@techdocs/cli 1.8.22-next.2 → 1.8.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/CHANGELOG.md +23 -0
  2. package/dist/embedded-app/.config-schema.json +1095 -1225
  3. package/dist/embedded-app/index.html +1 -1
  4. package/dist/embedded-app/index.html.tmpl +1 -1
  5. package/dist/embedded-app/static/2177.b7e2fc73.chunk.js +4 -0
  6. package/dist/embedded-app/static/2177.b7e2fc73.chunk.js.map +1 -0
  7. package/dist/embedded-app/static/{4036.a7456a2d.chunk.js → 4036.18d0b7f2.chunk.js} +1 -1
  8. package/dist/embedded-app/static/{4036.a7456a2d.chunk.js.map → 4036.18d0b7f2.chunk.js.map} +1 -1
  9. package/dist/embedded-app/static/{4516.60c11738.chunk.js → 4516.3caab6a3.chunk.js} +1 -1
  10. package/dist/embedded-app/static/{4516.60c11738.chunk.js.map → 4516.3caab6a3.chunk.js.map} +1 -1
  11. package/dist/embedded-app/static/5724.058de6d8.chunk.js +4 -0
  12. package/dist/embedded-app/static/5724.058de6d8.chunk.js.map +1 -0
  13. package/dist/embedded-app/static/{5788.d7d073f4.chunk.js → 5788.ae686304.chunk.js} +1 -1
  14. package/dist/embedded-app/static/{5788.d7d073f4.chunk.js.map → 5788.ae686304.chunk.js.map} +1 -1
  15. package/dist/embedded-app/static/{9234.921d36f1.chunk.js → 9234.6839c56f.chunk.js} +1 -1
  16. package/dist/embedded-app/static/{9234.921d36f1.chunk.js.map → 9234.6839c56f.chunk.js.map} +1 -1
  17. package/dist/embedded-app/static/{9605.79eaa6f9.chunk.js → 9605.fe23b89f.chunk.js} +1 -1
  18. package/dist/embedded-app/static/{9605.79eaa6f9.chunk.js.map → 9605.fe23b89f.chunk.js.map} +1 -1
  19. package/dist/embedded-app/static/main.b66c4152.js +553 -0
  20. package/dist/embedded-app/static/{main.b9f6f746.js.map → main.b66c4152.js.map} +1 -1
  21. package/dist/embedded-app/static/{module-remix-run.e7427c94.js → module-remix-run.ba6397c2.js} +2 -2
  22. package/dist/embedded-app/static/module-remix-run.ba6397c2.js.map +1 -0
  23. package/dist/embedded-app/static/{runtime.b9f6f746.js → runtime.b66c4152.js} +2 -2
  24. package/dist/embedded-app/static/{runtime.b9f6f746.js.map → runtime.b66c4152.js.map} +1 -1
  25. package/dist/embedded-app/static/vendor.b66c4152.js +170 -0
  26. package/dist/embedded-app/static/vendor.b66c4152.js.map +1 -0
  27. package/dist/package.json.cjs.js +1 -1
  28. package/package.json +7 -7
  29. package/dist/embedded-app/static/2177.5218bd9b.chunk.js +0 -4
  30. package/dist/embedded-app/static/2177.5218bd9b.chunk.js.map +0 -1
  31. package/dist/embedded-app/static/5724.0f3b3ce6.chunk.js +0 -4
  32. package/dist/embedded-app/static/5724.0f3b3ce6.chunk.js.map +0 -1
  33. package/dist/embedded-app/static/main.b9f6f746.js +0 -553
  34. package/dist/embedded-app/static/module-remix-run.e7427c94.js.map +0 -1
  35. package/dist/embedded-app/static/vendor.b9f6f746.js +0 -170
  36. package/dist/embedded-app/static/vendor.b9f6f746.js.map +0 -1
package/dist/embedded-app/.config-schema.json CHANGED
@@ -1092,440 +1092,363 @@
1092
1092
  }
1093
1093
  },
1094
1094
  {
1095
- "path": "../../node_modules/@backstage/backend-common/config.d.ts",
1095
+ "path": "../backend-plugin-api/config.d.ts",
1096
1096
  "value": {
1097
1097
  "type": "object",
1098
1098
  "properties": {
1099
- "app": {
1099
+ "backend": {
1100
1100
  "type": "object",
1101
1101
  "properties": {
1102
- "baseUrl": {
1102
+ "workingDirectory": {
1103
+ "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1103
1104
  "type": "string"
1104
1105
  }
1105
- },
1106
- "required": [
1107
- "baseUrl"
1108
- ]
1109
- },
1110
- "backend": {
1106
+ }
1107
+ }
1108
+ },
1109
+ "$schema": "http://json-schema.org/draft-07/schema#"
1110
+ }
1111
+ },
1112
+ {
1113
+ "path": "../../plugins/auth-backend/config.d.ts",
1114
+ "value": {
1115
+ "type": "object",
1116
+ "properties": {
1117
+ "auth": {
1118
+ "description": "Configuration options for the auth plugin",
1111
1119
  "type": "object",
1112
1120
  "properties": {
1113
- "auth": {
1114
- "description": "Backend configuration for when request authentication is enabled",
1121
+ "environment": {
1122
+ "description": "The 'environment' attribute",
1123
+ "visibility": "frontend",
1124
+ "type": "string"
1125
+ },
1126
+ "session": {
1115
1127
  "type": "object",
1116
1128
  "properties": {
1117
- "keys": {
1118
- "description": "Keys shared by all backends for signing and validating backend tokens.",
1119
- "type": "array",
1120
- "items": {
1121
- "type": "object",
1122
- "properties": {
1123
- "secret": {
1124
- "description": "Secret for generating tokens. Should be a base64 string, recommended\nlength is 24 bytes.",
1125
- "visibility": "secret",
1126
- "type": "string"
1127
- }
1128
- },
1129
- "required": [
1130
- "secret"
1131
- ]
1132
- }
1129
+ "secret": {
1130
+ "description": "The secret attribute of session object.",
1131
+ "visibility": "secret",
1132
+ "type": "string"
1133
1133
  }
1134
1134
  }
1135
1135
  },
1136
- "baseUrl": {
1136
+ "identityTokenAlgorithm": {
1137
+ "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match one of the algorithms defined for IdentityClient.\nWhen setting a different algorithm, check if the `key` field\nof the `signing_keys` table can fit the length of the generated keys.\nIf not, add a knex migration file in the migrations folder.\nMore info on supported algorithms: https://github.com/panva/jose",
1137
1138
  "type": "string"
1138
1139
  },
1139
- "listen": {
1140
- "description": "Address that the backend should listen to.",
1141
- "anyOf": [
1142
- {
1140
+ "keyStore": {
1141
+ "description": "To control how to store JWK data in auth-backend",
1142
+ "type": "object",
1143
+ "properties": {
1144
+ "provider": {
1145
+ "enum": [
1146
+ "database",
1147
+ "firestore",
1148
+ "memory",
1149
+ "static"
1150
+ ],
1151
+ "type": "string"
1152
+ },
1153
+ "firestore": {
1143
1154
  "type": "object",
1144
1155
  "properties": {
1145
1156
  "host": {
1146
- "description": "Address of the interface that the backend should bind to.",
1157
+ "description": "The host to connect to",
1147
1158
  "type": "string"
1148
1159
  },
1149
1160
  "port": {
1150
- "description": "Port that the backend should listen to.",
1151
- "type": [
1152
- "string",
1153
- "number"
1154
- ]
1161
+ "description": "The port to connect to",
1162
+ "type": "number"
1163
+ },
1164
+ "ssl": {
1165
+ "description": "Whether to use SSL when connecting.",
1166
+ "type": "boolean"
1167
+ },
1168
+ "projectId": {
1169
+ "description": "The Google Cloud Project ID",
1170
+ "type": "string"
1171
+ },
1172
+ "keyFilename": {
1173
+ "description": "Local file containing the Service Account credentials.\nYou can omit this value to automatically read from\nGOOGLE_APPLICATION_CREDENTIALS env which is useful for local\ndevelopment.",
1174
+ "type": "string"
1175
+ },
1176
+ "path": {
1177
+ "description": "The path to use for the collection. Defaults to 'sessions'",
1178
+ "type": "string"
1179
+ },
1180
+ "timeout": {
1181
+ "description": "Timeout used for database operations. Defaults to 10000ms",
1182
+ "type": "number"
1155
1183
  }
1156
1184
  }
1157
1185
  },
1158
- {
1159
- "type": "string"
1160
- }
1161
- ]
1162
- },
1163
- "https": {
1164
- "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
1165
- "anyOf": [
1166
- {
1186
+ "static": {
1167
1187
  "type": "object",
1168
1188
  "properties": {
1169
- "certificate": {
1170
- "description": "Certificate configuration",
1171
- "type": "object",
1172
- "properties": {
1173
- "cert": {
1174
- "description": "PEM encoded certificate. Use $file to load in a file",
1175
- "type": "string"
1189
+ "keys": {
1190
+ "description": "Must be declared at least once and the first one will be used for signing",
1191
+ "type": "array",
1192
+ "items": {
1193
+ "type": "object",
1194
+ "properties": {
1195
+ "publicKeyFile": {
1196
+ "description": "Path to the public key file in the SPKI format",
1197
+ "type": "string"
1198
+ },
1199
+ "privateKeyFile": {
1200
+ "description": "Path to the matching private key file in the PKCS#8 format",
1201
+ "type": "string"
1202
+ },
1203
+ "keyId": {
1204
+ "description": "id to uniquely identify this key within the JWK set",
1205
+ "type": "string"
1206
+ },
1207
+ "algorithm": {
1208
+ "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match the algorithm used to generate the keys in the provided files",
1209
+ "type": "string"
1210
+ }
1176
1211
  },
1177
- "key": {
1178
- "description": "PEM encoded certificate key. Use $file to load in a file.",
1179
- "visibility": "secret",
1180
- "type": "string"
1181
- }
1182
- },
1183
- "required": [
1184
- "cert",
1185
- "key"
1186
- ]
1212
+ "required": [
1213
+ "keyId",
1214
+ "privateKeyFile",
1215
+ "publicKeyFile"
1216
+ ]
1217
+ }
1187
1218
  }
1188
- }
1189
- },
1190
- {
1191
- "const": true,
1192
- "type": "boolean"
1219
+ },
1220
+ "required": [
1221
+ "keys"
1222
+ ]
1193
1223
  }
1194
- ]
1195
- },
1196
- "workingDirectory": {
1197
- "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1198
- "type": "string"
1224
+ }
1199
1225
  },
1200
- "database": {
1201
- "description": "Database connection configuration, select base database type using the `client` field",
1226
+ "providers": {
1227
+ "description": "The available auth-provider options and attributes",
1228
+ "additionalProperties": true,
1202
1229
  "type": "object",
1203
1230
  "properties": {
1204
- "client": {
1205
- "description": "Default database client to use",
1206
- "enum": [
1207
- "better-sqlite3",
1208
- "pg",
1209
- "sqlite3"
1210
- ],
1211
- "type": "string"
1212
- },
1213
- "connection": {
1214
- "description": "Base database connection string, or object with individual connection properties",
1215
- "visibility": "secret",
1216
- "anyOf": [
1217
- {
1218
- "type": "object",
1219
- "additionalProperties": {},
1220
- "properties": {
1221
- "password": {
1222
- "description": "Password that belongs to the client User",
1223
- "visibility": "secret",
1224
- "type": "string"
1225
- }
1231
+ "saml": {
1232
+ "visibility": "frontend",
1233
+ "type": "object",
1234
+ "properties": {
1235
+ "entryPoint": {
1236
+ "type": "string"
1237
+ },
1238
+ "logoutUrl": {
1239
+ "type": "string"
1240
+ },
1241
+ "issuer": {
1242
+ "type": "string"
1243
+ },
1244
+ "cert": {
1245
+ "visibility": "secret",
1246
+ "type": "string"
1247
+ },
1248
+ "audience": {
1249
+ "type": "string"
1250
+ },
1251
+ "privateKey": {
1252
+ "visibility": "secret",
1253
+ "type": "string"
1254
+ },
1255
+ "authnContext": {
1256
+ "type": "array",
1257
+ "items": {
1258
+ "type": "string"
1226
1259
  }
1227
1260
  },
1228
- {
1261
+ "identifierFormat": {
1262
+ "type": "string"
1263
+ },
1264
+ "decryptionPvk": {
1265
+ "visibility": "secret",
1266
+ "type": "string"
1267
+ },
1268
+ "signatureAlgorithm": {
1269
+ "enum": [
1270
+ "sha256",
1271
+ "sha512"
1272
+ ],
1273
+ "type": "string"
1274
+ },
1275
+ "digestAlgorithm": {
1229
1276
  "type": "string"
1277
+ },
1278
+ "acceptedClockSkewMs": {
1279
+ "type": "number"
1230
1280
  }
1281
+ },
1282
+ "required": [
1283
+ "cert",
1284
+ "entryPoint",
1285
+ "issuer"
1231
1286
  ]
1232
1287
  },
1233
- "prefix": {
1234
- "description": "Database name prefix override",
1235
- "type": "string"
1236
- },
1237
- "ensureExists": {
1238
- "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to true if unspecified.",
1239
- "type": "boolean"
1240
- },
1241
- "ensureSchemaExists": {
1242
- "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
1243
- "type": "boolean"
1244
- },
1245
- "pluginDivisionMode": {
1246
- "description": "How plugins databases are managed/divided in the provided database instance.\n\n`database` -> Plugins are each given their own database to manage their schemas/tables.\n\n`schema` -> Plugins will be given their own schema (in the specified/default database)\n to manage their tables.\n\nNOTE: Currently only supported by the `pg` client.",
1247
- "default": "database",
1248
- "enum": [
1249
- "database",
1250
- "schema"
1251
- ],
1252
- "type": "string"
1253
- },
1254
- "role": {
1255
- "description": "Configures the ownership of newly created schemas in pg databases.",
1256
- "type": "string"
1257
- },
1258
- "knexConfig": {
1259
- "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the debug\nand asyncStackTraces booleans",
1260
- "type": "object",
1261
- "properties": {},
1262
- "additionalProperties": true
1263
- },
1264
- "plugin": {
1265
- "description": "Plugin specific database configuration and client override",
1288
+ "auth0": {
1289
+ "visibility": "frontend",
1266
1290
  "type": "object",
1267
1291
  "additionalProperties": {
1268
1292
  "type": "object",
1269
1293
  "properties": {
1270
- "client": {
1271
- "description": "Database client override",
1272
- "enum": [
1273
- "better-sqlite3",
1274
- "pg",
1275
- "sqlite3"
1276
- ],
1294
+ "clientId": {
1277
1295
  "type": "string"
1278
1296
  },
1279
- "connection": {
1280
- "description": "Database connection string or Knex object override",
1297
+ "clientSecret": {
1281
1298
  "visibility": "secret",
1282
- "anyOf": [
1283
- {
1284
- "type": "object",
1285
- "properties": {},
1286
- "additionalProperties": true
1287
- },
1288
- {
1289
- "type": "string"
1290
- }
1291
- ]
1299
+ "type": "string"
1292
1300
  },
1293
- "ensureExists": {
1294
- "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to base config if unspecified.",
1295
- "type": "boolean"
1301
+ "domain": {
1302
+ "type": "string"
1296
1303
  },
1297
- "ensureSchemaExists": {
1298
- "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
1299
- "type": "boolean"
1304
+ "callbackUrl": {
1305
+ "type": "string"
1300
1306
  },
1301
- "knexConfig": {
1302
- "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the\ndebug and asyncStackTraces booleans.\n\nThis is merged recursively into the base knexConfig",
1303
- "type": "object",
1304
- "properties": {},
1305
- "additionalProperties": true
1307
+ "audience": {
1308
+ "type": "string"
1306
1309
  },
1307
- "role": {
1308
- "description": "Configures the ownership of newly created schemas in pg databases.",
1310
+ "connection": {
1311
+ "type": "string"
1312
+ },
1313
+ "connectionScope": {
1309
1314
  "type": "string"
1310
1315
  }
1311
- }
1312
- }
1313
- }
1314
- },
1315
- "required": [
1316
- "client",
1317
- "connection"
1318
- ]
1319
- },
1320
- "cache": {
1321
- "description": "Cache connection configuration, select cache type using the `store` field",
1322
- "anyOf": [
1323
- {
1324
- "type": "object",
1325
- "properties": {
1326
- "store": {
1327
- "type": "string",
1328
- "const": "memory"
1329
1316
  },
1330
- "defaultTtl": {
1331
- "description": "An optional default TTL (in milliseconds)."
1332
- }
1333
- },
1334
- "required": [
1335
- "store"
1336
- ]
1317
+ "required": [
1318
+ "clientId",
1319
+ "clientSecret",
1320
+ "domain"
1321
+ ]
1322
+ }
1337
1323
  },
1338
- {
1324
+ "onelogin": {
1325
+ "visibility": "frontend",
1339
1326
  "type": "object",
1340
- "properties": {
1341
- "store": {
1342
- "type": "string",
1343
- "const": "redis"
1344
- },
1345
- "connection": {
1346
- "description": "A redis connection string in the form `redis://user:pass@host:port`.",
1347
- "visibility": "secret",
1348
- "type": "string"
1349
- },
1350
- "defaultTtl": {
1351
- "description": "An optional default TTL (in milliseconds)."
1327
+ "additionalProperties": {
1328
+ "type": "object",
1329
+ "properties": {
1330
+ "clientId": {
1331
+ "type": "string"
1332
+ },
1333
+ "clientSecret": {
1334
+ "visibility": "secret",
1335
+ "type": "string"
1336
+ },
1337
+ "issuer": {
1338
+ "type": "string"
1339
+ },
1340
+ "callbackUrl": {
1341
+ "type": "string"
1342
+ }
1352
1343
  },
1353
- "useRedisSets": {
1354
- "description": "Whether or not [useRedisSets](https://github.com/jaredwray/keyv/tree/main/packages/redis#useredissets) should be configured to this redis cache.\nDefaults to true if unspecified.",
1355
- "type": "boolean"
1356
- }
1357
- },
1358
- "required": [
1359
- "connection",
1360
- "store"
1361
- ]
1344
+ "required": [
1345
+ "clientId",
1346
+ "clientSecret",
1347
+ "issuer"
1348
+ ]
1349
+ }
1362
1350
  },
1363
- {
1364
- "type": "object",
1365
- "properties": {
1366
- "store": {
1367
- "type": "string",
1368
- "const": "memcache"
1369
- },
1370
- "connection": {
1371
- "description": "A memcache connection string in the form `user:pass@host:port`.",
1372
- "visibility": "secret",
1373
- "type": "string"
1374
- },
1375
- "defaultTtl": {
1376
- "description": "An optional default TTL (in milliseconds)."
1377
- }
1378
- },
1379
- "required": [
1380
- "connection",
1381
- "store"
1382
- ]
1351
+ "backstageTokenExpiration": {
1352
+ "description": "The backstage token expiration."
1383
1353
  }
1384
- ]
1354
+ }
1385
1355
  },
1386
- "cors": {
1387
- "description": "Properties returned upon CORS requests to the backend, including the app-backend.",
1356
+ "experimentalExtraAllowedOrigins": {
1357
+ "description": "Additional app origins to allow for authenticating",
1358
+ "type": "array",
1359
+ "items": {
1360
+ "type": "string"
1361
+ }
1362
+ }
1363
+ }
1364
+ }
1365
+ },
1366
+ "$schema": "http://json-schema.org/draft-07/schema#"
1367
+ }
1368
+ },
1369
+ {
1370
+ "path": "../../plugins/auth-backend-module-guest-provider/config.d.ts",
1371
+ "value": {
1372
+ "type": "object",
1373
+ "properties": {
1374
+ "auth": {
1375
+ "description": "Configuration options for the auth plugin",
1376
+ "type": "object",
1377
+ "properties": {
1378
+ "providers": {
1388
1379
  "type": "object",
1389
1380
  "properties": {
1390
- "origin": {
1391
- "anyOf": [
1392
- {
1393
- "type": "array",
1394
- "items": {
1395
- "type": "string"
1396
- }
1397
- },
1398
- {
1381
+ "guest": {
1382
+ "type": "object",
1383
+ "properties": {
1384
+ "userEntityRef": {
1385
+ "description": "The entity reference to use for the guest user.",
1386
+ "default": "user:development/guest",
1399
1387
  "type": "string"
1400
- }
1401
- ]
1402
- },
1403
- "methods": {
1404
- "anyOf": [
1405
- {
1406
- "type": "array",
1407
- "items": {
1408
- "type": "string"
1409
- }
1410
1388
  },
1411
- {
1412
- "type": "string"
1413
- }
1414
- ]
1415
- },
1416
- "allowedHeaders": {
1417
- "anyOf": [
1418
- {
1389
+ "ownershipEntityRefs": {
1390
+ "description": "A list of entity references to user for ownership of the guest user if the user\n is not found in the catalog.",
1391
+ "default": "[userEntityRef]",
1419
1392
  "type": "array",
1420
1393
  "items": {
1421
1394
  "type": "string"
1422
1395
  }
1423
1396
  },
1424
- {
1425
- "type": "string"
1397
+ "dangerouslyAllowOutsideDevelopment": {
1398
+ "description": "Allow users to sign in with the guest provider outside of their development environments.",
1399
+ "type": "boolean"
1426
1400
  }
1427
- ]
1428
- },
1429
- "exposedHeaders": {
1430
- "anyOf": [
1431
- {
1432
- "type": "array",
1433
- "items": {
1434
- "type": "string"
1435
- }
1436
- },
1437
- {
1438
- "type": "string"
1439
- }
1440
- ]
1441
- },
1442
- "credentials": {
1443
- "type": "boolean"
1444
- },
1445
- "maxAge": {
1446
- "type": "number"
1447
- },
1448
- "preflightContinue": {
1449
- "type": "boolean"
1450
- },
1451
- "optionsSuccessStatus": {
1452
- "type": "number"
1453
- }
1454
- }
1455
- },
1456
- "csp": {
1457
- "description": "Content Security Policy options.\n\nThe keys are the plain policy ID, e.g. \"upgrade-insecure-requests\". The\nvalues are on the format that the helmet library expects them, as an\narray of strings. There is also the special value false, which means to\nremove the default value that Backstage puts in place for that policy.",
1458
- "type": "object",
1459
- "additionalProperties": {
1460
- "anyOf": [
1461
- {
1462
- "type": "array",
1463
- "items": {
1464
- "type": "string"
1465
- }
1466
- },
1467
- {
1468
- "const": false,
1469
- "type": "boolean"
1470
- }
1471
- ]
1472
- }
1473
- },
1474
- "reading": {
1475
- "description": "Configuration related to URL reading, used for example for reading catalog info\nfiles, scaffolder templates, and techdocs content.",
1476
- "type": "object",
1477
- "properties": {
1478
- "allow": {
1479
- "description": "A list of targets to allow outgoing requests to. Users will be able to make\nrequests on behalf of the backend to the targets that are allowed by this list.",
1480
- "type": "array",
1481
- "items": {
1482
- "type": "object",
1483
- "properties": {
1484
- "host": {
1485
- "description": "A host to allow outgoing requests to, being either a full host or\na subdomain wildcard pattern with a leading `*`. For example `example.com`\nand `*.example.com` are valid values, `prod.*.example.com` is not.\nThe host may also contain a port, for example `example.com:8080`.",
1486
- "type": "string"
1487
- },
1488
- "paths": {
1489
- "description": "An optional list of paths. In case they are present only targets matching\nany of them will are allowed. You can use trailing slashes to make sure only\nsubdirectories are allowed, for example `/mydir/` will allow targets with\npaths like `/mydir/a` but will block paths like `/mydir2`.",
1490
- "type": "array",
1491
- "items": {
1492
- "type": "string"
1493
- }
1494
- }
1495
- },
1496
- "required": [
1497
- "host"
1498
- ]
1499
1401
  }
1500
1402
  }
1501
1403
  }
1502
1404
  }
1503
1405
  },
1504
1406
  "required": [
1505
- "baseUrl",
1506
- "database",
1507
- "listen"
1407
+ "providers"
1508
1408
  ]
1509
1409
  }
1510
1410
  },
1511
- "required": [
1512
- "app",
1513
- "backend"
1514
- ],
1515
1411
  "$schema": "http://json-schema.org/draft-07/schema#"
1516
1412
  }
1517
1413
  },
1518
1414
  {
1519
- "path": "../backend-plugin-api/config.d.ts",
1415
+ "path": "../../node_modules/@backstage-community/plugin-puppetdb/node_modules/@backstage/core-components/config.d.ts",
1520
1416
  "value": {
1521
1417
  "type": "object",
1522
1418
  "properties": {
1523
- "backend": {
1419
+ "auth": {
1524
1420
  "type": "object",
1525
1421
  "properties": {
1526
- "workingDirectory": {
1527
- "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1528
- "type": "string"
1422
+ "autologout": {
1423
+ "description": "Autologout feature configuration",
1424
+ "type": "object",
1425
+ "properties": {
1426
+ "enabled": {
1427
+ "description": "Enable or disable the autologout feature",
1428
+ "visibility": "frontend",
1429
+ "type": "boolean"
1430
+ },
1431
+ "idleTimeoutMinutes": {
1432
+ "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1433
+ "visibility": "frontend",
1434
+ "type": "number"
1435
+ },
1436
+ "promptBeforeIdleSeconds": {
1437
+ "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1438
+ "visibility": "frontend",
1439
+ "type": "number"
1440
+ },
1441
+ "useWorkerTimers": {
1442
+ "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1443
+ "visibility": "frontend",
1444
+ "type": "boolean"
1445
+ },
1446
+ "logoutIfDisconnected": {
1447
+ "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1448
+ "visibility": "frontend",
1449
+ "type": "boolean"
1450
+ }
1451
+ }
1529
1452
  }
1530
1453
  }
1531
1454
  }
@@ -1534,650 +1457,176 @@
1534
1457
  }
1535
1458
  },
1536
1459
  {
1537
- "path": "../../plugins/auth-backend-module-guest-provider/config.d.ts",
1460
+ "path": "../../node_modules/@oriflame/backstage-plugin-score-card/node_modules/@backstage/core-components/config.d.ts",
1538
1461
  "value": {
1539
1462
  "type": "object",
1540
1463
  "properties": {
1541
1464
  "auth": {
1542
- "description": "Configuration options for the auth plugin",
1543
1465
  "type": "object",
1544
1466
  "properties": {
1545
- "providers": {
1467
+ "autologout": {
1468
+ "description": "Autologout feature configuration",
1546
1469
  "type": "object",
1547
1470
  "properties": {
1548
- "guest": {
1471
+ "enabled": {
1472
+ "description": "Enable or disable the autologout feature",
1473
+ "visibility": "frontend",
1474
+ "type": "boolean"
1475
+ },
1476
+ "idleTimeoutMinutes": {
1477
+ "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1478
+ "visibility": "frontend",
1479
+ "type": "number"
1480
+ },
1481
+ "promptBeforeIdleSeconds": {
1482
+ "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1483
+ "visibility": "frontend",
1484
+ "type": "number"
1485
+ },
1486
+ "useWorkerTimers": {
1487
+ "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1488
+ "visibility": "frontend",
1489
+ "type": "boolean"
1490
+ },
1491
+ "logoutIfDisconnected": {
1492
+ "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1493
+ "visibility": "frontend",
1494
+ "type": "boolean"
1495
+ }
1496
+ }
1497
+ }
1498
+ }
1499
+ }
1500
+ },
1501
+ "$schema": "http://json-schema.org/draft-07/schema#"
1502
+ }
1503
+ },
1504
+ {
1505
+ "path": "../backend-app-api/config.d.ts",
1506
+ "value": {
1507
+ "type": "object",
1508
+ "properties": {
1509
+ "backend": {
1510
+ "type": "object",
1511
+ "properties": {
1512
+ "packages": {
1513
+ "description": "Used by the feature discovery service",
1514
+ "anyOf": [
1515
+ {
1549
1516
  "type": "object",
1550
1517
  "properties": {
1551
- "userEntityRef": {
1552
- "description": "The entity reference to use for the guest user.",
1553
- "default": "user:development/guest",
1554
- "type": "string"
1555
- },
1556
- "ownershipEntityRefs": {
1557
- "description": "A list of entity references to user for ownership of the guest user if the user\n is not found in the catalog.",
1558
- "default": "[userEntityRef]",
1518
+ "include": {
1559
1519
  "type": "array",
1560
1520
  "items": {
1561
1521
  "type": "string"
1562
1522
  }
1563
1523
  },
1564
- "dangerouslyAllowOutsideDevelopment": {
1565
- "description": "Allow users to sign in with the guest provider outside of their development environments.",
1566
- "type": "boolean"
1524
+ "exclude": {
1525
+ "type": "array",
1526
+ "items": {
1527
+ "type": "string"
1528
+ }
1567
1529
  }
1568
1530
  }
1531
+ },
1532
+ {
1533
+ "const": "all",
1534
+ "type": "string"
1569
1535
  }
1570
- }
1536
+ ]
1571
1537
  }
1572
- },
1573
- "required": [
1574
- "providers"
1575
- ]
1538
+ }
1576
1539
  }
1577
1540
  },
1578
1541
  "$schema": "http://json-schema.org/draft-07/schema#"
1579
1542
  }
1580
1543
  },
1581
1544
  {
1582
- "path": "../../plugins/auth-backend/config.d.ts",
1545
+ "path": "../backend-defaults/config.d.ts",
1583
1546
  "value": {
1584
1547
  "type": "object",
1585
1548
  "properties": {
1586
- "auth": {
1587
- "description": "Configuration options for the auth plugin",
1549
+ "app": {
1588
1550
  "type": "object",
1589
1551
  "properties": {
1590
- "environment": {
1591
- "description": "The 'environment' attribute",
1592
- "visibility": "frontend",
1552
+ "baseUrl": {
1593
1553
  "type": "string"
1594
- },
1595
- "session": {
1596
- "type": "object",
1597
- "properties": {
1598
- "secret": {
1599
- "description": "The secret attribute of session object.",
1600
- "visibility": "secret",
1601
- "type": "string"
1602
- }
1603
- }
1604
- },
1605
- "identityTokenAlgorithm": {
1606
- "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match one of the algorithms defined for IdentityClient.\nWhen setting a different algorithm, check if the `key` field\nof the `signing_keys` table can fit the length of the generated keys.\nIf not, add a knex migration file in the migrations folder.\nMore info on supported algorithms: https://github.com/panva/jose",
1554
+ }
1555
+ },
1556
+ "required": [
1557
+ "baseUrl"
1558
+ ]
1559
+ },
1560
+ "backend": {
1561
+ "type": "object",
1562
+ "properties": {
1563
+ "baseUrl": {
1564
+ "description": "The full base URL of the backend, as seen from the browser's point of\nview as it makes calls to the backend.",
1607
1565
  "type": "string"
1608
1566
  },
1609
- "keyStore": {
1610
- "description": "To control how to store JWK data in auth-backend",
1611
- "type": "object",
1612
- "properties": {
1613
- "provider": {
1614
- "enum": [
1615
- "database",
1616
- "firestore",
1617
- "memory",
1618
- "static"
1619
- ],
1620
- "type": "string"
1621
- },
1622
- "firestore": {
1567
+ "listen": {
1568
+ "description": "Address that the backend should listen to.",
1569
+ "anyOf": [
1570
+ {
1623
1571
  "type": "object",
1624
1572
  "properties": {
1625
1573
  "host": {
1626
- "description": "The host to connect to",
1574
+ "description": "Address of the interface that the backend should bind to.",
1627
1575
  "type": "string"
1628
1576
  },
1629
1577
  "port": {
1630
- "description": "The port to connect to",
1631
- "type": "number"
1632
- },
1633
- "ssl": {
1634
- "description": "Whether to use SSL when connecting.",
1635
- "type": "boolean"
1636
- },
1637
- "projectId": {
1638
- "description": "The Google Cloud Project ID",
1639
- "type": "string"
1640
- },
1641
- "keyFilename": {
1642
- "description": "Local file containing the Service Account credentials.\nYou can omit this value to automatically read from\nGOOGLE_APPLICATION_CREDENTIALS env which is useful for local\ndevelopment.",
1643
- "type": "string"
1644
- },
1645
- "path": {
1646
- "description": "The path to use for the collection. Defaults to 'sessions'",
1647
- "type": "string"
1648
- },
1649
- "timeout": {
1650
- "description": "Timeout used for database operations. Defaults to 10000ms",
1651
- "type": "number"
1578
+ "description": "Port that the backend should listen to.",
1579
+ "type": [
1580
+ "string",
1581
+ "number"
1582
+ ]
1652
1583
  }
1653
1584
  }
1654
1585
  },
1655
- "static": {
1656
- "type": "object",
1657
- "properties": {
1658
- "keys": {
1659
- "description": "Must be declared at least once and the first one will be used for signing",
1660
- "type": "array",
1661
- "items": {
1662
- "type": "object",
1663
- "properties": {
1664
- "publicKeyFile": {
1665
- "description": "Path to the public key file in the SPKI format",
1666
- "type": "string"
1667
- },
1668
- "privateKeyFile": {
1669
- "description": "Path to the matching private key file in the PKCS#8 format",
1670
- "type": "string"
1671
- },
1672
- "keyId": {
1673
- "description": "id to uniquely identify this key within the JWK set",
1674
- "type": "string"
1675
- },
1676
- "algorithm": {
1677
- "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match the algorithm used to generate the keys in the provided files",
1678
- "type": "string"
1679
- }
1680
- },
1681
- "required": [
1682
- "keyId",
1683
- "privateKeyFile",
1684
- "publicKeyFile"
1685
- ]
1686
- }
1687
- }
1688
- },
1689
- "required": [
1690
- "keys"
1691
- ]
1586
+ {
1587
+ "type": "string"
1692
1588
  }
1693
- }
1589
+ ]
1694
1590
  },
1695
- "providers": {
1696
- "description": "The available auth-provider options and attributes",
1697
- "additionalProperties": true,
1698
- "type": "object",
1699
- "properties": {
1700
- "saml": {
1701
- "visibility": "frontend",
1591
+ "https": {
1592
+ "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
1593
+ "anyOf": [
1594
+ {
1702
1595
  "type": "object",
1703
1596
  "properties": {
1704
- "entryPoint": {
1705
- "type": "string"
1706
- },
1707
- "logoutUrl": {
1708
- "type": "string"
1709
- },
1710
- "issuer": {
1711
- "type": "string"
1712
- },
1713
- "cert": {
1714
- "visibility": "secret",
1715
- "type": "string"
1716
- },
1717
- "audience": {
1718
- "type": "string"
1719
- },
1720
- "privateKey": {
1721
- "visibility": "secret",
1722
- "type": "string"
1723
- },
1724
- "authnContext": {
1725
- "type": "array",
1726
- "items": {
1727
- "type": "string"
1728
- }
1729
- },
1730
- "identifierFormat": {
1731
- "type": "string"
1732
- },
1733
- "decryptionPvk": {
1734
- "visibility": "secret",
1735
- "type": "string"
1736
- },
1737
- "signatureAlgorithm": {
1738
- "enum": [
1739
- "sha256",
1740
- "sha512"
1741
- ],
1742
- "type": "string"
1743
- },
1744
- "digestAlgorithm": {
1745
- "type": "string"
1746
- },
1747
- "acceptedClockSkewMs": {
1748
- "type": "number"
1749
- }
1750
- },
1751
- "required": [
1752
- "cert",
1753
- "entryPoint",
1754
- "issuer"
1755
- ]
1756
- },
1757
- "auth0": {
1758
- "visibility": "frontend",
1759
- "type": "object",
1760
- "additionalProperties": {
1761
- "type": "object",
1762
- "properties": {
1763
- "clientId": {
1764
- "type": "string"
1765
- },
1766
- "clientSecret": {
1767
- "visibility": "secret",
1768
- "type": "string"
1769
- },
1770
- "domain": {
1771
- "type": "string"
1772
- },
1773
- "callbackUrl": {
1774
- "type": "string"
1775
- },
1776
- "audience": {
1777
- "type": "string"
1778
- },
1779
- "connection": {
1780
- "type": "string"
1781
- },
1782
- "connectionScope": {
1783
- "type": "string"
1784
- }
1785
- },
1786
- "required": [
1787
- "clientId",
1788
- "clientSecret",
1789
- "domain"
1790
- ]
1791
- }
1792
- },
1793
- "onelogin": {
1794
- "visibility": "frontend",
1795
- "type": "object",
1796
- "additionalProperties": {
1797
- "type": "object",
1798
- "properties": {
1799
- "clientId": {
1800
- "type": "string"
1801
- },
1802
- "clientSecret": {
1803
- "visibility": "secret",
1804
- "type": "string"
1805
- },
1806
- "issuer": {
1807
- "type": "string"
1597
+ "certificate": {
1598
+ "description": "Certificate configuration",
1599
+ "type": "object",
1600
+ "properties": {
1601
+ "cert": {
1602
+ "description": "PEM encoded certificate. Use $file to load in a file",
1603
+ "type": "string"
1604
+ },
1605
+ "key": {
1606
+ "description": "PEM encoded certificate key. Use $file to load in a file.",
1607
+ "visibility": "secret",
1608
+ "type": "string"
1609
+ }
1808
1610
  },
1809
- "callbackUrl": {
1810
- "type": "string"
1811
- }
1812
- },
1813
- "required": [
1814
- "clientId",
1815
- "clientSecret",
1816
- "issuer"
1817
- ]
1611
+ "required": [
1612
+ "cert",
1613
+ "key"
1614
+ ]
1615
+ }
1818
1616
  }
1819
1617
  },
1820
- "backstageTokenExpiration": {
1821
- "description": "The backstage token expiration."
1618
+ {
1619
+ "const": true,
1620
+ "type": "boolean"
1822
1621
  }
1823
- }
1622
+ ]
1824
1623
  },
1825
- "experimentalExtraAllowedOrigins": {
1826
- "description": "Additional app origins to allow for authenticating",
1827
- "type": "array",
1828
- "items": {
1829
- "type": "string"
1830
- }
1831
- }
1832
- }
1833
- }
1834
- },
1835
- "$schema": "http://json-schema.org/draft-07/schema#"
1836
- }
1837
- },
1838
- {
1839
- "path": "../../node_modules/@backstage-community/plugin-puppetdb/node_modules/@backstage/core-components/config.d.ts",
1840
- "value": {
1841
- "type": "object",
1842
- "properties": {
1843
- "auth": {
1844
- "type": "object",
1845
- "properties": {
1846
- "autologout": {
1847
- "description": "Autologout feature configuration",
1624
+ "auth": {
1625
+ "description": "Options used by the default auth, httpAuth and userInfo services.",
1848
1626
  "type": "object",
1849
1627
  "properties": {
1850
- "enabled": {
1851
- "description": "Enable or disable the autologout feature",
1852
- "visibility": "frontend",
1853
- "type": "boolean"
1854
- },
1855
- "idleTimeoutMinutes": {
1856
- "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1857
- "visibility": "frontend",
1858
- "type": "number"
1859
- },
1860
- "promptBeforeIdleSeconds": {
1861
- "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1862
- "visibility": "frontend",
1863
- "type": "number"
1864
- },
1865
- "useWorkerTimers": {
1866
- "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1867
- "visibility": "frontend",
1868
- "type": "boolean"
1869
- },
1870
- "logoutIfDisconnected": {
1871
- "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1872
- "visibility": "frontend",
1873
- "type": "boolean"
1874
- }
1875
- }
1876
- }
1877
- }
1878
- }
1879
- },
1880
- "$schema": "http://json-schema.org/draft-07/schema#"
1881
- }
1882
- },
1883
- {
1884
- "path": "../../node_modules/@oriflame/backstage-plugin-score-card/node_modules/@backstage/core-components/config.d.ts",
1885
- "value": {
1886
- "type": "object",
1887
- "properties": {
1888
- "auth": {
1889
- "type": "object",
1890
- "properties": {
1891
- "autologout": {
1892
- "description": "Autologout feature configuration",
1893
- "type": "object",
1894
- "properties": {
1895
- "enabled": {
1896
- "description": "Enable or disable the autologout feature",
1897
- "visibility": "frontend",
1898
- "type": "boolean"
1899
- },
1900
- "idleTimeoutMinutes": {
1901
- "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1902
- "visibility": "frontend",
1903
- "type": "number"
1904
- },
1905
- "promptBeforeIdleSeconds": {
1906
- "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1907
- "visibility": "frontend",
1908
- "type": "number"
1909
- },
1910
- "useWorkerTimers": {
1911
- "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1912
- "visibility": "frontend",
1913
- "type": "boolean"
1914
- },
1915
- "logoutIfDisconnected": {
1916
- "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1917
- "visibility": "frontend",
1918
- "type": "boolean"
1919
- }
1920
- }
1921
- }
1922
- }
1923
- }
1924
- },
1925
- "$schema": "http://json-schema.org/draft-07/schema#"
1926
- }
1927
- },
1928
- {
1929
- "path": "../../node_modules/@backstage/backend-common/node_modules/@backstage/backend-plugin-api/config.d.ts",
1930
- "value": {
1931
- "type": "object",
1932
- "properties": {
1933
- "backend": {
1934
- "type": "object",
1935
- "properties": {
1936
- "workingDirectory": {
1937
- "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1938
- "type": "string"
1939
- }
1940
- }
1941
- }
1942
- },
1943
- "$schema": "http://json-schema.org/draft-07/schema#"
1944
- }
1945
- },
1946
- {
1947
- "path": "../integration-aws-node/config.d.ts",
1948
- "value": {
1949
- "type": "object",
1950
- "properties": {
1951
- "aws": {
1952
- "description": "Configuration for access to AWS accounts",
1953
- "type": "object",
1954
- "properties": {
1955
- "accountDefaults": {
1956
- "description": "Defaults for retrieving AWS account credentials",
1957
- "type": "object",
1958
- "properties": {
1959
- "roleName": {
1960
- "description": "The IAM role to assume to retrieve temporary AWS credentials",
1961
- "type": "string"
1962
- },
1963
- "partition": {
1964
- "description": "The AWS partition of the IAM role, e.g. \"aws\", \"aws-cn\"",
1965
- "type": "string"
1966
- },
1967
- "region": {
1968
- "description": "The STS regional endpoint to use when retrieving temporary AWS credentials, e.g. \"ap-northeast-1\"",
1969
- "type": "string"
1970
- },
1971
- "externalId": {
1972
- "description": "The unique identifier needed to assume the role to retrieve temporary AWS credentials",
1973
- "visibility": "secret",
1974
- "type": "string"
1975
- }
1976
- }
1977
- },
1978
- "mainAccount": {
1979
- "description": "Main account to use for retrieving AWS account credentials",
1980
- "type": "object",
1981
- "properties": {
1982
- "accessKeyId": {
1983
- "description": "The access key ID for a set of static AWS credentials",
1984
- "visibility": "secret",
1985
- "type": "string"
1986
- },
1987
- "secretAccessKey": {
1988
- "description": "The secret access key for a set of static AWS credentials",
1989
- "visibility": "secret",
1990
- "type": "string"
1991
- },
1992
- "profile": {
1993
- "description": "The configuration profile from a credentials file at ~/.aws/credentials and\na configuration file at ~/.aws/config.",
1994
- "type": "string"
1995
- },
1996
- "region": {
1997
- "description": "The STS regional endpoint to use for the main account, e.g. \"ap-northeast-1\"",
1998
- "type": "string"
1999
- }
2000
- }
2001
- },
2002
- "accounts": {
2003
- "description": "Configuration for retrieving AWS accounts credentials",
2004
- "type": "array",
2005
- "items": {
2006
- "type": "object",
2007
- "properties": {
2008
- "accountId": {
2009
- "description": "The account ID of the target account that this matches on, e.g. \"123456789012\"",
2010
- "type": "string"
2011
- },
2012
- "accessKeyId": {
2013
- "description": "The access key ID for a set of static AWS credentials",
2014
- "visibility": "secret",
2015
- "type": "string"
2016
- },
2017
- "secretAccessKey": {
2018
- "description": "The secret access key for a set of static AWS credentials",
2019
- "visibility": "secret",
2020
- "type": "string"
2021
- },
2022
- "profile": {
2023
- "description": "The configuration profile from a credentials file at ~/.aws/credentials and\na configuration file at ~/.aws/config.",
2024
- "type": "string"
2025
- },
2026
- "roleName": {
2027
- "description": "The IAM role to assume to retrieve temporary AWS credentials",
2028
- "type": "string"
2029
- },
2030
- "partition": {
2031
- "description": "The AWS partition of the IAM role, e.g. \"aws\", \"aws-cn\"",
2032
- "type": "string"
2033
- },
2034
- "region": {
2035
- "description": "The STS regional endpoint to use when retrieving temporary AWS credentials, e.g. \"ap-northeast-1\"",
2036
- "type": "string"
2037
- },
2038
- "externalId": {
2039
- "description": "The unique identifier needed to assume the role to retrieve temporary AWS credentials",
2040
- "visibility": "secret",
2041
- "type": "string"
2042
- }
2043
- },
2044
- "required": [
2045
- "accountId"
2046
- ]
2047
- }
2048
- }
2049
- }
2050
- }
2051
- },
2052
- "$schema": "http://json-schema.org/draft-07/schema#"
2053
- }
2054
- },
2055
- {
2056
- "path": "../backend-app-api/config.d.ts",
2057
- "value": {
2058
- "type": "object",
2059
- "properties": {
2060
- "backend": {
2061
- "type": "object",
2062
- "properties": {
2063
- "packages": {
2064
- "description": "Used by the feature discovery service",
2065
- "anyOf": [
2066
- {
2067
- "type": "object",
2068
- "properties": {
2069
- "include": {
2070
- "type": "array",
2071
- "items": {
2072
- "type": "string"
2073
- }
2074
- },
2075
- "exclude": {
2076
- "type": "array",
2077
- "items": {
2078
- "type": "string"
2079
- }
2080
- }
2081
- }
2082
- },
2083
- {
2084
- "const": "all",
2085
- "type": "string"
2086
- }
2087
- ]
2088
- }
2089
- }
2090
- }
2091
- },
2092
- "$schema": "http://json-schema.org/draft-07/schema#"
2093
- }
2094
- },
2095
- {
2096
- "path": "../backend-defaults/config.d.ts",
2097
- "value": {
2098
- "type": "object",
2099
- "properties": {
2100
- "app": {
2101
- "type": "object",
2102
- "properties": {
2103
- "baseUrl": {
2104
- "type": "string"
2105
- }
2106
- },
2107
- "required": [
2108
- "baseUrl"
2109
- ]
2110
- },
2111
- "backend": {
2112
- "type": "object",
2113
- "properties": {
2114
- "baseUrl": {
2115
- "description": "The full base URL of the backend, as seen from the browser's point of\nview as it makes calls to the backend.",
2116
- "type": "string"
2117
- },
2118
- "listen": {
2119
- "description": "Address that the backend should listen to.",
2120
- "anyOf": [
2121
- {
2122
- "type": "object",
2123
- "properties": {
2124
- "host": {
2125
- "description": "Address of the interface that the backend should bind to.",
2126
- "type": "string"
2127
- },
2128
- "port": {
2129
- "description": "Port that the backend should listen to.",
2130
- "type": [
2131
- "string",
2132
- "number"
2133
- ]
2134
- }
2135
- }
2136
- },
2137
- {
2138
- "type": "string"
2139
- }
2140
- ]
2141
- },
2142
- "https": {
2143
- "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
2144
- "anyOf": [
2145
- {
2146
- "type": "object",
2147
- "properties": {
2148
- "certificate": {
2149
- "description": "Certificate configuration",
2150
- "type": "object",
2151
- "properties": {
2152
- "cert": {
2153
- "description": "PEM encoded certificate. Use $file to load in a file",
2154
- "type": "string"
2155
- },
2156
- "key": {
2157
- "description": "PEM encoded certificate key. Use $file to load in a file.",
2158
- "visibility": "secret",
2159
- "type": "string"
2160
- }
2161
- },
2162
- "required": [
2163
- "cert",
2164
- "key"
2165
- ]
2166
- }
2167
- }
2168
- },
2169
- {
2170
- "const": true,
2171
- "type": "boolean"
2172
- }
2173
- ]
2174
- },
2175
- "auth": {
2176
- "description": "Options used by the default auth, httpAuth and userInfo services.",
2177
- "type": "object",
2178
- "properties": {
2179
- "dangerouslyDisableDefaultAuthPolicy": {
2180
- "description": "This disables the otherwise default auth policy, which requires all\nrequests to be authenticated with either user or service credentials.\n\nDisabling this check means that the backend will no longer block\nunauthenticated requests, but instead allow them to pass through to\nplugins.\n\nIf permissions are enabled, unauthenticated requests will be treated\nexactly as such, leaving it to the permission policy to determine what\npermissions should be allowed for an unauthenticated identity. Note\nthat this will also apply to service-to-service calls between plugins\nunless you configure credentials for service calls.",
1628
+ "dangerouslyDisableDefaultAuthPolicy": {
1629
+ "description": "This disables the otherwise default auth policy, which requires all\nrequests to be authenticated with either user or service credentials.\n\nDisabling this check means that the backend will no longer block\nunauthenticated requests, but instead allow them to pass through to\nplugins.\n\nIf permissions are enabled, unauthenticated requests will be treated\nexactly as such, leaving it to the permission policy to determine what\npermissions should be allowed for an unauthenticated identity. Note\nthat this will also apply to service-to-service calls between plugins\nunless you configure credentials for service calls.",
2181
1630
  "type": "boolean"
2182
1631
  },
2183
1632
  "pluginKeyStore": {
@@ -2410,138 +1859,642 @@
2410
1859
  ]
2411
1860
  }
2412
1861
  }
2413
- },
2414
- "required": [
2415
- "options",
2416
- "type"
1862
+ },
1863
+ "required": [
1864
+ "options",
1865
+ "type"
1866
+ ]
1867
+ },
1868
+ {
1869
+ "type": "object",
1870
+ "properties": {
1871
+ "type": {
1872
+ "description": "This access method consists of a JWKS endpoint that can be used to\nverify JWT tokens.\n\nCallers generate JWT tokens via 3rd party tooling\nand pass them in the Authorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
1873
+ "type": "string",
1874
+ "const": "jwks"
1875
+ },
1876
+ "options": {
1877
+ "type": "object",
1878
+ "properties": {
1879
+ "url": {
1880
+ "description": "The full URL of the JWKS endpoint.",
1881
+ "type": "string"
1882
+ },
1883
+ "algorithm": {
1884
+ "description": "Sets the algorithm(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have been signed using one of the listed algorithms.",
1885
+ "anyOf": [
1886
+ {
1887
+ "type": "array",
1888
+ "items": {
1889
+ "type": "string"
1890
+ }
1891
+ },
1892
+ {
1893
+ "type": "string"
1894
+ }
1895
+ ]
1896
+ },
1897
+ "issuer": {
1898
+ "description": "Sets the issuer(s) that should be used to verify the JWT tokens.\nPassed JWTs must have an `iss` claim which matches one of the specified issuers.",
1899
+ "anyOf": [
1900
+ {
1901
+ "type": "array",
1902
+ "items": {
1903
+ "type": "string"
1904
+ }
1905
+ },
1906
+ {
1907
+ "type": "string"
1908
+ }
1909
+ ]
1910
+ },
1911
+ "audience": {
1912
+ "description": "Sets the audience(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have an \"aud\" claim that matches one of the audiences specified,\nor have no audience specified.",
1913
+ "anyOf": [
1914
+ {
1915
+ "type": "array",
1916
+ "items": {
1917
+ "type": "string"
1918
+ }
1919
+ },
1920
+ {
1921
+ "type": "string"
1922
+ }
1923
+ ]
1924
+ },
1925
+ "subjectPrefix": {
1926
+ "description": "Sets an optional subject prefix. Passes the subject to called plugins.\nUseful for debugging and tracking purposes.",
1927
+ "type": "string"
1928
+ }
1929
+ },
1930
+ "required": [
1931
+ "url"
1932
+ ]
1933
+ },
1934
+ "accessRestrictions": {
1935
+ "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
1936
+ "type": "array",
1937
+ "items": {
1938
+ "type": "object",
1939
+ "properties": {
1940
+ "plugin": {
1941
+ "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
1942
+ "type": "string"
1943
+ },
1944
+ "permission": {
1945
+ "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1946
+ "anyOf": [
1947
+ {
1948
+ "type": "array",
1949
+ "items": {
1950
+ "type": "string"
1951
+ }
1952
+ },
1953
+ {
1954
+ "type": "string"
1955
+ }
1956
+ ]
1957
+ },
1958
+ "permissionAttribute": {
1959
+ "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1960
+ "type": "object",
1961
+ "properties": {
1962
+ "action": {
1963
+ "description": "One of more of 'create', 'read', 'update', or 'delete'.",
1964
+ "anyOf": [
1965
+ {
1966
+ "type": "array",
1967
+ "items": {
1968
+ "type": "string"
1969
+ }
1970
+ },
1971
+ {
1972
+ "type": "string"
1973
+ }
1974
+ ]
1975
+ }
1976
+ }
1977
+ }
1978
+ },
1979
+ "required": [
1980
+ "plugin"
1981
+ ]
1982
+ }
1983
+ }
1984
+ },
1985
+ "required": [
1986
+ "options",
1987
+ "type"
1988
+ ]
1989
+ }
1990
+ ]
1991
+ }
1992
+ }
1993
+ }
1994
+ },
1995
+ "database": {
1996
+ "description": "Database connection configuration, select base database type using the `client` field",
1997
+ "type": "object",
1998
+ "properties": {
1999
+ "client": {
2000
+ "description": "Default database client to use",
2001
+ "enum": [
2002
+ "better-sqlite3",
2003
+ "pg",
2004
+ "sqlite3"
2005
+ ],
2006
+ "type": "string"
2007
+ },
2008
+ "connection": {
2009
+ "description": "Base database connection string, or object with individual connection properties",
2010
+ "visibility": "secret",
2011
+ "anyOf": [
2012
+ {
2013
+ "type": "object",
2014
+ "additionalProperties": {},
2015
+ "properties": {
2016
+ "password": {
2017
+ "description": "Password that belongs to the client User",
2018
+ "visibility": "secret",
2019
+ "type": "string"
2020
+ }
2021
+ }
2022
+ },
2023
+ {
2024
+ "type": "string"
2025
+ }
2026
+ ]
2027
+ },
2028
+ "prefix": {
2029
+ "description": "Database name prefix override",
2030
+ "type": "string"
2031
+ },
2032
+ "ensureExists": {
2033
+ "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to true if unspecified.",
2034
+ "type": "boolean"
2035
+ },
2036
+ "ensureSchemaExists": {
2037
+ "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
2038
+ "type": "boolean"
2039
+ },
2040
+ "pluginDivisionMode": {
2041
+ "description": "How plugins databases are managed/divided in the provided database instance.\n\n`database` -> Plugins are each given their own database to manage their schemas/tables.\n\n`schema` -> Plugins will be given their own schema (in the specified/default database)\n to manage their tables.\n\nNOTE: Currently only supported by the `pg` client.",
2042
+ "default": "database",
2043
+ "enum": [
2044
+ "database",
2045
+ "schema"
2046
+ ],
2047
+ "type": "string"
2048
+ },
2049
+ "role": {
2050
+ "description": "Configures the ownership of newly created schemas in pg databases.",
2051
+ "type": "string"
2052
+ },
2053
+ "knexConfig": {
2054
+ "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the debug\nand asyncStackTraces booleans",
2055
+ "type": "object",
2056
+ "properties": {},
2057
+ "additionalProperties": true
2058
+ },
2059
+ "skipMigrations": {
2060
+ "description": "Skip running database migrations.",
2061
+ "type": "boolean"
2062
+ },
2063
+ "plugin": {
2064
+ "description": "Plugin specific database configuration and client override",
2065
+ "type": "object",
2066
+ "additionalProperties": {
2067
+ "type": "object",
2068
+ "properties": {
2069
+ "client": {
2070
+ "description": "Database client override",
2071
+ "enum": [
2072
+ "better-sqlite3",
2073
+ "pg",
2074
+ "sqlite3"
2075
+ ],
2076
+ "type": "string"
2077
+ },
2078
+ "connection": {
2079
+ "description": "Database connection string or Knex object override",
2080
+ "visibility": "secret",
2081
+ "anyOf": [
2082
+ {
2083
+ "type": "object",
2084
+ "properties": {},
2085
+ "additionalProperties": true
2086
+ },
2087
+ {
2088
+ "type": "string"
2089
+ }
2417
2090
  ]
2418
2091
  },
2419
- {
2092
+ "ensureExists": {
2093
+ "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to base config if unspecified.",
2094
+ "type": "boolean"
2095
+ },
2096
+ "ensureSchemaExists": {
2097
+ "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
2098
+ "type": "boolean"
2099
+ },
2100
+ "knexConfig": {
2101
+ "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the\ndebug and asyncStackTraces booleans.\n\nThis is merged recursively into the base knexConfig",
2420
2102
  "type": "object",
2421
- "properties": {
2422
- "type": {
2423
- "description": "This access method consists of a JWKS endpoint that can be used to\nverify JWT tokens.\n\nCallers generate JWT tokens via 3rd party tooling\nand pass them in the Authorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
2424
- "type": "string",
2425
- "const": "jwks"
2426
- },
2427
- "options": {
2428
- "type": "object",
2429
- "properties": {
2430
- "url": {
2431
- "description": "The full URL of the JWKS endpoint.",
2432
- "type": "string"
2433
- },
2434
- "algorithm": {
2435
- "description": "Sets the algorithm(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have been signed using one of the listed algorithms.",
2436
- "anyOf": [
2437
- {
2438
- "type": "array",
2439
- "items": {
2440
- "type": "string"
2441
- }
2442
- },
2443
- {
2444
- "type": "string"
2445
- }
2446
- ]
2447
- },
2448
- "issuer": {
2449
- "description": "Sets the issuer(s) that should be used to verify the JWT tokens.\nPassed JWTs must have an `iss` claim which matches one of the specified issuers.",
2450
- "anyOf": [
2451
- {
2452
- "type": "array",
2453
- "items": {
2454
- "type": "string"
2455
- }
2456
- },
2457
- {
2458
- "type": "string"
2459
- }
2460
- ]
2461
- },
2462
- "audience": {
2463
- "description": "Sets the audience(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have an \"aud\" claim that matches one of the audiences specified,\nor have no audience specified.",
2464
- "anyOf": [
2465
- {
2466
- "type": "array",
2467
- "items": {
2468
- "type": "string"
2469
- }
2470
- },
2471
- {
2472
- "type": "string"
2473
- }
2474
- ]
2475
- },
2476
- "subjectPrefix": {
2477
- "description": "Sets an optional subject prefix. Passes the subject to called plugins.\nUseful for debugging and tracking purposes.",
2478
- "type": "string"
2479
- }
2480
- },
2481
- "required": [
2482
- "url"
2483
- ]
2103
+ "properties": {},
2104
+ "additionalProperties": true
2105
+ },
2106
+ "role": {
2107
+ "description": "Configures the ownership of newly created schemas in pg databases.",
2108
+ "type": "string"
2109
+ },
2110
+ "skipMigrations": {
2111
+ "description": "Skip running database migrations.",
2112
+ "type": "boolean"
2113
+ }
2114
+ }
2115
+ }
2116
+ }
2117
+ },
2118
+ "required": [
2119
+ "client",
2120
+ "connection"
2121
+ ]
2122
+ },
2123
+ "cache": {
2124
+ "description": "Cache connection configuration, select cache type using the `store` field",
2125
+ "anyOf": [
2126
+ {
2127
+ "type": "object",
2128
+ "properties": {
2129
+ "store": {
2130
+ "type": "string",
2131
+ "const": "memory"
2132
+ },
2133
+ "defaultTtl": {
2134
+ "description": "An optional default TTL (in milliseconds, if given as a number)."
2135
+ }
2136
+ },
2137
+ "required": [
2138
+ "store"
2139
+ ]
2140
+ },
2141
+ {
2142
+ "type": "object",
2143
+ "properties": {
2144
+ "store": {
2145
+ "type": "string",
2146
+ "const": "redis"
2147
+ },
2148
+ "connection": {
2149
+ "description": "A redis connection string in the form `redis://user:pass@host:port`.",
2150
+ "visibility": "secret",
2151
+ "type": "string"
2152
+ },
2153
+ "defaultTtl": {
2154
+ "description": "An optional default TTL (in milliseconds, if given as a number)."
2155
+ },
2156
+ "useRedisSets": {
2157
+ "description": "Whether or not [useRedisSets](https://github.com/jaredwray/keyv/tree/main/packages/redis#useredissets) should be configured to this redis cache.\nDefaults to true if unspecified.",
2158
+ "type": "boolean"
2159
+ }
2160
+ },
2161
+ "required": [
2162
+ "connection",
2163
+ "store"
2164
+ ]
2165
+ },
2166
+ {
2167
+ "type": "object",
2168
+ "properties": {
2169
+ "store": {
2170
+ "type": "string",
2171
+ "const": "memcache"
2172
+ },
2173
+ "connection": {
2174
+ "description": "A memcache connection string in the form `user:pass@host:port`.",
2175
+ "visibility": "secret",
2176
+ "type": "string"
2177
+ },
2178
+ "defaultTtl": {
2179
+ "description": "An optional default TTL (in milliseconds)."
2180
+ }
2181
+ },
2182
+ "required": [
2183
+ "connection",
2184
+ "store"
2185
+ ]
2186
+ }
2187
+ ]
2188
+ },
2189
+ "cors": {
2190
+ "type": "object",
2191
+ "properties": {
2192
+ "origin": {
2193
+ "anyOf": [
2194
+ {
2195
+ "type": "array",
2196
+ "items": {
2197
+ "type": "string"
2198
+ }
2199
+ },
2200
+ {
2201
+ "type": "string"
2202
+ }
2203
+ ]
2204
+ },
2205
+ "methods": {
2206
+ "anyOf": [
2207
+ {
2208
+ "type": "array",
2209
+ "items": {
2210
+ "type": "string"
2211
+ }
2212
+ },
2213
+ {
2214
+ "type": "string"
2215
+ }
2216
+ ]
2217
+ },
2218
+ "allowedHeaders": {
2219
+ "anyOf": [
2220
+ {
2221
+ "type": "array",
2222
+ "items": {
2223
+ "type": "string"
2224
+ }
2225
+ },
2226
+ {
2227
+ "type": "string"
2228
+ }
2229
+ ]
2230
+ },
2231
+ "exposedHeaders": {
2232
+ "anyOf": [
2233
+ {
2234
+ "type": "array",
2235
+ "items": {
2236
+ "type": "string"
2237
+ }
2238
+ },
2239
+ {
2240
+ "type": "string"
2241
+ }
2242
+ ]
2243
+ },
2244
+ "credentials": {
2245
+ "type": "boolean"
2246
+ },
2247
+ "maxAge": {
2248
+ "type": "number"
2249
+ },
2250
+ "preflightContinue": {
2251
+ "type": "boolean"
2252
+ },
2253
+ "optionsSuccessStatus": {
2254
+ "type": "number"
2255
+ }
2256
+ }
2257
+ },
2258
+ "csp": {
2259
+ "description": "Content Security Policy options.\n\nThe keys are the plain policy ID, e.g. \"upgrade-insecure-requests\". The\nvalues are on the format that the helmet library expects them, as an\narray of strings. There is also the special value false, which means to\nremove the default value that Backstage puts in place for that policy.",
2260
+ "type": "object",
2261
+ "additionalProperties": {
2262
+ "anyOf": [
2263
+ {
2264
+ "type": "array",
2265
+ "items": {
2266
+ "type": "string"
2267
+ }
2268
+ },
2269
+ {
2270
+ "const": false,
2271
+ "type": "boolean"
2272
+ }
2273
+ ]
2274
+ }
2275
+ },
2276
+ "reading": {
2277
+ "description": "Configuration related to URL reading, used for example for reading catalog info\nfiles, scaffolder templates, and techdocs content.",
2278
+ "type": "object",
2279
+ "properties": {
2280
+ "allow": {
2281
+ "description": "A list of targets to allow outgoing requests to. Users will be able to make\nrequests on behalf of the backend to the targets that are allowed by this list.",
2282
+ "type": "array",
2283
+ "items": {
2284
+ "type": "object",
2285
+ "properties": {
2286
+ "host": {
2287
+ "description": "A host to allow outgoing requests to, being either a full host or\na subdomain wildcard pattern with a leading `*`. For example `example.com`\nand `*.example.com` are valid values, `prod.*.example.com` is not.\nThe host may also contain a port, for example `example.com:8080`.",
2288
+ "type": "string"
2289
+ },
2290
+ "paths": {
2291
+ "description": "An optional list of paths. In case they are present only targets matching\nany of them will are allowed. You can use trailing slashes to make sure only\nsubdirectories are allowed, for example `/mydir/` will allow targets with\npaths like `/mydir/a` but will block paths like `/mydir2`.",
2292
+ "type": "array",
2293
+ "items": {
2294
+ "type": "string"
2295
+ }
2296
+ }
2297
+ },
2298
+ "required": [
2299
+ "host"
2300
+ ]
2301
+ }
2302
+ }
2303
+ }
2304
+ }
2305
+ },
2306
+ "required": [
2307
+ "baseUrl",
2308
+ "database"
2309
+ ]
2310
+ },
2311
+ "discovery": {
2312
+ "description": "Options used by the default discovery service.",
2313
+ "type": "object",
2314
+ "properties": {
2315
+ "endpoints": {
2316
+ "description": "A list of target baseUrls and the associated plugins.",
2317
+ "type": "array",
2318
+ "items": {
2319
+ "type": "object",
2320
+ "properties": {
2321
+ "target": {
2322
+ "description": "The target base URL to use for the plugin.\n\nCan be either a string or an object with internal and external keys.\nTargets with `{{pluginId}}` or `{{ pluginId }} in the URL will be replaced with the plugin ID.",
2323
+ "anyOf": [
2324
+ {
2325
+ "type": "object",
2326
+ "properties": {
2327
+ "internal": {
2328
+ "type": "string"
2484
2329
  },
2485
- "accessRestrictions": {
2486
- "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2487
- "type": "array",
2488
- "items": {
2489
- "type": "object",
2490
- "properties": {
2491
- "plugin": {
2492
- "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2493
- "type": "string"
2494
- },
2495
- "permission": {
2496
- "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2497
- "anyOf": [
2498
- {
2499
- "type": "array",
2500
- "items": {
2501
- "type": "string"
2502
- }
2503
- },
2504
- {
2505
- "type": "string"
2506
- }
2507
- ]
2508
- },
2509
- "permissionAttribute": {
2510
- "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2511
- "type": "object",
2512
- "properties": {
2513
- "action": {
2514
- "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2515
- "anyOf": [
2516
- {
2517
- "type": "array",
2518
- "items": {
2519
- "type": "string"
2520
- }
2521
- },
2522
- {
2523
- "type": "string"
2524
- }
2525
- ]
2526
- }
2527
- }
2528
- }
2529
- },
2530
- "required": [
2531
- "plugin"
2532
- ]
2533
- }
2330
+ "external": {
2331
+ "type": "string"
2534
2332
  }
2535
2333
  },
2536
2334
  "required": [
2537
- "options",
2538
- "type"
2335
+ "external",
2336
+ "internal"
2539
2337
  ]
2338
+ },
2339
+ {
2340
+ "type": "string"
2341
+ }
2342
+ ]
2343
+ },
2344
+ "plugins": {
2345
+ "description": "Array of plugins which use the target base URL.",
2346
+ "type": "array",
2347
+ "items": {
2348
+ "type": "string"
2349
+ }
2350
+ }
2351
+ },
2352
+ "required": [
2353
+ "plugins",
2354
+ "target"
2355
+ ]
2356
+ }
2357
+ }
2358
+ },
2359
+ "required": [
2360
+ "endpoints"
2361
+ ]
2362
+ }
2363
+ },
2364
+ "required": [
2365
+ "app"
2366
+ ],
2367
+ "$schema": "http://json-schema.org/draft-07/schema#"
2368
+ }
2369
+ },
2370
+ {
2371
+ "path": "../../plugins/events-node/config.d.ts",
2372
+ "value": {
2373
+ "type": "object",
2374
+ "properties": {
2375
+ "events": {
2376
+ "type": "object",
2377
+ "properties": {
2378
+ "useEventBus": {
2379
+ "description": "Whether to use the event bus API in the events plugin backend to\ndistribute events across multiple instances when publishing and\nsubscribing to events.\n\nThe default is 'auto', which means means that the event bus API will be\nused if it's available, but will be disabled if the events backend\nreturns a 404.\n\nIf set to 'never', the events service will only ever publish events\nlocally to the same instance, while if set to 'always', the event bus API\nwill never be disabled, even if the events backend returns a 404.",
2380
+ "enum": [
2381
+ "always",
2382
+ "auto",
2383
+ "never"
2384
+ ],
2385
+ "type": "string"
2386
+ }
2387
+ }
2388
+ }
2389
+ },
2390
+ "$schema": "http://json-schema.org/draft-07/schema#"
2391
+ }
2392
+ },
2393
+ {
2394
+ "path": "../../node_modules/@backstage/backend-common/config.d.ts",
2395
+ "value": {
2396
+ "type": "object",
2397
+ "properties": {
2398
+ "app": {
2399
+ "type": "object",
2400
+ "properties": {
2401
+ "baseUrl": {
2402
+ "type": "string"
2403
+ }
2404
+ },
2405
+ "required": [
2406
+ "baseUrl"
2407
+ ]
2408
+ },
2409
+ "backend": {
2410
+ "type": "object",
2411
+ "properties": {
2412
+ "auth": {
2413
+ "description": "Backend configuration for when request authentication is enabled",
2414
+ "type": "object",
2415
+ "properties": {
2416
+ "keys": {
2417
+ "description": "Keys shared by all backends for signing and validating backend tokens.",
2418
+ "type": "array",
2419
+ "items": {
2420
+ "type": "object",
2421
+ "properties": {
2422
+ "secret": {
2423
+ "description": "Secret for generating tokens. Should be a base64 string, recommended\nlength is 24 bytes.",
2424
+ "visibility": "secret",
2425
+ "type": "string"
2540
2426
  }
2427
+ },
2428
+ "required": [
2429
+ "secret"
2541
2430
  ]
2542
2431
  }
2543
2432
  }
2544
- }
2433
+ }
2434
+ },
2435
+ "baseUrl": {
2436
+ "type": "string"
2437
+ },
2438
+ "listen": {
2439
+ "description": "Address that the backend should listen to.",
2440
+ "anyOf": [
2441
+ {
2442
+ "type": "object",
2443
+ "properties": {
2444
+ "host": {
2445
+ "description": "Address of the interface that the backend should bind to.",
2446
+ "type": "string"
2447
+ },
2448
+ "port": {
2449
+ "description": "Port that the backend should listen to.",
2450
+ "type": [
2451
+ "string",
2452
+ "number"
2453
+ ]
2454
+ }
2455
+ }
2456
+ },
2457
+ {
2458
+ "type": "string"
2459
+ }
2460
+ ]
2461
+ },
2462
+ "https": {
2463
+ "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
2464
+ "anyOf": [
2465
+ {
2466
+ "type": "object",
2467
+ "properties": {
2468
+ "certificate": {
2469
+ "description": "Certificate configuration",
2470
+ "type": "object",
2471
+ "properties": {
2472
+ "cert": {
2473
+ "description": "PEM encoded certificate. Use $file to load in a file",
2474
+ "type": "string"
2475
+ },
2476
+ "key": {
2477
+ "description": "PEM encoded certificate key. Use $file to load in a file.",
2478
+ "visibility": "secret",
2479
+ "type": "string"
2480
+ }
2481
+ },
2482
+ "required": [
2483
+ "cert",
2484
+ "key"
2485
+ ]
2486
+ }
2487
+ }
2488
+ },
2489
+ {
2490
+ "const": true,
2491
+ "type": "boolean"
2492
+ }
2493
+ ]
2494
+ },
2495
+ "workingDirectory": {
2496
+ "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
2497
+ "type": "string"
2545
2498
  },
2546
2499
  "database": {
2547
2500
  "description": "Database connection configuration, select base database type using the `client` field",
@@ -2607,10 +2560,6 @@
2607
2560
  "properties": {},
2608
2561
  "additionalProperties": true
2609
2562
  },
2610
- "skipMigrations": {
2611
- "description": "Skip running database migrations.",
2612
- "type": "boolean"
2613
- },
2614
2563
  "plugin": {
2615
2564
  "description": "Plugin specific database configuration and client override",
2616
2565
  "type": "object",
@@ -2657,10 +2606,6 @@
2657
2606
  "role": {
2658
2607
  "description": "Configures the ownership of newly created schemas in pg databases.",
2659
2608
  "type": "string"
2660
- },
2661
- "skipMigrations": {
2662
- "description": "Skip running database migrations.",
2663
- "type": "boolean"
2664
2609
  }
2665
2610
  }
2666
2611
  }
@@ -2738,6 +2683,7 @@
2738
2683
  ]
2739
2684
  },
2740
2685
  "cors": {
2686
+ "description": "Properties returned upon CORS requests to the backend, including the app-backend.",
2741
2687
  "type": "object",
2742
2688
  "properties": {
2743
2689
  "origin": {
@@ -2856,91 +2802,18 @@
2856
2802
  },
2857
2803
  "required": [
2858
2804
  "baseUrl",
2859
- "database"
2860
- ]
2861
- },
2862
- "discovery": {
2863
- "description": "Options used by the default discovery service.",
2864
- "type": "object",
2865
- "properties": {
2866
- "endpoints": {
2867
- "description": "A list of target baseUrls and the associated plugins.",
2868
- "type": "array",
2869
- "items": {
2870
- "type": "object",
2871
- "properties": {
2872
- "target": {
2873
- "description": "The target base URL to use for the plugin.\n\nCan be either a string or an object with internal and external keys.\nTargets with `{{pluginId}}` or `{{ pluginId }} in the URL will be replaced with the plugin ID.",
2874
- "anyOf": [
2875
- {
2876
- "type": "object",
2877
- "properties": {
2878
- "internal": {
2879
- "type": "string"
2880
- },
2881
- "external": {
2882
- "type": "string"
2883
- }
2884
- },
2885
- "required": [
2886
- "external",
2887
- "internal"
2888
- ]
2889
- },
2890
- {
2891
- "type": "string"
2892
- }
2893
- ]
2894
- },
2895
- "plugins": {
2896
- "description": "Array of plugins which use the target base URL.",
2897
- "type": "array",
2898
- "items": {
2899
- "type": "string"
2900
- }
2901
- }
2902
- },
2903
- "required": [
2904
- "plugins",
2905
- "target"
2906
- ]
2907
- }
2908
- }
2909
- },
2910
- "required": [
2911
- "endpoints"
2805
+ "database",
2806
+ "listen"
2912
2807
  ]
2913
2808
  }
2914
2809
  },
2915
2810
  "required": [
2916
- "app"
2811
+ "app",
2812
+ "backend"
2917
2813
  ],
2918
2814
  "$schema": "http://json-schema.org/draft-07/schema#"
2919
2815
  }
2920
2816
  },
2921
- {
2922
- "path": "../../plugins/events-node/config.d.ts",
2923
- "value": {
2924
- "type": "object",
2925
- "properties": {
2926
- "events": {
2927
- "type": "object",
2928
- "properties": {
2929
- "useEventBus": {
2930
- "description": "Whether to use the event bus API in the events plugin backend to\ndistribute events across multiple instances when publishing and\nsubscribing to events.\n\nThe default is 'auto', which means means that the event bus API will be\nused if it's available, but will be disabled if the events backend\nreturns a 404.\n\nIf set to 'never', the events service will only ever publish events\nlocally to the same instance, while if set to 'always', the event bus API\nwill never be disabled, even if the events backend returns a 404.",
2931
- "enum": [
2932
- "always",
2933
- "auto",
2934
- "never"
2935
- ],
2936
- "type": "string"
2937
- }
2938
- }
2939
- }
2940
- },
2941
- "$schema": "http://json-schema.org/draft-07/schema#"
2942
- }
2943
- },
2944
2817
  {
2945
2818
  "path": "../../plugins/auth-backend-module-atlassian-provider/config.d.ts",
2946
2819
  "value": {
@@ -4405,108 +4278,105 @@
4405
4278
  }
4406
4279
  },
4407
4280
  {
4408
- "path": "../../node_modules/@backstage-community/plugin-puppetdb/node_modules/@backstage/frontend-app-api/config.d.ts",
4281
+ "path": "../integration-aws-node/config.d.ts",
4409
4282
  "value": {
4410
4283
  "type": "object",
4411
4284
  "properties": {
4412
- "app": {
4285
+ "aws": {
4286
+ "description": "Configuration for access to AWS accounts",
4413
4287
  "type": "object",
4414
4288
  "properties": {
4415
- "experimental": {
4289
+ "accountDefaults": {
4290
+ "description": "Defaults for retrieving AWS account credentials",
4416
4291
  "type": "object",
4417
4292
  "properties": {
4418
- "packages": {
4419
- "visibility": "frontend",
4420
- "deepVisibility": "frontend",
4421
- "anyOf": [
4422
- {
4423
- "type": "object",
4424
- "properties": {
4425
- "include": {
4426
- "type": "array",
4427
- "items": {
4428
- "type": "string"
4429
- }
4430
- },
4431
- "exclude": {
4432
- "type": "array",
4433
- "items": {
4434
- "type": "string"
4435
- }
4436
- }
4437
- }
4438
- },
4439
- {
4440
- "const": "all",
4441
- "type": "string"
4442
- }
4443
- ]
4293
+ "roleName": {
4294
+ "description": "The IAM role to assume to retrieve temporary AWS credentials",
4295
+ "type": "string"
4296
+ },
4297
+ "partition": {
4298
+ "description": "The AWS partition of the IAM role, e.g. \"aws\", \"aws-cn\"",
4299
+ "type": "string"
4300
+ },
4301
+ "region": {
4302
+ "description": "The STS regional endpoint to use when retrieving temporary AWS credentials, e.g. \"ap-northeast-1\"",
4303
+ "type": "string"
4304
+ },
4305
+ "externalId": {
4306
+ "description": "The unique identifier needed to assume the role to retrieve temporary AWS credentials",
4307
+ "visibility": "secret",
4308
+ "type": "string"
4444
4309
  }
4445
4310
  }
4446
4311
  },
4447
- "routes": {
4312
+ "mainAccount": {
4313
+ "description": "Main account to use for retrieving AWS account credentials",
4448
4314
  "type": "object",
4449
4315
  "properties": {
4450
- "bindings": {
4451
- "description": "Maps external route references to regular route references. Both the\nkey and the value is expected to be on the form `<pluginId>.<routeId>`.\nIf the value is `false`, the route will be disabled even if it has a\ndefault mapping.",
4452
- "deepVisibility": "frontend",
4453
- "type": "object",
4454
- "additionalProperties": {
4455
- "anyOf": [
4456
- {
4457
- "const": false,
4458
- "type": "boolean"
4459
- },
4460
- {
4461
- "type": "string"
4462
- }
4463
- ]
4464
- }
4316
+ "accessKeyId": {
4317
+ "description": "The access key ID for a set of static AWS credentials",
4318
+ "visibility": "secret",
4319
+ "type": "string"
4320
+ },
4321
+ "secretAccessKey": {
4322
+ "description": "The secret access key for a set of static AWS credentials",
4323
+ "visibility": "secret",
4324
+ "type": "string"
4325
+ },
4326
+ "profile": {
4327
+ "description": "The configuration profile from a credentials file at ~/.aws/credentials and\na configuration file at ~/.aws/config.",
4328
+ "type": "string"
4329
+ },
4330
+ "region": {
4331
+ "description": "The STS regional endpoint to use for the main account, e.g. \"ap-northeast-1\"",
4332
+ "type": "string"
4465
4333
  }
4466
4334
  }
4467
4335
  },
4468
- "extensions": {
4469
- "deepVisibility": "frontend",
4336
+ "accounts": {
4337
+ "description": "Configuration for retrieving AWS accounts credentials",
4470
4338
  "type": "array",
4471
4339
  "items": {
4472
- "anyOf": [
4473
- {
4474
- "type": "object",
4475
- "additionalProperties": {
4476
- "anyOf": [
4477
- {
4478
- "type": "object",
4479
- "properties": {
4480
- "attachTo": {
4481
- "type": "object",
4482
- "properties": {
4483
- "id": {
4484
- "type": "string"
4485
- },
4486
- "input": {
4487
- "type": "string"
4488
- }
4489
- },
4490
- "required": [
4491
- "id",
4492
- "input"
4493
- ]
4494
- },
4495
- "disabled": {
4496
- "type": "boolean"
4497
- },
4498
- "config": {}
4499
- }
4500
- },
4501
- {
4502
- "type": "boolean"
4503
- }
4504
- ]
4505
- }
4340
+ "type": "object",
4341
+ "properties": {
4342
+ "accountId": {
4343
+ "description": "The account ID of the target account that this matches on, e.g. \"123456789012\"",
4344
+ "type": "string"
4506
4345
  },
4507
- {
4346
+ "accessKeyId": {
4347
+ "description": "The access key ID for a set of static AWS credentials",
4348
+ "visibility": "secret",
4349
+ "type": "string"
4350
+ },
4351
+ "secretAccessKey": {
4352
+ "description": "The secret access key for a set of static AWS credentials",
4353
+ "visibility": "secret",
4354
+ "type": "string"
4355
+ },
4356
+ "profile": {
4357
+ "description": "The configuration profile from a credentials file at ~/.aws/credentials and\na configuration file at ~/.aws/config.",
4358
+ "type": "string"
4359
+ },
4360
+ "roleName": {
4361
+ "description": "The IAM role to assume to retrieve temporary AWS credentials",
4362
+ "type": "string"
4363
+ },
4364
+ "partition": {
4365
+ "description": "The AWS partition of the IAM role, e.g. \"aws\", \"aws-cn\"",
4366
+ "type": "string"
4367
+ },
4368
+ "region": {
4369
+ "description": "The STS regional endpoint to use when retrieving temporary AWS credentials, e.g. \"ap-northeast-1\"",
4370
+ "type": "string"
4371
+ },
4372
+ "externalId": {
4373
+ "description": "The unique identifier needed to assume the role to retrieve temporary AWS credentials",
4374
+ "visibility": "secret",
4508
4375
  "type": "string"
4509
4376
  }
4377
+ },
4378
+ "required": [
4379
+ "accountId"
4510
4380
  ]
4511
4381
  }
4512
4382
  }