chore(backstage): Added database and secrets for backstage

2025-10-28 21:34:13 +01:00
parent f6e4f44984
commit 8603742901
7 changed files with 114 additions and 0 deletions
--- a/clusters/artemis/apps/backstage/app-project.yaml
+++ b/clusters/artemis/apps/backstage/app-project.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: argoproj.io/v1alpha1
+kind: AppProject
+metadata:
+  name: backstage
+spec:
+  description: Developer Portal
+  sourceRepos:
+    - '*'
+  sourceNamespaces:
+    - '*'
+  destinations:
+    - namespace: 'backstage'
+      server: '*'
+  clusterResourceWhitelist:
+    - group: '*'
+      kind: '*'
--- a/clusters/artemis/apps/backstage/application.yaml
+++ b/clusters/artemis/apps/backstage/application.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: backstage
+  namespace: backstage
+  labels:
+    platform.dgse.cloud/cluster: artemis
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: backstage
+  source:
+    repoURL: 'https://git.dgse.cloud/DGSE/kubernetes.git'
+    path: manifests/artemis/backstage
+    targetRevision: main
+  destination:
+    namespace: backstage
+    name: in-cluster
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      prune: true
+      selfHeal: true
--- a/clusters/artemis/apps/backstage/kustomization.yaml
+++ b/clusters/artemis/apps/backstage/kustomization.yaml
@@ -0,0 +1,7 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - app-project.yaml
+  - application.yaml
--- a/clusters/artemis/apps/kustomization.yaml
+++ b/clusters/artemis/apps/kustomization.yaml
@@ -16,3 +16,4 @@ resources:
  - ntfy
  - penpot
  - immich
+  - backstage
--- a/manifests/artemis/backstage/db-cluster.yaml
+++ b/manifests/artemis/backstage/db-cluster.yaml
@@ -0,0 +1,23 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: backstage-postgres
+  namespace: backstage
+spec:
+  imageName: ghcr.io/tensorchord/cloudnative-pgvecto.rs:16.5-v0.3.0@sha256:be3f025d79aa1b747817f478e07e71be43236e14d00d8a9eb3914146245035ba
+  instances: 1
+  managed:
+    roles:
+      - name: backstage
+        superuser: true
+        login: true
+  bootstrap:
+    initdb:
+      database: backstage
+      owner: backstage
+      secret:
+        name: backstage-postgres-user
+
+  storage:
+    size: 2Gi
+    storageClass: local-path
--- a/manifests/artemis/backstage/kustomization.yaml
+++ b/manifests/artemis/backstage/kustomization.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+metadata:
+  name: backstage
+
+resources:
+  - secret.yaml
+  - db-cluster.yaml
--- a/manifests/artemis/backstage/secret.yaml
+++ b/manifests/artemis/backstage/secret.yaml
@@ -0,0 +1,33 @@
+---
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: backstage
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: platform
+    kind: ClusterSecretStore
+  target:
+    name: backstage-postgres-user
+  data:
+    - secretKey: DB_USERNAME
+      remoteRef:
+        key: backstage/db
+        property: DB_USERNAME
+    - secretKey: DB_DATABASE_NAME
+      remoteRef:
+        key: backstage/db
+        property: DB_DATABASE_NAME
+    - secretKey: DB_PASSWORD
+      remoteRef:
+        key: backstage/db
+        property: DB_PASSWORD
+    - secretKey: username
+      remoteRef:
+        key: backstage/db
+        property: username
+    - secretKey: password
+      remoteRef:
+        key: backstage/db
+        property: password