@backstage/plugin-kubernetes-common 0.9.3-next.0 → 0.9.3

package/CHANGELOG.md

@@ -1,5 +1,30 @@
 # @backstage/plugin-kubernetes-common
 
+## 0.9.3
+
+### Patch Changes
+
+- ac0e1ac: Fixed the lack of `secrets` to fetch from the kubernetes api by adding option to specify additional Objects which are not part of Default Objects
+- ca3da29: The `/clusters` endpoint is now protected by the `kubernetes.clusters.read` permission.
+  The `/services/:serviceId` endpoint is now protected by the `kubernetes.resources.read` permission.
+  The `/resources` endpoints are now protected by the `kubernetes.resources.read` permission.
+- Updated dependencies
+  - @backstage/catalog-model@1.7.3
+  - @backstage/types@1.2.1
+  - @backstage/plugin-permission-common@0.8.4
+
+## 0.9.3-next.1
+
+### Patch Changes
+
+- ca3da29: The `/clusters` endpoint is now protected by the `kubernetes.clusters.read` permission.
+  The `/services/:serviceId` endpoint is now protected by the `kubernetes.resources.read` permission.
+  The `/resources` endpoints are now protected by the `kubernetes.resources.read` permission.
+- Updated dependencies
+  - @backstage/catalog-model@1.7.3
+  - @backstage/types@1.2.1
+  - @backstage/plugin-permission-common@0.8.4
+
 ## 0.9.3-next.0
 
 ### Patch Changes

package/dist/index.cjs.js

@@ -21,8 +21,10 @@ exports.ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER = catalogEntityConstants.ANNOT
 exports.ANNOTATION_KUBERNETES_SKIP_METRICS_LOOKUP = catalogEntityConstants.ANNOTATION_KUBERNETES_SKIP_METRICS_LOOKUP;
 exports.ANNOTATION_KUBERNETES_SKIP_TLS_VERIFY = catalogEntityConstants.ANNOTATION_KUBERNETES_SKIP_TLS_VERIFY;
 exports.SERVICEACCOUNT_CA_PATH = certificateAuthorityConstants.SERVICEACCOUNT_CA_PATH;
+exports.kubernetesClustersReadPermission = permissions.kubernetesClustersReadPermission;
 exports.kubernetesPermissions = permissions.kubernetesPermissions;
 exports.kubernetesProxyPermission = permissions.kubernetesProxyPermission;
+exports.kubernetesResourcesReadPermission = permissions.kubernetesResourcesReadPermission;
 exports.detectErrors = errorDetection.detectErrors;
 exports.groupResponses = response.groupResponses;
 //# sourceMappingURL=index.cjs.js.map

package/dist/index.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.cjs.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;"}
+{"version":3,"file":"index.cjs.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;"}

package/dist/index.d.ts

@@ -297,6 +297,14 @@ declare const ANNOTATION_KUBERNETES_AWS_EXTERNAL_ID = "kubernetes.io/aws-externa
  * @public
  */
 declare const kubernetesProxyPermission: _backstage_plugin_permission_common.BasicPermission;
+/** This permission is used to check access to the /resources and /services/:serviceId endpoints
+ * @public
+ */
+declare const kubernetesResourcesReadPermission: _backstage_plugin_permission_common.BasicPermission;
+/** This permission is used to check access to the /clusters endpoint
+ * @public
+ */
+declare const kubernetesClustersReadPermission: _backstage_plugin_permission_common.BasicPermission;
 /**
  * List of all Kubernetes permissions.
  * @public
@@ -378,4 +386,4 @@ declare const detectErrors: (objects: ObjectsByEntityResponse$1) => DetectedErro
 /** @public */
 declare const groupResponses: (fetchResponse: FetchResponse$1[]) => GroupedResponses;
 
-export { ANNOTATION_KUBERNETES_API_SERVER, ANNOTATION_KUBERNETES_API_SERVER_CA, ANNOTATION_KUBERNETES_AUTH_PROVIDER, ANNOTATION_KUBERNETES_AWS_ASSUME_ROLE, ANNOTATION_KUBERNETES_AWS_CLUSTER_ID, ANNOTATION_KUBERNETES_AWS_EXTERNAL_ID, ANNOTATION_KUBERNETES_DASHBOARD_APP, ANNOTATION_KUBERNETES_DASHBOARD_PARAMETERS, ANNOTATION_KUBERNETES_DASHBOARD_URL, ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER, ANNOTATION_KUBERNETES_SKIP_METRICS_LOOKUP, ANNOTATION_KUBERNETES_SKIP_TLS_VERIFY, type AuthProviderType, type ClientContainerStatus, type ClientCurrentResourceUsage, type ClientPodStatus, type ClusterAttributes, type ClusterObjects, type ConfigMapFetchResponse, type CronJobsFetchResponse, type CustomObjectsByEntityRequest, type CustomResourceFetchResponse, type CustomResourceMatcher, type DaemonSetsFetchResponse, type DeploymentFetchResponse, type DeploymentResources, type DetectedError, type DetectedErrorsByCluster, type DocsSolution, type ErrorMapper, type ErrorSeverity, type EventsSolution, type FetchResponse, type GroupedResponses, type HorizontalPodAutoscalersFetchResponse, type IngressesFetchResponse, type JobsFetchResponse, type KubernetesErrorTypes, type KubernetesFetchError, type KubernetesRequestAuth, type KubernetesRequestBody, type LimitRangeFetchResponse, type LogSolution, type ObjectsByEntityResponse, type PodFetchResponse, type PodStatusFetchResponse, type ProposedFix, type ProposedFixBase, type RawFetchError, type ReplicaSetsFetchResponse, type ResourceQuotaFetchResponse, type ResourceRef, type SecretsFetchResponse, type ServiceFetchResponse, type StatefulSetsFetchResponse, type StatusError, type WorkloadsByEntityRequest, detectErrors, groupResponses, kubernetesPermissions, kubernetesProxyPermission };
+export { ANNOTATION_KUBERNETES_API_SERVER, ANNOTATION_KUBERNETES_API_SERVER_CA, ANNOTATION_KUBERNETES_AUTH_PROVIDER, ANNOTATION_KUBERNETES_AWS_ASSUME_ROLE, ANNOTATION_KUBERNETES_AWS_CLUSTER_ID, ANNOTATION_KUBERNETES_AWS_EXTERNAL_ID, ANNOTATION_KUBERNETES_DASHBOARD_APP, ANNOTATION_KUBERNETES_DASHBOARD_PARAMETERS, ANNOTATION_KUBERNETES_DASHBOARD_URL, ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER, ANNOTATION_KUBERNETES_SKIP_METRICS_LOOKUP, ANNOTATION_KUBERNETES_SKIP_TLS_VERIFY, type AuthProviderType, type ClientContainerStatus, type ClientCurrentResourceUsage, type ClientPodStatus, type ClusterAttributes, type ClusterObjects, type ConfigMapFetchResponse, type CronJobsFetchResponse, type CustomObjectsByEntityRequest, type CustomResourceFetchResponse, type CustomResourceMatcher, type DaemonSetsFetchResponse, type DeploymentFetchResponse, type DeploymentResources, type DetectedError, type DetectedErrorsByCluster, type DocsSolution, type ErrorMapper, type ErrorSeverity, type EventsSolution, type FetchResponse, type GroupedResponses, type HorizontalPodAutoscalersFetchResponse, type IngressesFetchResponse, type JobsFetchResponse, type KubernetesErrorTypes, type KubernetesFetchError, type KubernetesRequestAuth, type KubernetesRequestBody, type LimitRangeFetchResponse, type LogSolution, type ObjectsByEntityResponse, type PodFetchResponse, type PodStatusFetchResponse, type ProposedFix, type ProposedFixBase, type RawFetchError, type ReplicaSetsFetchResponse, type ResourceQuotaFetchResponse, type ResourceRef, type SecretsFetchResponse, type ServiceFetchResponse, type StatefulSetsFetchResponse, type StatusError, type WorkloadsByEntityRequest, detectErrors, groupResponses, kubernetesClustersReadPermission, kubernetesPermissions, kubernetesProxyPermission, kubernetesResourcesReadPermission };

package/dist/index.esm.js

@@ -1,6 +1,6 @@
 export { ANNOTATION_KUBERNETES_API_SERVER, ANNOTATION_KUBERNETES_API_SERVER_CA, ANNOTATION_KUBERNETES_AUTH_PROVIDER, ANNOTATION_KUBERNETES_AWS_ASSUME_ROLE, ANNOTATION_KUBERNETES_AWS_CLUSTER_ID, ANNOTATION_KUBERNETES_AWS_EXTERNAL_ID, ANNOTATION_KUBERNETES_DASHBOARD_APP, ANNOTATION_KUBERNETES_DASHBOARD_PARAMETERS, ANNOTATION_KUBERNETES_DASHBOARD_URL, ANNOTATION_KUBERNETES_OIDC_TOKEN_PROVIDER, ANNOTATION_KUBERNETES_SKIP_METRICS_LOOKUP, ANNOTATION_KUBERNETES_SKIP_TLS_VERIFY } from './catalog-entity-constants.esm.js';
 export { SERVICEACCOUNT_CA_PATH } from './certificate-authority-constants.esm.js';
-export { kubernetesPermissions, kubernetesProxyPermission } from './permissions.esm.js';
+export { kubernetesClustersReadPermission, kubernetesPermissions, kubernetesProxyPermission, kubernetesResourcesReadPermission } from './permissions.esm.js';
 export { detectErrors } from './error-detection/error-detection.esm.js';
 export { groupResponses } from './util/response.esm.js';
 //# sourceMappingURL=index.esm.js.map

package/dist/permissions.cjs.js

@@ -6,8 +6,26 @@ const kubernetesProxyPermission = pluginPermissionCommon.createPermission({
   name: "kubernetes.proxy",
   attributes: {}
 });
-const kubernetesPermissions = [kubernetesProxyPermission];
+const kubernetesResourcesReadPermission = pluginPermissionCommon.createPermission({
+  name: "kubernetes.resources.read",
+  attributes: {
+    action: "read"
+  }
+});
+const kubernetesClustersReadPermission = pluginPermissionCommon.createPermission({
+  name: "kubernetes.clusters.read",
+  attributes: {
+    action: "read"
+  }
+});
+const kubernetesPermissions = [
+  kubernetesProxyPermission,
+  kubernetesResourcesReadPermission,
+  kubernetesClustersReadPermission
+];
 
+exports.kubernetesClustersReadPermission = kubernetesClustersReadPermission;
 exports.kubernetesPermissions = kubernetesPermissions;
 exports.kubernetesProxyPermission = kubernetesProxyPermission;
+exports.kubernetesResourcesReadPermission = kubernetesResourcesReadPermission;
 //# sourceMappingURL=permissions.cjs.js.map

package/dist/permissions.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"permissions.cjs.js","sources":["../src/permissions.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { createPermission } from '@backstage/plugin-permission-common';\n\n/** This permission is used to check access to the proxy endpoint\n * @public\n */\nexport const kubernetesProxyPermission = createPermission({\n  name: 'kubernetes.proxy',\n  attributes: {},\n});\n\n/**\n * List of all Kubernetes permissions.\n * @public\n */\nexport const kubernetesPermissions = [kubernetesProxyPermission];\n"],"names":["createPermission"],"mappings":";;;;AAqBO,MAAM,4BAA4BA,uCAAiB,CAAA;AAAA,EACxD,IAAM,EAAA,kBAAA;AAAA,EACN,YAAY;AACd,CAAC;AAMY,MAAA,qBAAA,GAAwB,CAAC,yBAAyB;;;;;"}
+{"version":3,"file":"permissions.cjs.js","sources":["../src/permissions.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { createPermission } from '@backstage/plugin-permission-common';\n\n/** This permission is used to check access to the proxy endpoint\n * @public\n */\nexport const kubernetesProxyPermission = createPermission({\n  name: 'kubernetes.proxy',\n  attributes: {},\n});\n\n/** This permission is used to check access to the /resources and /services/:serviceId endpoints\n * @public\n */\nexport const kubernetesResourcesReadPermission = createPermission({\n  name: 'kubernetes.resources.read',\n  attributes: {\n    action: 'read',\n  },\n});\n\n/** This permission is used to check access to the /clusters endpoint\n * @public\n */\nexport const kubernetesClustersReadPermission = createPermission({\n  name: 'kubernetes.clusters.read',\n  attributes: {\n    action: 'read',\n  },\n});\n\n/**\n * List of all Kubernetes permissions.\n * @public\n */\nexport const kubernetesPermissions = [\n  kubernetesProxyPermission,\n  kubernetesResourcesReadPermission,\n  kubernetesClustersReadPermission,\n];\n"],"names":["createPermission"],"mappings":";;;;AAqBO,MAAM,4BAA4BA,uCAAiB,CAAA;AAAA,EACxD,IAAM,EAAA,kBAAA;AAAA,EACN,YAAY;AACd,CAAC;AAKM,MAAM,oCAAoCA,uCAAiB,CAAA;AAAA,EAChE,IAAM,EAAA,2BAAA;AAAA,EACN,UAAY,EAAA;AAAA,IACV,MAAQ,EAAA;AAAA;AAEZ,CAAC;AAKM,MAAM,mCAAmCA,uCAAiB,CAAA;AAAA,EAC/D,IAAM,EAAA,0BAAA;AAAA,EACN,UAAY,EAAA;AAAA,IACV,MAAQ,EAAA;AAAA;AAEZ,CAAC;AAMM,MAAM,qBAAwB,GAAA;AAAA,EACnC,yBAAA;AAAA,EACA,iCAAA;AAAA,EACA;AACF;;;;;;;"}

package/dist/permissions.esm.js

@@ -4,7 +4,23 @@ const kubernetesProxyPermission = createPermission({
   name: "kubernetes.proxy",
   attributes: {}
 });
-const kubernetesPermissions = [kubernetesProxyPermission];
+const kubernetesResourcesReadPermission = createPermission({
+  name: "kubernetes.resources.read",
+  attributes: {
+    action: "read"
+  }
+});
+const kubernetesClustersReadPermission = createPermission({
+  name: "kubernetes.clusters.read",
+  attributes: {
+    action: "read"
+  }
+});
+const kubernetesPermissions = [
+  kubernetesProxyPermission,
+  kubernetesResourcesReadPermission,
+  kubernetesClustersReadPermission
+];
 
-export { kubernetesPermissions, kubernetesProxyPermission };
+export { kubernetesClustersReadPermission, kubernetesPermissions, kubernetesProxyPermission, kubernetesResourcesReadPermission };
 //# sourceMappingURL=permissions.esm.js.map

package/dist/permissions.esm.js.map

@@ -1 +1 @@
-{"version":3,"file":"permissions.esm.js","sources":["../src/permissions.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { createPermission } from '@backstage/plugin-permission-common';\n\n/** This permission is used to check access to the proxy endpoint\n * @public\n */\nexport const kubernetesProxyPermission = createPermission({\n  name: 'kubernetes.proxy',\n  attributes: {},\n});\n\n/**\n * List of all Kubernetes permissions.\n * @public\n */\nexport const kubernetesPermissions = [kubernetesProxyPermission];\n"],"names":[],"mappings":";;AAqBO,MAAM,4BAA4B,gBAAiB,CAAA;AAAA,EACxD,IAAM,EAAA,kBAAA;AAAA,EACN,YAAY;AACd,CAAC;AAMY,MAAA,qBAAA,GAAwB,CAAC,yBAAyB;;;;"}
+{"version":3,"file":"permissions.esm.js","sources":["../src/permissions.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { createPermission } from '@backstage/plugin-permission-common';\n\n/** This permission is used to check access to the proxy endpoint\n * @public\n */\nexport const kubernetesProxyPermission = createPermission({\n  name: 'kubernetes.proxy',\n  attributes: {},\n});\n\n/** This permission is used to check access to the /resources and /services/:serviceId endpoints\n * @public\n */\nexport const kubernetesResourcesReadPermission = createPermission({\n  name: 'kubernetes.resources.read',\n  attributes: {\n    action: 'read',\n  },\n});\n\n/** This permission is used to check access to the /clusters endpoint\n * @public\n */\nexport const kubernetesClustersReadPermission = createPermission({\n  name: 'kubernetes.clusters.read',\n  attributes: {\n    action: 'read',\n  },\n});\n\n/**\n * List of all Kubernetes permissions.\n * @public\n */\nexport const kubernetesPermissions = [\n  kubernetesProxyPermission,\n  kubernetesResourcesReadPermission,\n  kubernetesClustersReadPermission,\n];\n"],"names":[],"mappings":";;AAqBO,MAAM,4BAA4B,gBAAiB,CAAA;AAAA,EACxD,IAAM,EAAA,kBAAA;AAAA,EACN,YAAY;AACd,CAAC;AAKM,MAAM,oCAAoC,gBAAiB,CAAA;AAAA,EAChE,IAAM,EAAA,2BAAA;AAAA,EACN,UAAY,EAAA;AAAA,IACV,MAAQ,EAAA;AAAA;AAEZ,CAAC;AAKM,MAAM,mCAAmC,gBAAiB,CAAA;AAAA,EAC/D,IAAM,EAAA,0BAAA;AAAA,EACN,UAAY,EAAA;AAAA,IACV,MAAQ,EAAA;AAAA;AAEZ,CAAC;AAMM,MAAM,qBAAwB,GAAA;AAAA,EACnC,yBAAA;AAAA,EACA,iCAAA;AAAA,EACA;AACF;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-kubernetes-common",
-  "version": "0.9.3-next.0",
+  "version": "0.9.3",
   "description": "Common functionalities for kubernetes, to be shared between kubernetes and kubernetes-backend plugin",
   "backstage": {
     "role": "common-library",
@@ -52,16 +52,16 @@
     ]
   },
   "dependencies": {
-    "@backstage/catalog-model": "1.7.3",
-    "@backstage/plugin-permission-common": "0.8.4",
-    "@backstage/types": "1.2.1",
+    "@backstage/catalog-model": "^1.7.3",
+    "@backstage/plugin-permission-common": "^0.8.4",
+    "@backstage/types": "^1.2.1",
     "@kubernetes/client-node": "1.0.0-rc7",
     "kubernetes-models": "^4.3.1",
     "lodash": "^4.17.21",
     "luxon": "^3.0.0"
   },
   "devDependencies": {
-    "@backstage/cli": "0.30.0-next.0"
+    "@backstage/cli": "^0.30.0"
   },
   "typesVersions": {
     "*": {