diff --git a/app-config.deprecated.yaml b/app-config.deprecated.yaml new file mode 100644 index 0000000000..d105291d76 --- /dev/null +++ b/app-config.deprecated.yaml @@ -0,0 +1,346 @@ +app: + title: Janus IDP Backstage Showcase + baseUrl: http://localhost:3000 + # Plugin: Segment + analytics: + segment: + writeKey: ${SEGMENT_WRITE_KEY} + maskIP: ${SEGMENT_MASK_IP} # prevents IP addresses from being sent if true + testMode: ${SEGMENT_TEST_MODE} # prevents data from being sent if true + branding: + fullLogo: ${BASE64_EMBEDDED_FULL_LOGO} + iconLogo: ${BASE64_EMBEDDED_ICON_LOGO} + theme: + light: + primaryColor: ${PRIMARY_LIGHT_COLOR} + headerColor1: ${HEADER_LIGHT_COLOR_1} + headerColor2: ${HEADER_LIGHT_COLOR_2} + navigationIndicatorColor: ${NAV_INDICATOR_LIGHT_COLOR} + dark: + primaryColor: ${PRIMARY_DARK_COLOR} + headerColor1: ${HEADER_DARK_COLOR_1} + headerColor2: ${HEADER_DARK_COLOR_2} + navigationIndicatorColor: ${NAV_INDICATOR_DARK_COLOR} +organization: + name: My Org + +backend: + # Required for authentication. This secret is shared by all backend plugins. + # In development mode a temporary secret is automatically created. + # See https://backstage.io/docs/auth/service-to-service-auth for + # information on the format + # auth: + # keys: + # - secret: ${BACKEND_AUTH_SECRET} + baseUrl: http://localhost:7007 + listen: + port: 7007 + # Uncomment the following host directive to bind to specific interfaces + # host: 127.0.0.1 + csp: + # Content-Security-Policy directives follow the Helmet format: https://helmetjs.github.io/#reference + # Default Helmet Content-Security-Policy values can be removed by setting the key to false + connect-src: + - "'self'" + - 'http:' + - 'https:' + # Plugin: Jira + img-src: + # "'self'" and 'data' are from the backstage default but must be set since img-src is overwritten + - "'self'" + - 'data:' + # Allow your Jira instance for @roadiehq/backstage-plugin-jira + - ${JIRA_URL} + cors: + origin: http://localhost:3000 + methods: [GET, HEAD, PATCH, POST, PUT, DELETE] + credentials: true + # This is for local development only, it is not recommended to use this in production + # The production database configuration is stored in app-config.production.yaml + database: + client: better-sqlite3 + connection: ':memory:' + # workingDirectory: /tmp # Use this to configure a working directory for the scaffolder, defaults to the OS temp-dir + +integrations: + # Plugin: GitHub + github: + - host: github.com + # This is a GitHub App. You can find out how to generate this file, and more information + # about setting up the GitHub integration here: https://backstage.io/docs/integrations/github/github-apps + apps: + # - $include: github-app-backstage-showcase-credentials.yaml + - appId: ${GITHUB_APP_APP_ID} + webhookUrl: ${GITHUB_APP_WEBHOOK_URL} + clientId: ${GITHUB_APP_CLIENT_ID} + clientSecret: ${GITHUB_APP_CLIENT_SECRET} + webhookSecret: ${GITHUB_APP_WEBHOOK_SECRET} + privateKey: | + ${GITHUB_APP_PRIVATE_KEY} + + # Plugin: GitLab + gitlab: + - host: ${GITLAB_HOST} + token: ${GITLAB_TOKEN} + apiBaseUrl: ${GITLAB_API_BASE_URL} + + # Plugin: Azure DevOps + azure: + - host: dev.azure.com + token: ${AZURE_TOKEN} + + # Plugin: Bitbucket Server + bitbucketServer: + - host: ${BITBUCKET_SERVER_HOST} + apiBaseUrl: ${BITBUCKET_API_BASE_URL} + username: ${BITBUCKET_SERVER_USERNAME} + password: ${BITBUCKET_SERVER_PASSWORD} + +# Plugin: Azure DevOps +azureDevOps: + host: dev.azure.com + token: ${AZURE_TOKEN} + organization: ${AZURE_ORG} + +proxy: + endpoints: + # Plugin: Quay + '/quay/api': + target: https://quay.io/ + headers: + X-Requested-With: 'XMLHttpRequest' + # Uncomment the following line to access a private Quay Repository using a token + # Authorization: 'Bearer ' + changeOrigin: true + secure: true + + # Plugin: SonarQube + '/sonarqube': + # if not using sonarqube, assign SONARQUBE_URL to https://sonarcloud.io + # target: https://sonarcloud.io/api + target: ${SONARQUBE_URL}/api + allowedMethods: ['GET'] + auth: ${SONARQUBE_TOKEN} + + # Plugin: Jenkins + '/jenkins/api': + target: ${JENKINS_URL} + headers: + Authorization: ${JENKINS_TOKEN} + + # Plugin: Jira + '/jira/api': + target: ${JIRA_URL} + headers: + Authorization: ${JIRA_TOKEN} + Accept: 'application/json' + Content-Type: 'application/json' + X-Atlassian-Token: 'no-check' + User-Agent: ${JIRA_USER_AGENT} + + # Plugin: Jfrog Artifactory + '/jfrog-artifactory/api': + target: ${ARTIFACTORY_URL} + headers: + Authorization: Bearer ${ARTIFACTORY_TOKEN} + # Change to "false" in case of using self hosted artifactory instance with a self-signed certificate + secure: ${ARTIFACTORY_SECURE} + + # Plugin: PagerDuty + '/pagerduty': + target: https://api.pagerduty.com + headers: + Authorization: Token token=${PAGERDUTY_TOKEN} + + # Plugin: Dynatrace + '/dynatrace': + target: ${DYNATRACE_API_URL} + headers: + # This API access token requires entities.read and problems.read permissions + # For more info on how to generate this token: https://www.dynatrace.com/support/help/dynatrace-api/basics/dynatrace-api-authentication + Authorization: 'Api-Token ${DYNATRACE_ACCESS_TOKEN}' + + # Plugin: Nexus Repository Manager + '/nexus-repository-manager': + target: ${NEXUS_REPOSITORY_MANAGER_URL} + headers: + X-Requested-With: 'XMLHttpRequest' + # Uncomment the following line to access a private Nexus Repository Manager using a token + # Authorization: 'Bearer ' + changeOrigin: true + # Change to "false" in case of using self hosted Nexus Repository Manager instance with a self-signed certificate + secure: ${NEXUS_REPOSITORY_MANAGER_SECURE} + +# Reference documentation http://backstage.io/docs/features/techdocs/configuration +# Note: After experimenting with basic setup, use CI/CD to generate docs +# and an external cloud storage when deploying TechDocs for production use-case. +# https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach + +# Plugin: TechDocs +techdocs: + builder: ${TECHDOCS_BUILDER_TYPE} + generator: + runIn: ${TECHDOCS_GENERATOR_TYPE} + publisher: + type: ${TECHDOCS_PUBLISHER_TYPE} + awsS3: + bucketName: ${BUCKET_NAME} + region: ${BUCKET_REGION_VAULT} + endpoint: ${BUCKET_URL} + s3ForcePathStyle: true + credentials: + accessKeyId: ${AWS_ACCESS_KEY_ID} + secretAccessKey: ${AWS_SECRET_ACCESS_KEY} + +auth: + # see https://backstage.io/docs/auth/ to learn about auth providers + environment: development + providers: + # Plugin: GitHub + github: + development: + clientId: ${AUTH_GITHUB_CLIENT_ID} + clientSecret: ${AUTH_GITHUB_CLIENT_SECRET} + +scaffolder: + {} + # see https://backstage.io/docs/features/software-templates/configuration for software template options + +catalog: + import: + entityFilename: catalog-info.yaml + pullRequestBranchName: backstage-integration + rules: + - allow: [Component, System, Group, Resource, Location, Template, API] + locations: + - type: url + target: https://github.com/janus-idp/backstage-showcase/blob/main/catalog-entities/all.yaml + + - type: url + target: https://github.com/janus-idp/software-templates/blob/main/showcase-templates.yaml + + providers: + # Plugin: Keycloak + keycloakOrg: + default: + baseUrl: ${KEYCLOAK_BASE_URL} + loginRealm: ${KEYCLOAK_LOGIN_REALM} + realm: ${KEYCLOAK_REALM} + clientId: ${KEYCLOAK_CLIENT_ID} + clientSecret: ${KEYCLOAK_CLIENT_SECRET} + + # Plugin: OCM + ocm: + default: + name: ${OCM_HUB_NAME} + url: ${OCM_HUB_URL} + serviceAccountToken: ${moc_infra_token} + owner: janus-authors + + # Plugin: GitHub Org Data + githubOrg: + default: + id: production + orgUrl: ${GITHUB_ORG_URL} + + # Plugin: GitHub Discovery + # uncomment following lines and set GITHUB_ORG to enable GitHub Discovery + # github: + # providerId: + # organization: "${GITHUB_ORG}" + + # Plugin: AAP backend plugin + aap: + prod: + baseUrl: ${AAP_BASE_URL} + authorization: ${AAP_AUTH_TOKEN} + +# Plugin: Kubernetes, OCM +kubernetes: + customResources: + - group: 'tekton.dev' + apiVersion: 'v1beta1' + plural: 'pipelines' + - group: 'tekton.dev' + apiVersion: 'v1beta1' + plural: 'pipelineruns' + - group: 'tekton.dev' + apiVersion: 'v1beta1' + plural: 'taskruns' + - group: 'route.openshift.io' + apiVersion: 'v1' + plural: 'routes' + serviceLocatorMethod: + type: 'multiTenant' + clusterLocatorMethods: + - type: 'config' + clusters: + - name: ${K8S_CLUSTER_NAME} + url: ${K8S_CLUSTER_URL} + authProvider: 'serviceAccount' + skipTLSVerify: true + serviceAccountToken: ${K8S_CLUSTER_TOKEN} + +# Plugin: ArgoCD +argocd: + username: ${ARGOCD_USERNAME} + password: ${ARGOCD_PASSWORD} + appLocatorMethods: + - type: 'config' + instances: + - name: argoInstance1 + url: ${ARGOCD_INSTANCE1_URL} + token: ${ARGOCD_AUTH_TOKEN} + - name: argoInstance2 + url: ${ARGOCD_INSTANCE2_URL} + token: ${ARGOCD_AUTH_TOKEN2} + +# Plugin: SonarQube +sonarqube: + baseUrl: ${SONARQUBE_URL} + apiKey: ${SONARQUBE_TOKEN} + +# Plugin: Jenkins +jenkins: + instances: + - name: default + baseUrl: ${JENKINS_URL} + username: ${JENKINS_USERNAME} + apiKey: ${JENKINS_TOKEN} + +# Plugin: PagerDuty +pagerduty: + # uncomment the following, and provide a URL to override the default URL used for events + # eventsBaseUrl: + +# Plugin: Lighthouse +lighthouse: + baseUrl: ${LIGHTHOUSE_BASEURL} + +# Plugin: Dynatrace +dynatrace: + baseUrl: ${DYNATRACE_URL} + +# Plugin: Permission +permission: + enabled: ${PERMISSION_ENABLED} + +enabled: + kubernetes: ${K8S_ENABLED} + techdocs: ${TECHDOCS_ENABLED} + argocd: ${ARGOCD_ENABLED} + sonarqube: ${SONARQUBE_ENABLED} + keycloak: ${KEYCLOAK_ENABLED} + ocm: ${OCM_ENABLED} + github: ${GITHUB_ENABLED} + githubOrg: ${GITHUB_ORG_ENABLED} + gitlab: ${GITLAB_ENABLED} + azureDevOps: ${AZURE_ENABLED} + jenkins: ${JENKINS_ENABLED} + permission: ${PERMISSION_ENABLED} + metrics: ${METRICS_ENABLED} + aap: ${AAP_ENABLED} + +dynamicPlugins: + rootDirectory: dynamic-plugins-root + frontend: {} \ No newline at end of file diff --git a/app-config.example.yaml b/app-config.example.yaml index aaf3c60420..50715a9bb8 100644 --- a/app-config.example.yaml +++ b/app-config.example.yaml @@ -10,9 +10,6 @@ organization: name: My Org backend: - auth: - keys: - - secret: temp baseUrl: http://localhost:7007 listen: port: 7007 @@ -33,61 +30,18 @@ proxy: skipInvalidProxies: true endpoints: {} -integrations: - github: - - host: github.com - # This is a GitHub App. You can find out how to generate this file, and more information - # about setting up the GitHub integration here: https://backstage.io/docs/integrations/github/github-apps - apps: - - appId: 1 - webhookUrl: temp - clientId: temp - clientSecret: temp - webhookSecret: temp - privateKey: | - temp - - bitbucketServer: - - host: bitbucket.com - apiBaseUrl: temp - username: temp - password: temp - gitlab: - - host: gitlab.com - token: temp - -argocd: - appLocatorMethods: - - type: 'config' - instances: - - name: argoInstance1 - url: temp - token: temp - - name: argoInstance2 - url: temp - token: temp - -auth: - environment: development - providers: - github: - development: - clientId: temp - clientSecret: temp - -techdocs: - builder: external - generator: - runIn: local - publisher: - type: awsS3 - lighthouse: baseUrl: temp dynatrace: baseUrl: temp +techdocs: + builder: external + +auth: + environment: development + catalog: import: entityFilename: catalog-info.yaml diff --git a/app-config.production.yaml b/app-config.production.yaml index dd956f80c7..73893e12b4 100644 --- a/app-config.production.yaml +++ b/app-config.production.yaml @@ -17,7 +17,8 @@ backend: baseUrl: http://localhost:7007 # The listener can also be expressed as a single : string. In this case we bind to # all interfaces, the most permissive setting. The right value depends on your specific deployment. - listen: ':7007' + listen: + port: 7007 # config options: https://node-postgres.com/api/client database: @@ -36,9 +37,3 @@ backend: auth: environment: production - providers: - github: - production: - clientId: ${GITHUB_APP_CLIENT_ID} - clientSecret: ${GITHUB_APP_CLIENT_SECRET} - oauth2Proxy: {} diff --git a/app-config.yaml b/app-config.yaml index cc70dcfd5b..3384928bb2 100644 --- a/app-config.yaml +++ b/app-config.yaml @@ -21,8 +21,9 @@ app: headerColor1: ${HEADER_DARK_COLOR_1} headerColor2: ${HEADER_DARK_COLOR_2} navigationIndicatorColor: ${NAV_INDICATOR_DARK_COLOR} + organization: - name: My Org + name: ${ORGANIZATION_NAME} backend: # Required for authentication. This secret is shared by all backend plugins. @@ -62,46 +63,6 @@ backend: connection: ':memory:' # workingDirectory: /tmp # Use this to configure a working directory for the scaffolder, defaults to the OS temp-dir -integrations: - # Plugin: GitHub - github: - - host: github.com - # This is a GitHub App. You can find out how to generate this file, and more information - # about setting up the GitHub integration here: https://backstage.io/docs/integrations/github/github-apps - apps: - # - $include: github-app-backstage-showcase-credentials.yaml - - appId: ${GITHUB_APP_APP_ID} - webhookUrl: ${GITHUB_APP_WEBHOOK_URL} - clientId: ${GITHUB_APP_CLIENT_ID} - clientSecret: ${GITHUB_APP_CLIENT_SECRET} - webhookSecret: ${GITHUB_APP_WEBHOOK_SECRET} - privateKey: | - ${GITHUB_APP_PRIVATE_KEY} - - # Plugin: GitLab - gitlab: - - host: ${GITLAB_HOST} - token: ${GITLAB_TOKEN} - apiBaseUrl: ${GITLAB_API_BASE_URL} - - # Plugin: Azure DevOps - azure: - - host: dev.azure.com - token: ${AZURE_TOKEN} - - # Plugin: Bitbucket Server - bitbucketServer: - - host: ${BITBUCKET_SERVER_HOST} - apiBaseUrl: ${BITBUCKET_API_BASE_URL} - username: ${BITBUCKET_SERVER_USERNAME} - password: ${BITBUCKET_SERVER_PASSWORD} - -# Plugin: Azure DevOps -azureDevOps: - host: dev.azure.com - token: ${AZURE_TOKEN} - organization: ${AZURE_ORG} - proxy: endpoints: # Plugin: Quay @@ -171,38 +132,8 @@ proxy: # Change to "false" in case of using self hosted Nexus Repository Manager instance with a self-signed certificate secure: ${NEXUS_REPOSITORY_MANAGER_SECURE} -# Reference documentation http://backstage.io/docs/features/techdocs/configuration -# Note: After experimenting with basic setup, use CI/CD to generate docs -# and an external cloud storage when deploying TechDocs for production use-case. -# https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach - -# Plugin: TechDocs -techdocs: - builder: ${TECHDOCS_BUILDER_TYPE} - generator: - runIn: ${TECHDOCS_GENERATOR_TYPE} - publisher: - type: ${TECHDOCS_PUBLISHER_TYPE} - awsS3: - bucketName: ${BUCKET_NAME} - region: ${BUCKET_REGION_VAULT} - endpoint: ${BUCKET_URL} - s3ForcePathStyle: true - credentials: - accessKeyId: ${AWS_ACCESS_KEY_ID} - secretAccessKey: ${AWS_SECRET_ACCESS_KEY} - -auth: - # see https://backstage.io/docs/auth/ to learn about auth providers - environment: development - providers: - # Plugin: GitHub - github: - development: - clientId: ${AUTH_GITHUB_CLIENT_ID} - clientSecret: ${AUTH_GITHUB_CLIENT_SECRET} - scaffolder: + {} # see https://backstage.io/docs/features/software-templates/configuration for software template options catalog: @@ -218,95 +149,6 @@ catalog: - type: url target: https://github.com/janus-idp/software-templates/blob/main/showcase-templates.yaml - providers: - # Plugin: Keycloak - keycloakOrg: - default: - baseUrl: ${KEYCLOAK_BASE_URL} - loginRealm: ${KEYCLOAK_LOGIN_REALM} - realm: ${KEYCLOAK_REALM} - clientId: ${KEYCLOAK_CLIENT_ID} - clientSecret: ${KEYCLOAK_CLIENT_SECRET} - - # Plugin: OCM - ocm: - default: - name: ${OCM_HUB_NAME} - url: ${OCM_HUB_URL} - serviceAccountToken: ${moc_infra_token} - owner: janus-authors - - # Plugin: GitHub Org Data - githubOrg: - default: - id: production - orgUrl: ${GITHUB_ORG_URL} - - # Plugin: GitHub Discovery - # uncomment following lines and set GITHUB_ORG to enable GitHub Discovery - # github: - # providerId: - # organization: "${GITHUB_ORG}" - - # Plugin: AAP backend plugin - aap: - prod: - baseUrl: ${AAP_BASE_URL} - authorization: ${AAP_AUTH_TOKEN} - -# Plugin: Kubernetes, OCM -kubernetes: - customResources: - - group: 'tekton.dev' - apiVersion: 'v1beta1' - plural: 'pipelines' - - group: 'tekton.dev' - apiVersion: 'v1beta1' - plural: 'pipelineruns' - - group: 'tekton.dev' - apiVersion: 'v1beta1' - plural: 'taskruns' - - group: 'route.openshift.io' - apiVersion: 'v1' - plural: 'routes' - serviceLocatorMethod: - type: 'multiTenant' - clusterLocatorMethods: - - type: 'config' - clusters: - - name: ${K8S_CLUSTER_NAME} - url: ${K8S_CLUSTER_URL} - authProvider: 'serviceAccount' - skipTLSVerify: true - serviceAccountToken: ${K8S_CLUSTER_TOKEN} - -# Plugin: ArgoCD -argocd: - username: ${ARGOCD_USERNAME} - password: ${ARGOCD_PASSWORD} - appLocatorMethods: - - type: 'config' - instances: - - name: argoInstance1 - url: ${ARGOCD_INSTANCE1_URL} - token: ${ARGOCD_AUTH_TOKEN} - - name: argoInstance2 - url: ${ARGOCD_INSTANCE2_URL} - token: ${ARGOCD_AUTH_TOKEN2} - -# Plugin: SonarQube -sonarqube: - baseUrl: ${SONARQUBE_URL} - apiKey: ${SONARQUBE_TOKEN} - -# Plugin: Jenkins -jenkins: - instances: - - name: default - baseUrl: ${JENKINS_URL} - username: ${JENKINS_USERNAME} - apiKey: ${JENKINS_TOKEN} - # Plugin: PagerDuty pagerduty: # uncomment the following, and provide a URL to override the default URL used for events @@ -325,20 +167,8 @@ permission: enabled: ${PERMISSION_ENABLED} enabled: - kubernetes: ${K8S_ENABLED} - techdocs: ${TECHDOCS_ENABLED} - argocd: ${ARGOCD_ENABLED} - sonarqube: ${SONARQUBE_ENABLED} - keycloak: ${KEYCLOAK_ENABLED} - ocm: ${OCM_ENABLED} - github: ${GITHUB_ENABLED} - githubOrg: ${GITHUB_ORG_ENABLED} - gitlab: ${GITLAB_ENABLED} - azureDevOps: ${AZURE_ENABLED} - jenkins: ${JENKINS_ENABLED} permission: ${PERMISSION_ENABLED} metrics: ${METRICS_ENABLED} - aap: ${AAP_ENABLED} dynamicPlugins: rootDirectory: dynamic-plugins-root diff --git a/dynamic-plugins.default.yaml b/dynamic-plugins.default.yaml index e0daa67bda..4164bbb0f3 100644 --- a/dynamic-plugins.default.yaml +++ b/dynamic-plugins.default.yaml @@ -188,6 +188,10 @@ plugins: pluginConfig: enabled: techdocs: true + # Reference documentation http://backstage.io/docs/features/techdocs/configuration + # Note: After experimenting with basic setup, use CI/CD to generate docs + # and an external cloud storage when deploying TechDocs for production use-case. + # https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach techdocs: builder: ${TECHDOCS_BUILDER_TYPE} generator: diff --git a/showcase-docs/getting-started.md b/showcase-docs/getting-started.md index e20fd7f694..aba515e8b9 100644 --- a/showcase-docs/getting-started.md +++ b/showcase-docs/getting-started.md @@ -42,80 +42,18 @@ The easiest and fastest method for getting started: Backstage Showcase app, runn yarn export-dynamic -- -- --dev ``` - **Note:** The `-- -- ` arguments are required to forward the `--dev` argument to every yarn workspace providing an `export-dynamic` script. + **Note:** The `-- --` arguments are required to forward the `--dev` argument to every yarn workspace providing an `export-dynamic` script. 5. Copy the required code snippet from `app-config.yaml` into `app-config.local.yaml`. Note: Each plugin has a `# Plugin: ` comment above the required code snippet(s). - - Enable plugins (All plugins have a default of `false`) - - - `${K8S_ENABLED}`: Set to `true` to enable the Kubernetes backend plugin. - - `${TECHDOCS_ENABLED}` Set to `true` to enable the Techdocs backend plugin. - - `${ARGOCD_ENABLED}` Set to `true` to enable the ArgoCD backend plugin. - - `${SONARQUBE_ENABLED}` Set to `true` to enable the SonarQube backend plugin. - - `${KEYCLOAK_ENABLED}` Set to `true` to enable the Keycloak backend plugin. - - `${OCM_ENABLED}` Set to `true` to enable the OCM backend plugin. - - `${GITHUB_ENABLED}` Set to `true` to enable the GitHub Entity backend plugin. - - `${GITHUB_ORG_ENABLED}` Set to `true` to enable the GitHub Org Entity backend plugin. - - `${GITLAB_ENABLED}` Set to `true` to enable the GitLab Entity backend plugin. - - `${AZURE_ENABLED}` Set to `true` to enable the Azure DevOps Entity backend plugin. - - `${JENKINS_ENABLED}` Set to `true` to enable the Jenkins Entity backend plugin. - - `${METRICS_ENABLED}` Set to `true` to enable Prometheus metrics (metrics will be available on `http://localhost:7007/metrics`). - - `${AAP_ENABLED}` Set to `true` to enable the AAP backend plugin - - - Setup the GitHub plugins (GitHub Issues and GitHub Pull Request) - - - This [URL](https://backstage.io/docs/integrations/github/github-apps) can be used to quickly create a GitHub app, you can name the yaml file `github-app-backstage-showcase-credentials.local.yaml` - - `${GITHUB_APP_CLIENT_ID}`: client id - - `${GITHUB_APP_CLIENT_SECRET}`: client secret - - - Setup the GitHub Org Entity backend plugin + - Set your Organization Name - - `${GITHUB_ORG_URL}`: URL for the GitHub Org (example: `https://github.com/janus-idp`) - - - Setup the GitHub Entity backend plugin with automatic discovery - - - add `github` provider to your `app-config.local.yaml`: - - ```yaml - catalog: - providers: - github: - myorg: - organization: '${GITHUB_ORG}' - ``` + - ${ORGANIZATION_NAME}: organization name - - set the environment variable `${GITHUB_ORG}` to the name of your GitHub organization (example: `janus-idp`) - - This [URL](https://backstage.io/docs/integrations/github/discovery#configuration) documents all available configuration options - - - Setup the GitLab plugin - - - `${GITLAB_HOST}`: your gitlab host - - This [URL](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) describes how to create a GitLab personal access token - - `${GITLAB_TOKEN}`: personal access token - - `${GITLAB_API_BASE_URL}`: the base url for the gitlab api. - - Typically it is in the form `https://${GITLAB_HOST}/api/v4`. - - Note: if your `${GITLAB_HOST}` is set to `gitlab.com`, then you won't need to provide a value for this since it will be automatically inferred to be `https://gitlab.com/api/v4` - - If you want to enable gitlab discovery for components, you will need to add the following snippet into your `app-config.yaml`: - - ```yaml - catalog: - providers: - gitlab: - yourProviderId: - host: ${GITLAB_HOST} - group: example-group # Note that this is an optional field - ``` - - - Note that the group field is completely optional, but we highly recommend you specify a group/subgroup to narrow the scope in which the Discovery would search through - - The Gitlab Discovery does not ingest the discovered components into the catalog until it is done searching through the ENTIRE provided scope of the instance - - This may result in a delay of potentially hours before the component is ingested if the provided instance is large enough. - - For more information on how to configure for Gitlab Discovery, please refer to the [Documentation](https://backstage.io/docs/integrations/gitlab/discovery/) for the plugin. - - - Setup the Azure DevOps plugin + - Enable plugins (All plugins have a default of `false`) - - This [URL](https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows) can be used to quickly create an Azure personal access token - - `${AZURE_TOKEN}`: personal access token - - `${AZURE_ORG}`: Azure DevOps Services (cloud) Organization name or the Azure DevOps Server + - `${METRICS_ENABLED}` Set to `true` to enable Prometheus metrics (metrics will be available on `http://localhost:7007/metrics`). + - `${PERMISSION_ENABLED}` Set to `true` to enable RBAC (permission will be available on `http://localhost:7007/permission`). - Setup the Jira plugin @@ -131,53 +69,11 @@ The easiest and fastest method for getting started: Backstage Showcase app, runn - `${ARTIFACTORY_TOKEN}`: API token - `${ARTIFACTORY_SECURE}`: Change to `false` in case of using self hosted artifactory instance with a self-signed certificate - - Setup the ArgoCD instances(s) - - - If using a shared username and password across the instances, you can define them in the username and password variables and arbitrarily assign the urls and tokens - - If using tokens for each individual instance, you can assign arbitrary variables to the tokens - - `${ARGOCD_USERNAME}` Username for the instance(s) - - `${ARGOCD_PASSWORD}` Password for the instance(s) - - `${ARGOCD_INSTANCE1_URL}`: URL to the instance - - `${ARGOCD_AUTH_TOKEN}`: token to the instance - - `${ARGOCD_INSTANCE2_URL}`: URL to the instance - - `${ARGOCD_AUTH_TOKEN2}`: token to the instance - - - Setup the Keycloak instance(s) - - - `${KEYCLOAK_BASE_URL}`: base URL of the Keycloak instance - - `${KEYCLOAK_LOGIN_REALM}`: login realm - - `${KEYCLOAK_REALM}`: realm - - `${KEYCLOAK_CLIENT_ID}`: client id - - `${KEYCLOAK_CLIENT_SECRET}`: client secret - - - Setup the kubernetes cluster plugin - - - `${K8S_CLUSTER_NAME}`: cluster name - - `${K8S_CLUSTER_URL}`: cluster url - - `${K8S_CLUSTER_TOKEN}`: cluster token - - - Setup the Open Cluster Management plugin - - - `${OCM_HUB_NAME}`: hub cluster name - - `${OCM_HUB_URL}`: hub cluster url - - `${moc_infra_token}`: hub token - - Setup the SonarQube instance - `${SONARQUBE_URL}` the url at which sonarqube can be found. Mandatory if plugin is enabled - `${SONARQUBE_TOKEN}` a sonarqube [token](https://docs.sonarqube.org/9.8/user-guide/user-account/generating-and-using-tokens/) with enough permission to read all the SonaQube projects. Mandatory if plugin is enabled - - Setup the Techdocs plugin with an external S3 bucket storage - - - `${TECHDOCS_BUILDER_TYPE}` Set to 'local' for simple setup, or 'external' to use a pipeline - - `${TECHDOCS_GENERATOR_TYPE}` Set to 'local' for most of the use cases. You can use also 'docker' - - `${TECHDOCS_PUBLISHER_TYPE}` Set to 'local' for simple setup, or 'awsS3' to use a S3 storage. 'googleGcs' is not supported at the moment. - - `${BUCKET_NAME}` the bucket name - - `${BUCKET_REGION_VAULT}` the bucket region - - `${BUCKET_URL}` the bucket url - - `${AWS_ACCESS_KEY_ID}` the AWS credentials Key Id - - `${AWS_SECRET_ACCESS_KEY}` the AWS credentials Access Key - - Setup a Jenkins instance and then pass the following environment variables to backstage: - `${JENKINS_URL}` with the URL where your Jenkins instance can be accessed @@ -190,13 +86,6 @@ The easiest and fastest method for getting started: Backstage Showcase app, runn - `${SEGMENT_MASK_IP}`: prevents IP addresses to be sent if true - `${SEGMENT_TEST_MODE}`: prevents data from being sent if true - - Setup the Bitbucket Server Instance - - - `${BITBUCKET_SERVER_HOST}`: The host of the bitbucket Server Instance. e.g. `bitbucket.mycompany.com` - - `${BITBUCKET_API_BASE_URL}`: The URL of the Bitbucket Server API. For self-hosted installations, it is commonly at `https:///rest/api/1.0` - - `${BITBUCKET_SERVER_USERNAME}`: Basic Auth Username for Bitbucket Server - - `${BITBUCKET_SERVER_PASSWORD}`: Basic Auth Password for Bitbucket Server. A [token](https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html) can be used in place of the password. - - Setup the PagerDuty plugin - `${PAGERDUTY_TOKEN}` with the [API token](https://support.pagerduty.com/docs/api-access-keys#generating-a-general-access-rest-api-key) used to make requests to the [PagerDuty API](https://developer.pagerduty.com/docs/rest-api-v2/rest-api/). Note that this will require a PaperDuty Admin role. @@ -241,32 +130,22 @@ The easiest and fastest method for getting started: Backstage Showcase app, runn - Enabling Authentication in Showcase - - There are currently three options for sign on providers within the showcase app. The availability of the sign on providers are determined by the variable set under `auth.environment`. - - - To enable the GitHub and Guest sign on providers, add the following to the config file and set `clientId` and `clientSecret` to the appropriate values based on your GitHub OAuth App. See G[itHub Authentication Provider](https://backstage.io/docs/auth/github/provider) documentation for more information and all available configuration options. - - ```yaml - auth: - environment: development - providers: - github: - development: - clientId: ${AUTH_GITHUB_CLIENT_ID} - clientSecret: ${AUTH_GITHUB_CLIENT_SECRET} - ``` - - - To enable the oauth2Proxy sign on provider, add the following to the config file. GitHub will still need to be included and configured as it is relied on by the GitHub plugins. - - ```yaml - auth: - environment: production - providers: - github: - production: - clientId: ${AUTH_GITHUB_CLIENT_ID} - clientSecret: ${AUTH_GITHUB_CLIENT_SECRET} - oauth2Proxy: {} - ``` + - To enable authentication in the Showcase, add the [respective config](https://backstage.io/docs/auth/) in your `app-config`. The Showcase supports the following providers: + + - Auth0 + - Atlassian + - Azure + - Azure Easy Auth + - Bitbucket + - Bitbucket Server + - Cloudflare Access + - GitHub + - GitLab + - Google + - Google IAP + - Okta + - OAuth 2 Custom Proxy + - OneLogin - Setup the Nexus Repository Manager plugin @@ -285,12 +164,6 @@ The easiest and fastest method for getting started: Backstage Showcase app, runn - `${NEXUS_REPOSITORY_MANAGER_TOKEN}` (Only for private Nexus Repository Manager instances): Nexus instance API token (see [documentation](https://help.sonatype.com/repomanager3/nexus-repository-administration/user-authentication/user-tokens)) with `nx-repository-view-*-*-read` [permissions](https://help.sonatype.com/repomanager3/nexus-repository-administration/access-control/privileges), or read permissions to view all the repositories you want to display in the plugin. -- Setup the AAP backend plugin - - - This [URL](https://github.com/janus-idp/backstage-plugins/blob/main/plugins/aap-backend/README.md#installation-and-configuration) explains how to use the AAP backend plugin - - `${AAP_BASE_URL}`: URL for the Ansible Automation Platform(AAP). Mandatory if plugin is enabled - - `${AAP_AUTH_TOKEN}`: Ansible Automation Platform(AAP) [token](https://docs.ansible.com/automation-controller/latest/html/userguide/users.html#users-tokens) with enough permission to read job templates. Mandatory if plugin is enabled (e.g 'Bearer XXXX') - 6. Start the application using `yarn start` 7. Navigate to