@backstage/plugin-proxy-backend 0.6.14-next.0 → 0.6.15-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/config.schema.json +108 -0
- package/package.json +10 -10
- package/config.d.ts +0 -180
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,21 @@
|
|
|
1
1
|
# @backstage/plugin-proxy-backend
|
|
2
2
|
|
|
3
|
+
## 0.6.15-next.0
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- Updated dependencies
|
|
8
|
+
- @backstage/backend-plugin-api@1.9.3-next.0
|
|
9
|
+
- @backstage/plugin-proxy-node@0.1.17-next.0
|
|
10
|
+
|
|
11
|
+
## 0.6.14
|
|
12
|
+
|
|
13
|
+
### Patch Changes
|
|
14
|
+
|
|
15
|
+
- Updated dependencies
|
|
16
|
+
- @backstage/backend-plugin-api@1.9.2
|
|
17
|
+
- @backstage/plugin-proxy-node@0.1.16
|
|
18
|
+
|
|
3
19
|
## 0.6.14-next.0
|
|
4
20
|
|
|
5
21
|
### Patch Changes
|
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
3
|
+
"type": "object",
|
|
4
|
+
"properties": {
|
|
5
|
+
"proxy": {
|
|
6
|
+
"type": "object",
|
|
7
|
+
"properties": {
|
|
8
|
+
"skipInvalidProxies": {
|
|
9
|
+
"type": "boolean",
|
|
10
|
+
"description": "Rather than failing to start up, the proxy backend will instead just warn on invalid endpoints."
|
|
11
|
+
},
|
|
12
|
+
"reviveConsumedRequestBodies": {
|
|
13
|
+
"type": "boolean",
|
|
14
|
+
"description": "Revive request bodies that have already been consumed by earlier middleware."
|
|
15
|
+
},
|
|
16
|
+
"endpoints": {
|
|
17
|
+
"type": "object",
|
|
18
|
+
"additionalProperties": {
|
|
19
|
+
"anyOf": [
|
|
20
|
+
{
|
|
21
|
+
"type": "string"
|
|
22
|
+
},
|
|
23
|
+
{
|
|
24
|
+
"type": "object",
|
|
25
|
+
"properties": {
|
|
26
|
+
"target": {
|
|
27
|
+
"type": "string",
|
|
28
|
+
"description": "Target of the proxy. Url string to be parsed with the url module."
|
|
29
|
+
},
|
|
30
|
+
"headers": {
|
|
31
|
+
"type": "object",
|
|
32
|
+
"properties": {
|
|
33
|
+
"Authorization": {
|
|
34
|
+
"type": "string",
|
|
35
|
+
"visibility": "secret"
|
|
36
|
+
},
|
|
37
|
+
"authorization": {
|
|
38
|
+
"type": "string",
|
|
39
|
+
"visibility": "secret"
|
|
40
|
+
},
|
|
41
|
+
"X-Api-Key": {
|
|
42
|
+
"type": "string",
|
|
43
|
+
"visibility": "secret"
|
|
44
|
+
},
|
|
45
|
+
"x-api-key": {
|
|
46
|
+
"type": "string",
|
|
47
|
+
"visibility": "secret"
|
|
48
|
+
}
|
|
49
|
+
},
|
|
50
|
+
"additionalProperties": {
|
|
51
|
+
"anyOf": [
|
|
52
|
+
{
|
|
53
|
+
"type": "string"
|
|
54
|
+
},
|
|
55
|
+
{
|
|
56
|
+
"not": {}
|
|
57
|
+
}
|
|
58
|
+
]
|
|
59
|
+
},
|
|
60
|
+
"description": "Object with extra headers to be added to target requests."
|
|
61
|
+
},
|
|
62
|
+
"changeOrigin": {
|
|
63
|
+
"type": "boolean",
|
|
64
|
+
"description": "Changes the origin of the host header to the target URL. Default: true."
|
|
65
|
+
},
|
|
66
|
+
"pathRewrite": {
|
|
67
|
+
"type": "object",
|
|
68
|
+
"additionalProperties": {
|
|
69
|
+
"type": "string"
|
|
70
|
+
},
|
|
71
|
+
"description": "Rewrite target's url path. Object-keys will be used as RegExp to match paths. If pathRewrite is not specified, it is set to a single rewrite that removes the entire prefix and route."
|
|
72
|
+
},
|
|
73
|
+
"allowedMethods": {
|
|
74
|
+
"type": "array",
|
|
75
|
+
"items": {
|
|
76
|
+
"type": "string"
|
|
77
|
+
},
|
|
78
|
+
"description": "Limit the forwarded HTTP methods, for example allowedMethods: ['GET'] to enforce read-only access."
|
|
79
|
+
},
|
|
80
|
+
"allowedHeaders": {
|
|
81
|
+
"type": "array",
|
|
82
|
+
"items": {
|
|
83
|
+
"type": "string"
|
|
84
|
+
},
|
|
85
|
+
"description": "Limit the forwarded HTTP methods. By default, only the headers that are considered safe for CORS and headers that are set by the proxy will be forwarded."
|
|
86
|
+
},
|
|
87
|
+
"credentials": {
|
|
88
|
+
"type": "string",
|
|
89
|
+
"enum": [
|
|
90
|
+
"require",
|
|
91
|
+
"forward",
|
|
92
|
+
"dangerously-allow-unauthenticated"
|
|
93
|
+
],
|
|
94
|
+
"description": "The credentials policy to apply."
|
|
95
|
+
}
|
|
96
|
+
},
|
|
97
|
+
"required": [
|
|
98
|
+
"target"
|
|
99
|
+
]
|
|
100
|
+
}
|
|
101
|
+
]
|
|
102
|
+
},
|
|
103
|
+
"description": "A list of forwarding-proxies. Each key is a route to match, below the prefix that the proxy plugin is mounted on. It must start with a '/'."
|
|
104
|
+
}
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@backstage/plugin-proxy-backend",
|
|
3
|
-
"version": "0.6.
|
|
3
|
+
"version": "0.6.15-next.0",
|
|
4
4
|
"description": "A Backstage backend plugin that helps you set up proxy endpoints in the backend",
|
|
5
5
|
"backstage": {
|
|
6
6
|
"role": "backend-plugin",
|
|
@@ -45,7 +45,7 @@
|
|
|
45
45
|
},
|
|
46
46
|
"files": [
|
|
47
47
|
"dist",
|
|
48
|
-
"config.
|
|
48
|
+
"config.schema.json"
|
|
49
49
|
],
|
|
50
50
|
"scripts": {
|
|
51
51
|
"build": "backstage-cli package build",
|
|
@@ -57,23 +57,23 @@
|
|
|
57
57
|
"test": "backstage-cli package test"
|
|
58
58
|
},
|
|
59
59
|
"dependencies": {
|
|
60
|
-
"@backstage/backend-plugin-api": "1.9.
|
|
61
|
-
"@backstage/plugin-proxy-node": "0.1.
|
|
60
|
+
"@backstage/backend-plugin-api": "1.9.3-next.0",
|
|
61
|
+
"@backstage/plugin-proxy-node": "0.1.17-next.0",
|
|
62
62
|
"@backstage/types": "1.2.2",
|
|
63
63
|
"express-promise-router": "^4.1.0",
|
|
64
64
|
"http-proxy-middleware": "^2.0.0"
|
|
65
65
|
},
|
|
66
66
|
"devDependencies": {
|
|
67
|
-
"@backstage/backend-app-api": "1.7.
|
|
68
|
-
"@backstage/backend-defaults": "0.17.
|
|
69
|
-
"@backstage/backend-test-utils": "1.11.
|
|
70
|
-
"@backstage/cli": "0.36.
|
|
71
|
-
"@backstage/config-loader": "1.
|
|
67
|
+
"@backstage/backend-app-api": "1.7.2-next.0",
|
|
68
|
+
"@backstage/backend-defaults": "0.17.4-next.0",
|
|
69
|
+
"@backstage/backend-test-utils": "1.11.5-next.0",
|
|
70
|
+
"@backstage/cli": "0.36.4-next.0",
|
|
71
|
+
"@backstage/config-loader": "1.11.0-next.0",
|
|
72
72
|
"@backstage/errors": "1.3.1",
|
|
73
73
|
"@types/express": "^4.17.6",
|
|
74
74
|
"@types/http-proxy-middleware": "^1.0.0",
|
|
75
75
|
"express": "^4.22.0",
|
|
76
76
|
"msw": "^2.0.0"
|
|
77
77
|
},
|
|
78
|
-
"configSchema": "config.
|
|
78
|
+
"configSchema": "config.schema.json"
|
|
79
79
|
}
|
package/config.d.ts
DELETED
|
@@ -1,180 +0,0 @@
|
|
|
1
|
-
/*
|
|
2
|
-
* Copyright 2020 The Backstage Authors
|
|
3
|
-
*
|
|
4
|
-
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
-
* you may not use this file except in compliance with the License.
|
|
6
|
-
* You may obtain a copy of the License at
|
|
7
|
-
*
|
|
8
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
-
*
|
|
10
|
-
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
-
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
-
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
-
* See the License for the specific language governing permissions and
|
|
14
|
-
* limitations under the License.
|
|
15
|
-
*/
|
|
16
|
-
|
|
17
|
-
export interface Config {
|
|
18
|
-
proxy?: {
|
|
19
|
-
/**
|
|
20
|
-
* Rather than failing to start up, the proxy backend will instead just warn on invalid endpoints.
|
|
21
|
-
*/
|
|
22
|
-
skipInvalidProxies?: boolean;
|
|
23
|
-
|
|
24
|
-
/**
|
|
25
|
-
* Revive request bodies that have already been consumed by earlier middleware.
|
|
26
|
-
*/
|
|
27
|
-
reviveConsumedRequestBodies?: boolean;
|
|
28
|
-
|
|
29
|
-
/**
|
|
30
|
-
* A list of forwarding-proxies. Each key is a route to match,
|
|
31
|
-
* below the prefix that the proxy plugin is mounted on. It must
|
|
32
|
-
* start with a '/'.
|
|
33
|
-
*/
|
|
34
|
-
endpoints?: {
|
|
35
|
-
[key: string]:
|
|
36
|
-
| string
|
|
37
|
-
| {
|
|
38
|
-
/**
|
|
39
|
-
* Target of the proxy. Url string to be parsed with the url module.
|
|
40
|
-
*/
|
|
41
|
-
target: string;
|
|
42
|
-
/**
|
|
43
|
-
* Object with extra headers to be added to target requests.
|
|
44
|
-
*/
|
|
45
|
-
headers?: {
|
|
46
|
-
/** @visibility secret */
|
|
47
|
-
Authorization?: string;
|
|
48
|
-
/** @visibility secret */
|
|
49
|
-
authorization?: string;
|
|
50
|
-
/** @visibility secret */
|
|
51
|
-
'X-Api-Key'?: string;
|
|
52
|
-
/** @visibility secret */
|
|
53
|
-
'x-api-key'?: string;
|
|
54
|
-
[key: string]: string | undefined;
|
|
55
|
-
};
|
|
56
|
-
/**
|
|
57
|
-
* Changes the origin of the host header to the target URL. Default: true.
|
|
58
|
-
*/
|
|
59
|
-
changeOrigin?: boolean;
|
|
60
|
-
/**
|
|
61
|
-
* Rewrite target's url path. Object-keys will be used as RegExp to match paths.
|
|
62
|
-
* If pathRewrite is not specified, it is set to a single rewrite that removes the entire prefix and route.
|
|
63
|
-
*/
|
|
64
|
-
pathRewrite?: { [regexp: string]: string };
|
|
65
|
-
/**
|
|
66
|
-
* Limit the forwarded HTTP methods, for example allowedMethods: ['GET'] to enforce read-only access.
|
|
67
|
-
*/
|
|
68
|
-
allowedMethods?: string[];
|
|
69
|
-
/**
|
|
70
|
-
* Limit the forwarded HTTP methods. By default, only the headers that are considered safe for CORS
|
|
71
|
-
* and headers that are set by the proxy will be forwarded.
|
|
72
|
-
*/
|
|
73
|
-
allowedHeaders?: string[];
|
|
74
|
-
/**
|
|
75
|
-
* The credentials policy to apply.
|
|
76
|
-
*
|
|
77
|
-
* @remarks
|
|
78
|
-
*
|
|
79
|
-
* The values are as follows:
|
|
80
|
-
*
|
|
81
|
-
* - 'require': Callers must provide Backstage user or service
|
|
82
|
-
* credentials with each request. The credentials are not
|
|
83
|
-
* forwarded to the proxy target.
|
|
84
|
-
* - 'forward': Callers must provide Backstage user or service
|
|
85
|
-
* credentials with each request, and those credentials are
|
|
86
|
-
* forwarded to the proxy target.
|
|
87
|
-
* - 'dangerously-allow-unauthenticated': No Backstage credentials
|
|
88
|
-
* are required to access this proxy target. The target can still
|
|
89
|
-
* apply its own credentials checks, but the proxy will not help
|
|
90
|
-
* block non-Backstage-blessed callers.
|
|
91
|
-
*
|
|
92
|
-
* Note that if you have
|
|
93
|
-
* `backend.auth.dangerouslyDisableDefaultAuthPolicy` set to `true`,
|
|
94
|
-
* the `credentials` value does not apply; the proxy will behave as
|
|
95
|
-
* if all endpoints were set to `dangerously-allow-unauthenticated`.
|
|
96
|
-
*/
|
|
97
|
-
credentials?:
|
|
98
|
-
| 'require'
|
|
99
|
-
| 'forward'
|
|
100
|
-
| 'dangerously-allow-unauthenticated';
|
|
101
|
-
};
|
|
102
|
-
};
|
|
103
|
-
} & {
|
|
104
|
-
/**
|
|
105
|
-
* This was the legacy way of expressing proxies, and is now deprecated. We
|
|
106
|
-
* keep it around in the config schema, to ensure that legacy setups still
|
|
107
|
-
* have properly secret-marked values so that they get redacted.
|
|
108
|
-
*
|
|
109
|
-
* TODO(freben): Remove this in the future (suggestion: after 2024-03-01)
|
|
110
|
-
* when people likely have moved off of this format.
|
|
111
|
-
*/
|
|
112
|
-
[key: string]:
|
|
113
|
-
| string
|
|
114
|
-
| {
|
|
115
|
-
/**
|
|
116
|
-
* Target of the proxy. Url string to be parsed with the url module.
|
|
117
|
-
*/
|
|
118
|
-
target: string;
|
|
119
|
-
/**
|
|
120
|
-
* Object with extra headers to be added to target requests.
|
|
121
|
-
*/
|
|
122
|
-
headers?: {
|
|
123
|
-
/** @visibility secret */
|
|
124
|
-
Authorization?: string;
|
|
125
|
-
/** @visibility secret */
|
|
126
|
-
authorization?: string;
|
|
127
|
-
/** @visibility secret */
|
|
128
|
-
'X-Api-Key'?: string;
|
|
129
|
-
/** @visibility secret */
|
|
130
|
-
'x-api-key'?: string;
|
|
131
|
-
[key: string]: string | undefined;
|
|
132
|
-
};
|
|
133
|
-
/**
|
|
134
|
-
* Changes the origin of the host header to the target URL. Default: true.
|
|
135
|
-
*/
|
|
136
|
-
changeOrigin?: boolean;
|
|
137
|
-
/**
|
|
138
|
-
* Rewrite target's url path. Object-keys will be used as RegExp to match paths.
|
|
139
|
-
* If pathRewrite is not specified, it is set to a single rewrite that removes the entire prefix and route.
|
|
140
|
-
*/
|
|
141
|
-
pathRewrite?: { [regexp: string]: string };
|
|
142
|
-
/**
|
|
143
|
-
* Limit the forwarded HTTP methods, for example allowedMethods: ['GET'] to enforce read-only access.
|
|
144
|
-
*/
|
|
145
|
-
allowedMethods?: string[];
|
|
146
|
-
/**
|
|
147
|
-
* Limit the forwarded HTTP methods. By default, only the headers that are considered safe for CORS
|
|
148
|
-
* and headers that are set by the proxy will be forwarded.
|
|
149
|
-
*/
|
|
150
|
-
allowedHeaders?: string[];
|
|
151
|
-
/**
|
|
152
|
-
* The credentials policy to apply.
|
|
153
|
-
*
|
|
154
|
-
* @remarks
|
|
155
|
-
*
|
|
156
|
-
* The values are as follows:
|
|
157
|
-
*
|
|
158
|
-
* - 'require': Callers must provide Backstage user or service
|
|
159
|
-
* credentials with each request. The credentials are not forwarded
|
|
160
|
-
* to the proxy target.
|
|
161
|
-
* - 'forward': Callers must provide Backstage user or service
|
|
162
|
-
* credentials with each request, and those credentials are
|
|
163
|
-
* forwarded to the proxy target.
|
|
164
|
-
* - 'dangerously-allow-unauthenticated': No Backstage credentials are
|
|
165
|
-
* required to access this proxy target. The target can still apply
|
|
166
|
-
* its own credentials checks, but the proxy will not help block
|
|
167
|
-
* non-Backstage-blessed callers.
|
|
168
|
-
*
|
|
169
|
-
* Note that if you have
|
|
170
|
-
* `backend.auth.dangerouslyDisableDefaultAuthPolicy` set to `true`,
|
|
171
|
-
* the `credentials` value does not apply; the proxy will behave as if
|
|
172
|
-
* all endpoints were set to `dangerously-allow-unauthenticated`.
|
|
173
|
-
*/
|
|
174
|
-
credentials?:
|
|
175
|
-
| 'require'
|
|
176
|
-
| 'forward'
|
|
177
|
-
| 'dangerously-allow-unauthenticated';
|
|
178
|
-
};
|
|
179
|
-
};
|
|
180
|
-
}
|