This all is 100% open source, so if you would like to contribute, feel free to edit this page.



GitLab Auth

Red Hat Developer Hub 1.3 only supports Microsoft Azure, GitHub and Keycloak as authentication providers; more info here. There is an ongoing epic to cover it in following releases. This configuration should work to authenticate users by GitLab, as Backstage provides.

Enabling GitLab authentication requires to create a GitLab application. This process is described here, however, keep in mind to execute the actions in your GitLab instance:

NOTE: You can get the full qualified url to Red Hat Developer Hub with following command, using the name of your Red Hat Developer Hub instance name (RHDH_CR_NAME):

echo https://$(oc get route backstage-{RHDH_CR_NAME} -o jsonpath='{.spec.host}')

Create a secret with the application id and secret created in GitLab:

kind: Secret
apiVersion: v1
metadata:
  name: gitlab-secrets
  namespace: rhdh-gitlab
stringData:
  AUTH_GITLAB_CLIENT_ID: REPLACE_WITH_YOUR_GITLAB_CLIENT_ID
  AUTH_GITLAB_CLIENT_SECRET: REPLACE_WITH_YOUR_GITLAB_CLIENT_SECRET
type: Opaque

NOTE: If you want to create this secret in the OpenShift Web Console, you need to base64-decode the AUTH_GITLAB_CLIENT_ID” and AUTH_GITLAB_CLIENT_SECRET values.

Next, add the new secret to the backstage manifest:

spec:
  application:
    # other configuration
    extraEnvs:
      secrets:
        - name: gitlab-secrets

Update the configuration of Red Hat Developer Hub to define the GitLab authentication provider:

  auth:
    signInPage: gitlab
    auth:
      environment: production
      providers:
        gitlab:
          production:
            clientId: ${AUTH_GITLAB_CLIENT_ID}
            clientSecret: ${AUTH_GITLAB_CLIENT_SECRET}

Notice that we set the signInPage to gitlab, the default is github.

NOTE: To disable guest login set the environment to production!

Verify that you can login with GitLab.