Add Docker compose support

.github/workflows/feature-branch.yml

@@ -68,7 +68,7 @@ jobs:
         env:
           CONTENTS: ${{ secrets.X_GITHUB_APP_CREDS }}
         run: |
-          echo -e "$CONTENTS" > src/app-config.d/github-app-credentials.yaml
+          echo -e "$CONTENTS" > src/app-config.d/credentials/github-app-credentials.yaml
 
       # Couldn't store JSON creds while retaining proper formatting so going to do this in two steps
       - name: Write Google Admin API creds

cfn-parameters.json

@@ -25,7 +25,8 @@
 	"PgPassword": $secrets.POSTGRES_PASSWORD,
 	"AuthGoogleClientId": $secrets.AUTH_GOOGLE_CLIENT_ID,
 	"AuthGoogleClientSecret": $secrets.AUTH_GOOGLE_CLIENT_SECRET,
-	"DnsName": $vars.DNS_NAME,
+	"BackstageAppUrl": $vars.BACKSTAGE_APP_URL,
+	"BackstageBackendUrl": $vars.BACKSTAGE_BACKEND_URL,
 	"ServerlessOpsCatalogApiUrl": $vars.SERVERLESSOPS_CATALOG_API_URL,
 	"ServerlessOpsAuthClientId": $secrets.SERVERLESSOPS_AUTH_CLIENT_ID,
 	"ServerlessOpsAuthClientSecret": $secrets.SERVERLESSOPS_AUTH_CLIENT_SECRET,

src/app-config.home.yaml

@@ -0,0 +1,21 @@
+app:
+  title: Backstage Portal
+  baseUrl: ${BACKSTAGE_APP_URL}
+
+backend:
+  baseUrl: ${BACKSTAGE_BACKEND_URL}
+  database:
+    connection:
+      ssl: null
+
+auth:
+  environment: home
+  providers:
+    guest: null
+    github:
+      home:
+        clientId: ${GITHUB_AUTH_CLIENT_ID}
+        clientSecret: ${GITHUB_AUTH_CLIENT_SECRET}
+        signIn:
+          resolvers:
+            - resolver: emailMatchingUserEntityProfileEmail

src/app-config.production.yaml

@@ -1,19 +1,19 @@
 app:
   # Should be the same as backend.baseUrl when using the `app-backend` plugin.
-  baseUrl: https://${DNS_NAME}
+  baseUrl: ${BACKSTAGE_APP_URL}
 
 backend:
   # Note that the baseUrl should be the URL that the browser and other clients
   # should use when communicating with the backend, i.e. it needs to be
   # reachable not just from within the backend host, but from all of your
   # callers. When its value is "http://localhost:7007", it's strictly private
   # and can't be reached by others.
-  baseUrl: https://${DNS_NAME}
+  baseUrl: ${BACKSTAGE_BACKEND_URL}
   # The listener can also be expressed as a single <host>:<port> string. In this case we bind to
   # all interfaces, the most permissive setting. The right value depends on your specific deployment.
   listen:
     listen: 0.0.0.0 # Bind to all interfaces
-    port: 7007
+    port: ${BACKSTAGE_BACKEND_PORT}
 
   # config options: https://node-postgres.com/apis/client
   database:

src/packages/app/src/App.test.tsx

@@ -14,6 +14,9 @@ describe('App', () => {
             techdocs: {
               storageUrl: 'http://localhost:7007/api/techdocs/static/docs',
             },
+            auth: {
+              environment: 'production'
+            }
           },
           context: 'test',
         },

src/packages/app/src/App.tsx

@@ -39,7 +39,7 @@ import { catalogEntityCreatePermission } from '@backstage/plugin-catalog-common/
 import { ScaffolderFieldExtensions } from '@backstage/plugin-scaffolder-react';
 
 // Added imports
-import { googleAuthApiRef } from '@backstage/core-plugin-api';
+import { configApiRef, githubAuthApiRef, googleAuthApiRef, useApi } from '@backstage/core-plugin-api';
 
 // ServerlessOps Catalog
 import {
@@ -68,23 +68,37 @@ const app = createApp({
     });
   },
   components: {
-    SignInPage: props => (
-      <SignInPage
-        {...props}
-        auto
-        providers={
-          [
+    SignInPage: props => {
+      const configApi = useApi(configApiRef);
+      if (configApi.getString('auth.environment') === 'home') {
+        return (
+          <SignInPage
+            {...props}
+            provider={
+              {
+                id: 'github',
+                title: 'GitHub',
+                message: 'Sign in using GitHub',
+                apiRef: githubAuthApiRef,
+              }
+            }
+          />
+        );
+      }
+      return (
+        <SignInPage
+          {...props}
+          provider={
             {
               id: 'google',
               title: 'Google',
               message: 'Log in with Google',
               apiRef: googleAuthApiRef,
             }
-
-          ]
-        }
-      />
-    ),
+          }
+        />
+      );
+    },
   },
 });
 

src/packages/backend/package.json

@@ -20,7 +20,7 @@
     "@backstage/config": "^1.2.0",
     "@backstage/plugin-app-backend": "^0.3.74",
     "@backstage/plugin-auth-backend": "^0.23.0",
-    "@backstage/plugin-auth-backend-module-github-provider": "^0.2.0",
+    "@backstage/plugin-auth-backend-module-github-provider": "^0.3.4",
     "@backstage/plugin-auth-backend-module-google-provider": "^0.2.0",
     "@backstage/plugin-auth-backend-module-guest-provider": "^0.2.0",
     "@backstage/plugin-auth-node": "^0.5.2",

src/packages/backend/src/index.ts

@@ -21,6 +21,7 @@ backend.add(import('@backstage/plugin-auth-backend'));
 // backend.add(import('@backstage/plugin-auth-backend-module-guest-provider'));
 // See https://backstage.io/docs/auth/guest/provider
 backend.add(import('@backstage/plugin-auth-backend-module-google-provider'));
+backend.add(import('@backstage/plugin-auth-backend-module-github-provider'));
 
 
 // catalog plugin

src/yarn.lock

@@ -3356,6 +3356,28 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/backend-plugin-api@npm:^1.4.0":
+  version: 1.4.0
+  resolution: "@backstage/backend-plugin-api@npm:1.4.0"
+  dependencies:
+    "@backstage/cli-common": "npm:^0.1.15"
+    "@backstage/config": "npm:^1.3.2"
+    "@backstage/errors": "npm:^1.2.7"
+    "@backstage/plugin-auth-node": "npm:^0.6.4"
+    "@backstage/plugin-permission-common": "npm:^0.9.0"
+    "@backstage/plugin-permission-node": "npm:^0.10.1"
+    "@backstage/types": "npm:^1.2.1"
+    "@types/express": "npm:^4.17.6"
+    "@types/json-schema": "npm:^7.0.6"
+    "@types/luxon": "npm:^3.0.0"
+    json-schema: "npm:^0.4.0"
+    knex: "npm:^3.0.0"
+    luxon: "npm:^3.0.0"
+    zod: "npm:^3.22.4"
+  checksum: 10c0/bc8d9743c24ee8624d89fa89c0927658eba3c5f1cd1f8ba8defbcb43a9f949a4a602ef19986d9e69e252f016b642532300327d2f88f3940b32ce8fcec30efd49
+  languageName: node
+  linkType: hard
+
 "@backstage/backend-test-utils@npm:^1.0.0":
   version: 1.2.0
   resolution: "@backstage/backend-test-utils@npm:1.2.0"
@@ -3431,6 +3453,18 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/catalog-client@npm:^1.10.1":
+  version: 1.10.1
+  resolution: "@backstage/catalog-client@npm:1.10.1"
+  dependencies:
+    "@backstage/catalog-model": "npm:^1.7.4"
+    "@backstage/errors": "npm:^1.2.7"
+    cross-fetch: "npm:^4.0.0"
+    uri-template: "npm:^2.0.0"
+  checksum: 10c0/e6664b19d91f8c1b3b60975887c4fc375d684a7729123986b4361f892fbd7599c43e727d83521335ee6d8ae0b216640dc4a8f30885d7e870ed175d0933cead65
+  languageName: node
+  linkType: hard
+
 "@backstage/catalog-client@npm:^1.7.0":
   version: 1.7.0
   resolution: "@backstage/catalog-client@npm:1.7.0"
@@ -3515,6 +3549,18 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/catalog-model@npm:^1.7.4":
+  version: 1.7.4
+  resolution: "@backstage/catalog-model@npm:1.7.4"
+  dependencies:
+    "@backstage/errors": "npm:^1.2.7"
+    "@backstage/types": "npm:^1.2.1"
+    ajv: "npm:^8.10.0"
+    lodash: "npm:^4.17.21"
+  checksum: 10c0/220635c2e9968e22439cce7432cec75e2f9b8ea2ff333c6945ce7a9ea81c5b448a5dce32de69519ac4ab9d707ce9589b675cf602315a5a7edbe27993ae261be4
+  languageName: node
+  linkType: hard
+
 "@backstage/cli-common@npm:^0.1.14":
   version: 0.1.14
   resolution: "@backstage/cli-common@npm:0.1.14"
@@ -3793,6 +3839,17 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/config@npm:^1.3.2":
+  version: 1.3.2
+  resolution: "@backstage/config@npm:1.3.2"
+  dependencies:
+    "@backstage/errors": "npm:^1.2.7"
+    "@backstage/types": "npm:^1.2.1"
+    ms: "npm:^2.1.3"
+  checksum: 10c0/9d3dfac9b359727b727567834c2576cc2af96e149b3a0b45565251b02f2dfda9559ee3719d1eed240f5cae4f6b8bb9babfbffc3a35d2d2d8fbe5c408c41c42e3
+  languageName: node
+  linkType: hard
+
 "@backstage/core-app-api@npm:^1.15.0":
   version: 1.15.0
   resolution: "@backstage/core-app-api@npm:1.15.0"
@@ -4216,6 +4273,16 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/errors@npm:^1.2.7":
+  version: 1.2.7
+  resolution: "@backstage/errors@npm:1.2.7"
+  dependencies:
+    "@backstage/types": "npm:^1.2.1"
+    serialize-error: "npm:^8.0.1"
+  checksum: 10c0/ce04dccc96c49bf121f1de86a589bbe3a613a32f63546b100a9d074bf2cb79c8ba889e1e7ba39c44c717b1bc7dea7654de85b1229fb7e4106e31dd60327c10c1
+  languageName: node
+  linkType: hard
+
 "@backstage/eslint-plugin@npm:^0.1.9":
   version: 0.1.9
   resolution: "@backstage/eslint-plugin@npm:0.1.9"
@@ -4882,6 +4949,18 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/plugin-auth-backend-module-github-provider@npm:^0.3.4":
+  version: 0.3.4
+  resolution: "@backstage/plugin-auth-backend-module-github-provider@npm:0.3.4"
+  dependencies:
+    "@backstage/backend-plugin-api": "npm:^1.4.0"
+    "@backstage/plugin-auth-node": "npm:^0.6.4"
+    passport-github2: "npm:^0.1.12"
+    zod: "npm:^3.22.4"
+  checksum: 10c0/dd61c52690aab16c4769b05cb33a9576fdde17119c67c534f69946f64f2f448553f1fbce67129f6faaadec46a3798de1b51258a4bc4894905446f88bbf360ad6
+  languageName: node
+  linkType: hard
+
 "@backstage/plugin-auth-backend-module-gitlab-provider@npm:^0.2.0":
   version: 0.2.0
   resolution: "@backstage/plugin-auth-backend-module-gitlab-provider@npm:0.2.0"
@@ -5142,6 +5221,29 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/plugin-auth-node@npm:^0.6.4":
+  version: 0.6.4
+  resolution: "@backstage/plugin-auth-node@npm:0.6.4"
+  dependencies:
+    "@backstage/backend-plugin-api": "npm:^1.4.0"
+    "@backstage/catalog-client": "npm:^1.10.1"
+    "@backstage/catalog-model": "npm:^1.7.4"
+    "@backstage/config": "npm:^1.3.2"
+    "@backstage/errors": "npm:^1.2.7"
+    "@backstage/types": "npm:^1.2.1"
+    "@types/express": "npm:^4.17.6"
+    "@types/passport": "npm:^1.0.3"
+    express: "npm:^4.17.1"
+    jose: "npm:^5.0.0"
+    lodash: "npm:^4.17.21"
+    passport: "npm:^0.7.0"
+    zod: "npm:^3.22.4"
+    zod-to-json-schema: "npm:^3.21.4"
+    zod-validation-error: "npm:^3.4.0"
+  checksum: 10c0/597ee8bb1ec234f47300a4a66cdb34240d574a1467ba67c362d931cc277d196f20f685b3ea67b7c2d0b725c739ef850c38cb68edc864a545f7895d2bd5791b2b
+  languageName: node
+  linkType: hard
+
 "@backstage/plugin-auth-react@npm:^0.1.6":
   version: 0.1.6
   resolution: "@backstage/plugin-auth-react@npm:0.1.6"
@@ -5930,6 +6032,39 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/plugin-permission-common@npm:^0.9.0":
+  version: 0.9.0
+  resolution: "@backstage/plugin-permission-common@npm:0.9.0"
+  dependencies:
+    "@backstage/config": "npm:^1.3.2"
+    "@backstage/errors": "npm:^1.2.7"
+    "@backstage/types": "npm:^1.2.1"
+    cross-fetch: "npm:^4.0.0"
+    uuid: "npm:^11.0.0"
+    zod: "npm:^3.22.4"
+    zod-to-json-schema: "npm:^3.20.4"
+  checksum: 10c0/24f5f400d08be016610e93fb8550cccd1c4a5f621e5242cda67b0165ba3ad0a3b425c8d98ea5d1612b4482fec0fa8954a61b7177e52a2f03d3245fbc85bdc15f
+  languageName: node
+  linkType: hard
+
+"@backstage/plugin-permission-node@npm:^0.10.1":
+  version: 0.10.1
+  resolution: "@backstage/plugin-permission-node@npm:0.10.1"
+  dependencies:
+    "@backstage/backend-plugin-api": "npm:^1.4.0"
+    "@backstage/config": "npm:^1.3.2"
+    "@backstage/errors": "npm:^1.2.7"
+    "@backstage/plugin-auth-node": "npm:^0.6.4"
+    "@backstage/plugin-permission-common": "npm:^0.9.0"
+    "@types/express": "npm:^4.17.6"
+    express: "npm:^4.17.1"
+    express-promise-router: "npm:^4.1.0"
+    zod: "npm:^3.22.4"
+    zod-to-json-schema: "npm:^3.20.4"
+  checksum: 10c0/f631192af30f9e7ea6ae39a020d632cf52c8f5a5cf48cdfe61b59658be1fec9f8b8f2c3c6a1e4cf5985789c6eb2f69b078ce1b0dd87bb4fef414d1fc27d73ea3
+  languageName: node
+  linkType: hard
+
 "@backstage/plugin-permission-node@npm:^0.8.3":
   version: 0.8.3
   resolution: "@backstage/plugin-permission-node@npm:0.8.3"
@@ -7325,6 +7460,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@backstage/types@npm:^1.2.1":
+  version: 1.2.1
+  resolution: "@backstage/types@npm:1.2.1"
+  checksum: 10c0/e7ed5ee0c4e6afa997a3885b7851ce51fc8c1c99cec98a2724da79dbc626f3f9055c5c72f097a2e2f762293e74ecd6b5d30617c27c3b27aa9a63a436f07b576d
+  languageName: node
+  linkType: hard
+
 "@backstage/version-bridge@npm:^1.0.10":
   version: 1.0.10
   resolution: "@backstage/version-bridge@npm:1.0.10"
@@ -16273,7 +16415,7 @@ __metadata:
     "@backstage/config": "npm:^1.2.0"
     "@backstage/plugin-app-backend": "npm:^0.3.74"
     "@backstage/plugin-auth-backend": "npm:^0.23.0"
-    "@backstage/plugin-auth-backend-module-github-provider": "npm:^0.2.0"
+    "@backstage/plugin-auth-backend-module-github-provider": "npm:^0.3.4"
     "@backstage/plugin-auth-backend-module-google-provider": "npm:^0.2.0"
     "@backstage/plugin-auth-backend-module-guest-provider": "npm:^0.2.0"
     "@backstage/plugin-auth-node": "npm:^0.5.2"

template.yaml

@@ -114,9 +114,13 @@ Parameters:
     Description: Google OAuth client secret
     NoEcho: true
 
-  DnsName:
+  BackstageAppUrl:
     Type: String
-    Description: DNS name for the application
+    Description: URL of application frontend
+
+  BackstageBackendUrl:
+    Type: String
+    Description: URL of application backend
 
   ServerlessOpsCatalogApiUrl:
     Type: String
@@ -169,8 +173,12 @@ Resources:
               Value: !Ref AuthGoogleClientId
             - Name: AUTH_GOOGLE_CLIENT_SECRET
               Value: !Ref AuthGoogleClientSecret
-            - Name: DNS_NAME
-              Value: !Ref DnsName
+            - Name: BACKSTAGE_APP_URL
+              Value: !Ref BackstageAppUrl
+            - Name: BACKSTAGE_BACKEND_URL
+              Value: !Ref BackstageBackendUrl
+            - Name: BACKSTAGE_BACKEND_PORT
+              Value: !Ref ContainerPort
             - Name: SERVERLESSOPS_CATALOG_API_URL
               Value: !Ref ServerlessOpsCatalogApiUrl
             - Name: SERVERLESSOPS_AUTH_ENDPOINT