diff --git a/internal/config/config.go b/internal/config/config.go index da874e5a..cf8a9b9f 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -2,6 +2,7 @@ package config import ( "encoding/json" + "errors" "fmt" "github.com/esnet/gdg/internal/tools" "github.com/thoas/go-funk" @@ -164,7 +165,7 @@ func (app *AppConfig) GetContextMap() map[string]interface{} { var ( configData *Configuration - configSearchPaths = []string{".", "../../config", "../config", "config", "/etc/gdg"} + configSearchPaths = []string{"config", ".", "../config", "../../config", "/etc/gdg"} ) // GetCloudConfiguration Returns storage type and configuration @@ -264,7 +265,8 @@ func InitConfig(override, defaultConfig string) { var err error configData.defaultConfig, configData.AppConfig, err = readViperConfig(appName, configDirs) - _, ok := err.(viper.ConfigFileNotFoundError) + var configFileNotFoundError viper.ConfigFileNotFoundError + ok := errors.As(err, &configFileNotFoundError) if err != nil && ok { log.Info("No configuration file has been found, creating a default configuration") diff --git a/website/content/en/docs/gdg/backup_guide.md b/website/content/en/docs/gdg/backup_guide.md new file mode 100644 index 00000000..8b3783b1 --- /dev/null +++ b/website/content/en/docs/gdg/backup_guide.md @@ -0,0 +1,187 @@ +--- +title: "Backup Commands Guide" +weight: 16 +--- + +Every namespace supporting CRUD operations has the functions: list, download, upload, clear operating on only the monitored folders. + + + +### Alert Notifications (DEPRECATED) + +This will stop working soon both as a concept in grafana and something that GDG will support. + +Allows you to manage alertnotifications (an) if you have any setup + +```sh +./bin/gdg backup an list -- Lists all alert notifications +./bin/gdg backup an download -- retrieve and save all alertnotifications from grafana +./bin/gdg backup an upload -- writes all local alert notifications to grafana +./bin/gdg backup an clear -- Deletes all alert notifications +``` + +### Connections +#### (was: DataSources) + +Note: Starting with 0.4.6 this was renamed to connections. + +Connections credentials are keyed by the name of the DataSource. See see [config example](https://github.com/esnet/gdg/blob/master/conf/importer-example.yml). If the connection JSON doesn't have auth enabled, the credentials are ignored. If Credentials are missing, we'll fall back on default credentials if any exist. The password is set as a value for basicAuthPassword in the API payload. +Datasources are imported or exported from _organization_ specified in configuration file otherwise current organization user is used. + + +All commands can use `connection` or `c` to manage datasources. (Legacy options of `datasource` and `ds` are also supported) + +```sh +./bin/gdg backup c list -- Lists all current connections +./bin/gdg backup c download -- Import all connections from grafana to local file system +./bin/gdg backup c upload -- Exports all dashboard from local filesystem (matching folder filter) to Grafana +./bin/gdg backup c clear -- Deletes all connections +``` + + +### Dashboards + +Dashboards are imported or exported from _organization_ specified in configuration file otherwise current organization user is used. + +All commands can use `dashboards` or `dash` to manage dashboards + +```sh +./bin/gdg backup dash list -- Lists all current dashboards +./bin/gdg backup dash download -- Import all dashboards from grafana to local file system +./bin/gdg backup dash upload -- Exports all dashboard from local filesystem (matching folder filter) to Grafana +./bin/gdg backup dash clear -- Deletes all dashboards +``` + +You can also use filtering options to list or import your dashboard by folder or by tags. + +```sh +./bin/gdg backup dash download -f myFolder +./bin/gdg backup dash download -t myTag +./bin/gdg backup dash download -t tagA -t tagB -t tagC +``` + + + +### Folders + +Mostly optional as Dashboards will create/delete these are needed but if there is additional metadata you wish to persist you can use this to manage them. + +```sh +./bin/gdg backup folders list -- Lists all current folders +./bin/gdg backup folders download -- Import all folders from grafana to local file system +./bin/gdg backup folders upload -- Exports all folders from local filesystem +./bin/gdg backup folders clear -- Deletes all folders +``` + +### Folder Permissions + +This CRUD allows you to import / export folder permissions. Initial release will be part of v0.4.4. There are a lot of nested relationship that go with this. + +Expectations: + - Users have to already exist. + - Teams (if used) need to already exist. + - Folders also need to already exist. + +The Folder Permissions will list, import and re-apply permissions. But the expectations is that all other entities are already there. Next few iteration will try to add more concurrency for +this tool and more error checking when entities that don't exist are being referenced. + +**NOTE:** Unlike other command, permissions does not have a `clear` function. Theoretically you could have a folder name with an emtpy array under folder-permissions to clear all known permissions to the folder, but otherwise +clearing permissions from all folders seems too destructive to really be a useful function. + +```sh +./bin/gdg backup folders list -- Lists all current folder permissions +./bin/gdg backup folders download -- Retrieve all folders permissions from Grafana +./bin/gdg backup folders upload -- Exports all folders from local filesystem +``` + +``` +┌───────────┬──────────────────────────────────────┬───────────────────────────────────────────────────────────────────────────────────┬─────────────┬────────────────────────────────┬────────┬─────────────────┐ +│ FOLDER ID │ FOLDERUID │ FOLDER NAME │ USERID │ TEAM NAME │ ROLE │ PERMISSION NAME │ +├───────────┼──────────────────────────────────────┼───────────────────────────────────────────────────────────────────────────────────┼─────────────┼────────────────────────────────┼────────┼─────────────────┤ +│ 2272 │ dfba969d-565b-481e-a930-53aa5684992c │ sub-flow │ │ │ │ │ +│ │ PERMISSION---> │ admin │ │ Admin │ +│ 520 │ GPmSOQNnk │ EngageMap (internal beta) │ │ │ │ │ +│ │ PERMISSION---> │ │ Admin │ Edit │ +│ │ PERMISSION---> │ │ Editor │ Edit │ +│ │ PERMISSION---> │ │ Viewer │ View │ +│ 2031 │ n3xS8TwVk │ Team CMS - US dumb dumb │ │ │ │ │ +│ │ PERMISSION---> │ │ authscope_team_cms │ │ Edit │ +│ 1746 │ pASPyoQVk │ Team DOE-IN-PNNL - DOE-IN Pacific Northwest National Laboratory │ │ │ │ │ +└──────────────────────────────────────────────────┴───────────────────────────────────────────────────────────────────────────────────┴─────────────┴────────────────────────────────┴────────┴─────────────────┘ +``` + +The listing includes the folder name, followed by several lines with "PERMISSION--->" which will each list a permission. It can a user being granted access or a team being granted a role etc. + + + +### Library Elements + +Library elements are components that can be shared among multiple dashboards. Folder matching will still be applied, so any folders not monitored will be ignored unless explicitly specified. If wildcard flag is enabled, all elements will be acted on irrelevant of folder location + +All commands can use `libraryelements` aliased to `library` and `lib` for laziness purposes. + +```sh +./bin/gdg backup lib list -- Lists all library components +./bin/gdg backup lib download -- Import all library components from grafana to local file system +./bin/gdg backup lib upload -- Exports all library components from local filesystem (matching folder filter) to Grafana +./bin/gdg backup lib clear -- Deletes all library components +./bin/gdg backup lib list-connections -- Will list all of the dashboards connected to the Lib Element (Coming in v0.4.2) +``` + + + +### Organizations +#### Auth: Requires Grafana Admin (Tokens not supported, Org Admins don't have access) +Command can use `organizations` or `org` to manage organizations. + +NOTE: this only manages top level of the orgs structure. It's mainly useful to maintain consistency. + +```sh +./bin/gdg backup org list -- Lists all organizations +./bin/gdg backup org upload -- Upload Orgs to grafana +./bin/gdg backup org download -- Download Orgs to grafana +``` + +### Teams + +{{< alert icon="👉" text="Admin team members are unable to be exported back. Currently all members except the server admin will be exported as regular members" />}} + +{{< alert icon="👉" text="Users need to be created before team export can succeed" />}} + +```sh +./bin/gdg backup team list -- Lists all known team members +./bin/gdg backup team download -- download all known team members +./bin/gdg backup team upload -- upload all known team members +./bin/gdg backup team clear -- Delete all known team except admin +``` + +{{< details "Team Listing" >}} +``` + +┌────┬───────────┬───────┬───────┬─────────┬─────────────┬──────────────┬───────────────────┐ +│ ID │ NAME │ EMAIL │ ORGID │ CREATED │ MEMBERCOUNT │ MEMBER LOGIN │ MEMBER PERMISSION │ +├────┼───────────┼───────┼───────┼─────────┼─────────────┼──────────────┼───────────────────┤ +│ 4 │ engineers │ │ 1 │ 2 │ │ │ │ +│ │ │ │ │ │ admin │ Admin │ │ +│ │ │ │ │ │ tux │ Member │ │ +│ 5 │ musicians │ │ 1 │ 1 │ │ │ │ +│ │ │ │ │ │ admin │ Admin │ │ +└────┴───────────┴───────┴───────┴─────────┴─────────────┴──────────────┴───────────────────┘ + +``` +{{< /details >}} + + +### Users + +Only supported with basic auth. Users is the only one where basic auth is given priority. API Auth is not supported, so will try to use basic auth if configured otherwise will warn the user and exit. + +NOTE: admin user is always ignored. + +```sh +./bin/gdg backup users list -- Lists all known users +./bin/gdg backup users download -- Lists all known users +./bin/gdg backup users upload -- Export all users (Not yet supported) +./bin/gdg backup users clear -- Delete all known users except admin +``` + diff --git a/website/content/en/docs/gdg/configuration.md b/website/content/en/docs/gdg/configuration.md index 0607366a..96f89ff8 100644 --- a/website/content/en/docs/gdg/configuration.md +++ b/website/content/en/docs/gdg/configuration.md @@ -10,7 +10,7 @@ This project requires Go to be installed. On OS X with Homebrew you can just run -make a copy of [conf/importer-example.yml](https://github.com/esnet/gdg/blob/master/conf/importer-example.yml) and name it `conf/importer.yml` You'll need GRAFANA ADMINISTRATIVE privileges to proceed. +make a copy of [config/importer-example.yml](https://github.com/esnet/gdg/blob/master/config/importer-example.yml) and name it `config/importer.yml` You'll need GRAFANA ADMINISTRATIVE privileges to proceed. ### Authentication diff --git a/website/content/en/docs/gdg/getting_started.md b/website/content/en/docs/gdg/getting_started.md new file mode 100644 index 00000000..c2953c46 --- /dev/null +++ b/website/content/en/docs/gdg/getting_started.md @@ -0,0 +1,99 @@ +--- +title: "Getting Started" +weight: 13 +--- + +### Setup new configuration + +You can create new context configuration using an interactive setup. +``` +$ ./bin/gdg ctx new mycontext +``` + +When creating a new context, you will be asked for authorization type, your default datasource and username/password, along with which folders you wish to manage under the context. You have three options: + +1. Default option ("General") +2. List of folders you wish to manage +3. Wildcard configuration (all folders) + +### Import / Download Dashboards + +Minimal configuration (eg. the `importer.yml` file) that you need to download your dashboards from your Grafana endpoint: +``` +context_name: all + +contexts: + all: + url: https://grafana.example.org + token: "<>" + # user_name: admin + # password: admin + output_path: exports + watched: + - Example + - Infrastructure + +global: + debug: true + ignore_ssl_errors: false +``` +You need to adjust three parts in the configuration in order to function: +- Grafana URL: This is just a URL where your Grafana is available. +- API Key OR Username / Passoword for Admin user. See [authentication](configuration.md) section if you need more information. +- Downloaded Folders: The `watched` field defines folders which will be considered for manipulation. You can see these folders in your Grafana Web UI, under Dashboards > Management. From there, you can simply define the folders you want to be downloaded in the `watched` list. The dashboards are downloaded as JSON files in the `$OUTPUT_PATH/dashboards/$GRAFANA_FOLDER_NAME` directory. Where `$OUTPUT_PATH` is the path defined in the `dashboard_output` configuration property and `$GRAFANA_FOLDER_NAME` the name of the folder from which the dashboards were downloaded + +After you are done, and you can execute `./bin/gdg dash list` successfully, eg.: +``` +$ ./bin/gdg dash list +time="2021-08-22T11:11:27+02:00" level=warning msg="Error getting organizations: HTTP error 403: returns {\"message\":\"Permission denied\"}" +time="2021-08-22T11:11:28+02:00" level=info msg="Listing dashboards for context: 'all'" +┌────┬───────────────────────────────────┬───────────────────────────────────┬────────────────┬────────────┬────────────────────────────────────────────────────────────────────────────┐ +│ ID │ TITLE │ SLUG │ FOLDER │ UID │ URL │ +├────┼───────────────────────────────────┼───────────────────────────────────┼────────────────┼────────────┼────────────────────────────────────────────────────────────────────────────┤ +│ 8 │ AWS CloudWatch Logs │ aws-cloudwatch-logs │ Infrastructure │ AWSLogs00 │ https://grafana.example.org/d/AWSLogs00/aws-cloudwatch-logs │ +│ 6 │ AWS ECS │ aws-ecs │ Infrastructure │ ly9Y95XWk │ https://grafana.example.org/d/ly9Y95XWk/aws-ecs │ +│ 5 │ AWS ELB Application Load Balancer │ aws-elb-application-load-balancer │ Infrastructure │ bt8qGKJZz │ https://grafana.example.org/d/bt8qGKJZz/aws-elb-application-load-balancer │ +│ 4 │ AWS RDS │ aws-rds │ Infrastructure │ kCDpC5uWk │ https://grafana.example.org/d/kCDpC5uWk/aws-rds │ +│ 3 │ AWS S3 │ aws-s3 │ Infrastructure │ AWSS31iWk │ https://grafana.example.org/d/AWSS31iWk/aws-s3 │ +│ 17 │ Cluster Autoscaling │ cluster-autoscaling │ Example │ iHUYtABMk │ https://grafana.example.org/d/iHUYtABMk/cluster-autoscaling │ +└────┴───────────────────────────────────┴───────────────────────────────────┴────────────────┴────────────┴────────────────────────────────────────────────────────────────────────────┘ +``` +After executing `./bin/gdg dash import` you can find the dashboards of the `Infrastructure` folder in the local directory `dashboards/dashboards/Infrastructure` and the dashboards of the `Example` directory in the local directory `dashboards/dashboards/Example`. + +### Export / Upload Dashboards + +Minimal configuration (eg. the `importer.yml` file) that you need to upload your dashboards from your Grafana endpoint: +``` +context_name: all + +contexts: + all: + url: https://grafana.example.org + token: "<>" + # user_name: admin + # password: admin + output_path: exports + watched: + - Example + - Infrastructure + +global: + debug: true + ignore_ssl_errors: false +``` +You need to adjust three parts in the configuration in order to function: +- Grafana URL: This is just a URL where your Grafana is available. +- API Key OR Username / Passoword for Admin user. See [authentication](configuration.md) section if you need more information. +- Uploaded Folders: The `watched` field defines folders which will be considered for manipulation. The dashboards should be stored as JSON files in the `$OUTPUT_PATH/dashboards/$GRAFANA_FOLDER_NAME` directory. Where `$OUTPUT_PATH` is the path defined in the `dashboard_output` configuration property and `$GRAFANA_FOLDER_NAME` the name of the folder to which the dashboards will be uploaded. In case of the above configuration file, the dashboards should be stored locally in the `dashboards/dashboards/Example` and `dashboards/dashboards/Infrastructure/` directories. + +``` +├── bin +| └── gdg +└── exports + └── dashboards + ├── Example + | └── cluster-scaling.json + └── Infrastructure + └── aws-ecs.json +``` +You can execute `./bin/gdg dash export` to upload the local dashboards to your Grafana. Afterwards, you can try running `./bin/gdg dash list` in order to confirm that your dashboards were uploaded successfully. diff --git a/website/content/en/docs/gdg/installation.md b/website/content/en/docs/gdg/installation.md index e1f0f6a2..b83467a7 100644 --- a/website/content/en/docs/gdg/installation.md +++ b/website/content/en/docs/gdg/installation.md @@ -65,6 +65,7 @@ You can verify the version by running `gdg version`. ## Configuration -You can then create a simple configuration using `gdg ctx new` which will do a best effort to guide to setup a basic config that will get you up and going or read the more detailed documentation that can be found [here](/gdg/docs/configuration/) +You can then create a simple configuration using `gdg ctx new` which will do a best effort to guide to setup a basic config that will get you up and going or read the more detailed documentation that can be found [here](/gdg/docs/gdg/configuration/) + **NOTE**: wizard doesn't currently support ALL features but it should help you get a head start. diff --git a/website/content/en/docs/gdg/other_commands.md b/website/content/en/docs/gdg/other_commands.md new file mode 100644 index 00000000..c058dacb --- /dev/null +++ b/website/content/en/docs/gdg/other_commands.md @@ -0,0 +1,39 @@ +--- +title: "Other Commands" +weight: 18 +--- + +These are miscellaneous commands that don't fit under any category. + +### Contexts + +Starting with version 0.1.4 contexts are now supported. Your config can contain one or multiple contexts which are essentially a grafana server configuration. + +ctx is shorthand for context and basic CRUD is supported which is mainly tooling to make it easier to avoid updating the yaml file manually + +```sh +./bin/gdg ctx list -- Lists all known contexts +./bin/gdg ctx show qa -- shows the configuration for the selected context +./bin/gdg ctx set production -- updates the active config and sets it to the request value. +./bin/gdg ctx delete qa -- Deletes the QA context +./bin/gdg ctx cp qa staging -- copies the qa context to staging and sets it as active +./bin/gdg ctx clear -- Will delete all active contexts leaving only a single example entry +``` + +### Version + +Print the applications release version + +```sh +./bin/gdg version +``` + + +``` +Build Date: 2022-05-05-13:27:08 +Git Commit: 34cc84b3d80080aa93e74ed37739bddc3638997c+CHANGES +Version: 0.1.11 +Go Version: go1.18 +OS / Arch: darwin amd64 + +``` diff --git a/website/content/en/docs/gdg/tools_guide.md b/website/content/en/docs/gdg/tools_guide.md new file mode 100644 index 00000000..b9e14bcc --- /dev/null +++ b/website/content/en/docs/gdg/tools_guide.md @@ -0,0 +1,132 @@ +--- +title: "Tools Guide" +weight: 17 +--- + +This guide focuses on the 'tools' subcommand. Every command that isn't specific to a CRUD operation falls under the tools command. + +There are a few utility functions that have been introduced that might be useful to the user, or is geared at managing the configuration, +switching contexts or Orgs for a given user and so on. + +### Authentication Management + +This is mainly added as a convenience mechanism. It was needed to support some testing and exposing the feature is useful as a really simple CLI to create tokens / service Keys. You probably should be using other tooling for managing all your service files and tokens. Unlike most other entities, this is not a backup feature as much as utility. + +There are two sub commands for auth, service-accounts and tokens (will be deprecated at some point). + +#### Token Management + + +```sh +./bin/gdg tools auth tokens list -- list current tokens (No access to the actual token secret) +./bin/gdg tools auth tokens new -- Create a new token. new [ttl in seconds, forever otherwise] +./bin/gdg tools auth tokens clear -- Deletes all tokens +``` + +{{< details "Token Listing" >}} +``` +┌────┬─────────┬───────┬───────────────┐ +│ ID │ NAME │ ROLE │ EXPIRATION │ +├────┼─────────┼───────┼───────────────┤ +│ 1 │ testing │ Admin │ No Expiration │ +└────┴─────────┴───────┴───────────────┘ +``` +{{< /details >}} + +Example of creating a new token. + +```sh +./bin/gdg auth tokens new foobar Admin 3600 +``` + +{{< details "New Token" >}} + +┌────┬────────┬─────────────────────────────────────────────────────────────┐ +│ ID │ NAME │ TOKEN │ +├────┼────────┼─────────────────────────────────────────────────────────────┤ +│ 2 │ foobar │ eyJrIjoiNzU2WVhiMEZpVWNlV3hWSUVZQTuIjoiZm9vYmFyIiwiaWQiOjF9 │ +└────┴────────┴─────────────────────────────────────────────────────────────┘ + +{{< /details >}} + + +#### Service Accounts + + +```sh +./bin/gdg tools auth svc clear delete all Service Accounts +./bin/gdg tools auth svc clearTokens delete all tokens for Service Account +./bin/gdg tools auth svc list list API Keys +./bin/gdg tools auth svc newService newService [ttl in seconds] +./bin/gdg tools auth svc newToken newToken [ttl in seconds] +``` + +```sh +./bin/gdg tools auth svc newService AwesomeSauceSvc admin +``` + +{{< details "New Service" >}} + +┌────┬─────────────────┬───────┐ +│ ID │ NAME │ ROLE │ +├────┼─────────────────┼───────┤ +│ 4 │ AwesomeSauceSvc │ Admin │ +└────┴─────────────────┴───────┘ +{{< /details >}} + +```sh +./bin/gdg tools auth svc newToken 4 AwesomeToken +``` + +{{< details "New Service" >}} + +┌───────────┬──────────┬──────────────┬────────────────────────────────────────────────┐ +│ SERVICEID │ TOKEN_ID │ NAME │ TOKEN │ +├───────────┼──────────┼──────────────┼────────────────────────────────────────────────┤ +│ 4 │ 3 │ AwesomeToken │ glsa_a14JOaGExOkDuJHjDWScXbxjTBIXScsw_39df7bf5 │ +└───────────┴──────────┴──────────────┴────────────────────────────────────────────────┘ +{{< /details >}} + +```sh +./bin/gdg tools auth svc list +``` + +{{< details "Service Listing" >}} + +┌────┬─────────────────┬───────┬────────┬──────────┬──────────────┬───────────────┐ +│ ID │ SERVICE NAME │ ROLE │ TOKENS │ TOKEN ID │ TOKEN NAME │ EXPIRATION │ +├────┼─────────────────┼───────┼────────┼──────────┼──────────────┼───────────────┤ +│ 4 │ AwesomeSauceSvc │ Admin │ 1 │ │ │ │ +│ │ │ │ │ 3 │ AwesomeToken │ No Expiration │ +└────┴─────────────────┴───────┴────────┴──────────┴──────────────┴───────────────┘ +{{< /details >}} + + +### Devel +Some developer helper utilities + + +```sh +./bin/gdg tools devel completion [bash|fish|powershell|zsh] -- Will generate autocompletion for GDG for your favorite shell +./bin/gdg tools devel srvinfo -- print grafana server info +``` + + +### Organizations +Command can use `organizations` or `org` to set the organizations in the configuration file. + +NOTE: this only manages top level of the orgs structure. Mainly used for a lazy man pattern. + +```sh +./bin/gdg tools org set -- Sets a given Org filter. All Dashboards and Datasources etc are uploaded to the given Org only. +``` + +### Users + +CRUD is under the 'backup' command. The tools allows you to promote a given user to a grafana admin if you have the permission to do so. + +NOTE: admin user is always ignored. + +```sh +./bin/gdg tools users promote -u user@foobar.com -- promotes the user to a grafana admin +```