Merge branch 'development' into alloy_implementation

template/stacks/core/argocd/values.yaml

@@ -5,6 +5,7 @@ configs:
   params:
     server.insecure: true
     server.basehref: /argocd
+    server.rootpath: /argocd
   cm:
     application.resourceTrackingMethod: annotation
     timeout.reconciliation: 60s
@@ -20,6 +21,7 @@ configs:
         clusters:
         - "*"
     accounts.provider-argocd: apiKey
+    url: https://{{{ .Env.DOMAIN }}}/argocd
   rbac:
     policy.csv: 'g, provider-argocd, role:admin'
 

template/stacks/core/crossplane-providers/provider-kind.yaml

@@ -3,7 +3,7 @@ kind: Provider
 metadata:
   name: provider-kind
 spec:
-  package: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/provider-kind:v0.1.0
+  package: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/provider-kind:v0.1.1
-  packagePullPolicy: IfNotPresent # Only download the package if it isn’t in the cache.
+  packagePullPolicy: IfNotPresent
-  revisionActivationPolicy: Automatic # Otherwise our Provider never gets activate & healthy
+  revisionActivationPolicy: Automatic
   revisionHistoryLimit: 1

template/stacks/core/crossplane-providers/provider-shell.yaml

@@ -3,7 +3,7 @@ kind: Provider
 metadata:
   name: provider-shell
 spec:
-  package: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/provider-shell:v0.1.1
+  package: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/provider-shell:v0.1.5
-  packagePullPolicy: IfNotPresent # Only download the package if it isn’t in the cache.
+  packagePullPolicy: IfNotPresent
-  revisionActivationPolicy: Automatic # Otherwise our Provider never gets activate & healthy
+  revisionActivationPolicy: Automatic
   revisionHistoryLimit: 1

template/stacks/core/ingress-apps/argocd-server.yaml

@@ -4,8 +4,6 @@ metadata:
   annotations:
     nginx.ingress.kubernetes.io/backend-protocol: HTTP
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
-    nginx.ingress.kubernetes.io/rewrite-target: /$2
-    nginx.ingress.kubernetes.io/use-regex: "true"
 {{{ if eq .Env.CLUSTER_TYPE "osc" }}}
     dns.gardener.cloud/class: garden
     dns.gardener.cloud/dnsnames: {{{ .Env.DOMAIN }}}
@@ -24,8 +22,8 @@ spec:
             name: argocd-server
             port:
               number: 80
-        path: /argocd(/|$)(.*)
+        path: /argocd
-        pathType: ImplementationSpecific
+        pathType: Prefix
   tls:
   - hosts:
     - {{{ .Env.DOMAIN }}}

template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/maven-build.yml

@@ -33,7 +33,7 @@ jobs:
         #run: ./mvnw spring-boot:build-image # the original image build
         run: |
           export CONTAINER_REPO=$(echo {% raw %}${{ env.GITHUB_REPOSITORY }}{% endraw %} | tr '[:upper:]' '[:lower:]')
-          ./mvnw com.google.cloud.tools:jib-maven-plugin:3.4.4:build -Djib.allowInsecureRegistries=true -Dimage={{{ .Env.DOMAIN_GITEA }}}/${CONTAINER_REPO}:latest -Djib.to.auth.username={% raw %}${{ github.actor }}{% endraw %} -Djib.to.auth.password={% raw %}${{ secrets.PACKAGES_TOKEN }}{% endraw %} -Djib.from.platforms=linux/arm64,linux/amd64
+          ./mvnw com.google.cloud.tools:jib-maven-plugin:3.4.4:build -Djib.allowInsecureRegistries=true -Dimage={{{ .Env.DOMAIN_GITEA }}}/${CONTAINER_REPO}:latest -Djib.to.auth.username={% raw %}${{ secrets.PACKAGES_USER }}{% endraw %} -Djib.to.auth.password={% raw %}${{ secrets.PACKAGES_TOKEN }}{% endraw %} -Djib.from.platforms=linux/arm64,linux/amd64
       - name: Build image as tar
         run: |
           ./mvnw com.google.cloud.tools:jib-maven-plugin:3.4.4:buildTar -Djib.allowInsecureRegistries=true

template/stacks/ref-implementation/backstage/manifests/install.yaml

@@ -255,6 +255,8 @@ spec:
               value: debug
             - name: NODE_TLS_REJECT_UNAUTHORIZED
               value: "0"
+            - name: NODE_OPTIONS
+              value: "--no-node-snapshot"
           envFrom:
             - secretRef:
                 name: backstage-env-vars
@@ -262,7 +264,7 @@ spec:
                 name: gitea-credentials
             - secretRef:
                 name: argocd-credentials
-          image: ghcr.io/cnoe-io/backstage-app:9232d633b2698fffa6d0a73b715e06640d170162
+          image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/backstage-edp:development
           name: backstage
           ports:
             - containerPort: 7007
@@ -386,7 +388,7 @@ spec:
         KEYCLOAK_NAME_METADATA: https://{{{ .Env.DOMAIN }}}:443/keycloak/realms/cnoe/.well-known/openid-configuration
         KEYCLOAK_CLIENT_SECRET: "{{.BACKSTAGE_CLIENT_SECRET}}"
         ARGOCD_AUTH_TOKEN: "argocd.token={{.ARGOCD_SESSION_TOKEN}}"
-        ARGO_CD_URL: 'https://argocd-server.argocd.svc.cluster.local/api/v1/'
+        ARGO_CD_URL: 'https://{{{ .Env.DOMAIN }}}/argocd/api/v1/'
   data:
     - secretKey: ARGOCD_SESSION_TOKEN
       remoteRef:

template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml

@@ -409,7 +409,7 @@ spec:
               
               ARGOCD_PASSWORD=$(./kubectl -n argocd get secret argocd-initial-admin-secret -o go-template='{{.data.password | base64decode }}')
               
-              ARGOCD_SESSION_TOKEN=$(curl -k -sS http://argocd-server.argocd.svc.cluster.local:443/api/v1/session -H 'Content-Type: application/json' -d "{\"username\":\"admin\",\"password\":\"${ARGOCD_PASSWORD}\"}" | jq -r .token)
+              ARGOCD_SESSION_TOKEN=$(curl -sS https://{{{ .Env.DOMAIN }}}/argocd/api/v1/session -H 'Content-Type: application/json' -d "{\"username\":\"admin\",\"password\":\"${ARGOCD_PASSWORD}\"}" | jq -r .token)
               
               echo \
               "apiVersion: v1