├── charts └── backstage │ ├── Chart.lock │ ├── templates │ ├── serviceaccount.yaml │ ├── ingress.yaml │ ├── _helpers.tpl │ ├── service.yaml │ └── backstage-deployment.yaml │ ├── Chart.yaml │ └── values.yaml ├── .helmignore ├── .github └── workflows │ └── release.yml └── README.md /charts/backstage/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: common 3 | repository: https://charts.bitnami.com/bitnami 4 | version: 1.16.0 5 | - name: postgresql 6 | repository: https://charts.bitnami.com/bitnami 7 | version: 11.6.6 8 | digest: sha256:5f0f118ac2ae2be90edd9c6952da4bcb41feb815b39a575e23ec2a0a9244d9cd 9 | generated: "2022-06-14T21:14:00.148159+01:00" 10 | -------------------------------------------------------------------------------- /.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/backstage/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ .Values.serviceAccount.name }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app.kubernetes.io/component: backstage 9 | {{- with .Values.serviceAccount.labels }} 10 | {{ toYaml . | trim | indent 8 }} 11 | {{- end }} 12 | {{- if .Values.serviceAccount.annotations }} 13 | annotations: 14 | {{- with .Values.serviceAccount.annotations }} 15 | {{ toYaml . | trim | indent 8 }} 16 | {{- end }} 17 | {{- end }} 18 | automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} 19 | {{- end }} -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: Release Charts 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | 8 | jobs: 9 | release: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: Checkout 13 | uses: actions/checkout@v2 14 | with: 15 | fetch-depth: 0 16 | 17 | - name: Configure Git 18 | run: | 19 | git config user.name "$GITHUB_ACTOR" 20 | git config user.email "$GITHUB_ACTOR@users.noreply.github.com" 21 | - name: Add dependencies 22 | run: | 23 | helm repo add bitnami https://charts.bitnami.com/bitnami 24 | - name: Run chart-releaser 25 | uses: helm/chart-releaser-action@v1.4.0 26 | env: 27 | CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" 28 | -------------------------------------------------------------------------------- /charts/backstage/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: backstage 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.4.0 19 | 20 | dependencies: 21 | - name: common 22 | repository: https://charts.bitnami.com/bitnami 23 | tags: 24 | - bitnami-common 25 | version: 1.x.x 26 | - condition: postgresql.enabled 27 | name: postgresql 28 | repository: https://charts.bitnami.com/bitnami 29 | version: 11.x.x 30 | -------------------------------------------------------------------------------- /charts/backstage/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled }} 2 | apiVersion: networking.k8s.io/v1 3 | kind: Ingress 4 | metadata: 5 | name: {{ include "common.names.fullname" . }} 6 | namespace: {{ .Release.Namespace | quote }} 7 | labels: {{- include "common.labels.standard" . | nindent 4 }} 8 | app.kubernetes.io/component: backstage 9 | {{- if .Values.commonLabels }} 10 | {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} 11 | {{- end }} 12 | annotations: 13 | {{- if .Values.ingress.annotations }} 14 | {{ include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $) | nindent 4 }} 15 | {{- end }} 16 | {{- if .Values.commonAnnotations }} 17 | {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} 18 | {{- end }} 19 | spec: 20 | {{- if .Values.ingress.className }} 21 | ingressClassName: {{ .Values.ingress.className | quote }} 22 | {{- end }} 23 | rules: 24 | - host: {{ .Values.ingress.host }} 25 | http: 26 | paths: 27 | - path: / 28 | pathType: Prefix 29 | backend: 30 | service: 31 | name: {{ include "common.names.fullname" . }} 32 | port: 33 | number: {{ .Values.service.ports.backend }} 34 | {{- end }} -------------------------------------------------------------------------------- /charts/backstage/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Return the proper image name 3 | */}} 4 | {{- define "backstage.image" -}} 5 | {{ include "common.images.image" (dict "imageRoot" .Values.backstage.image "global" .Values.global) }} 6 | {{- end -}} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | */}} 12 | {{- define "backstage.postgresql.fullname" -}} 13 | {{- include "common.names.dependency.fullname" (dict "chartName" "postgresql" "chartValues" .Values.postgresql "context" $) -}} 14 | {{- end -}} 15 | 16 | {{/* 17 | Return the Postgres Database hostname 18 | */}} 19 | {{- define "backstage.postgresql.host" -}} 20 | {{- if eq .Values.postgresql.architecture "replication" }} 21 | {{- include "backstage.postgresql.fullname" . -}}-primary 22 | {{- else -}} 23 | {{- include "backstage.postgresql.fullname" . -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Return the Postgres Database Secret Name 29 | */}} 30 | {{- define "backstage.postgresql.databaseSecretName" -}} 31 | {{- if .Values.postgresql.auth.existingSecret }} 32 | {{- tpl .Values.postgresql.auth.existingSecret $ -}} 33 | {{- else -}} 34 | {{- default (include "backstage.postgresql.fullname" .) (tpl .Values.postgresql.auth.existingSecret $) -}} 35 | {{- end -}} 36 | {{- end -}} 37 | 38 | {{/* 39 | Return the Postgres databaseSecret key to retrieve credentials for database 40 | */}} 41 | {{- define "backstage.postgresql.databaseSecretKey" -}} 42 | {{- if .Values.postgresql.auth.existingSecret -}} 43 | {{- .Values.postgresql.auth.secretKeys.userPasswordKey -}} 44 | {{- else -}} 45 | {{- print "password" -}} 46 | {{- end -}} 47 | {{- end -}} 48 | -------------------------------------------------------------------------------- /charts/backstage/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "common.names.fullname" . }} 5 | namespace: {{ .Release.Namespace | quote }} 6 | labels: {{- include "common.labels.standard" . | nindent 4 }} 7 | app.kubernetes.io/component: backstage 8 | {{- if .Values.commonLabels }} 9 | {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} 10 | {{- end }} 11 | {{- if or .Values.commonAnnotations .Values.service.annotations }} 12 | annotations: 13 | {{- if .Values.service.annotations }} 14 | {{- include "common.tplvalues.render" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }} 15 | {{- end }} 16 | {{- if .Values.commonAnnotations }} 17 | {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} 18 | {{- end }} 19 | {{- end }} 20 | spec: 21 | type: {{ .Values.service.type }} 22 | {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} 23 | clusterIP: {{ .Values.service.clusterIP }} 24 | {{- end }} 25 | {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} 26 | externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} 27 | {{- end }} 28 | {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }} 29 | loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} 30 | {{- end }} 31 | {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} 32 | loadBalancerIP: {{ .Values.service.loadBalancerIP }} 33 | {{- end }} 34 | {{- if .Values.service.sessionAffinity }} 35 | sessionAffinity: {{ .Values.service.sessionAffinity }} 36 | {{- end }} 37 | ports: 38 | - name: http-backend 39 | port: {{ .Values.service.ports.backend }} 40 | targetPort: backend 41 | protocol: TCP 42 | {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.backend)) }} 43 | nodePort: {{ .Values.service.nodePorts.backend }} 44 | {{- else if eq .Values.service.type "ClusterIP" }} 45 | nodePort: null 46 | {{- end }} 47 | {{- if .Values.service.extraPorts }} 48 | {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} 49 | {{- end }} 50 | selector: {{- include "common.labels.matchLabels" . | nindent 4 }} 51 | app.kubernetes.io/component: backstage 52 | -------------------------------------------------------------------------------- /charts/backstage/templates/backstage-deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- $imageRepository := .Values.backstage.image.repository | required "The repository name of the image is required (e.g. my-backstage:tag | docker.io/my-backstage:tag) !" -}} 2 | {{- $imageTag := .Values.backstage.image.tag | required "The image tag is required (e.g my-backstage:tag | docker.io/my-backstage:tag) !" -}} 3 | --- 4 | apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} 5 | kind: Deployment 6 | metadata: 7 | name: {{ include "common.names.fullname" . }} 8 | namespace: {{ .Release.Namespace | quote }} 9 | labels: {{ include "common.labels.standard" . | nindent 4 }} 10 | app.kubernetes.io/component: backstage 11 | {{- if .Values.commonLabels }} 12 | {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} 13 | {{- end }} 14 | annotations: 15 | {{- if .Values.commonAnnotations }} 16 | {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | replicas: 1 20 | selector: 21 | matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} 22 | app.kubernetes.io/component: backstage 23 | template: 24 | metadata: 25 | labels: {{- include "common.labels.standard" . | nindent 8 }} 26 | app.kubernetes.io/component: backstage 27 | spec: 28 | {{- if .Values.serviceAccount.create }} 29 | serviceAccountName: {{ .Values.serviceAccount.name }} 30 | {{- end }} 31 | volumes: 32 | {{- if (or .Values.backstage.extraAppConfig (and .Values.backstage.extraVolumeMounts .Values.backstage.extraVolumes)) }} 33 | {{- range .Values.backstage.extraAppConfig }} 34 | - name: {{ .configMapRef }} 35 | configMap: 36 | name: {{ .configMapRef }} 37 | {{- end }} 38 | {{- if .Values.backstage.extraVolumes }} 39 | {{- toYaml .Values.backstage.extraVolumes | nindent 8 }} 40 | {{- end }} 41 | {{- end }} 42 | {{- if .Values.backstage.image.pullSecrets }} 43 | imagePullSecrets: 44 | {{- range .Values.backstage.image.pullSecrets }} 45 | - name: {{ . }} 46 | {{- end }} 47 | {{- end }} 48 | containers: 49 | - name: backstage-backend 50 | image: {{ include "backstage.image" . }} 51 | imagePullPolicy: {{ .Values.backstage.image.pullPolicy | quote -}} 52 | {{- if .Values.diagnosticMode.enabled }} 53 | command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} 54 | {{- else if .Values.backstage.command }} 55 | command: {{- include "common.tplvalues.render" (dict "value" .Values.backstage.command "context" $) | nindent 12 }} 56 | {{- end }} 57 | 58 | {{- if .Values.diagnosticMode.enabled }} 59 | args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} 60 | {{- else }} 61 | args: 62 | {{- range .Values.backstage.args }} 63 | - {{ . | quote }} 64 | {{- end }} 65 | {{- if .Values.backstage.extraAppConfig }} 66 | {{- range .Values.backstage.extraAppConfig }} 67 | - "--config" 68 | - {{ .filename | quote }} 69 | {{- end }} 70 | {{- end }} 71 | {{- end }} 72 | {{- if .Values.backstage.extraEnvVarsSecrets }} 73 | envFrom: 74 | {{- range .Values.backstage.extraEnvVarsSecrets }} 75 | - secretRef: 76 | name: {{ . }} 77 | {{- end }} 78 | {{- end }} 79 | env: 80 | - name: APP_CONFIG_backend_listen_port 81 | value: {{ .Values.backstage.containerPorts.backend | quote }} 82 | {{- if .Values.postgresql.enabled }} 83 | - name: POSTGRES_HOST 84 | value: {{ include "backstage.postgresql.host" . }} 85 | - name: POSTGRES_PORT 86 | value: "5432" 87 | - name: POSTGRES_USER 88 | value: {{ .Values.postgresql.auth.username }} 89 | - name: POSTGRES_PASSWORD 90 | valueFrom: 91 | secretKeyRef: 92 | name: {{ include "backstage.postgresql.databaseSecretName" . }} 93 | key: {{ include "backstage.postgresql.databaseSecretKey" . }} 94 | {{- end }} 95 | {{- if .Values.backstage.extraEnvVars }} 96 | {{- include "common.tplvalues.render" ( dict "value" .Values.backstage.extraEnvVars "context" $) | nindent 12 }} 97 | {{- end }} 98 | ports: 99 | - name: backend 100 | containerPort: {{ .Values.backstage.containerPorts.backend }} 101 | protocol: TCP 102 | {{- if (or .Values.backstage.extraAppConfig (and .Values.backstage.extraVolumeMounts .Values.backstage.extraVolumes)) }} 103 | volumeMounts: 104 | {{- range .Values.backstage.extraAppConfig }} 105 | - name: {{ .configMapRef }} 106 | mountPath: "/app/{{ .filename }}" 107 | subPath: {{ .filename }} 108 | {{- end }} 109 | {{- if .Values.backstage.extraVolumeMounts }} 110 | {{- toYaml .Values.backstage.extraVolumeMounts | nindent 12 }} 111 | {{- end }} 112 | {{- end }} 113 | -------------------------------------------------------------------------------- /charts/backstage/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for backstage-chart. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | ## @section Global parameters 6 | ## Global Docker image parameters 7 | ## Please, note that this will override the image parameters, including dependencies, configured to use the global value 8 | ## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass 9 | 10 | ## @param global.imageRegistry Global Docker image registry 11 | ## @param global.imagePullSecrets Global Docker registry secret names as an array 12 | ## 13 | global: 14 | imageRegistry: "" 15 | ## E.g. 16 | ## imagePullSecrets: 17 | ## - myRegistryKeySecretName 18 | ## 19 | imagePullSecrets: [] 20 | 21 | ## @section Common parameters 22 | 23 | ## @param kubeVersion Override Kubernetes version 24 | ## 25 | kubeVersion: "" 26 | ## @param nameOverride String to partially override common.names.fullname 27 | ## 28 | nameOverride: "" 29 | ## @param fullnameOverride String to fully override common.names.fullname 30 | ## 31 | fullnameOverride: "" 32 | ## @param clusterDomain Default Kubernetes cluster domain 33 | ## 34 | clusterDomain: cluster.local 35 | ## @param commonLabels Labels to add to all deployed objects 36 | ## 37 | commonLabels: {} 38 | ## @param commonAnnotations Annotations to add to all deployed objects 39 | ## 40 | commonAnnotations: {} 41 | ## @param extraDeploy Array of extra objects to deploy with the release 42 | ## 43 | extraDeploy: [] 44 | ## Enable diagnostic mode in the statefulset 45 | ## 46 | diagnosticMode: 47 | ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) 48 | ## 49 | enabled: false 50 | ## @param diagnosticMode.command Command to override all containers in the statefulset 51 | ## 52 | command: 53 | - sleep 54 | ## @param diagnosticMode.args Args to override all containers in the statefulset 55 | ## 56 | args: 57 | - infinity 58 | 59 | ## @section Ingress parameters 60 | ingress: 61 | ## @param ingress.enabled Enable the creation of the ingress resource 62 | enabled: false 63 | 64 | ## @param ingress.className Name of the IngressClass cluster resource which defines which controller will implement the resource (e.g nginx) 65 | className: "" 66 | 67 | ## @param ingress.annotations Additional annotations for the Ingress resource 68 | annotations: '{ 69 | "nginx.ingress.kubernetes.io/rewrite-target": "/", 70 | "nginx.ingress.kubernetes.io/ssl-redirect": "false" 71 | }' 72 | 73 | ## @param host Hostname to be used to expose the route to access the backstage application (e.g: backstage.IP.nip.io) 74 | host: "" 75 | 76 | ## @section Backstage parameters 77 | 78 | ## Backstage image version 79 | ## @param image.registry Backstage image registry 80 | ## @param image.repository Backstage image repository 81 | ## @param image.tag Backstage image tag (immutable tags are recommended) 82 | ## @param image.pullPolicy Backstage image pull policy 83 | ## @param image.pullSecrets Specify docker-registry secret names as an array 84 | ## @param image.debug Specify if debug values should be set 85 | ## 86 | 87 | backstage: 88 | image: 89 | registry: "" 90 | repository: "" 91 | tag: "" 92 | ## Specify a imagePullPolicy 93 | ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' 94 | ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images 95 | ## 96 | pullPolicy: Always 97 | ## Optionally specify an array of imagePullSecrets. 98 | ## Secrets must be manually created in the namespace. 99 | ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ 100 | ## e.g: 101 | ## pullSecrets: 102 | ## - myRegistryKeySecretName 103 | ## 104 | pullSecrets: [] 105 | ## Set to true if you would like to see extra information on logs 106 | ## 107 | debug: false 108 | containerPorts: 109 | backend: 7007 110 | command: ["node", "packages/backend"] 111 | args: [] 112 | extraAppConfig: [] 113 | extraEnvVars: [] 114 | extraEnvVarsSecrets: 115 | extraVolumeMounts: [] 116 | extraVolumes: [] 117 | 118 | ## @section Traffic Exposure parameters 119 | 120 | ## Service parameters 121 | ## 122 | service: 123 | ## @param service.type Kubernetes Service type 124 | ## 125 | type: ClusterIP 126 | ## @param service.ports.backend Backstage svc port for client connections 127 | ## 128 | ports: 129 | backend: 7007 130 | ## @param service.nodePorts.backend Node port for the Backstage client connections 131 | ## NOTE: choose port between <30000-32767> 132 | ## 133 | nodePorts: 134 | backend: "" 135 | ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin 136 | ## Values: ClientIP or None 137 | ## ref: https://kubernetes.io/docs/user-guide/services/ 138 | ## 139 | sessionAffinity: None 140 | ## @param service.clusterIP Backstage service Cluster IP 141 | ## e.g.: 142 | ## clusterIP: None 143 | ## 144 | clusterIP: "" 145 | ## @param service.loadBalancerIP Backstage service Load Balancer IP 146 | ## ref: https://kubernetes.io/docs/user-guide/services/#type-loadbalancer 147 | ## 148 | loadBalancerIP: "" 149 | ## @param service.loadBalancerSourceRanges Backstage service Load Balancer sources 150 | ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service 151 | ## e.g: 152 | ## loadBalancerSourceRanges: 153 | ## - 10.10.10.0/24 154 | ## 155 | loadBalancerSourceRanges: [] 156 | ## @param service.externalTrafficPolicy Backstage service external traffic policy 157 | ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip 158 | ## 159 | externalTrafficPolicy: Cluster 160 | ## @param service.annotations Additional custom annotations for Backstage service 161 | ## 162 | annotations: {} 163 | ## @param service.extraPorts Extra ports to expose in the Backstage service (normally used with the `sidecar` value) 164 | ## 165 | extraPorts: [] 166 | 167 | ## Network policies 168 | ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ 169 | ## 170 | networkPolicy: 171 | ## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created 172 | ## 173 | enabled: false 174 | 175 | externalAccess: 176 | from: [] 177 | ## @param networkPolicy.egressRules.customRules [object] Custom network policy rule 178 | ## 179 | egressRules: 180 | ## Additional custom egress rules 181 | ## e.g: 182 | ## customRules: 183 | ## - to: 184 | ## - namespaceSelector: 185 | ## matchLabels: 186 | ## label: example 187 | customRules: [] 188 | 189 | 190 | # -- PostgreSQL [chart configuration](https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml) 191 | postgresql: 192 | 193 | # -- Switch to enable or disable the PostgreSQL helm chart 194 | enabled: false 195 | 196 | # -- The authentication details of the Postgres database 197 | auth: 198 | 199 | # -- Name for a custom user to create 200 | username: bn_backstage 201 | 202 | # -- Password for the custom user to create 203 | password: "" 204 | 205 | # -- Name of existing secret to use for PostgreSQL credentials 206 | existingSecret: "" 207 | 208 | # -- The secret keys Postgres will look for to retrieve the relevant password 209 | secretKeys: 210 | 211 | # -- The key in which Postgres will look for, for the admin password, in the existing Secret 212 | adminPasswordKey: admin-password 213 | 214 | # -- The key in which Postgres will look for, for the user password, in the existing Secret 215 | userPasswordKey: user-password 216 | 217 | # -- The key in which Postgres will look for, for the replication password, in the existing Secret 218 | replicationPasswordKey: replication-password 219 | 220 | # -- PostgreSQL architecture (`standalone` or `replication`) 221 | architecture: standalone 222 | 223 | # -- Service Account Configuration 224 | serviceAccount: 225 | 226 | # -- Enable the creation of a ServiceAccount for Backstage pods 227 | create: false 228 | 229 | # -- Name of the created ServiceAccount 230 | # If not set and `serviceAccount.create` is true, a name is generated 231 | name: "" 232 | 233 | # -- Additional custom labels to the service ServiceAccount. 234 | labels: {} 235 | 236 | # -- Additional custom annotations for the ServiceAccount. 237 | annotations: {} 238 | 239 | # -- Auto-mount the service account token in the pod 240 | automountServiceAccountToken: true 241 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # [DEPRECATED] 2 | 3 | The project has been moved to [https://github.com/backstage/charts](https://github.com/backstage/charts). 4 | 5 | We recommend you to switch to the new Backstage Helm Chart repository as described [here](https://github.com/backstage/charts#installing-the-chart). 6 | 7 | # Backstage Helm Chart 8 | 9 | [Backstage](https://backstage.io) is an open platform for building developer portals. Powered by a centralized software catalog, Backstage restores order to your microservices and infrastructure and enables your product teams to ship high-quality code quickly — without compromising autonomy. 10 | 11 | Backstage unifies all your infrastructure tooling, services, and documentation to create a streamlined development environment from end to end. 12 | 13 | ## TL;DR 14 | 15 | ```console 16 | helm repo add backstage https://vinzscam.github.io/backstage-chart 17 | helm install my-release backstage 18 | ``` 19 | 20 | ## Introduction 21 | 22 | This chart bootstraps a [Backstage](https://backstage.io/docs/deployment/docker) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. 23 | 24 | ## Prerequisites 25 | 26 | - Kubernetes 1.19+ 27 | - Helm 3.2.0+ 28 | - PV provisioner support in the underlying infrastructure 29 | - [Backstage container image](https://backstage.io/docs/deployment/docker) 30 | 31 | ## Installing the Chart 32 | 33 | To install the chart with the release name `my-backstage-release`: 34 | 35 | ```console 36 | helm repo add backstage https://vinzscam.github.io/backstage-chart 37 | helm install my-backstage-release backstage/backstage 38 | ``` 39 | 40 | > **Tip**: List all releases using `helm list` 41 | 42 | ## Uninstalling the Chart 43 | 44 | To uninstall/delete the `my-backstage-release` deployment: 45 | 46 | ```console 47 | helm delete my-backstage-release 48 | ``` 49 | 50 | The command removes all the Kubernetes components associated with the chart and deletes the release. 51 | 52 | ## Parameters 53 | 54 | ### Global parameters 55 | 56 | | Name | Description | Value | 57 | | ------------------------- | ----------------------------------------------- | ----- | 58 | | `global.imageRegistry` | Global Docker image registry | `""` | 59 | | `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | 60 | | `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` | 61 | 62 | ### Common parameters 63 | 64 | | Name | Description | Value | 65 | | ------------------------ | --------------------------------------------------------------------------------------- | --------------- | 66 | | `kubeVersion` | Override Kubernetes version | `""` | 67 | | `nameOverride` | String to partially override common.names.fullname | `""` | 68 | | `fullnameOverride` | String to fully override common.names.fullname | `""` | 69 | | `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | 70 | | `commonLabels` | Labels to add to all deployed objects | `{}` | 71 | | `commonAnnotations` | Annotations to add to all deployed objects | `{}` | 72 | | `extraDeploy` | Array of extra objects to deploy with the release | `[]` | 73 | | `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | 74 | | `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` | 75 | | `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` | 76 | 77 | ### Backstage parameters 78 | 79 | | Name | Description | Value | 80 | | ------------------------------- | -------------------------------------------------------------------- | --------------------------------------------------------------------------- | 81 | | `backstage.image.registry` | Backstage image registry | `""` | 82 | | `backstage.image.repository` | Backstage image repository (required) | `""` | 83 | | `backstage.image.tag` | Backstage image tag (required immutable tags are recommended) | `""` | 84 | | `backstage.image.pullPolicy` | Backstage image pull policy | `IfNotPresent` | 85 | | `backstage.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | 86 | | `backstage.command` | Override Backstage container command | `["node", "packages/backend"]` | 87 | | `backstage.args` | Override Backstage container arguments | `["--config", "app-config.yaml", "--config", "app-config.production.yaml"]` | 88 | | `backstage.extraEnvVars` | Extra environment variables to add to Backstage pods | `[]` | 89 | | `backstage.extraAppConfig` | ConfigMap with extra environment variables | `[]` | 90 | | `backstage.extraEnvVarsSecrets` | Array of existing secrets containing sensitive environment variables | `[]` | 91 | 92 | ### Traffic Exposure parameters 93 | 94 | | Name | Description | Value | 95 | | ---------------------------------- | ----------------------------------------------------------------- | ----------- | 96 | | `ingress.enabled` | Enable ingress | `false` | 97 | | `ingress.className` | Name of the IngressClass cluster resource (e.g nginx) | `""` | 98 | | `ingress.annotations` | Additional annotations for the Ingress resource | `{}` | 99 | | `ingress.host` | Hostname of the backstage application (e.g backstage..nip.io) | `""` | 100 | | `service.type` | Kubernetes Service type | `ClusterIP` | 101 | | `service.ports.backend` | Port for client connections | `7007` | 102 | | `service.nodePorts.backend` | Node port for client connections | `""` | 103 | | `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | 104 | | `service.clusterIP` | Backstage service Cluster IP | `""` | 105 | | `service.loadBalancerIP` | Backstage service Load Balancer IP | `""` | 106 | | `service.loadBalancerSourceRanges` | Backstage service Load Balancer sources | `[]` | 107 | | `service.externalTrafficPolicy` | Backstage service external traffic policy | `Cluster` | 108 | | `service.annotations` | Additional custom annotations for Backstage service | `{}` | 109 | | `service.extraPorts` | Extra ports to expose in Backstage | `[]` | 110 | 111 | ## Configure your Backstage instance 112 | 113 | The Backstage Chart makes it possible to configure your backstage instance by passing extra environment variables or static configuration files, without rebuilding the docker image. 114 | 115 | ### Environment variables 116 | 117 | Use `backstage.extraEnvVars` to pass extra environment variables. **This is used for environment variables containing non sensitive information:** 118 | 119 | ```diff 120 | backstage: 121 | + extraEnvVars: 122 | + - name: MY_PLUGIN_HOST 123 | + value: http://my-plugin-host 124 | ``` 125 | 126 | It is possible to override values defined in your `app-config.yaml` by appending the `APP_CONFIG` prefix to each environment variable, as described in the [official documentation](https://backstage.io/docs/conf/#supplying-configuration). 127 | For example, to override the `backend.cache.store` property defined in your `app-config.yaml`, do: 128 | 129 | ```diff 130 | backstage: 131 | extraEnvVars: 132 | + - name: APP_CONFIG_backend_cache_store 133 | + value: memory 134 | ``` 135 | 136 | ### Sensitive environment variables 137 | 138 | In case your environment variables contain sensitive information, such as `BACKEND_SECRET` or `POSTGRES_PASSWORD` it is recommended store them in a [Kubernetes Secret](https://kubernetes.io/docs/concepts/configuration/secret/). 139 | 140 | Create a new file named `my-backstage-secrets.yaml` containing the secrets you want to store: 141 | 142 | ```yaml 143 | # my-backstage-secrets.yaml 144 | apiVersion: v1 145 | kind: Secret 146 | metadata: 147 | name: my-backstage-secrets 148 | type: Opaque 149 | data: 150 | BACKEND_SECRET: YmFja3N0YWdl 151 | POSTGRES_PASSWORD: aHVudGVyMg== 152 | ``` 153 | 154 | Make sure to customize the name of the secret by changing `metadata.name` properly. 155 | 156 | Now create the new secret in your Kubernetes cluster by running the following command: 157 | 158 | ```bash 159 | $ kubectl apply -f my-backstage-secrets.yaml` 160 | ``` 161 | 162 | Once the secret has been created, pass the secret's reference to your backstage instance by adding the following lines to your `values.yaml`: 163 | 164 | ```diff 165 | backstage: 166 | + extraEnvVarsSecrets: 167 | + - my-backstage-secrets 168 | ``` 169 | 170 | The chart will make sure to pass the secrets to your Backstage instance. 171 | 172 | ### Pass extra configuration files 173 | 174 | A generated Backstage docker image contains some static configuration files, such as `app-config.yaml` and `app-config.production.yaml`. 175 | It is possible to pass extra configuration files by defining them as [ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/), without rebuilding the Docker image. 176 | 177 | To do so, run: 178 | 179 | ```bash 180 | $ kubectl create configmap my-app-config --from-file=app-config.extra.yaml=./local/path/to/your/app-config.extra.yaml` 181 | ``` 182 | 183 | This command parses your local `app-config.extra.yaml` and creates a new ConfigMap called `my-app-config` which internally contains a file called `app-config.extra.yaml` with the content of the parsed file. 184 | 185 | Now that the ConfigMap has been created on your Kubernetes cluster, you can reference the ConfigMap: 186 | 187 | ```diff 188 | backstage: 189 | + extraAppConfig: 190 | + - filename: app-config.extra.yaml 191 | + configMapRef: my-app-config 192 | ``` 193 | 194 | The chart will mount the content of the ConfigMap as a new `app-config.extra.yaml` file and automatically pass the extra configuration to your instance. 195 | 196 | ### Configuring Chart PostgreSQL 197 | 198 | With the Backstage Helm Chart, it offers - as a subchart - a Bitnami PostgreSQL database. This can be enabled by switching `postgresql.enabled` to true (it is `false` by default). If switched on, the Helm Chart, on deployment, will automatically deploy a PostgreSQL instance and configure it with the credentials you specify. There are multiple ways of doing this that will be detailed below. 199 | 200 | #### Automatic Database Credential Creation 201 | 202 | This is the easiest of the configuration options. Here, the credentials for both the Admin and Database users will be automatically generated and put into a Kubernetes secret. This will then be automatically used by Backstage. In order to use this method, ensure the following: 203 | 204 | - Keep `postgresql.auth.existingSecret` & `postgresql.auth.password` empty. 205 | 206 | #### Specifying Password for PostgreSQL to Use 207 | 208 | Here, you can specify the password that you want PostgreSQL to use for its Database User (The user that Backstage will use to connect to the database). In order to use this method, ensure the following: 209 | 210 | - Keep `postgresql.auth.existingSecret` empty. 211 | - Set `postgresql.auth.password` to your desired User password value. 212 | 213 | > **_NOTE:_** Be careful that you provide this value securely. 214 | 215 | #### Specifying Existing Secret for PostgreSQL to Use 216 | 217 | Here, you can specify an existing Kubernetes secret that you have created which contains the Password that you want PostgreSQL to use. The secret must be in the same namespace as where you are deploying the Helm Chart. In order to use this method, ensure the following: 218 | 219 | - Create the Kubernetes secret with the Password inside. 220 | - Set `postgresql.auth.existingSecret` to the name of the Secret 221 | - PostgreSQL by default will look for the relevant Password keys that are set by default here `postgresql.auth.secretKeys`. So make sure that the Keys in the Secret match the default `secretKeys` values. More information [here](https://artifacthub.io/packages/helm/bitnami/postgresql) 222 | - For example, if you want PostgreSQL to use an existing Secret called `my-user-secret` that has the User password that you want to use inside it: make sure that you create a Key inside that secret called `user-password` (this key can be found here `postgresql.auth.secretKeys.userPasswordKey`). i.e. `user-password=Password123`. 223 | --------------------------------------------------------------------------------