diff --git a/services/monitoring/grafana-user-dedupe-job.yaml b/services/monitoring/grafana-user-dedupe-job.yaml new file mode 100644 index 0000000..b633a19 --- /dev/null +++ b/services/monitoring/grafana-user-dedupe-job.yaml @@ -0,0 +1,51 @@ +# services/monitoring/grafana-user-dedupe-job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: grafana-user-dedupe + namespace: monitoring +spec: + backoffLimit: 1 + template: + spec: + restartPolicy: Never + containers: + - name: dedupe + image: alpine:3.20 + command: + - /bin/sh + - -c + args: + - | + set -euo pipefail + apk add --no-cache sqlite + db="/var/lib/grafana/grafana.db" + if [ ! -f "$db" ]; then + echo "grafana db not found at $db" + exit 1 + fi + if [ -z "${GRAFANA_DEDUPE_EMAILS}" ]; then + echo "GRAFANA_DEDUPE_EMAILS is required" + exit 1 + fi + for email in $(echo "${GRAFANA_DEDUPE_EMAILS}" | tr ',' ' '); do + ids="$(sqlite3 "$db" "select id from user where email = '${email}';")" + if [ -z "$ids" ]; then + echo "no grafana user found for ${email}" + continue + fi + echo "deleting grafana users with ids: ${ids}" + sqlite3 "$db" "delete from user_auth where user_id in (${ids});" + sqlite3 "$db" "delete from user where id in (${ids});" + done + echo "done" + env: + - name: GRAFANA_DEDUPE_EMAILS + value: brad.stein@gmail.com,brad@bstein.dev + volumeMounts: + - name: grafana-storage + mountPath: /var/lib/grafana + volumes: + - name: grafana-storage + persistentVolumeClaim: + claimName: grafana diff --git a/services/monitoring/kustomization.yaml b/services/monitoring/kustomization.yaml index 7d0b01b..86ab826 100644 --- a/services/monitoring/kustomization.yaml +++ b/services/monitoring/kustomization.yaml @@ -24,6 +24,7 @@ resources: - grafana-folders.yaml - helmrelease.yaml - grafana-org-bootstrap.yaml + - grafana-user-dedupe-job.yaml configMapGenerator: - name: postmark-exporter-script