doc: add backend_secret config to orchestrator

[jenniferubah]

Description

To enable notification for Orchestrator, this PR adds the backend secret token under the auth config in the orchestrator example. So the user is aware that the secret needs to be configured for Orchestrator.

Which issue(s) does this PR fix or relate to

• Relates to bug ticket: https://issues.redhat.com/browse/FLPATH-2627

PR acceptance criteria

• Documentation

Summary by Sourcery

Enable Orchestrator notifications by adding backend secret configuration to the orchestrator example and updating the documentation to guide users on configuring the BACKEND_SECRET.

Enhancements:

• Add backend.auth.externalAccess static token configuration to the orchestrator example and mount the BACKEND_SECRET via extraEnvs to enable notifications

Documentation:

• Update orchestrator documentation to instruct adding the BACKEND_SECRET secret and updating its name in the Backstage CR under extraEnvs

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• Verify that the extraEnvs.secrets block in the Backstage CR matches the actual CRD schema (env, envFrom or secrets) and adjust the example if needed to avoid misconfiguration.
• Include a reference or snippet showing how to create the Kubernetes Secret containing the BACKEND_SECRET key to guide users through the setup.
• Add a note to clarify what permissions or scopes the subject: orchestrator token grants to help users understand its impact on downstream plugins.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- Verify that the `extraEnvs.secrets` block in the Backstage CR matches the actual CRD schema (env, envFrom or secrets) and adjust the example if needed to avoid misconfiguration.
- Include a reference or snippet showing how to create the Kubernetes Secret containing the BACKEND_SECRET key to guide users through the setup.
- Add a note to clarify what permissions or scopes the `subject: orchestrator` token grants to help users understand its impact on downstream plugins.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[rm3l]

Cherry-picking to 1.7, based on the priority and fix version of https://issues.redhat.com/browse/FLPATH-2627

/cherry-pick release-1.7

[openshift-cherrypick-robot]

@rm3l: once the present PR merges, I will cherry-pick it on top of release-1.7 in a new PR and assign it to you.

Details

In response to this:

Cherry-picking to 1.7, based on the priority and fix version of https://issues.redhat.com/browse/FLPATH-2627

/cherry-pick release-1.7

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[rm3l]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rm3l

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [rm3l]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-cherrypick-robot]

@rm3l: #1567 failed to apply on top of branch "release-1.7":

Applying: Update app config in orchestrator example
Using index info to reconstruct a base tree...
M	examples/orchestrator.yaml
Falling back to patching base and 3-way merge...
Auto-merging examples/orchestrator.yaml
Applying: update doc
Applying: add secret example
Using index info to reconstruct a base tree...
M	examples/orchestrator.yaml
Falling back to patching base and 3-way merge...
Auto-merging examples/orchestrator.yaml
CONFLICT (content): Merge conflict in examples/orchestrator.yaml
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"
Patch failed at 0003 add secret example

Details

In response to this:

Cherry-picking to 1.7, based on the priority and fix version of https://issues.redhat.com/browse/FLPATH-2627

/cherry-pick release-1.7

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.