github.com/SamarSidharth/kpt@v0.0.0-20231122062228-c7d747ae3ace/site/guides/porch-ui-installation.md (about) 1 # Accessing the Configuration as Data UI 2 3 You can access the Configuration as Data UI UI either by running the UI on a 4 cluster or integrating the UI into an existing Backstage installation. 5 6 ## Prerequisites 7 8 To access the Configuration as Data UI, you will need: 9 10 - [Porch](guides/porch-installation.md) installed on a Kubernetes cluster 11 - [kubectl](https://kubernetes.io/docs/tasks/tools/) targeting the Kubernetes 12 cluster with Porch installed 13 - [kpt CLI](https://kpt.dev/installation/kpt-cli) installed 14 15 ## Running on a GKE cluster 16 17 This setup assumes that you have a GKE cluster up and running with Porch installed, and that 18 your current kube context is set to that GKE cluster. We would welcome contributions or feedback 19 from people that have set this up in other clouds outside of GKE. 20 21 First, create a namespace called `backstage`: 22 23 ```sh 24 kubectl create namespace backstage 25 ``` 26 27 Second, Google OAuth Credentials will need to be created to allow the UI to use 28 Google authentication to authenticate users with the UI and to the Kubernetes 29 API Server. 30 31 To create the Google OAuth Credentials: 32 33 1. Sign in to the [Google Console](https://console.cloud.google.com) 34 2. Select or create a new project from the dropdown menu on the top bar 35 3. Navigate to 36 [APIs & Services > Credentials](https://console.cloud.google.com/apis/credentials) 37 4. Click **Create Credentials** and choose `OAuth client ID` 38 5. Configure an OAuth consent screen, if required 39 - For scopes, select `openid`, `auth/userinfo.email`, 40 `auth/userinfo.profile`, and `auth/cloud-platform`. 41 - Add any users that will want access to the UI if using External user type 42 6. Set **Application Type** to `Web Application` with these settings: 43 - `Name`: Config as Data UI (or any name you prefer) 44 - `Authorized JavaScript origins`: http://localhost:7007 45 - `Authorized redirect URIs`: 46 http://localhost:7007/api/auth/google/handler/frame 47 7. Click Create 48 8. Copy the Client ID and Client secret displayed 49 50 We will now need to add the credentials as a secret to the cluster. Be sure to 51 replace the PLACEHOLDER values prior to executing: 52 53 ```sh 54 kubectl create secret generic -n backstage cad-google-oauth-client --from-literal=client-id=CLIENT_ID_PLACEHOLDER --from-literal=client-secret=CLIENT_SECRET_PLACEHOLDER 55 ``` 56 57 Next, find a published image in the 58 [kpt-dev/kpt-backstage-plugins container registry](https://console.cloud.google.com/gcr/images/kpt-dev/global/kpt-backstage-plugins/backstage-plugin-cad?project=kpt-dev). 59 For this example, we will use 60 `gcr.io/kpt-dev/kpt-backstage-plugins/backstage-plugin-cad:v0.1.3`. 61 62 Now, run the following command to set up the backstage deployment and service. 63 Change the image name and tag in the `newName` and `newTag` flags in the below 64 `kpt fn eval` command to the ones you would like to use: 65 66 ```sh 67 echo " 68 apiVersion: apps/v1 69 kind: Deployment 70 metadata: 71 name: backstage 72 namespace: backstage 73 spec: 74 replicas: 1 75 selector: 76 matchLabels: 77 app: backstage 78 template: 79 metadata: 80 labels: 81 app: backstage 82 spec: 83 containers: 84 - name: backstage 85 image: backstage 86 ports: 87 - name: http 88 containerPort: 7007 89 env: 90 - name: AUTH_GOOGLE_CLIENT_ID 91 valueFrom: 92 secretKeyRef: 93 name: cad-google-oauth-client 94 key: client-id 95 optional: false 96 - name: AUTH_GOOGLE_CLIENT_SECRET 97 valueFrom: 98 secretKeyRef: 99 name: cad-google-oauth-client 100 key: client-secret 101 optional: false 102 --- 103 apiVersion: v1 104 kind: Service 105 metadata: 106 name: backstage 107 namespace: backstage 108 spec: 109 selector: 110 app: backstage 111 ports: 112 - name: http 113 port: 7007 114 targetPort: http 115 " | kpt fn eval "" -o unwrap --image set-image:v0.1.0 -- \ 116 name=backstage newName=gcr.io/kpt-dev/kpt-backstage-plugins/backstage-plugin-cad newTag=v0.1.3 | \ 117 kubectl apply -f - 118 ``` 119 120 In your cluster, confirm the backstage deployment is ready and available: 121 122 ```sh 123 kubectl get deployment -n backstage backstage 124 ``` 125 126 Forward port 7007 locally to access backstage. It is important that you do not map this port to another port 127 as this will cause Backstage and the OAuth client to fail. 128 129 ```sh 130 kubectl port-forward --namespace=backstage svc/backstage 7007 131 ``` 132 133 Open the plugin by browsing to `localhost:7007/config-as-data`. On the plugin, you will need to sign in to your 134 Google account so that the plugin can access your GKE cluster. 135 136 ## Running in Backstage 137 138 This setup is intended for those installing the plugin into existing backstage deployments. 139 140 The Configuration as Data UI can be added to an existing 141 [Backstage](https://backstage.io) application by following the instructions on 142 the 143 [Configuration as Data Plugin README](https://github.com/GoogleContainerTools/kpt-backstage-plugins/tree/main/plugins/cad/README.md).