backstage
[WIP] POC PR for merging `extra*` fields
Description of the change
This is a draft POC PR to illustrate the proposal in #269
Existing or Associated Issue(s)
Fixes #269
Additional Information
- This branch in our derived chart illustrates how we would define these extra env vars as a map in the default values.yaml file, so that users can easily provide their own values.yaml extending these env vars. When using the changes here against this branch, the Deployment rendered contains the expected extra env vars merged from both values.yaml:
helm template
$ helm template charts/backstage --values charts/backstage/ci/test-merge-extraEnvVars-values.yaml
---
[...]
---
# Source: backstage/charts/upstream/templates/backstage-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: release-name-developer-hub
namespace: "my-ns"
labels:
app.kubernetes.io/name: developer-hub
helm.sh/chart: upstream-2.5.3
app.kubernetes.io/instance: release-name
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: backstage
annotations:
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: developer-hub
app.kubernetes.io/instance: release-name
app.kubernetes.io/component: backstage
template:
metadata:
labels:
app.kubernetes.io/name: developer-hub
helm.sh/chart: upstream-2.5.3
app.kubernetes.io/instance: release-name
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: backstage
annotations:
checksum/app-config: a51552987cdb96e1fb3edccca2150e003a888839c9ff5894826e4771b17fdd3c
checksum/dynamic-plugins: 'f1f9a92f14a31362d7eb30e67ac1458faf1c685765610f93a8967194d8bc1a5f'
spec:
serviceAccountName: default
volumes:
- ephemeral:
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
name: dynamic-plugins-root
- configMap:
defaultMode: 420
name: 'release-name-dynamic-plugins'
optional: true
name: dynamic-plugins
- name: dynamic-plugins-npmrc
secret:
defaultMode: 420
optional: true
secretName: 'release-name-dynamic-plugins-npmrc'
- name: dynamic-plugins-registry-auth
secret:
defaultMode: 416
optional: true
secretName: 'release-name-dynamic-plugins-registry-auth'
- emptyDir: {}
name: npmcacache
- emptyDir: {}
name: temp
- name: backstage-app-config
configMap:
name: release-name-developer-hub-app-config
initContainers:
- command:
- ./install-dynamic-plugins.sh
- /dynamic-plugins-root
env:
- name: NPM_CONFIG_USERCONFIG
value: /opt/app-root/src/.npmrc.dynamic-plugins
- name: MAX_ENTRY_SIZE
value: "30000000"
image: 'quay.io/rhdh/rhdh-hub-rhel9:latest'
imagePullPolicy: Always
name: install-dynamic-plugins
resources:
limits:
cpu: 1000m
ephemeral-storage: 5Gi
memory: 2.5Gi
requests:
cpu: 250m
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /dynamic-plugins-root
name: dynamic-plugins-root
- mountPath: /opt/app-root/src/dynamic-plugins.yaml
name: dynamic-plugins
readOnly: true
subPath: dynamic-plugins.yaml
- mountPath: /opt/app-root/src/.npmrc.dynamic-plugins
name: dynamic-plugins-npmrc
readOnly: true
subPath: .npmrc
- mountPath: /opt/app-root/src/.config/containers
name: dynamic-plugins-registry-auth
readOnly: true
- mountPath: /opt/app-root/src/.npm/_cacache
name: npmcacache
- mountPath: /tmp
name: temp
workingDir: /opt/app-root/src
containers:
- name: backstage-backend
image: quay.io/rhdh/rhdh-hub-rhel9:latest
imagePullPolicy: "Always"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
args:
- "--config"
- "dynamic-plugins-root/app-config.dynamic-plugins.yaml"
- "--config"
- "/opt/app-root/src/app-config-from-configmap.yaml"
resources:
limits:
cpu: 1000m
ephemeral-storage: 5Gi
memory: 2.5Gi
requests:
cpu: 250m
memory: 1Gi
readinessProbe:
failureThreshold: 3
httpGet:
path: /.backstage/health/v1/readiness
port: backend
scheme: HTTP
periodSeconds: 10
successThreshold: 2
timeoutSeconds: 4
livenessProbe:
failureThreshold: 3
httpGet:
path: /.backstage/health/v1/liveness
port: backend
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 4
startupProbe:
failureThreshold: 3
httpGet:
path: /.backstage/health/v1/liveness
port: backend
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 4
env:
- name: APP_CONFIG_backend_listen_port
value: "7007"
- name: POSTGRES_HOST
value: release-name-postgresql
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_USER
value: bn_backstage
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: release-name-postgresql
key: password
-
name: BACKEND_SECRET
valueFrom:
secretKeyRef:
key: backend-secret
name: 'release-name-auth'
-
name: HTTP_PROXY
valueFrom:
secretKeyRef:
key: http-proxy
name: my-super-secret
-
name: POSTGRESQL_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-password
name: 'release-name-postgresql'
-
name: LOG_LEVEL
value: debug
ports:
- name: backend
containerPort: 7007
protocol: TCP
volumeMounts:
- name: backstage-app-config
mountPath: "/opt/app-root/src/app-config-from-configmap.yaml"
subPath: app-config.yaml
- mountPath: /opt/app-root/src/dynamic-plugins-root
name: dynamic-plugins-root
- mountPath: /tmp
name: temp
---
[...]
-
This other branch illustrates how the changes here remain 100% backward compatible when
extraEnvVarsis an array. See the test values file highlighting the current behavior where we need to replicate all the chart default elements.
Checklist
- [ ] Chart version bumped in
Chart.yamlaccording to semver. - [ ] Variables are documented in the
values.yamland added to the README.md. The helm-docs utility can be used to generate the necessary content. Usehelm-docs --dry-runto preview the content. - [ ] JSON Schema generated.
- [ ] List tests pass for Chart using the Chart Testing tool and the
ct lintcommand.
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
@rm3l Did you want me to reopen this? I noticed the stalebot won the stale/not-stale battle 😄
@ChrisJBurns I'm just back from vacation and noticed your ping. Yes, please if you can reopen this. And any feedback on #269 would be much appreciated. Thanks.
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution!