Merge pull request #54 from tumido/use-showcase

feat: switch to Showcase as default image
janus-idp · May 22, 2023 · ef75255 · ef75255
2 parents 87ee0da + d7fbc98
commit ef75255
Show file tree

Hide file tree

Showing 6 changed files with 179 additions and 26 deletions.
diff --git a/charts/backstage/Chart.lock b/charts/backstage/Chart.lock
@@ -1,9 +1,9 @@
 dependencies:
 - name: common
   repository: https://charts.bitnami.com/bitnami
-  version: 2.2.5
+  version: 2.4.0
 - name: backstage
   repository: https://backstage.github.io/charts
-  version: 0.22.3
-digest: sha256:34bc49e9edf6bdf26eae23e40fc6f62a8c2fe0c41f8573e55531f169b7b19d35
-generated: "2023-05-09T15:09:31.191794+02:00"
+  version: 1.0.0
+digest: sha256:73bf762f0c02f16479314fcffeafbf683f2fc758ac2aea5113a98b6618fb0b15
+generated: "2023-05-19T17:08:32.733557+02:00"
diff --git a/charts/backstage/Chart.yaml b/charts/backstage/Chart.yaml
@@ -7,7 +7,7 @@ annotations:
     - name: Chart Source
       url: https://github.com/janus-idp/helm-backstage
     - name: Default Image Source
-      url: https://github.com/janus-idp/redhat-backstage-build
+      url: https://github.com/janus-idp/backstage-showcase
   charts.openshift.io/name: Backstage
   charts.openshift.io/provider: Janus-IDP
   charts.openshift.io/supportURL: https://github.com/janus-idp/helm-backstage/issues
@@ -21,7 +21,7 @@ dependencies:
     version: 2.x.x
   - name: backstage
     repository: https://backstage.github.io/charts
-    version: ">=0.22.3"
+    version: "1.x.x"
     alias: upstream
 home: https://janus-idp.io
 icon: https://avatars.githubusercontent.com/u/117844786
@@ -37,9 +37,9 @@ name: backstage
 type: application
 sources:
 - https://github.com/janus-idp/helm-backstage
-- https://github.com/janus-idp/redhat-backstage-build
+- https://github.com/janus-idp/backstage-showcase
 
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.4
+version: 2.0.0
diff --git a/charts/backstage/README.md b/charts/backstage/README.md
@@ -2,7 +2,7 @@
 # Janus-IDP Backstage Helm Chart
 
 [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/janus-idp&style=flat-square)](https://artifacthub.io/packages/search?repo=janus-idp)
-![Version: 1.0.4](https://img.shields.io/badge/Version-1.0.4-informational?style=flat-square)
+![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square)
 ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 A Helm chart for deploying a Backstage application
@@ -18,7 +18,7 @@ A Helm chart for deploying a Backstage application
 ## Source Code
 
 * <https://github.com/janus-idp/helm-backstage>
-* <https://github.com/janus-idp/redhat-backstage-build>
+* <https://github.com/janus-idp/backstage-showcase>
 
 ---
 
@@ -68,7 +68,31 @@ The following command can be used to add the chart repository:
 helm repo add janus-idp https://janus-idp.github.io/helm-backstage
 ```
 
-Once the chart has been added, install one of the available charts:
+Once the chart has been added, install this chart. However before doing so, please review the default `values.yaml` and adjust as needed.
+
+- To get proper connection between frontend and backend of Backstage please update the `apps.example.com` to match your cluster host:
+
+   ```yaml
+   upstream:
+     backstage:
+       appConfig:
+         app:
+           baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
+         backend:
+           baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
+           cors:
+             origin: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
+   ```
+
+- If your cluster doesn't provide PVCs, you should disable PostgreSQL persistence via:
+
+   ```yaml
+   upstream:
+     postgresql:
+       primary:
+         persistence:
+           enabled: false
+   ```
 
 ```console
 helm upgrade -i <release_name> janus-idp/backstage
@@ -102,38 +126,61 @@ Kubernetes: `>= 1.19.0-0`
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://backstage.github.io/charts | upstream(backstage) | >=0.22.3 |
+| https://backstage.github.io/charts | upstream(backstage) | 1.x.x |
 | https://charts.bitnami.com/bitnami | common | 2.x.x |
 
 ## Values
 
 | Key | Description | Type | Default |
 |-----|-------------|------|---------|
-| route | OpenShift Route parameters | object | `{"annotations":{},"enabled":false,"host":"","path":"/","tls":{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":false,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"},"wildcardPolicy":"None"}` |
+| route | OpenShift Route parameters | object | `{"annotations":{},"enabled":true,"host":"","path":"/","tls":{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":true,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"},"wildcardPolicy":"None"}` |
 | route.annotations | Route specific annotations | object | `{}` |
-| route.enabled | Enable the creation of the route resource | bool | `false` |
+| route.enabled | Enable the creation of the route resource | bool | `true` |
 | route.host | Set the host attribute to a custom value. If not set, OpenShift will generate it, please make sure to match your baseUrl | string | `""` |
 | route.path | Path that the router watches for, to route traffic for to the service. | string | `"/"` |
-| route.tls | Route TLS parameters <br /> Ref: https://docs.openshift.com/container-platform/4.9/networking/routes/secured-routes.html | object | `{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":false,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"}` |
+| route.tls | Route TLS parameters <br /> Ref: https://docs.openshift.com/container-platform/4.9/networking/routes/secured-routes.html | object | `{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":true,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"}` |
 | route.tls.caCertificate | Cert authority certificate contents. Optional | string | `""` |
 | route.tls.certificate | Certificate contents | string | `""` |
 | route.tls.destinationCACertificate | Contents of the ca certificate of the final destination. <br /> When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. | string | `""` |
-| route.tls.enabled | Enable TLS configuration for the host defined at `route.host` parameter | bool | `false` |
+| route.tls.enabled | Enable TLS configuration for the host defined at `route.host` parameter | bool | `true` |
 | route.tls.insecureEdgeTerminationPolicy | Indicates the desired behavior for insecure connections to a route. <br /> While each router may make its own decisions on which ports to expose, this is normally port 80. The only valid values are None, Redirect, or empty for disabled. | string | `"Redirect"` |
 | route.tls.key | Key file contents | string | `""` |
 | route.tls.termination | Specify TLS termination. | string | `"edge"` |
 | route.wildcardPolicy | Wildcard policy if any for the route. Currently only 'Subdomain' or 'None' is allowed. | string | `"None"` |
 | upstream | Upstream Backstage [chart configuration](https://github.com/backstage/charts/blob/main/charts/backstage/values.yaml) | object | Use Openshift compatible settings |
 
+## Opinionated Backstage deployment
+
+This chart defaults to an opinionated deployment of Backstage that provides user with a usable Backstage instance out of the box.
+
+Features enabled by the default chart configuration:
+
+1. Uses [janus-idp/backstage-showcase](https://github.com/janus-idp/backstage-showcase/) that pre-loads a lot of useful plugins and features
+2. Exposes a `Route` for easy access to the instance
+3. Enables OpenShift-compatible PostgreSQL database storage
+
+For additional instance features please consuls [documentation for `janus-idp/backstage-showcase`](https://github.com/janus-idp/backstage-showcase/).
+
+Additional features can be enabled by extending the default configuration at:
+
+```yaml
+upstream:
+  backstage:
+    appConfig:
+      # Inline app-config.yaml for the instance
+    extraEnvVars:
+      # Additional environment variables
+```
+
 ## Features
 
-This charts defaults to using the Janus-IDP built image for backstage that is OpenShift compatible:
+This charts defaults to using the Janus-IDP Backstage Showcase image that is OpenShift compatible:
 
 ```
-quay.io/janus-idp/redhat-backstage-build:latest
+quay.io/janus-idp/backstage-showcase:latest
 ```
 
-Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features.
+Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features:
 
 ### OpenShift Routes
 

diff --git a/charts/backstage/README.md.gotmpl b/charts/backstage/README.md.gotmpl
@@ -62,7 +62,31 @@ The following command can be used to add the chart repository:
 helm repo add janus-idp https://janus-idp.github.io/helm-backstage
 ```
 
-Once the chart has been added, install one of the available charts:
+Once the chart has been added, install this chart. However before doing so, please review the default `values.yaml` and adjust as needed.
+
+- To get proper connection between frontend and backend of Backstage please update the `apps.example.com` to match your cluster host:
+
+   ```yaml
+   upstream:
+     backstage:
+       appConfig:
+         app:
+           baseUrl: 'https://{{"{{"}}- print .Release.Name "-" .Release.Namespace -{{"}}"}}.apps.example.com'
+         backend:
+           baseUrl: 'https://{{"{{"}}- print .Release.Name "-" .Release.Namespace -{{"}}"}}.apps.example.com'
+           cors:
+             origin: 'https://{{"{{"}}- print .Release.Name "-" .Release.Namespace -{{"}}"}}.apps.example.com'
+   ```
+
+- If your cluster doesn't provide PVCs, you should disable PostgreSQL persistence via:
+
+   ```yaml
+   upstream:
+     postgresql:
+       primary:
+         persistence:
+           enabled: false
+   ```
 
 ```console
 helm upgrade -i <release_name> janus-idp/backstage
@@ -94,15 +118,38 @@ The command removes all the Kubernetes components associated with the chart and
 
 {{ template "chart.valuesSection" . }}
 
+## Opinionated Backstage deployment
+
+This chart defaults to an opinionated deployment of Backstage that provides user with a usable Backstage instance out of the box.
+
+Features enabled by the default chart configuration:
+
+1. Uses [janus-idp/backstage-showcase](https://github.com/janus-idp/backstage-showcase/) that pre-loads a lot of useful plugins and features
+2. Exposes a `Route` for easy access to the instance
+3. Enables OpenShift-compatible PostgreSQL database storage
+
+For additional instance features please consuls [documentation for `janus-idp/backstage-showcase`](https://github.com/janus-idp/backstage-showcase/).
+
+Additional features can be enabled by extending the default configuration at:
+
+```yaml
+upstream:
+  backstage:
+    appConfig:
+      # Inline app-config.yaml for the instance
+    extraEnvVars:
+      # Additional environment variables
+```
+
 ## Features
 
-This charts defaults to using the Janus-IDP built image for backstage that is OpenShift compatible:
+This charts defaults to using the Janus-IDP Backstage Showcase image that is OpenShift compatible:
 
 ```
-quay.io/janus-idp/redhat-backstage-build:latest
+quay.io/janus-idp/backstage-showcase:latest
 ```
 
-Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features.
+Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features:
 
 ### OpenShift Routes
 

diff --git a/charts/backstage/ci/default-values.yaml b/charts/backstage/ci/default-values.yaml
@@ -0,0 +1,8 @@
+# Workaround for kind cluster in CI which has no Routes and no PVCs
+route:
+  enabled: false
+upstream:
+  postgresql:
+    primary:
+      persistence:
+        enabled: false
diff --git a/charts/backstage/values.yaml b/charts/backstage/values.yaml
@@ -4,8 +4,59 @@ upstream:
   backstage:
     image:
       registry: quay.io
-      repository: janus-idp/redhat-backstage-build
+      repository: janus-idp/backstage-showcase
       tag: latest
+    command: []
+    # FIXME (tumido): USE POSTGRES_PASSWORD and POSTGRES_USER instead of POSTGRES_ADMIN_PASSWORD
+    # This is a hack. In {fedora,rhel}/postgresql images, regular user is forbidden
+    # from creating DBs in runtime. A single DB can be created ahead of time via
+    # POSTGRESQL_DATABASE env variable (in this case via
+    # upstream.postgresql.primary.extraEnvVars value), but this doesn't allow us to
+    # create multiple DBs. Since Backstage requires by default 5 different DBs, we
+    # can't accommodate that properly.
+    appConfig:
+      app:
+        # Please update to match host.
+        baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
+      backend:
+        baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
+        cors:
+          origin: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
+        database:
+          connection:
+            password: ${POSTGRESQL_ADMIN_PASSWORD}
+            user: postgres
+    extraEnvVars:
+    - name: POSTGRESQL_ADMIN_PASSWORD
+      valueFrom:
+        secretKeyRef:
+          key: postgres-password
+          name: "{{ .Release.Name }}-postgresql"
+
+  postgresql:
+    enabled: true
+    postgresqlDataDir: /var/lib/pgsql/data/userdata
+    image:
+      registry: quay.io
+      repository: fedora/postgresql-15
+      tag: latest
+    primary:
+      securityContext:
+        enabled: false
+      podSecurityContext:
+        enabled: false
+      containerSecurityContext:
+        enabled: false
+      persistence:
+        enabled: true
+        size: 1Gi
+        mountPath: /var/lib/pgsql/data
+      extraEnvVars:
+      - name: POSTGRESQL_ADMIN_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            key: postgres-password
+            name: "{{ .Release.Name }}-postgresql"
 
 
 # -- OpenShift Route parameters
@@ -15,7 +66,7 @@ route:
   annotations: {}
 
   # -- Enable the creation of the route resource
-  enabled: false
+  enabled: true
 
   # -- Set the host attribute to a custom value. If not set, OpenShift will generate it, please make sure to match your baseUrl
   host: ""
@@ -31,7 +82,7 @@ route:
   tls:
 
     # -- Enable TLS configuration for the host defined at `route.host` parameter
-    enabled: false
+    enabled: true
 
     # -- Specify TLS termination.
     termination: "edge"