global:
dynamic:
# -- Array of YAML files listing dynamic plugins to include with those listed in the `plugins` field.
# Relative paths are resolved from the working directory of the initContainer that will install the plugins (`/opt/app-root/src`).
includes:
# -- List of dynamic plugins included inside the `janus-idp/backstage-showcase` container image, some of which are disabled by default.
# This file ONLY works with the `janus-idp/backstage-showcase` container image.
- 'dynamic-plugins.default.yaml'
# -- List of dynamic plugins, possibly overriding the plugins listed in `includes` files.
# Every item defines the plugin `package` as a [NPM package spec](https://docs.npmjs.com/cli/v10/using-npm/package-spec),
# an optional `pluginConfig` with plugin-specific backstage configuration, and an optional `disabled` flag to disable/enable a plugin
# listed in `includes` files. It also includes an `integrity` field that is used to verify the plugin package [integrity](https://w3c.github.io/webappsec-subresource-integrity/#integrity-metadata-description).
plugins:
- package: ./dynamic-plugins/dist/backstage-plugin-scaffolder-backend-module-github-dynamic
disabled: false
- package: ./dynamic-plugins/dist/backstage-plugin-catalog-backend-module-github-dynamic
disabled: false
pluginConfig:
catalog:
providers:
github:
providerId:
organization: "kheops-org"
- package: ./dynamic-plugins/dist/backstage-plugin-catalog-backend-module-github-org-dynamic
disabled: true
pluginConfig:
catalog:
providers:
githubOrg:
id: production
githubUrl: "${GITHUB_URL}"
orgs: [ "${GITHUB_ORG}" ]
schedule:
frequency:
minutes: 60
initialDelay:
seconds: 15
timeout:
minutes: 15
- package: ./dynamic-plugins/dist/backstage-plugin-github-actions
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-github-actions:
mountPoints:
- mountPoint: entity.page.ci/cards
importName: EntityGithubActionsContent
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isGithubActionsAvailable
- package: ./dynamic-plugins/dist/backstage-plugin-github-issues
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-github-issues:
mountPoints:
- mountPoint: entity.page.issues/cards
importName: GithubIssuesCard
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- hasAnnotation: github.com/project-slug
- package: ./dynamic-plugins/dist/roadiehq-backstage-plugin-github-insights
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
roadiehq.backstage-plugin-github-insights:
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntityGithubInsightsComplianceCard
config:
layout:
gridColumnEnd:
lg: "span 4"
md: "span 6"
xs: "span 12"
if:
allOf:
- isGithubInsightsAvailable
- package: ./dynamic-plugins/dist/roadiehq-backstage-plugin-github-pull-requests
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
roadiehq.backstage-plugin-github-pull-requests:
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntityGithubPullRequestsOverviewCard
config:
layout:
gridColumnEnd:
lg: "span 4"
md: "span 6"
xs: "span 12"
if:
allOf:
- isGithubPullRequestsAvailable
- mountPoint: entity.page.pull-requests/cards
importName: EntityGithubPullRequestsContent
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isGithubPullRequestsAvailable
- package: ./dynamic-plugins/dist/roadiehq-backstage-plugin-security-insights
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
roadiehq.backstage-plugin-security-insights:
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntityDependabotAlertsCard
config:
layout:
gridColumnEnd:
lg: "span 4"
md: "span 6"
xs: "span 12"
if:
allOf:
- isSecurityInsightsAvailable
# Group: Gitlab
- package: ./dynamic-plugins/dist/backstage-plugin-scaffolder-backend-module-gitlab-dynamic
- package: ./dynamic-plugins/dist/immobiliarelabs-backstage-plugin-gitlab-backend-dynamic
disabled: true
pluginConfig:
gitlab:
host: ${GITLAB_HOST}
token: ${GITLAB_TOKEN}
- package: ./dynamic-plugins/dist/immobiliarelabs-backstage-plugin-gitlab
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
immobiliarelabs.backstage-plugin-gitlab:
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntityGitlabMergeRequestStatsCard
config:
layout:
gridColumnEnd:
lg: "span 4"
md: "span 6"
xs: "span 12"
if:
allOf:
- isGitlabAvailable
- mountPoint: entity.page.ci/cards
importName: EntityGitlabPipelinesTable
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isGitlabAvailable
- mountPoint: entity.page.issues/cards
importName: EntityGitlabIssuesTable
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isGitlabAvailable
- mountPoint: entity.page.pull-requests/cards
importName: EntityGitlabMergeRequestsTable
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isGitlabAvailable
- package: ./dynamic-plugins/dist/backstage-plugin-catalog-backend-module-gitlab-dynamic
disabled: true
pluginConfig:
catalog:
providers:
gitlab: {}
# Group: Kubernetes
- package: ./dynamic-plugins/dist/backstage-plugin-kubernetes-backend-dynamic
disabled: true
pluginConfig:
kubernetes:
customResources:
- group: 'tekton.dev'
apiVersion: 'v1beta1'
plural: 'pipelines'
- group: 'tekton.dev'
apiVersion: 'v1beta1'
plural: 'pipelineruns'
- group: 'tekton.dev'
apiVersion: 'v1beta1'
plural: 'taskruns'
- group: 'route.openshift.io'
apiVersion: 'v1'
plural: 'routes'
serviceLocatorMethod:
type: 'multiTenant'
clusterLocatorMethods:
- type: 'config'
clusters:
- name: ${K8S_CLUSTER_NAME}
url: ${K8S_CLUSTER_URL}
authProvider: 'serviceAccount'
skipTLSVerify: true
serviceAccountToken: ${K8S_CLUSTER_TOKEN}
- package: ./dynamic-plugins/dist/backstage-plugin-kubernetes
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-kubernetes:
mountPoints:
- mountPoint: entity.page.kubernetes/cards
importName: EntityKubernetesContent
config:
layout:
gridColumn: "1 / -1"
if:
anyOf:
- hasAnnotation: backstage.io/kubernetes-id
- hasAnnotation: backstage.io/kubernetes-namespace
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-topology
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-topology:
mountPoints:
- mountPoint: entity.page.topology/cards
importName: TopologyPage
config:
layout:
gridColumn: "1 / -1"
height: 75vh
if:
anyOf:
- hasAnnotation: backstage.io/kubernetes-id
- hasAnnotation: backstage.io/kubernetes-namespace
# Group: ArgoCD
- package: ./dynamic-plugins/dist/roadiehq-backstage-plugin-argo-cd-backend-dynamic
disabled: true
pluginConfig:
argocd:
username: "${ARGOCD_USERNAME}"
password: "${ARGOCD_PASSWORD}"
appLocatorMethods:
- type: 'config'
instances:
- name: argoInstance1
url: "${ARGOCD_INSTANCE1_URL}"
token: "${ARGOCD_AUTH_TOKEN}"
- name: argoInstance2
url: "${ARGOCD_INSTANCE2_URL}"
token: "${ARGOCD_AUTH_TOKEN2}"
- package: ./dynamic-plugins/dist/roadiehq-scaffolder-backend-argocd-dynamic
disabled: true
pluginConfig:
argocd:
username: "${ARGOCD_USERNAME}"
password: "${ARGOCD_PASSWORD}"
appLocatorMethods:
- type: 'config'
instances:
- name: argoInstance1
url: "${ARGOCD_INSTANCE1_URL}"
token: "${ARGOCD_AUTH_TOKEN}"
- name: argoInstance2
url: "${ARGOCD_INSTANCE2_URL}"
token: "${ARGOCD_AUTH_TOKEN2}"
- package: ./dynamic-plugins/dist/roadiehq-backstage-plugin-argo-cd
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
roadiehq.backstage-plugin-argo-cd:
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntityArgoCDOverviewCard
config:
layout:
gridColumnEnd:
lg: "span 8"
xs: "span 12"
if:
allOf:
- isArgocdAvailable
- mountPoint: entity.page.cd/cards
importName: EntityArgoCDHistoryCard
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isArgocdAvailable
# Group: Azure Devops
- package: ./dynamic-plugins/dist/backstage-plugin-scaffolder-backend-module-azure-dynamic
- package: ./dynamic-plugins/dist/backstage-plugin-azure-devops-backend-dynamic
disabled: true
pluginConfig:
azureDevOps:
host: dev.azure.com
token: ${AZURE_TOKEN}
organization: ${AZURE_ORG}
- package: ./dynamic-plugins/dist/backstage-plugin-azure-devops
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-azure-devops:
mountPoints:
- mountPoint: entity.page.ci/cards
importName: EntityAzurePipelinesContent
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isAzureDevOpsAvailable
- mountPoint: entity.page.pull-requests/cards
importName: EntityAzurePullRequestsContent
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isAzureDevOpsAvailable
# Group: Jenkins
- package: ./dynamic-plugins/dist/backstage-plugin-jenkins-backend-dynamic
disabled: true
pluginConfig:
jenkins:
instances:
- name: default
baseUrl: ${JENKINS_URL}
username: ${JENKINS_USERNAME}
apiKey: ${JENKINS_TOKEN}
- package: ./dynamic-plugins/dist/backstage-plugin-jenkins
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-jenkins:
mountPoints:
- mountPoint: entity.page.ci/cards
importName: EntityJenkinsContent
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isJenkinsAvailable
# Group: SonarQube
- package: ./dynamic-plugins/dist/backstage-plugin-sonarqube-backend-dynamic
disabled: true
pluginConfig:
sonarqube:
baseUrl: ${SONARQUBE_URL}
apiKey: ${SONARQUBE_TOKEN}
- package: ./dynamic-plugins/dist/backstage-plugin-sonarqube
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-sonarqube:
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntitySonarQubeCard
config:
layout:
gridColumnEnd:
lg: "span 4"
md: "span 6"
xs: "span 12"
if:
allOf:
- isSonarQubeAvailable
# Group: OCM
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-ocm-backend-dynamic
disabled: true
pluginConfig:
catalog:
providers:
ocm:
default:
name: "${OCM_HUB_NAME}"
url: "${OCM_HUB_URL}"
serviceAccountToken: "${moc_infra_token}"
owner: janus-authors
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-ocm
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-ocm:
appIcons:
- name: ocmIcon
importName: OcmIcon
dynamicRoutes:
- path: /ocm
importName: OcmPage
menuItem:
icon: ocmIcon
text: Clusters
mountPoints:
- mountPoint: entity.page.overview/context
importName: ClusterContextProvider
- mountPoint: entity.page.overview/cards
importName: ClusterAvailableResourceCard
config:
layout:
gridColumnEnd:
lg: "span 4"
md: "span 6"
xs: "span 12"
if:
allOf:
- isKind: resource
- isType: kubernetes-cluster
- mountPoint: entity.page.overview/cards
importName: ClusterInfoCard
config:
layout:
gridColumnEnd:
lg: "span 4"
md: "span 6"
xs: "span 12"
if:
allOf:
- isKind: resource
- isType: kubernetes-cluster
# Techdocs
- package: ./dynamic-plugins/dist/backstage-plugin-techdocs-backend-dynamic
pluginConfig:
# Reference documentation http://backstage.io/docs/features/techdocs/configuration
# Note: After experimenting with basic setup, use CI/CD to generate docs
# and an external cloud storage when deploying TechDocs for production use-case.
# https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach
techdocs:
builder: local
generator:
runIn: local
publisher:
type: local
- package: ./dynamic-plugins/dist/backstage-plugin-techdocs
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-techdocs:
routeBindings:
targets:
- importName: techdocsPlugin
bindings:
- bindTarget: catalogPlugin.externalRoutes
bindMap:
viewTechDoc: techdocsPlugin.routes.docRoot
- bindTarget: scaffolderPlugin.externalRoutes
bindMap:
viewTechDoc: techdocsPlugin.routes.docRoot
dynamicRoutes:
- path: /docs
importName: TechDocsIndexPage
menuItem:
icon: docs
text: Docs
- path: /docs/:namespace/:kind/:name/*
importName: TechDocsReaderPage
mountPoints:
- mountPoint: entity.page.docs/cards
importName: EntityTechdocsContent
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isTechDocsAvailable
- mountPoint: search.page.results
importName: TechDocsSearchResultListItem
- mountPoint: search.page.filters
importName: TechdocsSearchFilter
- mountPoint: search.page.types
importName: techdocsSearchType
config:
props:
name: Documentation
icon: docs
# Standalone plugins
- package: ./dynamic-plugins/dist/backstage-plugin-scaffolder-backend-module-gerrit-dynamic
- package: ./dynamic-plugins/dist/roadiehq-scaffolder-backend-module-utils-dynamic
- package: ./dynamic-plugins/dist/janus-idp-backstage-scaffolder-backend-module-quay-dynamic
- package: ./dynamic-plugins/dist/janus-idp-backstage-scaffolder-backend-module-regex-dynamic
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-rbac
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-rbac:
mountPoints:
- mountPoint: admin.page.rbac/cards
module: RbacPlugin
importName: RbacPage
config:
layout:
gridColumn: "1 / -1"
width: 100vw
props:
useHeader: false
dynamicRoutes:
- path: /admin/rbac
module: RbacPlugin
importName: RbacPage
- package: ./dynamic-plugins/dist/janus-idp-backstage-scaffolder-backend-module-servicenow-dynamic
disabled: true
pluginConfig:
servicenow:
# The base url of the ServiceNow instance.
baseUrl: ${SERVICENOW_BASE_URL}
# The username to use for authentication.
username: ${SERVICENOW_USERNAME}
# The password to use for authentication.
password: ${SERVICENOW_PASSWORD}
- package: ./dynamic-plugins/dist/janus-idp-backstage-scaffolder-backend-module-sonarqube-dynamic
disabled: true
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-aap-backend-dynamic
disabled: true
pluginConfig:
catalog:
providers:
aap:
prod:
baseUrl: '${AAP_BASE_URL}'
authorization: "${AAP_AUTH_TOKEN}"
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-3scale-backend-dynamic
disabled: true
pluginConfig:
catalog:
providers:
threeScaleApiEntity:
default:
baseUrl: '${THREESCALE_BASE_URL}'
accessToken: '${THREESCALE_ACCESS_TOKEN}'
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-keycloak-backend-dynamic
disabled: true
pluginConfig:
catalog:
providers:
keycloakOrg:
default:
baseUrl: "${KEYCLOAK_BASE_URL}"
loginRealm: "${KEYCLOAK_LOGIN_REALM}"
realm: "${KEYCLOAK_REALM}"
clientId: "${KEYCLOAK_CLIENT_ID}"
clientSecret: "${KEYCLOAK_CLIENT_SECRET}"
schedule:
frequency:
minutes: 60
initialDelay:
seconds: 15
timeout:
minutes: 50
- package: ./dynamic-plugins/dist/backstage-plugin-scaffolder-backend-module-bitbucket-cloud-dynamic
- package: ./dynamic-plugins/dist/backstage-plugin-catalog-backend-module-bitbucket-cloud-dynamic
disabled: true
pluginConfig:
# https://backstage.io/docs/integrations/bitbucketCloud/discovery#configuration
catalog:
providers:
bitbucketCloud:
default: # identifies your ingested dataset
workspace: ${BITBUCKET_WORKSPACE}
schedule:
frequency:
minutes: 30
initialDelay:
minutes: 1
timeout:
minutes: 3
- package: ./dynamic-plugins/dist/backstage-plugin-scaffolder-backend-module-bitbucket-server-dynamic
- package: ./dynamic-plugins/dist/backstage-plugin-catalog-backend-module-bitbucket-server-dynamic
disabled: true
pluginConfig:
# https://backstage.io/docs/integrations/bitbucketServer/discovery#configuration
catalog:
providers:
bitbucketServer:
default: # identifies your ingested dataset
host: ${BITBUCKET_HOST}
schedule:
frequency:
minutes: 30
initialDelay:
minutes: 1
timeout:
minutes: 3
- package: ./dynamic-plugins/dist/backstage-plugin-dynatrace
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-dynatrace:
mountPoints:
- mountPoint: entity.page.monitoring/cards
importName: DynatraceTab
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isDynatraceAvailable
- package: ./dynamic-plugins/dist/roadiehq-backstage-plugin-jira
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
roadiehq.backstage-plugin-jira:
mountPoints:
- mountPoint: entity.page.issues/cards
importName: EntityJiraOverviewCard
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isJiraAvailable
- package: ./dynamic-plugins/dist/roadiehq-backstage-plugin-datadog
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
roadiehq.backstage-plugin-datadog:
mountPoints:
- mountPoint: entity.page.monitoring/cards
importName: EntityDatadogContent
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isDatadogAvailable
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-tekton
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-tekton:
mountPoints:
- mountPoint: entity.page.ci/cards
importName: TektonCI
config:
layout:
gridColumn: "1 / -1"
if:
allOf:
- isTektonCIAvailable
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-quay
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-quay:
mountPoints:
- mountPoint: entity.page.image-registry/cards
importName: QuayPage
config:
layout:
gridColumn: 1 / -1
if:
anyOf:
- isQuayAvailable
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-nexus-repository-manager
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-nexus-repository-manager:
mountPoints:
- mountPoint: entity.page.image-registry/cards
importName: NexusRepositoryManagerPage
config:
layout:
gridColumn: 1 / -1
if:
anyOf:
- isNexusRepositoryManagerAvailable
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-acr
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-acr:
mountPoints:
- mountPoint: entity.page.image-registry/cards
importName: AcrPage
config:
layout:
gridColumn: 1 / -1
if:
anyOf:
- isAcrAvailable
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-jfrog-artifactory
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-jfrog-artifactory:
mountPoints:
- mountPoint: entity.page.image-registry/cards
importName: JfrogArtifactoryPage
config:
layout:
gridColumn: 1 / -1
if:
anyOf:
- isJfrogArtifactoryAvailable
- package: ./dynamic-plugins/dist/pagerduty-backstage-plugin
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
pagerduty.backstage-plugin:
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntityPagerDutyCard
config:
layout:
gridColumnEnd:
md: "span 6"
xs: "span 12"
if:
allOf:
- isPluginApplicableToEntity
- package: ./dynamic-plugins/dist/backstage-plugin-lighthouse
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-lighthouse:
appIcons:
- name: lighthouse
importName: LighthouseIcon
dynamicRoutes:
- path: /lighthouse
importName: LighthousePage
menuItem:
icon: lighthouse
text: Lighthouse
mountPoints:
- mountPoint: entity.page.overview/cards
importName: EntityLastLighthouseAuditCard
config:
layout:
gridColumnEnd:
md: "span 6"
xs: "span 12"
if:
allOf:
- isLighthouseAvailable
- package: ./dynamic-plugins/dist/backstage-plugin-tech-radar
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
backstage.plugin-tech-radar:
apiFactories:
- importName: TechRadarApi
appIcons:
- name: techRadar
importName: TechRadarIcon
dynamicRoutes:
- path: /tech-radar
importName: TechRadarPage
menuItem:
icon: techRadar
text: Tech Radar
config:
props:
width: 1500
height: 800
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-analytics-provider-segment
disabled: true
pluginConfig:
dynamicPlugins:
frontend:
janus-idp.backstage-plugin-analytics-provider-segment:
apiFactories:
- importName: SegmentAnalyticsApi
app:
analytics:
segment:
writeKey: ${SEGMENT_WRITE_KEY}
maskIP: ${SEGMENT_MASK_IP} # prevents IP addresses from being sent if true
testMode: ${SEGMENT_TEST_MODE} # prevents data from being sent if true
# -- Shorthand for users who do not want to specify a custom HOSTNAME. Used ONLY with the DEFAULT upstream.backstage.appConfig value and with OCP Route enabled.
clusterRouterBase: "apps.example.com"
# -- Custom hostname shorthand, overrides `global.clusterRouterBase`, `upstream.ingress.host`, `route.host`, and url values in `upstream.backstage.appConfig`.
host: ""
# -- Enable service authentication within Backstage instance
auth:
# -- Backend service to service authentication
#
Ref: https://backstage.io/docs/auth/service-to-service-auth/
backend:
# -- Enable backend service to service authentication, unless configured otherwise it generates a secret value
enabled: true
# -- Instead of generating a secret value, refer to existing secret
existingSecret: ""
# -- Instead of generating a secret value, use the following value
value: ""
# -- Upstream Backstage [chart configuration](https://github.com/backstage/charts/blob/main/charts/backstage/values.yaml)
# @default -- Use Openshift compatible settings
upstream:
nameOverride: sreez
backstage:
image:
registry: ghcr.io
repository: medmouine/sreez:amd64
tag: latest
command: []
# FIXME (tumido): USE POSTGRES_PASSWORD and POSTGRES_USER instead of POSTGRES_ADMIN_PASSWORD
# This is a hack. In {fedora,rhel}/postgresql images, regular user is forbidden
# from creating DBs in runtime. A single DB can be created ahead of time via
# POSTGRESQL_DATABASE env variable (in this case via
# upstream.postgresql.primary.extraEnvVars value), but this doesn't allow us to
# create multiple DBs. Since Backstage requires by default 5 different DBs, we
# can't accommodate that properly.
appConfig:
app:
# Please update to match host in case you don't want to configure hostname via `global.clusterRouterBase` or `global.host` if not deploying on an openshift cluster.
baseUrl: 'https://{{- include "janus-idp.hostname" . }}'
backend:
baseUrl: 'https://{{- include "janus-idp.hostname" . }}'
cors:
origin: 'https://{{- include "janus-idp.hostname" . }}'
database:
connection:
password: ${POSTGRESQL_ADMIN_PASSWORD}
user: postgres
auth:
keys:
- secret: ${BACKEND_SECRET}
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthcheck
port: 7007
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 2
timeoutSeconds: 2
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthcheck
port: 7007
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
extraEnvVars:
- name: BACKEND_SECRET
valueFrom:
secretKeyRef:
key: backend-secret
name: '{{ include "janus-idp.backend-secret-name" $ }}'
- name: POSTGRESQL_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-password
name: '{{- include "janus-idp.postgresql.secretName" . }}'
args:
# This additional `app-config`` file is generated by the initContainer below, and contains the merged configuration of installed dynamic plugins.
- '--config'
- dynamic-plugins-root/app-config.dynamic-plugins.yaml
extraVolumeMounts:
# The initContainer below will install dynamic plugins in this volume mount.
- name: dynamic-plugins-root
mountPath: /opt/app-root/src/dynamic-plugins-root
extraVolumes:
# -- Ephemeral volume that will contain the dynamic plugins installed by the initContainer below at start.
- name: dynamic-plugins-root
ephemeral:
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
# -- Size of the volume that will contain the dynamic plugins. It should be large enough to contain all the plugins.
storage: 2Gi
# Volume that will expose the `dynamic-plugins.yaml` file from the `dynamic-plugins` config map.
# The `dynamic-plugins` config map is created by the helm chart from the content of the `global.dynamic` field.
- name: dynamic-plugins
configMap:
defaultMode: 420
name: dynamic-plugins
optional: true
# Optional volume that allows exposing the `.npmrc` file (through a `dynamic-plugins-npmrc` secret)
# to be used when running `npm pack` during the dynamic plugins installation by the initContainer.
- name: dynamic-plugins-npmrc
secret:
defaultMode: 420
optional: true
secretName: dynamic-plugins-npmrc
initContainers:
- name: install-dynamic-plugins
# -- Image used by the initContainer to install dynamic plugins into the `dynamic-plugins-root` volume mount.
# It could be replaced by a custom image based on this one.
# @default -- `quay.io/janus-idp/backstage-showcase:latest`
image: '{{ include "backstage.image" . }}'
command:
- ./install-dynamic-plugins.sh
- /dynamic-plugins-root
env:
- name: NPM_CONFIG_USERCONFIG
value: /opt/app-root/src/.npmrc.dynamic-plugins
imagePullPolicy: Always
volumeMounts:
- mountPath: /dynamic-plugins-root
name: dynamic-plugins-root
- mountPath: /opt/app-root/src/dynamic-plugins.yaml
name: dynamic-plugins
readOnly: true
subPath: dynamic-plugins.yaml
- mountPath: /opt/app-root/src/.npmrc.dynamic-plugins
name: dynamic-plugins-npmrc
readOnly: true
subPath: .npmrc
workingDir: /opt/app-root/src
installDir: /opt/app-root/src
podAnnotations:
checksum/dynamic-plugins: >-
{{- include "common.tplvalues.render" ( dict "value"
.Values.global.dynamic "context" $) | sha256sum }}
postgresql:
enabled: true
postgresqlDataDir: /var/lib/pgsql/data/userdata
image:
registry: quay.io
repository: fedora/postgresql-15
tag: latest
auth:
secretKeys:
adminPasswordKey: postgres-password
userPasswordKey: password
primary:
podSecurityContext:
enabled: false
containerSecurityContext:
enabled: false
persistence:
enabled: true
size: 1Gi
mountPath: /var/lib/pgsql/data
extraEnvVars:
- name: POSTGRESQL_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-password
name: '{{- include "postgresql.v1.secretName" . }}'
ingress:
host: "{{ .Values.global.host }}"
# -- OpenShift Route parameters
route:
# -- Route specific annotations
annotations: {}
# -- Enable the creation of the route resource
enabled: true
# -- Set the host attribute to a custom value. If not set, OpenShift will generate it, please make sure to match your baseUrl
host: "{{ .Values.global.host }}"
# -- Path that the router watches for, to route traffic for to the service.
path: "/"
# -- Wildcard policy if any for the route. Currently only 'Subdomain' or 'None' is allowed.
wildcardPolicy: None
# -- Route TLS parameters
#
Ref: https://docs.openshift.com/container-platform/4.9/networking/routes/secured-routes.html
tls:
# -- Enable TLS configuration for the host defined at `route.host` parameter
enabled: true
# -- Specify TLS termination.
termination: "edge"
# -- Certificate contents
certificate: ""
# -- Key file contents
key: ""
# -- Cert authority certificate contents. Optional
caCertificate: ""
# -- Contents of the ca certificate of the final destination.
#
When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
destinationCACertificate: ""
# -- Indicates the desired behavior for insecure connections to a route.
#
While each router may make its own decisions on which ports to expose, this is normally port 80. The only valid values are None, Redirect, or empty for disabled.
insecureEdgeTerminationPolicy: "Redirect"