Skip to content

ayointegral/cloud-sandbox-backstage

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

85 Commits
.github/workflows
.github/workflows
 
 
.yarn/releases
.yarn/releases
 
 
catalog
catalog
 
 
devbox.d/redis
devbox.d/redis
 
 
docker
docker
 
 
docs
docs
 
 
examples
examples
 
 
packages
packages
 
 
plugins
plugins
 
 
scripts
scripts
 
 
templates
templates
 
 
.dockerignore
.dockerignore
 
 
.env.example
.env.example
 
 
.eslintignore
.eslintignore
 
 
.eslintrc.js
.eslintrc.js
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.prettierignore
.prettierignore
 
 
.terraform-docs.yml
.terraform-docs.yml
 
 
.yamllint.yml
.yamllint.yml
 
 
.yarnrc.yml
.yarnrc.yml
 
 
ARCHITECTURE.md
ARCHITECTURE.md
 
 
COMPONENT-TEMPLATE-INVENTORY.md
COMPONENT-TEMPLATE-INVENTORY.md
 
 
CONTAINER-STATUS.md
CONTAINER-STATUS.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
Dockerfile
Dockerfile
 
 
Dockerfile.dev
Dockerfile.dev
 
 
MODULE-PATTERN-ANALYSIS.md
MODULE-PATTERN-ANALYSIS.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
SETUP.md
SETUP.md
 
 
TERRAFORM-COMPONENT-CREATION-SUMMARY.md
TERRAFORM-COMPONENT-CREATION-SUMMARY.md
 
 
app-config.production.yaml
app-config.production.yaml
 
 
app-config.yaml
app-config.yaml
 
 
backstage.json
backstage.json
 
 
catalog-info.yaml
catalog-info.yaml
 
 
devbox.json
devbox.json
 
 
devbox.lock
devbox.lock
 
 
docker-compose.dev.yaml
docker-compose.dev.yaml
 
 
docker-compose.prod.yaml
docker-compose.prod.yaml
 
 
docker-compose.services-only.yaml
docker-compose.services-only.yaml
 
 
docker-compose.services.yaml
docker-compose.services.yaml
 
 
docker-compose.yaml
docker-compose.yaml
 
 
e2e-test-results.json
e2e-test-results.json
 
 
module-registry.yaml
module-registry.yaml
 
 
package.json
package.json
 
 
playwright.config.ts
playwright.config.ts
 
 
test-output.txt
test-output.txt
 
 
test-results.txt
test-results.txt
 
 
tsconfig.json
tsconfig.json
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

Cloud Sandbox - Backstage Developer Portal

A fully-featured Backstage developer portal configured for cloud-native development teams. This portal provides a centralized hub for software catalog management, documentation, scaffolding, and team collaboration.

Features

Core Capabilities

  • Software Catalog - Centralized registry of all software components, APIs, resources, and systems
  • TechDocs - Built-in technical documentation with MkDocs and D2 diagram support
  • Software Templates - Scaffolder templates for creating new projects, infrastructure, and resources
  • Search - Full-text search across catalog entities, documentation, and more

Custom Plugins

  • Branding Settings - Admin-configurable organization branding (logo, colors, name)
  • Ownership Management - Orphan detection and ownership reassignment for catalog entities
  • GitHub Team Sync - Bi-directional synchronization between Backstage groups and GitHub teams

Integrations

  • GitHub - OAuth authentication, organization/team sync, repository scaffolding
  • Kubernetes - Cluster visualization and management
  • MinIO/S3 - TechDocs storage and asset management
  • PostgreSQL - Persistent data storage
  • Redis - Caching for improved performance

Templates

50+ scaffolder templates for:

  • Cloud infrastructure (AWS, Azure, GCP)
  • Application development (Node.js, Python, React, Spring Boot)
  • DevOps automation (Terraform, Ansible, Docker, Kubernetes)
  • Data engineering (Airflow, dbt, Superset)
  • Documentation (ADRs, Runbooks, D2 diagrams)

Quick Start

Prerequisites

  • Docker and Docker Compose
  • For Devbox (Recommended): Devbox (automatically installs Node.js, Yarn, Python, D2, etc.)
  • For Manual Setup: Node.js 22+, Yarn 4.4.1 (via Corepack)

Development Modes

This project supports two development modes:

Mode Best For Hot Reload Setup Complexity
Devbox + Docker Services Daily development Yes Low
Full Docker Stack Testing production setup No (rebuild required) Very Low

Option 1: Devbox Development (Recommended)

Devbox provides a reproducible development environment with all tools pre-configured.

Install Devbox

# Install Devbox (one-time setup)
curl -fsSL https://get.jetify.com/devbox | bash

# Devbox will automatically install Nix on first use

Start Development

# Clone the repository
git clone <repository-url>
cd backstage

# Enter Devbox shell (installs Node.js 22, Yarn 4, Python, D2, etc.)
devbox shell

# Start Docker services (PostgreSQL, Redis, MinIO)
devbox run services:start

# Copy environment template
cp .env.example .env
# Edit .env with your configuration (especially GITHUB_* variables)

# Install dependencies
yarn install

# Start Backstage in development mode with hot reload
devbox run dev

Access the portal at http://localhost:3000 (frontend) and http://localhost:7007 (backend API).

Devbox Commands

devbox run services:start    # Start Docker services (Postgres, Redis, MinIO)
devbox run services:stop     # Stop Docker services
devbox run services:status   # Check service status
devbox run dev               # Start Backstage with hot reload
devbox run build             # Build the backend
devbox run test              # Run tests
devbox run lint              # Run linter
devbox run techdocs          # Generate TechDocs
devbox run clean             # Clean build artifacts
devbox run reset             # Reset entire dev environment

Option 2: Full Docker Stack

Run everything in Docker containers (closest to production).

Start Full Stack

# Clone the repository
git clone <repository-url>
cd backstage

# Copy environment template
cp .env.example .env
# Edit .env with your configuration

# Start all services (PostgreSQL, Redis, MinIO, Backstage, Nginx)
docker compose -f docker-compose.yaml -f docker-compose.services.yaml up -d

# View logs
docker compose -f docker-compose.yaml -f docker-compose.services.yaml logs -f backstage

# Access the portal
open http://localhost

Full Docker Commands

# Start full stack
docker compose -f docker-compose.yaml -f docker-compose.services.yaml up -d

# Stop full stack
docker compose -f docker-compose.yaml -f docker-compose.services.yaml down

# Rebuild after code changes
docker compose -f docker-compose.yaml -f docker-compose.services.yaml up -d --build backstage

# View logs
docker compose -f docker-compose.yaml -f docker-compose.services.yaml logs -f

# Check status
docker compose -f docker-compose.yaml -f docker-compose.services.yaml ps

Option 3: Makefile Shortcuts

The Makefile provides convenient shortcuts for common operations:

make help              # Show all available commands
make up                # Start full Docker stack
make down              # Stop full Docker stack
make dev               # Start dev environment (services only)
make build             # Build Docker image
make logs              # Tail logs
make ps                # Show container status
make devbox            # Enter Devbox shell
make devbox-services   # Start services for Devbox mode

Configuration

Environment Variables

Copy .env.example to .env and configure:

Variable Description Required
GITHUB_TOKEN Personal access token for GitHub API Yes
GITHUB_CLIENT_ID OAuth App client ID Yes (for auth)
GITHUB_CLIENT_SECRET OAuth App client secret Yes (for auth)
GITHUB_ORG GitHub organization for team sync Optional
POSTGRES_* Database connection settings Yes
REDIS_* Cache connection settings Yes
MINIO_* Object storage settings Yes

See .env.example for the complete list with descriptions.

Configuration Files

File Purpose
app-config.yaml Development configuration
app-config.production.yaml Production overrides
app-config.local.yaml Local overrides (git-ignored)

Development

Available Scripts

# Start development server (frontend + backend)
yarn start

# Build production backend
yarn build:backend

# Run TypeScript compiler
yarn tsc

# Run all tests
yarn test

# Run linting
yarn lint:all

# Format code
yarn prettier:check

Project Structure

backstage/
β”œβ”€β”€ packages/
β”‚   β”œβ”€β”€ app/                 # Frontend application
β”‚   β”‚   └── src/
β”‚   β”‚       β”œβ”€β”€ components/  # React components
β”‚   β”‚       └── hooks/       # Custom React hooks
β”‚   └── backend/             # Backend application
β”‚       └── src/
β”‚           β”œβ”€β”€ branding/    # Branding settings plugin
β”‚           β”œβ”€β”€ index.ts     # Backend entry point
β”‚           β”œβ”€β”€ permissionPolicy.ts
β”‚           β”œβ”€β”€ ownershipManagementPlugin.ts
β”‚           └── githubTeamSyncPlugin.ts
β”œβ”€β”€ catalog/                 # Software catalog entities
β”œβ”€β”€ templates/               # Scaffolder templates
β”œβ”€β”€ docker/                  # Docker configuration
β”œβ”€β”€ .github/workflows/       # CI/CD workflows
└── app-config.yaml          # Backstage configuration

Docker Deployment

Production Build

# Build the production Docker image
docker build -t backstage:latest .

# Run with environment variables
docker run -p 7007:7007 \
  -e POSTGRES_HOST=postgres \
  -e GITHUB_TOKEN=your-token \
  backstage:latest

Docker Compose

The repository includes several compose files:

File Purpose
docker-compose.yaml Base configuration with networks and volumes
docker-compose.services.yaml Infrastructure services (PostgreSQL, Redis, MinIO)
docker-compose.services-only.yaml Services only for Devbox mode
docker-compose.dev.yaml Development with hot reload
docker-compose.prod.yaml Production configuration

Troubleshooting

Devbox Issues

"Nix not installed" error:

# Devbox will prompt to install Nix automatically, or install manually:
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install

Package installation fails:

# Clear Devbox cache and retry
devbox rm --all
devbox install

Docker Issues

Port already in use:

# Check what's using the port
lsof -i :7007
lsof -i :5432

# Stop conflicting services or change ports in docker-compose

Container won't start:

# Check logs for the specific container
docker compose -f docker-compose.yaml -f docker-compose.services.yaml logs backstage

# Rebuild from scratch
docker compose -f docker-compose.yaml -f docker-compose.services.yaml down -v
docker compose -f docker-compose.yaml -f docker-compose.services.yaml up -d --build

Database Issues

Reset database:

# Stop services and remove volumes
docker compose -f docker-compose.yaml -f docker-compose.services.yaml down -v

# Or in Devbox mode:
devbox run reset

Architecture

Cloud Sandbox Architecture

Key Components

  • Frontend (React) - User interface built with Material-UI
  • Backend (Node.js) - API server with plugin architecture
  • PostgreSQL - Persistent storage for catalog, auth, and plugin data
  • Redis - Caching layer for improved performance
  • MinIO - S3-compatible storage for TechDocs and assets
  • Nginx - Reverse proxy for routing and SSL termination

Security

Authentication

The portal supports multiple authentication providers:

  • GitHub OAuth - Primary authentication for production
  • Guest Access - Optional read-only access (disabled by default in production)

Authorization

Role-based access control via group membership:

Role Groups Permissions
Admin admins, platform-admins Full access
Editor editors, developers Create/modify entities
Viewer All authenticated users Read-only access

Security Best Practices

  • CORS is restricted to specific origins in production
  • Guest auth is disabled by default in production
  • All secrets are managed via environment variables
  • TLS termination at the reverse proxy

Contributing

See CONTRIBUTING.md for contribution guidelines.

Documentation

License

This project is based on Backstage by Spotify.

About

Cloud Sandbox - Backstage Developer Portal with custom catalog and templates

Resources

Readme

Contributing

Contributing

Security policy

Security policy
Activity

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages