diff --git a/charts/backstage/Chart.lock b/charts/backstage/Chart.lock index 4070b86b..a64a07c0 100644 --- a/charts/backstage/Chart.lock +++ b/charts/backstage/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 2.2.5 + version: 2.4.0 - name: backstage repository: https://backstage.github.io/charts - version: 0.22.3 -digest: sha256:34bc49e9edf6bdf26eae23e40fc6f62a8c2fe0c41f8573e55531f169b7b19d35 -generated: "2023-05-09T15:09:31.191794+02:00" + version: 1.0.0 +digest: sha256:73bf762f0c02f16479314fcffeafbf683f2fc758ac2aea5113a98b6618fb0b15 +generated: "2023-05-19T17:08:32.733557+02:00" diff --git a/charts/backstage/Chart.yaml b/charts/backstage/Chart.yaml index 361d7686..f2d82e0f 100644 --- a/charts/backstage/Chart.yaml +++ b/charts/backstage/Chart.yaml @@ -7,7 +7,7 @@ annotations: - name: Chart Source url: https://github.com/janus-idp/helm-backstage - name: Default Image Source - url: https://github.com/janus-idp/redhat-backstage-build + url: https://github.com/janus-idp/backstage-showcase charts.openshift.io/name: Backstage charts.openshift.io/provider: Janus-IDP charts.openshift.io/supportURL: https://github.com/janus-idp/helm-backstage/issues @@ -21,7 +21,7 @@ dependencies: version: 2.x.x - name: backstage repository: https://backstage.github.io/charts - version: ">=0.22.3" + version: "1.x.x" alias: upstream home: https://janus-idp.io icon: https://avatars.githubusercontent.com/u/117844786 @@ -37,9 +37,9 @@ name: backstage type: application sources: - https://github.com/janus-idp/helm-backstage -- https://github.com/janus-idp/redhat-backstage-build +- https://github.com/janus-idp/backstage-showcase # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.4 +version: 2.0.0 diff --git a/charts/backstage/README.md b/charts/backstage/README.md index 757a057e..907547b0 100644 --- a/charts/backstage/README.md +++ b/charts/backstage/README.md @@ -2,7 +2,7 @@ # Janus-IDP Backstage Helm Chart [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/janus-idp&style=flat-square)](https://artifacthub.io/packages/search?repo=janus-idp) -![Version: 1.0.4](https://img.shields.io/badge/Version-1.0.4-informational?style=flat-square) +![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) A Helm chart for deploying a Backstage application @@ -18,7 +18,7 @@ A Helm chart for deploying a Backstage application ## Source Code * -* +* --- @@ -68,7 +68,31 @@ The following command can be used to add the chart repository: helm repo add janus-idp https://janus-idp.github.io/helm-backstage ``` -Once the chart has been added, install one of the available charts: +Once the chart has been added, install this chart. However before doing so, please review the default `values.yaml` and adjust as needed. + +- To get proper connection between frontend and backend of Backstage please update the `apps.example.com` to match your cluster host: + + ```yaml + upstream: + backstage: + appConfig: + app: + baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com' + backend: + baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com' + cors: + origin: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com' + ``` + +- If your cluster doesn't provide PVCs, you should disable PostgreSQL persistence via: + + ```yaml + upstream: + postgresql: + primary: + persistence: + enabled: false + ``` ```console helm upgrade -i janus-idp/backstage @@ -102,38 +126,61 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| -| https://backstage.github.io/charts | upstream(backstage) | >=0.22.3 | +| https://backstage.github.io/charts | upstream(backstage) | 1.x.x | | https://charts.bitnami.com/bitnami | common | 2.x.x | ## Values | Key | Description | Type | Default | |-----|-------------|------|---------| -| route | OpenShift Route parameters | object | `{"annotations":{},"enabled":false,"host":"","path":"/","tls":{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":false,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"},"wildcardPolicy":"None"}` | +| route | OpenShift Route parameters | object | `{"annotations":{},"enabled":true,"host":"","path":"/","tls":{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":true,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"},"wildcardPolicy":"None"}` | | route.annotations | Route specific annotations | object | `{}` | -| route.enabled | Enable the creation of the route resource | bool | `false` | +| route.enabled | Enable the creation of the route resource | bool | `true` | | route.host | Set the host attribute to a custom value. If not set, OpenShift will generate it, please make sure to match your baseUrl | string | `""` | | route.path | Path that the router watches for, to route traffic for to the service. | string | `"/"` | -| route.tls | Route TLS parameters
Ref: https://docs.openshift.com/container-platform/4.9/networking/routes/secured-routes.html | object | `{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":false,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"}` | +| route.tls | Route TLS parameters
Ref: https://docs.openshift.com/container-platform/4.9/networking/routes/secured-routes.html | object | `{"caCertificate":"","certificate":"","destinationCACertificate":"","enabled":true,"insecureEdgeTerminationPolicy":"Redirect","key":"","termination":"edge"}` | | route.tls.caCertificate | Cert authority certificate contents. Optional | string | `""` | | route.tls.certificate | Certificate contents | string | `""` | | route.tls.destinationCACertificate | Contents of the ca certificate of the final destination.
When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. | string | `""` | -| route.tls.enabled | Enable TLS configuration for the host defined at `route.host` parameter | bool | `false` | +| route.tls.enabled | Enable TLS configuration for the host defined at `route.host` parameter | bool | `true` | | route.tls.insecureEdgeTerminationPolicy | Indicates the desired behavior for insecure connections to a route.
While each router may make its own decisions on which ports to expose, this is normally port 80. The only valid values are None, Redirect, or empty for disabled. | string | `"Redirect"` | | route.tls.key | Key file contents | string | `""` | | route.tls.termination | Specify TLS termination. | string | `"edge"` | | route.wildcardPolicy | Wildcard policy if any for the route. Currently only 'Subdomain' or 'None' is allowed. | string | `"None"` | | upstream | Upstream Backstage [chart configuration](https://github.com/backstage/charts/blob/main/charts/backstage/values.yaml) | object | Use Openshift compatible settings | +## Opinionated Backstage deployment + +This chart defaults to an opinionated deployment of Backstage that provides user with a usable Backstage instance out of the box. + +Features enabled by the default chart configuration: + +1. Uses [janus-idp/backstage-showcase](https://github.com/janus-idp/backstage-showcase/) that pre-loads a lot of useful plugins and features +2. Exposes a `Route` for easy access to the instance +3. Enables OpenShift-compatible PostgreSQL database storage + +For additional instance features please consuls [documentation for `janus-idp/backstage-showcase`](https://github.com/janus-idp/backstage-showcase/). + +Additional features can be enabled by extending the default configuration at: + +```yaml +upstream: + backstage: + appConfig: + # Inline app-config.yaml for the instance + extraEnvVars: + # Additional environment variables +``` + ## Features -This charts defaults to using the Janus-IDP built image for backstage that is OpenShift compatible: +This charts defaults to using the Janus-IDP Backstage Showcase image that is OpenShift compatible: ``` -quay.io/janus-idp/redhat-backstage-build:latest +quay.io/janus-idp/backstage-showcase:latest ``` -Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features. +Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features: ### OpenShift Routes diff --git a/charts/backstage/README.md.gotmpl b/charts/backstage/README.md.gotmpl index 5a0b3cdc..5fd9829c 100644 --- a/charts/backstage/README.md.gotmpl +++ b/charts/backstage/README.md.gotmpl @@ -62,7 +62,31 @@ The following command can be used to add the chart repository: helm repo add janus-idp https://janus-idp.github.io/helm-backstage ``` -Once the chart has been added, install one of the available charts: +Once the chart has been added, install this chart. However before doing so, please review the default `values.yaml` and adjust as needed. + +- To get proper connection between frontend and backend of Backstage please update the `apps.example.com` to match your cluster host: + + ```yaml + upstream: + backstage: + appConfig: + app: + baseUrl: 'https://{{"{{"}}- print .Release.Name "-" .Release.Namespace -{{"}}"}}.apps.example.com' + backend: + baseUrl: 'https://{{"{{"}}- print .Release.Name "-" .Release.Namespace -{{"}}"}}.apps.example.com' + cors: + origin: 'https://{{"{{"}}- print .Release.Name "-" .Release.Namespace -{{"}}"}}.apps.example.com' + ``` + +- If your cluster doesn't provide PVCs, you should disable PostgreSQL persistence via: + + ```yaml + upstream: + postgresql: + primary: + persistence: + enabled: false + ``` ```console helm upgrade -i janus-idp/backstage @@ -94,15 +118,38 @@ The command removes all the Kubernetes components associated with the chart and {{ template "chart.valuesSection" . }} +## Opinionated Backstage deployment + +This chart defaults to an opinionated deployment of Backstage that provides user with a usable Backstage instance out of the box. + +Features enabled by the default chart configuration: + +1. Uses [janus-idp/backstage-showcase](https://github.com/janus-idp/backstage-showcase/) that pre-loads a lot of useful plugins and features +2. Exposes a `Route` for easy access to the instance +3. Enables OpenShift-compatible PostgreSQL database storage + +For additional instance features please consuls [documentation for `janus-idp/backstage-showcase`](https://github.com/janus-idp/backstage-showcase/). + +Additional features can be enabled by extending the default configuration at: + +```yaml +upstream: + backstage: + appConfig: + # Inline app-config.yaml for the instance + extraEnvVars: + # Additional environment variables +``` + ## Features -This charts defaults to using the Janus-IDP built image for backstage that is OpenShift compatible: +This charts defaults to using the Janus-IDP Backstage Showcase image that is OpenShift compatible: ``` -quay.io/janus-idp/redhat-backstage-build:latest +quay.io/janus-idp/backstage-showcase:latest ``` -Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features. +Additionally this chart enhances the upstream Backstage chart with following OpenShift-specific features: ### OpenShift Routes diff --git a/charts/backstage/ci/default-values.yaml b/charts/backstage/ci/default-values.yaml index e69de29b..da4457ad 100644 --- a/charts/backstage/ci/default-values.yaml +++ b/charts/backstage/ci/default-values.yaml @@ -0,0 +1,8 @@ +# Workaround for kind cluster in CI which has no Routes and no PVCs +route: + enabled: false +upstream: + postgresql: + primary: + persistence: + enabled: false diff --git a/charts/backstage/values.yaml b/charts/backstage/values.yaml index 6a0b4c98..7b0f95f4 100644 --- a/charts/backstage/values.yaml +++ b/charts/backstage/values.yaml @@ -4,8 +4,59 @@ upstream: backstage: image: registry: quay.io - repository: janus-idp/redhat-backstage-build + repository: janus-idp/backstage-showcase tag: latest + command: [] + # FIXME (tumido): USE POSTGRES_PASSWORD and POSTGRES_USER instead of POSTGRES_ADMIN_PASSWORD + # This is a hack. In {fedora,rhel}/postgresql images, regular user is forbidden + # from creating DBs in runtime. A single DB can be created ahead of time via + # POSTGRESQL_DATABASE env variable (in this case via + # upstream.postgresql.primary.extraEnvVars value), but this doesn't allow us to + # create multiple DBs. Since Backstage requires by default 5 different DBs, we + # can't accommodate that properly. + appConfig: + app: + # Please update to match host. + baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com' + backend: + baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com' + cors: + origin: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com' + database: + connection: + password: ${POSTGRESQL_ADMIN_PASSWORD} + user: postgres + extraEnvVars: + - name: POSTGRESQL_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: "{{ .Release.Name }}-postgresql" + + postgresql: + enabled: true + postgresqlDataDir: /var/lib/pgsql/data/userdata + image: + registry: quay.io + repository: fedora/postgresql-15 + tag: latest + primary: + securityContext: + enabled: false + podSecurityContext: + enabled: false + containerSecurityContext: + enabled: false + persistence: + enabled: true + size: 1Gi + mountPath: /var/lib/pgsql/data + extraEnvVars: + - name: POSTGRESQL_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: "{{ .Release.Name }}-postgresql" # -- OpenShift Route parameters @@ -15,7 +66,7 @@ route: annotations: {} # -- Enable the creation of the route resource - enabled: false + enabled: true # -- Set the host attribute to a custom value. If not set, OpenShift will generate it, please make sure to match your baseUrl host: "" @@ -31,7 +82,7 @@ route: tls: # -- Enable TLS configuration for the host defined at `route.host` parameter - enabled: false + enabled: true # -- Specify TLS termination. termination: "edge"