feat(grafana-datasources)!: changed from tpl to secret#107
Conversation
There was a problem hiding this comment.
Pull request overview
This PR converts datasource-library from a Helm library chart that emitted provisioning YAML via tpl/consumer templates into an application chart that directly renders a labeled Kubernetes Secret containing Grafana datasource provisioning YAML (for consumption by the Grafana k8s-sidecar). This is a breaking change in how consumers integrate the chart.
Changes:
- Render Grafana datasource provisioning as a Secret (
templates/datasources-secret.yaml) instead of requiring consumer charts to create a ConfigMap/template wrapper. - Move
team/environmentto instance-level and update postgres datasource generation logic + auth validation in templates. - Add a JSON schema for values validation and update documentation to match the new usage.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| charts/datasource-library/values.yaml | Adds default values structure for datasources.postgres. |
| charts/datasource-library/values.schema.json | Introduces schema validation for instance-level and postgres datasource entries. |
| charts/datasource-library/templates/datasources-secret.yaml | New Secret template that wraps provisioning output for k8s-sidecar pickup. |
| charts/datasource-library/templates/_helpers.tpl | Adds helpers for required team, resolved environment, and a computed base name. |
| charts/datasource-library/templates/_datasources.tpl | Updates postgres provisioning generation and auth/SSL handling. |
| charts/datasource-library/README.md | Documents the new Secret-based integration, naming, and auth model. |
| charts/datasource-library/Chart.yaml | Updates chart metadata and changes type from library to application. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| ## Values | ||
|
|
||
| ### PostgreSQL entry | ||
| Values are validated by `values.schema.json` (field types, enums, unknown-key rejection, and the `rootCertFile` requirement). Team/environment resolution and the auth-method requirement are enforced at render time. |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
ronenkapelian
left a comment
There was a problem hiding this comment.
-
The name should be replaced from library to something meaningful and also update it on readme
-
out of the scope, but it will be nice to add Standard Helm/Kubernetes Labels on Secret
The upstream 'min length for ssl files' autofix dropped the closing brace of the ssl 'properties' object, producing invalid JSON. Restore it while keeping the minLength additions. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
No description provided.