bundle

Signed-off-by: gazarenkov <[email protected]>
redhat-developer · Aug 11, 2024 · b0c749c · b0c749c
1 parent c647312
commit b0c749c
Show file tree

Hide file tree

Showing 30 changed files with 1,430 additions and 912 deletions.
diff --git a/Makefile b/Makefile
@@ -210,7 +210,7 @@ deployment-manifest: manifests kustomize ## Generate manifest to deploy operator
 
 .PHONY: undeploy
 undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
-	$(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
+	$(KUSTOMIZE) build config/profile/$(PROFILE) | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
 
 ##@ Build Dependencies
 
@@ -314,9 +314,9 @@ endif
 # Build a bundle image using the 'operator-sdk' tool
 .PHONY: bundle
 bundle: operator-sdk manifests kustomize ## Generate bundle manifests and metadata, then validate generated files.
-	$(OPSDK) generate kustomize manifests -q
+	#$(OPSDK) generate kustomize manifests -q
 	cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
-	$(KUSTOMIZE) build config/manifests/$(PROFILE) | $(OPSDK) generate bundle $(BUNDLE_GEN_FLAGS)
+	$(KUSTOMIZE) build config/manifests/$(PROFILE) | $(OPSDK) generate bundle --kustomize-dir config/manifests/$(PROFILE) $(BUNDLE_GEN_FLAGS)
 	$(OPSDK) bundle validate ./bundle
 	mv -f bundle.Dockerfile docker/bundle.Dockerfile
 	$(MAKE) fmt_license

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/api/v1alpha2/zz_generated.deepcopy.go b/api/v1alpha2/zz_generated.deepcopy.go
diff --git a/bundle/manifests/backstage-default-config_v1_configmap.yaml b/bundle/manifests/backstage-default-config_v1_configmap.yaml
@@ -150,168 +150,42 @@ data:
             resources:
               requests:
                 storage: 1Gi
-  deployment.yaml: |
+  deployment.yaml: |-
+    # kubernetes/backstage.yaml
     apiVersion: apps/v1
     kind: Deployment
     metadata:
-      name: backstage # placeholder for 'backstage-<cr-name>'
+      name: backstage
     spec:
-      replicas: 1
       selector:
         matchLabels:
-          rhdh.redhat.com/app:  # placeholder for 'backstage-<cr-name>'
+          app: backstage
       template:
         metadata:
           labels:
-            rhdh.redhat.com/app:  # placeholder for 'backstage-<cr-name>'
+            app: backstage
         spec:
-          automountServiceAccountToken: false
-          # if securityContext not present in AKS/EKS, the error is like this:
-          #Error: EACCES: permission denied, open '/dynamic-plugins-root/backstage-plugin-scaffolder-backend-module-github-dynamic-0.2.2.tgz'
-          # fsGroup doesn not work for Openshift
-          #securityContext:
-          #   fsGroup: 1001
-          volumes:
-            - ephemeral:
-                volumeClaimTemplate:
-                  spec:
-                    accessModes:
-                      - ReadWriteOnce
-                    resources:
-                      requests:
-                        storage: 2Gi
-              name: dynamic-plugins-root
-            - name: dynamic-plugins-npmrc
-              secret:
-                defaultMode: 420
-                optional: true
-                secretName: dynamic-plugins-npmrc
-            - emptyDir: {}
-              name: npmcacache
-          initContainers:
-            - name: install-dynamic-plugins
-              command:
-                - ./install-dynamic-plugins.sh
-                - /dynamic-plugins-root
-              # image will be replaced by the value of the `RELATED_IMAGE_backstage` env var, if set
-              image: quay.io/rhdh/rhdh-hub-rhel9:next
-              imagePullPolicy: IfNotPresent
-              securityContext:
-                runAsNonRoot: true
-                allowPrivilegeEscalation: false
-                seccompProfile:
-                  type: RuntimeDefault
-                capabilities:
-                  drop:
-                   - ALL
-              env:
-                - name: NPM_CONFIG_USERCONFIG
-                  value: /opt/app-root/src/.npmrc.dynamic-plugins
-              volumeMounts:
-                - mountPath: /dynamic-plugins-root
-                  name: dynamic-plugins-root
-                - mountPath: /opt/app-root/src/.npmrc.dynamic-plugins
-                  name: dynamic-plugins-npmrc
-                  readOnly: true
-                  subPath: .npmrc
-                - mountPath: /opt/app-root/src/.npm/_cacache
-                  name: npmcacache
-              workingDir: /opt/app-root/src
-              resources:
-                requests:
-                  cpu: 250m
-                  memory: 256Mi
-                limits:
-                  cpu: 1000m
-                  memory: 2.5Gi
-                  ephemeral-storage: 5Gi
           containers:
             - name: backstage-backend
-              # image will be replaced by the value of the `RELATED_IMAGE_backstage` env var, if set
-              image: quay.io/rhdh/rhdh-hub-rhel9:next
+              image: ghcr.io/backstage/backstage:1.28.4
               imagePullPolicy: IfNotPresent
+              command:
+                - "node"
+                - "packages/backend"
+                - "--no-node-snapshot"
               args:
                 - "--config"
-                - "dynamic-plugins-root/app-config.dynamic-plugins.yaml"
-              securityContext:
-                capabilities:
-                  drop:
-                    - ALL
-                seccompProfile:
-                  type: RuntimeDefault
-                runAsNonRoot: true
-                allowPrivilegeEscalation: false
-              readinessProbe:
-                failureThreshold: 3
-                httpGet:
-                  path: /healthcheck
-                  port: 7007
-                  scheme: HTTP
-                initialDelaySeconds: 30
-                periodSeconds: 10
-                successThreshold: 2
-                timeoutSeconds: 2
-              livenessProbe:
-                failureThreshold: 3
-                httpGet:
-                  path: /healthcheck
-                  port: 7007
-                  scheme: HTTP
-                initialDelaySeconds: 60
-                periodSeconds: 10
-                successThreshold: 1
-                timeoutSeconds: 2
+                - "app-config.yaml"
+                - "--config"
+                - "app-config.production.yaml"
               ports:
-                - name: backend
+                - name: http
                   containerPort: 7007
-              env:
-                - name: APP_CONFIG_backend_listen_port
-                  value: "7007"
-              volumeMounts:
-                - mountPath: /opt/app-root/src/dynamic-plugins-root
-                  name: dynamic-plugins-root
-              resources:
-                requests:
-                  cpu: 250m
-                  memory: 256Mi
-                limits:
-                  cpu: 1000m
-                  memory: 2.5Gi
-                  ephemeral-storage: 5Gi
-  dynamic-plugins.yaml: |-
-    apiVersion: v1
-    kind: ConfigMap
-    metadata:
-      name: default-dynamic-plugins #  must be the same as (deployment.yaml).spec.template.spec.volumes.name.dynamic-plugins-conf.configMap.name
-    data:
-      "dynamic-plugins.yaml": |
-        includes:
-          - dynamic-plugins.default.yaml
-        plugins: []
-  route.yaml: |-
-    apiVersion: route.openshift.io/v1
-    kind: Route
-    metadata:
-      name: route # placeholder for 'backstage-<cr-name>'
-    spec:
-      port:
-        targetPort: http-backend
-      path: /
-      tls:
-        insecureEdgeTerminationPolicy: Redirect
-        termination: edge
-      to:
-        kind: Service
-        name:  # placeholder for 'backstage-<cr-name>'
-  secret-envs.yaml: |
-    apiVersion: v1
-    kind: Secret
-    metadata:
-      name: backend-auth-secret
-    stringData:
-      # generated with the command below (from https://janus-idp.io/docs/auth/service-to-service-auth/#setup):
-      # node -p 'require("crypto").randomBytes(24).toString("base64")'
-      BACKEND_SECRET: "R2FxRVNrcmwzYzhhN3l0V1VRcnQ3L1pLT09WaVhDNUEK" # notsecret
+    #          envFrom:
+    #            - secretRef:
+    #                name: postgres-secrets
+    #            - secretRef:
+    #                name: backstage-secrets
   service.yaml: |-
     apiVersion: v1
     kind: Service

diff --git a/bundle/manifests/backstage-operator.clusterserviceversion.yaml b/bundle/manifests/backstage-operator.clusterserviceversion.yaml
diff --git a/bundle/manifests/rhdh-controller-manager-metrics-service_v1_service.yaml b/bundle/manifests/rhdh-controller-manager-metrics-service_v1_service.yaml
@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/component: kube-rbac-proxy
+    app.kubernetes.io/created-by: backstage-operator
+    app.kubernetes.io/instance: controller-manager-metrics-service
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: service
+    app.kubernetes.io/part-of: backstage-operator
+    control-plane: controller-manager
+  name: rhdh-controller-manager-metrics-service
+spec:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: https
+  selector:
+    control-plane: controller-manager
+status:
+  loadBalancer: {}