diff --git a/modules/configuring/proc-mounting-additional-files-in-your-custom-configuration-using-rhdh-operator.adoc b/modules/configuring/proc-mounting-additional-files-in-your-custom-configuration-using-rhdh-operator.adoc index 5933c58b4a..8508c9f3a6 100644 --- a/modules/configuring/proc-mounting-additional-files-in-your-custom-configuration-using-rhdh-operator.adoc +++ b/modules/configuring/proc-mounting-additional-files-in-your-custom-configuration-using-rhdh-operator.adoc @@ -40,14 +40,14 @@ data: ---- ==== + -.Minimal `{my-product-secrets}` Secret example +.Minimal {product} Secret example ==== [source,yaml,subs="+attributes,+quotes"] ---- apiVersion: v1 kind: Secret metadata: - name: {my-product-secrets} + name: `__` StringData: secret11.txt: | secret-content @@ -69,9 +69,14 @@ spec: key: file12.txt mountPath: /my/my-rhdh-config-map/path secrets: - - name: {my-product-secrets} + - name: `__` key: secret11.txt mountPath: /my/my-rhdh-secret/path ---- ==== + +[NOTE] +==== +`__` is your preferred {product-short} secret name, specifying the identifier for your secret configuration within {product-short}. +==== diff --git a/modules/configuring/proc-provisioning-your-custom-configuration.adoc b/modules/configuring/proc-provisioning-your-custom-configuration.adoc index 2d9c1365d8..b55374b737 100644 --- a/modules/configuring/proc-provisioning-your-custom-configuration.adoc +++ b/modules/configuring/proc-provisioning-your-custom-configuration.adoc @@ -13,7 +13,7 @@ Your changes on this configuration might get reverted on {product-short} restart * By using the link:https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html-single/cli_tools/index#cli-about-cli_cli-developer-commands[{openshift-cli}], you have access, with developer permissions, to the {ocp-short} cluster aimed at containing your {product-short} instance. .Procedure -. Author your custom `{my-product-secrets}.txt` file to provision your secrets as environment variables values in an {ocp-short} secret, rather than in clear text in your configuration files. +. Author your custom `__.txt` file to provision your secrets as environment variables values in an {ocp-short} secret, rather than in clear text in your configuration files. It contains one secret per line in `KEY=value` form. + * link:{authentication-book-url}[Enter your authentication secrets]. @@ -71,16 +71,21 @@ $ oc create configmap {my-app-config-config-map} --from-file={my-app-config-file + Alternatively, link:https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html-single/nodes/index#nnodes-pods-configmap-create-from-console_configmaps[create the config map by using the web console]. -.. Provision your `{my-product-secrets}.txt` file to the `{my-product-secrets}` secret in the _<{my-product-namespace}>_ project. +.. Provision your `__.txt` file to the `__` secret in the _<{my-product-namespace}>_ project. + [source,terminal,subs="+attributes,+quotes"] ---- -$ oc create secret generic {my-product-secrets} --from-file={my-product-secrets}.txt --namespace={my-product-namespace} +$ oc create secret generic `__` --from-file=`__.txt` --namespace={my-product-namespace} ---- + Alternatively, link:https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html-single/nodes/index#nodes-pods-secrets-creating-web-console-secrets_nodes-pods-secrets[create the secret by using the web console]. +[NOTE] +==== +`__` is your preferred {product-short} secret name, specifying the identifier for your secret configuration within {product-short}. +==== + .Next steps Consider provisioning additional config maps and secrets: diff --git a/modules/configuring/proc-using-the-operator-to-run-rhdh-with-your-custom-configuration.adoc b/modules/configuring/proc-using-the-operator-to-run-rhdh-with-your-custom-configuration.adoc index d5fcea9abb..ca9a346c87 100644 --- a/modules/configuring/proc-using-the-operator-to-run-rhdh-with-your-custom-configuration.adoc +++ b/modules/configuring/proc-using-the-operator-to-run-rhdh-with-your-custom-configuration.adoc @@ -31,7 +31,7 @@ spec: - name: {my-app-config-config-map} extraEnvs: secrets: - - name: {my-product-secrets} + - name: `__` extraFiles: mountPath: /opt/app-root/src replicas: 1 @@ -60,7 +60,7 @@ spec: dynamicPluginsConfigMapName: dynamic-plugins-rhdh extraEnvs: secrets: - - name: {my-product-secrets} + - name: `__` - name: {my-product-database-secrets} extraFiles: mountPath: /opt/app-root/src @@ -136,7 +136,7 @@ spec: `spec.application.extraEnvs.secrets`::: Enter your environment variables secret name list. + -.Inject the environment variables in your `{my-product-secrets}` secret +.Inject the environment variables in your {product} secret ==== [source,yaml,subs="+attributes,+quotes"] ---- @@ -144,11 +144,11 @@ spec: application: extraEnvs: secrets: - - name: {my-product-secrets} + - name: `__` ---- ==== + -.Inject the environment variables in the `{my-product-secrets}` and `{my-product-database-secrets}` secrets +.Inject the environment variables in the {product} and `{my-product-database-secrets}` secrets ==== [source,yaml,subs="+attributes,+quotes"] ---- @@ -156,11 +156,16 @@ spec: application: extraEnvs: secrets: - - name: {my-product-secrets} + - name: `__` - name: {my-product-database-secrets} ---- ==== +[NOTE] +==== +`__` is your preferred {product-short} secret name, specifying the identifier for your secret configuration within {product-short}. +==== + `spec.application.extraFiles.secrets`::: Enter your certificates files secret name and files list. + diff --git a/modules/customizing/proc-customizing-the-backend-secret.adoc b/modules/customizing/proc-customizing-the-backend-secret.adoc index 06ce1d3a62..1e82ace817 100644 --- a/modules/customizing/proc-customizing-the-backend-secret.adoc +++ b/modules/customizing/proc-customizing-the-backend-secret.adoc @@ -10,16 +10,15 @@ You can define your custom {product-short} backend secret. .Procedure -. To define the {product-short} backend secret, -add to your custom `{my-product-secrets}.txt` file the `BACKEND_SECRET` environment variable with a base64 encoded string. +. To define the {product-short} backend secret, add to your custom `__.txt` file the `BACKEND_SECRET` environment variable with a base64 encoded string. Use a unique value for each {product-short} instance. + -[source,terminal,subs="+attributes"] +[source,yaml,subs="+quotes,+attributes"] ---- -$ echo > {my-product-secrets}.txt "BACKEND_SECRET=$(node -p 'require("crypto").randomBytes(24).toString("base64")')" +$ echo > `__.txt` "BACKEND_SECRET=$(node -p 'require("crypto").randomBytes(24).toString("base64")')" ---- + -.`{my-product-secrets}.txt` example +.`__.txt` example ---- BACKEND_SECRET=3E2/rIPuZNFCtYHoxVP8wjriffnN1q/z ---- diff --git a/modules/dynamic-plugins/proc-config-dynamic-plugins-rhdh-operator.adoc b/modules/dynamic-plugins/proc-config-dynamic-plugins-rhdh-operator.adoc index dcf296b97a..37771195ac 100644 --- a/modules/dynamic-plugins/proc-config-dynamic-plugins-rhdh-operator.adoc +++ b/modules/dynamic-plugins/proc-config-dynamic-plugins-rhdh-operator.adoc @@ -10,7 +10,7 @@ You can store the configuration for dynamic plugins in a `ConfigMap` object that [NOTE] ==== -If the `pluginConfig` field references environment variables, you must define the variables in your {my-product-secrets} secret. +If the `pluginConfig` field references environment variables, you must define the variables in your `__` secret. ==== .Procedure diff --git a/modules/installation/proc-configuring-an-rhdh-instance-with-tls-in-kubernetes.adoc b/modules/installation/proc-configuring-an-rhdh-instance-with-tls-in-kubernetes.adoc index a428787963..8d72f35183 100644 --- a/modules/installation/proc-configuring-an-rhdh-instance-with-tls-in-kubernetes.adoc +++ b/modules/installation/proc-configuring-an-rhdh-instance-with-tls-in-kubernetes.adoc @@ -119,8 +119,8 @@ data: <1> The base URL to the Kubernetes control plane. You can run the `kubectl cluster-info` command to get the base URL. <2> Set the value of this parameter to `false` to enable the verification of the TLS certificate. <3> Optional: The link to the Kubernetes dashboard managing the ARO cluster. -<4> Optional: Pass the service account token using a `K8S_SERVICE_ACCOUNT_TOKEN` environment variable that you can define in your {my-product-secrets} secret. -<5> Pass the CA data using a `K8S_CONFIG_CA_DATA` environment variable that you can define in your {my-product-secrets} secret. +<4> Optional: Pass the service account token using a `K8S_SERVICE_ACCOUNT_TOKEN` environment variable that you define in your `__` secret. +<5> Pass the CA data using a `K8S_CONFIG_CA_DATA` environment variable that you define in your `__` secret. . Save the configuration changes. diff --git a/modules/installation/proc-deploy-rhdh-instance-eks.adoc b/modules/installation/proc-deploy-rhdh-instance-eks.adoc index 8f4646deb6..fc585e4c48 100644 --- a/modules/installation/proc-deploy-rhdh-instance-eks.adoc +++ b/modules/installation/proc-deploy-rhdh-instance-eks.adoc @@ -44,7 +44,7 @@ data: ---- -- -. Create a Secret named `{my-product-secrets}` and add a key named `BACKEND_SECRET` with a `Base64-encoded` string as value: +. Create a {product} secret and add a key named `BACKEND_SECRET` with a `Base64-encoded` string as value: + -- [source,yaml,subs="+attributes,+quotes"] @@ -52,11 +52,12 @@ data: apiVersion: v1 kind: Secret metadata: - name: {my-product-secrets} + name: `__` <1> stringData: # TODO: See https://backstage.io/docs/auth/service-to-service-auth/#setup BACKEND_SECRET: "xxx" ---- +<1> `__` is your preferred {product-short} secret name, where `__` specifies the unique identifier for your secret configuration within {product-short}. [IMPORTANT] ==== @@ -103,8 +104,9 @@ spec: - name: "app-config-rhdh" extraEnvs: secrets: - - name: {my-product-secrets} + - name: `__` <1> ---- +<1> `__` is your preferred {product-short} secret name, where `__` specifies the identifier for your secret configuration within {product-short}. -- . Create an Ingress resource using the following template, ensuring to customize the names as needed: diff --git a/modules/installation/proc-deploy-rhdh-instance-gke.adoc b/modules/installation/proc-deploy-rhdh-instance-gke.adoc index 2ce7618cfe..d636a5b035 100644 --- a/modules/installation/proc-deploy-rhdh-instance-gke.adoc +++ b/modules/installation/proc-deploy-rhdh-instance-gke.adoc @@ -45,20 +45,20 @@ data: ---- -- -. Create a Secret named {my-product-secret} and add a key named `BACKEND_SECRET` with a `Base64-encoded` string as value: +. Create a `__` secret and add a key named `BACKEND_SECRET` with a `Base64-encoded` string value as shown in the following example: + -- -.{my-product-secrets} fragment -[source,yaml] +[source,yaml,subs="+quotes,+attributes"] ---- apiVersion: v1 kind: Secret metadata: - name: {my-product-secret} + name: `__` <1> stringData: # TODO: See https://backstage.io/docs/auth/service-to-service-auth/#setup BACKEND_SECRET: "xxx" ---- +<1> `__` is your preferred {product-short} secret name, where `__` specifies the identifier for your secret configuration within {product-short}. [IMPORTANT] ==== @@ -88,7 +88,7 @@ kubectl patch serviceaccount default \ + -- .Custom resource fragment -[source,yaml,subs="attributes+"] +[source,yaml,subs="+quotes,+attributes"] ---- apiVersion: rhdh.redhat.com/v1alpha3 kind: Backstage @@ -106,14 +106,14 @@ spec: - name: "app-config-rhdh" extraEnvs: secrets: - - name: {my-product-secret} + - name: `__` <1> ---- +<1> `__` is your preferred {product-short} secret name, where `__` specifies the identifier for your secret configuration within {product-short}. -- -. Set up a Google-managed certificate by creating a `ManagedCertificate` object which you must attach to the Ingress. +. Set up a Google-managed certificate by creating a `ManagedCertificate` object which you must attach to the Ingress as shown in the following example: + -- -.Example of a `ManagedCertificate` object [source,yaml,subs="attributes+"] ---- apiVersion: networking.gke.io/v1 diff --git a/modules/installation/proc-rhdh-deploy-aks-operator.adoc b/modules/installation/proc-rhdh-deploy-aks-operator.adoc index 83fb8d646d..8eb34f16de 100644 --- a/modules/installation/proc-rhdh-deploy-aks-operator.adoc +++ b/modules/installation/proc-rhdh-deploy-aks-operator.adoc @@ -114,24 +114,25 @@ data: ---- -- -. Create a Secret named {my-product-secrets} and add a key named `BACKEND_SECRET` with a `Base64-encoded` string value as shown in the following example: +. Create a `__` secret and add a key named `BACKEND_SECRET` with a `Base64-encoded` string value as shown in the following example: + -- -[source,yaml] +[source,yaml,subs="+attributes,+quotes"] ---- apiVersion: v1 kind: Secret metadata: - name: {my-product-secret} + name: `__` <1> stringData: BACKEND_SECRET: "xxx" ---- +<1> `__` is your preferred {product-short} secret name, where `__` specifies the identifier for your secret configuration within {product-short}. -- . Create your `{product-custom-resource-type}` custom resource (CR) manifest file named `rhdh.yaml` and include the previously created `rhdh-pull-secret` as follows: + -- -[source,yaml] +[source,yaml,subs="+attributes,+quotes"] ---- apiVersion: rhdh.redhat.com/v1alpha3 kind: Backstage @@ -146,8 +147,9 @@ spec: - name: "app-config-rhdh" extraEnvs: secrets: - - name: {my-product-secret} + - name: `__` <1> ---- +<1> `__` is your preferred {product-short} secret name, where `__` specifies the identifier for your secret configuration within {product-short}. -- . Apply the CR manifest to your namespace: