Skip to content

Second round of updates for the Backstage quickstart#57

Merged
bgood merged 29 commits intomainfrom
backstage-qs-updates-2
Jul 16, 2025
Merged

Second round of updates for the Backstage quickstart#57
bgood merged 29 commits intomainfrom
backstage-qs-updates-2

Conversation

@bgood
Copy link
Collaborator

@bgood bgood commented Jul 8, 2025

The major updates in this round include:

  • Code to build and deploy the container images
  • Documentation to guide readers on how to update Cloud SQL and deploy the Kubernetes manifests
  • Templatization of the Kubernetes manifests and application configs

@bgood bgood requested review from aburhan, gushob21 and prev-dev July 8, 2025 20:40
@aburhan
Copy link

aburhan commented Jul 9, 2025

@bgood

Running terraform apply resulted in the follow issue.

  1. APIs that need to be enabled:
  • sqladmin.googleapis.com (Cloud SQL Admin API)
  • compute.googleapis.com (Compute Engine API)
  • iam.googleapis.com (Identity and Access Management API)
  • iap.googleapis.com (Cloud Identity-Aware Proxy API)
  • cloudresourcemanager.googleapis.com (Cloud Resource Manager API)
  • autoscaling.googleapis.com (Autoscaling API)
  • containerfilesystem.googleapis.com (Container Filesystem API)

  1. Deprecation warning (FYI)
    "Warning: Deprecated Resource

    │ with google_iap_brand.backstageIapBrand,
    │ on iap.tf line 15, in resource "google_iap_brand" "backstageIapBrand":
    │ 15: resource "google_iap_brand" "backstageIapBrand" {

    │ after July 2025, the google_iap_brand Terraform resource will no longer function as intended due to the deprecation of the IAP OAuth Admin API"

    this says it must be setup in the console...Deprecation of IAP OAuth Admin API hashicorp/terraform-provider-google#21378

  2. Readme step 6 has a typo

    gcloud container clusters get-credentials backstage-qs --region us-central1 --dns-endpoint   # this should be--dns-endpoint

@bgood
Copy link
Collaborator Author

bgood commented Jul 9, 2025

@aburhan Thank you!

  1. The list of APIs that get enabled are in variables.tf and they are enabled in project.tf. IAM was missing but I've added it to the list. The others were there but because they are enabled async, there are race conditions in the Terraform, I haven't tracked down yet. Figured we could take care of that in a different PR.
  2. Good catch, let's discuss.
  3. Good catch, fixed.

@bgood
Copy link
Collaborator Author

bgood commented Jul 10, 2025

@aburhan For your second point of feedback. I added a gcloud command to create the brand and then calculate the brand name in Terraform, so we should be good now for that deprecation. @gushob21 thanks for the pointers.

@aburhan
Copy link

aburhan commented Jul 15, 2025

@bgood

I got it up and running there just one required update and one nit update.

issue fix/error
Instruction “4. Set the configuration variables" instruction doesn't isn't setting the YOUR_IAP_SUPPORT_EMAIL Add: sed -i "s/YOUR_IAP_SUPPORT_EMAIL/${IAP_SUPPORT_EMAIL}/g" ${BACKSTAGE_QS_BASE_DIR}/backstage-qs.auto.tfvars
Initial run of the terraform results in errors. Rerunning the terraform usually resolves Add a note in the instructions to run terraform again if they experience the issue or add it depends_on clause in terraform.

gushob21
gushob21 reviewed Jul 15, 2025
View reviewed changes
Copy link
Collaborator

@gushob21 gushob21 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have not run the architecture , assuming that it works, made just one comment :)

gushob21
gushob21 previously approved these changes Jul 16, 2025
View reviewed changes
@bgood bgood merged commit 5338598 into main Jul 16, 2025
1 check passed
@bgood bgood deleted the backstage-qs-updates-2 branch July 16, 2025 20:18
bgood added a commit that referenced this pull request Jul 22, 2025
@bgood @prev-dev
Second round of updates for the Backstage quickstart (#57)
d7b1306 
* Starting to add in db.

* Create cloudbuild.yaml

* Fixing the default AR Repo to align with the default value from Terraform.

* Adding resource to create an ssl cert.

* some fixes from testing.

* Organizing and adding in manifests.

* Cleaning up headers.

* back merging in changes from debugging.

* fixing issues found in testing up to terraform plan

* Migrating over more fixes and documenation updates from testing.

* Cleaning up linting errors.

* chore: update documentation site

* Fixing a typo in the gke credentials command.

* chore: update documentation site

* Alphabetizing and adding the iam api.

* Fixes for the IAP brand Terraform resource deprecation.

* chore: update documentation site

* Fixing the list numbers.

* .... and tf format.

* Linter.

* First cut at the IAP auth provider.

* linter

* chore: update documentation site

* Fixes from testing and handling of the IAP Client resource deprecation.

* Linter run.

* chore: update documentation site

* Adding feedback from Ameenah.

* chore: update documentation site

---------

Co-authored-by: Paul Revello <prev@google.com>
Co-authored-by: bgood <1019754+bgood@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gushob21 gushob21 gushob21 left review comments

@prev-dev prev-dev Awaiting requested review from prev-dev

+1 more reviewer

@aburhan aburhan aburhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bgood @aburhan @gushob21 @prev-dev