forked from janus-idp/demo-setup
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Software Tempalte for Backstage: Issue #3
- Loading branch information
mlacourse
committed
Sep 28, 2022
1 parent
09ce019
commit 3ba2ec9
Showing
15 changed files
with
631 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
apiVersion: v2 | ||
appVersion: v2.4.11 | ||
description: A Helm chart for customising the deployment of the Red Hat Pipelines Operator | ||
name: assemble-backstage | ||
version: 0.1.0 | ||
home: https://github.com/halkyonio/assemble-platforms/charts | ||
maintainers: | ||
- name: eformat | ||
- name: springdo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,98 @@ | ||
# ⚓️ Assemble Backstage Helm Deploy | ||
|
||
The Assemble Backstage Helm Chart customizes and deploys the backstage backend application written by Red Hat. | ||
|
||
## Installing the chart | ||
|
||
To install the chart from source: | ||
```bash | ||
# within this directory | ||
oc new-project assemble | ||
helm upgrade --install assemble-dev . -f values.yaml | ||
``` | ||
To install using oc apply | ||
```bash | ||
# within this directory | ||
helm template assemble-dev . | oc apply -f- | ||
``` | ||
|
||
## Configuration | ||
|
||
The [values.yml](values.yaml) file contains instructions for common chart overrides. | ||
|
||
The operator version can be configuring by modifying the operator configuration values. The startingCSV could be different based on the openshift cluster version. The channel can be latest, stable or a specific version. | ||
|
||
### Postgres Database Configuration | ||
|
||
A container version of postgresql will be deployed along with the assamble-backstage application when the external flag is 'false'. You can | ||
suppply a database password or a random value can be used and stored in the postgres secret. | ||
|
||
```yaml | ||
postgres: | ||
external: false | ||
database_user: postgres | ||
## Password will be autogenerated if left empty | ||
## If using extrnal instance supply the password | ||
#database_password: "somepassword" | ||
port: 5432 | ||
image: registry.redhat.io/rhel9/postgresql-13:1-73 | ||
resources: | ||
limits: | ||
cpu: 400m | ||
memory: 596Mi | ||
requests: | ||
cpu: 100m | ||
memory: 128Mi | ||
``` | ||
### Backstage Configuration | ||
|
||
There is a secret which containts the backstage app-config.yaml which can be modified using the following sample. | ||
|
||
The 'catalog:' section will define the soures for configuring the catalog section of the app-config.yaml. This content will replace the yaml of that section of the configuraiton. Refer to [Backstage Catalog Configuration](https://backstage.io/docs/features/software-catalog/configuration) for more details. | ||
|
||
Note: The baseUrl must match the exposed route to ensure communication betweeen the UI and backend services. | ||
|
||
```yaml | ||
# backstage configuration | ||
backstage: | ||
companyname: "My Company" | ||
baseUrl: 'https://assemble-dev-assemble.apps-crc.testing' | ||
|
||
## Override Catalog with here | ||
catalog: | ||
#import: | ||
# entityFilename: /examples/catalog-info.yaml | ||
# pullRequestBranchName: backstage-integration | ||
rules: | ||
- allow: [Component, System, API, Resource, Location] | ||
locations: | ||
# Local example data, file locations are relative to the backend process, typically `packages/backend` | ||
#- type: file | ||
# target: /examples/entities.yaml | ||
|
||
# Local example template | ||
#- type: file | ||
# target: /examples/template/template.yaml | ||
# rules: | ||
# - allow: [Template] | ||
|
||
# Local example organizational data | ||
#- type: file | ||
# target: /examples/org.yaml | ||
# rules: | ||
# - allow: [User, Group] | ||
``` | ||
|
||
|
||
## Removing | ||
|
||
To delete the chart: | ||
```bash | ||
helm uninstall assemble-dev --namespace assemble | ||
``` | ||
|
||
To delete when not using helm | ||
``` | ||
helm template assemble-dev | oc delete -f- | ||
``` | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
{{/* | ||
Expand the name of the chart. | ||
*/}} | ||
{{- define "assemble-backstage.name" -}} | ||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} | ||
{{- end }} | ||
|
||
{{/* | ||
Create a default fully qualified app name. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
If release name contains chart name it will be used as a full name. | ||
*/}} | ||
{{- define "assemble-backstage.fullname" -}} | ||
{{- if .Values.fullnameOverride }} | ||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} | ||
{{- else }} | ||
{{- $name := default .Chart.Name .Values.nameOverride }} | ||
{{- if contains $name .Release.Name }} | ||
{{- .Release.Name | trunc 63 | trimSuffix "-" }} | ||
{{- else }} | ||
{{- printf "%s" .Release.Name | trunc 63 | trimSuffix "-" }} | ||
{{- end }} | ||
{{- end }} | ||
{{- end }} | ||
|
||
{{/* | ||
Create chart name and version as used by the chart label. | ||
*/}} | ||
{{- define "assemble-backstage.chart" -}} | ||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} | ||
{{- end }} | ||
|
||
{{/* | ||
Common labels | ||
*/}} | ||
{{- define "assemble-backstage.labels" -}} | ||
helm.sh/chart: {{ include "assemble-backstage.chart" . }} | ||
{{ include "assemble-backstage.selectorLabels" . }} | ||
{{- if .Chart.AppVersion }} | ||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} | ||
{{- end }} | ||
app.kubernetes.io/managed-by: {{ .Release.Service }} | ||
{{- end }} | ||
|
||
{{/* | ||
Selector labels | ||
*/}} | ||
{{- define "assemble-backstage.selectorLabels" -}} | ||
app.kubernetes.io/name: {{ include "assemble-backstage.name" . }} | ||
app.kubernetes.io/instance: {{ .Release.Name }} | ||
{{- end }} | ||
|
||
{{/* | ||
Create the name of the service account to use | ||
*/}} | ||
{{- define "assemble-backstage.serviceAccountName" -}} | ||
{{- if .Values.serviceAccount.create }} | ||
{{- default (include "assemble-backstage.fullname" .) .Values.serviceAccount.name }} | ||
{{- else }} | ||
{{- default "default" .Values.serviceAccount.name }} | ||
{{- end }} | ||
{{- end }} | ||
|
||
{{/* | ||
Check for existing secret | ||
*/}} | ||
{{- define "gen.postgres-password" -}} | ||
{{- if .Values.postgres.database_password }} | ||
databasePassword: {{ .Values.postgres.database_password | quote }} | ||
{{- else -}} | ||
{{- $secret := lookup "v1" "Secret" .Release.Namespace (include "assemble-backstage.fullname" . ) -}} | ||
{{- if $secret -}} | ||
{{/* | ||
Reusing existing secret data | ||
databasePassword: {{ $secret.data.databasePassword | quote }} | ||
*/}} | ||
databasePassword: {{ $secret.data.databasePassword | b64dec | quote }} | ||
{{- else -}} | ||
{{/* | ||
Generate new data | ||
*/}} | ||
databasePassword: "{{ randAlphaNum 20 }}" | ||
{{- end -}} | ||
{{- end -}} | ||
{{- end -}} | ||
|
||
|
89 changes: 89 additions & 0 deletions
89
charts/assemble-backstage/templates/assemble-config-secret.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: assemble-config | ||
stringData: | ||
app-config.yaml: |- | ||
app: | ||
# Should be the same as backend.baseUrl when using the `app-backend` plugin. | ||
#baseUrl: http://{{ .Release.Name }}:7007 | ||
baseUrl: {{ .Values.backstage.baseUrl }} | ||
organization: | ||
name: "{{ .Values.backstage.companyname }}" | ||
backend: | ||
# Note that the baseUrl should be the URL that the browser and other clients | ||
# should use when communicating with the backend, i.e. it needs to be | ||
# reachable not just from within the backend host, but from all of your | ||
# callers. When its value is "http://localhost:7007", it's strictly private | ||
# and can't be reached by others. | ||
#baseUrl: http://{{ .Release.Name }}:7007 | ||
baseUrl: {{ .Values.backstage.baseUrl }} | ||
listen: | ||
port: 7007 | ||
# The following host directive binds to all IPv4 interfaces when its value | ||
# is "0.0.0.0". This is the most permissive setting. The right value depends | ||
# on your specific deployment. If you remove the host line entirely, the | ||
# backend will bind on the interface that corresponds to the backend.baseUrl | ||
# hostname. | ||
host: 0.0.0.0 | ||
csp: | ||
connect-src: ["'self'", 'http:', 'https:'] | ||
# Content-Security-Policy directives follow the Helmet format: https://helmetjs.github.io/#reference | ||
# Default Helmet Content-Security-Policy values can be removed by setting the key to false | ||
cors: | ||
origin: http://{{ .Release.Name }}:3000 | ||
methods: [GET, POST, PUT, DELETE] | ||
credentials: true | ||
# config options: https://node-postgres.com/api/client | ||
database: | ||
client: pg | ||
connection: | ||
host: {{ include "assemble-backstage.fullname" . }}-postgres.{{ .Release.Namespace }}.svc | ||
port: "{{ .Values.postgres.port }}" | ||
user: "{{ .Values.postgres.database_user }}" | ||
#password: "{{ .Values.postgres.database_password }}" | ||
password: "${POSTGRES_ADMIN_PASSWORD}" | ||
cache: | ||
store: memory | ||
integrations: {} | ||
#github: | ||
#- host: github.com | ||
# # This is a Personal Access Token or PAT from GitHub. You can find out how to generate this token, and more information | ||
# about setting up the GitHub integration here: https://backstage.io/docs/getting-started/configuration#setting-up-a-github-integration | ||
# token: ${GITHUB_TOKEN} | ||
proxy: | ||
'/test': | ||
target: 'https://example.com' | ||
changeOrigin: true | ||
# Reference documentation http://backstage.io/docs/features/techdocs/configuration | ||
# Note: After experimenting with basic setup, use CI/CD to generate docs | ||
# and an external cloud storage when deploying TechDocs for production use-case. | ||
# https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach | ||
techdocs: | ||
builder: 'local' # Alternatives - 'external' | ||
generator: | ||
runIn: 'docker' # Alternatives - 'local' | ||
publisher: | ||
type: 'local' # Alternatives - 'googleGcs' or 'awsS3'. Read documentation for using alternatives. | ||
auth: | ||
# see https://backstage.io/docs/auth/ to learn about auth providers | ||
providers: {} | ||
scaffolder: | ||
# see https://backstage.io/docs/features/software-templates/configuration for software template options | ||
catalog: | ||
# Overrides the default list locations from app-config.yaml as these contain example data. | ||
# See https://backstage.io/docs/features/software-catalog/software-catalog-overview#adding-components-to-the-catalog for more details | ||
# on how to get entities into the catalog. | ||
{{- with .Values.backstage.catalog }} | ||
{{- toYaml . | nindent 6 }} | ||
{{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: {{ include "assemble-backstage.fullname" . }} | ||
labels: | ||
{{- include "assemble-backstage.labels" . | nindent 4 }} | ||
spec: | ||
replicas: {{ .Values.replicaCount }} | ||
selector: | ||
matchLabels: | ||
{{- include "assemble-backstage.selectorLabels" . | nindent 6 }} | ||
template: | ||
metadata: | ||
{{- with .Values.podAnnotations }} | ||
annotations: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
labels: | ||
{{- include "assemble-backstage.selectorLabels" . | nindent 8 }} | ||
spec: | ||
{{- with .Values.imagePullSecrets }} | ||
imagePullSecrets: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
serviceAccountName: {{ include "assemble-backstage.serviceAccountName" . }} | ||
securityContext: | ||
{{- toYaml .Values.podSecurityContext | nindent 8 }} | ||
containers: | ||
- name: {{ .Chart.Name }} | ||
securityContext: | ||
{{- toYaml .Values.securityContext | nindent 12 }} | ||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" | ||
imagePullPolicy: {{ .Values.image.pullPolicy }} | ||
command: ['node', 'packages/backend', '--config', '/config/app-config.yaml'] | ||
env: | ||
- name: POSTGRES_ADMIN_PASSWORD | ||
valueFrom: | ||
secretKeyRef: | ||
name: {{ include "assemble-backstage.fullname" . }}-postgresql | ||
key: databasePassword | ||
ports: | ||
- name: http | ||
containerPort: {{ .Values.service.targetPort }} | ||
protocol: TCP | ||
livenessProbe: | ||
httpGet: | ||
path: / | ||
port: http | ||
readinessProbe: | ||
httpGet: | ||
path: / | ||
port: http | ||
resources: | ||
{{- toYaml .Values.resources | nindent 12 }} | ||
volumeMounts: | ||
- name: assemble-config | ||
readOnly: true | ||
mountPath: /config | ||
volumes: | ||
- name: assemble-config | ||
secret: | ||
secretName: assemble-config | ||
defaultMode: 420 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
{{- if not .Values.postgres.external }} | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: {{ include "assemble-backstage.fullname" . }}-postgresql-config | ||
labels: | ||
{{- include "assemble-backstage.labels" . | nindent 4 }} | ||
data: | ||
postgresql.conf: | | ||
# LOGGING | ||
log_min_error_statement = fatal | ||
# CONNECTION | ||
listen_addresses = '*' | ||
# MODULES | ||
shared_preload_libraries = 'decoderbufs' | ||
# REPLICATION | ||
wal_level = logical # minimal, archive, hot_standby, or logical (change requires restart) | ||
max_wal_senders = 1 # max number of walsender processes (change requires restart) | ||
#wal_keep_segments = 4 # in logfile segments, 16MB each; 0 disables | ||
#wal_sender_timeout = 60s # in milliseconds; 0 disables | ||
max_replication_slots = 1 # max number of replication slots (change requires restart) | ||
{{ end }} |
Oops, something went wrong.