Skip to content

Instantly share code, notes, and snippets.

@nickboldt
Last active May 15, 2024 20:30
Show Gist options
  • Save nickboldt/726b1afb3a5f708de3d61d2cf4d1ed92 to your computer and use it in GitHub Desktop.
Save nickboldt/726b1afb3a5f708de3d61d2cf4d1ed92 to your computer and use it in GitHub Desktop.
enable quay plugin, disable guest login resitrctions (unsafe)
data:
dynamic-plugins.yaml: |
includes:
- dynamic-plugins.default.yaml
plugins:
- package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-quay
disabled: false
global:
auth:
backend:
enabled: true
existingSecret: ''
value: ''
clusterRouterBase: apps.example.com
dynamic:
includes:
- dynamic-plugins.default.yaml
plugins:
- disabled: false
package: ./dynamic-plugins/dist/janus-idp-backstage-plugin-quay
host: ''
route:
annotations: {}
enabled: true
host: '{{ .Values.global.host }}'
path: /
tls:
caCertificate: ''
certificate: ''
destinationCACertificate: ''
enabled: true
insecureEdgeTerminationPolicy: Redirect
key: ''
termination: edge
wildcardPolicy: None
upstream:
backstage:
appConfig:
app:
baseUrl: 'https://{{- include "janus-idp.hostname" . }}'
auth:
providers:
guest:
dangerouslyAllowOutsideDevelopment: true
backend:
auth:
keys:
- secret: '${BACKEND_SECRET}'
baseUrl: 'https://{{- include "janus-idp.hostname" . }}'
cors:
origin: 'https://{{- include "janus-idp.hostname" . }}'
database:
connection:
password: '${POSTGRESQL_ADMIN_PASSWORD}'
user: postgres
permission:
enabled: false
quay:
uiUrl: 'https://quay.io'
args:
- '--config'
- dynamic-plugins-root/app-config.dynamic-plugins.yaml
command: []
extraEnvVars:
- name: BACKEND_SECRET
valueFrom:
secretKeyRef:
key: backend-secret
name: '{{ include "janus-idp.backend-secret-name" $ }}'
- name: POSTGRESQL_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-password
name: '{{- include "janus-idp.postgresql.secretName" . }}'
extraVolumeMounts:
- mountPath: /opt/app-root/src/dynamic-plugins-root
name: dynamic-plugins-root
extraVolumes:
- ephemeral:
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
name: dynamic-plugins-root
- configMap:
defaultMode: 420
name: dynamic-plugins
optional: true
name: dynamic-plugins
- name: dynamic-plugins-npmrc
secret:
defaultMode: 420
optional: true
secretName: dynamic-plugins-npmrc
image:
pullSecrets:
- rhdh-pull-secret
registry: quay.io
repository: janus-idp/backstage-showcase
tag: pr-1262
initContainers:
- command:
- ./install-dynamic-plugins.sh
- /dynamic-plugins-root
env:
- name: NPM_CONFIG_USERCONFIG
value: /opt/app-root/src/.npmrc.dynamic-plugins
image: '{{ include "backstage.image" . }}'
imagePullPolicy: Always
name: install-dynamic-plugins
volumeMounts:
- mountPath: /dynamic-plugins-root
name: dynamic-plugins-root
- mountPath: /opt/app-root/src/dynamic-plugins.yaml
name: dynamic-plugins
readOnly: true
subPath: dynamic-plugins.yaml
- mountPath: /opt/app-root/src/.npmrc.dynamic-plugins
name: dynamic-plugins-npmrc
readOnly: true
subPath: .npmrc
workingDir: /opt/app-root/src
installDir: /opt/app-root/src
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthcheck
port: 7007
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
podAnnotations:
checksum/dynamic-plugins: >-
{{- include "common.tplvalues.render" ( dict "value"
.Values.global.dynamic "context" $) | sha256sum }}
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthcheck
port: 7007
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 2
timeoutSeconds: 2
ingress:
host: '{{ .Values.global.host }}'
nameOverride: developer-hub
postgresql:
auth:
secretKeys:
adminPasswordKey: postgres-password
userPasswordKey: password
enabled: true
image:
registry: registry.redhat.io
repository: rhel9/postgresql-15
tag: latest
postgresqlDataDir: /var/lib/pgsql/data/userdata
primary:
containerSecurityContext:
enabled: false
extraEnvVars:
- name: POSTGRESQL_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-password
name: '{{- include "postgresql.v1.secretName" . }}'
persistence:
enabled: true
mountPath: /var/lib/pgsql/data
size: 1Gi
podSecurityContext:
enabled: false
data:
app-config.yaml: |
app:
baseUrl: https://...
backend:
auth:
keys:
- secret: ${BACKEND_SECRET}
baseUrl: https://...
cors:
origin: https://...
database:
connection:
password: ${POSTGRESQL_ADMIN_PASSWORD}
user: postgres
quay:
uiUrl: https://quay.io
permission:
enabled: false
auth:
providers:
guest:
dangerouslyAllowOutsideDevelopment: true