44 includes :
55 - " dynamic-plugins.default.yaml"
66 plugins :
7+ # #### Disable upstream lightspeed (replaced by custom DCR builds) #####
8+ - package : oci://ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-lightspeed:bs_1.49.4__2.8.5
9+ disabled : true
10+ - package : oci://ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-lightspeed-backend:bs_1.49.4__2.8.5
11+ disabled : true
12+
13+ # #### OAuth2 consent page plugin (required for DCR) #####
14+ - package : oci://ghcr.io/redhat-developer/rhdh-plugin-export-overlays/backstage-plugin-auth:pr_2498__0.1.6
15+ disabled : false
16+ pluginConfig :
17+ dynamicPlugins :
18+ frontend :
19+ backstage.plugin-auth :
20+ dynamicRoutes :
21+ - path : /oauth2
22+ importName : Router
23+ module : PluginRoot
24+
725 # #### Custom sign in page plugin #####
826 - package : oci://quay.io/redhat-ai-dev/rolling-demo-customized-sign-in-page:v0.1.1
927 disabled : false
@@ -319,7 +337,7 @@ global:
319337 lightspeed :
320338 enabled : true
321339 plugins :
322- - package : oci://ghcr .io/redhat-developer /rhdh-plugin-export-overlays/ red-hat-developer-hub-backstage-plugin-lightspeed:bs_1.49.4__2.8.5
340+ - package : oci://quay .io/maysunfaisal /rhdh-plugin-lightspeed:dcr-0.6.0! red-hat-developer-hub-backstage-plugin-lightspeed
323341 disabled : false
324342 pluginConfig :
325343 dynamicPlugins :
@@ -346,7 +364,7 @@ global:
346364 config :
347365 id : lightspeed
348366 priority : 100
349- - package : oci://ghcr .io/redhat-developer /rhdh-plugin-export-overlays/ red-hat-developer-hub-backstage-plugin-lightspeed-backend:bs_1.49.4__2.8.5
367+ - package : oci://quay .io/maysunfaisal /rhdh-plugin-lightspeed-backend:dcr-0.6.0! red-hat-developer-hub-backstage-plugin-lightspeed-backend
350368 disabled : false
351369 secret :
352370 create : false
@@ -403,6 +421,10 @@ backstage:
403421 licensedUsers : 50
404422 auth :
405423 environment : production
424+ experimentalDynamicClientRegistration :
425+ enabled : true
426+ allowedRedirectUriPatterns :
427+ - ' *'
406428 session :
407429 secret : " ${BACKEND_SECRET}"
408430 providers :
@@ -541,15 +563,22 @@ backstage:
541563 - resolver : emailMatchingUserEntityProfileEmail
542564 lightspeed :
543565 notebooks :
544- enabled : true
566+ enabled : false
545567 queryDefaults :
546- model : ${NOTEBOOKS_QUERY_MODEL}
547- provider_id : ${NOTEBOOKS_QUERY_PROVIDER_ID}
568+ model : " ${NOTEBOOKS_QUERY_MODEL}"
569+ provider_id : " ${NOTEBOOKS_QUERY_PROVIDER_ID}"
548570 mcpServers :
549571 - name : mcp-integration-tools
550- token : ${MCP_TOKEN}
572+ auth : dcr
551573 mcpActions :
552574 namespacedToolNames : false
575+ permission :
576+ enabled : true
577+ rbac :
578+ policies-csv-file : /opt/app-root/src/rbac-policy.csv
579+ admin :
580+ users :
581+ - name : user:default/mfaisal
553582 integrations :
554583 github :
555584 - apps :
@@ -656,6 +685,10 @@ backstage:
656685 extraVolumeMounts :
657686 - name : dynamic-plugins-root
658687 mountPath : /opt/app-root/src/dynamic-plugins-root
688+ - name : rbac-policy
689+ mountPath : /opt/app-root/src/rbac-policy.csv
690+ subPath : rbac-policy.csv
691+ readOnly : true
659692 # tmp backstage volume for scaffolder tasks
660693 - name : backstage-tmp
661694 mountPath : /tmp
@@ -686,6 +719,9 @@ backstage:
686719 emptyDir : {}
687720 - name : extensions-catalog
688721 emptyDir : {}
722+ - name : rbac-policy
723+ configMap :
724+ name : rbac-policy
689725 initContainers :
690726 - name : install-dynamic-plugins
691727 image : ' {{ include "backstage.image" . }}'
0 commit comments