diff --git a/.github/workflows/feature-branch.yml b/.github/workflows/feature-branch.yml index b3b3204..7e209f4 100644 --- a/.github/workflows/feature-branch.yml +++ b/.github/workflows/feature-branch.yml @@ -68,7 +68,7 @@ jobs: env: CONTENTS: ${{ secrets.X_GITHUB_APP_CREDS }} run: | - echo -e "$CONTENTS" > src/app-config.d/github-app-credentials.yaml + echo -e "$CONTENTS" > src/app-config.d/credentials/github-app-credentials.yaml # Couldn't store JSON creds while retaining proper formatting so going to do this in two steps - name: Write Google Admin API creds diff --git a/cfn-parameters.json b/cfn-parameters.json index bb944d4..2c4eecd 100644 --- a/cfn-parameters.json +++ b/cfn-parameters.json @@ -25,7 +25,8 @@ "PgPassword": $secrets.POSTGRES_PASSWORD, "AuthGoogleClientId": $secrets.AUTH_GOOGLE_CLIENT_ID, "AuthGoogleClientSecret": $secrets.AUTH_GOOGLE_CLIENT_SECRET, - "DnsName": $vars.DNS_NAME, + "BackstageAppUrl": $vars.BACKSTAGE_APP_URL, + "BackstageBackendUrl": $vars.BACKSTAGE_BACKEND_URL, "ServerlessOpsCatalogApiUrl": $vars.SERVERLESSOPS_CATALOG_API_URL, "ServerlessOpsAuthClientId": $secrets.SERVERLESSOPS_AUTH_CLIENT_ID, "ServerlessOpsAuthClientSecret": $secrets.SERVERLESSOPS_AUTH_CLIENT_SECRET, diff --git a/src/app-config.home.yaml b/src/app-config.home.yaml new file mode 100644 index 0000000..095d23c --- /dev/null +++ b/src/app-config.home.yaml @@ -0,0 +1,21 @@ +app: + title: Backstage Portal + baseUrl: ${BACKSTAGE_APP_URL} + +backend: + baseUrl: ${BACKSTAGE_BACKEND_URL} + database: + connection: + ssl: null + +auth: + environment: home + providers: + guest: null + github: + home: + clientId: ${GITHUB_AUTH_CLIENT_ID} + clientSecret: ${GITHUB_AUTH_CLIENT_SECRET} + signIn: + resolvers: + - resolver: emailMatchingUserEntityProfileEmail \ No newline at end of file diff --git a/src/app-config.production.yaml b/src/app-config.production.yaml index 884679c..bf1ef15 100644 --- a/src/app-config.production.yaml +++ b/src/app-config.production.yaml @@ -1,6 +1,6 @@ app: # Should be the same as backend.baseUrl when using the `app-backend` plugin. - baseUrl: https://${DNS_NAME} + baseUrl: ${BACKSTAGE_APP_URL} backend: # Note that the baseUrl should be the URL that the browser and other clients @@ -8,12 +8,12 @@ backend: # reachable not just from within the backend host, but from all of your # callers. When its value is "http://localhost:7007", it's strictly private # and can't be reached by others. - baseUrl: https://${DNS_NAME} + baseUrl: ${BACKSTAGE_BACKEND_URL} # The listener can also be expressed as a single : string. In this case we bind to # all interfaces, the most permissive setting. The right value depends on your specific deployment. listen: listen: 0.0.0.0 # Bind to all interfaces - port: 7007 + port: ${BACKSTAGE_BACKEND_PORT} # config options: https://node-postgres.com/apis/client database: diff --git a/src/packages/app/src/App.test.tsx b/src/packages/app/src/App.test.tsx index ec8ba1d..6bcb152 100644 --- a/src/packages/app/src/App.test.tsx +++ b/src/packages/app/src/App.test.tsx @@ -14,6 +14,9 @@ describe('App', () => { techdocs: { storageUrl: 'http://localhost:7007/api/techdocs/static/docs', }, + auth: { + environment: 'production' + } }, context: 'test', }, diff --git a/src/packages/app/src/App.tsx b/src/packages/app/src/App.tsx index e9bf2c5..99908b9 100644 --- a/src/packages/app/src/App.tsx +++ b/src/packages/app/src/App.tsx @@ -39,7 +39,7 @@ import { catalogEntityCreatePermission } from '@backstage/plugin-catalog-common/ import { ScaffolderFieldExtensions } from '@backstage/plugin-scaffolder-react'; // Added imports -import { googleAuthApiRef } from '@backstage/core-plugin-api'; +import { configApiRef, githubAuthApiRef, googleAuthApiRef, useApi } from '@backstage/core-plugin-api'; // ServerlessOps Catalog import { @@ -68,23 +68,37 @@ const app = createApp({ }); }, components: { - SignInPage: props => ( - { + const configApi = useApi(configApiRef); + if (configApi.getString('auth.environment') === 'home') { + return ( + + ); + } + return ( + - ), + } + /> + ); + }, }, }); diff --git a/src/packages/backend/package.json b/src/packages/backend/package.json index 557a537..64fab03 100644 --- a/src/packages/backend/package.json +++ b/src/packages/backend/package.json @@ -20,7 +20,7 @@ "@backstage/config": "^1.2.0", "@backstage/plugin-app-backend": "^0.3.74", "@backstage/plugin-auth-backend": "^0.23.0", - "@backstage/plugin-auth-backend-module-github-provider": "^0.2.0", + "@backstage/plugin-auth-backend-module-github-provider": "^0.3.4", "@backstage/plugin-auth-backend-module-google-provider": "^0.2.0", "@backstage/plugin-auth-backend-module-guest-provider": "^0.2.0", "@backstage/plugin-auth-node": "^0.5.2", diff --git a/src/packages/backend/src/index.ts b/src/packages/backend/src/index.ts index 6d78c78..a405764 100644 --- a/src/packages/backend/src/index.ts +++ b/src/packages/backend/src/index.ts @@ -21,6 +21,7 @@ backend.add(import('@backstage/plugin-auth-backend')); // backend.add(import('@backstage/plugin-auth-backend-module-guest-provider')); // See https://backstage.io/docs/auth/guest/provider backend.add(import('@backstage/plugin-auth-backend-module-google-provider')); +backend.add(import('@backstage/plugin-auth-backend-module-github-provider')); // catalog plugin diff --git a/src/yarn.lock b/src/yarn.lock index 9412c98..fdfcab1 100644 --- a/src/yarn.lock +++ b/src/yarn.lock @@ -3356,6 +3356,28 @@ __metadata: languageName: node linkType: hard +"@backstage/backend-plugin-api@npm:^1.4.0": + version: 1.4.0 + resolution: "@backstage/backend-plugin-api@npm:1.4.0" + dependencies: + "@backstage/cli-common": "npm:^0.1.15" + "@backstage/config": "npm:^1.3.2" + "@backstage/errors": "npm:^1.2.7" + "@backstage/plugin-auth-node": "npm:^0.6.4" + "@backstage/plugin-permission-common": "npm:^0.9.0" + "@backstage/plugin-permission-node": "npm:^0.10.1" + "@backstage/types": "npm:^1.2.1" + "@types/express": "npm:^4.17.6" + "@types/json-schema": "npm:^7.0.6" + "@types/luxon": "npm:^3.0.0" + json-schema: "npm:^0.4.0" + knex: "npm:^3.0.0" + luxon: "npm:^3.0.0" + zod: "npm:^3.22.4" + checksum: 10c0/bc8d9743c24ee8624d89fa89c0927658eba3c5f1cd1f8ba8defbcb43a9f949a4a602ef19986d9e69e252f016b642532300327d2f88f3940b32ce8fcec30efd49 + languageName: node + linkType: hard + "@backstage/backend-test-utils@npm:^1.0.0": version: 1.2.0 resolution: "@backstage/backend-test-utils@npm:1.2.0" @@ -3431,6 +3453,18 @@ __metadata: languageName: node linkType: hard +"@backstage/catalog-client@npm:^1.10.1": + version: 1.10.1 + resolution: "@backstage/catalog-client@npm:1.10.1" + dependencies: + "@backstage/catalog-model": "npm:^1.7.4" + "@backstage/errors": "npm:^1.2.7" + cross-fetch: "npm:^4.0.0" + uri-template: "npm:^2.0.0" + checksum: 10c0/e6664b19d91f8c1b3b60975887c4fc375d684a7729123986b4361f892fbd7599c43e727d83521335ee6d8ae0b216640dc4a8f30885d7e870ed175d0933cead65 + languageName: node + linkType: hard + "@backstage/catalog-client@npm:^1.7.0": version: 1.7.0 resolution: "@backstage/catalog-client@npm:1.7.0" @@ -3515,6 +3549,18 @@ __metadata: languageName: node linkType: hard +"@backstage/catalog-model@npm:^1.7.4": + version: 1.7.4 + resolution: "@backstage/catalog-model@npm:1.7.4" + dependencies: + "@backstage/errors": "npm:^1.2.7" + "@backstage/types": "npm:^1.2.1" + ajv: "npm:^8.10.0" + lodash: "npm:^4.17.21" + checksum: 10c0/220635c2e9968e22439cce7432cec75e2f9b8ea2ff333c6945ce7a9ea81c5b448a5dce32de69519ac4ab9d707ce9589b675cf602315a5a7edbe27993ae261be4 + languageName: node + linkType: hard + "@backstage/cli-common@npm:^0.1.14": version: 0.1.14 resolution: "@backstage/cli-common@npm:0.1.14" @@ -3793,6 +3839,17 @@ __metadata: languageName: node linkType: hard +"@backstage/config@npm:^1.3.2": + version: 1.3.2 + resolution: "@backstage/config@npm:1.3.2" + dependencies: + "@backstage/errors": "npm:^1.2.7" + "@backstage/types": "npm:^1.2.1" + ms: "npm:^2.1.3" + checksum: 10c0/9d3dfac9b359727b727567834c2576cc2af96e149b3a0b45565251b02f2dfda9559ee3719d1eed240f5cae4f6b8bb9babfbffc3a35d2d2d8fbe5c408c41c42e3 + languageName: node + linkType: hard + "@backstage/core-app-api@npm:^1.15.0": version: 1.15.0 resolution: "@backstage/core-app-api@npm:1.15.0" @@ -4216,6 +4273,16 @@ __metadata: languageName: node linkType: hard +"@backstage/errors@npm:^1.2.7": + version: 1.2.7 + resolution: "@backstage/errors@npm:1.2.7" + dependencies: + "@backstage/types": "npm:^1.2.1" + serialize-error: "npm:^8.0.1" + checksum: 10c0/ce04dccc96c49bf121f1de86a589bbe3a613a32f63546b100a9d074bf2cb79c8ba889e1e7ba39c44c717b1bc7dea7654de85b1229fb7e4106e31dd60327c10c1 + languageName: node + linkType: hard + "@backstage/eslint-plugin@npm:^0.1.9": version: 0.1.9 resolution: "@backstage/eslint-plugin@npm:0.1.9" @@ -4882,6 +4949,18 @@ __metadata: languageName: node linkType: hard +"@backstage/plugin-auth-backend-module-github-provider@npm:^0.3.4": + version: 0.3.4 + resolution: "@backstage/plugin-auth-backend-module-github-provider@npm:0.3.4" + dependencies: + "@backstage/backend-plugin-api": "npm:^1.4.0" + "@backstage/plugin-auth-node": "npm:^0.6.4" + passport-github2: "npm:^0.1.12" + zod: "npm:^3.22.4" + checksum: 10c0/dd61c52690aab16c4769b05cb33a9576fdde17119c67c534f69946f64f2f448553f1fbce67129f6faaadec46a3798de1b51258a4bc4894905446f88bbf360ad6 + languageName: node + linkType: hard + "@backstage/plugin-auth-backend-module-gitlab-provider@npm:^0.2.0": version: 0.2.0 resolution: "@backstage/plugin-auth-backend-module-gitlab-provider@npm:0.2.0" @@ -5142,6 +5221,29 @@ __metadata: languageName: node linkType: hard +"@backstage/plugin-auth-node@npm:^0.6.4": + version: 0.6.4 + resolution: "@backstage/plugin-auth-node@npm:0.6.4" + dependencies: + "@backstage/backend-plugin-api": "npm:^1.4.0" + "@backstage/catalog-client": "npm:^1.10.1" + "@backstage/catalog-model": "npm:^1.7.4" + "@backstage/config": "npm:^1.3.2" + "@backstage/errors": "npm:^1.2.7" + "@backstage/types": "npm:^1.2.1" + "@types/express": "npm:^4.17.6" + "@types/passport": "npm:^1.0.3" + express: "npm:^4.17.1" + jose: "npm:^5.0.0" + lodash: "npm:^4.17.21" + passport: "npm:^0.7.0" + zod: "npm:^3.22.4" + zod-to-json-schema: "npm:^3.21.4" + zod-validation-error: "npm:^3.4.0" + checksum: 10c0/597ee8bb1ec234f47300a4a66cdb34240d574a1467ba67c362d931cc277d196f20f685b3ea67b7c2d0b725c739ef850c38cb68edc864a545f7895d2bd5791b2b + languageName: node + linkType: hard + "@backstage/plugin-auth-react@npm:^0.1.6": version: 0.1.6 resolution: "@backstage/plugin-auth-react@npm:0.1.6" @@ -5930,6 +6032,39 @@ __metadata: languageName: node linkType: hard +"@backstage/plugin-permission-common@npm:^0.9.0": + version: 0.9.0 + resolution: "@backstage/plugin-permission-common@npm:0.9.0" + dependencies: + "@backstage/config": "npm:^1.3.2" + "@backstage/errors": "npm:^1.2.7" + "@backstage/types": "npm:^1.2.1" + cross-fetch: "npm:^4.0.0" + uuid: "npm:^11.0.0" + zod: "npm:^3.22.4" + zod-to-json-schema: "npm:^3.20.4" + checksum: 10c0/24f5f400d08be016610e93fb8550cccd1c4a5f621e5242cda67b0165ba3ad0a3b425c8d98ea5d1612b4482fec0fa8954a61b7177e52a2f03d3245fbc85bdc15f + languageName: node + linkType: hard + +"@backstage/plugin-permission-node@npm:^0.10.1": + version: 0.10.1 + resolution: "@backstage/plugin-permission-node@npm:0.10.1" + dependencies: + "@backstage/backend-plugin-api": "npm:^1.4.0" + "@backstage/config": "npm:^1.3.2" + "@backstage/errors": "npm:^1.2.7" + "@backstage/plugin-auth-node": "npm:^0.6.4" + "@backstage/plugin-permission-common": "npm:^0.9.0" + "@types/express": "npm:^4.17.6" + express: "npm:^4.17.1" + express-promise-router: "npm:^4.1.0" + zod: "npm:^3.22.4" + zod-to-json-schema: "npm:^3.20.4" + checksum: 10c0/f631192af30f9e7ea6ae39a020d632cf52c8f5a5cf48cdfe61b59658be1fec9f8b8f2c3c6a1e4cf5985789c6eb2f69b078ce1b0dd87bb4fef414d1fc27d73ea3 + languageName: node + linkType: hard + "@backstage/plugin-permission-node@npm:^0.8.3": version: 0.8.3 resolution: "@backstage/plugin-permission-node@npm:0.8.3" @@ -7325,6 +7460,13 @@ __metadata: languageName: node linkType: hard +"@backstage/types@npm:^1.2.1": + version: 1.2.1 + resolution: "@backstage/types@npm:1.2.1" + checksum: 10c0/e7ed5ee0c4e6afa997a3885b7851ce51fc8c1c99cec98a2724da79dbc626f3f9055c5c72f097a2e2f762293e74ecd6b5d30617c27c3b27aa9a63a436f07b576d + languageName: node + linkType: hard + "@backstage/version-bridge@npm:^1.0.10": version: 1.0.10 resolution: "@backstage/version-bridge@npm:1.0.10" @@ -16273,7 +16415,7 @@ __metadata: "@backstage/config": "npm:^1.2.0" "@backstage/plugin-app-backend": "npm:^0.3.74" "@backstage/plugin-auth-backend": "npm:^0.23.0" - "@backstage/plugin-auth-backend-module-github-provider": "npm:^0.2.0" + "@backstage/plugin-auth-backend-module-github-provider": "npm:^0.3.4" "@backstage/plugin-auth-backend-module-google-provider": "npm:^0.2.0" "@backstage/plugin-auth-backend-module-guest-provider": "npm:^0.2.0" "@backstage/plugin-auth-node": "npm:^0.5.2" diff --git a/template.yaml b/template.yaml index 2876db5..753a824 100644 --- a/template.yaml +++ b/template.yaml @@ -114,9 +114,13 @@ Parameters: Description: Google OAuth client secret NoEcho: true - DnsName: + BackstageAppUrl: Type: String - Description: DNS name for the application + Description: URL of application frontend + + BackstageBackendUrl: + Type: String + Description: URL of application backend ServerlessOpsCatalogApiUrl: Type: String @@ -169,8 +173,12 @@ Resources: Value: !Ref AuthGoogleClientId - Name: AUTH_GOOGLE_CLIENT_SECRET Value: !Ref AuthGoogleClientSecret - - Name: DNS_NAME - Value: !Ref DnsName + - Name: BACKSTAGE_APP_URL + Value: !Ref BackstageAppUrl + - Name: BACKSTAGE_BACKEND_URL + Value: !Ref BackstageBackendUrl + - Name: BACKSTAGE_BACKEND_PORT + Value: !Ref ContainerPort - Name: SERVERLESSOPS_CATALOG_API_URL Value: !Ref ServerlessOpsCatalogApiUrl - Name: SERVERLESSOPS_AUTH_ENDPOINT