fix(prom): Only use oidc once and delete github auth

values/prometheus/values/prometheus.yaml.gotmpl

@@ -135,32 +135,34 @@ grafana:
       allow_sign_up: true
       role_attribute_strict: false
       allow_assign_grafana_admin: true
-    {{- else if eq .provider "github" }}
+    #{{- else if eq .provider "github" }}
-    auth.{{ .provider }}:
+    #auth.{{ .provider }}:
-      name: {{ .name }}
+    #  name: {{ .name }}
-      enabled: true
+    #  enabled: true
-      client_id: $__file{/etc/secrets/oauth/{{ .name }}/client_id}
+    #  client_id: $__file{/etc/secrets/oauth/{{ .name }}/client_id}
-      client_secret: $__file{/etc/secrets/oauth/{{ .name }}/client_secret}
+    #  client_secret: $__file{/etc/secrets/oauth/{{ .name }}/client_secret}
-      allowed_organizations: {{ .allowed_organizations }}
+    #  allowed_organizations: {{ .allowed_organizations }}
-      {{- if .allowed_teams }}
+    #  {{- if .allowed_teams }}
-      allowed_teams: "{{ .allowed_teams }}"
+    #  allowed_teams: "{{ .allowed_teams }}"
-      {{- end }}
+    #  {{- end }}
-      scopes: user:email,read:org
+    #  scopes: user:email,read:org
-      auth_url: https://github.com/login/oauth/authorize
+    #  auth_url: https://github.com/login/oauth/authorize
-      token_url: https://github.com/login/oauth/access_token
+    #  token_url: https://github.com/login/oauth/access_token
-      allow_sign_up: true
+    #  allow_sign_up: true
-      role_attribute_strict: false
+    #  role_attribute_strict: false
-      allow_assign_grafana_admin: true
+    #  allow_assign_grafana_admin: true
     {{- end }}
     {{- end }}
   extraSecretMounts:
   {{- range .Values.clusterConfig.oidc }}
+  {{- if eq .group "analytics" }}
   - name: {{ .name }}
     secretName: {{ .secret_ref.name }}
     defaultMode: 0440
     mountPath: /etc/secrets/oauth/{{ .name }}
     readOnly: true
   {{- end }}
+  {{- end }}
 
   {{- if .Values.prometheus.grafana.persistence }}
   persistence: