tag"></a> [prometheus\_image\_tag](#input\_prometheus\_image\_tag) | Prometheus Image tag | `string` | `"v2.36.2"` | no |
+| <a name="input_prometheus_ingress_annotations"></a> [prometheus\_ingress\_annotations](#input\_prometheus\_ingress\_annotations) | Annotations for ingress | `map(any)` | `{}` | no |
+| <a name="input_prometheus_ingress_enabled"></a> [prometheus\_ingress\_enabled](#input\_prometheus\_ingress\_enabled) | Enable Ingress | `bool` | `false` | no |
+| <a name="input_prometheus_ingress_hosts"></a> [prometheus\_ingress\_hosts](#input\_prometheus\_ingress\_hosts) | Hosts for ingress | `list(any)` | `[]` | no |
+| <a name="input_prometheus_ingress_labels"></a> [prometheus\_ingress\_labels](#input\_prometheus\_ingress\_labels) | Labels for ingress | `map(any)` | `{}` | no |
+| <a name="input_prometheus_ingress_tls"></a> [prometheus\_ingress\_tls](#input\_prometheus\_ingress\_tls) | TLS configuration for ingress | `list(any)` | `[]` | no |
 | <a name="input_prometheus_operator_image_repository"></a> [prometheus\_operator\_image\_repository](#input\_prometheus\_operator\_image\_repository) | Prometheus Operator Image repository | `string` | `"quay.io/prometheus-operator/prometheus-operator"` | no |
 | <a name="input_prometheus_operator_image_tag"></a> [prometheus\_operator\_image\_tag](#input\_prometheus\_operator\_image\_tag) | Prometheus Operator Image Tag | `string` | `"v0.57.0"` | no |
-| <a name="input_recreate_pods"></a> [recreate\_pods](#input\_recreate\_pods) | Recreate the pods with every helm update | `bool` | `"false"` | no |
+| <a name="input_promethues_operator_nodeSelector"></a> [promethues\_operator\_nodeSelector](#input\_promethues\_operator\_nodeSelector) | Promethues Operator node selector | `any` | `""` | no |
+| <a name="input_recreate_pods"></a> [recreate\_pods](#input\_recreate\_pods) | Recreate the pods with every helm update | `bool` | `false` | no |
 | <a name="input_release_name"></a> [release\_name](#input\_release\_name) | Helm release name | `string` | `"kube-prometheus-stack"` | no |
 | <a name="input_replicas"></a> [replicas](#input\_replicas) | Number of replicas of Grafana to run | `number` | `1` | no |
-| <a name="input_tag"></a> [tag](#input\_tag) | Docker Image tag for Grafana | `string` | `"9.0.3"` | no |
 
 ## Outputs
 

main.tf

@@ -4,15 +4,24 @@ locals {
     prometheus_image_tag        = var.prometheus_image_tag
     prometheus_host_url         = var.prometheus_host_url
 
-    prometheus_operator_image_repository = var.prometheus_operator_image_repository
-    prometheus_operator_image_tag        = var.prometheus_operator_image_tag
+    prometheus_ingress_enabled     = var.prometheus_ingress_enabled
+    prometheus_ingress_annotations = jsonencode(var.prometheus_ingress_annotations)
+    prometheus_ingress_labels      = jsonencode(var.prometheus_ingress_labels)
+    prometheus_ingress_hosts       = jsonencode(var.prometheus_ingress_hosts)
+    prometheus_ingress_tls         = jsonencode(var.prometheus_ingress_tls)
+
+    prometheus_operator_image_repository     = var.prometheus_operator_image_repository
+    prometheus_operator_image_tag            = var.prometheus_operator_image_tag
+    promethues_operator_nodeSelector         = var.promethues_operator_nodeSelector
+    prometheus_alertmanagerSpec_nodeSelector = var.prometheus_alertmanagerSpec_nodeSelector
+    prometheusSpec_nodeSelector              = var.prometheusSpec_nodeSelector
 
     ################################
     ######## GRAFANA LOCALS ########
     ################################
     replicas                  = var.replicas
-    image                     = var.image
-    tag                       = var.tag
+    grafana_image_repository  = var.grafana_image_repository
+    grafana_image_tag         = var.grafana_image_tag
     grafana_image_pull_policy = var.grafana_image_pull_policy
 
     grafana_service_account             = var.grafana_service_account
@@ -76,11 +85,11 @@ locals {
     grafana_dashboards_config_maps = indent(2, var.grafana_dashboards_config_maps)
 
     grafana_main_config         = indent(2, var.grafana_main_config)
-    grafana_okta_config         = indent(2, var.grafana_okta_config)
     grafana_db_config           = indent(2, var.grafana_db_config)
+    grafana_okta_config         = indent(2, var.grafana_okta_config)
     grafana_okta_enabled        = var.grafana_okta_enabled
-    GRAFANA_OAUTH_CLIENT_ID     = var.GRAFANA_OAUTH_CLIENT_ID
-    GRAFANA_OAUTH_CLIENT_SECRET = var.GRAFANA_OAUTH_CLIENT_SECRET
+    grafana_oauth_client_id     = var.grafana_oauth_client_id
+    grafana_oauth_client_secret = var.grafana_oauth_client_secret
 
     grafana_image_repository = var.grafana_image_repository
     grafana_image_tag        = var.grafana_image_tag
@@ -115,17 +124,17 @@ locals {
 }
 
 resource "helm_release" "kube_prometheus_stack" {
-  name       = var.release_name
-  chart      = var.chart_name
-  repository = var.chart_repository
-  version    = var.chart_version
-  namespace  = var.chart_namespace
+  name             = var.release_name
+  chart            = var.chart_name
+  repository       = var.chart_repository
+  version          = var.chart_version
+  namespace        = var.chart_namespace
+  create_namespace = var.create_namespace
 
   max_history = var.max_history
   timeout     = var.chart_timeout
 
   values = [
     templatefile("${path.module}/templates/values.yaml", local.values),
-    #    templatefile("${path.module}/templates/okta_config.yaml", local.values)
   ]
 }