@backstage/plugin-scaffolder-backend 1.1.0 → 1.2.0

package/dist/index.cjs.js

@@ -734,6 +734,7 @@ const enableBranchProtectionOnDefaultRepoBranch = async ({
   owner,
   logger,
   requireCodeOwnerReviews,
+  requiredStatusCheckContexts = [],
   defaultBranch = "master"
 }) => {
   const tryOnce = async () => {
@@ -745,7 +746,10 @@ const enableBranchProtectionOnDefaultRepoBranch = async ({
         owner,
         repo: repoName,
         branch: defaultBranch,
-        required_status_checks: { strict: true, contexts: [] },
+        required_status_checks: {
+          strict: true,
+          contexts: requiredStatusCheckContexts
+        },
         restrictions: null,
         enforce_admins: true,
         required_pull_request_reviews: {
@@ -850,6 +854,21 @@ function createPublishAzureAction(options) {
             type: "string",
             description: `Sets the default branch on the repository. The default value is 'master'`
           },
+          gitCommitMessage: {
+            title: "Git Commit Message",
+            type: "string",
+            description: `Sets the commit message on the repository. The default value is 'initial commit'`
+          },
+          gitAuthorName: {
+            title: "Default Author Name",
+            type: "string",
+            description: `Sets the default author name for the commit. The default value is 'Scaffolder'`
+          },
+          gitAuthorEmail: {
+            title: "Default Author Email",
+            type: "string",
+            description: `Sets the default author email for the commit.`
+          },
           sourcePath: {
             title: "Source Path",
             description: "Path within the workspace that will be used as the repository root. If omitted, the entire workspace will be published as the repository.",
@@ -878,7 +897,13 @@ function createPublishAzureAction(options) {
     },
     async handler(ctx) {
       var _a;
-      const { repoUrl, defaultBranch = "master" } = ctx.input;
+      const {
+        repoUrl,
+        defaultBranch = "master",
+        gitCommitMessage = "initial commit",
+        gitAuthorName,
+        gitAuthorEmail
+      } = ctx.input;
       const { owner, repo, host, organization } = parseRepoUrl(repoUrl, integrations);
       if (!organization) {
         throw new errors.InputError(`Invalid URL provider was included in the repo URL to create ${ctx.input.repoUrl}, missing organization`);
@@ -906,8 +931,8 @@ function createPublishAzureAction(options) {
       }
       const repoContentsUrl = remoteUrl;
       const gitAuthorInfo = {
-        name: config.getOptionalString("scaffolder.defaultAuthor.name"),
-        email: config.getOptionalString("scaffolder.defaultAuthor.email")
+        name: gitAuthorName ? gitAuthorName : config.getOptionalString("scaffolder.defaultAuthor.name"),
+        email: gitAuthorEmail ? gitAuthorEmail : config.getOptionalString("scaffolder.defaultAuthor.email")
       };
       await initRepoAndPush({
         dir: getRepoSourceDirectory(ctx.workspacePath, ctx.input.sourcePath),
@@ -918,7 +943,7 @@ function createPublishAzureAction(options) {
           password: token
         },
         logger: ctx.logger,
-        commitMessage: config.getOptionalString("scaffolder.defaultCommitMessage"),
+        commitMessage: gitCommitMessage ? gitCommitMessage : config.getOptionalString("scaffolder.defaultCommitMessage"),
         gitAuthorInfo
       });
       ctx.output("remoteUrl", remoteUrl);
@@ -1010,7 +1035,7 @@ const createBitbucketServerRepository = async (opts) => {
   const repoContentsUrl = `${r.links.self[0].href}`;
   return { remoteUrl, repoContentsUrl };
 };
-const getAuthorizationHeader = (config) => {
+const getAuthorizationHeader$2 = (config) => {
   if (config.username && config.appPassword) {
     const buffer = Buffer.from(`${config.username}:${config.appPassword}`, "utf8");
     return `Basic ${buffer.toString("base64")}`;
@@ -1020,7 +1045,7 @@ const getAuthorizationHeader = (config) => {
   }
   throw new Error(`Authorization has not been provided for Bitbucket. Please add either username + appPassword or token to the Integrations config`);
 };
-const performEnableLFS = async (opts) => {
+const performEnableLFS$1 = async (opts) => {
   const { authorization, host, project, repo } = opts;
   const options = {
     method: "PUT",
@@ -1074,6 +1099,21 @@ function createPublishBitbucketAction(options) {
             title: "Authentication Token",
             type: "string",
             description: "The token to use for authorization to BitBucket"
+          },
+          gitCommitMessage: {
+            title: "Git Commit Message",
+            type: "string",
+            description: `Sets the commit message on the repository. The default value is 'initial commit'`
+          },
+          gitAuthorName: {
+            title: "Default Author Name",
+            type: "string",
+            description: `Sets the default author name for the commit. The default value is 'Scaffolder'`
+          },
+          gitAuthorEmail: {
+            title: "Default Author Email",
+            type: "string",
+            description: `Sets the default author email for the commit.`
           }
         }
       },
@@ -1093,12 +1133,16 @@ function createPublishBitbucketAction(options) {
     },
     async handler(ctx) {
       var _a;
+      ctx.logger.warn(`[Deprecated] Please migrate the use of action "publish:bitbucket" to "publish:bitbucketCloud" or "publish:bitbucketServer".`);
       const {
         repoUrl,
         description,
         defaultBranch = "master",
         repoVisibility = "private",
-        enableLFS = false
+        enableLFS = false,
+        gitCommitMessage = "initial commit",
+        gitAuthorName,
+        gitAuthorEmail
       } = ctx.input;
       const { workspace, project, repo, host } = parseRepoUrl(repoUrl, integrations);
       if (host === "bitbucket.org") {
@@ -1113,7 +1157,7 @@ function createPublishBitbucketAction(options) {
       if (!integrationConfig) {
         throw new errors.InputError(`No matching integration configuration for host ${host}, please check your integrations config`);
       }
-      const authorization = getAuthorizationHeader(ctx.input.token ? {
+      const authorization = getAuthorizationHeader$2(ctx.input.token ? {
         host: integrationConfig.config.host,
         apiBaseUrl: integrationConfig.config.apiBaseUrl,
         token: ctx.input.token
@@ -1131,8 +1175,8 @@ function createPublishBitbucketAction(options) {
         apiBaseUrl
       });
       const gitAuthorInfo = {
-        name: config.getOptionalString("scaffolder.defaultAuthor.name"),
-        email: config.getOptionalString("scaffolder.defaultAuthor.email")
+        name: gitAuthorName ? gitAuthorName : config.getOptionalString("scaffolder.defaultAuthor.name"),
+        email: gitAuthorEmail ? gitAuthorEmail : config.getOptionalString("scaffolder.defaultAuthor.email")
       };
       let auth;
       if (ctx.input.token) {
@@ -1152,10 +1196,352 @@ function createPublishBitbucketAction(options) {
         auth,
         defaultBranch,
         logger: ctx.logger,
-        commitMessage: config.getOptionalString("scaffolder.defaultCommitMessage"),
+        commitMessage: gitCommitMessage ? gitCommitMessage : config.getOptionalString("scaffolder.defaultCommitMessage"),
         gitAuthorInfo
       });
       if (enableLFS && host !== "bitbucket.org") {
+        await performEnableLFS$1({ authorization, host, project, repo });
+      }
+      ctx.output("remoteUrl", remoteUrl);
+      ctx.output("repoContentsUrl", repoContentsUrl);
+    }
+  });
+}
+
+const createRepository$1 = async (opts) => {
+  const {
+    workspace,
+    project,
+    repo,
+    description,
+    repoVisibility,
+    mainBranch,
+    authorization,
+    apiBaseUrl
+  } = opts;
+  const options = {
+    method: "POST",
+    body: JSON.stringify({
+      scm: "git",
+      description,
+      is_private: repoVisibility === "private",
+      project: { key: project }
+    }),
+    headers: {
+      Authorization: authorization,
+      "Content-Type": "application/json"
+    }
+  };
+  let response;
+  try {
+    response = await fetch__default["default"](`${apiBaseUrl}/repositories/${workspace}/${repo}`, options);
+  } catch (e) {
+    throw new Error(`Unable to create repository, ${e}`);
+  }
+  if (response.status !== 200) {
+    throw new Error(`Unable to create repository, ${response.status} ${response.statusText}, ${await response.text()}`);
+  }
+  const r = await response.json();
+  let remoteUrl = "";
+  for (const link of r.links.clone) {
+    if (link.name === "https") {
+      remoteUrl = link.href;
+    }
+  }
+  const repoContentsUrl = `${r.links.html.href}/src/${mainBranch}`;
+  return { remoteUrl, repoContentsUrl };
+};
+const getAuthorizationHeader$1 = (config) => {
+  if (config.username && config.appPassword) {
+    const buffer = Buffer.from(`${config.username}:${config.appPassword}`, "utf8");
+    return `Basic ${buffer.toString("base64")}`;
+  }
+  if (config.token) {
+    return `Bearer ${config.token}`;
+  }
+  throw new Error(`Authorization has not been provided for Bitbucket Cloud. Please add either username + appPassword to the Integrations config or a user login auth token`);
+};
+function createPublishBitbucketCloudAction(options) {
+  const { integrations, config } = options;
+  return createTemplateAction({
+    id: "publish:bitbucketCloud",
+    description: "Initializes a git repository of the content in the workspace, and publishes it to Bitbucket Cloud.",
+    schema: {
+      input: {
+        type: "object",
+        required: ["repoUrl"],
+        properties: {
+          repoUrl: {
+            title: "Repository Location",
+            type: "string"
+          },
+          description: {
+            title: "Repository Description",
+            type: "string"
+          },
+          repoVisibility: {
+            title: "Repository Visibility",
+            type: "string",
+            enum: ["private", "public"]
+          },
+          defaultBranch: {
+            title: "Default Branch",
+            type: "string",
+            description: `Sets the default branch on the repository. The default value is 'master'`
+          },
+          sourcePath: {
+            title: "Source Path",
+            description: "Path within the workspace that will be used as the repository root. If omitted, the entire workspace will be published as the repository.",
+            type: "string"
+          },
+          token: {
+            title: "Authentication Token",
+            type: "string",
+            description: "The token to use for authorization to BitBucket Cloud"
+          }
+        }
+      },
+      output: {
+        type: "object",
+        properties: {
+          remoteUrl: {
+            title: "A URL to the repository with the provider",
+            type: "string"
+          },
+          repoContentsUrl: {
+            title: "A URL to the root of the repository",
+            type: "string"
+          }
+        }
+      }
+    },
+    async handler(ctx) {
+      const {
+        repoUrl,
+        description,
+        defaultBranch = "master",
+        repoVisibility = "private"
+      } = ctx.input;
+      const { workspace, project, repo, host } = parseRepoUrl(repoUrl, integrations);
+      if (!workspace) {
+        throw new errors.InputError(`Invalid URL provider was included in the repo URL to create ${ctx.input.repoUrl}, missing workspace`);
+      }
+      if (!project) {
+        throw new errors.InputError(`Invalid URL provider was included in the repo URL to create ${ctx.input.repoUrl}, missing project`);
+      }
+      const integrationConfig = integrations.bitbucketCloud.byHost(host);
+      if (!integrationConfig) {
+        throw new errors.InputError(`No matching integration configuration for host ${host}, please check your integrations config`);
+      }
+      const authorization = getAuthorizationHeader$1(ctx.input.token ? { token: ctx.input.token } : integrationConfig.config);
+      const apiBaseUrl = integrationConfig.config.apiBaseUrl;
+      const { remoteUrl, repoContentsUrl } = await createRepository$1({
+        authorization,
+        workspace: workspace || "",
+        project,
+        repo,
+        repoVisibility,
+        mainBranch: defaultBranch,
+        description,
+        apiBaseUrl
+      });
+      const gitAuthorInfo = {
+        name: config.getOptionalString("scaffolder.defaultAuthor.name"),
+        email: config.getOptionalString("scaffolder.defaultAuthor.email")
+      };
+      let auth;
+      if (ctx.input.token) {
+        auth = {
+          username: "x-token-auth",
+          password: ctx.input.token
+        };
+      } else {
+        if (!integrationConfig.config.username || !integrationConfig.config.appPassword) {
+          throw new Error("Credentials for Bitbucket Cloud integration required for this action.");
+        }
+        auth = {
+          username: integrationConfig.config.username,
+          password: integrationConfig.config.appPassword
+        };
+      }
+      await initRepoAndPush({
+        dir: getRepoSourceDirectory(ctx.workspacePath, ctx.input.sourcePath),
+        remoteUrl,
+        auth,
+        defaultBranch,
+        logger: ctx.logger,
+        commitMessage: config.getOptionalString("scaffolder.defaultCommitMessage"),
+        gitAuthorInfo
+      });
+      ctx.output("remoteUrl", remoteUrl);
+      ctx.output("repoContentsUrl", repoContentsUrl);
+    }
+  });
+}
+
+const createRepository = async (opts) => {
+  const {
+    project,
+    repo,
+    description,
+    authorization,
+    repoVisibility,
+    apiBaseUrl
+  } = opts;
+  let response;
+  const options = {
+    method: "POST",
+    body: JSON.stringify({
+      name: repo,
+      description,
+      public: repoVisibility === "public"
+    }),
+    headers: {
+      Authorization: authorization,
+      "Content-Type": "application/json"
+    }
+  };
+  try {
+    response = await fetch__default["default"](`${apiBaseUrl}/projects/${project}/repos`, options);
+  } catch (e) {
+    throw new Error(`Unable to create repository, ${e}`);
+  }
+  if (response.status !== 201) {
+    throw new Error(`Unable to create repository, ${response.status} ${response.statusText}, ${await response.text()}`);
+  }
+  const r = await response.json();
+  let remoteUrl = "";
+  for (const link of r.links.clone) {
+    if (link.name === "http") {
+      remoteUrl = link.href;
+    }
+  }
+  const repoContentsUrl = `${r.links.self[0].href}`;
+  return { remoteUrl, repoContentsUrl };
+};
+const getAuthorizationHeader = (config) => {
+  return `Bearer ${config.token}`;
+};
+const performEnableLFS = async (opts) => {
+  const { authorization, host, project, repo } = opts;
+  const options = {
+    method: "PUT",
+    headers: {
+      Authorization: authorization
+    }
+  };
+  const { ok, status, statusText } = await fetch__default["default"](`https://${host}/rest/git-lfs/admin/projects/${project}/repos/${repo}/enabled`, options);
+  if (!ok)
+    throw new Error(`Failed to enable LFS in the repository, ${status}: ${statusText}`);
+};
+function createPublishBitbucketServerAction(options) {
+  const { integrations, config } = options;
+  return createTemplateAction({
+    id: "publish:bitbucketServer",
+    description: "Initializes a git repository of the content in the workspace, and publishes it to Bitbucket Server.",
+    schema: {
+      input: {
+        type: "object",
+        required: ["repoUrl"],
+        properties: {
+          repoUrl: {
+            title: "Repository Location",
+            type: "string"
+          },
+          description: {
+            title: "Repository Description",
+            type: "string"
+          },
+          repoVisibility: {
+            title: "Repository Visibility",
+            type: "string",
+            enum: ["private", "public"]
+          },
+          defaultBranch: {
+            title: "Default Branch",
+            type: "string",
+            description: `Sets the default branch on the repository. The default value is 'master'`
+          },
+          sourcePath: {
+            title: "Source Path",
+            description: "Path within the workspace that will be used as the repository root. If omitted, the entire workspace will be published as the repository.",
+            type: "string"
+          },
+          enableLFS: {
+            title: "Enable LFS?",
+            description: "Enable LFS for the repository.",
+            type: "boolean"
+          },
+          token: {
+            title: "Authentication Token",
+            type: "string",
+            description: "The token to use for authorization to BitBucket Server"
+          }
+        }
+      },
+      output: {
+        type: "object",
+        properties: {
+          remoteUrl: {
+            title: "A URL to the repository with the provider",
+            type: "string"
+          },
+          repoContentsUrl: {
+            title: "A URL to the root of the repository",
+            type: "string"
+          }
+        }
+      }
+    },
+    async handler(ctx) {
+      var _a;
+      const {
+        repoUrl,
+        description,
+        defaultBranch = "master",
+        repoVisibility = "private",
+        enableLFS = false
+      } = ctx.input;
+      const { project, repo, host } = parseRepoUrl(repoUrl, integrations);
+      if (!project) {
+        throw new errors.InputError(`Invalid URL provider was included in the repo URL to create ${ctx.input.repoUrl}, missing project`);
+      }
+      const integrationConfig = integrations.bitbucketServer.byHost(host);
+      if (!integrationConfig) {
+        throw new errors.InputError(`No matching integration configuration for host ${host}, please check your integrations config`);
+      }
+      const token = (_a = ctx.input.token) != null ? _a : integrationConfig.config.token;
+      if (!token) {
+        throw new Error(`Authorization has not been provided for ${integrationConfig.config.host}. Please add either token to the Integrations config or a user login auth token`);
+      }
+      const authorization = getAuthorizationHeader({ token });
+      const apiBaseUrl = integrationConfig.config.apiBaseUrl;
+      const { remoteUrl, repoContentsUrl } = await createRepository({
+        authorization,
+        project,
+        repo,
+        repoVisibility,
+        description,
+        apiBaseUrl
+      });
+      const gitAuthorInfo = {
+        name: config.getOptionalString("scaffolder.defaultAuthor.name"),
+        email: config.getOptionalString("scaffolder.defaultAuthor.email")
+      };
+      const auth = {
+        username: "x-token-auth",
+        password: token
+      };
+      await initRepoAndPush({
+        dir: getRepoSourceDirectory(ctx.workspacePath, ctx.input.sourcePath),
+        remoteUrl,
+        auth,
+        defaultBranch,
+        logger: ctx.logger,
+        commitMessage: config.getOptionalString("scaffolder.defaultCommitMessage"),
+        gitAuthorInfo
+      });
+      if (enableLFS) {
         await performEnableLFS({ authorization, host, project, repo });
       }
       ctx.output("remoteUrl", remoteUrl);
@@ -1258,6 +1644,14 @@ function createPublishGithubAction(options) {
             description: "Require an approved review in PR including files with a designated Code Owner",
             type: "boolean"
           },
+          requiredStatusCheckContexts: {
+            title: "Required Status Check Contexts",
+            description: "The list of status checks to require in order to merge into this branch",
+            type: "array",
+            items: {
+              type: "string"
+            }
+          },
           repoVisibility: {
             title: "Repository Visibility",
             type: "string",
@@ -1273,6 +1667,21 @@ function createPublishGithubAction(options) {
             type: "boolean",
             description: `Delete the branch after merging the PR. The default value is 'false'`
           },
+          gitCommitMessage: {
+            title: "Git Commit Message",
+            type: "string",
+            description: `Sets the commit message on the repository. The default value is 'initial commit'`
+          },
+          gitAuthorName: {
+            title: "Default Author Name",
+            type: "string",
+            description: `Sets the default author name for the commit. The default value is 'Scaffolder'`
+          },
+          gitAuthorEmail: {
+            title: "Default Author Email",
+            type: "string",
+            description: `Sets the default author email for the commit.`
+          },
           allowMergeCommit: {
             title: "Allow Merge Commits",
             type: "boolean",
@@ -1347,9 +1756,13 @@ function createPublishGithubAction(options) {
         description,
         access,
         requireCodeOwnerReviews = false,
+        requiredStatusCheckContexts = [],
         repoVisibility = "private",
         defaultBranch = "master",
         deleteBranchOnMerge = false,
+        gitCommitMessage = "initial commit",
+        gitAuthorName,
+        gitAuthorEmail,
         allowMergeCommit = true,
         allowSquashMerge = true,
         allowRebaseMerge = true,
@@ -1442,8 +1855,8 @@ function createPublishGithubAction(options) {
       const remoteUrl = newRepo.clone_url;
       const repoContentsUrl = `${newRepo.html_url}/blob/${defaultBranch}`;
       const gitAuthorInfo = {
-        name: config.getOptionalString("scaffolder.defaultAuthor.name"),
-        email: config.getOptionalString("scaffolder.defaultAuthor.email")
+        name: gitAuthorName ? gitAuthorName : config.getOptionalString("scaffolder.defaultAuthor.name"),
+        email: gitAuthorEmail ? gitAuthorEmail : config.getOptionalString("scaffolder.defaultAuthor.email")
       };
       await initRepoAndPush({
         dir: getRepoSourceDirectory(ctx.workspacePath, ctx.input.sourcePath),
@@ -1454,7 +1867,7 @@ function createPublishGithubAction(options) {
           password: octokitOptions.auth
         },
         logger: ctx.logger,
-        commitMessage: config.getOptionalString("scaffolder.defaultCommitMessage"),
+        commitMessage: gitCommitMessage ? gitCommitMessage : config.getOptionalString("scaffolder.defaultCommitMessage"),
         gitAuthorInfo
       });
       try {
@@ -1464,7 +1877,8 @@ function createPublishGithubAction(options) {
           repoName: newRepo.name,
           logger: ctx.logger,
           defaultBranch,
-          requireCodeOwnerReviews
+          requireCodeOwnerReviews,
+          requiredStatusCheckContexts
         });
       } catch (e) {
         errors.assertError(e);
@@ -2172,6 +2586,14 @@ const createBuiltinActions = (options) => {
       integrations,
       config
     }),
+    createPublishBitbucketCloudAction({
+      integrations,
+      config
+    }),
+    createPublishBitbucketServerAction({
+      integrations,
+      config
+    }),
     createPublishAzureAction({
       integrations,
       config
@@ -2231,6 +2653,7 @@ class DatabaseTaskStore {
     this.db = options.database;
   }
   async getTask(taskId) {
+    var _a;
     const [result] = await this.db("tasks").where({ id: taskId }).select();
     if (!result) {
       throw new errors.NotFoundError(`No task with id '${taskId}' found`);
@@ -2244,6 +2667,7 @@ class DatabaseTaskStore {
         status: result.status,
         lastHeartbeatAt: result.last_heartbeat_at,
         createdAt: result.created_at,
+        createdBy: (_a = result.created_by) != null ? _a : void 0,
         secrets
       };
     } catch (error) {
@@ -2251,17 +2675,20 @@ class DatabaseTaskStore {
     }
   }
   async createTask(options) {
+    var _a;
     const taskId = uuid.v4();
     await this.db("tasks").insert({
       id: taskId,
       spec: JSON.stringify(options.spec),
       secrets: options.secrets ? JSON.stringify(options.secrets) : void 0,
+      created_by: (_a = options.createdBy) != null ? _a : null,
       status: "open"
     });
     return { taskId };
   }
   async claimTask() {
     return this.db.transaction(async (tx) => {
+      var _a;
       const [task] = await tx("tasks").where({
         status: "open"
       }).limit(1).select();
@@ -2285,6 +2712,7 @@ class DatabaseTaskStore {
           status: "processing",
           lastHeartbeatAt: task.last_heartbeat_at,
           createdAt: task.created_at,
+          createdBy: (_a = task.created_by) != null ? _a : void 0,
           secrets
         };
       } catch (error) {
@@ -2403,6 +2831,9 @@ class TaskManager {
   get secrets() {
     return this.task.secrets;
   }
+  get createdBy() {
+    return this.task.createdBy;
+  }
   async getWorkspaceName() {
     return this.task.taskId;
   }
@@ -2462,7 +2893,8 @@ class StorageTaskBroker {
         return TaskManager.create({
           taskId: pendingTask.id,
           spec: pendingTask.spec,
-          secrets: pendingTask.secrets
+          secrets: pendingTask.secrets,
+          createdBy: pendingTask.createdBy
         }, this.storage, this.logger);
       }
       await this.waitForDispatch();
@@ -2613,7 +3045,8 @@ class NunjucksWorkflowRunner {
       await task.emitLog(`Starting up task with ${task.spec.steps.length} steps`);
       const context = {
         parameters: task.spec.parameters,
-        steps: {}
+        steps: {},
+        user: task.spec.user
       };
       for (const step of task.spec.steps) {
         try {
@@ -2831,10 +3264,11 @@ async function createRouter(options) {
   router.get("/v2/templates/:namespace/:kind/:name/parameter-schema", async (req, res) => {
     var _a, _b;
     const { namespace, kind, name } = req.params;
+    const { token } = parseBearerToken(req.headers.authorization);
     const template = await findTemplate({
       catalogApi: catalogClient,
       entityRef: { kind, namespace, name },
-      token: getBearerToken(req.headers.authorization)
+      token
     });
     if (isSupportedTemplate(template)) {
       const parameters = [(_a = template.spec.parameters) != null ? _a : []].flat();
@@ -2866,12 +3300,13 @@ async function createRouter(options) {
     const { kind, namespace, name } = catalogModel.parseEntityRef(templateRef, {
       defaultKind: "template"
     });
+    const { token, entityRef: userEntityRef } = parseBearerToken(req.headers.authorization);
+    const userEntity = userEntityRef ? await catalogClient.getEntityByRef(userEntityRef, { token }) : void 0;
     const values = req.body.values;
-    const token = getBearerToken(req.headers.authorization);
     const template = await findTemplate({
       catalogApi: catalogClient,
       entityRef: { kind, namespace, name },
-      token: getBearerToken(req.headers.authorization)
+      token
     });
     if (!isSupportedTemplate(template)) {
       throw new errors.InputError(`Unsupported apiVersion field in schema entity, ${template.apiVersion}`);
@@ -2896,6 +3331,10 @@ async function createRouter(options) {
       }),
       output: (_b = template.spec.output) != null ? _b : {},
       parameters: values,
+      user: {
+        entity: userEntity,
+        ref: userEntityRef
+      },
       templateInfo: {
         entityRef: catalogModel.stringifyEntityRef({
           kind,
@@ -2907,6 +3346,7 @@ async function createRouter(options) {
     };
     const result = await taskBroker.dispatch({
       spec: taskSpec,
+      createdBy: userEntityRef,
       secrets: {
         ...req.body.secrets,
         backstageToken: token
@@ -2981,9 +3421,17 @@ data: ${JSON.stringify(event)}
   app.use("/", router);
   return app;
 }
-function getBearerToken(header) {
+function parseBearerToken(header) {
   var _a;
-  return (_a = header == null ? void 0 : header.match(/Bearer\s+(\S+)/i)) == null ? void 0 : _a[1];
+  const token = (_a = header == null ? void 0 : header.match(/Bearer\s+(\S+)/i)) == null ? void 0 : _a[1];
+  if (!token)
+    return {};
+  const [_header, rawPayload, _signature] = token.split(".");
+  const payload = JSON.parse(Buffer.from(rawPayload, "base64").toString());
+  return {
+    entityRef: payload.sub,
+    token
+  };
 }
 
 class ScaffolderEntitiesProcessor {
@@ -3053,6 +3501,8 @@ exports.createGithubIssuesLabelAction = createGithubIssuesLabelAction;
 exports.createGithubWebhookAction = createGithubWebhookAction;
 exports.createPublishAzureAction = createPublishAzureAction;
 exports.createPublishBitbucketAction = createPublishBitbucketAction;
+exports.createPublishBitbucketCloudAction = createPublishBitbucketCloudAction;
+exports.createPublishBitbucketServerAction = createPublishBitbucketServerAction;
 exports.createPublishFileAction = createPublishFileAction;
 exports.createPublishGithubAction = createPublishGithubAction;
 exports.createPublishGithubPullRequestAction = createPublishGithubPullRequestAction;