crossplane-provider-grafana icon indicating copy to clipboard operation
crossplane-provider-grafana copied to clipboard
verified publisher icon grafana

Not able to provision dashboard with crossplane grafana provider

Open shankar-bala opened this issue 9 months ago • 4 comments

Crossplane Version

v1.14.2

Crossplane Grafana Provider Version

xpkg.upbound.io/grafana/provider-grafana:v0.25.0

Affected Resource(s)

  • oss.grafana.crossplane.io/v1alpha1/Dashboard

YAML resources


apiVersion: grafana.crossplane.io/v1beta1
kind: ProviderConfig
metadata:
  name: grafana-provider-config
spec:
  credentials:
    secretRef:
      key: auth
      name: grafana-secret
      namespace: crossplane
    source: Secret
  url: https://local-grafana-url.com
---
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
  name: provider-grafana
spec:
  ignoreCrossplaneConstraints: false
  package: xpkg.upbound.io/grafana/provider-grafana:v0.25.0
  packagePullPolicy: IfNotPresent
  revisionActivationPolicy: Automatic
  revisionHistoryLimit: 1
  skipDependencyResolution: false
---
apiVersion: oss.grafana.crossplane.io/v1alpha1
kind: Dashboard
metadata:
  name: first-dashboard
spec:
  forProvider:
    configJson: |
      {
        "title": "First dashboard",
        "uid": "first-dashboard"
      }
  providerConfigRef:
    name: grafana-provider-config

kubernetes secret grafana-secret content

{
    "auth": "admin:testing"
}

Expected Behavior

Expected dashboard showing up in the grafana UI..

Actual Behavior

when looked at the status of Dashboard object., i see this error

status:
  atProvider: {}
  conditions:
  - lastTransitionTime: "2025-02-20T23:18:30Z"
    message: 'connect failed: cannot get terraform setup: cannot unmarshal grafana
      credentials as JSON: unexpected end of JSON input'
    reason: ReconcileError
    status: "False"
    type: Synced

Steps to Reproduce

  1. Create secret object and apply the above yaml files

Important Factoids

No response

References

No response

shankar-bala avatar Feb 20 '25 23:02 shankar-bala

The provider secret value needs to look like this:

{
  "auth": "<token>",
  "url": "<grafanaURL>"
}

Assuming your secret object looks like this:

apiVersion: v1
kind: Secret
metadata:
  name: grafana-secret
  namespace: crossplane
type: Opaque
data:
  auth: <base64>

Duologic avatar Feb 21 '25 00:02 Duologic

Thanks @Duologic ..it worked.

shankar-bala avatar Feb 21 '25 06:02 shankar-bala

Reopening as this should get documented somewhere properly.

Duologic avatar Feb 21 '25 07:02 Duologic

We faced with the issue, that dashboards/folders couldn't be created with providerConfig, originated from ServiceAccountToken.oss.grafana.crossplane.io, because the connection secret of the token contains only the token itself, and doesn't contain the url.

'create failed: failed to create the resource: [{0 the Grafana client
      is required for this resource. Set the auth and url provider attributes  []}]'

We found here https://github.com/grafana/crossplane-provider-grafana/blob/main/config/grafana/config.go#L306 that you plan to do this. Could you please say, when you plan to fix this? It is a real blocker for us to move forward.

nkirpa avatar Mar 24 '25 12:03 nkirpa

@nkirpa The 'slug' or 'url' information is not returned upon creating a ServiceAccountToken, this makes it quite hard to return that information as part of the original secret. As a workaround, the url can be provided to the ProviderConfig or create a new set of Connection Details if you are using Crossplane Compositions.

Duologic avatar May 28 '25 09:05 Duologic