Skip to content

OpsMx/helm-cnoe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

65 Commits
backstage
backstage
 
 
charts/keycloak
charts/keycloak
 
 
README.md
README.md
 
 

Repository files navigation

Installing Keycloak

  1. Clone the repo.Ex: git clone https://github.com/OpsMx/helm-cnoe.git
  2. cd helm-cnoe/charts/keycloak
  3. Edit values.yaml by passing host keycloak(Keycloak ingress) and set createIngress to true.
  4. Run the command helm install kc . -f values.yaml -n keycloak --timeout=10m --create-namespace
  5. Once keycloak is up and running, Login to the Keycloak UI.Click on Admin console.Username is cnoe-admin and get the password by decoding KEYCLOAK_ADMIN_PASSWORD from keycloak-config secret. Ex: kubectl -n keycloak get secret keycloak-config -o jsonpath='{.data.KEYCLOAK_ADMIN_PASSWORD}' | base64 -d; echo

Creating Backstage client in keycloak. It is a one-time process. Errors occur if you repeat it.

  1. Now apply keycloak-script cm in the keycloak namespace. Ex:kubectl apply -f keycloak-script.yml -n keycloak
  2. Edit the keycloak-payload.yml and pass the correct backstage host name in redirectUri's parameter in lineno:85.
  3. Apply keycloak-payload cm in the keycloak namespace. Ex:kubectl apply -f keycloak-payload.yml -n keycloak
  4. Run the keycloak-job in the keycloak namespace. Ex:kubectl apply -f kc-job.yml -n keycloak
  5. Once the job is completed, Refresh the Keycloak UI and you will be seeing cnoe realm created, Groups created, Users 1 and 2 created. Also in clients backstage will be created.
  6. Get the Keycloak client secret from the keycloak UI.For this select cnoe realm from the top-left dropdown then click on clients from the left-side menu and click on backtage client and click credentials tab then copy the client secret by clicking on eye icon.Save it and later add it to the backstage-env-vars in backstage installation.

Installing Backstage

  1. Create a namespace. Ex: kubectl create ns backstage
  2. cd ../..
  3. cd backstage
  4. Edit values.yaml by passing host backtage(backstage ingress) and set createIngress to true. Pass the host-name that you entered in keycloak-payload.yml.
  5. Run the command helm install bs . -f values.yaml -n backstage --timeout=10m
  6. Create backstage-env-vars secret. Ex: kubectl create secret generic backstage-env-vars --from-literal=ARGO_CD_URL=https://<ARGO_CD_URL> --from-literal=ARGO_WORKFLOWS_URL=https://<ARGO_WF_URL> --from-literal=ARGOCD_AUTH_TOKEN=<ARGO_CD_TOKEN> --from-literal=BACKSTAGE_FRONTEND_URL=https://<BACKSTAGE_URL> --from-literal=KEYCLOAK_CLIENT_SECRET=<CLIENT_SECRET> --from-literal=KEYCLOAK_NAME_METADATA=https://<KEYCLOAK.HOST.NAME>/realms/cnoe/.well-known/openid-configuration --from-literal=POSTGRES_HOST=postgresql --from-literal=POSTGRES_PASSWORD=<psql_password> --from-literal=POSTGRES_PORT=5432 --from-literal=POSTGRES_USER=backstage -n backstage. Get the postgres details from postgresql-config secret and decode.
  7. Restart backstage deployment if necessary. Ex: kubectl rollout-restart deploy/backstage -n backstage
  8. Once the pod is up and running, Login to the Backstage UI.
  9. Click on SignIn button. Username is user1 and get the password by decoding user1-password from keycloak-user-config secret Ex: kubectl -n keycloak get secret keycloak-user-config -o jsonpath='{.data.user1-password}' | base64 -d; echo

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published