diff --git a/apps/README.md b/apps/README.md index 1501d3fd..ca1108f6 100644 --- a/apps/README.md +++ b/apps/README.md @@ -1,4 +1,4 @@ -# stuttgart-things/helm/apps +s# stuttgart-things/helm/apps App Helmfile templates. diff --git a/apps/backstage.yaml.gotmpl b/apps/backstage.yaml.gotmpl new file mode 100644 index 00000000..875d775e --- /dev/null +++ b/apps/backstage.yaml.gotmpl @@ -0,0 +1,77 @@ +--- +environments: + default: + values: + - version: "2.6.3" + - namespace: backstage + - clusterDomain: "172.18.0.3.nip.io" + - postgresql: + enabled: true + username: backstage + password: backstage # pragma: allowlist secret + architecture: standalone + - ingress: + enabled: false + className: nginx + clusterIssuer: selfsigned + host: backstage + tlsEnabled: true + - backstage: + replicas: 1 + imageRegistry: ttl.sh + imageRepository: sthings/backstage + imageTag: "0.1.0" + extraAppConfig: + filename: app-config.extra.yaml + configMapRef: backstage-app-config + - secrets: + backstage-secrets: + namespace: backstage + kvs: + APP_TITLE: Stuttgart Things Backstage + ORGANIZATION_NAME: stuttgart-things + APP_BASE_URL: "" # pragma: allowlist secret + BACKEND_BASE_URL: "" # pragma: allowlist secret + BACKEND_PORT: "" # pragma: allowlist secret + CORS_ORIGIN: "" # pragma: allowlist secret + AUTH_ENVIRONMENT: "" # pragma: allowlist secret + GITHUB_TOKEN: "" # pragma: allowlist secret + GITHUB_CLIENT_ID: "" # pragma: allowlist secret + GITHUB_CLIENT_SECRET: "" # pragma: allowlist secret + BACKEND_SECRET: "" # pragma: allowlist secret +--- +repositories: + - name: backstage + url: ghcr.io/backstage/charts + oci: true + - name: stuttgart-things + url: ghcr.io/stuttgart-things + oci: true + +releases: +{{- if hasKey .Values.backstage "extraAppConfig" }} + - name: app-config-secret + disableValidationOnInstall: true + installed: true + namespace: {{ .Values.namespace }} + chart: stuttgart-things/sthings-cluster + version: 0.3.20 + values: + - values/backstage-appconfig-secret.values.gotmpl +{{- end }} +{{- if hasKey .Values "gateway" }} + - name: backstage-httproute + disableValidationOnInstall: true + installed: true + namespace: {{ .Values.namespace }} + chart: stuttgart-things/sthings-cluster + version: 0.3.20 + values: + - values/backstage-httproute.values.gotmpl +{{- end }} + - name: backstage + namespace: {{ .Values.namespace }} + chart: backstage/backstage + version: {{ .Values.version }} + values: + - values/backstage.values.yaml.gotmpl diff --git a/apps/values/backstage-appconfig-secret.values.gotmpl b/apps/values/backstage-appconfig-secret.values.gotmpl new file mode 100644 index 00000000..8b63a81e --- /dev/null +++ b/apps/values/backstage-appconfig-secret.values.gotmpl @@ -0,0 +1,19 @@ +secrets: +{{- range $k, $v := .Values.secrets }} + {{ $k }}: + name: {{ $k }} + namespace: {{ $v.namespace }} + secretKVs: + {{- range $key, $value := $v.kvs }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + +{{- if hasKey .Values "appConfig" }} +configmaps: + backstage-app-config: + name: backstage-app-config + namespace: {{ .Values.namespace }} + app-config.extra.yaml: | +{{ .Values.appConfig | indent 6 }} +{{- end }} diff --git a/apps/values/backstage-httproute.values.gotmpl b/apps/values/backstage-httproute.values.gotmpl new file mode 100644 index 00000000..b5d102ed --- /dev/null +++ b/apps/values/backstage-httproute.values.gotmpl @@ -0,0 +1,42 @@ +customresources: + backstage-referencegrant: + apiVersion: gateway.networking.k8s.io/v1beta1 + kind: ReferenceGrant + metadata: + name: backstage-gateway-access + namespace: {{ .Values.namespace }} + labels: + app.kubernetes.io/name: backstage + app.kubernetes.io/instance: backstage + spec: + from: + - group: gateway.networking.k8s.io + kind: Gateway + namespace: {{ .Values.gateway.namespace }} + to: + - group: "" + kind: Service + backstage-httproute: + apiVersion: gateway.networking.k8s.io/v1 + kind: HTTPRoute + metadata: + name: backstage + namespace: {{ .Values.namespace }} + labels: + app.kubernetes.io/name: backstage + app.kubernetes.io/instance: backstage + spec: + hostnames: + - {{ .Values.gateway.hostname }}.{{ .Values.clusterDomain }} + parentRefs: + - name: {{ .Values.gateway.name }} + namespace: {{ .Values.gateway.namespace }} + rules: + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - name: backstage + namespace: {{ .Values.namespace }} + port: 7007 diff --git a/apps/values/backstage.values.yaml.gotmpl b/apps/values/backstage.values.yaml.gotmpl new file mode 100644 index 00000000..4a030477 --- /dev/null +++ b/apps/values/backstage.values.yaml.gotmpl @@ -0,0 +1,48 @@ +--- +clusterDomain: {{ .Values.clusterDomain }} + +{{- if .Values.storageClass }} +global: + storageClass: {{ .Values.storageClass }} +{{- end }} + +ingress: + enabled: {{ .Values.ingress.enabled }} + className: {{ .Values.ingress.className }} + annotations: + cert-manager.io/cluster-issuer: {{ .Values.ingress.clusterIssuer }} + host: {{ .Values.ingress.host }}.{{ .Values.clusterDomain }} + tls: + enabled: {{ .Values.ingress.tlsEnabled }} + secretName: {{ .Values.ingress.host }}-tls + +postgresql: + enabled: {{ .Values.postgresql.enabled }} + auth: + username: {{ .Values.postgresql.username }} + password: {{ .Values.postgresql.password }} # pragma: allowlist secret + architecture: {{ .Values.postgresql.architecture }} + +backstage: + replicas: {{ .Values.backstage.replicas }} + image: + registry: {{ .Values.backstage.imageRegistry }} + repository: {{ .Values.backstage.imageRepository }} + tag: "{{ .Values.backstage.imageTag }}" + +{{- range $secretName, $secretConfig := .Values.secrets }} + extraEnvVars: +{{- range $key, $value := $secretConfig.kvs }} + - name: {{ $key }} + valueFrom: + secretKeyRef: + name: {{ $secretName }} + key: {{ $key }} +{{- end }} +{{- end }} + +{{- if hasKey .Values.backstage "extraAppConfig" }} + extraAppConfig: + - filename: {{ .Values.backstage.extraAppConfig.filename }} + configMapRef: {{ .Values.backstage.extraAppConfig.configMapRef }} +{{- end }}