docs/releases/v1.18.0-next.0-changelog.md
9606ba0939e6: Deep visibility now also applies to values that are not covered by the configuration schema.
For example, given the following configuration schema:
// plugins/a/config.schema.ts
export interface Config {
/** @deepVisibility frontend */
a?: unknown;
}
// plugins/a/config.schema.ts
export interface Config {
a?: {
b?: string;
};
}
All values under a are now visible to the frontend, while previously only a and a/b would've been visible.
OAuth2Session type represents the underlying data. The expiresAt and backstageIdentity are now both optional, since that's what they are in practice. This is not considered a breaking change since it was effectively a bug in the modelling of the state that this type represents, and the type was not used in any other external contract.OAuth class which is used by all OAuth providers will now consider both the session expiration of both the Backstage identity as well as the upstream identity provider, and refresh the session with either of them is about to expire.expiresAt field that may now be part of a BackstageIdentityResponse.5f1a92b9f19f: Added AzureDevOpsCredentialsProvider to support multiple Azure DevOps organizations and deprecated AzureIntegrationConfig.credential and AzureIntegrationConfig.token in favour of AzureIntegrationConfig.credentials. You can now use specific credentials for different Azure DevOps (Server) organizations by specifying the organizations field on a credential:
integrations:
azure:
- host: dev.azure.com
credentials:
- organizations:
- my-org
- my-other-org
clientId: ${AZURE_CLIENT_ID}
clientSecret: ${AZURE_CLIENT_SECRET}
tenantId: ${AZURE_TENANT_ID}
- organizations:
- yet-another-org
personalAccessToken: ${PERSONAL_ACCESS_TOKEN}
See the Azure integration documentation for more information.
@backstage/plugin-auth-backend that adds a GCP IAP auth provider.@backstage/plugin-auth-backend that adds a GitHub auth provider.@backstage/plugin-auth-backend that adds a Google auth provider.8513cd7d00e3: Introduced a new system for building auth providers for @backstage/plugin-auth-backend, which both increases the amount of code re-use across providers, and also works better with the new backend system.
Many existing types have been moved from @backstage/plugin-auth-backend in order to avoid a direct dependency on the plugin from modules.
Auth provider integrations are now primarily implemented through a pattern of creating "authenticators", which are in turn specific to each kind of integrations. Initially there are two types: createOAuthAuthenticator and createProxyAuthenticator. These come paired with functions that let you create the corresponding route handlers, createOAuthRouteHandlers and createProxyAuthRouteHandlers, as well as provider factories, createOAuthProviderFactory and createProxyAuthProviderFactory. This new authenticator pattern allows the sign-in logic to be separated from the auth integration logic, allowing it to be completely re-used across all providers of the same kind.
The new provider factories also implement a new declarative way to configure sign-in resolvers, rather than configuration through code. Sign-in resolvers can now be configured through the resolvers configuration key, where the first resolver that provides an identity will be used, for example:
auth:
providers:
google:
development:
clientId: ...
clientSecret: ...
signIn:
resolvers:
- resolver: emailMatchingUserEntityAnnotation
- resolver: emailLocalPartMatchingUserEntityName
These configurable resolvers are created with a new createSignInResolverFactory function, which creates a sign-in resolver factory, optionally with an options schema that will be used both when configuring the sign-in resolver through configuration and code.
The internal helpers from @backstage/plugin-auth-backend that were used to implement auth providers using passport strategies have now also been made available as public API, through PassportHelpers and PassportOAuthAuthenticatorHelper.
BackstageIdentityResponse interface now has an optional expiresInSeconds field that can be used to signal session expiration. The prepareBackstageIdentityResponse utility will now also read the expiration from the provided token, and include it in the response.@types/react to be a regular dependencyDefaultAzureDevOpsCredentialsProvider to retrieve credentials for Azure DevOps.mockService to also include mocked variants, for example mockServices.lifecycle.mock(). The returned mocked implementation will have a factory property which is a service factory for itself. You can also pass a partial implementation of the service to the mock function to use a mock implementation of specific methods.new command.dev/index entry point for backend plugins and modules.@types/react to be a regular dependencygenerate-catalog-info command now uses the first listed CODEOWNER as Component owner when initially
creating the catalog-info.yaml file. It continues to allow any one listed CODEOWNER when updating
entity metadata.generate-catalog-info command that could cause the --dry-run flag to indicate changes to files when no changes would actually be made if the command were run without the flag.--ci flag to the generate-catalog-info command. This flag behaves similarly to the same flag on api-reports: if catalog-info.yaml files would have been added or modified, then the process exits with status code 1, and instructions are printed.@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependencyauthPlugin export for the new backend system. The plugin does not include any built-in auth providers, they must instead be added by installing additional modules, for example authModuleGoogleProvider from @backstage/plugin-auth-backend-module-google-provider.@backstage/plugin-auth-node instead.disableDefaultProviderFactories to createRouter.auth.identityTokenAlgorithm.@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependencyHas<kind>Cards.EntitySwitch was preventing the display of entity errors.limit parameter on entity queries.AzureDevOpsEntityProvider.DefaultAzureDevOpsCredentialsProvider to retrieve credentials for Azure DevOps.@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/pluralize to ^0.0.30.@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependencycreateRouterFromConfig or using the plugin for the new backend system the linguist.useSourceLocation configuration is now optional.@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependencypublish:github and publish:gitlab scaffolder actions.DefaultAzureDevOpsCredentialsProvider to retrieve credentials for Azure DevOps.catalogModuleTemplateKind export.@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency@types/react to be a regular dependency