ITISFoundation · mrnicegyu11 · Mar 13, 2025 · Sep 19, 2024 · Oct 23, 2024 · Oct 23, 2024
diff --git a/certificates/Makefile b/certificates/Makefile
@@ -66,16 +66,10 @@ install-root-certificate: rootca.crt ## installs a certificate in the host syste
 		echo "Is the DOCKER service ready? press when ready" && read -n 1; \
 	    fi;\
 		echo "======================================";,\
-		$(if $(IS_OSX),                                             \
-			sudo security add-trusted-cert -d -k /Library/Keychains/System.keychain $<; \
-			echo "Please restart the DOCKER service now..." && read -n 1; \
-			echo "Is the DOCKER service ready? press when ready" && read -n 1; \
-		,                                                           \
-		sudo cp $< /usr/local/share/ca-certificates/osparc.crt; \
-		sudo update-ca-certificates -f;                            \
-		echo "# restarting docker daemon";                      \
+		sudo cp $< /etc/ca-certificates/trust-source/anchors/osparc.crt; \
+		sudo trust extract-compat &&                            \
+		echo "# restarting docker daemon" &&                      \
 		sudo systemctl restart docker                           \
-		) \
 	)
 
 

diff --git a/scripts/tf_helper_list_json_files_in_folder.sh b/scripts/tf_helper_list_json_files_in_folder.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+set -e
+
+DIRECTORY=$1
+
+# Find all JSON files within the directory
+FILES=$(find "$DIRECTORY" -mindepth 1 -maxdepth 1 -type f -name '*.json')
+
+# Create a JSON object where each file's basename is the key, with full paths as values
+JSON_OBJECT=$(echo "$FILES" | while read -r FILE; do
+    BASENAME=$(basename "$FILE" .json)
+    echo "{\"$BASENAME\": \"$FILE\"}"
+done | jq -s 'add')
+
+# Output the JSON map
+jq -n --argjson files "$JSON_OBJECT" '$files'
diff --git a/scripts/tf_helper_list_subfolders.sh b/scripts/tf_helper_list_subfolders.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+set -e
+
+DIRECTORY=$1
+
+# Use `find` to get the directories' base names
+SUBFOLDERS=$(find "$DIRECTORY" -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)
+
+# Convert the subfolder names into a JSON object with jq, where each is paired with itself
+JSON_OBJECT=$(echo "$SUBFOLDERS" | tr ' ' '\n' | jq -Rn '
+  [inputs] |
+  map(select(. != "")) |
+  map({key: ., value: .}) |
+  from_entries')
+# Output the JSON map
+jq -n --argjson subfolders "$JSON_OBJECT" '$subfolders'
@@ -84,6 +84,23 @@ update.grafana.pwd: .env ## Change grafana pwd
 	grafanacontainerid=$$(docker ps | grep grafana | awk '{print $$1;}');\
 	docker exec -ti $$grafanacontainerid grafana-cli admin reset-admin-password $$TRAEFIK_PASSWORD
 
+.PHONY: ensure-grafana-online
+ensure-grafana-online:
+	@set -o allexport; \
+	source $(REPO_CONFIG_LOCATION); \
+	set +o allexport; \
+	url=$${TF_VAR_grafana_url}; \
+	echo "Waiting for grafana at $$url to become reachable."; \
+	while true; do \
+	    status_code=$$(curl -k -o /dev/null -s -w "%{http_code}" $$url); \
+	    if [ "$$status_code" -ge 200 ] && [ "$$status_code" -lt 400 ]; then \
+	        echo "Grafana is online"; \
+	        break; \
+	    else \
+	        echo "Grafana still unreachable, waiting 5s for grafana to become reachable..."; \
+	        sleep 5; \
+	    fi; \
+done;
 
 .PHONY: grafana-export
 grafana-export: .venv## Export the remote grafana dashboards and datasources TO YOUR LOCAL MACHINE
@@ -93,11 +110,16 @@ grafana-export: .venv## Export the remote grafana dashboards and datasources TO
 	python3 export.py;
 
 .PHONY: grafana-import
-grafana-import: grafana/assets .venv ## Imports AND OVERWRITES the remote grafana dashboards and datasources FROM YOUR LOCAL MACHINE
-	@cd grafana/scripts;\
-	source ${REPO_BASE_DIR}/.venv/bin/activate;\
-	pip install -r requirements.txt > /dev/null 2>&1;\
-	python3 import.py
+grafana-import: grafana/assets ensure-grafana-online ## Imports AND OVERWRITES the remote grafana dashboards and datasources FROM YOUR LOCAL MACHINE
+	@set -o allexport; \
+	source $(REPO_CONFIG_LOCATION); \
+	set +o allexport; \
+	pushd ${REPO_BASE_DIR}/services/monitoring/grafana/terraform && \
+	terraform init && \
+	terraform destroy -auto-approve && \
+	terraform apply -auto-approve; \
+	popd > /dev/null
+
 
 .PHONY: config.grafana.dashboards
 config.grafana.dashboards: grafana/templates-provisioning/dashboards/simcore/Metrics-dashboard.json.j2 .venv #Configure dashboards for aws or dalco clusters

@@ -0,0 +1 @@
+1.5.1
@@ -0,0 +1,35 @@
+// Import subfolders using an external script
+data "external" "subfolders" {
+  program = ["bash", "${path.module}/../../../../scripts/tf_helper_list_subfolders.sh", "${path.module}/../assets/shared/dashboards"]
+}
+
+// Local mappings of folder names to their paths
+locals {
+  folder_map = data.external.subfolders.result
+}
+
+// Create Grafana folders for each subfolder
+resource "grafana_folder" "subfolders" {
+  for_each = local.folder_map
+
+  title = each.key // Use each.key to access each folder's name
+}
+
+// Function to list all JSON files within a directory
+data "external" "dashboard_files" {
+  for_each = local.folder_map
+
+  program = ["bash", "${path.module}/../../../../scripts/tf_helper_list_json_files_in_folder.sh", "${path.module}/../assets/shared/dashboards/${each.key}"]
+}
+
+// Create Grafana dashboards from JSON files
+resource "grafana_dashboard" "dashboards" {
+  for_each = toset(flatten([
+    for folder_name in keys(local.folder_map) : [
+      for file in values(data.external.dashboard_files[folder_name].result) : "${folder_name},${file}"
+    ]]
+  ))
+  # CSV approach
+  config_json = jsonencode(jsondecode(file(split(",", each.value)[1])).dashboard)
+  folder      = grafana_folder.subfolders[split(",", each.value)[0]].id
+}
@@ -0,0 +1,25 @@
+
+resource "grafana_data_source" "prometheusfederation" {
+  type               = "prometheus"
+  name               = "prometheus-federation"
+  url                = var.prometheus_federation_url
+  basic_auth_enabled = false
+  is_default         = true
+}
+
+resource "grafana_data_source" "prometheuscatchall" {
+  type               = "prometheus"
+  name               = "prometheus-catchall"
+  url                = var.prometheus_catchall_url
+  basic_auth_enabled = false
+  is_default         = false
+  uid                = "RmZEr52nz"
+}
+
+resource "grafana_data_source" "tempo" {
+  type               = "tempo"
+  name               = "tempo"
+  url                = var.tempo_url
+  basic_auth_enabled = false
+  is_default         = false
+}
diff --git a/services/monitoring/grafana/terraform/main.tf b/services/monitoring/grafana/terraform/main.tf
@@ -0,0 +1,21 @@
+terraform {
+  required_version = "~> 1.5.1"
+  backend "local" {
+    path = "terraform.tfstate" # Specify the path for the state file, can be a different path if needed
+  }
+  required_providers {
+    grafana = {
+      source  = "grafana/grafana"
+      version = "~> 3.13"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.1"
+    }
+  }
+}
+
+provider "grafana" {
+  url  = var.grafana_url
+  auth = var.grafana_auth
+}
@@ -0,0 +1,20 @@
+variable "grafana_url" {
+  description = "grafana_url"
+  sensitive   = false
+}
+variable "grafana_auth" {
+  description = "Username:Password"
+  sensitive   = true
+}
+variable "prometheus_federation_url" {
+  description = "Prometheus Federation URL"
+  sensitive   = false
+}
+variable "prometheus_catchall_url" {
+  description = "Prometheus Catchall URL"
+  sensitive   = false
+}
+variable "tempo_url" {
+  description = "Tempo URL"
+  sensitive   = false
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		1.5.1
mrnicegyu11 marked this conversation as resolved. Outdated Show resolved Hide resolved