Allow customisation of grafana helm values for teams

[mcalr3]

By default, we cannot override the helm values (in the same way as rawValues in team-admin) for team level apps.

A use case for this is adding plugins to the plugins array in the grafana helm chart.

As a workaround, we have had to disable the monitoring stack for each team from otomi, and deploy it manually via an argoCD app. This allows us to override helm values such as the plugins in grafana. It allows us also to add additional datasources and make use of the envFrom helper in the helm chart. If we were to deploy configMaps separately for additional datasources, there's no way to hide the secrets from git (other than using a pipeline to decrypt them via SOPS). We are aware of the limitations of this workaround such as no automatic updating of changed keycloak clientsecret etc.

Is it possible to add the rawValues override for team level apps (such as prometheus stack) easily, or will this require additional values schemas to be added for each chart to validate them?

[j-zimnowoda]

Hi @mcalr3. We are going to consider your proposal. For time being, you could use SealedSecrets to store passwords securely in git. In the ArgoApp you could reference the secret name. Would that solve the secrets issue?