apiVersion: v1 kind: ConfigMap metadata: name: app-config namespace: backstage data: app-config.yaml: | app: title: Backstage Voorbeeld App baseUrl: https://backstage-lp.allarddcs.nl googleAnalyticsTrackingId: # UA-000000-0 #datadogRum: # clientToken: '123456789' # applicationId: qwerty # site: # datadoghq.eu default = datadoghq.com # env: # optional support: url: https://github.com/backstage/backstage/issues # Used by common ErrorPage items: # Used by common SupportButton component - title: Issues icon: github links: - url: https://github.com/backstage/backstage/issues title: GitHub Issues - title: Discord Chatroom icon: chat links: - url: https://discord.gg/MUpMjP2 title: '#backstage' backend: baseUrl: https://backstage-lp.allarddcs.nl listen: port: 7000 database: client: pg connection: host: postgres13.postgres port: 5432 user: backstage password: backstage cache: store: memory cors: origin: http://localhost:3000 methods: [GET, POST, PUT, DELETE] credentials: true csp: connect-src: ["'self'", 'http:', 'https:'] # Content-Security-Policy directives follow the Helmet format: https://helmetjs.github.io/#reference # Default Helmet Content-Security-Policy values can be removed by setting the key to false reading: allow: - host: example.com - host: '*.mozilla.org' # workingDirectory: /tmp # Use this to configure a working directory for the scaffolder, defaults to the OS temp-dir # See README.md in the proxy-backend plugin for information on the configuration format proxy: '/circleci/api': target: https://circleci.com/api/v1.1 headers: Circle-Token: ${CIRCLECI_AUTH_TOKEN} '/jenkins/api': target: http://localhost:8080 headers: Authorization: ${JENKINS_BASIC_AUTH_HEADER} '/travisci/api': target: https://api.travis-ci.com changeOrigin: true headers: Authorization: ${TRAVISCI_AUTH_TOKEN} travis-api-version: '3' '/newrelic/apm/api': target: https://api.newrelic.com/v2 headers: X-Api-Key: ${NEW_RELIC_REST_API_KEY} '/pagerduty': target: https://api.pagerduty.com headers: Authorization: Token token=${PAGERDUTY_TOKEN} '/buildkite/api': target: https://api.buildkite.com/v2/ headers: Authorization: ${BUILDKITE_TOKEN} '/sentry/api': target: https://sentry.io/api/ allowedMethods: ['GET'] headers: Authorization: ${SENTRY_TOKEN} '/ilert': target: https://api.ilert.com allowedMethods: ['GET', 'POST', 'PUT'] allowedHeaders: ['Authorization'] headers: Authorization: ${ILERT_AUTH_HEADER} organization: name: AllardDCS # Reference documentation http://backstage.io/docs/features/techdocs/configuration # Note: After experimenting with basic setup, use CI/CD to generate docs # and an external cloud storage when deploying TechDocs for production use-case. # https://backstage.io/docs/features/techdocs/how-to-guides#how-to-migrate-from-techdocs-basic-to-recommended-deployment-approach techdocs: builder: 'local' # Alternatives - 'external' generator: runIn: 'docker' # dockerImage: my-org/techdocs # use a custom docker image # pullImage: true # or false to disable automatic pulling of image (e.g. if custom docker login is required) publisher: type: 'local' # Alternatives - 'googleGcs' or 'awsS3' or 'azureBlobStorage' or 'openStackSwift'. Read documentation for using alternatives. sentry: organization: my-company rollbar: organization: my-company # NOTE: The rollbar-backend & accountToken key may be deprecated in the future (replaced by a proxy config) accountToken: my-rollbar-account-token lighthouse: baseUrl: http://localhost:3003 kubernetes: serviceLocatorMethod: type: 'multiTenant' clusterLocatorMethods: - type: 'config' clusters: [] kafka: clientId: backstage clusters: - name: cluster brokers: - localhost:9092 integrations: github: - host: github.com token: $env: GITHUB_TOKEN gitea: - host: gitea-dev.allarddcs.nl apiBaseUrl: https://gitea-dev.allarddcs.nl/api/v1 token: "7c289d89b02489984fc9850411bb26f6ee4e9d37" gitlab: - host: gitlab.com token: ${GITLAB_TOKEN} bitbucket: - host: bitbucket.org username: ${BITBUCKET_USERNAME} appPassword: ${BITBUCKET_APP_PASSWORD} azure: - host: dev.azure.com token: ${AZURE_TOKEN} # googleGcs: # clientEmail: 'example@example.com' # privateKey: ${GCS_PRIVATE_KEY} catalog: rules: - allow: - Component - API - Resource - Group - User - Template - System - Domain - Location processors: githubOrg: providers: - target: https://github.com token: $env: GITHUB_TOKEN gitea: - host: gitea-dev.allarddcs.nl apiBaseUrl: https://gitea-dev.allarddcs.nl/api/v1 #### Example for how to add your GitHub Enterprise instance using the API: # - target: https://ghe.example.net # apiBaseUrl: https://ghe.example.net/api # token: ${GHE_TOKEN} ldapOrg: ### Example for how to add your enterprise LDAP server # providers: # - target: ldaps://ds.example.net # bind: # dn: uid=ldap-reader-user,ou=people,ou=example,dc=example,dc=net # secret: ${LDAP_SECRET} # users: # dn: ou=people,ou=example,dc=example,dc=net # options: # filter: (uid=*) # map: # description: l # groups: # dn: ou=access,ou=groups,ou=example,dc=example,dc=net # options: # filter: (&(objectClass=some-group-class)(!(groupType=email))) microsoftGraphOrg: ### Example for how to add your Microsoft Graph tenant #providers: # - target: https://graph.microsoft.com/v1.0 # authority: https://login.microsoftonline.com # tenantId: ${MICROSOFT_GRAPH_TENANT_ID} # clientId: ${MICROSOFT_GRAPH_CLIENT_ID} # clientSecret: ${MICROSOFT_GRAPH_CLIENT_SECRET_TOKEN} # userFilter: accountEnabled eq true and userType eq 'member' # groupFilter: securityEnabled eq false and mailEnabled eq true and groupTypes/any(c:c+eq+'Unified') locations: - type: url target: https://gitea-dev.allarddcs.nl/allard/kubernetes/raw/branch/master/group.yaml rules: - allow: [Group] - type: url target: https://gitea-dev.allarddcs.nl/allard/kubernetes/raw/branch/master/system.yaml rules: - allow: [System] - type: url target: https://gitea-dev.allarddcs.nl/allard/kubernetes/raw/branch/master/catalog-info.yaml rules: - allow: [Component] scaffolder: # Use to customize default commit author info used when new components are created # defaultAuthor: # name: Scaffolder # email: scaffolder@backstage.io # Use to customize the default commit message when new components are created # defaultCommitMessage: 'Initial commit' github: token: $env: GITHUB_TOKEN visibility: public # or 'internal' or 'private' gitea: api: baseUrl: https://gitea-dev.allarddcs.nl token: ${GITEA_TOKEN} visibility: public # or 'internal' or 'private' gitlab: api: baseUrl: https://gitlab.com token: ${GITLAB_TOKEN} visibility: public # or 'internal' or 'private' azure: baseUrl: https://dev.azure.com/{your-organization} api: token: ${AZURE_TOKEN} bitbucket: api: host: https://bitbucket.org username: ${BITBUCKET_USERNAME} token: ${BITBUCKET_TOKEN} visibility: public # or or 'private' auth: environment: development ### Providing an auth.session.secret will enable session support in the auth-backend # session: # secret: custom session secret providers: google: development: clientId: arbitrary-value clientSecret: arbitrary-value github: development: clientId: arbitrary-value clientSecret: arbitrary-value enterpriseInstanceUrl: arbitrary-value gitlab: development: clientId: arbitrary-value clientSecret: arbitrary-value audience: arbitrary-value saml: entryPoint: 'http://localhost:7001/' issuer: 'passport-saml' okta: development: clientId: arbitrary-value clientSecret: arbitrary-value audience: arbitrary-value oauth2: development: clientId: arbitrary-value clientSecret: arbitrary-value authorizationUrl: arbitrary-value tokenUrl: arbitrary-value ### # provide a list of scopes as needed for your OAuth2 Server: # # scope: saml-login-selector openid profile email oidc: # Note that you must define a session secret (see above) since the oidc provider requires session support. # Note that by default, this provider will use the 'none' prompt which assumes that your are already logged on in the IDP. # You should set prompt to: # - auto: will let the IDP decide if you need to log on or if you can skip login when you have an active SSO session # - login: will force the IDP to always present a login form to the user development: metadataUrl: arbirarty-value clientId: arbirarty-value clientSecret: arbirarty-value authorizationUrl: arbirarty-value tokenUrl: arbirarty-value tokenSignedResponseAlg: arbirarty-value scope: arbirarty-value # default='openid profile email' prompt: arbirarty-value # default=none (allowed values: auto, none, consent, login) auth0: development: clientId: arbirarty-value clientSecret: arbirarty-value domain: arbirarty-value microsoft: development: clientId: arbirarty-value clientSecret: arbirarty-value tenantId: arbirarty-value onelogin: development: clientId: arbirarty-value clientSecret: arbirarty-value issuer: arbirarty-value costInsights: engineerCost: 200000 products: computeEngine: name: Compute Engine icon: compute cloudDataflow: name: Cloud Dataflow icon: data cloudStorage: name: Cloud Storage icon: storage bigQuery: name: BigQuery icon: search events: name: Events icon: data metrics: DAU: name: Daily Active Users default: true MSC: name: Monthly Subscribers homepage: clocks: - label: UTC timezone: UTC - label: NYC timezone: 'America/New_York' - label: STO timezone: 'Europe/Stockholm' - label: TYO timezone: 'Asia/Tokyo' pagerduty: eventsBaseUrl: 'https://events.pagerduty.com/v2' jenkins: instances: - name: default baseUrl: https://jenkins.example.com username: backstage-bot apiKey: 123456789abcdef0123456789abcedf012