docs/releases/v1.13.0-changelog.md
enableExperimentalRedirectFlow. When enabled, auth will happen with an in-window redirect flow rather than through a popup window.@backstage/cli-node package, which provides utilities for use across Backstage CLIs.c791fcd96b9: Configuration validation is now more permissive when it comes to config whose values are string but whose schemas declare them to be boolean or number.
For example, configuration was previously marked invalid when a string 'true' was set on a property expecting type boolean or a string '146' was set on a property expecting type number (as when providing configuration via variable substitution sourced from environment variables). Now, such configurations will be considered valid and their values will be coerced to the right type at read-time.
enableExperimentalRedirectFlow. When enabled, auth will happen with an in-window redirect flow rather than through a popup window.AuthConnector interface now supports specifying a set of scopes when
refreshing a session. The DefaultAuthConnector implementation passes the
scope query parameter to the auth-backend plugin appropriately. The
RefreshingAuthSessionManager passes any scopes in its GetSessionRequest
appropriately.zod and zod-to-json-schema dependencies.01cd4e25754: BREAKING: Removing Tabs component from core-components as it is neither used in the core Backstage app nor in the monorepo plugins. If you are using this component in your instance please consider replacing it with the Material UI Tabs component like the following:
- <Tabs
- tabs={[{
- icon: <AccessAlarmIcon />,
- content: <div>Label</div>,
- }]}
- />
+ <Tabs>
+ <Tab
+ label = "Label"
+ icon = { <AccessAlarmIcon /> }
+ />
+ </Tabs>
guest or custom auth providers.react-virtualized-auto-sizer´ to version ^1.0.11`DependencyGraphTypes to use namespace.LogLine component, which is used by the LogViewer, to turn URLs into clickable links. This feature is on by defaultenableExperimentalRedirectFlow. When enabled, auth will happen with an in-window redirect flow rather than through a popup window.zod and zod-to-json-schema dependencies.@material-ui/lab to 4.0.0-alpha.61.closeButton color in DismissableBanner to be configurable (via. theme.palette.banner.closeButtonColor)BackstageSidebar style drawer class, such that the width property is in a separate drawerWidth class instead. This makes it such that you can style the drawer class in your theme again.BackstageHeaderLabel to respect the active page theme.permissionApi to permissions when passed as dependency of the scaffolder-backend plugin5af2c4f412f: Bumped create-app version.
ab75a16da7a: Bumped create-app version.
71fd0966d10: Add permissionApi as dependency of the scaffolder-backend plugin
2945923b133: Upgraded the TypeScript version to 5.0
To apply this change in your own project, switch the TypeScript version in your root package.json:
- "typescript": "~4.6.4",
+ "typescript": "~5.0.0",
e0c6e8b9c3c: Update peer dependencies
Updated dependencies
schema:openapi:generate to generate the Typescript file that @backstage/backend-openapi-utils needs for typing and schema:openapi:verify to verify that this file exists and matches your src/schema/openapi.yaml file.api-reports and OpenAPI commands will now match any path within the target package.--include <patterns> and --exclude <patterns> options for api-reports command that work based on package names.enableExperimentalRedirectFlow. When enabled, auth will happen with an in-window redirect flow rather than through a popup window.fetchApi instead of raw fetch in order to pass auth header if necessary.isEntityWith condition helper for EntitySwitch case statements.329b63f4dab: The catalog now has a new, optional catalog.orphanStrategy app-config parameter, which can have the string values 'keep' (default) or 'delete'.
If set to 'keep' or left unset, the old behavior is maintained of keeping orphaned entities around until manually deleted.
If set to 'delete', the catalog will attempt to automatically clean out orphaned entities without manual intervention. Note that there are no guarantees that this process is instantaneous, so there may be some delay before orphaned items disappear.
For context, the Life of an Entity article goes into some more details on how the nature of orphaning works.
To enable the new behavior, you will need to pass the plugin task scheduler to your catalog backend builder. If your code already looks like this, you don't need to change it:
// in packages/backend/src/plugins/catalog.ts
export default async function createPlugin(
env: PluginEnvironment,
): Promise<Router> {
const builder = await CatalogBuilder.create(env);
But if you pass things into the catalog builder one by one, you'll need to add the new field:
// in packages/backend/src/plugins/catalog.ts
const builder = await CatalogBuilder.create({
// ... other dependencies
+ scheduler: env.scheduler,
});
Finally adjust your app-config:
catalog:
orphanStrategy: delete
92a4590fc3a: Add monorepo support to CodeOwnersProccesor.
LocationSpec type from the catalog-common package in place of the deprecated LocationSpec from the catalog-node package.src/schema/openapi.yaml and uses ApiRouter type from @backstage/backend-openapi-utils to handle automatic types from the OpenAPI spec file.by-query endpoint.zod and zod-to-json-schema dependencies.DefaultCatalogProcessingEngine where entities that contained multiple different types of relations for the same source entity would not properly trigger stitching for that source entity.f64345108a0: BREAKING: The configuration of the GitlabDiscoveryEntityProvider has changed as follows:
branch is now used to define the branch from which the catalog-info should be discovered.branch is now called fallbackBranch. This value specifies which branch should be used
if no default branch is defined on the project itself.To migrate to the new configuration value, rename branch to fallbackBranch
a49fb39df5a: Attempt to load entity owner names in the EntityOwnerPicker through the by-refs endpoint. If spec.profile.displayName or metadata.title are populated, we now attempt to show those before showing the humanizeEntityRef'd version.
BREAKING: EntityOwnerFilter now uses the full entity ref instead of the humanizeEntityRef. If you rely on EntityOwnerFilter.values or the queryParameters.owners of useEntityList, you will need to adjust your code like the following.
const { queryParameters: { owners } } = useEntityList();
// or
const { filter: { owners } } = useEntityList();
// Instead of,
if (owners.some(ref => ref === humanizeEntityRef(myEntity))) ...
// You'll need to use,
if (owners.some(ref => ref === stringifyEntityRef(myEntity))) ...
setSelectedOptions method. This was preventing updating list items when a query string was already present in the URL when loading the page.760f521b979: Add support for customizable homepage.
Allows customizing homepage components, their placement, size and individual settings. For maximum size and settings, the existing home components should add necessary data attributes to their components.
See plugins/home/README.md for more information how to configure
the customizable homepage.
754be7c5106: refactor kubernetes error detection to make way for proposed solutions
BREAKING: DetectedError now appears once per Kubernetes resource per error instead of for all resources which have that error, namespace and name fields are now in sourceRef object message is now a string instead of a string[]. ErrorDetectableKind has been removed.
KubernetesBackendClient now requires a kubernetesAuthProvidersApi value to be provided. KubernetesApi interface now has a proxy method requirement.KubernetesProxy must now provide a parameter of the type KubernetesProxyOptions which includes providing a KubernetesAuthTranslator. The KubernetesBuilder now builds its own KubernetesAuthTranslatorMap that it provides to the KubernetesProxy. The DispatchingKubernetesAuthTranslator expects a KubernetesTranslatorMap to be provided as a parameter. The KubernetesBuilder now has a method called setAuthTranslatorMap which allows integrators to bring their own KubernetesAuthTranslator's to the KubernetesPlugin.KubernetesBuilder.create now requires a permissions field of type PermissionEvaluator. The kubernetes /proxy endpoint now requires two tokens: the Backstage-Kubernetes-Authorization header should contain a bearer token for the target cluster, and the Authorization header should contain a backstage identity token. The kubernetes /proxy endpoint now requires a Backstage-Kubernetes-Cluster header replacing the previously required X-Kubernetes-Cluster header.7a89555e73d: Lighthouse backend plugin can now use an authenticated catalog backend API.
tokenManager to the lighthouse createScheduler.zod and zod-to-json-schema dependencies.routeRefs and exporting the originals on scaffolderPlugin.routes.x insteadTemplateListPage and TemplateWizardPage to be passed in as propstemplateFilter prop to the <Router/> component to allow for filtering of templates through a function.CategoryPicker from scaffolder into scaffolder-react
Move ContextMenu into scaffolder-react and rename it to ScaffolderPageContextMenu7e1d900413a: scaffolder/next: Bump @rjsf/* dependencies to 5.5.2
e27ddc36dad: Added a possibility to cancel the running task (executing of a scaffolder template)
57c1b4752fa: Allow use of { exists: true } value inside filters to filter entities that has that key.
this example will filter all entities that has the annotation someAnnotation set to any value.
ui:options:
catalogFilter:
kind: Group
metadata.annotations.someAnnotation: { exists: true }
7917cfccfc7: Fix some hard-coded white font colors in scaffolder
0435174b06f: Accessibility issues identified using lighthouse fixed.
7a6b16cc506: scaffolder/next: Bump @rjsf/* deps to 5.3.1
90dda42cfd2: bug: Invert templateFilter predicate to align with Array.filter
1e4f5e91b8e: Bump zod and zod-to-json-schema dependencies.
f84fc7fd040: Updated dependency @rjsf/validator-ajv8 to 5.3.0.
8e00acb28db: Small tweaks to remove warnings in the console during development (mainly focusing on techdocs)
34dab7ee7f8: scaffolder/next: bump rjsf dependencies to 5.5.0
e0c6e8b9c3c: Update peer dependencies
cf71c3744a5: scaffolder/next: Bump @rjsf/* dependencies to 5.6.0
Updated dependencies
2b15cb4aa0a: The non-PR/MR Git Actions now return the commit hash of the commit pushed as a new output called commitHash, isomorphic-git is now on version 1.23.0
30ffdae70f9: Added fetch:plain:file action to fetch a single file, this action is also added to the list of built-in actions.
65e989f4018: Added the possibility to authorize parameters and steps of a template
The scaffolder plugin is now integrated with the permission framework.
It is possible to toggle parameters or actions within templates by marking each section with specific tags, inside a backstage:permissions property under each parameter or action. Each parameter or action can then be permissioned by using a conditional decision containing the scaffolderTemplateRules.hasTag rule.
3b68b09fc2d: Renamed permissionApi router option to permissions
bcae5aaf25c: Added the possibility to authorize actions
It is now possible to decide who should be able to execute certain actions or who should be able to pass specific input to specified actions.
Some of the existing utility functions for creating conditional decisions have been renamed:
createScaffolderConditionalDecision has been renamed to createScaffolderActionConditionalDecisionscaffolderConditions has been renamed to scaffolderTemplateConditionsd7c8c222e25: Allow for a commit message to differ from the PR title when publishing a GitHub pull request.
95ea9f69b6f: Provide some more default filters out of the box and refactoring how the filters are applied to the SecureTemplater.
parseEntityRef will take an string entity triplet and return a parsed object.pick will allow you to reference a specific property in the piped object.So you can now combine things like this: ${{ parameters.entity | parseEntityRef | pick('name') }} to get the name of a specific entity, or ${{ parameters.repoUrl | parseRepoUrl | pick('owner') }} to get the owner of a repo.
mergeRequestURL of publish:gitlab:merge-request action to mergeRequestUrl.zod and zod-to-json-schema dependencies.scaffolderPlugin to not require options.confluence:transform:markdown action for converting confluence docs to Markdown.CategoryPicker from scaffolder into scaffolder-react
Move ContextMenu into scaffolder-react and rename it to ScaffolderPageContextMenuScaffolderPageContextMenu takes callbacks as props instead of booleansscaffolder/next: Export the TemplateGroupFilter and TemplateGroups and make an extensible componentscaffolder/next: Bump @rjsf/* dependencies to 5.5.2scaffolder/next: Bump @rjsf/* deps to 5.3.1templateFilter predicate to align with Array.filternext on each step of the form.zod and zod-to-json-schema dependencies.@rjsf/core-v5 to npm:@rjsf/[email protected].@rjsf/validator-ajv8 to 5.3.0.scaffolder/next: bump rjsf dependencies to 5.5.0@rjsf/* dependencies to 5.6.0zod and zod-to-json-schema dependencies.v.1.2.0 of the spotify/techdocs docker image as defaulta1002df2dc2: Support commit hashes at GithubUrlReader.readTree/search additionally to branch names.
Additionally, this will reduce the number of API calls from 2 to 1 for retrieving the "repo details" for all cases besides when the default branch has to be resolved and used (e.g., repo URL without any branch or commit hash).
5c7ce585824: Allow an additionalConfig to be provided to loadBackendConfig that fetches config values during runtime.
2b15cb4aa0a: The dependency isomorphic-git is now on version 1.23.0
34167270b31: Renamed the loadBackendConfig option additionalConfig to additionalConfigs as an array, and ensured that they get passed on properly.
This is technically breaking, but the original addition hasn't been released in mainline yet so we are taking this step now as a patch change.
420164593cf: Improve GitlabUrlReader to only load requested sub-path
Updated dependencies
Routers in backend packages. Developers can use the ApiRouter from this package in their packages to support a typed experience based on their OpenAPI specs. The ApiRouter supports request bodies, response bodies, query parameters and path parameters, as well as full path-based context of the above. This means no more guessing on an endpoint like req.post('/not-my-route', (req, res)=>{res.send(req.body.badparam)}). Typescript would catch /not-my-route, req.body.badparam, res.send(req.body.badparam).zod and zod-to-json-schema dependencies.queryEntities of CatalogClient where the sortField is supposed to be changed to orderField.--config <path> options will now be forwarded to any dependent app package builds, unless the build script in the app package already contains a --config option..md files in build loader@backstage/cli-node package.zod and zod-to-json-schema dependencies.@material-ui/lab to 4.0.0-alpha.61.@swc/helpers to ^0.5.0.package prepack command and backend bundling uses posix paths in package.json on all OSes.onboard command. While still in development, this command aims to guide users in setting up their Backstage App.no-undeclared-imports rule.@material-ui/lab to 4.0.0-alpha.61.closeButton color in DismissableBanner to be configurable (via. theme.palette.banner.closeButtonColor)@material-ui/lab to 4.0.0-alpha.61.d8f774c30df: Enforce the secret visibility of certificates and client secrets in the auth backend. Also, document all known options for each auth plugin.
7908d72e033: Introduce a new global config parameter, enableExperimentalRedirectFlow. When enabled, auth will happen with an in-window redirect flow rather than through a popup window.
475abd1dc3f: The microsoft (i.e. Azure) auth provider now supports negotiating tokens for
Azure resources besides Microsoft Graph (e.g. AKS, Virtual Machines, Machine
Learning Services, etc.). When the /frame/handler endpoint is called with an
authorization code for a non-Microsoft Graph scope, the user profile will not be
fetched. Similarly no user profile or photo data will be fetched by the backend
if the /refresh endpoint is called with the scope query parameter strictly
containing scopes for resources besides Microsoft Graph.
Furthermore, the offline_access scope will be requested by default, even when
it is not mentioned in the argument to getAccessToken. This means that any
Azure access token can be automatically refreshed, even if the user has not
signed in via Azure.
6a900951336: Add common identify resolvers for oidc auth provider.
a0ef1ec7349: Export Azure Easy Auth provider so it can actually be used.
e0c6e8b9c3c: Update peer dependencies
Updated dependencies
docs parameter (optional) to link the project documentationfullWidth and fullHeight optional properties to the BazaarPage,
to replicate the styling options available on the BazaarOverviewCard.docs parameter (optional) to link the project documentationrecharts dependency to ^2.5.0.LocationSpec type from the catalog-common package in place of the deprecated LocationSpec from the catalog-node package.3756dd98feb: GitHubEntityProvider: Add option to configure visibility filter via app-config.yaml.
Please find how to configure visibility filter config at https://backstage.io/docs/integrations/github/discovery
3160138d8d4: Implement GithubMultiOrgEntityProvider for sourcing group and user entities from multiple GitHub organizations
Updated dependencies
@apollo/server to ^4.0.0.recharts dependency to ^2.5.0.recharts dependency to ^2.5.0.xml2js from 0.4.23 to 0.5.0@material-ui/lab to 4.0.0-alpha.61.recharts dependency to ^2.5.0.@material-ui/lab to 4.0.0-alpha.61.3538d9ad2c4: Export DefaultEventBroker to allow decoupling of the catalog and events backends in the example-backend.
Please look at plugins/events-backend/README.md for the currently advised way to set up the event backend and catalog providers.
Updated dependencies
CatalogKindExploreContent component so that it is easy to show any component kinds in their own tab in the explore page.recharts dependency to ^2.5.0.@material-ui/lab to 4.0.0-alpha.61.2ef8aee1d0c: Add a new "Archived" Filter Options to the Github Pull Requests Dashboard.
When toggling this option on, the dashboard will display PRs from archived repositories. These PRs will not be displayed in the default filter.
8e00acb28db: Small tweaks to remove warnings in the console during development (mainly focusing on techdocs)
e0c6e8b9c3c: Update peer dependencies
Updated dependencies
@apollo/server to ^4.0.0.@material-ui/lab to 4.0.0-alpha.61.d7c8d8c52dd: Allow the title of the group profile card to use the title of the entity, if it is set.
8e00acb28db: Small tweaks to remove warnings in the console during development (mainly focusing on techdocs)
228ab677d31: Added entityLimit to change the limit of entities displayed in the ownership boxes.
e0c6e8b9c3c: Update peer dependencies
Updated dependencies
@material-ui/lab to 4.0.0-alpha.61.permissionPlugin for use in the new backend system, along with a permissionModuleAllowAllPolicy that can be used to allow all requests.zod and zod-to-json-schema dependencies.zod and zod-to-json-schema dependencies.policyExtensionPoint for use in the new backend system.zod and zod-to-json-schema dependencies.@material-ui/lab to 4.0.0-alpha.61.camelcase-keys dependency with one with better compatibility.typeguard for isTemplateEntityV1beta3backstage:permissions property to parameters and steps used to authorize part of the template using the permission frameworkzod and zod-to-json-schema dependencies.@material-ui/lab to 4.0.0-alpha.61.Check type now optionally includes the failureMetadata and successMetadata as returned by the runChecks call.6c809d1a41c: Minor visual tweaks to adapt to changes in mkdocs-material v9
b2e182cdfa4: Fixes a UI bug in search result item which rendered the item text with incorrect font size and color
847a1eee3da: Change anchor links color in Techdocs content
With the color (mkdocs supplied) used for anchor links the background and foreground colors do not have a sufficient contrast ratio. Using the link color from theme palette.
8e00acb28db: Small tweaks to remove warnings in the console during development (mainly focusing on techdocs)
2e493480626: Fix a bug in sub-path navigation due to double addition of a sub-path if one was set up in app.baseUrl.
e0c6e8b9c3c: Update peer dependencies
Updated dependencies
photoswipe dependency to ^5.3.7.fetchApi instead of raw fetch in order to pass auth header if necessary.@material-ui/lab to 4.0.0-alpha.61.recharts dependency to ^2.5.0.