Activity: Synchronize User & Group Entities

You previously learned that the Software Catalog contains Entities, and saw a sample appConfig that contained a catalog.locations configuration. That example configuration imported entities from a file located in a Git repository. This pattern is known as a static configuration. Red Hat Developer Hub will occasionally poll for updates to the specified file locations and update the Entities in the Software Catalog accordingly.

Another option for importing and synchronizing Entities is via providers. Providers are typically provided by way of plugins, and are configured using the catalog.providers entry in the appConfig. Let’s use the Keycloak plugin to synchronize Users and Groups to your Software Catalog.

  1. View your values.yaml file in the developer-hub-config repository.

  2. Select Edit > Edit single file. When prompted, login as (pe1/{common_password})

  3. You will find the janus-idp-backstage-plugin-keycloak-backend-dynamic package under the dynamic.plugins field that is set disabled: false. This means that, this plugin has been enabled in your installation.

    keycloak dynamic plugin

  4. Uncomment the keycloakOrg configuration within the appConfig.catalog.providers block (look for --- KEYCLOAK_CATALOG_PROVIDERS ---, highlight the block, then press CMD + / or CTRL + /).

    keycloak commented block

This block of configuration instructs the Keycloak provider to synchronize Users and Groups from the specified Keycloak Realm to the Software Catalog. Doing so will enable developers and platform engineers to associate Users and Groups with Entities in the Software Catalog - very useful for finding out which individual or team is responsible for a particular microservice or database, for example.

  1. Scroll down and enter a commit message: feat: enable the keycloak catalog provider

  2. Click the Commit button.

  3. Visit the backstage Application in OpenShift GitOps and click Refresh.

    If needed, login using admin/{openshift_gitops_password}.

    ArgoCD has been setup to auto-sync every two minutes. Instead of having to wait for auto-sync to kick in, you are instructed to manually sync the ArgoCD application.

Your changes will start to rollout. Confirm this by visiting the backstage project on OpenShift and checking that a new Pod is being started, or waiting until the Application in OpenShift GitOps reports Healthy instead of Progressing.

Backstage Application in Progressing Status

Once the new Pod has started, navigate to OpenShift and check the logs for lines that reference the KeycloakOrgEntityProvider. You should see a line stating that a number of Users and Groups have been read from Keycloak.

Red Hat Developer Hub Pod logs as seen in the OpenShift Console

You can further confirm the Users and Groups have been synchronized by visiting the Software Catalog on Developer Hub and setting the Kind dropdown to User.

User Entities listed in Red Hat Developer Hub

Nice work! You enabled a dynamic plugin and configured a catalog provider based on it!