SSIA,

After #80 we can use probes.

Describe the bug

Raising awareness of this bug: openshift-helm-charts/charts#773

Expected Behavior

Chart deploys

What are the steps to reproduce this bug?

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace:  redhat-developer-hub


helmCharts:
  - name: developer-hub
    releaseName: redhat-developer-hub
    namespace: redhat-developer-hub
    repo: https://charts.openshift.io/
    valuesFile: values.yaml

After oc apply or via ArgoCD, it results in:

Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): `kustomize build <path to cached source>/clusters/hub/overlays/redhat-developer-hub --enable-alpha-plugins --load-restrictor LoadRestrictionsNone --helm-command /usr/local/bin/helm` failed exit status 1: Error: Error: chart "developer-hub" not found in https://charts.openshift.io/ repository : unable to run: '/usr/local/bin/helm pull --untar --untardir <path to cached source>/clusters/hub/overlays/redhat-developer-hub/charts --repo https://charts.openshift.io/ developer-hub' with env=[HELM_CONFIG_HOME=/tmp/kustomize-helm-83159299/helm HELM_CACHE_HOME=/tmp/kustomize-helm-83159299/helm/.cache HELM_DATA_HOME=/tmp/kustomize-helm-83159299/helm/.data] (is '/usr/local/bin/helm' installed?): exit status 1

Versions of software used and environment

N/A

Use a PVC-based generic ephemeral volume to store dynamic plugins by default, instead of an emptyDir.

This requires adding general ephemeral volumes in the Upstream backstage helm chart, which requires updating the reference to the kubernetes schema to an up-to-date schema.

when using the default crc base url (*.apps-crc.testing/), the URL check will fail, resulting in a container CrashLoopBackOff

Backend failed to start up TypeError [ERR_INVALID_URL]: Invalid URL

Question

As a backstage initiative project already exists, I'm wondering why you created another helm chart project ?

https://github.com/vinzscam/backstage-chart
backstage/backstage#4945

Remark: That would be great to unify the 2 existing helm charts !

Renovate updates dependencies. These require us to update the README and values.schema.json files, the PR can't be merged otherwise. We should update the Renovate PRs with an additional commit populating these changes.

Describe the bug

Backstage POD unable to start, following error after installing helm chart from the openshift developer console

Backend failed to start up Error: Missing required config value at 'backend.auth.keys[0].secret'

A clear and concise description of what the bug is. (provide screenshots if applicable)

Expected Behavior

What are the steps to reproduce this bug?

1. …
2. …
3. …

Versions of software used and environment

Describe the bug

Installing RHDH failed on non-OpenShift clusters even after enabling ingress.

Expected Behavior

RHDH is installed successfully and supports ingress with minimum configuration changes in values yarml.

What are the steps to reproduce this bug?

1. login to non-OpenShift cluster
2. create a namespace: kubectl create namespace rhdh
3. create a quay pull secretkubectl apply -f rhdh-quay-pull-secret.yaml --namespace=rhdh
4. run helm install by setting [ingress.enabled=true, route.enabled=false, global.host=[host-name]]

helm upgrade -i developer-hub -n rhdh https://github.com/rhdh-bot/openshift-helm-charts/raw/developer-hub-1.0-190-CI/charts/redhat/redhat/developer-hub/1.0-190-CI/developer-hub-1.0-190-CI.tgz -f values_rhdh.yaml --set ingress.enabled=true --set route.enabled=false --set global.host=backstage.127.0.0.1.nip.io

File used in the command line above:

• values_rhdh.yaml(https://github.com/janus-idp/helm-backstage/files/13453515/values_rhdh.yaml.txt)

5. verify the install: kubectl get pods -n rhdh

  output: 
  NAME                             READY   STATUS                  RESTARTS      AGE
  developer-hub-849c59bfd6-7mmvl   0/1     Init:CrashLoopBackOff   5 (24s ago)   3m50s

In addition, in the default 'values.yaml' file, 'upstream.ingress.* ' should be located in 'ingress.* ' like

ingress:
 enabled: true
 host: '{{ .Values.global.host }}'

Otherwise, helm install by using avalues.yaml file with the enabled ingress results in an error:

Error: YAML parse error on developer-hub/charts/upstream/templates/ingress.yaml: error converting YAML to JSON: yaml: invalid map key: map[interface {}]interface {}{".Values.global.host":interface {}(nil)}

Versions of software used and environment

quay.io/rhdh/rhdh-hub-rhel9:1.0-190

Create a /bump command that would allow us to dynamically update the chart version via PR comment. This will be useful on Renovate PRs.

This can replace #81 since a version bump should be always involved.

What needs to be done

Disable blank issues in favor of a blank issue template to help ensure all new issues have the status/triage label

Hi everyone,

when I am trying to deploy on openshift, this happened:

$ helm install backstage-helm janus-idp/backstage -f values-openshift.yaml

coalesce.go:220: warning: cannot overwrite table with non table for postgresql.networkPolicy.egressRules.customRules (map[])
NAME: backstage-helm
LAST DEPLOYED: Thu May 11 17:15:40 2023
NAMESPACE: xxxxxxxxxx
STATUS: deployed
REVISION: 1
TEST SUITE: None

And the result is postgresql won't start.

We are looking into using this helm chart to dry run backstage to see wether we like it or not. The chart itself is running fine however it's not behind some kind of login page which isn't desirable.

I would like to be able to manipulate the app-config.yaml through the values file to insert information related to the auth provider but at this moment that's impossible.

See: https://github.com/redhat-developer/helm-backstage/blob/1bcfb8a66d87a5165597fbea5be5d50802668683/charts/backstage/templates/app-config.yaml#L79

Minor bugs need to be fixed in readme,

• helm upgrade -i oci://ghcr.io/janus-idp/helm-backstage/backstage --version=<version>
  should be updated to
  helm upgrade -i <release-name> oci://ghcr.io/janus-idp/helm-backstage/backstage --version=<version>
• when installing from oci repository, a user needs to set HELM_EXPERIMENTAL_OCI=1 to avoid installation errors. It would be nicer to have the instruction in README.
  However, the error message contains the correct instruction to fix the error :

Installing janus backstage on OpenShift
Error: this feature has been marked as experimental and is not enabled by default. Please set HELM_EXPERIMENTAL_OCI=1 in your environment to use this feature

helm upgrade -i backstage-0.1.1 redhat-developer-backstage/backstage results in the error message
Error: execution error at (backstage/templates/app-config.yaml:13:18): Provide App baseUrl in values
and the readme.md does not indicate how the end-user should workaround that error

Hey, I think it would be nice to provide users with a simple switch to enable monitoring on the backstage instance.

This should include:

• ServiceMonitor for Backstage
• ServiceMonitor for PG cluster
• metrics exporter for PG
• Basic dashboard as a ConfigMap allowing users to easily import it if they choose to deploy a namespaced grafana (import it into GrafanaDashboard resource).

LMK if there would be interest for this feature and we can implement it.

Describe the bug

Deploying the chart results in VolumeClaim to be created from a template. ArgoCD complains about following issue:

Expected Behavior

Chart doesn't use fields that are not admissible.

What are the steps to reproduce this bug?

TBD

Versions of software used and environment

The default baseUrl value in values.yaml (baseUrl: 'https://{{- include "janus-idp.hostname" . }}') doesn't render the correct hostname when clusterRouteBase is set.

• Deployed Janus chart with release name janus.
  • Route name is janus-backstage
  • Route host is janus-backstage-janus.<clusterRouterBase>
  • janus-idp.hostname is janus-janus.<clusterRouterBase>

Temporary workaround is to set baseUrl manually

In order for user chart to survive helm upgrade they need to provide the database secret credentials secret name. This needs to be documented since, OCP console is not showing upgrade warning as the CLI does.

What do you want to improve?

Would like to be able to set labels.

What is the current behavior?

What is the new behavior?

What do you want to improve?

Simplify the definition of the application host name for a chart deployer.

What is the current behavior?

The chart deployer must specify the application host using either global.host or global.clusterRouterBase.
The latter parameter is basically requesting the user to specify a cluster configuration that we can also extract from the cluster itself with a lookup function.

What is the new behavior?

In the janus-idp.hostname template function, extend the exit condition with a further attempt to lookup the cluster domain from the configuration, as in:
oc get ingress.config.openshift.io/cluster -oyaml | yq '.spec.domain'
If the configuration is found, then we can use it as a last resort option.

What needs to be done?

Add github issue templates in helm-backstage using the default templates in the janus-idp organization.

As per JSON Schema standard the "format" keyword should only take an advisory role (like an annotation) and should not affect validation. In OCP helm form view it is somehow used during validation.

Tracking as: https://issues.redhat.com/browse/OCPBUGS-14875

Originally posted by @tumido in #64 (comment)

To avoid errors when starting the backstage container, add an initContainer to the backstage deployment to wait for PostgreSQL to be active

• ServiceMonitor instructs OpenShift Monitoring stack (Prometheus Operator) to scrape metrics (janus-idp/backstage-showcase#469) from Backstage.

epic: janus-idp/backstage-showcase#229

When installing this to a Vanilla Kubernetes cluster, the liveness checks never complete as they poll the http port, which never returns. Changing this from -

          livenessProbe:
            httpGet:
              path: /
              port: http
          readinessProbe:
            httpGet:
              path: /
              port: http

to this -

          ports:
            - name: http
              containerPort: {{ .Values.service.targetPort }}
              protocol: TCP
          livenessProbe:
            httpGet:
              path: /
              port: {{ .Values.service.targetPort }}

The secondary failure is the postgres service.

spec:
  clusterIP: None
  ports:
    - port: {{ .Values.postgres.database_port }}
      targetPort: http
      protocol: TCP
      name: http

results in postgres being unreachable.
Modifying to the postgres port resolves this.

Backstage pod log -

�[2m2022-11-14T11:19:12.366Z�[22m �[34mbackstage�[39m �[32minfo�[39m Loaded config from app-config.yaml
�[2m2022-11-14T11:19:12.397Z�[22m �[34mbackstage�[39m �[32minfo�[39m 0 secret found in the config which will be redacted
�[2m2022-11-14T11:19:12.425Z�[22m �[34mbackstage�[39m �[32minfo�[39m Created UrlReader predicateMux{readers=azure{host=dev.azure.com,authed=false},bitbucketCloud{host=bitbucket.org,authed=false},github{host=github.com,authed=false},gitlab{host=gitlab.com,authed=false},awsS3{host=amazonaws.com,authed=false},fetch{}
Backend failed to start up Error: Failed to connect to the database to make sure that 'backstage_plugin_catalog' exists, Error: getaddrinfo ENOTFOUND backstage-postgresql.default.svc
    at /opt/app-root/src/node_modules/@backstage/backend-common/dist/index.cjs.js:1015:17
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at async CatalogBuilder.build (/opt/app-root/src/node_modules/@backstage/plugin-catalog-backend/dist/index.cjs.js:4092:22)
    at async createPlugin$4 (/opt/app-root/src/packages/backend/dist/index.cjs.js:62:40)
    at async main (/opt/app-root/src/packages/backend/dist/index.cjs.js:206:29)

Backstage-postgres endpoint

NAME                                        ENDPOINTS                           AGE
backstage                                   x.x.x.x:7007                        10d
backstage-postgresql                        <none>                              10d

What do you want to improve?

Add the newly added integrity field required for checking integrity of npm packages for dynamic plugins introduced in janus-idp/backstage-showcase#670.

"integrity": {
  "title": "Integrity checksum of the package. Optional for local packages. Supported algorithms include: `sha512`, `sha384` and `sha256`. Refer to https://w3c.github.io/webappsec-subresource-integrity/#integrity-metadata-description for more information",
  "type": "string"
}

Currently a separate PersistentVolumeClaim is created to support the storage of PostgreSQL StatefulSet. Implement a volumeClaimTemplate moving forward to align with the benefits of a StatefulSet

This helm chart definitely helped me get backstage up and running on OCP (I was making my own image and struggling to get the urls configured correctly before). However, is there a recommended way to add plugins to the image being deployed with this Helm chart? I imagine I have to modify the underlying image like before?

For example the cpu, mem, etc

Clicking the Install Helm chart button results in different outcomes depending on the cluster location:

OpenShift Local

Developer Sandbox

OpenShift (aka remote cluster, non-restricted)

I think we need to inline the remote JSON schema references... Unfortunately. This will expose us to copy-paste errors. It's not a great solution.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

If user chooses the most likely path of default deploy, let's remove most of the manual labor from the process. Currently they have to essentially copy paste a value into 3 different places. Let's streamline this into a single default.

 upstream:
   backstage:
     appConfig:
       app:
         baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
       backend:
         baseUrl: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'
         cors:
           origin: 'https://{{- print .Release.Name "-" .Release.Namespace -}}.apps.example.com'

What needs to be done?

Add workflow to automatically add newly created issues in the helm-backstage repository into the organization project

https://github.com/bitnami-labs/readme-generator-for-helm provides a way to generate values.schema.json and README on the fly from values.yaml. We should explore if this would be useful for our chart or not.

When I attempt to deploy this chart, the backstage application pod fails to run. I tried the latest image, as well as some of the older image tags as well.

$ oc logs -f po/backstage-5cf5cb6ccd-ppwcv
exec /usr/bin/node: exec format error

$ oc describe deployment/backstage
Name: backstage
Namespace: default
CreationTimestamp: Mon, 30 Jan 2023 10:23:16 -0600
Labels: app.kubernetes.io/instance=backstage
app.kubernetes.io/managed-by=Helm
app.kubernetes.io/name=backstage
app.kubernetes.io/version=v1.7.0
helm.sh/chart=backstage-0.1.6
Annotations: deployment.kubernetes.io/revision: 7
meta.helm.sh/release-name: backstage
meta.helm.sh/release-namespace: default
Selector: app.kubernetes.io/instance=backstage,app.kubernetes.io/name=backstage
Replicas: 1 desired | 1 updated | 1 total | 0 available | 1 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app.kubernetes.io/instance=backstage
app.kubernetes.io/name=backstage
Service Account: backstage
Containers:
backstage:
Image: ghcr.io/janus-idp/redhat-backstage-build:500312b32dc375b5326550c498aadeeeac1b33f9
Port: 8080/TCP
Host Port: 0/TCP
Command:
node
packages/backend
--config
/config/app-config.yaml
Limits:
cpu: 100m
memory: 128Mi
Requests:
cpu: 100m
memory: 128Mi
Liveness: http-get http://:http/ delay=0s timeout=1s period=10s #success=1 #failure=3
Readiness: http-get http://:http/ delay=0s timeout=1s period=10s #success=1 #failure=3
Environment:
POSTGRES_ADMIN_PASSWORD: <set to the key 'databasePassword' in secret 'backstage-postgresql'> Optional: false
POSTGRES_HOST: backstage-postgresql.default.svc
POSTGRES_USER: postgres
POSTGRES_PORT: 5432
Mounts:
/config from backstage-config (ro)
Volumes:
backstage-config:
Type: Secret (a volume populated by a Secret)
SecretName: backstage-config
Optional: false
Conditions:
Type Status Reason

Progressing True NewReplicaSetAvailable
Available False MinimumReplicasUnavailable
OldReplicaSets:
NewReplicaSet: backstage-5cf5cb6ccd (1/1 replicas created)
Events:
Type Reason Age From Message

Normal ScalingReplicaSet 39m deployment-controller Scaled down replica set backstage-5cf5cb6ccd to 0
Normal ScalingReplicaSet 2m6s (x2 over 2d18h) deployment-controller Scaled up replica set backstage-5cf5cb6ccd to 1

Form view is stuck in endless loading if we reference particular schema version.. I need to investigate further and will follow up with yet another bug report....

Traced back to: rjsf-team/react-jsonschema-form#2241 - the library used to validate the chart's schema (totally unnecessary to do on the frontend IMO), doesn't support JSON Schema standard 2019-09 and the current revision 2020-20.

Tracking as: https://issues.redhat.com/browse/OCPBUGS-14874

Originally posted by @tumido in #64 (comment)

test

Describe the bug

When installing via chart, the backstage container fails its init phase:

runc create failed: unable to start container process: exec: "./install-dynamic-plugins.sh": stat ./install-dynamic-plugins.sh: no such file or directory"

Expected Behavior

The container starts.

What are the steps to reproduce this bug?

1. Follow instructions in the README
2. Add helm repos
3. (optional) customize values
4. Helm install

Versions of software used and environment

OCP 4.14 fresh install with ODF
OCP 4.13 fresh install with ODF

Describe the bug

When trying to upgrade RHDH deployment configuration done via Helm Chart in OpenShift console, it fails with

Backend failed to start up Error: Missing required config value at 'backend.database.client'

What are the steps to reproduce this bug?

Versions of software used and environment

using 1.0-163-CI from https://gist.github.com/nickboldt/a8483eb244f9c4286798e85accaa70af

What do you want to improve?

PostgreSQL should be configurable with multiple instances

What is the current behavior?

Currently Postgresql will run on a single instance.

What is the new behavior?

Should have a way to specify a number of replicas.

Describe the bug

Following deployment docs on OpenShift, users usually set global.clusterRouterBase. This in turn properly resolve host for configmap but leaves the spec.host in Route empty. Openshift automatically populates that value, however this becomes an issue when deployed via ArgoCD which assumes the spec.host should be blank instead of the generated value

Expected Behavior

Set spec.host in the chart for global.clusterRouterBase.

Versions of software used and environment

Describe the bug

Setting upstream.postgresql.auth.existingSecret is respected by the PostgreSQL subchart, however we override it for POSTGRESQL_ADMIN_PASSWORD in our default values. We do not respect the existingSecret value here. We also do not respect the postgresPassword for that matter.

Note: POSTGRESQL_ADMIN_PASSWORD is not set by the bitnami/postgres chart, however this is a required env variable for UBI-based Postgres images.

Expected Behavior

What are the steps to reproduce this bug?

1. helm template --set upstream.backstage.postgresql.auth.existingSecret=secretName janus-idp/backstage
2. Look at the environment variables exposed to the PostgreSQL container:

...
# Source: backstage/charts/upstream/charts/postgresql/templates/primary/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: release-name-postgresql
  ...
spec:
  ...
  template:
    ...
    spec:
      ...
      containers:
        - name: postgresql
          ...
          env:
            ...
            # Authentication
            - name: POSTGRES_USER
              value: "bn_backstage"
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: secretName
                  key: password
            - name: POSTGRES_POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: secretName
                  key: postgres-password
            - name: POSTGRESQL_ADMIN_PASSWORD
              valueFrom:
                secretKeyRef:
                  key: postgres-password
                  name: 'release-name-postgresql'

Versions of software used and environment