From cedadb682ef20c198294110249ba8f1015fbaad2 Mon Sep 17 00:00:00 2001 From: Matias Bordese Date: Mon, 9 Dec 2024 16:19:37 -0300 Subject: [PATCH] Update OnCall client setup to support service account auth (#1859) Update OnCall client setup to support service account auth --- docs/index.md | 40 +++++++++++++++++++++++++ examples/provider/provider-oncall-sa.tf | 34 +++++++++++++++++++++ pkg/provider/configure_clients.go | 9 ++++-- pkg/provider/configure_clients_test.go | 26 ++++++++++++++++ templates/index.md.tmpl | 5 ++++ 5 files changed, 112 insertions(+), 2 deletions(-) create mode 100644 examples/provider/provider-oncall-sa.tf diff --git a/docs/index.md b/docs/index.md index 504130513..00aafcaf7 100644 --- a/docs/index.md +++ b/docs/index.md @@ -201,6 +201,46 @@ resource "grafana_oncall_escalation" "example_notify_step" { } ``` +Alternatively, you can also configure the provider block by setting `url` +to your Grafana URL and `auth` to a service account token: + +```terraform +// Step 1: Configure provider block. +provider "grafana" { + alias = "oncall" + url = "http://grafana.example.com/" + auth = var.grafana_auth +} + +data "grafana_oncall_user" "alex" { + username = "alex" +} + +// Step 2: Interact with Grafana OnCall +resource "grafana_oncall_integration" "test-acc-integration" { + provider = grafana.oncall + name = "my integration" + type = "grafana" + default_route { + escalation_chain_id = grafana_oncall_escalation_chain.default.id + } +} + +resource "grafana_oncall_escalation_chain" "default" { + provider = grafana.oncall + name = "default" +} + +resource "grafana_oncall_escalation" "example_notify_step" { + escalation_chain_id = grafana_oncall_escalation_chain.default.id + type = "notify_persons" + persons_to_notify = [ + data.grafana_oncall_user.alex.id + ] + position = 0 +} +``` + ## Schema diff --git a/examples/provider/provider-oncall-sa.tf b/examples/provider/provider-oncall-sa.tf new file mode 100644 index 000000000..4929f0afd --- /dev/null +++ b/examples/provider/provider-oncall-sa.tf @@ -0,0 +1,34 @@ +// Step 1: Configure provider block. +provider "grafana" { + alias = "oncall" + url = "http://grafana.example.com/" + auth = var.grafana_auth +} + +data "grafana_oncall_user" "alex" { + username = "alex" +} + +// Step 2: Interact with Grafana OnCall +resource "grafana_oncall_integration" "test-acc-integration" { + provider = grafana.oncall + name = "my integration" + type = "grafana" + default_route { + escalation_chain_id = grafana_oncall_escalation_chain.default.id + } +} + +resource "grafana_oncall_escalation_chain" "default" { + provider = grafana.oncall + name = "default" +} + +resource "grafana_oncall_escalation" "example_notify_step" { + escalation_chain_id = grafana_oncall_escalation_chain.default.id + type = "notify_persons" + persons_to_notify = [ + data.grafana_oncall_user.alex.id + ] + position = 0 +} diff --git a/pkg/provider/configure_clients.go b/pkg/provider/configure_clients.go index 7e07996c3..87bc57c34 100644 --- a/pkg/provider/configure_clients.go +++ b/pkg/provider/configure_clients.go @@ -52,7 +52,7 @@ func CreateClients(providerConfig ProviderConfig) (*common.Client, error) { if !providerConfig.SMAccessToken.IsNull() { c.SMAPI = SMAPI.NewClient(providerConfig.SMURL.ValueString(), providerConfig.SMAccessToken.ValueString(), getRetryClient(providerConfig)) } - if !providerConfig.OncallAccessToken.IsNull() { + if !providerConfig.OncallURL.IsNull() && (!providerConfig.OncallAccessToken.IsNull() || (!providerConfig.Auth.IsNull() && !providerConfig.URL.IsNull())) { var onCallClient *onCallAPI.Client onCallClient, err = createOnCallClient(providerConfig) if err != nil { @@ -182,7 +182,12 @@ func createCloudClient(client *common.Client, providerConfig ProviderConfig) err } func createOnCallClient(providerConfig ProviderConfig) (*onCallAPI.Client, error) { - return onCallAPI.New(providerConfig.OncallURL.ValueString(), providerConfig.OncallAccessToken.ValueString()) + authToken := providerConfig.OncallAccessToken.ValueString() + if authToken == "" { + // prefer OncallAccessToken if it was set, otherwise use Grafana auth (service account) token + authToken = providerConfig.Auth.ValueString() + } + return onCallAPI.NewWithGrafanaURL(providerConfig.OncallURL.ValueString(), authToken, providerConfig.URL.ValueString()) } func createCloudProviderClient(client *common.Client, providerConfig ProviderConfig) error { diff --git a/pkg/provider/configure_clients_test.go b/pkg/provider/configure_clients_test.go index 4f5c1a7b0..2394f0c47 100644 --- a/pkg/provider/configure_clients_test.go +++ b/pkg/provider/configure_clients_test.go @@ -120,6 +120,7 @@ func TestCreateClients(t *testing.T) { assert.NotNil(t, c.GrafanaAPI) assert.NotNil(t, c.MLAPI) assert.NotNil(t, c.SLOClient) + assert.Nil(t, c.OnCallClient) }, }, { @@ -133,6 +134,31 @@ func TestCreateClients(t *testing.T) { assert.NotNil(t, c.GrafanaAPI) }, }, + { + name: "OnCall client using original config (not setting Grafana URL)", + config: ProviderConfig{ + OncallAccessToken: types.StringValue("oncall-token"), + OncallURL: types.StringValue("http://oncall.url"), + }, + expected: func(c *common.Client, err error) { + assert.Nil(t, err) + assert.NotNil(t, c.OnCallClient) + assert.Nil(t, c.OnCallClient.GrafanaURL()) + }, + }, + { + name: "OnCall client setting Grafana URL (using Grafana URL and auth)", + config: ProviderConfig{ + URL: types.StringValue("http://localhost:3000"), + Auth: types.StringValue("service-account-token"), + OncallURL: types.StringValue("http://oncall.url"), + }, + expected: func(c *common.Client, err error) { + assert.Nil(t, err) + assert.NotNil(t, c.OnCallClient) + assert.Equal(t, "http://localhost:3000", c.OnCallClient.GrafanaURL().String()) + }, + }, } for _, tc := range testCases { diff --git a/templates/index.md.tmpl b/templates/index.md.tmpl index 7a9889e2f..c1c884ed0 100644 --- a/templates/index.md.tmpl +++ b/templates/index.md.tmpl @@ -30,6 +30,11 @@ The changelog for this provider can be found here: