update main ReadMe and remove idpbuilder reference

Signed-off-by: Pankaj Walke <[email protected]>

Author: punkwalker

README.md

@@ -30,15 +30,14 @@ Check out more details about the [installation flow](docs/installation_flow.md).
 ## Installation Flow Diagram
 This diagram illustrates the high-level installation flow for the CNOE AWS Reference Implementation. It shows how the local environment interacts with AWS resources to deploy and configure the platform on an EKS cluster.
 
-+ **Using plain shell script**
 ```mermaid
 flowchart TD
     subgraph "Local Environment"
         config["config.yaml"]
         secrets["GitHub App Credentials
         (private/*.yaml)"]
         create_secrets["create-config-secrets.sh"]
-        install["install-using-idpbuilder.sh"]
+        install["install.sh"]
         helm["helm"]
     end
 
@@ -94,83 +93,8 @@ flowchart TD
     class config,secrets config;
 ```
 
-+ **Using `idpbuilder`**
-```mermaid
-flowchart TD
-    subgraph "Local Environment"
-        config["config.yaml"]
-        secrets["GitHub App Credentials
-        (private/*.yaml)"]
-        create_secrets["create-config-secrets.sh"]
-        install["install-using-idpbuilder.sh"]
-        idpbuilder["idpbuilder
-        (Local Kind Cluster)"]
-        local_argocd["Argo CD
-        (Kind Cluster)"]
-        local_gitea["Gitea
-        (Kind Cluster)"]
-    end
-
-    subgraph "AWS"
-        aws_secrets["AWS Secrets Manager
-        - cnoe-ref-impl/config
-        - cnoe-ref-impl/github-app"]
-
-        subgraph "EKS Cluster"
-            eks_argocd["Argo CD"]
-            eso["External Secret Operator"]
-            appset["addons-appset
-            (ApplicationSet)"]
-
-            subgraph "Addons"
-                backstage["Backstage"]
-                keycloak["Keycloak"]
-                crossplane["Crossplane"]
-                cert_manager["Cert Manager"]
-                external_dns["External DNS"]
-                ingress["Ingress NGINX"]
-                argo_workflows["Argo Workflows"]
-            end
-        end
-    end
-
-    config --> create_secrets
-    secrets --> create_secrets
-    create_secrets --> aws_secrets
-
-    config --> install
-    install --> idpbuilder
-
-    idpbuilder --> local_argocd
-    idpbuilder --> local_gitea
-
-    local_argocd -- "Installs" --> eks_argocd
-    local_argocd -- "Installs" --> eso
-    local_argocd -- "Creates" --> appset
-
-    aws_secrets -- "Provides configuration" --> eso
-
-    appset -- "Creates Argo CD Addon ApplicationSets" --> Addons
-
-    eks_argocd -- "Manages" --> Addons
-    eso -- "Provides secrets to" --> Addons
-
-    classDef aws fill:#FF9900,stroke:#232F3E,color:white;
-    classDef k8s fill:#326CE5,stroke:#254AA5,color:white;
-    classDef tools fill:#4CAF50,stroke:#388E3C,color:white;
-    classDef config fill:#9C27B0,stroke:#7B1FA2,color:white;
-
-    class aws_secrets,EKS aws;
-    class eks_argocd,eso,appset,backstage,keycloak,crossplane,cert_manager,external_dns,ingress,argo_workflows k8s;
-    class idpbuilder,local_argocd,local_gitea,install,create_secrets tools;
-    class config,secrets config;
-```
-
 ## Getting Started
 
-> [!NOTE]
-> The installation requires AWS credentials to access the EKS cluster to deploy kubernetes resources. Therefore, the installation steps can be executed on local machine or on an EC2 instance with IAM instance role. If using local machine, please use [`aws-vault`](https://github.com/99designs/aws-vault) command to run local EC2 credentials server. Find more information about this requirement in [installation flow](docs/installation_flow.md) document.
-
 ### Step 1. ☸️ Create EKS Cluster
 
 The reference implementation can be installed on new EKS cluster which can be created with following tools:
@@ -199,7 +123,12 @@ This will create all the pre-requisite AWS Resources required for the reference
 
 ### Step 2. 🏢 Create GitHub Organization
 
-Backstage and Argo CD in this reference implementation are integrated with GitHub. Therefore, a GitHub Organization should be created in order to create GitHub Apps for these integrations. Follow the instructions in [GitHub documentation](https://docs.github.com/en/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch) to create new organization.
+Backstage and Argo CD in this reference implementation are integrated with GitHub. Both Backstage and ArgoCD, use Github Apps for authenticating with Github.
+
+Therefore, a GitHub Organization should be created in order to create GitHub Apps for these integrations. Follow the instructions in [GitHub documentation](https://docs.github.com/en/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch) to create new organization or visit [here](https://github.com/account/organizations/new).
+
+> [!NOTE]
+> It is recommended to use Github Organization instead of personal github ID as backstage has certain [limitations](https://backstage.io/docs/integrations/github/github-apps/#caveats) for using personal account Github Apps for authenticating to Github. Also, the Github Organization is ***FREE***.
 
 ### Step 3. 🍴 Fork the Repository
 
@@ -219,7 +148,7 @@ Create following apps and store it in corresponding file path.
 Argo CD requires `url` and `installationId` of the GitHub app. The `url` is the GitHub URL of the organization. The `installationId` can be captured by navigating to the app installation page with URL `https://github.com/organizations/<Organization-name>/settings/installations/<ID>`. You can find more information [on this page](https://stackoverflow.com/questions/74462420/where-can-we-find-github-apps-installation-id).
 
 > [!WARNING]
-> **If the app is created using backstage CLI, it creates files in current working directory. These files contains credentials. Handle it with care. It is recommended to remove these files after copying the content over to files in `private` directory**
+> **If the app is created using backstage CLI, it creates files in current working directory. These files contain credentials. Handle it with care. It is recommended to remove these files after copying the content over to files in `private` directory**
 
 > [!NOTE]
 > The rest of the installation process assumes the GitHub apps credentials are available in `private/backstage-github.yaml` and `private/argocd-github.yaml`
@@ -231,34 +160,18 @@ Argo CD requires `url` and `installationId` of the GitHub app. The `url` is the
 The installation requires following binaries in the local environment:
 
 + [**AWS CLI**](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html)
-+ [**Docker**](https://docs.docker.com/engine/install/)
++ [**kubectl**](https://kubernetes.io/docs/tasks/tools/)
 + [**yq**](https://mikefarah.gitbook.io/yq/v3.x)
-+ [**helm**](https://helm.sh/docs/intro/install/) _(Required only if using plain shell script for installation)_
-+ [**IDPBuilder**](https://github.com/cnoe-io/idpbuilder) _(Required only if using ipdbuilder for installation)_
-+ [**AWS Vault**](https://github.com/99designs/aws-vault?tab=readme-ov-file#installing) _(Required only for local machine installation)_
++ [**helm**](https://helm.sh/docs/intro/install/)
 
 #### 🔐 Configure AWS Credentials
+Configure the AWS CLI with credentials of an IAM role which has access to the EKS cluster. Follow instructions in [AWS documentation](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html#getting-started-quickstart-new) to configure AWS CLI.
 
-If the installation steps are being executed on EC2 instance, just ensure that the EC2 IAM instance role has permissions to access EKS cluster. No other configuration is required in this case.
-
-If the steps are being executed on a laptop/desktop, follow below steps:
-
-1. Configure the AWS CLI with credentials of an IAM role which has access to the EKS cluster. Follow instructions in [AWS documentation](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html#getting-started-quickstart-new) to configure AWS CLI.
-2. Once AWS CLI is configured, install and start the EC2 credentials server.
-
-   ```bash
-   aws-vault exec <AWS_PROFILE> --ec2-server
-   ```
-
-3. Verify that the EC2 credentials server is started.
-
-   ```bash
-   curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/local-credentials
-   ```
+If the installation steps are being executed on EC2 instance, ensure that the EC2 IAM instance role has permissions to access EKS cluster or The AWS CLI is configured as mentioned above.
 
 #### ⚙️ Configure Reference Implementation
 
-The reference implementation uses **`config.yaml`** file in the repository root directory to pass values. Refer to following table and update all the values appropriately. All the values are required.
+The reference implementation uses **`config.yaml`** file in the repository root directory to configure the installation values. The **`config.yaml`** should be updated with appropriate values before proceeding. Refer to following table and update all the values appropriately. All the values are required.
 
 | Parameter | Description | Type |
 |-----------|-------------|------|
@@ -273,9 +186,12 @@ The reference implementation uses **`config.yaml`** file in the repository root
 | `path_routing` | Enable path routing ("true") vs domain-based routing ("false") | string |
 | `tags` | Arbitrary key-value pairs for AWS resource tagging | object |
 
+> [!TIP]
+> If these values are updated after installation. Ensure to run command in next step to update the values in AWS secret manager. Otherwise, the updated values will not reflect in the live installation.
+
 #### 🔒 Create Secrets in AWS Secret Manager
 
-The values required for the installation to work are stored in AWS Secret Manager in two secrets:
+The values required for the installation are stored in AWS Secret Manager in two secrets:
 
 1. **cnoe-ref-impl/config:** Stores values from **`config.yaml`** in JSON
 2. **cnoe-ref-impl/github-app:** Stores GitHub App credentials with file name as key and content of the file as value from **private** directory.
@@ -290,48 +206,41 @@ Run below command to create new secrets or update the existing secrets if alread
 > **DO NOT** move to next steps without completing all the instructions in this step
 
 ### Step 6. 🚀 Installation
+> [!NOTE]
+> Before moving forward, Ensure that the kubectl context is set to EKS cluster and the configured AWS IAM role has access to the cluster.
 
 #### ▶️ Start the Installation Process
 
-The installation can be done using plain shell script or `idpbuilder`. All the addons are installed as Argo CD apps. When using bash script, Argo CD and External Secret Operator are installed on EKS cluster as helm chart. When installing with `idpbuilder`, the Argo CD in `idpbuilder` is used install these initial addons. Once Argo CD on EKS is up, other addons are installed through it and finally the Argo CD on EKS also manages itself. Check out more details about the [installation flow](docs/installation_flow.md).
-
-+ **Install using script:**
-   ```bash
-   ./scripts/install.sh
-   ```
-
-+ **Install using `idpbuilder`:**
+All the addons are installed as Argo CD apps. At the start of the installation, Argo CD and External Secret Operator are installed on EKS cluster as helm chart. Once Argo CD on EKS is up, other addons are installed through it and finally the Argo CD on EKS also manages itself and External Secret Operator. Check out more details about the [installation flow](docs/installation_flow.md). Run following command to start the installation.
    ```bash
-   ./scripts/install-using-idpbuilder.sh
+   scripts/install.sh
    ```
 
 #### 📊 Monitor Installation Process
 
-The installation script will continue to run until all the addon Argo CD apps are healthy. To monitor the process, use below instructions to access Argo CD instances. _(If using EC2 instance, make sure the port-forward from EC2 to local machine is set up)_
+The installation script will continue to run until all the Argo CD apps for Addons are healthy. To monitor the process, use below instructions to access instance of Argo CD running on EKS.
 
-+ **`idpbuilder` Argo CD:** `idpbuilder` exposes its Argo CD instance at `https://cnoe.localtest.me:8443/argocd` which can be accessed through browser.
-
-+ **EKS Argo CD:** Start the kubernetes port-forward session for Argo CD service and access the Argo CD UI in browser. In Argo CD UI, monitor the health of all Argo CD Apps
+Check if the kubectl context is set to EKS cluster and it can access the EKS cluster. Then, Start the kubernetes port-forward session for Argo CD service and access the Argo CD UI in browser. In Argo CD UI, monitor the health of all Argo CD Apps
 
   ```bash
   kubectl port-forward -n argocd svc/argocd-server 8080:80
   ```
 
 Depending upon the configuration, Argo CD will be accessible at http://localhost:8080 or http://localhost:8080/argocd.
 
-Switch between the kubernetes context of idpbuilder or EKS and retrieve the credentials for Argo CD can be retrieved with following command:
+Retrieve the credentials for Argo CD can be retrieved with following command:
 
 ```bash
-kubectl get secrets -n argocd argocd-initial-admin-secret -oyaml | yq '.data.password' | base64 -d
-
-# OR
-
-idpbuilder get secrets -p argocd -o yaml
+kubectl get secrets -n argocd argocd-initial-admin-secret -oyaml | yq '.data.password' | base64 -d && echo
 ```
 
 ### Step 7. 🌐 Accessing the Platform
 
-The addons are exposed using the base domain configured in [Step 5](#️-configure-reference-implementation). The URL depends on the setting for `path_routing`. Refer to following table for URLs:
+The addons with Web UI are exposed using the base domain configured in [Step 5](#️-configure-reference-implementation). The URLs can be retrieved by running following command:
+```
+scripts/get-urls.sh
+```
+The URL depends on the setting for `path_routing`. Refer to following table for URLs:
 
 | App Name | URL (w/ Path Routing) | URL (w/o Path Routing) |
 | --------- | --------- | --------- |
@@ -342,7 +251,7 @@ The addons are exposed using the base domain configured in [Step 5](#️-configu
 All the addons are configured with Keycloak SSO USER1 and the user password for it can be retrieved using following command:
 
 ```bash
-kubectl get secrets -n keycloak keycloak-config -o go-template='{{range $k,$v := .data}}{{printf "%s: " $k}}{{if not $v}}{{$v}}{{else}}{{$v | base64decode}}{{end}}{{"\n"}}{{end}}'
+kubectl get secret -n keycloak keycloak-config -o jsonpath='{.data.USER1_PASSWORD}' | base64 -d && echo
 ```
 Once, all the Argo CD apps on EKS cluster are reporting healthy status, try out [examples](docs/examples/) to create new application through Backstage.
 For troubleshooting, refer to the [troubleshooting guide](docs/troubleshooting.md).
@@ -354,11 +263,11 @@ For troubleshooting, refer to the [troubleshooting guide](docs/troubleshooting.m
 Run following command to remove all the addons created by this installation:
 
 ```
-./scripts/uninstall.sh
+scripts/uninstall.sh
 ```
 
 This script will only remove resources other than CRDs from the EKS cluster so that the same cluster can used for re-installation which is useful during development. To remove CRDs, use following command:
 
 ```
-./scripts/cleanup-crds.sh
+scripts/cleanup-crds.sh
 ```

scripts/get-urls.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Colors
+RED='\033[38;5;160m'
+GREEN='\033[38;5;34m'
+PURPLE='\033[38;5;98m'
+NC='\033[0m'
+BLUE='\033[38;5;33m'
+YELLOW='\033[38;5;178m'
+CYAN='\033[38;5;37m'
+BOLD='\033[1m'
+ORANGE='\033[38;5;172m'
+
+# Get the path_routing value from config.yaml
+PATH_ROUTING=$(yq '.path_routing' config.yaml)
+# Get the domain from config.yaml
+DOMAIN=$(yq '.domain' config.yaml)
+
+echo -e "\n${BOLD}${ORANGE}✨ ========================================== ✨${NC}"
+echo -e "${BOLD}${CYAN}🌐       Platform Access URLs                  🌐${NC}"
+echo -e "${BOLD}${ORANGE}✨ ========================================== ✨${NC}\n"
+
+echo -e "${BOLD}${PURPLE}🔗 URLs for accessing the platform:${NC}"
+echo -e "${YELLOW}----------------------------------------------------${NC}"
+
+if [ "$PATH_ROUTING" == "\"true\"" ] || [ "$PATH_ROUTING" == "true" ]; then
+  echo -e "${CYAN}🔶 Backstage:      ${BOLD}https://$DOMAIN${NC}"
+  echo -e "${CYAN}🔶 Argo CD:        ${BOLD}https://$DOMAIN/argocd${NC}"
+  echo -e "${CYAN}🔶 Argo Workflows: ${BOLD}https://$DOMAIN/argo-workflows${NC}"
+else
+  echo -e "${CYAN}🔶 Backstage:      ${BOLD}https://backstage.$DOMAIN${NC}"
+  echo -e "${CYAN}🔶 Argo CD:        ${BOLD}https://argocd.$DOMAIN${NC}"
+  echo -e "${CYAN}🔶 Argo Workflows: ${BOLD}https://argo-workflows.$DOMAIN${NC}"
+fi
+
+echo -e "${YELLOW}----------------------------------------------------${NC}"
+echo -e "\n${BOLD}${GREEN}✅ Use the URLs above to access the platform services${NC}\n"