DevOps Automation @ Redhat Developer Hub (RHDH)
the DevOps Automation plugins and installation and configuration guide on RHDH
Overview
RedHat Developer Hub (RHDH), which is Red Hat's implementation of Backstage, provides a centralized platform for developers to manage services, tools, and documentation in one place, promoting collaboration and easing the management of complex microservices environments. It extends Backstage with Red Hat integrations and features like dynamic plugins, CI/CD tools, and other developer-friendly functionalities.
DevOps Automation automate your software delivery process for increased productivity and operational efficiency. Delivering software and services at the speed the market demands requires teams to iterate and experiment rapidly. They must deploy new versions frequently, driven by feedback and data. The most successful development teams optimize efficiency by adopting a modern platform engineering culture and practices, embracing automation and value stream management, and assembling toolchains from best-in-class tools to unleash their productivity. See this link for more information on DevOps Automation: https://www.ibm.com/devops-automation
Bringing Red Hat Developer Hub and DevOps Automation together through the DevOps Automation Backstage plugin creates a powerful synergy for software development teams. By integrating DevOps Automation into Red Hat Developer Hub, developers can seamlessly access automation workflows, CI/CD pipelines, and value stream management tools directly from a centralized platform. This integration not only simplifies the management of complex microservices environments but also accelerates delivery cycles by providing a unified interface for deploying, monitoring, and iterating on applications. Teams benefit from reduced context switching, improved collaboration, and streamlined processes, enabling them to focus on delivering high-quality software faster while maintaining operational efficiency.
Solution design
The integration is implemented by Backstage plugin(s) running on Redhat Developer Hub (RHDH). There are 2 kinds of plugins. One is a Frontend plugin, which provide the UI and user access, another is a Backend plugin, which communicates with DevOps Automation system(s) via APIs. Frontend communicated with Backend plugin to fetch the data, while Backend collect the data from DevOps Automation system(s).
Configuration
You need to configure the integration in 2 types of configuration:
1. RHDH/Backstage plugin configuration
This kind of configuration is to configure the communication between Backend plugin to DevOps Automation. It includes the DevOps Automation URL, user token, etc. It's a plugin-level configuration.
2. User Git project level configuration
This kind of configuration it to configure the User project to map with DevOps Automation project/application. It's in project level.
Security consideration
In the RHDH, the non-guest user will be able to access Frontend plugins. There is no additional setting in plugin level.
Between Frontend and Backend, the communication is security harden using token; Direct access of Backend API is blocked. But it's still strongly suggested to protect the Backend ports using firewall or security group settings.
In the logic level, DevOps Automation plugins extract and expose data from DevOps Automation less as possible; It only provide "read" operation, not "write" operation. It means you can only view the data, but not change or trigger any change within the plugins directly. There is some change actions included in the UI of plugin, but they are implemented by navigating to the DevOps Automation original UI, which will ask you to login the DevOps Automation system(s) again. This will give your system better protection.
Plugin UI overview and demo
There are 2 tabs added into Git project UI by plugins. One is DevOps Deploy, one is DevOps Test. More tabs are under construction.
DevOps Deploy
DevOps Test
DevOps Build
Demo video
Installation and configuration guide
Access the npm
Firstly you need to get the plugin package version and checksum for the installation
latest version and checksum (please check the provided npm package url for other versions):
|
version |
checksum |
| Frontend |
devops-automation-dynamic@0.1.21 |
sha512-mczEy6O+kLJNwoF2irCCCZiGpaaZrH8YZO6hjxwe2uu9NWG1bO75v6Cb2wqIIZM1gjS8qYU6mdpFA1O3YbqaPQ== |
| Backend |
devops-automation-backend-dynamic@0.1.21 |
sha512-xgorQv7BF+mkhvNqg7nc9tYLrcEjRi2+/Y9ota1/im6L6BxUr73liaq7BuFCB9V1uA+uyT/dJdH6ppFaPVRZdg== |
If you want to get the checksum by yourself, you can run this command:
npm view <PLUGIN_NAME>@<VERSION> dist.integrity
example:
$npm view devops-automation-backend-dynamic@0.1.21 dist.integrity
sha512-xgorQv7BF+mkhvNqg7nc9tYLrcEjRi2+/Y9ota1/im6L6BxUr73liaq7BuFCB9V1uA+uyT/dJdH6ppFaPVRZdg==
the sha512-xgorQv7BF+mkhvNqg7nc9tYLrcEjRi2+/Y9ota1/im6L6BxUr73liaq7BuFCB9V1uA+uyT/dJdH6ppFaPVRZdg== is the checksum for this version.
Installation of RHDH
1. In OpenShift, install your RHDH following Redhat instruction.
2. Configure it to run as a non-guest identity provider, like Github.
Installation of DevOps Automation plugins
1. Create ConfigMap
Create/Edit a ConfigMap exactly named "app-config-rhdh". Add the following content:
devops-automation:
general:
VERIFY_CERT: true
deploy:
DEPLOY_SERVER_URL: ${DEPLOY_SERVER_URL}
DEPLOY_TOKEN: ${DEPLOY_TOKEN}
test:
TEST_SERVER_URL: ${TEST_SERVER_URL}
TEST_TOKEN: ${TEST_TOKEN}
build:
BUILD_SERVER_URL: ${BUILD_SERVER_URL}
BUILD_TOKEN: ${BUILD_TOKEN}
dynamicPlugins:
rootDirectory: dynamic-plugins-root
frontend:
devops-automation:
mountPoints:
- mountPoint: entity.page.devops.deploy/cards
module: DeployModule
importName: DeployPage
config:
layout:
gridColumn: "1 / -1"
if:
anyOf:
- hasAnnotation: deploy.devops-automation/component_name
- mountPoint: entity.page.devops.test/cards
module: TestModule
importName: TestPage
config:
layout:
gridColumn: "1 / -1"
if:
anyOf:
- hasAnnotation: test.devops-automation/projectID
- mountPoint: entity.page.devops.build/cards
module: BuildModule
importName: BuildPage
config:
layout:
gridColumn: "1 / -1"
if:
anyOf:
- hasAnnotation: build.devops-automation/projectIDs
entityTabs:
- path: /devops_deploy
title: DevOps Deploy
mountPoint: entity.page.devops.deploy
- path: /devops_test
title: DevOps Test
mountPoint: entity.page.devops.test
- path: /devops_build
title: DevOps Build
mountPoint: entity.page.devops.build
Note:
field definition
| field |
default |
usage |
| devops-automation.general.VERIFY_CERT |
none |
true|false: You only set to false if your DevOps Build/Deploy/Test server doesn't support verified certificate. |
Define secret
In project RHDH project, define a new secret named "devops-automation-secret" (or a name you prefer to), with the following item/values:
| item |
description |
example |
| DEPLOY_SERVER_URL |
URL of the DevOps Deploy server (NOT ended with '/') |
https://192.168.0.111:8443 |
| DEPLOY_TOKEN |
Token created in DevOps Deploy side. Go to DevOps Deploy UI, settings->Security->Tokens. Create a token of a user with the minimum privilege as possible. |
526dd818-529d-21aa-d66a-0077f2a1abb2 |
| TEST_SERVER_URL |
URL of the DevOps Test Hub server (NOT ended with '/') |
https://myhub2.test.ibm.com |
| TEST_TOKEN |
User Token of DevOps Test Hub server |
|
| BUILD_SERVER_URL |
URL of the DevOps Build(NOT ended with '/') |
https://10.0.0.1:8443 |
| BUILD_TOKEN |
User Token of DevOps Build |
|
Define Deployment->Environment
Find the deployment (redhat-developer-hub) in project redhat-developer-hub, go to the environment tab, add these following environment values:
Upgrade RHDH to install plugins
Login into RedHat OpenShift Container Platform UI, switch to Developer mode:
Click Helm, and locate your RHDH helm. Upgrade it:
expend Root Schema -> global -> Dynamic plugins configuration ->List of Dynamic plugins that should be installed in the backstage application
click "Add List of dynamic plugins that should be installed in the backstage application, and input the frontend plugin version and checkshum. Keep the "disable the plugin" unchecked.
Do this again to add the backend plugin:
Click the Upgrade button in the bottom and wait for several minutes for its completion.
Configure your git project
Go to your git project, locate the /catalog-info.yaml
For DevOps Deploy, you need to configure annotation:
deploy.devops-automation/component_name: "[YOUR_COMPONENT]"
For DevOps Test, you need to configure annotation:
test.devops-automation/projectID: "[YOUR_PROJECT_ID]"
test.devops-automation/space: "[YOUR_SPACE]"
Here is an example:
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
name: "sand2Create"
annotations:
github.com/project-slug: xxxxx/sand2Create
backstage.io/techdocs-ref: dir:.
deploy.devops-automation/component_name: "SIT-tester"
test.devops-automation/projectID: "1150"
test.devops-automation/space: "testhub"
build.devops-automation/projectIDs: "21,22"
spec:
type: service
lifecycle: experimental
owner: "group:default/xxxxxx"
Supported system
Support Backstage system:
- RedHat Developer Hub (only tested in OpenShift Container Platform. Other installation shall be OK but vary on the configuration/installation steps)
Other Backstage systems:
- Janus IDP - not tested. In theory, it shall work with minimum change in configuration/installation steps
- BackStage - not tested. To be supported in the future if needed.
Development Plan
Currently we are still in the development stage with only 2 tabs (DevOps Deploy and DevOps Test) provided in the current release. We are planning to add more tabs/feature in the next several months.
Contact me
Fan Hu
Product Manager of IBM DevOps Automation for RedHat, IBM DevOps Solution Lead Architect (AP)
fanhu@au1.ibm.com