apiVersion: v1 automountServiceAccountToken: false kind: ServiceAccount metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana --- apiVersion: v1 kind: ServiceAccount metadata: annotations: helm.sh/hook: test helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana-test namespace: grafana --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana rules: [] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana-clusterrole rules: [] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: grafana subjects: - kind: ServiceAccount name: grafana namespace: grafana --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana-clusterrolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: grafana-clusterrole subjects: - kind: ServiceAccount name: grafana namespace: grafana --- apiVersion: v1 data: grafana.ini: | [analytics] check_for_updates = true [grafana_net] url = https://grafana.net [log] mode = console [paths] data = /var/lib/grafana/ logs = /var/log/grafana plugins = /var/lib/grafana/plugins provisioning = /etc/grafana/provisioning [server] domain = '' root_url = https://grafana.home kind: ConfigMap metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana --- apiVersion: v1 data: run.sh: |- @test "Test Health" { url="http://grafana/api/health" code=$(wget --server-response --spider --timeout 90 --tries 10 ${url} 2>&1 | awk '/^ HTTP/{print $2}') [ "$code" == "200" ] } kind: ConfigMap metadata: annotations: helm.sh/hook: test helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana-test namespace: grafana --- apiVersion: v1 data: admin-password: UGxqZk51VEJWVkdPckF5ejJhYkZITTd2R1VEdmZJWjdVa0tCZnRObw== admin-user: YWRtaW4= ldap-toml: "" kind: Secret metadata: labels: app.kubernetes.io/component: admin-secret app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana type: Opaque --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana spec: ports: - name: service port: 80 protocol: TCP targetPort: grafana selector: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana type: ClusterIP --- apiVersion: v1 kind: PersistentVolumeClaim metadata: finalizers: - kubernetes.io/pvc-protection labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: openebs-3-replicas --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana namespace: grafana spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana strategy: type: RollingUpdate template: metadata: annotations: checksum/config: 865352f890d817b19919dbaaab368249b89392713a14c874d30b59e35e91516c checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 checksum/secret: 72a35d7651c7ae487c86c90133ffd2add1ad6281cd42e1f21c428a169c6f0f9c kubectl.kubernetes.io/default-container: grafana labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 spec: automountServiceAccountToken: true containers: - env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: GF_SECURITY_ADMIN_USER valueFrom: secretKeyRef: key: admin-user name: grafana - name: GF_SECURITY_ADMIN_PASSWORD valueFrom: secretKeyRef: key: admin-password name: grafana - name: GF_PATHS_DATA value: /var/lib/grafana/ - name: GF_PATHS_LOGS value: /var/log/grafana - name: GF_PATHS_PLUGINS value: /var/lib/grafana/plugins - name: GF_PATHS_PROVISIONING value: /etc/grafana/provisioning image: docker.io/grafana/grafana:12.2.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 10 httpGet: path: /api/health port: 3000 initialDelaySeconds: 60 timeoutSeconds: 30 name: grafana ports: - containerPort: 3000 name: grafana protocol: TCP - containerPort: 9094 name: gossip-tcp protocol: TCP - containerPort: 9094 name: gossip-udp protocol: UDP - containerPort: 6060 name: profiling protocol: TCP readinessProbe: httpGet: path: /api/health port: 3000 securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /etc/grafana/grafana.ini name: config subPath: grafana.ini - mountPath: /var/lib/grafana name: storage enableServiceLinks: true initContainers: - command: - chown - -R - 472:472 - /var/lib/grafana image: docker.io/library/busybox:1.31.1 imagePullPolicy: IfNotPresent name: init-chown-data securityContext: capabilities: add: - CHOWN drop: - ALL readOnlyRootFilesystem: false runAsNonRoot: false runAsUser: 0 seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /var/lib/grafana name: storage securityContext: fsGroup: 472 runAsGroup: 472 runAsNonRoot: true runAsUser: 472 serviceAccountName: grafana shareProcessNamespace: false volumes: - configMap: name: grafana name: config - name: storage persistentVolumeClaim: claimName: grafana --- apiVersion: v1 kind: Pod metadata: annotations: helm.sh/hook: test helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded labels: app.kubernetes.io/instance: grafana app.kubernetes.io/name: grafana app.kubernetes.io/version: 12.2.1 helm.sh/chart: grafana-10.1.4 name: grafana-test namespace: grafana spec: containers: - command: - /opt/bats/bin/bats - -t - /tests/run.sh image: docker.io/bats/bats:v1.4.1 imagePullPolicy: IfNotPresent name: grafana-test volumeMounts: - mountPath: /tests name: tests readOnly: true restartPolicy: Never serviceAccountName: grafana-test volumes: - configMap: name: grafana-test name: tests