@techdocs/cli 1.8.18 → 1.8.19-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (77) hide show
  1. package/CHANGELOG.md +6 -3
  2. package/dist/embedded-app/.config-schema.json +500 -466
  3. package/dist/embedded-app/index.html +1 -1
  4. package/dist/embedded-app/static/{124.159a325a.chunk.js → 124.1db148ab.chunk.js} +1 -1
  5. package/dist/embedded-app/static/{124.159a325a.chunk.js.map → 124.1db148ab.chunk.js.map} +1 -1
  6. package/dist/embedded-app/static/{1297.bbeaddd0.chunk.js → 1297.0e20ec6b.chunk.js} +1 -1
  7. package/dist/embedded-app/static/{1297.bbeaddd0.chunk.js.map → 1297.0e20ec6b.chunk.js.map} +1 -1
  8. package/dist/embedded-app/static/{1902.6f404f8c.chunk.js → 1902.74e9d604.chunk.js} +1 -1
  9. package/dist/embedded-app/static/{1902.6f404f8c.chunk.js.map → 1902.74e9d604.chunk.js.map} +1 -1
  10. package/dist/embedded-app/static/{2401.ba11bac5.chunk.js → 2401.ca97a22a.chunk.js} +1 -1
  11. package/dist/embedded-app/static/{2401.ba11bac5.chunk.js.map → 2401.ca97a22a.chunk.js.map} +1 -1
  12. package/dist/embedded-app/static/{2420.9986a695.chunk.js → 2420.2b6286b5.chunk.js} +1 -1
  13. package/dist/embedded-app/static/{2420.9986a695.chunk.js.map → 2420.2b6286b5.chunk.js.map} +1 -1
  14. package/dist/embedded-app/static/{287.57153ff3.chunk.js → 287.8842f1ab.chunk.js} +1 -1
  15. package/dist/embedded-app/static/{287.57153ff3.chunk.js.map → 287.8842f1ab.chunk.js.map} +1 -1
  16. package/dist/embedded-app/static/{3182.98982985.chunk.js → 3182.62f19265.chunk.js} +1 -1
  17. package/dist/embedded-app/static/{3182.98982985.chunk.js.map → 3182.62f19265.chunk.js.map} +1 -1
  18. package/dist/embedded-app/static/{3308.b3458818.chunk.js → 3308.82562d2f.chunk.js} +1 -1
  19. package/dist/embedded-app/static/{3308.b3458818.chunk.js.map → 3308.82562d2f.chunk.js.map} +1 -1
  20. package/dist/embedded-app/static/{3632.2a549b64.chunk.js → 3632.f5bd752c.chunk.js} +1 -1
  21. package/dist/embedded-app/static/{3632.2a549b64.chunk.js.map → 3632.f5bd752c.chunk.js.map} +1 -1
  22. package/dist/embedded-app/static/{3720.1978cecb.chunk.js → 3720.6737494a.chunk.js} +1 -1
  23. package/dist/embedded-app/static/{3720.1978cecb.chunk.js.map → 3720.6737494a.chunk.js.map} +1 -1
  24. package/dist/embedded-app/static/{4036.36665783.chunk.js → 4036.66c4b641.chunk.js} +1 -1
  25. package/dist/embedded-app/static/{4036.36665783.chunk.js.map → 4036.66c4b641.chunk.js.map} +1 -1
  26. package/dist/embedded-app/static/{4487.f9cc6633.chunk.js → 4487.fba50d66.chunk.js} +1 -1
  27. package/dist/embedded-app/static/{4487.f9cc6633.chunk.js.map → 4487.fba50d66.chunk.js.map} +1 -1
  28. package/dist/embedded-app/static/{4516.b1a92d53.chunk.js → 4516.cb7b4abb.chunk.js} +1 -1
  29. package/dist/embedded-app/static/{4516.b1a92d53.chunk.js.map → 4516.cb7b4abb.chunk.js.map} +1 -1
  30. package/dist/embedded-app/static/{4919.e2124196.chunk.js → 4919.72f5403e.chunk.js} +1 -1
  31. package/dist/embedded-app/static/{4919.e2124196.chunk.js.map → 4919.72f5403e.chunk.js.map} +1 -1
  32. package/dist/embedded-app/static/{5724.d2755c89.chunk.js → 5724.0fd2d023.chunk.js} +1 -1
  33. package/dist/embedded-app/static/{5724.d2755c89.chunk.js.map → 5724.0fd2d023.chunk.js.map} +1 -1
  34. package/dist/embedded-app/static/{5788.9c942dee.chunk.js → 5788.791edd6a.chunk.js} +1 -1
  35. package/dist/embedded-app/static/{5788.9c942dee.chunk.js.map → 5788.791edd6a.chunk.js.map} +1 -1
  36. package/dist/embedded-app/static/{6271.0b57a0cf.chunk.js → 6271.1f27aefc.chunk.js} +1 -1
  37. package/dist/embedded-app/static/{6271.0b57a0cf.chunk.js.map → 6271.1f27aefc.chunk.js.map} +1 -1
  38. package/dist/embedded-app/static/{6415.6b71f4b9.chunk.js → 6415.ca28e59e.chunk.js} +1 -1
  39. package/dist/embedded-app/static/{6415.6b71f4b9.chunk.js.map → 6415.ca28e59e.chunk.js.map} +1 -1
  40. package/dist/embedded-app/static/{8307.637eb9f7.chunk.js → 8307.77d02788.chunk.js} +1 -1
  41. package/dist/embedded-app/static/{8307.637eb9f7.chunk.js.map → 8307.77d02788.chunk.js.map} +1 -1
  42. package/dist/embedded-app/static/{8384.0c6da92e.chunk.js → 8384.c87298a7.chunk.js} +1 -1
  43. package/dist/embedded-app/static/{8384.0c6da92e.chunk.js.map → 8384.c87298a7.chunk.js.map} +1 -1
  44. package/dist/embedded-app/static/{898.c75e7113.chunk.js → 898.ca4c8c81.chunk.js} +1 -1
  45. package/dist/embedded-app/static/{898.c75e7113.chunk.js.map → 898.ca4c8c81.chunk.js.map} +1 -1
  46. package/dist/embedded-app/static/{9234.ad94610e.chunk.js → 9234.d383e83b.chunk.js} +1 -1
  47. package/dist/embedded-app/static/{9234.ad94610e.chunk.js.map → 9234.d383e83b.chunk.js.map} +1 -1
  48. package/dist/embedded-app/static/{9605.2c26c71d.chunk.js → 9605.1e25e9dd.chunk.js} +1 -1
  49. package/dist/embedded-app/static/{9605.2c26c71d.chunk.js.map → 9605.1e25e9dd.chunk.js.map} +1 -1
  50. package/dist/embedded-app/static/{9652.5fd19eb0.chunk.js → 9652.4c4ba768.chunk.js} +1 -1
  51. package/dist/embedded-app/static/{9652.5fd19eb0.chunk.js.map → 9652.4c4ba768.chunk.js.map} +1 -1
  52. package/dist/embedded-app/static/{main.87e083f2.js → main.c7b3b8b8.js} +9 -9
  53. package/dist/embedded-app/static/main.c7b3b8b8.js.map +1 -0
  54. package/dist/embedded-app/static/{module-material-table.e3f26578.js → module-material-table.02244708.js} +1 -1
  55. package/dist/embedded-app/static/{module-material-table.e3f26578.js.map → module-material-table.02244708.js.map} +1 -1
  56. package/dist/embedded-app/static/{module-material-ui.2c452b58.js → module-material-ui.3f32753b.js} +1 -1
  57. package/dist/embedded-app/static/{module-material-ui.2c452b58.js.map → module-material-ui.3f32753b.js.map} +1 -1
  58. package/dist/embedded-app/static/{module-mui.e17dd999.js → module-mui.0ed988ce.js} +1 -1
  59. package/dist/embedded-app/static/{module-mui.e17dd999.js.map → module-mui.0ed988ce.js.map} +1 -1
  60. package/dist/embedded-app/static/{module-react-beautiful-dnd.ea59573c.js → module-react-beautiful-dnd.996c3b37.js} +1 -1
  61. package/dist/embedded-app/static/{module-react-beautiful-dnd.ea59573c.js.map → module-react-beautiful-dnd.996c3b37.js.map} +1 -1
  62. package/dist/embedded-app/static/{module-react-dom.1f38e13a.js → module-react-dom.3d6c828c.js} +6 -6
  63. package/dist/embedded-app/static/module-react-dom.3d6c828c.js.map +1 -0
  64. package/dist/embedded-app/static/{module-react-router-dom.0c2bb614.js → module-react-router-dom.3e907de2.js} +1 -1
  65. package/dist/embedded-app/static/{module-react-router-dom.0c2bb614.js.map → module-react-router-dom.3e907de2.js.map} +1 -1
  66. package/dist/embedded-app/static/{module-react-router.dac764ce.js → module-react-router.f207f6b1.js} +1 -1
  67. package/dist/embedded-app/static/{module-react-router.dac764ce.js.map → module-react-router.f207f6b1.js.map} +1 -1
  68. package/dist/embedded-app/static/{runtime.87e083f2.js → runtime.c7b3b8b8.js} +2 -2
  69. package/dist/embedded-app/static/{runtime.87e083f2.js.map → runtime.c7b3b8b8.js.map} +1 -1
  70. package/dist/embedded-app/static/vendor.c7b3b8b8.js +155 -0
  71. package/dist/embedded-app/static/vendor.c7b3b8b8.js.map +1 -0
  72. package/dist/index.cjs.js +1 -1
  73. package/package.json +4 -4
  74. package/dist/embedded-app/static/main.87e083f2.js.map +0 -1
  75. package/dist/embedded-app/static/module-react-dom.1f38e13a.js.map +0 -1
  76. package/dist/embedded-app/static/vendor.87e083f2.js +0 -155
  77. package/dist/embedded-app/static/vendor.87e083f2.js.map +0 -1
package/dist/embedded-app/.config-schema.json CHANGED
@@ -1318,8 +1318,7 @@
1318
1318
  "const": "memory"
1319
1319
  },
1320
1320
  "defaultTtl": {
1321
- "description": "An optional default TTL (in milliseconds).",
1322
- "type": "number"
1321
+ "description": "An optional default TTL (in milliseconds)."
1323
1322
  }
1324
1323
  },
1325
1324
  "required": [
@@ -1339,8 +1338,7 @@
1339
1338
  "type": "string"
1340
1339
  },
1341
1340
  "defaultTtl": {
1342
- "description": "An optional default TTL (in milliseconds).",
1343
- "type": "number"
1341
+ "description": "An optional default TTL (in milliseconds)."
1344
1342
  },
1345
1343
  "useRedisSets": {
1346
1344
  "description": "Whether or not [useRedisSets](https://github.com/jaredwray/keyv/tree/main/packages/redis#useredissets) should be configured to this redis cache.\nDefaults to true if unspecified.",
@@ -1365,8 +1363,7 @@
1365
1363
  "type": "string"
1366
1364
  },
1367
1365
  "defaultTtl": {
1368
- "description": "An optional default TTL (in milliseconds).",
1369
- "type": "number"
1366
+ "description": "An optional default TTL (in milliseconds)."
1370
1367
  }
1371
1368
  },
1372
1369
  "required": [
@@ -1377,6 +1374,7 @@
1377
1374
  ]
1378
1375
  },
1379
1376
  "cors": {
1377
+ "description": "Properties returned upon CORS requests to the backend, including the app-backend.",
1380
1378
  "type": "object",
1381
1379
  "properties": {
1382
1380
  "origin": {
@@ -1445,6 +1443,24 @@
1445
1443
  }
1446
1444
  }
1447
1445
  },
1446
+ "csp": {
1447
+ "description": "Content Security Policy options.\n\nThe keys are the plain policy ID, e.g. \"upgrade-insecure-requests\". The\nvalues are on the format that the helmet library expects them, as an\narray of strings. There is also the special value false, which means to\nremove the default value that Backstage puts in place for that policy.",
1448
+ "type": "object",
1449
+ "additionalProperties": {
1450
+ "anyOf": [
1451
+ {
1452
+ "type": "array",
1453
+ "items": {
1454
+ "type": "string"
1455
+ }
1456
+ },
1457
+ {
1458
+ "const": false,
1459
+ "type": "boolean"
1460
+ }
1461
+ ]
1462
+ }
1463
+ },
1448
1464
  "reading": {
1449
1465
  "description": "Configuration related to URL reading, used for example for reading catalog info\nfiles, scaffolder templates, and techdocs content.",
1450
1466
  "type": "object",
@@ -1473,24 +1489,6 @@
1473
1489
  }
1474
1490
  }
1475
1491
  }
1476
- },
1477
- "csp": {
1478
- "description": "Content Security Policy options.\n\nThe keys are the plain policy ID, e.g. \"upgrade-insecure-requests\". The\nvalues are on the format that the helmet library expects them, as an\narray of strings. There is also the special value false, which means to\nremove the default value that Backstage puts in place for that policy.",
1479
- "type": "object",
1480
- "additionalProperties": {
1481
- "anyOf": [
1482
- {
1483
- "type": "array",
1484
- "items": {
1485
- "type": "string"
1486
- }
1487
- },
1488
- {
1489
- "const": false,
1490
- "type": "boolean"
1491
- }
1492
- ]
1493
- }
1494
1492
  }
1495
1493
  },
1496
1494
  "required": [
@@ -1507,6 +1505,24 @@
1507
1505
  "$schema": "http://json-schema.org/draft-07/schema#"
1508
1506
  }
1509
1507
  },
1508
+ {
1509
+ "path": "../backend-plugin-api/config.d.ts",
1510
+ "value": {
1511
+ "type": "object",
1512
+ "properties": {
1513
+ "backend": {
1514
+ "type": "object",
1515
+ "properties": {
1516
+ "workingDirectory": {
1517
+ "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1518
+ "type": "string"
1519
+ }
1520
+ }
1521
+ }
1522
+ },
1523
+ "$schema": "http://json-schema.org/draft-07/schema#"
1524
+ }
1525
+ },
1510
1526
  {
1511
1527
  "path": "../../node_modules/@oriflame/backstage-plugin-score-card/node_modules/@backstage/core-components/config.d.ts",
1512
1528
  "value": {
@@ -1669,7 +1685,120 @@
1669
1685
  "backend": {
1670
1686
  "type": "object",
1671
1687
  "properties": {
1688
+ "packages": {
1689
+ "description": "Used by the feature discovery service",
1690
+ "anyOf": [
1691
+ {
1692
+ "type": "object",
1693
+ "properties": {
1694
+ "include": {
1695
+ "type": "array",
1696
+ "items": {
1697
+ "type": "string"
1698
+ }
1699
+ },
1700
+ "exclude": {
1701
+ "type": "array",
1702
+ "items": {
1703
+ "type": "string"
1704
+ }
1705
+ }
1706
+ }
1707
+ },
1708
+ {
1709
+ "const": "all",
1710
+ "type": "string"
1711
+ }
1712
+ ]
1713
+ }
1714
+ }
1715
+ }
1716
+ },
1717
+ "$schema": "http://json-schema.org/draft-07/schema#"
1718
+ }
1719
+ },
1720
+ {
1721
+ "path": "../backend-defaults/config.d.ts",
1722
+ "value": {
1723
+ "type": "object",
1724
+ "properties": {
1725
+ "app": {
1726
+ "type": "object",
1727
+ "properties": {
1728
+ "baseUrl": {
1729
+ "type": "string"
1730
+ }
1731
+ },
1732
+ "required": [
1733
+ "baseUrl"
1734
+ ]
1735
+ },
1736
+ "backend": {
1737
+ "type": "object",
1738
+ "properties": {
1739
+ "baseUrl": {
1740
+ "description": "The full base URL of the backend, as seen from the browser's point of\nview as it makes calls to the backend.",
1741
+ "type": "string"
1742
+ },
1743
+ "listen": {
1744
+ "description": "Address that the backend should listen to.",
1745
+ "anyOf": [
1746
+ {
1747
+ "type": "object",
1748
+ "properties": {
1749
+ "host": {
1750
+ "description": "Address of the interface that the backend should bind to.",
1751
+ "type": "string"
1752
+ },
1753
+ "port": {
1754
+ "description": "Port that the backend should listen to.",
1755
+ "type": [
1756
+ "string",
1757
+ "number"
1758
+ ]
1759
+ }
1760
+ }
1761
+ },
1762
+ {
1763
+ "type": "string"
1764
+ }
1765
+ ]
1766
+ },
1767
+ "https": {
1768
+ "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
1769
+ "anyOf": [
1770
+ {
1771
+ "type": "object",
1772
+ "properties": {
1773
+ "certificate": {
1774
+ "description": "Certificate configuration",
1775
+ "type": "object",
1776
+ "properties": {
1777
+ "cert": {
1778
+ "description": "PEM encoded certificate. Use $file to load in a file",
1779
+ "type": "string"
1780
+ },
1781
+ "key": {
1782
+ "description": "PEM encoded certificate key. Use $file to load in a file.",
1783
+ "visibility": "secret",
1784
+ "type": "string"
1785
+ }
1786
+ },
1787
+ "required": [
1788
+ "cert",
1789
+ "key"
1790
+ ]
1791
+ }
1792
+ }
1793
+ },
1794
+ {
1795
+ "const": true,
1796
+ "type": "boolean"
1797
+ }
1798
+ ]
1799
+ },
1672
1800
  "auth": {
1801
+ "description": "Options used by the default auth, httpAuth and userInfo services.",
1673
1802
  "type": "object",
1674
1803
  "properties": {
1675
1804
  "dangerouslyDisableDefaultAuthPolicy": {
@@ -1977,6 +2106,56 @@
1977
2106
  "required": [
1978
2107
  "url"
1979
2108
  ]
2109
+ },
2110
+ "accessRestrictions": {
2111
+ "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2112
+ "type": "array",
2113
+ "items": {
2114
+ "type": "object",
2115
+ "properties": {
2116
+ "plugin": {
2117
+ "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2118
+ "type": "string"
2119
+ },
2120
+ "permission": {
2121
+ "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2122
+ "anyOf": [
2123
+ {
2124
+ "type": "array",
2125
+ "items": {
2126
+ "type": "string"
2127
+ }
2128
+ },
2129
+ {
2130
+ "type": "string"
2131
+ }
2132
+ ]
2133
+ },
2134
+ "permissionAttribute": {
2135
+ "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2136
+ "type": "object",
2137
+ "properties": {
2138
+ "action": {
2139
+ "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2140
+ "anyOf": [
2141
+ {
2142
+ "type": "array",
2143
+ "items": {
2144
+ "type": "string"
2145
+ }
2146
+ },
2147
+ {
2148
+ "type": "string"
2149
+ }
2150
+ ]
2151
+ }
2152
+ }
2153
+ }
2154
+ },
2155
+ "required": [
2156
+ "plugin"
2157
+ ]
2158
+ }
1980
2159
  }
1981
2160
  },
1982
2161
  "required": [
@@ -1988,46 +2167,24 @@
1988
2167
  }
1989
2168
  }
1990
2169
  }
1991
- },
1992
- "packages": {
1993
- "anyOf": [
1994
- {
1995
- "type": "object",
1996
- "properties": {
1997
- "include": {
1998
- "type": "array",
1999
- "items": {
2000
- "type": "string"
2001
- }
2002
- },
2003
- "exclude": {
2004
- "type": "array",
2005
- "items": {
2006
- "type": "string"
2007
- }
2008
- }
2009
- }
2010
- },
2011
- {
2012
- "const": "all",
2013
- "type": "string"
2014
- }
2015
- ]
2016
2170
  }
2017
- }
2171
+ },
2172
+ "required": [
2173
+ "baseUrl"
2174
+ ]
2018
2175
  },
2019
2176
  "discovery": {
2020
- "description": "Discovery options.",
2177
+ "description": "Options used by the default discovery service.",
2021
2178
  "type": "object",
2022
2179
  "properties": {
2023
2180
  "endpoints": {
2024
- "description": "Endpoints\n\nA list of target baseUrls and the associated plugins.",
2181
+ "description": "A list of target baseUrls and the associated plugins.",
2025
2182
  "type": "array",
2026
2183
  "items": {
2027
2184
  "type": "object",
2028
2185
  "properties": {
2029
2186
  "target": {
2030
- "description": "The target baseUrl to use for the plugin\n\nCan be either a string or an object with internal and external keys.\nTargets with `{{pluginId}}` or `{{ pluginId }} in the url will be replaced with the pluginId.",
2187
+ "description": "The target base URL to use for the plugin.\n\nCan be either a string or an object with internal and external keys.\nTargets with `{{pluginId}}` or `{{ pluginId }} in the URL will be replaced with the plugin ID.",
2031
2188
  "anyOf": [
2032
2189
  {
2033
2190
  "type": "object",
@@ -2050,7 +2207,7 @@
2050
2207
  ]
2051
2208
  },
2052
2209
  "plugins": {
2053
- "description": "Array of plugins which use the target baseUrl.",
2210
+ "description": "Array of plugins which use the target base URL.",
2054
2211
  "type": "array",
2055
2212
  "items": {
2056
2213
  "type": "string"
@@ -2067,427 +2224,304 @@
2067
2224
  "required": [
2068
2225
  "endpoints"
2069
2226
  ]
2070
- }
2071
- },
2072
- "$schema": "http://json-schema.org/draft-07/schema#"
2073
- }
2074
- },
2075
- {
2076
- "path": "../backend-defaults/config.d.ts",
2077
- "value": {
2078
- "type": "object",
2079
- "properties": {
2080
- "backend": {
2081
- "type": "object",
2082
- "properties": {
2083
- "auth": {
2084
- "description": "Options used by the default auth, httpAuth and userInfo services.",
2085
- "type": "object",
2086
- "properties": {
2087
- "dangerouslyDisableDefaultAuthPolicy": {
2088
- "description": "This disables the otherwise default auth policy, which requires all\nrequests to be authenticated with either user or service credentials.\n\nDisabling this check means that the backend will no longer block\nunauthenticated requests, but instead allow them to pass through to\nplugins.\n\nIf permissions are enabled, unauthenticated requests will be treated\nexactly as such, leaving it to the permission policy to determine what\npermissions should be allowed for an unauthenticated identity. Note\nthat this will also apply to service-to-service calls between plugins\nunless you configure credentials for service calls.",
2089
- "type": "boolean"
2090
- },
2091
- "pluginKeyStore": {
2092
- "description": "Controls how to store keys for plugin-to-plugin auth",
2093
- "anyOf": [
2094
- {
2095
- "type": "object",
2096
- "properties": {
2097
- "type": {
2098
- "type": "string",
2099
- "const": "database"
2100
- }
2101
- },
2102
- "required": [
2103
- "type"
2104
- ]
2105
- },
2106
- {
2107
- "type": "object",
2108
- "properties": {
2109
- "type": {
2110
- "type": "string",
2111
- "const": "static"
2112
- },
2113
- "static": {
2114
- "type": "object",
2115
- "properties": {
2116
- "keys": {
2117
- "description": "Must be declared at least once and the first one will be used for signing.",
2118
- "type": "array",
2119
- "items": {
2120
- "type": "object",
2121
- "properties": {
2122
- "publicKeyFile": {
2123
- "description": "Path to the public key file in the SPKI format. Should be an absolute path.",
2124
- "type": "string"
2125
- },
2126
- "privateKeyFile": {
2127
- "description": "Path to the matching private key file in the PKCS#8 format. Should be an absolute path.\n\nThe first array entry must specify a private key file, the rest must not.",
2128
- "type": "string"
2129
- },
2130
- "keyId": {
2131
- "description": "ID to uniquely identify this key within the JWK set.",
2132
- "type": "string"
2133
- },
2134
- "algorithm": {
2135
- "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match the algorithm used to generate the keys in the provided files",
2136
- "type": "string"
2137
- }
2138
- },
2139
- "required": [
2140
- "keyId",
2141
- "publicKeyFile"
2142
- ]
2143
- }
2144
- }
2145
- },
2146
- "required": [
2147
- "keys"
2148
- ]
2149
- }
2150
- },
2151
- "required": [
2152
- "static",
2153
- "type"
2154
- ]
2155
- }
2156
- ]
2157
- },
2158
- "externalAccess": {
2159
- "description": "Configures methods of external access, ie ways for callers outside of\nthe Backstage ecosystem to get authorized for access to APIs that do\nnot permit unauthorized access.",
2160
- "type": "array",
2161
- "items": {
2162
- "anyOf": [
2163
- {
2164
- "type": "object",
2165
- "properties": {
2166
- "type": {
2167
- "description": "This is the legacy service-to-service access method, where a set\nof static keys were shared among plugins and used for symmetric\nsigning and verification. These correspond to the old\n`backend.auth.keys` set and retain their behavior for backwards\ncompatibility. Please migrate to other access methods when\npossible.\n\nCallers generate JWT tokens with the following payload:\n\n```json\n{\n \"sub\": \"backstage-plugin\",\n \"exp\": <epoch seconds one hour in the future>\n}\n```\n\nAnd sign them with HS256, using the base64 decoded secret. The\ntokens are then passed along with requests in the Authorization\nheader:\n\n```\nAuthorization: Bearer eyJhbGciOiJIUzI...\n```",
2168
- "type": "string",
2169
- "const": "legacy"
2170
- },
2171
- "options": {
2172
- "type": "object",
2173
- "properties": {
2174
- "secret": {
2175
- "description": "Any set of base64 encoded random bytes to be used as both the\nsigning and verification key. Should be sufficiently long so as\nnot to be easy to guess by brute force.\n\nCan be generated eg using\n\n```sh\nnode -p 'require(\"crypto\").randomBytes(24).toString(\"base64\")'\n```",
2176
- "visibility": "secret",
2177
- "type": "string"
2178
- },
2179
- "subject": {
2180
- "description": "Sets the subject of the principal, when matching this token.\nUseful for debugging and tracking purposes.",
2181
- "type": "string"
2182
- }
2183
- },
2184
- "required": [
2185
- "secret",
2186
- "subject"
2187
- ]
2188
- },
2189
- "accessRestrictions": {
2190
- "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2191
- "type": "array",
2192
- "items": {
2193
- "type": "object",
2194
- "properties": {
2195
- "plugin": {
2196
- "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2197
- "type": "string"
2198
- },
2199
- "permission": {
2200
- "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2201
- "anyOf": [
2202
- {
2203
- "type": "array",
2204
- "items": {
2205
- "type": "string"
2206
- }
2207
- },
2208
- {
2209
- "type": "string"
2210
- }
2211
- ]
2212
- },
2213
- "permissionAttribute": {
2214
- "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2215
- "type": "object",
2216
- "properties": {
2217
- "action": {
2218
- "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2219
- "anyOf": [
2220
- {
2221
- "type": "array",
2222
- "items": {
2223
- "type": "string"
2224
- }
2225
- },
2226
- {
2227
- "type": "string"
2228
- }
2229
- ]
2230
- }
2231
- }
2232
- }
2233
- },
2234
- "required": [
2235
- "plugin"
2236
- ]
2237
- }
2238
- }
2239
- },
2240
- "required": [
2241
- "options",
2242
- "type"
2243
- ]
2244
- },
2245
- {
2246
- "type": "object",
2247
- "properties": {
2248
- "type": {
2249
- "description": "This access method consists of random static tokens that can be\nhanded out to callers.\n\nThe tokens are then passed along verbatim with requests in the\nAuthorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
2250
- "type": "string",
2251
- "const": "static"
2252
- },
2253
- "options": {
2254
- "type": "object",
2255
- "properties": {
2256
- "token": {
2257
- "description": "A raw token that can be any string, but for security reasons\nshould be sufficiently long so as not to be easy to guess by\nbrute force.\n\nCan be generated eg using\n\n```sh\nnode -p 'require(\"crypto\").randomBytes(24).toString(\"base64\")'\n```\n\nSince the tokens can be any string, you are free to add\nadditional identifying data to them if you like. For example,\nadding a `freben-local-dev-` prefix for debugging purposes to a\ntoken that you know will be handed out for use as a personal\naccess token during development.",
2258
- "visibility": "secret",
2259
- "type": "string"
2260
- },
2261
- "subject": {
2262
- "description": "Sets the subject of the principal, when matching this token.\nUseful for debugging and tracking purposes.",
2263
- "type": "string"
2264
- }
2265
- },
2266
- "required": [
2267
- "subject",
2268
- "token"
2269
- ]
2270
- },
2271
- "accessRestrictions": {
2272
- "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2273
- "type": "array",
2274
- "items": {
2275
- "type": "object",
2276
- "properties": {
2277
- "plugin": {
2278
- "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2279
- "type": "string"
2280
- },
2281
- "permission": {
2282
- "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2283
- "anyOf": [
2284
- {
2285
- "type": "array",
2286
- "items": {
2287
- "type": "string"
2288
- }
2289
- },
2290
- {
2291
- "type": "string"
2292
- }
2293
- ]
2294
- },
2295
- "permissionAttribute": {
2296
- "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2297
- "type": "object",
2298
- "properties": {
2299
- "action": {
2300
- "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2301
- "anyOf": [
2302
- {
2303
- "type": "array",
2304
- "items": {
2305
- "type": "string"
2306
- }
2307
- },
2308
- {
2309
- "type": "string"
2310
- }
2311
- ]
2312
- }
2313
- }
2314
- }
2315
- },
2316
- "required": [
2317
- "plugin"
2318
- ]
2319
- }
2320
- }
2321
- },
2322
- "required": [
2323
- "options",
2324
- "type"
2325
- ]
2326
- },
2327
- {
2328
- "type": "object",
2329
- "properties": {
2330
- "type": {
2331
- "description": "This access method consists of a JWKS endpoint that can be used to\nverify JWT tokens.\n\nCallers generate JWT tokens via 3rd party tooling\nand pass them in the Authorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
2332
- "type": "string",
2333
- "const": "jwks"
2334
- },
2335
- "options": {
2336
- "type": "object",
2337
- "properties": {
2338
- "url": {
2339
- "description": "The full URL of the JWKS endpoint.",
2340
- "type": "string"
2341
- },
2342
- "algorithm": {
2343
- "description": "Sets the algorithm(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have been signed using one of the listed algorithms.",
2344
- "anyOf": [
2345
- {
2346
- "type": "array",
2347
- "items": {
2348
- "type": "string"
2349
- }
2350
- },
2351
- {
2352
- "type": "string"
2353
- }
2354
- ]
2355
- },
2356
- "issuer": {
2357
- "description": "Sets the issuer(s) that should be used to verify the JWT tokens.\nPassed JWTs must have an `iss` claim which matches one of the specified issuers.",
2358
- "anyOf": [
2359
- {
2360
- "type": "array",
2361
- "items": {
2362
- "type": "string"
2363
- }
2364
- },
2365
- {
2366
- "type": "string"
2367
- }
2368
- ]
2369
- },
2370
- "audience": {
2371
- "description": "Sets the audience(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have an \"aud\" claim that matches one of the audiences specified,\nor have no audience specified.",
2372
- "anyOf": [
2373
- {
2374
- "type": "array",
2375
- "items": {
2376
- "type": "string"
2377
- }
2378
- },
2379
- {
2380
- "type": "string"
2381
- }
2382
- ]
2383
- },
2384
- "subjectPrefix": {
2385
- "description": "Sets an optional subject prefix. Passes the subject to called plugins.\nUseful for debugging and tracking purposes.",
2386
- "type": "string"
2387
- }
2388
- },
2389
- "required": [
2390
- "url"
2391
- ]
2392
- },
2393
- "accessRestrictions": {
2394
- "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2395
- "type": "array",
2396
- "items": {
2397
- "type": "object",
2398
- "properties": {
2399
- "plugin": {
2400
- "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2401
- "type": "string"
2402
- },
2403
- "permission": {
2404
- "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2405
- "anyOf": [
2406
- {
2407
- "type": "array",
2408
- "items": {
2409
- "type": "string"
2410
- }
2411
- },
2412
- {
2413
- "type": "string"
2414
- }
2415
- ]
2416
- },
2417
- "permissionAttribute": {
2418
- "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2419
- "type": "object",
2420
- "properties": {
2421
- "action": {
2422
- "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2423
- "anyOf": [
2424
- {
2425
- "type": "array",
2426
- "items": {
2427
- "type": "string"
2428
- }
2429
- },
2430
- {
2431
- "type": "string"
2432
- }
2433
- ]
2434
- }
2435
- }
2436
- }
2437
- },
2438
- "required": [
2439
- "plugin"
2440
- ]
2441
- }
2442
- }
2443
- },
2444
- "required": [
2445
- "options",
2446
- "type"
2447
- ]
2227
+ },
2228
+ "database": {
2229
+ "description": "Database connection configuration, select base database type using the `client` field",
2230
+ "type": "object",
2231
+ "properties": {
2232
+ "client": {
2233
+ "description": "Default database client to use",
2234
+ "enum": [
2235
+ "better-sqlite3",
2236
+ "pg",
2237
+ "sqlite3"
2238
+ ],
2239
+ "type": "string"
2240
+ },
2241
+ "connection": {
2242
+ "description": "Base database connection string, or object with individual connection properties",
2243
+ "visibility": "secret",
2244
+ "anyOf": [
2245
+ {
2246
+ "type": "object",
2247
+ "additionalProperties": {},
2248
+ "properties": {
2249
+ "password": {
2250
+ "description": "Password that belongs to the client User",
2251
+ "visibility": "secret",
2252
+ "type": "string"
2253
+ }
2254
+ }
2255
+ },
2256
+ {
2257
+ "type": "string"
2258
+ }
2259
+ ]
2260
+ },
2261
+ "prefix": {
2262
+ "description": "Database name prefix override",
2263
+ "type": "string"
2264
+ },
2265
+ "ensureExists": {
2266
+ "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to true if unspecified.",
2267
+ "type": "boolean"
2268
+ },
2269
+ "ensureSchemaExists": {
2270
+ "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
2271
+ "type": "boolean"
2272
+ },
2273
+ "pluginDivisionMode": {
2274
+ "description": "How plugins databases are managed/divided in the provided database instance.\n\n`database` -> Plugins are each given their own database to manage their schemas/tables.\n\n`schema` -> Plugins will be given their own schema (in the specified/default database)\n to manage their tables.\n\nNOTE: Currently only supported by the `pg` client.",
2275
+ "default": "database",
2276
+ "enum": [
2277
+ "database",
2278
+ "schema"
2279
+ ],
2280
+ "type": "string"
2281
+ },
2282
+ "role": {
2283
+ "description": "Configures the ownership of newly created schemas in pg databases.",
2284
+ "type": "string"
2285
+ },
2286
+ "knexConfig": {
2287
+ "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the debug\nand asyncStackTraces booleans",
2288
+ "type": "object",
2289
+ "properties": {},
2290
+ "additionalProperties": true
2291
+ },
2292
+ "skipMigrations": {
2293
+ "description": "Skip running database migrations.",
2294
+ "type": "boolean"
2295
+ },
2296
+ "plugin": {
2297
+ "description": "Plugin specific database configuration and client override",
2298
+ "type": "object",
2299
+ "additionalProperties": {
2300
+ "type": "object",
2301
+ "properties": {
2302
+ "client": {
2303
+ "description": "Database client override",
2304
+ "enum": [
2305
+ "better-sqlite3",
2306
+ "pg",
2307
+ "sqlite3"
2308
+ ],
2309
+ "type": "string"
2310
+ },
2311
+ "connection": {
2312
+ "description": "Database connection string or Knex object override",
2313
+ "visibility": "secret",
2314
+ "anyOf": [
2315
+ {
2316
+ "type": "object",
2317
+ "properties": {},
2318
+ "additionalProperties": true
2319
+ },
2320
+ {
2321
+ "type": "string"
2448
2322
  }
2449
2323
  ]
2324
+ },
2325
+ "ensureExists": {
2326
+ "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to base config if unspecified.",
2327
+ "type": "boolean"
2328
+ },
2329
+ "ensureSchemaExists": {
2330
+ "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
2331
+ "type": "boolean"
2332
+ },
2333
+ "knexConfig": {
2334
+ "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the\ndebug and asyncStackTraces booleans.\n\nThis is merged recursively into the base knexConfig",
2335
+ "type": "object",
2336
+ "properties": {},
2337
+ "additionalProperties": true
2338
+ },
2339
+ "role": {
2340
+ "description": "Configures the ownership of newly created schemas in pg databases.",
2341
+ "type": "string"
2342
+ },
2343
+ "skipMigrations": {
2344
+ "description": "Skip running database migrations.",
2345
+ "type": "boolean"
2450
2346
  }
2451
2347
  }
2452
2348
  }
2453
2349
  }
2350
+ },
2351
+ "required": [
2352
+ "client",
2353
+ "connection"
2354
+ ]
2355
+ },
2356
+ "cache": {
2357
+ "description": "Cache connection configuration, select cache type using the `store` field",
2358
+ "anyOf": [
2359
+ {
2360
+ "type": "object",
2361
+ "properties": {
2362
+ "store": {
2363
+ "type": "string",
2364
+ "const": "memory"
2365
+ },
2366
+ "defaultTtl": {
2367
+ "description": "An optional default TTL (in milliseconds)."
2368
+ }
2369
+ },
2370
+ "required": [
2371
+ "store"
2372
+ ]
2373
+ },
2374
+ {
2375
+ "type": "object",
2376
+ "properties": {
2377
+ "store": {
2378
+ "type": "string",
2379
+ "const": "redis"
2380
+ },
2381
+ "connection": {
2382
+ "description": "A redis connection string in the form `redis://user:pass@host:port`.",
2383
+ "visibility": "secret",
2384
+ "type": "string"
2385
+ },
2386
+ "defaultTtl": {
2387
+ "description": "An optional default TTL (in milliseconds)."
2388
+ },
2389
+ "useRedisSets": {
2390
+ "description": "Whether or not [useRedisSets](https://github.com/jaredwray/keyv/tree/main/packages/redis#useredissets) should be configured to this redis cache.\nDefaults to true if unspecified.",
2391
+ "type": "boolean"
2392
+ }
2393
+ },
2394
+ "required": [
2395
+ "connection",
2396
+ "store"
2397
+ ]
2398
+ },
2399
+ {
2400
+ "type": "object",
2401
+ "properties": {
2402
+ "store": {
2403
+ "type": "string",
2404
+ "const": "memcache"
2405
+ },
2406
+ "connection": {
2407
+ "description": "A memcache connection string in the form `user:pass@host:port`.",
2408
+ "visibility": "secret",
2409
+ "type": "string"
2410
+ },
2411
+ "defaultTtl": {
2412
+ "description": "An optional default TTL (in milliseconds)."
2413
+ }
2414
+ },
2415
+ "required": [
2416
+ "connection",
2417
+ "store"
2418
+ ]
2419
+ }
2420
+ ]
2421
+ },
2422
+ "cors": {
2423
+ "type": "object",
2424
+ "properties": {
2425
+ "origin": {
2426
+ "anyOf": [
2427
+ {
2428
+ "type": "array",
2429
+ "items": {
2430
+ "type": "string"
2431
+ }
2432
+ },
2433
+ {
2434
+ "type": "string"
2435
+ }
2436
+ ]
2437
+ },
2438
+ "methods": {
2439
+ "anyOf": [
2440
+ {
2441
+ "type": "array",
2442
+ "items": {
2443
+ "type": "string"
2444
+ }
2445
+ },
2446
+ {
2447
+ "type": "string"
2448
+ }
2449
+ ]
2450
+ },
2451
+ "allowedHeaders": {
2452
+ "anyOf": [
2453
+ {
2454
+ "type": "array",
2455
+ "items": {
2456
+ "type": "string"
2457
+ }
2458
+ },
2459
+ {
2460
+ "type": "string"
2461
+ }
2462
+ ]
2463
+ },
2464
+ "exposedHeaders": {
2465
+ "anyOf": [
2466
+ {
2467
+ "type": "array",
2468
+ "items": {
2469
+ "type": "string"
2470
+ }
2471
+ },
2472
+ {
2473
+ "type": "string"
2474
+ }
2475
+ ]
2476
+ },
2477
+ "credentials": {
2478
+ "type": "boolean"
2479
+ },
2480
+ "maxAge": {
2481
+ "type": "number"
2482
+ },
2483
+ "preflightContinue": {
2484
+ "type": "boolean"
2485
+ },
2486
+ "optionsSuccessStatus": {
2487
+ "type": "number"
2488
+ }
2454
2489
  }
2455
2490
  },
2456
- "discovery": {
2457
- "description": "Options used by the default discovery service.",
2491
+ "csp": {
2492
+ "description": "Content Security Policy options.\n\nThe keys are the plain policy ID, e.g. \"upgrade-insecure-requests\". The\nvalues are on the format that the helmet library expects them, as an\narray of strings. There is also the special value false, which means to\nremove the default value that Backstage puts in place for that policy.",
2493
+ "type": "object",
2494
+ "additionalProperties": {
2495
+ "anyOf": [
2496
+ {
2497
+ "type": "array",
2498
+ "items": {
2499
+ "type": "string"
2500
+ }
2501
+ },
2502
+ {
2503
+ "const": false,
2504
+ "type": "boolean"
2505
+ }
2506
+ ]
2507
+ }
2508
+ },
2509
+ "reading": {
2510
+ "description": "Configuration related to URL reading, used for example for reading catalog info\nfiles, scaffolder templates, and techdocs content.",
2458
2511
  "type": "object",
2459
2512
  "properties": {
2460
- "endpoints": {
2461
- "description": "A list of target baseUrls and the associated plugins.",
2513
+ "allow": {
2514
+ "description": "A list of targets to allow outgoing requests to. Users will be able to make\nrequests on behalf of the backend to the targets that are allowed by this list.",
2462
2515
  "type": "array",
2463
2516
  "items": {
2464
2517
  "type": "object",
2465
2518
  "properties": {
2466
- "target": {
2467
- "description": "The target base URL to use for the plugin.\n\nCan be either a string or an object with internal and external keys.\nTargets with `{{pluginId}}` or `{{ pluginId }} in the URL will be replaced with the plugin ID.",
2468
- "anyOf": [
2469
- {
2470
- "type": "object",
2471
- "properties": {
2472
- "internal": {
2473
- "type": "string"
2474
- },
2475
- "external": {
2476
- "type": "string"
2477
- }
2478
- },
2479
- "required": [
2480
- "external",
2481
- "internal"
2482
- ]
2483
- },
2484
- {
2485
- "type": "string"
2486
- }
2487
- ]
2519
+ "host": {
2520
+ "description": "A host to allow outgoing requests to, being either a full host or\na subdomain wildcard pattern with a leading `*`. For example `example.com`\nand `*.example.com` are valid values, `prod.*.example.com` is not.\nThe host may also contain a port, for example `example.com:8080`.",
2521
+ "type": "string"
2488
2522
  },
2489
- "plugins": {
2490
- "description": "Array of plugins which use the target base URL.",
2523
+ "paths": {
2524
+ "description": "An optional list of paths. In case they are present only targets matching\nany of them will are allowed. You can use trailing slashes to make sure only\nsubdirectories are allowed, for example `/mydir/` will allow targets with\npaths like `/mydir/a` but will block paths like `/mydir2`.",
2491
2525
  "type": "array",
2492
2526
  "items": {
2493
2527
  "type": "string"
@@ -2495,17 +2529,17 @@
2495
2529
  }
2496
2530
  },
2497
2531
  "required": [
2498
- "plugins",
2499
- "target"
2532
+ "host"
2500
2533
  ]
2501
2534
  }
2502
2535
  }
2503
- },
2504
- "required": [
2505
- "endpoints"
2506
- ]
2536
+ }
2507
2537
  }
2508
2538
  },
2539
+ "required": [
2540
+ "app",
2541
+ "database"
2542
+ ],
2509
2543
  "$schema": "http://json-schema.org/draft-07/schema#"
2510
2544
  }
2511
2545
  }