Make default operator configuration configurable not hardcoded (#49)

* yaml/configMap default configuration

* fix make test

* fix with new objects

* fix with new objects

* config small fixes

* fix for #51

.gitignore

@@ -1,5 +1,3 @@
-./scripts
-
 # Binaries for programs and plugins
 *.exe
 *.exe~
@@ -28,4 +26,5 @@ __debug_bin*
 *.swo
 *~
 .vscode/
+.scripts/
 .DS_Store

Makefile

@@ -53,6 +53,13 @@ IMG ?= $(IMAGE_TAG_BASE):v$(VERSION)
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
 ENVTEST_K8S_VERSION = 1.25.0
 
+# Default Backstage config directory to use
+# it has to be defined as a set of YAML files inside ./config/manager/${CONF_DIR} directory
+# to use other config - add a directory with config and run 'CONF_DIR=<dir-name> make ...'
+# TODO find better place than ./config/manager (but not ./config/overlays) ?
+# TODO it works only for make run, needs supporting make deploy as well https://github.com/janus-idp/operator/issues/47
+CONF_DIR ?= default-config
+
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
 GOBIN=$(shell go env GOPATH)/bin
@@ -111,8 +118,9 @@ vet: ## Run go vet against code.
 	go vet ./...
 
 .PHONY: test
-test: manifests generate fmt vet envtest ## Run tests.
-	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out
+test: manifests generate fmt vet envtest ## Run tests. We need LOCALBIN=$(LOCALBIN) to get correct default-config path
+	mkdir -p $(LOCALBIN)/default-config && cp config/manager/${CONF_DIR}/* $(LOCALBIN)/default-config
+	LOCALBIN=$(LOCALBIN) KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out
 
 ##@ Build
 
@@ -121,8 +129,8 @@ build: generate fmt vet ## Build manager binary.
 	go build -o bin/manager main.go
 
 .PHONY: run
-run: manifests generate fmt vet ## Run a controller from your host.
-	go run ./main.go
+run: manifests generate fmt vet build ## Run a controller from your host.
+	cd $(LOCALBIN) && mkdir -p default-config && cp ../config/manager/${CONF_DIR}/* default-config && ./manager
 
 PLATFORM ?= linux/amd64
 # If you wish built the manager image targeting other platforms you can use the --platform flag.

bundle/manifests/backstage-operator.clusterserviceversion.yaml

@@ -124,7 +124,7 @@ spec:
           app.kubernetes.io/created-by: backstage-operator
           app.kubernetes.io/instance: controller-manager
           app.kubernetes.io/managed-by: kustomize
-          app.kubernetes.io/name: deployment
+          app.kubernetes.io/name: deployment.yaml
           app.kubernetes.io/part-of: backstage-operator
           control-plane: controller-manager
         name: backstage-operator-controller-manager

config/default/kustomization.yaml

@@ -1,12 +1,12 @@
 # Adds namespace to all resources.
-namespace: backstage-operator-system
+namespace: backstage-system
 
 # Value of this field is prepended to the
 # names of all resources, e.g. a deployment named
 # "wordpress" becomes "alices-wordpress".
 # Note that it should also match with the prefix (text before '-') of the namespace
 # field above.
-namePrefix: backstage-operator-
+namePrefix: backstage-
 
 # Labels to add to all resources and selectors.
 #commonLabels:

config/manager/default-config/backend-auth-secret.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: # placeholder for '<cr-name>-auth'
+data:
+# A random value will be generated for the backend-secret key

config/manager/default-config/db-service-hl.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: backstage-psql-cr1-hl # placeholder for 'backstage-psql-<cr-name>-hl'
+spec:
+  selector:
+    backstage.io/app:  backstage-psql-cr1 # placeholder for 'backstage-psql-<cr-name>'
+  clusterIP: None
+  ports:
+    - port: 5432

config/manager/default-config/db-service.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: backstage-psql # placeholder for 'backstage-psql-<cr-name>' .NOTE: For the time it is static and linked to Secret-> postgres-secrets -> OSTGRES_HOST
+spec:
+  selector:
+    backstage.io/app:  backstage-psql-cr1 # placeholder for 'backstage-psql-<cr-name>'
+  ports:
+    - port: 5432

config/manager/default-config/db-statefulset.yaml

@@ -0,0 +1,101 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: backstage-psql-cr1 # placeholder for 'backstage-psql-<cr-name>'
+spec:
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  selector:
+    matchLabels:
+      backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-<cr-name>'
+  serviceName: backstage-psql-cr1-hl # placeholder for 'backstage-psql-<cr-name>-hl'
+  template:
+    metadata:
+      labels:
+        backstage.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-<cr-name>'
+      name: backstage-db-cr1 # placeholder for 'backstage-psql-<cr-name>'
+    spec:
+      containers:
+        - env:
+            - name: POSTGRESQL_PORT_NUMBER
+              value: "5432"
+            - name: POSTGRESQL_VOLUME_DIR
+              value: /var/lib/pgsql/data
+            - name: PGDATA
+              value: /var/lib/pgsql/data/userdata
+          envFrom:
+            - secretRef:
+                name: postgres-secrets
+          image: quay.io/fedora/postgresql-15:latest
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            seccompProfile:
+              type: RuntimeDefault
+            capabilities:
+              drop:
+                - ALL
+          livenessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - -c
+                - exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432
+            failureThreshold: 6
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: postgresql
+          ports:
+            - containerPort: 5432
+              name: tcp-postgresql
+              protocol: TCP
+          readinessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - -c
+                - -e
+                - |
+                  exec pg_isready -U ${POSTGRES_USER} -h 127.0.0.1 -p 5432
+            failureThreshold: 6
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            requests:
+              cpu: 250m
+              memory: 256Mi
+            limits:
+              memory: 1024Mi
+          volumeMounts:
+            - mountPath: /dev/shm
+              name: dshm
+            - mountPath: /var/lib/pgsql/data
+              name: data
+      restartPolicy: Always
+      securityContext: {}
+      serviceAccount: default
+      serviceAccountName: default
+      volumes:
+        - emptyDir:
+            medium: Memory
+          name: dshm
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
+  volumeClaimTemplates:
+    - apiVersion: v1
+      kind: PersistentVolumeClaim
+      metadata:
+        name: data
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 1Gi

config/manager/default-config/deployment.yaml

@@ -0,0 +1,91 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: backstage
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      backstage.io/app:  # placeholder for 'backstage-<cr-name>'
+  template:
+    metadata:
+      labels:
+        backstage.io/app:  # placeholder for 'backstage-<cr-name>'
+    spec:
+      #      serviceAccountName: default
+      volumes:
+        - ephemeral:
+            volumeClaimTemplate:
+              spec:
+                accessModes:
+                  - ReadWriteOnce
+                resources:
+                  requests:
+                    storage: 1Gi
+          name: dynamic-plugins-root
+        - name: dynamic-plugins-npmrc
+          secret:
+            defaultMode: 420
+            optional: true
+            secretName: dynamic-plugins-npmrc
+
+      initContainers:
+        - command:
+            - ./install-dynamic-plugins.sh
+            - /dynamic-plugins-root
+          env:
+            - name: NPM_CONFIG_USERCONFIG
+              value: /opt/app-root/src/.npmrc.dynamic-plugins
+          image: 'quay.io/janus-idp/backstage-showcase:next'
+          imagePullPolicy: IfNotPresent
+          name: install-dynamic-plugins
+          volumeMounts:
+            - mountPath: /dynamic-plugins-root
+              name: dynamic-plugins-root
+            - mountPath: /opt/app-root/src/.npmrc.dynamic-plugins
+              name: dynamic-plugins-npmrc
+              readOnly: true
+              subPath: .npmrc
+          workingDir: /opt/app-root/src
+
+      containers:
+        - name: backstage-backend
+          image: quay.io/janus-idp/backstage-showcase:next
+          imagePullPolicy: IfNotPresent
+          args:
+            - "--config"
+            - "dynamic-plugins-root/app-config.dynamic-plugins.yaml"
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /healthcheck
+              port: 7007
+              scheme: HTTP
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 2
+            timeoutSeconds: 2
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /healthcheck
+              port: 7007
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 2
+          ports:
+            - name: http
+              containerPort: 7007
+          env:
+            - name: APP_CONFIG_backend_listen_port
+              value: "7007"
+          envFrom:
+            - secretRef:
+                name: postgres-secrets
+          #            - secretRef:
+          #                name: backstage-secrets
+          volumeMounts:
+            - mountPath: /opt/app-root/src/dynamic-plugins-root
+              name: dynamic-plugins-root

config/manager/default-config/dynamic-plugins-configmap.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: # placeholder for '<cr-name>-dynamic-plugins'
+data:
+  "dynamic-plugins.yaml": |
+    includes:
+      - dynamic-plugins.default.yaml
+    plugins: []

config/manager/default-config/service.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: backstage
+spec:
+  type: NodePort
+  selector:
+    backstage.io/app:  # placeholder for 'backstage-<cr-name>'
+  ports:
+    - name: http
+      port: 80
+      targetPort: http

config/manager/kustomization.yaml

@@ -5,4 +5,17 @@ kind: Kustomization
 images:
 - name: controller
   newName: quay.io/rhdh/backstage-operator
-  newTag: v0.0.1
+
+generatorOptions:
+  disableNameSuffixHash: true
+
+configMapGenerator:
+- files:
+  - default-config/deployment.yaml
+  - default-config/service.yaml
+  - default-config/db-statefulset.yaml
+  - default-config/db-service.yaml
+  - default-config/db-service-hl.yaml
+  - default-config/backend-auth-secret.yaml
+  - default-config/dynamic-plugins-configmap.yaml
+  name: default-config

config/manager/manager.yaml

@@ -98,5 +98,13 @@ spec:
           requests:
             cpu: 10m
             memory: 64Mi
+        volumeMounts:
+          - mountPath: /default-config
+            name: default-config
       serviceAccountName: controller-manager
       terminationGracePeriodSeconds: 10
+      volumes:
+      - name: default-config
+        configMap:
+          name: default-config
+