feature: update perses to include rbac

Signed-off-by: Gabriel Bernal <gbernal@redhat.com>

Author: PeterYurkovich

Makefile

@@ -60,7 +60,7 @@ generate-prom-operator-crds: $(CONTROLLER_GEN)
 .PHONY: generate-perses-op-crds
 generate-perses-op-crds: $(CONTROLLER_GEN)
 	$(CONTROLLER_GEN) crd \
-		paths=github.com/perses/perses-operator/api/... \
+		paths=github.com/rhobs/perses-operator/api/... \
 		output:dir=. \
 		output:crd:dir=./deploy/perses/crds
 

bundle/manifests/observability-operator.clusterserviceversion.yaml

@@ -42,7 +42,7 @@ metadata:
     categories: Monitoring
     certified: "false"
     containerImage: observability-operator:1.2.0
-    createdAt: "2025-05-30T13:08:57Z"
+    createdAt: "2025-06-13T09:25:15Z"
     description: A Go based Kubernetes operator to setup and manage highly available
       Monitoring Stack using Prometheus, Alertmanager and Thanos Querier.
     operatorframework.io/cluster-monitoring: "true"
@@ -923,7 +923,7 @@ spec:
                 - --images=alertmanager=quay.io/prometheus/alertmanager:v0.26.0
                 - --images=prometheus=quay.io/prometheus/prometheus:v2.49.1
                 - --images=thanos=quay.io/thanos/thanos:v0.33.0
-                - --images=perses=quay.io/persesdev/perses:v0.50.3
+                - --images=perses=quay.io/openshift-observability-ui/perses:v0.51-go-1.23
                 env:
                 - name: NAMESPACE
                   valueFrom:
@@ -1000,7 +1000,7 @@ spec:
                         operator: Exists
                     weight: 1
               containers:
-              - image: quay.io/persesdev/perses-operator:v0.1.12
+              - image: quay.io/openshift-observability-ui/perses-operator:v0.2-go-1.23
                 livenessProbe:
                   httpGet:
                     path: /healthz

bundle/manifests/perses-auth-delegator_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,18 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: perses-auth-delegator
+rules:
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+- apiGroups:
+  - authorization.k8s.io
+  resources:
+  - subjectaccessreviews
+  verbs:
+  - create

bundle/manifests/perses.dev_perses.yaml

@@ -12,6 +12,8 @@ spec:
     kind: PersesDashboard
     listKind: PersesDashboardList
     plural: persesdashboards
+    shortNames:
+    - perdb
     singular: persesdashboard
   scope: Namespaced
   versions:

bundle/manifests/perses.dev_persesdashboards.yaml

@@ -12,6 +12,8 @@ spec:
     kind: PersesDatasource
     listKind: PersesDatasourceList
     plural: persesdatasources
+    shortNames:
+    - perds
     singular: persesdatasource
   scope: Namespaced
   versions:
@@ -41,6 +43,96 @@ spec:
             properties:
               client:
                 properties:
+                  basicAuth:
+                    description: BasicAuth basic auth config for perses client
+                    properties:
+                      name:
+                        description: Name of basic auth k8s resource (when type is
+                          secret or configmap)
+                        type: string
+                      namespace:
+                        description: Namsespace of certificate k8s resource (when
+                          type is secret or configmap)
+                        type: string
+                      password_path:
+                        description: Path to password
+                        type: string
+                      type:
+                        description: Type source type of secret
+                        enum:
+                        - secret
+                        - configmap
+                        - file
+                        type: string
+                      username:
+                        description: Username for basic auth
+                        type: string
+                    required:
+                    - password_path
+                    - type
+                    - username
+                    type: object
+                  kubernetesAuth:
+                    description: KubernetesAuth configuration for perses client
+                    properties:
+                      enable:
+                        description: Enable kubernetes auth for perses client
+                        type: boolean
+                    required:
+                    - enable
+                    type: object
+                  oauth:
+                    description: OAuth configuration for perses client
+                    properties:
+                      authStyle:
+                        description: |-
+                          AuthStyle optionally specifies how the endpoint wants the
+                          client ID & client secret sent. The zero value means to
+                          auto-detect.
+                        type: integer
+                      clientIDPath:
+                        description: Path to client id
+                        type: string
+                      clientSecretPath:
+                        description: Path to client secret
+                        type: string
+                      endpointParams:
+                        additionalProperties:
+                          items:
+                            type: string
+                          type: array
+                        description: EndpointParams specifies additional parameters
+                          for requests to the token endpoint.
+                        type: object
+                      name:
+                        description: Name of basic auth k8s resource (when type is
+                          secret or configmap)
+                        type: string
+                      namespace:
+                        description: Namsespace of certificate k8s resource (when
+                          type is secret or configmap)
+                        type: string
+                      scopes:
+                        description: Scope specifies optional requested permissions.
+                        items:
+                          type: string
+                        type: array
+                      tokenURL:
+                        description: |-
+                          TokenURL is the resource server's token endpoint
+                          URL. This is a constant specific to each server.
+                        type: string
+                      type:
+                        description: Type source type of secret
+                        enum:
+                        - secret
+                        - configmap
+                        - file
+                        type: string
+                    required:
+                    - tokenURL
+                    - type
+                    type: object
                   tls:
                     description: TLS the equivalent to the tls_config for perses client
                     properties:
@@ -51,14 +143,18 @@ spec:
                             description: Path to Certificate
                             type: string
                           name:
-                            description: Name of certificate k8s resource (when type
+                            description: Name of basic auth k8s resource (when type
                               is secret or configmap)
                             type: string
+                          namespace:
+                            description: Namsespace of certificate k8s resource (when
+                              type is secret or configmap)
+                            type: string
                           privateKeyPath:
                             description: Path to Private key certificate
                             type: string
                           type:
-                            description: Type source type of certificate
+                            description: Type source type of secret
                             enum:
                             - secret
                             - configmap
@@ -81,14 +177,18 @@ spec:
                             description: Path to Certificate
                             type: string
                           name:
-                            description: Name of certificate k8s resource (when type
+                            description: Name of basic auth k8s resource (when type
                               is secret or configmap)
                             type: string
+                          namespace:
+                            description: Namsespace of certificate k8s resource (when
+                              type is secret or configmap)
+                            type: string
                           privateKeyPath:
                             description: Path to Private key certificate
                             type: string
                           type:
-                            description: Type source type of certificate
+                            description: Type source type of secret
                             enum:
                             - secret
                             - configmap

bundle/manifests/perses.dev_persesdatasources.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: perses
+  name: perses
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: perses-auth-delegator
+subjects:
+- kind: ServiceAccount
+  name: perses

bundle/manifests/perses_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  creationTimestamp: null
+  name: perses

bundle/manifests/perses_v1_serviceaccount.yaml

@@ -50,7 +50,7 @@ var defaultImages = map[string]string{
 	"health-analyzer":            "quay.io/openshiftanalytics/cluster-health-analyzer:v0.5.0",
 	"ui-monitoring-pf5":          "quay.io/openshift-observability-ui/monitoring-console-plugin:v0.4.0",
 	"ui-monitoring":              "quay.io/openshift-observability-ui/monitoring-console-plugin:v0.5.0",
-	"perses":                     "quay.io/persesdev/perses:v0.50.3",
+	"perses":                     "quay.io/openshift-observability-ui/perses:v0.51-go-1.23",
 }
 
 func imagesUsed() []string {

cmd/operator/main.go

@@ -41,7 +41,7 @@ patches:
 - patch: |-
     - op: add
       path: /spec/template/spec/containers/0/args/-
-      value: --images=perses=quay.io/persesdev/perses:v0.50.3
+      value: --images=perses=quay.io/openshift-observability-ui/perses:v0.51-go-1.23
   target:
     group: apps
     kind: Deployment