Module 1: IDP Setup

When Red Hat Developer Hub is installed via the operator there are some mandatory settings that need to be set:

  • create mandatory backend secret

  • add the BASEDOMAIN to enable proper navigation and CORs settings

Customizing the instance requires a custom application file defined in a ConfigMap object. Additionally we can use a Secret object to store sensitive data required by Red Hat Developer Hub. An example of sensitive data required is the BACKEND_SECRET variable. That variable contains a mandatory backend authentication key.

Here a sample of that secret file:

kind: Secret
apiVersion: v1
metadata:
  name: rhdh-secrets
stringData:
  BACKEND_SECRET: tech-exercises-secret
type: Opaque

Creating a Secret including that variable, and adding the base domain of our instance can be done running:

  1. Apply rhdh-secrets template:

    oc apply -f ./content/modules/ROOT/examples/exercises/rhdh-secrets.yaml -n rhdh-gitlab

  2. Patch BASEDOMAIN into the secret:

    export BASEDOMAIN=$(oc get ingresscontroller -n openshift-ingress-operator default -o jsonpath='{.status.domain}')
oc patch secret rhdh-secrets -n rhdh-gitlab -p '{"stringData":{"BASEDOMAIN":"'"${BASEDOMAIN}"'"}}'
Since Red Hat Developer Hub 1.6 is not longer required to define base URL for the instance. The operator will calculate the correct value an inject in the default configuration. If you need it, you can still override these settings. More details here.

This is the structure of the app-config-rhdh ConfigMap to customize the configuration of our Red Hat Developer Hub instance:

kind: ConfigMap
apiVersion: v1
metadata:
  name: app-config-rhdh
data:
  app-config-rhdh.yaml: |
    app:
      title: My Red Hat Developer Hub Instance
    backend:
      auth:
        externalAccess:
          - type: legacy
            options:
              subject: legacy-default-config
              secret: ${BACKEND_SECRET}
    auth:
      providers:
        guest:
          dangerouslyAllowOutsideDevelopment: true

Once created the ConfigMap and Secret, we can add them into the developer-hub CR Red Hat Developer Hub manifest:

spec:
  application:
    appConfig:
      configMaps:
      - name: app-config-rhdh
    extraEnvs:
      secrets:
      - name: rhdh-secrets

Or run this:

oc apply -f ./content/modules/ROOT/examples/exercises/rhdh-app-configmap-0.yaml -n rhdh-gitlab
oc apply -f ./content/modules/ROOT/examples/exercises/rhdh-instance-0.yaml -n rhdh-gitlab
Red Hat Developer Hub has a slow startup as it is building and loading the dynamic plugins. Every time we apply a change in the configuration, an automatic redeploy will start, and it will few minutes until the new pod is ready to serve request. Please, be patient after any change before confirming they are correctly applied.

More detailed information about this step here.

Wait for the Red Hat Developer Hub pod to restart and become Ready and confirm the custom app title appears.

Learning outcomes

By completing this module, you should understand:

  • How to create the mandatory BACKEND_SECRET and BASEDOMAIN configuration

  • How to attach app-config and secrets to the Backstage CR

  • How to understand Red Hat Developer Hub restart behavior after configuration changes