grafana: Allow user lookups by email (#1491) Fix for this error: Logs: logger=user.sync t=2024-07-03T13:21:38.811238068Z level=error msg="Failed to create user" error="user already exists" auth_module=oauth_generic_oauth auth_id=c783731b-55bc-44db-acc3-263924027437 This stopped working in >10.1.0 and prevents Grafana from finding existing users by their email when configured to use Keycloak SSO. https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/#enable-email-lookup

commit: 27022ca718da92926526454fd0b5af2193e86c52 [log] [tgz]
author: Giovanni Tirloni <giovanni.tirloni@vexxhost.com> Thu Jul 04 18:24:19 2024 -0300
committer: GitHub <noreply@github.com> Thu Jul 04 21:24:19 2024 +0000
tree: cb224d68fdc466849f1767cf97dc1c5ac86131e8
parent: bdb0fb17c3723e765154b10de23e277d513ea09a [diff]
diff --git a/roles/kube_prometheus_stack/vars/main.yml b/roles/kube_prometheus_stack/vars/main.yml
index b32069a..4a3d030 100644
--- a/roles/kube_prometheus_stack/vars/main.yml
+++ b/roles/kube_prometheus_stack/vars/main.yml

@@ -153,6 +153,7 @@
       server:
         root_url: https://{{ kube_prometheus_stack_grafana_host }}
       auth:
+        oauth_allow_insecure_email_lookup: true
         oauth_skip_org_role_update_sync: false
         disable_login_form: true
         signout_redirect_url: "{{ kube_prometheus_stack_keycloak_server_url }}/realms/{{ kube_prometheus_stack_keycloak_realm }}/protocol/openid-connect/logout?post_logout_redirect_uri=https://{{ kube_prometheus_stack_grafana_host }}/login"
commit	27022ca718da92926526454fd0b5af2193e86c52	[log] [tgz]
author	Giovanni Tirloni <giovanni.tirloni@vexxhost.com>	Thu Jul 04 18:24:19 2024 -0300
committer	GitHub <noreply@github.com>	Thu Jul 04 21:24:19 2024 +0000
tree	cb224d68fdc466849f1767cf97dc1c5ac86131e8
parent	bdb0fb17c3723e765154b10de23e277d513ea09a [diff]