Merge branch 'master' into dashboard-fetch-rate-limit

.github/workflows/pr-validation.yaml

@@ -127,7 +127,7 @@ jobs:
   build-container:
     runs-on: ubuntu-latest
     env:
-      DOCKER_PLATFORMS: linux/amd64,linux/arm64,linux/s390x
+      DOCKER_PLATFORMS: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
     services:
       registry:
         image: registry:2

.github/workflows/release.yaml

@@ -12,7 +12,7 @@ jobs:
     env:
       DOCKER_REGISTRY: quay.io
       DOCKER_REPOSITORY: grafana-operator/grafana-operator
-      DOCKER_PLATFORMS: linux/amd64,linux/arm64,linux/s390x
+      DOCKER_PLATFORMS: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
     steps:
       - name: Clone repo and checkout submodules
         uses: actions/checkout@v2.3.4

Dockerfile

@@ -1,6 +1,6 @@
 ARG BUILDER_IMAGE=golang:1.16
-ARG UBI_MINIMAL_IMAGE=registry.access.redhat.com/ubi8/ubi-minimal:8.4
-ARG UBI_MICRO_IMAGE=registry.access.redhat.com/ubi8/ubi-micro:8.4
+ARG UBI_MINIMAL_IMAGE=registry.access.redhat.com/ubi8/ubi-minimal:8.5
+ARG UBI_MICRO_IMAGE=registry.access.redhat.com/ubi8/ubi-micro:8.5
 
 # Build the manager binary
 # hadolint ignore=DL3006
@@ -50,7 +50,7 @@ COPY --from=builder /workspace/manager .
 
 RUN mkdir -p /opt/jsonnet && chown nobody /opt/jsonnet
 
-USER 65532:65532
+USER nobody
 
 COPY grafonnet-lib/grafonnet/ /opt/jsonnet/grafonnet
 

Makefile

@@ -1,5 +1,5 @@
 # Current Operator version
-VERSION ?= 4.2.0
+VERSION ?= 4.4.0
 
 # IMAGE_TAG_BASE defines the namespace and part of the image name for remote images.
 # running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both
@@ -114,7 +114,7 @@ docker-push:
 
 # Build and push a multi-architecture docker image
 docker-buildx: test
-	docker buildx build --platform linux/amd64,linux/arm64,linux/s390x --push -t ${IMG} .
+	docker buildx build --platform linux/amd64,linux/arm64,linux/s390x,linux/ppc64le --push -t ${IMG} .
 
 # Download controller-gen locally if necessary
 CONTROLLER_GEN = $(shell pwd)/bin/controller-gen

PREPARE_RELEASE.md

@@ -6,6 +6,7 @@ There is a lot of information on what is needed to manage OLM [compatible operat
 
 - Update `version/version.go` bumping the minor or patch version. Major versions shouldn't be released without discussion and approval of the maintainers!
 - Update the `Makefile`
+- Update `containerImage` field in `config/manifests/bases/grafana-operator.clusterserviceversion.yaml`
 - Update `replaces` field in `config/manifests/bases/grafana-operator.clusterserviceversion.yaml`
 - Update `CreatedAt` field in `config/manifests/bases/grafana-operator.clusterserviceversion.yaml`
   You will have to asses when it's going to get merged and you will be able to do a release.

bundle/manifests/grafana-operator.clusterserviceversion.yaml

@@ -6,19 +6,20 @@ metadata:
     capabilities: Basic Install
     categories: Monitoring
     certified: "False"
-    containerImage: quay.io/grafana-operator/grafana-operator:v4.2.0
-    createdAt: "2022-02-22T16:00:12Z"
+    containerImage: quay.io/grafana-operator/grafana-operator:v4.4.0
+    createdAt: "2022-05-06T10:00:12Z"
     description: A Kubernetes Operator based on the Operator SDK for creating and
       managing Grafana instances
     operators.operatorframework.io/builder: operator-sdk-v1.13.1
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
     repository: https://github.com/grafana-operator/grafana-operator
-    support: grafana-operator
+    support: Red Hat
   labels:
     operatorframework.io/arch.amd64: supported
     operatorframework.io/arch.arm64: supported
+    operatorframework.io/arch.ppc64le: supported
     operatorframework.io/arch.s390x: supported
-  name: grafana-operator.v4.2.0
+  name: grafana-operator.v4.4.0
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
@@ -271,7 +272,7 @@ spec:
                   valueFrom:
                     fieldRef:
                       fieldPath: metadata.annotations['olm.targetNamespaces']
-                image: quay.io/grafana-operator/grafana-operator:v4.2.0
+                image: quay.io/grafana-operator/grafana-operator:v4.4.0
                 imagePullPolicy: Always
                 livenessProbe:
                   httpGet:
@@ -354,5 +355,5 @@ spec:
   maturity: alpha
   provider:
     name: Red Hat
-  replaces: grafana-operator.v4.1.1
-  version: 4.2.0
+  replaces: grafana-operator.v4.3.0
+  version: 4.4.0

bundle/manifests/integreatly.org_grafanadatasources.yaml

@@ -60,6 +60,10 @@ spec:
                             https://github.com/Vertamedia/clickhouse-grafana/tree/master/dist/README.md#configure-the-datasource-with-provisioning
                             See https://github.com/Vertamedia/clickhouse-grafana/tree/master/src/datasource.ts#L44
                           type: boolean
+                        alertmanagerUid:
+                          description: AlertManagerUID if null use the internal grafana
+                            alertmanager
+                          type: string
                         allowInfraExplore:
                           type: boolean
                         apiToken:
@@ -174,6 +178,10 @@ spec:
                           type: string
                         logMessageField:
                           type: string
+                        manageAlerts:
+                          description: ManageAlerts turns on alert management from
+                            UI
+                          type: boolean
                         maxIdleConns:
                           type: integer
                         maxLines:
@@ -190,13 +198,18 @@ spec:
                           type: boolean
                         organization:
                           type: string
+                        port:
+                          type: integer
                         postgresVersion:
                           type: integer
                         search:
                           properties:
                             hide:
                               type: boolean
                           type: object
+                        server:
+                          description: Fields for Grafana Clickhouse data sources
+                          type: string
                         serviceMap:
                           properties:
                             datasourceUid:
@@ -229,6 +242,9 @@ spec:
                           type: string
                         timescaledb:
                           type: boolean
+                        timezone:
+                          description: Extra field for MySQL data source
+                          type: string
                         tlsAuth:
                           type: boolean
                         tlsAuthWithCACert:
@@ -271,6 +287,8 @@ spec:
                           type: boolean
                         useYandexCloudAuthorization:
                           type: boolean
+                        username:
+                          type: string
                         version:
                           type: string
                         xHeaderKey:

config/manager/kustomization.yaml

@@ -13,7 +13,7 @@ kind: Kustomization
 images:
 - name: controller
   newName: quay.io/grafana-operator/grafana-operator
-  newTag: v4.2.0
+  newTag: v4.4.0
 
 # Protect the /metrics endpoint by putting it behind auth.
 # If you want your controller-manager to expose the /metrics

config/manifests/bases/grafana-operator.clusterserviceversion.yaml

@@ -87,15 +87,16 @@ metadata:
     capabilities: Basic Install
     categories: Monitoring
     certified: "False"
-    containerImage: quay.io/grafana-operator/grafana-operator:v4.2.0
-    createdAt: "2022-02-22T16:00:12Z"
+    containerImage: quay.io/grafana-operator/grafana-operator:v4.4.0
+    createdAt: "2022-05-06T10:00:12Z"
     description: A Kubernetes Operator based on the Operator SDK for creating and
       managing Grafana instances
     repository: https://github.com/grafana-operator/grafana-operator
     support: Red Hat
   labels:
     operatorframework.io/arch.amd64: supported
     operatorframework.io/arch.arm64: supported
+    operatorframework.io/arch.ppc64le: supported
     operatorframework.io/arch.s390x: supported
   name: grafana-operator.v0.0.0
   namespace: placeholder
@@ -167,5 +168,5 @@ spec:
   maturity: alpha
   provider:
     name: Red Hat
-  replaces: grafana-operator.v4.1.1
+  replaces: grafana-operator.v4.3.0
   version: 0.0.0

controllers/config/controller_config.go

@@ -25,9 +25,8 @@ const (
 	GrafanaProvisioningDashboardsPath       = "/etc/grafana/provisioning/dashboards"
 	GrafanaProvisioningNotifiersPath        = "/etc/grafana/provisioning/notifiers"
 	PluginsInitContainerImage               = "quay.io/grafana-operator/grafana_plugins_init"
-	PluginsInitContainerTag                 = "0.0.5"
+	PluginsInitContainerTag                 = "0.0.6"
 	PluginsUrl                              = "https://grafana.com/api/plugins/%s/versions/%s"
-	RequeueDelay                            = time.Second * 10
 	SecretsMountDir                         = "/etc/grafana-secrets/" // #nosec G101
 	ConfigMapsMountDir                      = "/etc/grafana-configmaps/"
 	ConfigRouteWatch                        = "watch.routes"
@@ -38,9 +37,10 @@ const (
 
 type ControllerConfig struct {
 	*sync.Mutex
-	Values     map[string]interface{}
-	Plugins    map[string]v1alpha1.PluginList
-	Dashboards map[string][]*v1alpha1.GrafanaDashboardRef
+	Values       map[string]interface{}
+	Plugins      map[string]v1alpha1.PluginList
+	Dashboards   map[string][]*v1alpha1.GrafanaDashboardRef
+	RequeueDelay time.Duration
 }
 
 var instance *ControllerConfig
@@ -49,10 +49,11 @@ var once sync.Once
 func GetControllerConfig() *ControllerConfig {
 	once.Do(func() {
 		instance = &ControllerConfig{
-			Mutex:      &sync.Mutex{},
-			Values:     map[string]interface{}{},
-			Plugins:    map[string]v1alpha1.PluginList{},
-			Dashboards: map[string][]*v1alpha1.GrafanaDashboardRef{},
+			Mutex:        &sync.Mutex{},
+			Values:       map[string]interface{}{},
+			Plugins:      map[string]v1alpha1.PluginList{},
+			Dashboards:   map[string][]*v1alpha1.GrafanaDashboardRef{},
+			RequeueDelay: time.Second * 10,
 		}
 	})
 	return instance
@@ -158,16 +159,15 @@ func (c *ControllerConfig) GetDashboards(namespace string) []*v1alpha1.GrafanaDa
 		return c.Dashboards[namespace]
 	}
 
-	return []*v1alpha1.GrafanaDashboardRef{}
-}
-
-func (c *ControllerConfig) GetAllDashboards() []*v1alpha1.GrafanaDashboardRef {
-	c.Lock()
-	defer c.Unlock()
+	dashboards := []*v1alpha1.GrafanaDashboardRef{}
 
-	var dashboards []*v1alpha1.GrafanaDashboardRef
-	for _, ds := range c.Dashboards {
-		dashboards = append(dashboards, ds...)
+	// The periodic resync in grafanadashboard.GrafanaDashboardReconciler rely on the convention
+	// that an empty namespace means all of them, so we follow that rule here.
+	if namespace == "" {
+		for _, ds := range c.Dashboards {
+			dashboards = append(dashboards, ds...)
+		}
+		return dashboards
 	}
 
 	return dashboards

controllers/config/grafanaIni.go

@@ -145,6 +145,10 @@ func (i *GrafanaIni) parseConfig(config map[string][]string) map[string][]string
 		config = i.cfgAuth(config)
 	}
 
+	if i.cfg.Live != nil {
+		config = i.cfgLive(config)
+	}
+
 	if i.cfg.Log != nil {
 		var items []string
 		items = appendStr(items, "mode", i.cfg.Log.Mode)
@@ -395,6 +399,15 @@ func (i *GrafanaIni) cfgAuth(config map[string][]string) map[string][]string {
 	return config
 }
 
+func (i *GrafanaIni) cfgLive(config map[string][]string) map[string][]string {
+	var items []string
+	items = appendInt(items, "max_connections", i.cfg.Live.MaxConnections)
+	items = appendStr(items, "allowed_origins", i.cfg.Live.AllowedOrigins)
+	config["live"] = items
+
+	return config
+}
+
 func (i *GrafanaIni) cfgAuthSaml(config map[string][]string) map[string][]string {
 	var items []string
 	items = appendBool(items, "enabled", i.cfg.AuthSaml.Enabled)

controllers/config/grafanaIni_test.go

@@ -41,6 +41,9 @@ var (
 
 	// Rendering
 	concurrentRenderRequestLimit = 10
+
+	// Live
+	maxConnections = 10
 )
 
 var testGrafanaConfig = v1alpha1.GrafanaConfig{
@@ -92,6 +95,10 @@ var testGrafanaConfig = v1alpha1.GrafanaConfig{
 		AllowedDomains: "azure.com",
 		AllowSignUp:    &allowSignUp,
 	},
+	Live: &v1alpha1.GrafanaConfigLive{
+		MaxConnections: &maxConnections,
+		AllowedOrigins: "https://origin.com",
+	},
 	UnifiedAlerting: &v1alpha1.GrafanaConfigUnifiedAlerting{
 		Enabled:           &enableGrafanaConfigUnifiedAlerting,
 		ExecuteAlerts:     &executeAlerts,
@@ -145,6 +152,10 @@ user = user
 [feature_toggles]
 enable = ngalert
 
+[live]
+allowed_origins = https://origin.com
+max_connections = 10
+
 [paths]
 data = /var/lib/grafana
 logs = /var/log/grafana
@@ -253,6 +264,19 @@ func TestCfgAuth(t *testing.T) {
 	require.Equal(t, config, testConfig)
 }
 
+func TestCfgLive(t *testing.T) {
+	i := NewGrafanaIni(&testGrafanaConfig)
+	config := map[string][]string{}
+	config = i.cfgLive(config)
+	testConfig := map[string][]string{
+		"live": {
+			"max_connections = 10",
+			"allowed_origins = https://origin.com",
+		},
+	}
+	require.Equal(t, config, testConfig)
+}
+
 func TestCfgAuthAzureAD(t *testing.T) {
 	i := NewGrafanaIni(&testGrafanaConfig)
 	config := map[string][]string{}

controllers/grafana/grafana_controller.go

@@ -233,7 +233,7 @@ func (r *ReconcileGrafana) manageError(cr *grafanav1alpha1.Grafana, issue error,
 		GrafanaReady: false,
 	}
 
-	return reconcile.Result{RequeueAfter: config.RequeueDelay}, nil
+	return reconcile.Result{RequeueAfter: r.Config.RequeueDelay}, nil
 }
 
 // Try to find a suitable url to grafana
@@ -283,7 +283,7 @@ func (r *ReconcileGrafana) manageSuccess(cr *grafanav1alpha1.Grafana, state *com
 	// Only update the status if the dashboard controller had a chance to sync the cluster
 	// dashboards first. Otherwise reuse the existing dashboard config from the CR.
 	if r.Config.GetConfigBool(config.ConfigGrafanaDashboardsSynced, false) {
-		cr.Status.InstalledDashboards = r.Config.GetAllDashboards()
+		cr.Status.InstalledDashboards = r.Config.GetDashboards("")
 	}
 
 	instance := &grafanav1alpha1.Grafana{}
@@ -325,5 +325,5 @@ func (r *ReconcileGrafana) manageSuccess(cr *grafanav1alpha1.Grafana, state *com
 
 	log.V(1).Info("desired cluster state met")
 
-	return reconcile.Result{RequeueAfter: config.RequeueDelay}, nil
+	return reconcile.Result{RequeueAfter: r.Config.RequeueDelay}, nil
 }

controllers/grafanadashboard/grafanadashboard_controller.go

@@ -93,7 +93,7 @@ func (r *GrafanaDashboardReconciler) Reconcile(ctx context.Context, request ctrl
 
 	getClient, err := r.getClient()
 	if err != nil {
-		return reconcile.Result{RequeueAfter: config.RequeueDelay}, err
+		return reconcile.Result{RequeueAfter: config.GetControllerConfig().RequeueDelay}, err
 	}
 
 	// Initial request?
@@ -104,7 +104,7 @@ func (r *GrafanaDashboardReconciler) Reconcile(ctx context.Context, request ctrl
 	// Check if the label selectors are available yet. If not then the grafana controller
 	// has not finished initializing and we can't continue. Reschedule for later.
 	if r.state.DashboardSelectors == nil {
-		return reconcile.Result{RequeueAfter: config.RequeueDelay}, nil
+		return reconcile.Result{RequeueAfter: config.GetControllerConfig().RequeueDelay}, nil
 	}
 
 	// Fetch the GrafanaDashboard instance
@@ -173,7 +173,7 @@ func SetupWithManager(mgr ctrl.Manager, r reconcile.Reconciler, namespace string
 	}
 
 	ref := r.(*GrafanaDashboardReconciler) // nolint
-	ticker := time.NewTicker(config.RequeueDelay)
+	ticker := time.NewTicker(config.GetControllerConfig().RequeueDelay)
 	sendEmptyRequest := func() {
 		request := reconcile.Request{
 			NamespacedName: types.NamespacedName{