Fixed Grafana role assignments (#21)

* changed provider registration

* added missing character

* removed orphaned code

* added assignee type for RBAC

* fixed assignee

* skipping default role assignment for Grafana

* disabled monitoring

* removed skip-roleassignments

* changed Azure login

* re-enabled az login and skip-role-assignments

* re-enabled workflow execution

Author: bindsi

.github/workflows/build-vm.yaml

@@ -156,10 +156,6 @@ jobs:
           --admin-password $adminPassword \
           --assign-identity $identity
 
-    - name: Install HCI Box
-      run: |
-        hciRPObjectId="$(az ad sp list --display-name "Microsoft.AzureStackHCI Resource Provider" | jq -r '.[].id')"
-        
     - name: Install provider extensions
       run: |
         az provider register -n "Microsoft.ExtendedLocation"

scripts/configure-azmon-grafana.sh

@@ -71,7 +71,7 @@ fi
 grafana=$(az grafana list --query "[?resourceGroup=='$resourceGroup']" -o json | jq -c '.[0]')
 if [ -z $(az grafana list --query "[?resourceGroup=='$resourceGroup'].name" -o tsv) ]; then
   echo "Creating Grafana resource in azure..."
-  grafana=$(az grafana create -n $grafanaName -g $resourceGroup | jq -c .)
+  grafana=$(az grafana create -n $grafanaName -g $resourceGroup --skip-role-assignments | jq -c .)
 else
   grafanaName=$(echo $grafana | jq -r .name)
   echo "Grafana resource ($grafanaName) found. Use existing..."
@@ -80,6 +80,7 @@ fi
 grafanaIdentity=$(echo $grafana | jq -r '.identity.principalId')
 echo "Grafana identity: $grafanaIdentity"
 az role assignment create --assignee $grafanaIdentity --role "Monitoring Data Reader" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
+az role assignment create --assignee $grafanaIdentity --role "Monitoring Reader" --scope /subscriptions/$subscriptionId/resourceGroups/$resourceGroup
 
 if [[ -z $(az grafana data-source show -n $grafanaName --data-source "Azure Managed Prometheus-1" 2>/dev/null | jq .name) ]]; then
   echo "Adding prometheus data source to Grafana..."