catalog / docker.io/grafana/grafana / criteria

grafana — validation criteria

Per-image acceptance criteria for the docker.io/grafana/grafana profile. Validated against …@sha256:5dad0df… (tag 13.0.2), derived by drop-test. grafana already runs cap_drop: ALL in the reference deployment, so there is no capability reduction to derive — this profile covers the filesystem dimension.

Representative workload / correctness check

profiles/workloads/grafana.sh drives real function under --read-only, not liveness: - /api/health reports the database is "ok"; - create a dashboard and read it back — a real sqlite write on the data volume; - add a Loki datasource and hit its plugin health endpoint — a running backend (go-plugin) returns a JSON verdict with a status field even when the target Loki is unreachable; a backend that failed to start does not.

capabilities — derived by drop-test

filesystem — derived by drop-test

Scope — when to add tmpfs: [/tmp] (confidence: moderate)

grafana's feature surface is large and this workload cannot exercise all of it, so the minimum is the core + datasource-querying floor. A writable /tmp is required by features not covered here — verified as real read-only-fs errors at boot without it: - runtime plugin installation — grafana's background installer downloads bundled app plugins (e.g. pyroscope, exploretraces) to /tmp at startup; - the elasticsearch datasource plugin (writes /tmp during init); - image rendering (the renderer plugin) and CSV / report export. A deployment that installs plugins at runtime or uses those features should add tmpfs: [/tmp] — which is cheap and what the reference compose does conservatively. Core dashboards + prometheus/Loki datasource querying do not need it.

Scope (run_config + out-of-band conditions)