feat: add project

.gitignore

@@ -0,0 +1,37 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# dotenv environment variables file
+.env

LICENSE.md

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2022-present, KoLiBer
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,2 +1,65 @@
-# terraform-grafana-organization
-Terraform Grafana Organization Module
+# Terraform Grafana Organization
+
+![pipeline](https://github.com/cktf/terraform-grafana-organization/actions/workflows/cicd.yml/badge.svg)
+![release](https://img.shields.io/github/v/release/cktf/terraform-gitlab-organization?display_name=tag)
+![license](https://img.shields.io/github/license/cktf/terraform-gitlab-organization)
+
+**Organization** is a Terraform module useful for creating multiple teams, folders, dashboards, and datasources in **Grafana**
+
+## Installation
+
+Add the required configurations to your terraform config file and install module using command bellow:
+
+```bash
+terraform init
+```
+
+## Usage
+
+```hcl
+module "grafana" {
+  source = "cktf/organization/grafana"
+
+  name   = "MyOrg"
+  admin  = "[email protected]"
+  admins = ["admin@localhost"]
+
+  teams = {
+    backend = {
+      name  = "Backend"
+      email = "[email protected]"
+    }
+    frontend = {
+      name  = "Frontend"
+      email = "[email protected]"
+    }
+  }
+
+  folders = {
+    backend = {
+      title = "Backend"
+      permissions = {
+        backend = "team:backend:Admin"
+      }
+    }
+    frontend = {
+      title = "Frontend"
+      permissions = {
+        frontend = "team:frontend:Admin"
+      }
+    }
+  }
+}
+
+```
+
+## Contributing
+
+Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
+
+Please make sure to update tests as appropriate.
+
+## License
+
+This project is licensed under the [MIT](LICENSE.md).  
+Copyright (c) KoLiBer ([email protected])

dashboards.tf

@@ -0,0 +1,25 @@
+resource "grafana_dashboard" "this" {
+  for_each = var.dashboards
+
+  org_id      = local.org_id
+  config_json = each.value.json
+  folder      = try(grafana_folder.this[each.value.folder].id, null)
+  overwrite   = true
+}
+
+resource "grafana_dashboard_permission" "this" {
+  for_each = var.dashboards
+
+  org_id        = local.org_id
+  dashboard_uid = grafana_dashboard.this[each.key].uid
+
+  dynamic "permissions" {
+    for_each = each.value.permissions
+    content {
+      permission = split(":", permissions.value)[2]
+      role       = startswith(permissions.value, "role:") ? split(":", permissions.value)[1] : null
+      user_id    = startswith(permissions.value, "user:") ? split(":", permissions.value)[1] : null
+      team_id    = startswith(permissions.value, "team:") ? grafana_team.this[split(":", permissions.value)[1]].team_id : null
+    }
+  }
+}

datasources.tf

@@ -0,0 +1,34 @@
+resource "grafana_data_source" "this" {
+  for_each = var.datasources
+
+  org_id                   = local.org_id
+  name                     = each.value.name
+  type                     = each.value.type
+  url                      = each.value.url
+  is_default               = each.value.default
+  access_mode              = each.value.access_mode
+  username                 = each.value.username
+  database_name            = each.value.database_name
+  basic_auth_enabled       = each.value.basic_auth_enabled
+  basic_auth_username      = each.value.basic_auth_username
+  http_headers             = each.value.http_headers
+  json_data_encoded        = each.value.json
+  secure_json_data_encoded = each.value.secure_json
+}
+
+resource "grafana_data_source_permission" "this" {
+  for_each = var.datasources
+
+  org_id         = local.org_id
+  datasource_uid = grafana_data_source.this[each.key].uid
+
+  dynamic "permissions" {
+    for_each = each.value.permissions
+    content {
+      permission    = split(":", permissions.value)[2]
+      built_in_role = startswith(permissions.value, "role:") ? split(":", permissions.value)[1] : null
+      user_id       = startswith(permissions.value, "user:") ? split(":", permissions.value)[1] : null
+      team_id       = startswith(permissions.value, "team:") ? grafana_team.this[split(":", permissions.value)[1]].team_id : null
+    }
+  }
+}

folders.tf

@@ -0,0 +1,24 @@
+resource "grafana_folder" "this" {
+  for_each = var.folders
+
+  org_id                       = local.org_id
+  title                        = each.value.title
+  prevent_destroy_if_not_empty = true
+}
+
+resource "grafana_folder_permission" "this" {
+  for_each = var.folders
+
+  org_id     = local.org_id
+  folder_uid = grafana_folder.this[each.key].uid
+
+  dynamic "permissions" {
+    for_each = each.value.permissions
+    content {
+      permission = split(":", permissions.value)[2]
+      role       = startswith(permissions.value, "role:") ? split(":", permissions.value)[1] : null
+      user_id    = startswith(permissions.value, "user:") ? split(":", permissions.value)[1] : null
+      team_id    = startswith(permissions.value, "team:") ? grafana_team.this[split(":", permissions.value)[1]].team_id : null
+    }
+  }
+}

main.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.5.0"
+  required_providers {
+    grafana = {
+      source  = "grafana/grafana"
+      version = ">= 3.0.0"
+    }
+  }
+}

outputs.tf

@@ -0,0 +1,41 @@
+output "id" {
+  value       = local.org_id
+  sensitive   = false
+  description = "Organization ID"
+}
+
+output "teams" {
+  value       = { for key, val in grafana_team.this : key => val.team_id }
+  sensitive   = false
+  description = "Organization Teams"
+}
+
+output "datasources" {
+  value       = { for key, val in grafana_data_source.this : key => val.uid }
+  sensitive   = false
+  description = "Organization Datasources"
+}
+
+output "folders" {
+  value       = { for key, val in grafana_folder.this : key => val.uid }
+  sensitive   = false
+  description = "Organization Folders"
+}
+
+output "dashboards" {
+  value       = { for key, val in grafana_dashboard.this : key => val.uid }
+  sensitive   = false
+  description = "Organization Dashboards"
+}
+
+output "panels" {
+  value       = { for key, val in grafana_library_panel.this : key => val.id }
+  sensitive   = false
+  description = "Organization Panels"
+}
+
+output "playlists" {
+  value       = { for key, val in grafana_playlist.this : key => val.id }
+  sensitive   = false
+  description = "Organization Playlists"
+}

panels.tf

@@ -0,0 +1,8 @@
+resource "grafana_library_panel" "this" {
+  for_each = var.panels
+
+  org_id     = local.org_id
+  name       = each.value.name
+  model_json = each.value.json
+  folder_uid = try(grafana_folder.this[each.value.folder].id, null)
+}

playlists.tf

@@ -0,0 +1,17 @@
+resource "grafana_playlist" "this" {
+  for_each = var.playlists
+
+  org_id   = local.org_id
+  name     = each.value.name
+  interval = each.value.interval
+
+  dynamic "item" {
+    for_each = each.value.items
+    content {
+      title = item.value.title
+      order = item.value.order
+      value = item.value.value
+      type  = item.value.type
+    }
+  }
+}

root.tf

@@ -0,0 +1,14 @@
+resource "grafana_organization" "this" {
+  count = var.id == null ? 1 : 0
+
+  name                 = var.name
+  admin_user           = var.admin
+  admins               = var.admins
+  editors              = var.editors
+  viewers              = var.viewers
+  users_without_access = var.members
+}
+
+locals {
+  org_id = coalesce(var.id, grafana_organization.this[0].id)
+}

teams.tf

@@ -0,0 +1,8 @@
+resource "grafana_team" "this" {
+  for_each = var.teams
+
+  org_id                           = local.org_id
+  name                             = each.value.name
+  email                            = each.value.email
+  ignore_externally_synced_members = true
+}