redhat-developer · linfraze · Jun 4, 2024 · May 20, 2024 · May 23, 2024 · May 30, 2024
diff --git a/assemblies/assembly-add-custom-app-file-openshift.adoc b/assemblies/assembly-add-custom-app-file-openshift.adoc
@@ -22,4 +22,4 @@ You can add the custom application configuration file to {ocp-short} in one of t
 
 include::modules/getting-started/proc-add-custom-app-file-openshift-helm.adoc[leveloffset=+1]
 
-include::modules/getting-started/proc-add-custom-app-file-openshift-operator.adoc[leveloffset=+1]
+include::modules/installation/proc-add-custom-app-config-file-ocp-operator.adoc[leveloffset=+1]
diff --git a/assemblies/assembly-install-rhdh-ocp.adoc b/assemblies/assembly-install-rhdh-ocp.adoc
@@ -9,11 +9,11 @@ You can install {product} on {ocp-short} using one of the following methods:
 
 // Helm chart method
 include::modules/installation/proc-install-rhdh-ocp-helm.adoc[leveloffset=+1]
+include::modules/getting-started/proc-add-custom-app-file-openshift-helm.adoc[leveloffset=+2]
 include::modules/installation/proc-install-rhdh-airgapped-environment-ocp-helm.adoc[leveloffset=+2]
 
 // Operator method
 include::modules/installation/proc-install-rhdh-ocp-operator.adoc[leveloffset=+1]
-include::modules/installation/proc-config-rhdh-custom-resource.adoc[leveloffset=+2]
-include::modules/installation/proc-add-custom-app-config-file-ocp.adoc[leveloffset=+3]
+include::modules/installation/proc-add-custom-app-config-file-ocp-operator.adoc[leveloffset=+2]
 include::modules/installation/proc-config-dynamic-plugins-rhdh-operator.adoc[leveloffset=+2]
 include::modules/installation/proc-install-rhdh-airgapped-environment-ocp-operator.adoc[leveloffset=+2]
diff --git a/modules/admin/modules b/modules/admin/modules
diff --git a/modules/getting-started/proc-add-custom-app-file-openshift-operator.adoc b/modules/getting-started/proc-add-custom-app-file-openshift-operator.adoc
diff --git a/modules/installation/proc-add-custom-app-config-file-ocp-operator.adoc b/modules/installation/proc-add-custom-app-config-file-ocp-operator.adoc
@@ -0,0 +1,99 @@
+[id="proc-add-custom-app-config-file-ocp-operator_{context}"]
+= Adding a custom application configuration file to {ocp-short} using the Operator
+
+A custom application configuration file is a `ConfigMap` object that you can use to change the configuration of your {product} instance. If you are deploying your {product-short} instance on {ocp-brand-name}, you can use the {product} Operator to add a custom application configuration file to your {ocp-short} instance by creating the `ConfigMap` object and referencing it in the {product-short} custom resource (CR).
+
+The custom application configuration file contains a sensitive environment variable, named `BACKEND_SECRET`. This variable contains a mandatory backend authentication key that {product-short} uses to reference an environment variable defined in an {ocp-short} secret. You must create a secret, named 'secrets-rhdh', and reference it in the {product-short} CR.
+
+[NOTE]
+====
+You are responsible for protecting your {product} installation from external and unauthorized access. Manage the backend authentication key like any other secret. Meet strong password requirements, do not expose it in any configuration files, and only inject it into configuration files as an environment variable.
+====
+
+.Prerequisites
+* You have an active {ocp-brand-name} account.
+* Your administrator has installed the {product} Operator in {ocp-short}. For more information, see link:{LinkAdminGuide}[Installing the {product} Operator].
+* You have created the {product} CR in {ocp-short}.
+
+.Procedure
+. From the *Developer* perspective in the {ocp-short} web console, select the *ConfigMaps* view.
+. Click *Create ConfigMap*.
+. Select the *YAML view* option in *Configure via* and use the following example as a base template to create a ConfigMap, such as `app-config-rhdh.yaml`:
++
+[source,yaml,subs="attributes+"]
+----
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: app-config-rhdh
+data:
+  "app-config-rhdh.yaml": |
+    app:
+      title: {product}
+      baseUrl: https://backstage-<custom_resource_name>-<namespace_name>.<openshift_ingress_domain>
+    backend:
+      auth:
+        keys:
+          - secret: "${BACKEND_SECRET}"
+      baseUrl: https://backstage-<custom_resource_name>-<namespace_name>.<openshift_ingress_domain>
+      cors:
+        origin: https://backstage-<custom_resource_name>-<namespace_name>.<openshift_ingress_domain>
+----
++
+.. Use the mandatory backend authentication key for {product} to reference an environment variable defined in an {ocp-short} secret.
+.. Set the external URL of your {product} instance in the `app.baseUrl`, `backend.baseUrl` and `backend.cors.origin` fields of the application configuration. By default, the URL is similar to the following example:
+`pass:c[https://backstage-<custom_resource_name>-<namespace_name>.<openshift_ingress_domain>;]`.
++
+[NOTE]
+====
+You can use the `oc get ingresses.config/cluster -o jsonpath='{.spec.domain}'` command to display your ingress domain. If you want to use a different host or sub-domain, customize the CR `spec.application.route` field and adjust the application configuration accordingly.
+====
+
+. Click *Create*.
+. Select the *Secrets* view.
+. Click *Create Key/value Secret*.
+. Create a secret named `secrets-rhdh`.
+. Add a key named `BACKEND_SECRET` and a base64 encoded string as a value. Use a unique value for each {product} instance. For example, you can use the following command to generate a key from your terminal:
++
+[source,yaml]
+----
+node -p 'require("crypto").randomBytes(24).toString("base64")'
+----
+
+. Click *Create*.
+. Select the *Topology* view.
+. Click the overflow menu for the {product} instance that you want to use and select *Edit Backstage* to load the YAML view of the {product} instance.
++
+image::rhdh/operator-install-2.png[]
+
+. In the CR, enter the name of the custom application configuration config map as the value for the `spec.application.appConfig.configMaps` field, and enter the name of your secret as the value for the `spec.application.extraEnvs.secrets` field. For example:
++
+[source, yaml]
+----
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: example
+spec:
+  application:
+    appConfig:
+      mountPath: /opt/app-root/src
+      configMaps:
+         - name: app-config-rhdh
+    extraEnvs:
+      secrets:
+         - name: secrets-rhdh
+    extraFiles:
+      mountPath: /opt/app-root/src
+    replicas: 1
+    route:
+      enabled: true
+  database:
+    enableLocalDb: true
+----
+. Click *Save*.
+. Navigate back to the *Topology* view and wait for the {product} pod to start.
+. Click the *Open URL* icon to use the {product} platform with the configuration changes.
+
+.Additional resources
+* For more information about roles and responsibilities in {product-short}, see link:{LinkAdminGuide}[Role-Based Access Control (RBAC) in {product}].
diff --git a/modules/installation/proc-add-custom-app-config-file-ocp.adoc b/modules/installation/proc-add-custom-app-config-file-ocp.adoc
diff --git a/modules/installation/proc-config-rhdh-custom-resource.adoc b/modules/installation/proc-config-rhdh-custom-resource.adoc
diff --git a/modules/installation/proc-install-rhdh-ocp-operator.adoc b/modules/installation/proc-install-rhdh-ocp-operator.adoc
@@ -19,7 +19,7 @@ For more information about creating a project in {ocp-short}, see link:https://d
 . From the *Developer Catalog* panel, click *Operator Backed*.
 . In the *Filter by keyword* box, enter _{product-short}_ and click the *{product}* card.
 . Click *Create*.
-. Add <<Configuring the {product-short} Custom Resource, custom configurations>> for the {product} instance.
+. Add <<Adding a custom application configuration file to {ocp-short} using the Operator, custom configurations>> for the {product} instance.
 . On the *Create Backstage* page, click *Create*
 
 .Verification