From 4a6eff50fc567932bc3daa656645809d0e5467b1 Mon Sep 17 00:00:00 2001 From: Les Aker Date: Sun, 29 Sep 2024 10:53:01 -0400 Subject: [PATCH] add role_attribute_path --- manifests/init.pp | 2 ++ templates/grafana.ini.erb | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index 356c42e..88a0dbc 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -21,6 +21,7 @@ # @param viewers_can_edit controls whether viewers can use Explore and modify dashboard panels # @param allowed_organizations sets the organization requirements for Github auth # @param team_ids sets the team requirements for Github auth +# @param role_attribute_path sets how roles are mapped from Github metadata # @param plugins sets the plugins to install # @param extra_config sets extra grafana config flags to use # @param backup_target sets the target repo for backups @@ -53,6 +54,7 @@ Boolean $viewers_can_edit = false, Array[String] $allowed_organizations = [], Array[String] $team_ids = [], + Optional[String] $role_attribute_path = undef, Array[String] $plugins = [], Array[String] $extra_config = [], Optional[String] $backup_target = undef, diff --git a/templates/grafana.ini.erb b/templates/grafana.ini.erb index 0965f53..d71b788 100644 --- a/templates/grafana.ini.erb +++ b/templates/grafana.ini.erb @@ -49,12 +49,16 @@ scopes = user:email,read:org auth_url = https://github.com/login/oauth/authorize token_url = https://github.com/login/oauth/access_token api_url = https://api.github.com/user +allow_assign_grafana_admin = true <% unless @allowed_organizations.empty? -%> allowed_organizations = <%= @allowed_organizations.join(' ') %> <% end -%> <% unless @team_ids.empty? -%> team_ids = <%= @team_ids.join(',') %> <% end -%> +<% if @role_attribute_path -%> +role_attribute_path = <%= @role_attribute_path %> +<% end -%> <% if @allow_anonymous -%> [auth.anonymous]