Grafana machine charm is not handling boolean config for ldap

I’m configuring grafana with a yaml like this to connect it to the company LDAP:

cat grafana-config.yaml
  ldap_config_flags: "{start_tls: false}"

I’m then configuring grafana:

juju config grafana --file grafana-config.yaml

It all seems to be OK, but, in the resulting config on the grafana/0 unit:

juju ssh grafana/0 sudo cat /etc/grafana/ldap.toml
host = ""
port = 363
start_tls = "False"

Which causes an error for grafana since “False” is a string, where the value should be a false (boolean)

logger=ldap t=2022-05-24T17:35:22.34+0000 lvl=info msg="LDAP enabled, reading config file" file=/etc/grafana/ldap.toml
logger=context traceID=00000000000000000000000000000000 userId=0 orgId=0 uname= t=2022-05-24T17:35:22.34+0000 lvl=eror msg="Error while trying to authenticate user" error="Failed to get LDAP config: Failed to load LDAP config file: toml: cannot load TOML value of type string into a Go boolean" remote_addr= traceID=00000000000000000000000000000000

Clearly, this is an error which prevents me from deploying this with LDAP connection.

I’m following the docs from Deploy Grafana using Charmhub - The Open Operator Collection


Here is the Bug #1975622 “grafana machine charm is not handling boolean conf...” : Bugs : Grafana Charm

… and a related bug: Bug #1975625 “Config references REAME which doesn't exist” : Bugs : Grafana Charm

Hello @erik-lonroth,

Thank you for raising this bug. I’m working on a fix right now. There is a template where you could replace from lines 19 to 27 with the following:

{% if ldap_options -%}
{% for key, value in ldap_options.items() -%}
{% if key == 'group_search_base_dns' -%}
group_search_base_dns = ["{{ value }}"]
{% elif value is string -%}
{{ key }} = "{{ value }}"
{% else -%}
{{ key }} = {{ value }}
{% endif -%}
{% endfor -%}
{% endif -%}

Kind regards, -Alvaro.

1 Like

Cool! I’ll try out the fix as soon as I can.

Would it be possible to add a full example of a working example config for grafana that would achieve the setup with LDAP?

I can provide what I got once I have something working, but the docs are really missing a complete example.

Ideally, also some example how to use it with a haproxy would be neat since this would be a pattern that repeats alot and where a good example will take a user from 0 to goal much faster and improve the over all experience of juju itself.

Many thanx.