RHIDP-7472 - Modularize plugins content in artifacts/rhdh-plugins-reference

Gerry-Forde · Gerry-Forde · commit 9c8c7b81cf90 · 2025-09-03T17:25:47.000+01:00
diff --git a/assemblies/dynamic-plugins/assembly-configuring-rhdh-plugins.adoc b/assemblies/dynamic-plugins/assembly-configuring-rhdh-plugins.adoc
@@ -1,25 +1,25 @@
 [id="rhdh-configuring-rhdh-plugins_{context}"]
 = Configuring dynamic plugins in {product}
 
-// Ansible
+// Ansible - no-change
 include::../modules/dynamic-plugins/con-ansible-plugin-admin.adoc[leveloffset=+1]
 
-// Argo CD
+// Argo CD - modularized
 include::assembly-installing-configuring-argo-cd.adoc[leveloffset=+1]
 
-//JFrog Artifactory
+// JFrog Artifactory
 include::../../artifacts/rhdh-plugins-reference/jfrog-artifactory/jfrog-artifactory-plugin-admin.adoc[leveloffset=+1]
 
-// Keycloak
-include::../../artifacts/rhdh-plugins-reference/keycloak/keycloak-plugin-admin.adoc[leveloffset=+1]
+// Keycloak - modularized
+include::assembly-enabling-configuring-keycloak.adoc[leveloffset=+1]
 
-// Nexus
-include::../../artifacts/rhdh-plugins-reference/nexus-repository-manager/nexus-repository-manager-plugin-admin.adoc[leveloffset=+1]
+// Nexus - modularized
+include::assembly-enabling-configuring-nexus.adoc[leveloffset=+1]
 
-// Tekton
-include::../../artifacts/rhdh-plugins-reference/tekton/tekton-plugin-admin.adoc[leveloffset=+1]
+// Tekton - modularized
+include::../../modules/dynamic-plugins/proc-enabling-the-tekton-plugin.adoc[leveloffset=+1]
 
-// Topology
+// Topology - no-change
 include::../dynamic-plugins/assembly-install-topology-plugin.adoc[leveloffset=+1]
 
 // Overriding Core Backend Service Configuration
diff --git a/assemblies/dynamic-plugins/assembly-enabling-configuring-keycloak.adoc b/assemblies/dynamic-plugins/assembly-enabling-configuring-keycloak.adoc
@@ -0,0 +1,18 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="assembly-enabling-configuring-the-keycloak-plugin_{context}"]
+= Enabling and configuring the Keycloak plugin
+:context: assembly-installing-configuring-keycloak
+
+The Keycloak backend plugin, which integrates Keycloak into {product-short}, has the following capabilities:
+
+* Synchronization of Keycloak users in a realm.
+* Synchronization of Keycloak groups and their users in a realm.
+
+[NOTE]
+====
+The supported {rhbk-brand-name} ({rhbk}) version is `{keycloak-version}`.
+====
+
+include::../modules/dynamic-plugins/proc-enabling-the-keycloak-plugin.adoc[leveloffset=+1]
+
+include::../modules/dynamic-plugins/ref-configuring-the-keycloak-plugin.adoc[leveloffset=+1]
diff --git a/assemblies/dynamic-plugins/assembly-enabling-configuring-nexus.adoc b/assemblies/dynamic-plugins/assembly-enabling-configuring-nexus.adoc
@@ -0,0 +1,21 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="assembly-enabling-configuring-the-nexus-plugin_{context}"]
+= Enabling and configuring the Nexus Repository Manager plugin
+:context: assembly-installing-configuring-nexus
+
+The Nexus Repository Manager plugin displays the information about your build artifacts in your {product-short} application. The build artifacts are available in the Nexus Repository Manager.
+
+[IMPORTANT]
+====
+The Nexus Repository Manager plugin is a Technology Preview feature only.
+
+Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend using them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
+
+For more information on Red Hat Technology Preview features, see https://access.redhat.com/support/offerings/techpreview/[Technology Preview Features Scope].
+
+Additional detail on how Red Hat provides support for bundled community dynamic plugins is available on the https://access.redhat.com/policy/developerhub-support-policy[Red Hat Developer Support Policy] page.
+====
+
+include::../modules/dynamic-plugins/proc-enabling-the-nexus-plugin.adoc[leveloffset=+1]
+
+include::../modules/dynamic-plugins/proc-configuring-the-nexus-plugin.adoc[leveloffset=+1]
diff --git a/modules/dynamic-plugins/proc-configuring-the-nexus-plugin.adoc b/modules/dynamic-plugins/proc-configuring-the-nexus-plugin.adoc
@@ -0,0 +1,47 @@
+:_mod-docs-content-type: PROCEDURE
+[id="configuring-the-nexus-plugin_{context}"]
+= Configuring the Nexus Repository Manager plugin
+
+. Set the proxy to the desired Nexus Repository Manager server in the `app-config.yaml` file as follows:
++
+[source,yaml]
+----
+proxy:
+    '/nexus-repository-manager':
+    target: 'https://<NEXUS_REPOSITORY_MANAGER_URL>'
+    headers:
+        X-Requested-With: 'XMLHttpRequest'
+        # Uncomment the following line to access a private Nexus Repository Manager using a token
+        # Authorization: 'Bearer <YOUR TOKEN>'
+    changeOrigin: true
+    # Change to "false" in case of using self hosted Nexus Repository Manager instance with a self-signed certificate
+    secure: true
+----
+
+. Optional: Change the base URL of Nexus Repository Manager proxy as follows:
++
+[source,yaml]
+----
+nexusRepositoryManager:
+    # default path is `/nexus-repository-manager`
+    proxyPath: /custom-path
+----
+
+. Optional: Enable the following experimental annotations:
++
+[source,yaml]
+----
+nexusRepositoryManager:
+    experimentalAnnotations: true
+----
+
+. Annotate your entity using the following annotations:
++
+[source,yaml]
+----
+metadata:
+    annotations:
+    # insert the chosen annotations here
+    # example
+    nexus-repository-manager/docker.image-name: `<ORGANIZATION>/<REPOSITORY>`,
+----
diff --git a/modules/dynamic-plugins/proc-enabling-the-keycloak-plugin.adoc b/modules/dynamic-plugins/proc-enabling-the-keycloak-plugin.adoc
@@ -0,0 +1,29 @@
+[id="proc-enabling-the-keycloak-plugin"]
+= Enabling the Keycloak plugin
+
+.Prerequisites
+* To enable the Keycloak plugin, you must set the following environment variables:
+
+** `KEYCLOAK_BASE_URL`
+
+** `KEYCLOAK_LOGIN_REALM`
+
+** `KEYCLOAK_REALM`
+
+** `KEYCLOAK_CLIENT_ID`
+
+** `KEYCLOAK_CLIENT_SECRET`
+
+.Procedure
+. The Keycloak plugin is pre-loaded in {product-short} with basic configuration properties. To enable it, set the `disabled` property to `false` as follows:
++
+[source,yaml]
+----
+global:
+  dynamic:
+    includes:
+      - dynamic-plugins.default.yaml
+    plugins:
+      - package: ./dynamic-plugins/dist/backstage-community-plugin-catalog-backend-module-keycloak-dynamic
+        disabled: false
+----
diff --git a/modules/dynamic-plugins/proc-enabling-the-nexus-plugin.adoc b/modules/dynamic-plugins/proc-enabling-the-nexus-plugin.adoc
@@ -0,0 +1,16 @@
+:_mod-docs-content-type: PROCEDURE
+[id="enabling-the-nexus-plugin_{context}"]
+= Enabling the Nexus Repository Manager plugin
+
+The Nexus Repository Manager plugin is pre-loaded in {product-short} with basic configuration properties. To enable it, set the disabled property to `false` as follows:
+
+[source,yaml]
+----
+global:
+  dynamic:
+    includes:
+      - dynamic-plugins.default.yaml
+    plugins:
+      - package: ./dynamic-plugins/dist/backstage-community-plugin-nexus-repository-manager
+        disabled: false
+----
diff --git a/modules/dynamic-plugins/proc-enabling-the-tekton-plugin.adoc b/modules/dynamic-plugins/proc-enabling-the-tekton-plugin.adoc
@@ -0,0 +1,140 @@
+[id="proc-enabling-the-tekton-plugin"]
+= Enabling the Tekton plugin
+
+You can use the Tekton plugin to visualize the results of CI/CD pipeline runs on your Kubernetes or OpenShift clusters. The plugin allows users to visually see high level status of all associated tasks in the pipeline for their applications.
+
+.Prerequisites
+* You have installed and configured the `@backstage/plugin-kubernetes` and `@backstage/plugin-kubernetes-backend` dynamic plugins.
+//For more information about installing dynamic plugins, see xref:rhdh-installing-dynamic-plugins[].
+//Cannot xref across titles. Convert xref to a link.
+
+* You have configured the Kubernetes plugin to connect to the cluster using a `ServiceAccount`.
+
+* The `ClusterRole` must be granted for custom resources (PipelineRuns and TaskRuns) to the `ServiceAccount` accessing the cluster.
++
+[NOTE]
+If you have the RHDH Kubernetes plugin configured, then the `ClusterRole` is already granted.
+
+* To view the pod logs, you have granted permissions for `pods/log`.
+
+* You can use the following code to grant the `ClusterRole` for custom resources and pod logs:
++
+--
+[source,yaml]
+----
+kubernetes:
+   ...
+   customResources:
+     - group: 'tekton.dev'
+       apiVersion: 'v1'
+       plural: 'pipelineruns'
+     - group: 'tekton.dev'
+       apiVersion: 'v1'
+
+
+ ...
+  apiVersion: rbac.authorization.k8s.io/v1
+  kind: ClusterRole
+  metadata:
+    name: backstage-read-only
+  rules:
+    - apiGroups:
+        - ""
+      resources:
+        - pods/log
+      verbs:
+        - get
+        - list
+        - watch
+    ...
+    - apiGroups:
+        - tekton.dev
+      resources:
+        - pipelineruns
+        - taskruns
+      verbs:
+        - get
+        - list
+----
+--
++
+You can use the prepared manifest for a read-only `ClusterRole`, which provides access for both Kubernetes plugin and Tekton plugin.
+
+* Add the following annotation to the entity's `catalog-info.yaml` file to identify whether an entity contains the Kubernetes resources:
++
+--
+[source,yaml]
+----
+annotations:
+  ...
+
+  backstage.io/kubernetes-id: <BACKSTAGE_ENTITY_NAME>
+----
+--
+
+* You can also add the `backstage.io/kubernetes-namespace` annotation to identify the Kubernetes resources using the defined namespace.
++
+--
+[source,yaml]
+----
+annotations:
+  ...
+
+  backstage.io/kubernetes-namespace: <RESOURCE_NS>
+----
+--
+
+* Add the following annotation to the `catalog-info.yaml` file of the entity to enable the Tekton related features in RHDH. The value of the annotation identifies the name of the RHDH entity:
++
+--
+[source,yaml]
+----
+annotations:
+  ...
+
+  janus-idp.io/tekton : <BACKSTAGE_ENTITY_NAME>
+----
+--
+
+* Add a custom label selector, which RHDH uses to find the Kubernetes resources. The label selector takes precedence over the ID annotations.
++
+--
+[source,yaml]
+----
+annotations:
+  ...
+
+  backstage.io/kubernetes-label-selector: 'app=my-app,component=front-end'
+----
+--
+
+* Add the following label to the resources so that the Kubernetes plugin gets the Kubernetes resources from the requested entity:
++
+--
+[source,yaml]
+----
+labels:
+  ...
+
+  backstage.io/kubernetes-id: <BACKSTAGE_ENTITY_NAME>
+----
+--
++
+[NOTE]
+When you use the label selector, the mentioned labels must be present on the resource.
+
+.Procedure
+* The Tekton plugin is pre-loaded in RHDH with basic configuration properties. To enable it, set the disabled property to false as follows:
++
+--
+[source,yaml]
+----
+global:
+  dynamic:
+    includes:
+      - dynamic-plugins.default.yaml
+    plugins:
+      - package: ./dynamic-plugins/dist/backstage-community-plugin-tekton
+        disabled: false
+----
+--
diff --git a/modules/dynamic-plugins/ref-configuring-the-keycloak-plugin.adoc b/modules/dynamic-plugins/ref-configuring-the-keycloak-plugin.adoc
