Add docs for Backstage plugin with SO (#116)

aliok · web-flow · commit dc0126aba7c6 · 2025-01-02T11:17:12.000+01:00
* Add docs for Backstage plugin with SO

* Fix nav

* Problem statement

* More docs

* Usage docs

* Fix nav

* Specify the necessary permissions

* Fix broken link
diff --git a/modules/ROOT/nav.adoc b/modules/ROOT/nav.adoc
@@ -8,6 +8,8 @@
 ** Eventing
 *** xref:serverless:eventing/transport-encryption-setup.adoc[Setup transport encryption in Eventing]
 *** xref:serverless:eventing/kafka-scaling-setup.adoc[Setup Autoscaling For Eventing Kafka Components]
+*** xref:serverless:eventing/backstage-setup.adoc[Setup Backstage for Eventing]
+*** xref:serverless:eventing/backstage-usage.adoc[Knative Event Mesh Backstage Plugin]
 ** Serving
 *** xref:serverless:serving/serving-with-ingress-sharding.adoc[Use Serving with OpenShift ingress sharding]
 *** xref:serverless:serving/scaleability-and-performance-of-serving.adoc[Scalability and performance of {serverlessproductname} Serving]
diff --git a/modules/serverless/pages/eventing/backstage-setup.adoc b/modules/serverless/pages/eventing/backstage-setup.adoc
@@ -0,0 +1,216 @@
+= Setup Backstage for Eventing
+:compat-mode!:
+// Metadata:
+:description: Setup Backstage for Eventing in {serverlessproductname}
+
+This page describes how to set up Backstage for Eventing in {serverlessproductname}, which allows you to discover your Eventing resources in Backstage.
+
+In an event driven architecture, events are the first-class citizens. They are the building blocks of your application. {serverlessproductname} provides a way to create, manage, and consume events in a cloud-native way. {serverlessproductname} Eventing is built on top of Knative Eventing, which is a Kubernetes-based eventing system that provides composable primitives to build event-driven systems.
+
+However, as the number of events and event sources grow, it becomes difficult to manage them. You need a way to discover and manage these resources. This is where Backstage comes in. Backstage is an open-source platform for building developer portals. It provides a way to discover, share, and collaborate on your services and APIs.
+
+[IMPORTANT]
+====
+{serverlessproductname} Backstage integration is a Developer Preview feature only.
+
+Developer Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete.
+Red Hat does not recommend using them in production.
+These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
+
+For more information about the support scope of Red Hat Developer Preview features, see https://access.redhat.com/support/offerings/devpreview/.
+====
+
+== Prerequisites
+
+* You have access to an {product-title} account with cluster administrator access.
+
+* Install the OpenShift CLI (`oc`).
+
+* Install the {serverlessoperatorname}.
+
+* Install the https://developers.redhat.com/rhdh/overview[Red Hat Developer Hub Operator] and create a `Backstage` instance.
+
+== Enable Backstage backend for Eventing
+
+. Configure `KnativeEventing` to create the necessary backend resources for Backstage:
++
+[source,yaml]
+----
+apiVersion: operator.knative.dev/v1
+kind: KnativeEventing
+metadata:
+  name: knative-eventing
+  namespace: knative-eventing
+spec:
+
+  # Other spec fields omitted ...
+  # ...
+
+  config:
+    features:
+      backstage-backend: enabled <1>
+----
+<1> Enables Backstage backend deployment in Eventing namespace.
+
+. Apply the `KnativeEventing` resource:
++
+[source,terminal]
+----
+$ oc apply -f <filename>
+----
+
+== Create necessary tokens for Backstage backend and {serverlessproductname} communication
+
+Backstage backend will communicate with the {serverlessproductname} Backstage backend using a token. That token will be passed to the {serverlessproductname} backend and the it will use it to talk to the Kubernetes API server.
+
+. Create a `ServiceAccount`:
++
+[source,terminal]
+----
+$ oc -n knative-eventing create serviceaccount backstage-admin
+----
+
+. Create a `ClusterRole` that allows the `ServiceAccount` to list and get the necessary resources in the cluster:
++
+[source,yaml]
+----
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: backstage-admin
+rules:
+  - apiGroups:
+      - eventing.knative.dev
+    resources:
+      - brokers
+      - eventtypes
+      - triggers
+    verbs:
+      - get
+      - list
+----
+
++
+[IMPORTANT]
+====
+The `ClusterRole` should be scoped to only allow the necessary permissions.
+====
+
+. Apply the `ClusterRole` resource:
++
+[source,terminal]
+----
+$ oc apply -f <filename>
+----
+
+. Bind the `ServiceAccount` to the `ClusterRole`:
++
+[source,terminal]
+----
+$ oc create clusterrolebinding backstage-admin --clusterrole=backstage-admin --serviceaccount=knative-eventing:backstage-admin
+----
+
+. Create a secret:
++
+[source,yaml]
+----
+apiVersion: v1
+kind: Secret
+metadata:
+  name: backstage-admin
+  namespace: knative-eventing
+  annotations:
+    kubernetes.io/service-account.name: backstage-admin
+type: kubernetes.io/service-account-token
+----
+. Apply the `Secret` resource:
++
+[source,terminal]
+----
+$ oc apply -f <filename>
+----
+
+. Get the token from the secret:
++
+[source,terminal]
+----
+$ oc get secret backstage-admin -n knative-eventing -o jsonpath='{.data.token}' | base64 --decode
+----
+We are going to give this token to Red Hat Developer Hub.
+
+
+== Install the Backstage plugin on Red Hat Developer Hub
+
+. Add the `BACKSTAGE_KNATIVE_BACKEND_TOKEN` environment variable to the Red Hat Developer Hub deployment by modifying the Red Hat Developer Hub secret such as `secrets-rhdh`:
++
+[source,yaml]
+----
+kind: Secret
+apiVersion: v1
+metadata:
+  name: secrets-rhdh
+  namespace: rhdh-operator
+  # more metadata ...
+data:
+  BACKSTAGE_KNATIVE_BACKEND_TOKEN: SECRET-TOKEN <1>
+  # more data ...
+# more fields ...
+----
+<1> The token we got from the `backstage-admin` secret.
+
+. Modify the https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.3/html-single/installing_and_viewing_dynamic_plugins/index[dynamic plugins configmap] such as `dynamic-plugins-rhdh` and add an entry for the Backstage plugin:
++
+[source,yaml]
+----
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: dynamic-plugins-rhdh
+  namespace: rhdh-operator
+  # more metadata ...
+data:
+  dynamic-plugins.yaml: |-
+    includes:
+      - dynamic-plugins.default.yaml
+    plugins:
+      # - Other plugins omitted
+      # - ...
+      - package: "@knative-extensions/plugin-knative-event-mesh-backend-dynamic@1.16.0" <1>
+        integrity: "sha512-Rnw7o2UyS8X7YklwhHYEtr/yHLnDHJizIACpKaDuqddW/2+WBWrdg8geAYGAeW8u/RnXwgpkcFW27DmoQ460gQ==" <2>
+        disabled: false
+        pluginConfig:
+          catalog:
+            providers:
+              knativeEventMesh:
+                dev:
+                  token: "${BACKSTAGE_KNATIVE_BACKEND_TOKEN}" <3>
+                  baseUrl: "http://eventmesh-backend.knative-eventing.svc.cluster.local:8080" <4>
+                  schedule:
+                    frequency: { minutes: 1 } <5>
+                    timeout: { minutes: 1 } <6>
+----
+<1> The full package name of the plugin. You can find the list of available versions in https://www.npmjs.com/package/@knative-extensions/plugin-knative-event-mesh-backend-dynamic?activeTab=versions[NPM].
+<2> The integrity of the plugin package. You can find the integrity of the package  by running `npm view @knative-extensions/plugin-knative-event-mesh-backend-dynamic@1.16.0 dist.integrity`.
+<3> This will be replaced by an environment variable we have created in the previous step.
+<4> This is the URL of the Backstage backend.
+<5> The frequency at which the plugin will poll the backend for new data.
+<6> The timeout for the polling.
+
+. Apply the `ConfigMap` resource:
++
+[source,terminal]
+----
+$ oc apply -f <filename>
+----
+
+
+[NOTE]
+====
+The changes will not be applied to the Red Hat Developer Hub deployment automatically.
+You need to restart the Red Hat Developer Hub deployment to apply the changes.
+====
+
+[NOTE]
+====
+The default installation of Red Hat Developer Hub might not have the https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.3/html-single/installing_and_viewing_dynamic_plugins/index[dynamic plugins configmap] such as `dynamic-plugins-rhdh` and the https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.3/html-single/administration_guide_for_red_hat_developer_hub/index#proc-add-custom-app-config-file-ocp-operator_admin-rhdh[secret such as `secrets-rhdh`] created. See the Red Hat Developer Hub documentation for more information on how to create these resources and to reference them in the Red Hat Developer Hub instance.
+====
diff --git a/modules/serverless/pages/eventing/backstage-usage.adoc b/modules/serverless/pages/eventing/backstage-usage.adoc
@@ -0,0 +1,74 @@
+= Knative Event Mesh Backstage Plugin
+:compat-mode!
+
+This page describes how to use the Knative Event Mesh Backstage plugin to manage and discover Knative Eventing resources in Backstage.
+
+The Knative Event Mesh plugin is a Backstage plugin that allows you to view and manage Knative Eventing resources. It communicates with a backend service that runs in the Kubernetes cluster and interacts with the Kubernetes API server.
+
+Backstage is an open-source platform for building developer portals. It provides a unified way to manage and visualize the different resources that developers use in their daily work. While Backstage is not intended to replace Kubernetes dashboards, it can partially manage Knative resources and provide insights relevant to developers.
+
+[IMPORTANT]
+====
+The Knative Event Mesh plugin is a Developer Preview feature.
+
+Developer Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete.
+Red Hat does not recommend using them in production.
+These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
+
+For more information about the support scope of Red Hat Developer Preview features, see https://access.redhat.com/support/offerings/devpreview/.
+====
+
+== How it works
+
+The plugin is the frontend component of Backstage, responsible for rendering the UI and communicating with the backend. The backend service retrieves data from the Kubernetes API server and sends it to the frontend for display.
+
+This plugin leverages Backstage's link:https://backstage.io/docs/features/software-catalog/external-integrations/#custom-entity-providers[entity provider] and link:https://backstage.io/docs/features/software-catalog/external-integrations/#custom-processors[entity processor] concepts:
+
+* The entity provider fetches resources from the backend.
+* The entity processor processes these resources and makes them available to the Backstage frontend.
+
+Instead of directly showing raw Kubernetes resources, the plugin provides a more user-friendly representation of Knative Eventing resources. Certain fields are excluded, combined, or transformed for better usability.
+
+== Features
+
+The plugin shows the following Knative resources:
+
+* Brokers: Represented as Backstage link:https://backstage.io/docs/features/software-catalog/system-model#component[`Component`] entities.
+* EventTypes: Represented as Backstage link:https://backstage.io/docs/features/software-catalog/system-model#api[`API`] entities.
+* Trigger subscribers: Shown as Backstage `Component` entities if:
+** They are registered in Backstage.
+** They include the link:https://backstage.io/docs/features/kubernetes/configuration#surfacing-your-kubernetes-components-as-part-of-an-entity[`backstage.io/kubernetes-id`] annotation with the Kubernetes resource name.
+
+Triggers pointing to generic `Addressable` endpoints or URLs are not displayed unless explicitly registered in Backstage.
+
+Backstage's graph capabilities can visualize relationships between Brokers, EventTypes, and Triggers, making it easier to understand how resources are interconnected.
+
+== Security
+
+The plugin requires the administrator to configure the backend URL and a token to authenticate with the Kubernetes API server. Similar to the link:https://backstage.io/docs/features/kubernetes/configuration#configuring-kubernetes-clusters[Backstage Kubernetes plugin], the token is stored in Backstage's configuration and passed with each request to the backend.
+
+[source,yaml]
+----
+catalog:
+  providers:
+    knativeEventMesh:
+      dev:
+        token: '${KNATIVE_EVENT_MESH_TOKEN}'
+        baseUrl: "http://eventmesh-backend.knative-eventing.svc:8080"
+        schedule: # optional; same options as in TaskScheduleDefinition
+          frequency: { minutes: 1 }
+          timeout: { minutes: 1 }
+----
+
+The `token` is retrieved from the `KNATIVE_EVENT_MESH_TOKEN` environment variable. For information on creating a `ServiceAccount`, `ClusterRole`, `ClusterRoleBinding`, and the corresponding token, see the link:./backstage-setup.adoc[plugin installation documentation].
+
+== Usage
+
+The plugin displays all `Broker` and `EventType` resources in the cluster. The subscribers of `Trigger` resources are displayed if they meet the requirements specified above.
+
+* Brokers: Shown as Backstage `Component` entities.
+* EventTypes: Shown as Backstage `API` entities.
+* Trigger subscribers: Shown as `Component` entities if they are registered in Backstage and include the `backstage.io/kubernetes-id` annotation.
+
+For more information on how to install and configure this plugin, refer to the link:./backstage-setup[installation guide].
+
