[bugfix] add sigv4_auth_enabled to grafana config

[paulczar]

Signed-off-by: Paul Czarkowski username.taken@gmail.com

Description

grafana config was missing the sigv4_auth_enabled setting, so setting it in the operand did nothing.

Subsequently there are no updates to the GrafanaDataSource to actually use it, so without those, even with it enabled, its still effectively a no-op.

These fields allow grafana to use AWS sigv4 auth which is needed amongst other things to use the AWS managed prometheus service.

Relevant issues/tickets

#608

Type of change

• Bug fix (non-breaking change which fixes an issue)

Checklist

• This change requires a documentation update
• I have added tests that prove my fix is effective or that my feature works
• I have added a test case that will be used to verify my changes
• Verified independently on a cluster by reviewer

[NissesSenap]

Please run make api-docs to fix the CI

[NissesSenap]

So this PR does allot more then description and subject says.
Please update to match or maybe even to prefer to create separate PR:s.
One to fix the bug and one to add the new feature.

	// Fields for AWS Prometheus data sources
	SigV4Auth          bool   `json:"sigV4Auth,omitempty"`
	SigV4AuthType      string `json:"sigV4AuthType,omitempty"`
	SigV4ExternalId    string `json:"sigV4ExternalId,omitempty"`
	SigV4AssumeRoleArn string `json:"sigV4AssumeRoleArn,omitempty"`
	SigV4Region        string `json:"sigV4Region,omitempty"`
	SigV4Profile       string `json:"sigV4Profile,omitempty"`

I did a very quick google and couldn't find SigV4AuthType config in grafana.
Can you share a link that explains what the different configs does?
Are these configs only for AWS or do we have other platforms that we should consider?

[paulczar]

@NissesSenap SigV4AuthType is straight from the Grafana docs - https://grafana.com/docs/grafana/latest/administration/provisioning/

[paulczar]

@NissesSenap I've updated the PR description to provide details why I think the GrafanaDataSource commits also belong to this bugfix.

[NissesSenap]

@paulczar are you not missing

sigV4AccessKey | string | Elasticsearch and Prometheus | SigV4 access key. Required when using keys auth provider
sigV4SecretKey | string | Elasticsearch and Prometheus | SigV4 secret key. Required when using keys auth provider

I guess it should be stored in: https://github.com/grafana-operator/grafana-operator/blob/ac5c63a5866d95984cdf0b800e330daf9efa22cb/api/integreatly/v1alpha1/grafanadatasource_types.go#L189

Also create a example datasource file on how to use sigV4 and store it under: deploy/examples/datasources/
It will make it much easier for me to verify and it will make it easier for our users.

[paulczar]

@NissesSenap good catch! I missed them in another section and they weren't needed because I was using STS/pod-identity.

Added them in, and added the example datasource.

[hubeadmin]

@NissesSenap I think this is good, if you're happy with your re-review go ahead and approve ;)
Thanks @paulczar ! Nice work

[paulczar]

Thanks @HubertStefanski ! I'm already using these changes on some openshift clusters where I have federated cluster and user workload metrics to AWS Prometheus and cluster logging forwarded to CloudWatch with Grafana in the cluster providing dashboards and logs :)

[NissesSenap]

LGTM