resource "kubernetes_config_map_v1" "config" {
  metadata {
    name = "grafana"
    namespace = var.namespace
    labels = local.common-labels
  }
  data = {
    "grafana.ini" = <<-EOF
[analytics]
check_for_updates = true
[grafana_net]
url = https://grafana.net
[log]
mode = console
[paths]
data = /var/lib/grafana/
logs = /var/log/grafana
plugins = /var/lib/grafana/plugins
provisioning = /etc/grafana/provisioning
[server]
domain = ''
root_url = 'https://${local.dns-name}/'
[users]
auto_assign_org = true
auto_assign_org_id = 0
[auth]
oauth_allow_insecure_email_lookup = true
signout_redirect_url = '${module.oauth2.sso_signout_url}'
[auth.anonymous]
enabled = true
org_name = Main Org.
org_role = Viewer
[auth.generic_oauth]
enabled = true
name = vynil
scopes = openid profile email
client_id = '${module.oauth2.client_id}'
client_secret = '${module.oauth2.client_secret}'
auth_url = '${module.oauth2.sso_authorize_url}'
api_url	= '${module.oauth2.sso_userinfo_url}'
token_url = '${module.oauth2.sso_token_url}'
role_attribute_path = contains(groups, '${module.application.main_group}-admin') && 'Admin' || contains(groups, '${module.application.main_group}') && 'Editor' || 'Viewer'
  EOF
  }
}