@techdocs/cli 1.8.22-next.3 → 1.8.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/CHANGELOG.md +23 -0
  2. package/dist/embedded-app/.config-schema.json +1215 -1454
  3. package/dist/embedded-app/index.html +1 -1
  4. package/dist/embedded-app/index.html.tmpl +1 -1
  5. package/dist/embedded-app/static/2177.b7e2fc73.chunk.js +4 -0
  6. package/dist/embedded-app/static/2177.b7e2fc73.chunk.js.map +1 -0
  7. package/dist/embedded-app/static/5724.058de6d8.chunk.js +4 -0
  8. package/dist/embedded-app/static/5724.058de6d8.chunk.js.map +1 -0
  9. package/dist/embedded-app/static/{main.90679abd.js → main.b66c4152.js} +10 -10
  10. package/dist/embedded-app/static/main.b66c4152.js.map +1 -0
  11. package/dist/embedded-app/static/{runtime.90679abd.js → runtime.b66c4152.js} +2 -2
  12. package/dist/embedded-app/static/{runtime.90679abd.js.map → runtime.b66c4152.js.map} +1 -1
  13. package/dist/embedded-app/static/{vendor.90679abd.js → vendor.b66c4152.js} +3 -3
  14. package/dist/embedded-app/static/vendor.b66c4152.js.map +1 -0
  15. package/dist/package.json.cjs.js +1 -1
  16. package/package.json +7 -7
  17. package/dist/embedded-app/static/2177.05828035.chunk.js +0 -4
  18. package/dist/embedded-app/static/2177.05828035.chunk.js.map +0 -1
  19. package/dist/embedded-app/static/5724.3139e3f1.chunk.js +0 -4
  20. package/dist/embedded-app/static/5724.3139e3f1.chunk.js.map +0 -1
  21. package/dist/embedded-app/static/main.90679abd.js.map +0 -1
  22. package/dist/embedded-app/static/vendor.90679abd.js.map +0 -1
package/dist/embedded-app/.config-schema.json CHANGED
@@ -1092,440 +1092,448 @@
1092
1092
  }
1093
1093
  },
1094
1094
  {
1095
- "path": "../../node_modules/@backstage/backend-common/config.d.ts",
1095
+ "path": "../backend-plugin-api/config.d.ts",
1096
1096
  "value": {
1097
1097
  "type": "object",
1098
1098
  "properties": {
1099
- "app": {
1099
+ "backend": {
1100
1100
  "type": "object",
1101
1101
  "properties": {
1102
- "baseUrl": {
1102
+ "workingDirectory": {
1103
+ "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1103
1104
  "type": "string"
1104
1105
  }
1105
- },
1106
- "required": [
1107
- "baseUrl"
1108
- ]
1109
- },
1110
- "backend": {
1106
+ }
1107
+ }
1108
+ },
1109
+ "$schema": "http://json-schema.org/draft-07/schema#"
1110
+ }
1111
+ },
1112
+ {
1113
+ "path": "../../plugins/auth-backend/config.d.ts",
1114
+ "value": {
1115
+ "type": "object",
1116
+ "properties": {
1117
+ "auth": {
1118
+ "description": "Configuration options for the auth plugin",
1111
1119
  "type": "object",
1112
1120
  "properties": {
1113
- "auth": {
1114
- "description": "Backend configuration for when request authentication is enabled",
1121
+ "environment": {
1122
+ "description": "The 'environment' attribute",
1123
+ "visibility": "frontend",
1124
+ "type": "string"
1125
+ },
1126
+ "session": {
1115
1127
  "type": "object",
1116
1128
  "properties": {
1117
- "keys": {
1118
- "description": "Keys shared by all backends for signing and validating backend tokens.",
1119
- "type": "array",
1120
- "items": {
1121
- "type": "object",
1122
- "properties": {
1123
- "secret": {
1124
- "description": "Secret for generating tokens. Should be a base64 string, recommended\nlength is 24 bytes.",
1125
- "visibility": "secret",
1126
- "type": "string"
1127
- }
1128
- },
1129
- "required": [
1130
- "secret"
1131
- ]
1132
- }
1129
+ "secret": {
1130
+ "description": "The secret attribute of session object.",
1131
+ "visibility": "secret",
1132
+ "type": "string"
1133
1133
  }
1134
1134
  }
1135
1135
  },
1136
- "baseUrl": {
1136
+ "identityTokenAlgorithm": {
1137
+ "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match one of the algorithms defined for IdentityClient.\nWhen setting a different algorithm, check if the `key` field\nof the `signing_keys` table can fit the length of the generated keys.\nIf not, add a knex migration file in the migrations folder.\nMore info on supported algorithms: https://github.com/panva/jose",
1137
1138
  "type": "string"
1138
1139
  },
1139
- "listen": {
1140
- "description": "Address that the backend should listen to.",
1141
- "anyOf": [
1142
- {
1140
+ "keyStore": {
1141
+ "description": "To control how to store JWK data in auth-backend",
1142
+ "type": "object",
1143
+ "properties": {
1144
+ "provider": {
1145
+ "enum": [
1146
+ "database",
1147
+ "firestore",
1148
+ "memory",
1149
+ "static"
1150
+ ],
1151
+ "type": "string"
1152
+ },
1153
+ "firestore": {
1143
1154
  "type": "object",
1144
1155
  "properties": {
1145
1156
  "host": {
1146
- "description": "Address of the interface that the backend should bind to.",
1157
+ "description": "The host to connect to",
1147
1158
  "type": "string"
1148
1159
  },
1149
1160
  "port": {
1150
- "description": "Port that the backend should listen to.",
1151
- "type": [
1152
- "string",
1153
- "number"
1154
- ]
1161
+ "description": "The port to connect to",
1162
+ "type": "number"
1163
+ },
1164
+ "ssl": {
1165
+ "description": "Whether to use SSL when connecting.",
1166
+ "type": "boolean"
1167
+ },
1168
+ "projectId": {
1169
+ "description": "The Google Cloud Project ID",
1170
+ "type": "string"
1171
+ },
1172
+ "keyFilename": {
1173
+ "description": "Local file containing the Service Account credentials.\nYou can omit this value to automatically read from\nGOOGLE_APPLICATION_CREDENTIALS env which is useful for local\ndevelopment.",
1174
+ "type": "string"
1175
+ },
1176
+ "path": {
1177
+ "description": "The path to use for the collection. Defaults to 'sessions'",
1178
+ "type": "string"
1179
+ },
1180
+ "timeout": {
1181
+ "description": "Timeout used for database operations. Defaults to 10000ms",
1182
+ "type": "number"
1155
1183
  }
1156
1184
  }
1157
1185
  },
1158
- {
1159
- "type": "string"
1160
- }
1161
- ]
1162
- },
1163
- "https": {
1164
- "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
1165
- "anyOf": [
1166
- {
1186
+ "static": {
1167
1187
  "type": "object",
1168
1188
  "properties": {
1169
- "certificate": {
1170
- "description": "Certificate configuration",
1171
- "type": "object",
1172
- "properties": {
1173
- "cert": {
1174
- "description": "PEM encoded certificate. Use $file to load in a file",
1175
- "type": "string"
1189
+ "keys": {
1190
+ "description": "Must be declared at least once and the first one will be used for signing",
1191
+ "type": "array",
1192
+ "items": {
1193
+ "type": "object",
1194
+ "properties": {
1195
+ "publicKeyFile": {
1196
+ "description": "Path to the public key file in the SPKI format",
1197
+ "type": "string"
1198
+ },
1199
+ "privateKeyFile": {
1200
+ "description": "Path to the matching private key file in the PKCS#8 format",
1201
+ "type": "string"
1202
+ },
1203
+ "keyId": {
1204
+ "description": "id to uniquely identify this key within the JWK set",
1205
+ "type": "string"
1206
+ },
1207
+ "algorithm": {
1208
+ "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match the algorithm used to generate the keys in the provided files",
1209
+ "type": "string"
1210
+ }
1176
1211
  },
1177
- "key": {
1178
- "description": "PEM encoded certificate key. Use $file to load in a file.",
1179
- "visibility": "secret",
1180
- "type": "string"
1181
- }
1182
- },
1183
- "required": [
1184
- "cert",
1185
- "key"
1186
- ]
1212
+ "required": [
1213
+ "keyId",
1214
+ "privateKeyFile",
1215
+ "publicKeyFile"
1216
+ ]
1217
+ }
1187
1218
  }
1188
- }
1189
- },
1190
- {
1191
- "const": true,
1192
- "type": "boolean"
1219
+ },
1220
+ "required": [
1221
+ "keys"
1222
+ ]
1193
1223
  }
1194
- ]
1195
- },
1196
- "workingDirectory": {
1197
- "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1198
- "type": "string"
1224
+ }
1199
1225
  },
1200
- "database": {
1201
- "description": "Database connection configuration, select base database type using the `client` field",
1226
+ "providers": {
1227
+ "description": "The available auth-provider options and attributes",
1228
+ "additionalProperties": true,
1202
1229
  "type": "object",
1203
1230
  "properties": {
1204
- "client": {
1205
- "description": "Default database client to use",
1206
- "enum": [
1207
- "better-sqlite3",
1208
- "pg",
1209
- "sqlite3"
1210
- ],
1211
- "type": "string"
1212
- },
1213
- "connection": {
1214
- "description": "Base database connection string, or object with individual connection properties",
1215
- "visibility": "secret",
1216
- "anyOf": [
1217
- {
1218
- "type": "object",
1219
- "additionalProperties": {},
1220
- "properties": {
1221
- "password": {
1222
- "description": "Password that belongs to the client User",
1223
- "visibility": "secret",
1224
- "type": "string"
1225
- }
1231
+ "saml": {
1232
+ "visibility": "frontend",
1233
+ "type": "object",
1234
+ "properties": {
1235
+ "entryPoint": {
1236
+ "type": "string"
1237
+ },
1238
+ "logoutUrl": {
1239
+ "type": "string"
1240
+ },
1241
+ "issuer": {
1242
+ "type": "string"
1243
+ },
1244
+ "cert": {
1245
+ "visibility": "secret",
1246
+ "type": "string"
1247
+ },
1248
+ "audience": {
1249
+ "type": "string"
1250
+ },
1251
+ "privateKey": {
1252
+ "visibility": "secret",
1253
+ "type": "string"
1254
+ },
1255
+ "authnContext": {
1256
+ "type": "array",
1257
+ "items": {
1258
+ "type": "string"
1226
1259
  }
1227
1260
  },
1228
- {
1261
+ "identifierFormat": {
1262
+ "type": "string"
1263
+ },
1264
+ "decryptionPvk": {
1265
+ "visibility": "secret",
1266
+ "type": "string"
1267
+ },
1268
+ "signatureAlgorithm": {
1269
+ "enum": [
1270
+ "sha256",
1271
+ "sha512"
1272
+ ],
1273
+ "type": "string"
1274
+ },
1275
+ "digestAlgorithm": {
1229
1276
  "type": "string"
1277
+ },
1278
+ "acceptedClockSkewMs": {
1279
+ "type": "number"
1230
1280
  }
1281
+ },
1282
+ "required": [
1283
+ "cert",
1284
+ "entryPoint",
1285
+ "issuer"
1231
1286
  ]
1232
1287
  },
1233
- "prefix": {
1234
- "description": "Database name prefix override",
1235
- "type": "string"
1236
- },
1237
- "ensureExists": {
1238
- "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to true if unspecified.",
1239
- "type": "boolean"
1240
- },
1241
- "ensureSchemaExists": {
1242
- "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
1243
- "type": "boolean"
1244
- },
1245
- "pluginDivisionMode": {
1246
- "description": "How plugins databases are managed/divided in the provided database instance.\n\n`database` -> Plugins are each given their own database to manage their schemas/tables.\n\n`schema` -> Plugins will be given their own schema (in the specified/default database)\n to manage their tables.\n\nNOTE: Currently only supported by the `pg` client.",
1247
- "default": "database",
1248
- "enum": [
1249
- "database",
1250
- "schema"
1251
- ],
1252
- "type": "string"
1253
- },
1254
- "role": {
1255
- "description": "Configures the ownership of newly created schemas in pg databases.",
1256
- "type": "string"
1257
- },
1258
- "knexConfig": {
1259
- "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the debug\nand asyncStackTraces booleans",
1260
- "type": "object",
1261
- "properties": {},
1262
- "additionalProperties": true
1263
- },
1264
- "plugin": {
1265
- "description": "Plugin specific database configuration and client override",
1288
+ "auth0": {
1289
+ "visibility": "frontend",
1266
1290
  "type": "object",
1267
1291
  "additionalProperties": {
1268
1292
  "type": "object",
1269
1293
  "properties": {
1270
- "client": {
1271
- "description": "Database client override",
1272
- "enum": [
1273
- "better-sqlite3",
1274
- "pg",
1275
- "sqlite3"
1276
- ],
1294
+ "clientId": {
1277
1295
  "type": "string"
1278
1296
  },
1279
- "connection": {
1280
- "description": "Database connection string or Knex object override",
1297
+ "clientSecret": {
1281
1298
  "visibility": "secret",
1282
- "anyOf": [
1283
- {
1284
- "type": "object",
1285
- "properties": {},
1286
- "additionalProperties": true
1287
- },
1288
- {
1289
- "type": "string"
1290
- }
1291
- ]
1299
+ "type": "string"
1292
1300
  },
1293
- "ensureExists": {
1294
- "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to base config if unspecified.",
1295
- "type": "boolean"
1301
+ "domain": {
1302
+ "type": "string"
1296
1303
  },
1297
- "ensureSchemaExists": {
1298
- "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
1299
- "type": "boolean"
1304
+ "callbackUrl": {
1305
+ "type": "string"
1300
1306
  },
1301
- "knexConfig": {
1302
- "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the\ndebug and asyncStackTraces booleans.\n\nThis is merged recursively into the base knexConfig",
1303
- "type": "object",
1304
- "properties": {},
1305
- "additionalProperties": true
1307
+ "audience": {
1308
+ "type": "string"
1306
1309
  },
1307
- "role": {
1308
- "description": "Configures the ownership of newly created schemas in pg databases.",
1310
+ "connection": {
1311
+ "type": "string"
1312
+ },
1313
+ "connectionScope": {
1309
1314
  "type": "string"
1310
1315
  }
1311
- }
1312
- }
1313
- }
1314
- },
1315
- "required": [
1316
- "client",
1317
- "connection"
1318
- ]
1319
- },
1320
- "cache": {
1321
- "description": "Cache connection configuration, select cache type using the `store` field",
1322
- "anyOf": [
1323
- {
1324
- "type": "object",
1325
- "properties": {
1326
- "store": {
1327
- "type": "string",
1328
- "const": "memory"
1329
1316
  },
1330
- "defaultTtl": {
1331
- "description": "An optional default TTL (in milliseconds)."
1332
- }
1333
- },
1334
- "required": [
1335
- "store"
1336
- ]
1317
+ "required": [
1318
+ "clientId",
1319
+ "clientSecret",
1320
+ "domain"
1321
+ ]
1322
+ }
1337
1323
  },
1338
- {
1324
+ "onelogin": {
1325
+ "visibility": "frontend",
1339
1326
  "type": "object",
1340
- "properties": {
1341
- "store": {
1342
- "type": "string",
1343
- "const": "redis"
1344
- },
1345
- "connection": {
1346
- "description": "A redis connection string in the form `redis://user:pass@host:port`.",
1347
- "visibility": "secret",
1348
- "type": "string"
1349
- },
1350
- "defaultTtl": {
1351
- "description": "An optional default TTL (in milliseconds)."
1327
+ "additionalProperties": {
1328
+ "type": "object",
1329
+ "properties": {
1330
+ "clientId": {
1331
+ "type": "string"
1332
+ },
1333
+ "clientSecret": {
1334
+ "visibility": "secret",
1335
+ "type": "string"
1336
+ },
1337
+ "issuer": {
1338
+ "type": "string"
1339
+ },
1340
+ "callbackUrl": {
1341
+ "type": "string"
1342
+ }
1352
1343
  },
1353
- "useRedisSets": {
1354
- "description": "Whether or not [useRedisSets](https://github.com/jaredwray/keyv/tree/main/packages/redis#useredissets) should be configured to this redis cache.\nDefaults to true if unspecified.",
1355
- "type": "boolean"
1356
- }
1357
- },
1358
- "required": [
1359
- "connection",
1360
- "store"
1361
- ]
1344
+ "required": [
1345
+ "clientId",
1346
+ "clientSecret",
1347
+ "issuer"
1348
+ ]
1349
+ }
1362
1350
  },
1363
- {
1364
- "type": "object",
1365
- "properties": {
1366
- "store": {
1367
- "type": "string",
1368
- "const": "memcache"
1369
- },
1370
- "connection": {
1371
- "description": "A memcache connection string in the form `user:pass@host:port`.",
1372
- "visibility": "secret",
1373
- "type": "string"
1374
- },
1375
- "defaultTtl": {
1376
- "description": "An optional default TTL (in milliseconds)."
1377
- }
1378
- },
1379
- "required": [
1380
- "connection",
1381
- "store"
1382
- ]
1351
+ "backstageTokenExpiration": {
1352
+ "description": "The backstage token expiration."
1383
1353
  }
1384
- ]
1354
+ }
1385
1355
  },
1386
- "cors": {
1387
- "description": "Properties returned upon CORS requests to the backend, including the app-backend.",
1356
+ "experimentalExtraAllowedOrigins": {
1357
+ "description": "Additional app origins to allow for authenticating",
1358
+ "type": "array",
1359
+ "items": {
1360
+ "type": "string"
1361
+ }
1362
+ }
1363
+ }
1364
+ }
1365
+ },
1366
+ "$schema": "http://json-schema.org/draft-07/schema#"
1367
+ }
1368
+ },
1369
+ {
1370
+ "path": "../../plugins/auth-backend-module-guest-provider/config.d.ts",
1371
+ "value": {
1372
+ "type": "object",
1373
+ "properties": {
1374
+ "auth": {
1375
+ "description": "Configuration options for the auth plugin",
1376
+ "type": "object",
1377
+ "properties": {
1378
+ "providers": {
1388
1379
  "type": "object",
1389
1380
  "properties": {
1390
- "origin": {
1391
- "anyOf": [
1392
- {
1393
- "type": "array",
1394
- "items": {
1395
- "type": "string"
1396
- }
1397
- },
1398
- {
1381
+ "guest": {
1382
+ "type": "object",
1383
+ "properties": {
1384
+ "userEntityRef": {
1385
+ "description": "The entity reference to use for the guest user.",
1386
+ "default": "user:development/guest",
1399
1387
  "type": "string"
1400
- }
1401
- ]
1402
- },
1403
- "methods": {
1404
- "anyOf": [
1405
- {
1406
- "type": "array",
1407
- "items": {
1408
- "type": "string"
1409
- }
1410
1388
  },
1411
- {
1412
- "type": "string"
1413
- }
1414
- ]
1415
- },
1416
- "allowedHeaders": {
1417
- "anyOf": [
1418
- {
1389
+ "ownershipEntityRefs": {
1390
+ "description": "A list of entity references to user for ownership of the guest user if the user\n is not found in the catalog.",
1391
+ "default": "[userEntityRef]",
1419
1392
  "type": "array",
1420
1393
  "items": {
1421
1394
  "type": "string"
1422
1395
  }
1423
1396
  },
1424
- {
1425
- "type": "string"
1397
+ "dangerouslyAllowOutsideDevelopment": {
1398
+ "description": "Allow users to sign in with the guest provider outside of their development environments.",
1399
+ "type": "boolean"
1426
1400
  }
1427
- ]
1428
- },
1429
- "exposedHeaders": {
1430
- "anyOf": [
1431
- {
1432
- "type": "array",
1433
- "items": {
1434
- "type": "string"
1435
- }
1436
- },
1437
- {
1438
- "type": "string"
1439
- }
1440
- ]
1441
- },
1442
- "credentials": {
1401
+ }
1402
+ }
1403
+ }
1404
+ }
1405
+ },
1406
+ "required": [
1407
+ "providers"
1408
+ ]
1409
+ }
1410
+ },
1411
+ "$schema": "http://json-schema.org/draft-07/schema#"
1412
+ }
1413
+ },
1414
+ {
1415
+ "path": "../../node_modules/@backstage-community/plugin-puppetdb/node_modules/@backstage/core-components/config.d.ts",
1416
+ "value": {
1417
+ "type": "object",
1418
+ "properties": {
1419
+ "auth": {
1420
+ "type": "object",
1421
+ "properties": {
1422
+ "autologout": {
1423
+ "description": "Autologout feature configuration",
1424
+ "type": "object",
1425
+ "properties": {
1426
+ "enabled": {
1427
+ "description": "Enable or disable the autologout feature",
1428
+ "visibility": "frontend",
1443
1429
  "type": "boolean"
1444
1430
  },
1445
- "maxAge": {
1431
+ "idleTimeoutMinutes": {
1432
+ "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1433
+ "visibility": "frontend",
1446
1434
  "type": "number"
1447
1435
  },
1448
- "preflightContinue": {
1436
+ "promptBeforeIdleSeconds": {
1437
+ "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1438
+ "visibility": "frontend",
1439
+ "type": "number"
1440
+ },
1441
+ "useWorkerTimers": {
1442
+ "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1443
+ "visibility": "frontend",
1449
1444
  "type": "boolean"
1450
1445
  },
1451
- "optionsSuccessStatus": {
1452
- "type": "number"
1446
+ "logoutIfDisconnected": {
1447
+ "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1448
+ "visibility": "frontend",
1449
+ "type": "boolean"
1453
1450
  }
1454
1451
  }
1455
- },
1456
- "csp": {
1457
- "description": "Content Security Policy options.\n\nThe keys are the plain policy ID, e.g. \"upgrade-insecure-requests\". The\nvalues are on the format that the helmet library expects them, as an\narray of strings. There is also the special value false, which means to\nremove the default value that Backstage puts in place for that policy.",
1458
- "type": "object",
1459
- "additionalProperties": {
1460
- "anyOf": [
1461
- {
1462
- "type": "array",
1463
- "items": {
1464
- "type": "string"
1465
- }
1466
- },
1467
- {
1468
- "const": false,
1469
- "type": "boolean"
1470
- }
1471
- ]
1472
- }
1473
- },
1474
- "reading": {
1475
- "description": "Configuration related to URL reading, used for example for reading catalog info\nfiles, scaffolder templates, and techdocs content.",
1452
+ }
1453
+ }
1454
+ }
1455
+ },
1456
+ "$schema": "http://json-schema.org/draft-07/schema#"
1457
+ }
1458
+ },
1459
+ {
1460
+ "path": "../../node_modules/@oriflame/backstage-plugin-score-card/node_modules/@backstage/core-components/config.d.ts",
1461
+ "value": {
1462
+ "type": "object",
1463
+ "properties": {
1464
+ "auth": {
1465
+ "type": "object",
1466
+ "properties": {
1467
+ "autologout": {
1468
+ "description": "Autologout feature configuration",
1476
1469
  "type": "object",
1477
1470
  "properties": {
1478
- "allow": {
1479
- "description": "A list of targets to allow outgoing requests to. Users will be able to make\nrequests on behalf of the backend to the targets that are allowed by this list.",
1480
- "type": "array",
1481
- "items": {
1482
- "type": "object",
1483
- "properties": {
1484
- "host": {
1485
- "description": "A host to allow outgoing requests to, being either a full host or\na subdomain wildcard pattern with a leading `*`. For example `example.com`\nand `*.example.com` are valid values, `prod.*.example.com` is not.\nThe host may also contain a port, for example `example.com:8080`.",
1486
- "type": "string"
1487
- },
1488
- "paths": {
1489
- "description": "An optional list of paths. In case they are present only targets matching\nany of them will are allowed. You can use trailing slashes to make sure only\nsubdirectories are allowed, for example `/mydir/` will allow targets with\npaths like `/mydir/a` but will block paths like `/mydir2`.",
1490
- "type": "array",
1491
- "items": {
1492
- "type": "string"
1493
- }
1494
- }
1495
- },
1496
- "required": [
1497
- "host"
1498
- ]
1499
- }
1471
+ "enabled": {
1472
+ "description": "Enable or disable the autologout feature",
1473
+ "visibility": "frontend",
1474
+ "type": "boolean"
1475
+ },
1476
+ "idleTimeoutMinutes": {
1477
+ "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1478
+ "visibility": "frontend",
1479
+ "type": "number"
1480
+ },
1481
+ "promptBeforeIdleSeconds": {
1482
+ "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1483
+ "visibility": "frontend",
1484
+ "type": "number"
1485
+ },
1486
+ "useWorkerTimers": {
1487
+ "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1488
+ "visibility": "frontend",
1489
+ "type": "boolean"
1490
+ },
1491
+ "logoutIfDisconnected": {
1492
+ "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1493
+ "visibility": "frontend",
1494
+ "type": "boolean"
1500
1495
  }
1501
1496
  }
1502
1497
  }
1503
- },
1504
- "required": [
1505
- "baseUrl",
1506
- "database",
1507
- "listen"
1508
- ]
1498
+ }
1509
1499
  }
1510
1500
  },
1511
- "required": [
1512
- "app",
1513
- "backend"
1514
- ],
1515
1501
  "$schema": "http://json-schema.org/draft-07/schema#"
1516
1502
  }
1517
1503
  },
1518
1504
  {
1519
- "path": "../backend-plugin-api/config.d.ts",
1505
+ "path": "../backend-app-api/config.d.ts",
1520
1506
  "value": {
1521
1507
  "type": "object",
1522
1508
  "properties": {
1523
1509
  "backend": {
1524
1510
  "type": "object",
1525
1511
  "properties": {
1526
- "workingDirectory": {
1527
- "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1528
- "type": "string"
1512
+ "packages": {
1513
+ "description": "Used by the feature discovery service",
1514
+ "anyOf": [
1515
+ {
1516
+ "type": "object",
1517
+ "properties": {
1518
+ "include": {
1519
+ "type": "array",
1520
+ "items": {
1521
+ "type": "string"
1522
+ }
1523
+ },
1524
+ "exclude": {
1525
+ "type": "array",
1526
+ "items": {
1527
+ "type": "string"
1528
+ }
1529
+ }
1530
+ }
1531
+ },
1532
+ {
1533
+ "const": "all",
1534
+ "type": "string"
1535
+ }
1536
+ ]
1529
1537
  }
1530
1538
  }
1531
1539
  }
@@ -1534,1014 +1542,959 @@
1534
1542
  }
1535
1543
  },
1536
1544
  {
1537
- "path": "../../plugins/auth-backend/config.d.ts",
1545
+ "path": "../backend-defaults/config.d.ts",
1538
1546
  "value": {
1539
1547
  "type": "object",
1540
1548
  "properties": {
1541
- "auth": {
1542
- "description": "Configuration options for the auth plugin",
1549
+ "app": {
1543
1550
  "type": "object",
1544
1551
  "properties": {
1545
- "environment": {
1546
- "description": "The 'environment' attribute",
1547
- "visibility": "frontend",
1552
+ "baseUrl": {
1548
1553
  "type": "string"
1549
- },
1550
- "session": {
1551
- "type": "object",
1552
- "properties": {
1553
- "secret": {
1554
- "description": "The secret attribute of session object.",
1555
- "visibility": "secret",
1556
- "type": "string"
1557
- }
1558
- }
1559
- },
1560
- "identityTokenAlgorithm": {
1561
- "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match one of the algorithms defined for IdentityClient.\nWhen setting a different algorithm, check if the `key` field\nof the `signing_keys` table can fit the length of the generated keys.\nIf not, add a knex migration file in the migrations folder.\nMore info on supported algorithms: https://github.com/panva/jose",
1554
+ }
1555
+ },
1556
+ "required": [
1557
+ "baseUrl"
1558
+ ]
1559
+ },
1560
+ "backend": {
1561
+ "type": "object",
1562
+ "properties": {
1563
+ "baseUrl": {
1564
+ "description": "The full base URL of the backend, as seen from the browser's point of\nview as it makes calls to the backend.",
1562
1565
  "type": "string"
1563
1566
  },
1564
- "keyStore": {
1565
- "description": "To control how to store JWK data in auth-backend",
1566
- "type": "object",
1567
- "properties": {
1568
- "provider": {
1569
- "enum": [
1570
- "database",
1571
- "firestore",
1572
- "memory",
1573
- "static"
1574
- ],
1575
- "type": "string"
1576
- },
1577
- "firestore": {
1567
+ "listen": {
1568
+ "description": "Address that the backend should listen to.",
1569
+ "anyOf": [
1570
+ {
1578
1571
  "type": "object",
1579
1572
  "properties": {
1580
1573
  "host": {
1581
- "description": "The host to connect to",
1574
+ "description": "Address of the interface that the backend should bind to.",
1582
1575
  "type": "string"
1583
1576
  },
1584
1577
  "port": {
1585
- "description": "The port to connect to",
1586
- "type": "number"
1587
- },
1588
- "ssl": {
1589
- "description": "Whether to use SSL when connecting.",
1590
- "type": "boolean"
1591
- },
1592
- "projectId": {
1593
- "description": "The Google Cloud Project ID",
1594
- "type": "string"
1595
- },
1596
- "keyFilename": {
1597
- "description": "Local file containing the Service Account credentials.\nYou can omit this value to automatically read from\nGOOGLE_APPLICATION_CREDENTIALS env which is useful for local\ndevelopment.",
1598
- "type": "string"
1599
- },
1600
- "path": {
1601
- "description": "The path to use for the collection. Defaults to 'sessions'",
1602
- "type": "string"
1603
- },
1604
- "timeout": {
1605
- "description": "Timeout used for database operations. Defaults to 10000ms",
1606
- "type": "number"
1578
+ "description": "Port that the backend should listen to.",
1579
+ "type": [
1580
+ "string",
1581
+ "number"
1582
+ ]
1607
1583
  }
1608
1584
  }
1609
1585
  },
1610
- "static": {
1586
+ {
1587
+ "type": "string"
1588
+ }
1589
+ ]
1590
+ },
1591
+ "https": {
1592
+ "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
1593
+ "anyOf": [
1594
+ {
1611
1595
  "type": "object",
1612
1596
  "properties": {
1613
- "keys": {
1614
- "description": "Must be declared at least once and the first one will be used for signing",
1615
- "type": "array",
1616
- "items": {
1617
- "type": "object",
1618
- "properties": {
1619
- "publicKeyFile": {
1620
- "description": "Path to the public key file in the SPKI format",
1621
- "type": "string"
1622
- },
1623
- "privateKeyFile": {
1624
- "description": "Path to the matching private key file in the PKCS#8 format",
1625
- "type": "string"
1626
- },
1627
- "keyId": {
1628
- "description": "id to uniquely identify this key within the JWK set",
1629
- "type": "string"
1630
- },
1631
- "algorithm": {
1632
- "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match the algorithm used to generate the keys in the provided files",
1633
- "type": "string"
1634
- }
1597
+ "certificate": {
1598
+ "description": "Certificate configuration",
1599
+ "type": "object",
1600
+ "properties": {
1601
+ "cert": {
1602
+ "description": "PEM encoded certificate. Use $file to load in a file",
1603
+ "type": "string"
1635
1604
  },
1636
- "required": [
1637
- "keyId",
1638
- "privateKeyFile",
1639
- "publicKeyFile"
1640
- ]
1641
- }
1605
+ "key": {
1606
+ "description": "PEM encoded certificate key. Use $file to load in a file.",
1607
+ "visibility": "secret",
1608
+ "type": "string"
1609
+ }
1610
+ },
1611
+ "required": [
1612
+ "cert",
1613
+ "key"
1614
+ ]
1642
1615
  }
1643
- },
1644
- "required": [
1645
- "keys"
1646
- ]
1616
+ }
1617
+ },
1618
+ {
1619
+ "const": true,
1620
+ "type": "boolean"
1647
1621
  }
1648
- }
1622
+ ]
1649
1623
  },
1650
- "providers": {
1651
- "description": "The available auth-provider options and attributes",
1652
- "additionalProperties": true,
1624
+ "auth": {
1625
+ "description": "Options used by the default auth, httpAuth and userInfo services.",
1653
1626
  "type": "object",
1654
1627
  "properties": {
1655
- "saml": {
1656
- "visibility": "frontend",
1657
- "type": "object",
1658
- "properties": {
1659
- "entryPoint": {
1660
- "type": "string"
1661
- },
1662
- "logoutUrl": {
1663
- "type": "string"
1664
- },
1665
- "issuer": {
1666
- "type": "string"
1667
- },
1668
- "cert": {
1669
- "visibility": "secret",
1670
- "type": "string"
1671
- },
1672
- "audience": {
1673
- "type": "string"
1674
- },
1675
- "privateKey": {
1676
- "visibility": "secret",
1677
- "type": "string"
1678
- },
1679
- "authnContext": {
1680
- "type": "array",
1681
- "items": {
1682
- "type": "string"
1683
- }
1684
- },
1685
- "identifierFormat": {
1686
- "type": "string"
1687
- },
1688
- "decryptionPvk": {
1689
- "visibility": "secret",
1690
- "type": "string"
1691
- },
1692
- "signatureAlgorithm": {
1693
- "enum": [
1694
- "sha256",
1695
- "sha512"
1696
- ],
1697
- "type": "string"
1698
- },
1699
- "digestAlgorithm": {
1700
- "type": "string"
1701
- },
1702
- "acceptedClockSkewMs": {
1703
- "type": "number"
1704
- }
1705
- },
1706
- "required": [
1707
- "cert",
1708
- "entryPoint",
1709
- "issuer"
1710
- ]
1628
+ "dangerouslyDisableDefaultAuthPolicy": {
1629
+ "description": "This disables the otherwise default auth policy, which requires all\nrequests to be authenticated with either user or service credentials.\n\nDisabling this check means that the backend will no longer block\nunauthenticated requests, but instead allow them to pass through to\nplugins.\n\nIf permissions are enabled, unauthenticated requests will be treated\nexactly as such, leaving it to the permission policy to determine what\npermissions should be allowed for an unauthenticated identity. Note\nthat this will also apply to service-to-service calls between plugins\nunless you configure credentials for service calls.",
1630
+ "type": "boolean"
1711
1631
  },
1712
- "auth0": {
1713
- "visibility": "frontend",
1714
- "type": "object",
1715
- "additionalProperties": {
1716
- "type": "object",
1717
- "properties": {
1718
- "clientId": {
1719
- "type": "string"
1720
- },
1721
- "clientSecret": {
1722
- "visibility": "secret",
1723
- "type": "string"
1724
- },
1725
- "domain": {
1726
- "type": "string"
1727
- },
1728
- "callbackUrl": {
1729
- "type": "string"
1730
- },
1731
- "audience": {
1732
- "type": "string"
1733
- },
1734
- "connection": {
1735
- "type": "string"
1632
+ "pluginKeyStore": {
1633
+ "description": "Controls how to store keys for plugin-to-plugin auth",
1634
+ "anyOf": [
1635
+ {
1636
+ "type": "object",
1637
+ "properties": {
1638
+ "type": {
1639
+ "type": "string",
1640
+ "const": "database"
1641
+ }
1736
1642
  },
1737
- "connectionScope": {
1738
- "type": "string"
1739
- }
1643
+ "required": [
1644
+ "type"
1645
+ ]
1740
1646
  },
1741
- "required": [
1742
- "clientId",
1743
- "clientSecret",
1744
- "domain"
1745
- ]
1746
- }
1747
- },
1748
- "onelogin": {
1749
- "visibility": "frontend",
1750
- "type": "object",
1751
- "additionalProperties": {
1752
- "type": "object",
1753
- "properties": {
1754
- "clientId": {
1755
- "type": "string"
1756
- },
1757
- "clientSecret": {
1758
- "visibility": "secret",
1759
- "type": "string"
1760
- },
1761
- "issuer": {
1762
- "type": "string"
1647
+ {
1648
+ "type": "object",
1649
+ "properties": {
1650
+ "type": {
1651
+ "type": "string",
1652
+ "const": "static"
1653
+ },
1654
+ "static": {
1655
+ "type": "object",
1656
+ "properties": {
1657
+ "keys": {
1658
+ "description": "Must be declared at least once and the first one will be used for signing.",
1659
+ "type": "array",
1660
+ "items": {
1661
+ "type": "object",
1662
+ "properties": {
1663
+ "publicKeyFile": {
1664
+ "description": "Path to the public key file in the SPKI format. Should be an absolute path.",
1665
+ "type": "string"
1666
+ },
1667
+ "privateKeyFile": {
1668
+ "description": "Path to the matching private key file in the PKCS#8 format. Should be an absolute path.\n\nThe first array entry must specify a private key file, the rest must not.",
1669
+ "type": "string"
1670
+ },
1671
+ "keyId": {
1672
+ "description": "ID to uniquely identify this key within the JWK set.",
1673
+ "type": "string"
1674
+ },
1675
+ "algorithm": {
1676
+ "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match the algorithm used to generate the keys in the provided files",
1677
+ "type": "string"
1678
+ }
1679
+ },
1680
+ "required": [
1681
+ "keyId",
1682
+ "publicKeyFile"
1683
+ ]
1684
+ }
1685
+ }
1686
+ },
1687
+ "required": [
1688
+ "keys"
1689
+ ]
1690
+ }
1763
1691
  },
1764
- "callbackUrl": {
1765
- "type": "string"
1766
- }
1767
- },
1768
- "required": [
1769
- "clientId",
1770
- "clientSecret",
1771
- "issuer"
1772
- ]
1773
- }
1692
+ "required": [
1693
+ "static",
1694
+ "type"
1695
+ ]
1696
+ }
1697
+ ]
1774
1698
  },
1775
- "backstageTokenExpiration": {
1776
- "description": "The backstage token expiration."
1777
- }
1778
- }
1779
- },
1780
- "experimentalExtraAllowedOrigins": {
1781
- "description": "Additional app origins to allow for authenticating",
1782
- "type": "array",
1783
- "items": {
1784
- "type": "string"
1785
- }
1786
- }
1787
- }
1788
- }
1789
- },
1790
- "$schema": "http://json-schema.org/draft-07/schema#"
1791
- }
1792
- },
1793
- {
1794
- "path": "../../plugins/auth-backend-module-guest-provider/config.d.ts",
1795
- "value": {
1796
- "type": "object",
1797
- "properties": {
1798
- "auth": {
1799
- "description": "Configuration options for the auth plugin",
1800
- "type": "object",
1801
- "properties": {
1802
- "providers": {
1803
- "type": "object",
1804
- "properties": {
1805
- "guest": {
1806
- "type": "object",
1807
- "properties": {
1808
- "userEntityRef": {
1809
- "description": "The entity reference to use for the guest user.",
1810
- "default": "user:development/guest",
1811
- "type": "string"
1812
- },
1813
- "ownershipEntityRefs": {
1814
- "description": "A list of entity references to user for ownership of the guest user if the user\n is not found in the catalog.",
1815
- "default": "[userEntityRef]",
1816
- "type": "array",
1817
- "items": {
1818
- "type": "string"
1819
- }
1820
- },
1821
- "dangerouslyAllowOutsideDevelopment": {
1822
- "description": "Allow users to sign in with the guest provider outside of their development environments.",
1823
- "type": "boolean"
1824
- }
1825
- }
1826
- }
1827
- }
1828
- }
1829
- },
1830
- "required": [
1831
- "providers"
1832
- ]
1833
- }
1834
- },
1835
- "$schema": "http://json-schema.org/draft-07/schema#"
1836
- }
1837
- },
1838
- {
1839
- "path": "../../node_modules/@backstage-community/plugin-puppetdb/node_modules/@backstage/core-components/config.d.ts",
1840
- "value": {
1841
- "type": "object",
1842
- "properties": {
1843
- "auth": {
1844
- "type": "object",
1845
- "properties": {
1846
- "autologout": {
1847
- "description": "Autologout feature configuration",
1848
- "type": "object",
1849
- "properties": {
1850
- "enabled": {
1851
- "description": "Enable or disable the autologout feature",
1852
- "visibility": "frontend",
1853
- "type": "boolean"
1854
- },
1855
- "idleTimeoutMinutes": {
1856
- "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1857
- "visibility": "frontend",
1858
- "type": "number"
1859
- },
1860
- "promptBeforeIdleSeconds": {
1861
- "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1862
- "visibility": "frontend",
1863
- "type": "number"
1864
- },
1865
- "useWorkerTimers": {
1866
- "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1867
- "visibility": "frontend",
1868
- "type": "boolean"
1869
- },
1870
- "logoutIfDisconnected": {
1871
- "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1872
- "visibility": "frontend",
1873
- "type": "boolean"
1699
+ "externalAccess": {
1700
+ "description": "Configures methods of external access, ie ways for callers outside of\nthe Backstage ecosystem to get authorized for access to APIs that do\nnot permit unauthorized access.",
1701
+ "type": "array",
1702
+ "items": {
1703
+ "anyOf": [
1704
+ {
1705
+ "type": "object",
1706
+ "properties": {
1707
+ "type": {
1708
+ "description": "This is the legacy service-to-service access method, where a set\nof static keys were shared among plugins and used for symmetric\nsigning and verification. These correspond to the old\n`backend.auth.keys` set and retain their behavior for backwards\ncompatibility. Please migrate to other access methods when\npossible.\n\nCallers generate JWT tokens with the following payload:\n\n```json\n{\n \"sub\": \"backstage-plugin\",\n \"exp\": <epoch seconds one hour in the future>\n}\n```\n\nAnd sign them with HS256, using the base64 decoded secret. The\ntokens are then passed along with requests in the Authorization\nheader:\n\n```\nAuthorization: Bearer eyJhbGciOiJIUzI...\n```",
1709
+ "type": "string",
1710
+ "const": "legacy"
1711
+ },
1712
+ "options": {
1713
+ "type": "object",
1714
+ "properties": {
1715
+ "secret": {
1716
+ "description": "Any set of base64 encoded random bytes to be used as both the\nsigning and verification key. Should be sufficiently long so as\nnot to be easy to guess by brute force.\n\nCan be generated eg using\n\n```sh\nnode -p 'require(\"crypto\").randomBytes(24).toString(\"base64\")'\n```",
1717
+ "visibility": "secret",
1718
+ "type": "string"
1719
+ },
1720
+ "subject": {
1721
+ "description": "Sets the subject of the principal, when matching this token.\nUseful for debugging and tracking purposes.",
1722
+ "type": "string"
1723
+ }
1724
+ },
1725
+ "required": [
1726
+ "secret",
1727
+ "subject"
1728
+ ]
1729
+ },
1730
+ "accessRestrictions": {
1731
+ "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
1732
+ "type": "array",
1733
+ "items": {
1734
+ "type": "object",
1735
+ "properties": {
1736
+ "plugin": {
1737
+ "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
1738
+ "type": "string"
1739
+ },
1740
+ "permission": {
1741
+ "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1742
+ "anyOf": [
1743
+ {
1744
+ "type": "array",
1745
+ "items": {
1746
+ "type": "string"
1747
+ }
1748
+ },
1749
+ {
1750
+ "type": "string"
1751
+ }
1752
+ ]
1753
+ },
1754
+ "permissionAttribute": {
1755
+ "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1756
+ "type": "object",
1757
+ "properties": {
1758
+ "action": {
1759
+ "description": "One of more of 'create', 'read', 'update', or 'delete'.",
1760
+ "anyOf": [
1761
+ {
1762
+ "type": "array",
1763
+ "items": {
1764
+ "type": "string"
1765
+ }
1766
+ },
1767
+ {
1768
+ "type": "string"
1769
+ }
1770
+ ]
1771
+ }
1772
+ }
1773
+ }
1774
+ },
1775
+ "required": [
1776
+ "plugin"
1777
+ ]
1778
+ }
1779
+ }
1780
+ },
1781
+ "required": [
1782
+ "options",
1783
+ "type"
1784
+ ]
1785
+ },
1786
+ {
1787
+ "type": "object",
1788
+ "properties": {
1789
+ "type": {
1790
+ "description": "This access method consists of random static tokens that can be\nhanded out to callers.\n\nThe tokens are then passed along verbatim with requests in the\nAuthorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
1791
+ "type": "string",
1792
+ "const": "static"
1793
+ },
1794
+ "options": {
1795
+ "type": "object",
1796
+ "properties": {
1797
+ "token": {
1798
+ "description": "A raw token that can be any string, but for security reasons\nshould be sufficiently long so as not to be easy to guess by\nbrute force.\n\nCan be generated eg using\n\n```sh\nnode -p 'require(\"crypto\").randomBytes(24).toString(\"base64\")'\n```\n\nSince the tokens can be any string, you are free to add\nadditional identifying data to them if you like. For example,\nadding a `freben-local-dev-` prefix for debugging purposes to a\ntoken that you know will be handed out for use as a personal\naccess token during development.",
1799
+ "visibility": "secret",
1800
+ "type": "string"
1801
+ },
1802
+ "subject": {
1803
+ "description": "Sets the subject of the principal, when matching this token.\nUseful for debugging and tracking purposes.",
1804
+ "type": "string"
1805
+ }
1806
+ },
1807
+ "required": [
1808
+ "subject",
1809
+ "token"
1810
+ ]
1811
+ },
1812
+ "accessRestrictions": {
1813
+ "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
1814
+ "type": "array",
1815
+ "items": {
1816
+ "type": "object",
1817
+ "properties": {
1818
+ "plugin": {
1819
+ "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
1820
+ "type": "string"
1821
+ },
1822
+ "permission": {
1823
+ "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1824
+ "anyOf": [
1825
+ {
1826
+ "type": "array",
1827
+ "items": {
1828
+ "type": "string"
1829
+ }
1830
+ },
1831
+ {
1832
+ "type": "string"
1833
+ }
1834
+ ]
1835
+ },
1836
+ "permissionAttribute": {
1837
+ "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1838
+ "type": "object",
1839
+ "properties": {
1840
+ "action": {
1841
+ "description": "One of more of 'create', 'read', 'update', or 'delete'.",
1842
+ "anyOf": [
1843
+ {
1844
+ "type": "array",
1845
+ "items": {
1846
+ "type": "string"
1847
+ }
1848
+ },
1849
+ {
1850
+ "type": "string"
1851
+ }
1852
+ ]
1853
+ }
1854
+ }
1855
+ }
1856
+ },
1857
+ "required": [
1858
+ "plugin"
1859
+ ]
1860
+ }
1861
+ }
1862
+ },
1863
+ "required": [
1864
+ "options",
1865
+ "type"
1866
+ ]
1867
+ },
1868
+ {
1869
+ "type": "object",
1870
+ "properties": {
1871
+ "type": {
1872
+ "description": "This access method consists of a JWKS endpoint that can be used to\nverify JWT tokens.\n\nCallers generate JWT tokens via 3rd party tooling\nand pass them in the Authorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
1873
+ "type": "string",
1874
+ "const": "jwks"
1875
+ },
1876
+ "options": {
1877
+ "type": "object",
1878
+ "properties": {
1879
+ "url": {
1880
+ "description": "The full URL of the JWKS endpoint.",
1881
+ "type": "string"
1882
+ },
1883
+ "algorithm": {
1884
+ "description": "Sets the algorithm(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have been signed using one of the listed algorithms.",
1885
+ "anyOf": [
1886
+ {
1887
+ "type": "array",
1888
+ "items": {
1889
+ "type": "string"
1890
+ }
1891
+ },
1892
+ {
1893
+ "type": "string"
1894
+ }
1895
+ ]
1896
+ },
1897
+ "issuer": {
1898
+ "description": "Sets the issuer(s) that should be used to verify the JWT tokens.\nPassed JWTs must have an `iss` claim which matches one of the specified issuers.",
1899
+ "anyOf": [
1900
+ {
1901
+ "type": "array",
1902
+ "items": {
1903
+ "type": "string"
1904
+ }
1905
+ },
1906
+ {
1907
+ "type": "string"
1908
+ }
1909
+ ]
1910
+ },
1911
+ "audience": {
1912
+ "description": "Sets the audience(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have an \"aud\" claim that matches one of the audiences specified,\nor have no audience specified.",
1913
+ "anyOf": [
1914
+ {
1915
+ "type": "array",
1916
+ "items": {
1917
+ "type": "string"
1918
+ }
1919
+ },
1920
+ {
1921
+ "type": "string"
1922
+ }
1923
+ ]
1924
+ },
1925
+ "subjectPrefix": {
1926
+ "description": "Sets an optional subject prefix. Passes the subject to called plugins.\nUseful for debugging and tracking purposes.",
1927
+ "type": "string"
1928
+ }
1929
+ },
1930
+ "required": [
1931
+ "url"
1932
+ ]
1933
+ },
1934
+ "accessRestrictions": {
1935
+ "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
1936
+ "type": "array",
1937
+ "items": {
1938
+ "type": "object",
1939
+ "properties": {
1940
+ "plugin": {
1941
+ "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
1942
+ "type": "string"
1943
+ },
1944
+ "permission": {
1945
+ "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1946
+ "anyOf": [
1947
+ {
1948
+ "type": "array",
1949
+ "items": {
1950
+ "type": "string"
1951
+ }
1952
+ },
1953
+ {
1954
+ "type": "string"
1955
+ }
1956
+ ]
1957
+ },
1958
+ "permissionAttribute": {
1959
+ "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
1960
+ "type": "object",
1961
+ "properties": {
1962
+ "action": {
1963
+ "description": "One of more of 'create', 'read', 'update', or 'delete'.",
1964
+ "anyOf": [
1965
+ {
1966
+ "type": "array",
1967
+ "items": {
1968
+ "type": "string"
1969
+ }
1970
+ },
1971
+ {
1972
+ "type": "string"
1973
+ }
1974
+ ]
1975
+ }
1976
+ }
1977
+ }
1978
+ },
1979
+ "required": [
1980
+ "plugin"
1981
+ ]
1982
+ }
1983
+ }
1984
+ },
1985
+ "required": [
1986
+ "options",
1987
+ "type"
1988
+ ]
1989
+ }
1990
+ ]
1991
+ }
1874
1992
  }
1875
1993
  }
1876
- }
1877
- }
1878
- }
1879
- },
1880
- "$schema": "http://json-schema.org/draft-07/schema#"
1881
- }
1882
- },
1883
- {
1884
- "path": "../../node_modules/@oriflame/backstage-plugin-score-card/node_modules/@backstage/core-components/config.d.ts",
1885
- "value": {
1886
- "type": "object",
1887
- "properties": {
1888
- "auth": {
1889
- "type": "object",
1890
- "properties": {
1891
- "autologout": {
1892
- "description": "Autologout feature configuration",
1994
+ },
1995
+ "database": {
1996
+ "description": "Database connection configuration, select base database type using the `client` field",
1893
1997
  "type": "object",
1894
1998
  "properties": {
1895
- "enabled": {
1896
- "description": "Enable or disable the autologout feature",
1897
- "visibility": "frontend",
1898
- "type": "boolean"
1999
+ "client": {
2000
+ "description": "Default database client to use",
2001
+ "enum": [
2002
+ "better-sqlite3",
2003
+ "pg",
2004
+ "sqlite3"
2005
+ ],
2006
+ "type": "string"
1899
2007
  },
1900
- "idleTimeoutMinutes": {
1901
- "description": "Number of minutes after which the inactive user is logged out automatically.\nDefault is 60 minutes (1 hour)",
1902
- "visibility": "frontend",
1903
- "type": "number"
2008
+ "connection": {
2009
+ "description": "Base database connection string, or object with individual connection properties",
2010
+ "visibility": "secret",
2011
+ "anyOf": [
2012
+ {
2013
+ "type": "object",
2014
+ "additionalProperties": {},
2015
+ "properties": {
2016
+ "password": {
2017
+ "description": "Password that belongs to the client User",
2018
+ "visibility": "secret",
2019
+ "type": "string"
2020
+ }
2021
+ }
2022
+ },
2023
+ {
2024
+ "type": "string"
2025
+ }
2026
+ ]
1904
2027
  },
1905
- "promptBeforeIdleSeconds": {
1906
- "description": "Number of seconds before the idle timeout where the user will be asked if it's still active.\nA dialog will be shown.\nDefault is 10 seconds.\nSet to 0 seconds to disable the prompt.",
1907
- "visibility": "frontend",
1908
- "type": "number"
2028
+ "prefix": {
2029
+ "description": "Database name prefix override",
2030
+ "type": "string"
1909
2031
  },
1910
- "useWorkerTimers": {
1911
- "description": "Enable/disable the usage of worker thread timers instead of main thread timers.\nDefault is true.\nIf you experience some browser incompatibility, you may try to set this to false.",
1912
- "visibility": "frontend",
2032
+ "ensureExists": {
2033
+ "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to true if unspecified.",
1913
2034
  "type": "boolean"
1914
2035
  },
1915
- "logoutIfDisconnected": {
1916
- "description": "Enable/disable the automatic logout also on users that are logged in but with no Backstage tabs open.\nDefault is true.",
1917
- "visibility": "frontend",
2036
+ "ensureSchemaExists": {
2037
+ "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
1918
2038
  "type": "boolean"
1919
- }
1920
- }
1921
- }
1922
- }
1923
- }
1924
- },
1925
- "$schema": "http://json-schema.org/draft-07/schema#"
1926
- }
1927
- },
1928
- {
1929
- "path": "../../node_modules/@backstage/backend-common/node_modules/@backstage/backend-plugin-api/config.d.ts",
1930
- "value": {
1931
- "type": "object",
1932
- "properties": {
1933
- "backend": {
1934
- "type": "object",
1935
- "properties": {
1936
- "workingDirectory": {
1937
- "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
1938
- "type": "string"
1939
- }
1940
- }
1941
- }
1942
- },
1943
- "$schema": "http://json-schema.org/draft-07/schema#"
1944
- }
1945
- },
1946
- {
1947
- "path": "../../node_modules/@backstage/backend-common/node_modules/@backstage/integration-aws-node/config.d.ts",
1948
- "value": {
1949
- "type": "object",
1950
- "properties": {
1951
- "aws": {
1952
- "description": "Configuration for access to AWS accounts",
1953
- "type": "object",
1954
- "properties": {
1955
- "accountDefaults": {
1956
- "description": "Defaults for retrieving AWS account credentials",
1957
- "type": "object",
1958
- "properties": {
1959
- "roleName": {
1960
- "description": "The IAM role to assume to retrieve temporary AWS credentials",
1961
- "type": "string"
1962
- },
1963
- "partition": {
1964
- "description": "The AWS partition of the IAM role, e.g. \"aws\", \"aws-cn\"",
1965
- "type": "string"
1966
- },
1967
- "region": {
1968
- "description": "The STS regional endpoint to use when retrieving temporary AWS credentials, e.g. \"ap-northeast-1\"",
1969
- "type": "string"
1970
2039
  },
1971
- "externalId": {
1972
- "description": "The unique identifier needed to assume the role to retrieve temporary AWS credentials",
1973
- "visibility": "secret",
1974
- "type": "string"
1975
- }
1976
- }
1977
- },
1978
- "mainAccount": {
1979
- "description": "Main account to use for retrieving AWS account credentials",
1980
- "type": "object",
1981
- "properties": {
1982
- "accessKeyId": {
1983
- "description": "The access key ID for a set of static AWS credentials",
1984
- "visibility": "secret",
2040
+ "pluginDivisionMode": {
2041
+ "description": "How plugins databases are managed/divided in the provided database instance.\n\n`database` -> Plugins are each given their own database to manage their schemas/tables.\n\n`schema` -> Plugins will be given their own schema (in the specified/default database)\n to manage their tables.\n\nNOTE: Currently only supported by the `pg` client.",
2042
+ "default": "database",
2043
+ "enum": [
2044
+ "database",
2045
+ "schema"
2046
+ ],
1985
2047
  "type": "string"
1986
2048
  },
1987
- "secretAccessKey": {
1988
- "description": "The secret access key for a set of static AWS credentials",
1989
- "visibility": "secret",
2049
+ "role": {
2050
+ "description": "Configures the ownership of newly created schemas in pg databases.",
1990
2051
  "type": "string"
1991
2052
  },
1992
- "profile": {
1993
- "description": "The configuration profile from a credentials file at ~/.aws/credentials and\na configuration file at ~/.aws/config.",
1994
- "type": "string"
2053
+ "knexConfig": {
2054
+ "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the debug\nand asyncStackTraces booleans",
2055
+ "type": "object",
2056
+ "properties": {},
2057
+ "additionalProperties": true
1995
2058
  },
1996
- "region": {
1997
- "description": "The STS regional endpoint to use for the main account, e.g. \"ap-northeast-1\"",
1998
- "type": "string"
1999
- }
2000
- }
2001
- },
2002
- "accounts": {
2003
- "description": "Configuration for retrieving AWS accounts credentials",
2004
- "type": "array",
2005
- "items": {
2006
- "type": "object",
2007
- "properties": {
2008
- "accountId": {
2009
- "description": "The account ID of the target account that this matches on, e.g. \"123456789012\"",
2010
- "type": "string"
2011
- },
2012
- "accessKeyId": {
2013
- "description": "The access key ID for a set of static AWS credentials",
2014
- "visibility": "secret",
2015
- "type": "string"
2016
- },
2017
- "secretAccessKey": {
2018
- "description": "The secret access key for a set of static AWS credentials",
2019
- "visibility": "secret",
2020
- "type": "string"
2021
- },
2022
- "profile": {
2023
- "description": "The configuration profile from a credentials file at ~/.aws/credentials and\na configuration file at ~/.aws/config.",
2024
- "type": "string"
2025
- },
2026
- "roleName": {
2027
- "description": "The IAM role to assume to retrieve temporary AWS credentials",
2028
- "type": "string"
2029
- },
2030
- "partition": {
2031
- "description": "The AWS partition of the IAM role, e.g. \"aws\", \"aws-cn\"",
2032
- "type": "string"
2033
- },
2034
- "region": {
2035
- "description": "The STS regional endpoint to use when retrieving temporary AWS credentials, e.g. \"ap-northeast-1\"",
2036
- "type": "string"
2037
- },
2038
- "externalId": {
2039
- "description": "The unique identifier needed to assume the role to retrieve temporary AWS credentials",
2040
- "visibility": "secret",
2041
- "type": "string"
2042
- }
2059
+ "skipMigrations": {
2060
+ "description": "Skip running database migrations.",
2061
+ "type": "boolean"
2043
2062
  },
2044
- "required": [
2045
- "accountId"
2046
- ]
2047
- }
2048
- }
2049
- }
2050
- }
2051
- },
2052
- "$schema": "http://json-schema.org/draft-07/schema#"
2053
- }
2054
- },
2055
- {
2056
- "path": "../backend-app-api/config.d.ts",
2057
- "value": {
2058
- "type": "object",
2059
- "properties": {
2060
- "backend": {
2061
- "type": "object",
2062
- "properties": {
2063
- "packages": {
2064
- "description": "Used by the feature discovery service",
2065
- "anyOf": [
2066
- {
2063
+ "plugin": {
2064
+ "description": "Plugin specific database configuration and client override",
2067
2065
  "type": "object",
2068
- "properties": {
2069
- "include": {
2070
- "type": "array",
2071
- "items": {
2066
+ "additionalProperties": {
2067
+ "type": "object",
2068
+ "properties": {
2069
+ "client": {
2070
+ "description": "Database client override",
2071
+ "enum": [
2072
+ "better-sqlite3",
2073
+ "pg",
2074
+ "sqlite3"
2075
+ ],
2072
2076
  "type": "string"
2073
- }
2074
- },
2075
- "exclude": {
2076
- "type": "array",
2077
- "items": {
2077
+ },
2078
+ "connection": {
2079
+ "description": "Database connection string or Knex object override",
2080
+ "visibility": "secret",
2081
+ "anyOf": [
2082
+ {
2083
+ "type": "object",
2084
+ "properties": {},
2085
+ "additionalProperties": true
2086
+ },
2087
+ {
2088
+ "type": "string"
2089
+ }
2090
+ ]
2091
+ },
2092
+ "ensureExists": {
2093
+ "description": "Whether to ensure the given database exists by creating it if it does not.\nDefaults to base config if unspecified.",
2094
+ "type": "boolean"
2095
+ },
2096
+ "ensureSchemaExists": {
2097
+ "description": "Whether to ensure the given database schema exists by creating it if it does not.\nDefaults to false if unspecified.\n\nNOTE: Currently only supported by the `pg` client when pluginDivisionMode: schema",
2098
+ "type": "boolean"
2099
+ },
2100
+ "knexConfig": {
2101
+ "description": "Arbitrary config object to pass to knex when initializing\n(https://knexjs.org/#Installation-client). Most notable is the\ndebug and asyncStackTraces booleans.\n\nThis is merged recursively into the base knexConfig",
2102
+ "type": "object",
2103
+ "properties": {},
2104
+ "additionalProperties": true
2105
+ },
2106
+ "role": {
2107
+ "description": "Configures the ownership of newly created schemas in pg databases.",
2078
2108
  "type": "string"
2109
+ },
2110
+ "skipMigrations": {
2111
+ "description": "Skip running database migrations.",
2112
+ "type": "boolean"
2079
2113
  }
2080
2114
  }
2081
2115
  }
2082
- },
2083
- {
2084
- "const": "all",
2085
- "type": "string"
2086
2116
  }
2117
+ },
2118
+ "required": [
2119
+ "client",
2120
+ "connection"
2087
2121
  ]
2088
- }
2089
- }
2090
- }
2091
- },
2092
- "$schema": "http://json-schema.org/draft-07/schema#"
2093
- }
2094
- },
2095
- {
2096
- "path": "../backend-defaults/config.d.ts",
2097
- "value": {
2098
- "type": "object",
2099
- "properties": {
2100
- "app": {
2101
- "type": "object",
2102
- "properties": {
2103
- "baseUrl": {
2104
- "type": "string"
2105
- }
2106
- },
2107
- "required": [
2108
- "baseUrl"
2109
- ]
2110
- },
2111
- "backend": {
2112
- "type": "object",
2113
- "properties": {
2114
- "baseUrl": {
2115
- "description": "The full base URL of the backend, as seen from the browser's point of\nview as it makes calls to the backend.",
2116
- "type": "string"
2117
2122
  },
2118
- "listen": {
2119
- "description": "Address that the backend should listen to.",
2123
+ "cache": {
2124
+ "description": "Cache connection configuration, select cache type using the `store` field",
2120
2125
  "anyOf": [
2121
2126
  {
2122
2127
  "type": "object",
2123
2128
  "properties": {
2124
- "host": {
2125
- "description": "Address of the interface that the backend should bind to.",
2126
- "type": "string"
2129
+ "store": {
2130
+ "type": "string",
2131
+ "const": "memory"
2127
2132
  },
2128
- "port": {
2129
- "description": "Port that the backend should listen to.",
2130
- "type": [
2131
- "string",
2132
- "number"
2133
- ]
2133
+ "defaultTtl": {
2134
+ "description": "An optional default TTL (in milliseconds, if given as a number)."
2134
2135
  }
2135
- }
2136
+ },
2137
+ "required": [
2138
+ "store"
2139
+ ]
2136
2140
  },
2137
- {
2138
- "type": "string"
2139
- }
2140
- ]
2141
- },
2142
- "https": {
2143
- "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
2144
- "anyOf": [
2145
2141
  {
2146
2142
  "type": "object",
2147
2143
  "properties": {
2148
- "certificate": {
2149
- "description": "Certificate configuration",
2150
- "type": "object",
2151
- "properties": {
2152
- "cert": {
2153
- "description": "PEM encoded certificate. Use $file to load in a file",
2154
- "type": "string"
2155
- },
2156
- "key": {
2157
- "description": "PEM encoded certificate key. Use $file to load in a file.",
2158
- "visibility": "secret",
2159
- "type": "string"
2160
- }
2161
- },
2162
- "required": [
2163
- "cert",
2164
- "key"
2165
- ]
2144
+ "store": {
2145
+ "type": "string",
2146
+ "const": "redis"
2147
+ },
2148
+ "connection": {
2149
+ "description": "A redis connection string in the form `redis://user:pass@host:port`.",
2150
+ "visibility": "secret",
2151
+ "type": "string"
2152
+ },
2153
+ "defaultTtl": {
2154
+ "description": "An optional default TTL (in milliseconds, if given as a number)."
2155
+ },
2156
+ "useRedisSets": {
2157
+ "description": "Whether or not [useRedisSets](https://github.com/jaredwray/keyv/tree/main/packages/redis#useredissets) should be configured to this redis cache.\nDefaults to true if unspecified.",
2158
+ "type": "boolean"
2166
2159
  }
2167
- }
2160
+ },
2161
+ "required": [
2162
+ "connection",
2163
+ "store"
2164
+ ]
2168
2165
  },
2169
2166
  {
2170
- "const": true,
2171
- "type": "boolean"
2167
+ "type": "object",
2168
+ "properties": {
2169
+ "store": {
2170
+ "type": "string",
2171
+ "const": "memcache"
2172
+ },
2173
+ "connection": {
2174
+ "description": "A memcache connection string in the form `user:pass@host:port`.",
2175
+ "visibility": "secret",
2176
+ "type": "string"
2177
+ },
2178
+ "defaultTtl": {
2179
+ "description": "An optional default TTL (in milliseconds)."
2180
+ }
2181
+ },
2182
+ "required": [
2183
+ "connection",
2184
+ "store"
2185
+ ]
2172
2186
  }
2173
2187
  ]
2174
2188
  },
2175
- "auth": {
2176
- "description": "Options used by the default auth, httpAuth and userInfo services.",
2189
+ "cors": {
2177
2190
  "type": "object",
2178
2191
  "properties": {
2179
- "dangerouslyDisableDefaultAuthPolicy": {
2180
- "description": "This disables the otherwise default auth policy, which requires all\nrequests to be authenticated with either user or service credentials.\n\nDisabling this check means that the backend will no longer block\nunauthenticated requests, but instead allow them to pass through to\nplugins.\n\nIf permissions are enabled, unauthenticated requests will be treated\nexactly as such, leaving it to the permission policy to determine what\npermissions should be allowed for an unauthenticated identity. Note\nthat this will also apply to service-to-service calls between plugins\nunless you configure credentials for service calls.",
2181
- "type": "boolean"
2182
- },
2183
- "pluginKeyStore": {
2184
- "description": "Controls how to store keys for plugin-to-plugin auth",
2192
+ "origin": {
2185
2193
  "anyOf": [
2186
2194
  {
2187
- "type": "object",
2188
- "properties": {
2189
- "type": {
2190
- "type": "string",
2191
- "const": "database"
2192
- }
2193
- },
2194
- "required": [
2195
- "type"
2196
- ]
2197
- },
2198
- {
2199
- "type": "object",
2200
- "properties": {
2201
- "type": {
2202
- "type": "string",
2203
- "const": "static"
2204
- },
2205
- "static": {
2206
- "type": "object",
2207
- "properties": {
2208
- "keys": {
2209
- "description": "Must be declared at least once and the first one will be used for signing.",
2210
- "type": "array",
2211
- "items": {
2212
- "type": "object",
2213
- "properties": {
2214
- "publicKeyFile": {
2215
- "description": "Path to the public key file in the SPKI format. Should be an absolute path.",
2216
- "type": "string"
2217
- },
2218
- "privateKeyFile": {
2219
- "description": "Path to the matching private key file in the PKCS#8 format. Should be an absolute path.\n\nThe first array entry must specify a private key file, the rest must not.",
2220
- "type": "string"
2221
- },
2222
- "keyId": {
2223
- "description": "ID to uniquely identify this key within the JWK set.",
2224
- "type": "string"
2225
- },
2226
- "algorithm": {
2227
- "description": "JWS \"alg\" (Algorithm) Header Parameter value. Defaults to ES256.\nMust match the algorithm used to generate the keys in the provided files",
2228
- "type": "string"
2229
- }
2230
- },
2231
- "required": [
2232
- "keyId",
2233
- "publicKeyFile"
2234
- ]
2235
- }
2236
- }
2237
- },
2238
- "required": [
2239
- "keys"
2240
- ]
2241
- }
2242
- },
2243
- "required": [
2244
- "static",
2245
- "type"
2246
- ]
2195
+ "type": "array",
2196
+ "items": {
2197
+ "type": "string"
2198
+ }
2199
+ },
2200
+ {
2201
+ "type": "string"
2247
2202
  }
2248
2203
  ]
2249
2204
  },
2250
- "externalAccess": {
2251
- "description": "Configures methods of external access, ie ways for callers outside of\nthe Backstage ecosystem to get authorized for access to APIs that do\nnot permit unauthorized access.",
2205
+ "methods": {
2206
+ "anyOf": [
2207
+ {
2208
+ "type": "array",
2209
+ "items": {
2210
+ "type": "string"
2211
+ }
2212
+ },
2213
+ {
2214
+ "type": "string"
2215
+ }
2216
+ ]
2217
+ },
2218
+ "allowedHeaders": {
2219
+ "anyOf": [
2220
+ {
2221
+ "type": "array",
2222
+ "items": {
2223
+ "type": "string"
2224
+ }
2225
+ },
2226
+ {
2227
+ "type": "string"
2228
+ }
2229
+ ]
2230
+ },
2231
+ "exposedHeaders": {
2232
+ "anyOf": [
2233
+ {
2234
+ "type": "array",
2235
+ "items": {
2236
+ "type": "string"
2237
+ }
2238
+ },
2239
+ {
2240
+ "type": "string"
2241
+ }
2242
+ ]
2243
+ },
2244
+ "credentials": {
2245
+ "type": "boolean"
2246
+ },
2247
+ "maxAge": {
2248
+ "type": "number"
2249
+ },
2250
+ "preflightContinue": {
2251
+ "type": "boolean"
2252
+ },
2253
+ "optionsSuccessStatus": {
2254
+ "type": "number"
2255
+ }
2256
+ }
2257
+ },
2258
+ "csp": {
2259
+ "description": "Content Security Policy options.\n\nThe keys are the plain policy ID, e.g. \"upgrade-insecure-requests\". The\nvalues are on the format that the helmet library expects them, as an\narray of strings. There is also the special value false, which means to\nremove the default value that Backstage puts in place for that policy.",
2260
+ "type": "object",
2261
+ "additionalProperties": {
2262
+ "anyOf": [
2263
+ {
2264
+ "type": "array",
2265
+ "items": {
2266
+ "type": "string"
2267
+ }
2268
+ },
2269
+ {
2270
+ "const": false,
2271
+ "type": "boolean"
2272
+ }
2273
+ ]
2274
+ }
2275
+ },
2276
+ "reading": {
2277
+ "description": "Configuration related to URL reading, used for example for reading catalog info\nfiles, scaffolder templates, and techdocs content.",
2278
+ "type": "object",
2279
+ "properties": {
2280
+ "allow": {
2281
+ "description": "A list of targets to allow outgoing requests to. Users will be able to make\nrequests on behalf of the backend to the targets that are allowed by this list.",
2252
2282
  "type": "array",
2253
2283
  "items": {
2254
- "anyOf": [
2255
- {
2256
- "type": "object",
2257
- "properties": {
2258
- "type": {
2259
- "description": "This is the legacy service-to-service access method, where a set\nof static keys were shared among plugins and used for symmetric\nsigning and verification. These correspond to the old\n`backend.auth.keys` set and retain their behavior for backwards\ncompatibility. Please migrate to other access methods when\npossible.\n\nCallers generate JWT tokens with the following payload:\n\n```json\n{\n \"sub\": \"backstage-plugin\",\n \"exp\": <epoch seconds one hour in the future>\n}\n```\n\nAnd sign them with HS256, using the base64 decoded secret. The\ntokens are then passed along with requests in the Authorization\nheader:\n\n```\nAuthorization: Bearer eyJhbGciOiJIUzI...\n```",
2260
- "type": "string",
2261
- "const": "legacy"
2262
- },
2263
- "options": {
2264
- "type": "object",
2265
- "properties": {
2266
- "secret": {
2267
- "description": "Any set of base64 encoded random bytes to be used as both the\nsigning and verification key. Should be sufficiently long so as\nnot to be easy to guess by brute force.\n\nCan be generated eg using\n\n```sh\nnode -p 'require(\"crypto\").randomBytes(24).toString(\"base64\")'\n```",
2268
- "visibility": "secret",
2269
- "type": "string"
2270
- },
2271
- "subject": {
2272
- "description": "Sets the subject of the principal, when matching this token.\nUseful for debugging and tracking purposes.",
2273
- "type": "string"
2274
- }
2275
- },
2276
- "required": [
2277
- "secret",
2278
- "subject"
2279
- ]
2280
- },
2281
- "accessRestrictions": {
2282
- "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2283
- "type": "array",
2284
- "items": {
2285
- "type": "object",
2286
- "properties": {
2287
- "plugin": {
2288
- "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2289
- "type": "string"
2290
- },
2291
- "permission": {
2292
- "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2293
- "anyOf": [
2294
- {
2295
- "type": "array",
2296
- "items": {
2297
- "type": "string"
2298
- }
2299
- },
2300
- {
2301
- "type": "string"
2302
- }
2303
- ]
2304
- },
2305
- "permissionAttribute": {
2306
- "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2307
- "type": "object",
2308
- "properties": {
2309
- "action": {
2310
- "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2311
- "anyOf": [
2312
- {
2313
- "type": "array",
2314
- "items": {
2315
- "type": "string"
2316
- }
2317
- },
2318
- {
2319
- "type": "string"
2320
- }
2321
- ]
2322
- }
2323
- }
2324
- }
2325
- },
2326
- "required": [
2327
- "plugin"
2328
- ]
2329
- }
2330
- }
2331
- },
2332
- "required": [
2333
- "options",
2334
- "type"
2335
- ]
2284
+ "type": "object",
2285
+ "properties": {
2286
+ "host": {
2287
+ "description": "A host to allow outgoing requests to, being either a full host or\na subdomain wildcard pattern with a leading `*`. For example `example.com`\nand `*.example.com` are valid values, `prod.*.example.com` is not.\nThe host may also contain a port, for example `example.com:8080`.",
2288
+ "type": "string"
2336
2289
  },
2337
- {
2338
- "type": "object",
2339
- "properties": {
2340
- "type": {
2341
- "description": "This access method consists of random static tokens that can be\nhanded out to callers.\n\nThe tokens are then passed along verbatim with requests in the\nAuthorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
2342
- "type": "string",
2343
- "const": "static"
2344
- },
2345
- "options": {
2346
- "type": "object",
2347
- "properties": {
2348
- "token": {
2349
- "description": "A raw token that can be any string, but for security reasons\nshould be sufficiently long so as not to be easy to guess by\nbrute force.\n\nCan be generated eg using\n\n```sh\nnode -p 'require(\"crypto\").randomBytes(24).toString(\"base64\")'\n```\n\nSince the tokens can be any string, you are free to add\nadditional identifying data to them if you like. For example,\nadding a `freben-local-dev-` prefix for debugging purposes to a\ntoken that you know will be handed out for use as a personal\naccess token during development.",
2350
- "visibility": "secret",
2351
- "type": "string"
2352
- },
2353
- "subject": {
2354
- "description": "Sets the subject of the principal, when matching this token.\nUseful for debugging and tracking purposes.",
2355
- "type": "string"
2356
- }
2357
- },
2358
- "required": [
2359
- "subject",
2360
- "token"
2361
- ]
2362
- },
2363
- "accessRestrictions": {
2364
- "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2365
- "type": "array",
2366
- "items": {
2367
- "type": "object",
2368
- "properties": {
2369
- "plugin": {
2370
- "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2371
- "type": "string"
2372
- },
2373
- "permission": {
2374
- "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2375
- "anyOf": [
2376
- {
2377
- "type": "array",
2378
- "items": {
2379
- "type": "string"
2380
- }
2381
- },
2382
- {
2383
- "type": "string"
2384
- }
2385
- ]
2386
- },
2387
- "permissionAttribute": {
2388
- "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2389
- "type": "object",
2390
- "properties": {
2391
- "action": {
2392
- "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2393
- "anyOf": [
2394
- {
2395
- "type": "array",
2396
- "items": {
2397
- "type": "string"
2398
- }
2399
- },
2400
- {
2401
- "type": "string"
2402
- }
2403
- ]
2404
- }
2405
- }
2406
- }
2407
- },
2408
- "required": [
2409
- "plugin"
2410
- ]
2411
- }
2290
+ "paths": {
2291
+ "description": "An optional list of paths. In case they are present only targets matching\nany of them will are allowed. You can use trailing slashes to make sure only\nsubdirectories are allowed, for example `/mydir/` will allow targets with\npaths like `/mydir/a` but will block paths like `/mydir2`.",
2292
+ "type": "array",
2293
+ "items": {
2294
+ "type": "string"
2295
+ }
2296
+ }
2297
+ },
2298
+ "required": [
2299
+ "host"
2300
+ ]
2301
+ }
2302
+ }
2303
+ }
2304
+ }
2305
+ },
2306
+ "required": [
2307
+ "baseUrl",
2308
+ "database"
2309
+ ]
2310
+ },
2311
+ "discovery": {
2312
+ "description": "Options used by the default discovery service.",
2313
+ "type": "object",
2314
+ "properties": {
2315
+ "endpoints": {
2316
+ "description": "A list of target baseUrls and the associated plugins.",
2317
+ "type": "array",
2318
+ "items": {
2319
+ "type": "object",
2320
+ "properties": {
2321
+ "target": {
2322
+ "description": "The target base URL to use for the plugin.\n\nCan be either a string or an object with internal and external keys.\nTargets with `{{pluginId}}` or `{{ pluginId }} in the URL will be replaced with the plugin ID.",
2323
+ "anyOf": [
2324
+ {
2325
+ "type": "object",
2326
+ "properties": {
2327
+ "internal": {
2328
+ "type": "string"
2329
+ },
2330
+ "external": {
2331
+ "type": "string"
2412
2332
  }
2413
2333
  },
2414
2334
  "required": [
2415
- "options",
2416
- "type"
2335
+ "external",
2336
+ "internal"
2417
2337
  ]
2418
2338
  },
2419
2339
  {
2420
- "type": "object",
2421
- "properties": {
2422
- "type": {
2423
- "description": "This access method consists of a JWKS endpoint that can be used to\nverify JWT tokens.\n\nCallers generate JWT tokens via 3rd party tooling\nand pass them in the Authorization header:\n\n```\nAuthorization: Bearer eZv5o+fW3KnR3kVabMW4ZcDNLPl8nmMW\n```",
2424
- "type": "string",
2425
- "const": "jwks"
2426
- },
2427
- "options": {
2428
- "type": "object",
2429
- "properties": {
2430
- "url": {
2431
- "description": "The full URL of the JWKS endpoint.",
2432
- "type": "string"
2433
- },
2434
- "algorithm": {
2435
- "description": "Sets the algorithm(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have been signed using one of the listed algorithms.",
2436
- "anyOf": [
2437
- {
2438
- "type": "array",
2439
- "items": {
2440
- "type": "string"
2441
- }
2442
- },
2443
- {
2444
- "type": "string"
2445
- }
2446
- ]
2447
- },
2448
- "issuer": {
2449
- "description": "Sets the issuer(s) that should be used to verify the JWT tokens.\nPassed JWTs must have an `iss` claim which matches one of the specified issuers.",
2450
- "anyOf": [
2451
- {
2452
- "type": "array",
2453
- "items": {
2454
- "type": "string"
2455
- }
2456
- },
2457
- {
2458
- "type": "string"
2459
- }
2460
- ]
2461
- },
2462
- "audience": {
2463
- "description": "Sets the audience(s) that should be used to verify the JWT tokens.\nThe passed JWTs must have an \"aud\" claim that matches one of the audiences specified,\nor have no audience specified.",
2464
- "anyOf": [
2465
- {
2466
- "type": "array",
2467
- "items": {
2468
- "type": "string"
2469
- }
2470
- },
2471
- {
2472
- "type": "string"
2473
- }
2474
- ]
2475
- },
2476
- "subjectPrefix": {
2477
- "description": "Sets an optional subject prefix. Passes the subject to called plugins.\nUseful for debugging and tracking purposes.",
2478
- "type": "string"
2479
- }
2480
- },
2481
- "required": [
2482
- "url"
2483
- ]
2484
- },
2485
- "accessRestrictions": {
2486
- "description": "Restricts what types of access that are permitted for this access\nmethod. If no access restrictions are given, it'll have unlimited\naccess. This access restriction applies for the framework level;\nindividual plugins may have their own access control mechanisms\non top of this.",
2487
- "type": "array",
2488
- "items": {
2489
- "type": "object",
2490
- "properties": {
2491
- "plugin": {
2492
- "description": "Permit access to make requests to this plugin.\n\nCan be further refined by setting additional fields below.",
2493
- "type": "string"
2494
- },
2495
- "permission": {
2496
- "description": "If given, this method is limited to only performing actions\nwith these named permissions in this plugin.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2497
- "anyOf": [
2498
- {
2499
- "type": "array",
2500
- "items": {
2501
- "type": "string"
2502
- }
2503
- },
2504
- {
2505
- "type": "string"
2506
- }
2507
- ]
2508
- },
2509
- "permissionAttribute": {
2510
- "description": "If given, this method is limited to only performing actions\nwhose permissions have these attributes.\n\nNote that this only applies where permissions checks are\nenabled in the first place. Endpoints that are not protected by\nthe permissions system at all, are not affected by this\nsetting.",
2511
- "type": "object",
2512
- "properties": {
2513
- "action": {
2514
- "description": "One of more of 'create', 'read', 'update', or 'delete'.",
2515
- "anyOf": [
2516
- {
2517
- "type": "array",
2518
- "items": {
2519
- "type": "string"
2520
- }
2521
- },
2522
- {
2523
- "type": "string"
2524
- }
2525
- ]
2526
- }
2527
- }
2528
- }
2529
- },
2530
- "required": [
2531
- "plugin"
2532
- ]
2533
- }
2534
- }
2340
+ "type": "string"
2341
+ }
2342
+ ]
2343
+ },
2344
+ "plugins": {
2345
+ "description": "Array of plugins which use the target base URL.",
2346
+ "type": "array",
2347
+ "items": {
2348
+ "type": "string"
2349
+ }
2350
+ }
2351
+ },
2352
+ "required": [
2353
+ "plugins",
2354
+ "target"
2355
+ ]
2356
+ }
2357
+ }
2358
+ },
2359
+ "required": [
2360
+ "endpoints"
2361
+ ]
2362
+ }
2363
+ },
2364
+ "required": [
2365
+ "app"
2366
+ ],
2367
+ "$schema": "http://json-schema.org/draft-07/schema#"
2368
+ }
2369
+ },
2370
+ {
2371
+ "path": "../../plugins/events-node/config.d.ts",
2372
+ "value": {
2373
+ "type": "object",
2374
+ "properties": {
2375
+ "events": {
2376
+ "type": "object",
2377
+ "properties": {
2378
+ "useEventBus": {
2379
+ "description": "Whether to use the event bus API in the events plugin backend to\ndistribute events across multiple instances when publishing and\nsubscribing to events.\n\nThe default is 'auto', which means means that the event bus API will be\nused if it's available, but will be disabled if the events backend\nreturns a 404.\n\nIf set to 'never', the events service will only ever publish events\nlocally to the same instance, while if set to 'always', the event bus API\nwill never be disabled, even if the events backend returns a 404.",
2380
+ "enum": [
2381
+ "always",
2382
+ "auto",
2383
+ "never"
2384
+ ],
2385
+ "type": "string"
2386
+ }
2387
+ }
2388
+ }
2389
+ },
2390
+ "$schema": "http://json-schema.org/draft-07/schema#"
2391
+ }
2392
+ },
2393
+ {
2394
+ "path": "../../node_modules/@backstage/backend-common/config.d.ts",
2395
+ "value": {
2396
+ "type": "object",
2397
+ "properties": {
2398
+ "app": {
2399
+ "type": "object",
2400
+ "properties": {
2401
+ "baseUrl": {
2402
+ "type": "string"
2403
+ }
2404
+ },
2405
+ "required": [
2406
+ "baseUrl"
2407
+ ]
2408
+ },
2409
+ "backend": {
2410
+ "type": "object",
2411
+ "properties": {
2412
+ "auth": {
2413
+ "description": "Backend configuration for when request authentication is enabled",
2414
+ "type": "object",
2415
+ "properties": {
2416
+ "keys": {
2417
+ "description": "Keys shared by all backends for signing and validating backend tokens.",
2418
+ "type": "array",
2419
+ "items": {
2420
+ "type": "object",
2421
+ "properties": {
2422
+ "secret": {
2423
+ "description": "Secret for generating tokens. Should be a base64 string, recommended\nlength is 24 bytes.",
2424
+ "visibility": "secret",
2425
+ "type": "string"
2426
+ }
2427
+ },
2428
+ "required": [
2429
+ "secret"
2430
+ ]
2431
+ }
2432
+ }
2433
+ }
2434
+ },
2435
+ "baseUrl": {
2436
+ "type": "string"
2437
+ },
2438
+ "listen": {
2439
+ "description": "Address that the backend should listen to.",
2440
+ "anyOf": [
2441
+ {
2442
+ "type": "object",
2443
+ "properties": {
2444
+ "host": {
2445
+ "description": "Address of the interface that the backend should bind to.",
2446
+ "type": "string"
2447
+ },
2448
+ "port": {
2449
+ "description": "Port that the backend should listen to.",
2450
+ "type": [
2451
+ "string",
2452
+ "number"
2453
+ ]
2454
+ }
2455
+ }
2456
+ },
2457
+ {
2458
+ "type": "string"
2459
+ }
2460
+ ]
2461
+ },
2462
+ "https": {
2463
+ "description": "HTTPS configuration for the backend. If omitted the backend will serve HTTP.\n\nSetting this to `true` will cause self-signed certificates to be generated, which\ncan be useful for local development or other non-production scenarios.",
2464
+ "anyOf": [
2465
+ {
2466
+ "type": "object",
2467
+ "properties": {
2468
+ "certificate": {
2469
+ "description": "Certificate configuration",
2470
+ "type": "object",
2471
+ "properties": {
2472
+ "cert": {
2473
+ "description": "PEM encoded certificate. Use $file to load in a file",
2474
+ "type": "string"
2535
2475
  },
2536
- "required": [
2537
- "options",
2538
- "type"
2539
- ]
2540
- }
2541
- ]
2476
+ "key": {
2477
+ "description": "PEM encoded certificate key. Use $file to load in a file.",
2478
+ "visibility": "secret",
2479
+ "type": "string"
2480
+ }
2481
+ },
2482
+ "required": [
2483
+ "cert",
2484
+ "key"
2485
+ ]
2486
+ }
2542
2487
  }
2488
+ },
2489
+ {
2490
+ "const": true,
2491
+ "type": "boolean"
2543
2492
  }
2544
- }
2493
+ ]
2494
+ },
2495
+ "workingDirectory": {
2496
+ "description": "An absolute path to a directory that can be used as a working dir, for\nexample as scratch space for large operations.",
2497
+ "type": "string"
2545
2498
  },
2546
2499
  "database": {
2547
2500
  "description": "Database connection configuration, select base database type using the `client` field",
@@ -2607,10 +2560,6 @@
2607
2560
  "properties": {},
2608
2561
  "additionalProperties": true
2609
2562
  },
2610
- "skipMigrations": {
2611
- "description": "Skip running database migrations.",
2612
- "type": "boolean"
2613
- },
2614
2563
  "plugin": {
2615
2564
  "description": "Plugin specific database configuration and client override",
2616
2565
  "type": "object",
@@ -2657,10 +2606,6 @@
2657
2606
  "role": {
2658
2607
  "description": "Configures the ownership of newly created schemas in pg databases.",
2659
2608
  "type": "string"
2660
- },
2661
- "skipMigrations": {
2662
- "description": "Skip running database migrations.",
2663
- "type": "boolean"
2664
2609
  }
2665
2610
  }
2666
2611
  }
@@ -2738,6 +2683,7 @@
2738
2683
  ]
2739
2684
  },
2740
2685
  "cors": {
2686
+ "description": "Properties returned upon CORS requests to the backend, including the app-backend.",
2741
2687
  "type": "object",
2742
2688
  "properties": {
2743
2689
  "origin": {
@@ -2856,91 +2802,18 @@
2856
2802
  },
2857
2803
  "required": [
2858
2804
  "baseUrl",
2859
- "database"
2860
- ]
2861
- },
2862
- "discovery": {
2863
- "description": "Options used by the default discovery service.",
2864
- "type": "object",
2865
- "properties": {
2866
- "endpoints": {
2867
- "description": "A list of target baseUrls and the associated plugins.",
2868
- "type": "array",
2869
- "items": {
2870
- "type": "object",
2871
- "properties": {
2872
- "target": {
2873
- "description": "The target base URL to use for the plugin.\n\nCan be either a string or an object with internal and external keys.\nTargets with `{{pluginId}}` or `{{ pluginId }} in the URL will be replaced with the plugin ID.",
2874
- "anyOf": [
2875
- {
2876
- "type": "object",
2877
- "properties": {
2878
- "internal": {
2879
- "type": "string"
2880
- },
2881
- "external": {
2882
- "type": "string"
2883
- }
2884
- },
2885
- "required": [
2886
- "external",
2887
- "internal"
2888
- ]
2889
- },
2890
- {
2891
- "type": "string"
2892
- }
2893
- ]
2894
- },
2895
- "plugins": {
2896
- "description": "Array of plugins which use the target base URL.",
2897
- "type": "array",
2898
- "items": {
2899
- "type": "string"
2900
- }
2901
- }
2902
- },
2903
- "required": [
2904
- "plugins",
2905
- "target"
2906
- ]
2907
- }
2908
- }
2909
- },
2910
- "required": [
2911
- "endpoints"
2805
+ "database",
2806
+ "listen"
2912
2807
  ]
2913
2808
  }
2914
2809
  },
2915
2810
  "required": [
2916
- "app"
2811
+ "app",
2812
+ "backend"
2917
2813
  ],
2918
2814
  "$schema": "http://json-schema.org/draft-07/schema#"
2919
2815
  }
2920
2816
  },
2921
- {
2922
- "path": "../../plugins/events-node/config.d.ts",
2923
- "value": {
2924
- "type": "object",
2925
- "properties": {
2926
- "events": {
2927
- "type": "object",
2928
- "properties": {
2929
- "useEventBus": {
2930
- "description": "Whether to use the event bus API in the events plugin backend to\ndistribute events across multiple instances when publishing and\nsubscribing to events.\n\nThe default is 'auto', which means means that the event bus API will be\nused if it's available, but will be disabled if the events backend\nreturns a 404.\n\nIf set to 'never', the events service will only ever publish events\nlocally to the same instance, while if set to 'always', the event bus API\nwill never be disabled, even if the events backend returns a 404.",
2931
- "enum": [
2932
- "always",
2933
- "auto",
2934
- "never"
2935
- ],
2936
- "type": "string"
2937
- }
2938
- }
2939
- }
2940
- },
2941
- "$schema": "http://json-schema.org/draft-07/schema#"
2942
- }
2943
- },
2944
2817
  {
2945
2818
  "path": "../../plugins/auth-backend-module-atlassian-provider/config.d.ts",
2946
2819
  "value": {
@@ -4512,118 +4385,6 @@
4512
4385
  },
4513
4386
  "$schema": "http://json-schema.org/draft-07/schema#"
4514
4387
  }
4515
- },
4516
- {
4517
- "path": "../../node_modules/@backstage-community/plugin-puppetdb/node_modules/@backstage/frontend-app-api/config.d.ts",
4518
- "value": {
4519
- "type": "object",
4520
- "properties": {
4521
- "app": {
4522
- "type": "object",
4523
- "properties": {
4524
- "experimental": {
4525
- "type": "object",
4526
- "properties": {
4527
- "packages": {
4528
- "visibility": "frontend",
4529
- "deepVisibility": "frontend",
4530
- "anyOf": [
4531
- {
4532
- "type": "object",
4533
- "properties": {
4534
- "include": {
4535
- "type": "array",
4536
- "items": {
4537
- "type": "string"
4538
- }
4539
- },
4540
- "exclude": {
4541
- "type": "array",
4542
- "items": {
4543
- "type": "string"
4544
- }
4545
- }
4546
- }
4547
- },
4548
- {
4549
- "const": "all",
4550
- "type": "string"
4551
- }
4552
- ]
4553
- }
4554
- }
4555
- },
4556
- "routes": {
4557
- "type": "object",
4558
- "properties": {
4559
- "bindings": {
4560
- "description": "Maps external route references to regular route references. Both the\nkey and the value is expected to be on the form `<pluginId>.<routeId>`.\nIf the value is `false`, the route will be disabled even if it has a\ndefault mapping.",
4561
- "deepVisibility": "frontend",
4562
- "type": "object",
4563
- "additionalProperties": {
4564
- "anyOf": [
4565
- {
4566
- "const": false,
4567
- "type": "boolean"
4568
- },
4569
- {
4570
- "type": "string"
4571
- }
4572
- ]
4573
- }
4574
- }
4575
- }
4576
- },
4577
- "extensions": {
4578
- "deepVisibility": "frontend",
4579
- "type": "array",
4580
- "items": {
4581
- "anyOf": [
4582
- {
4583
- "type": "object",
4584
- "additionalProperties": {
4585
- "anyOf": [
4586
- {
4587
- "type": "object",
4588
- "properties": {
4589
- "attachTo": {
4590
- "type": "object",
4591
- "properties": {
4592
- "id": {
4593
- "type": "string"
4594
- },
4595
- "input": {
4596
- "type": "string"
4597
- }
4598
- },
4599
- "required": [
4600
- "id",
4601
- "input"
4602
- ]
4603
- },
4604
- "disabled": {
4605
- "type": "boolean"
4606
- },
4607
- "config": {}
4608
- }
4609
- },
4610
- {
4611
- "type": "boolean"
4612
- }
4613
- ]
4614
- }
4615
- },
4616
- {
4617
- "type": "string"
4618
- }
4619
- ]
4620
- }
4621
- }
4622
- }
4623
- }
4624
- },
4625
- "$schema": "http://json-schema.org/draft-07/schema#"
4626
- }
4627
4388
  }
4628
4389
  ],
4629
4390
  "backstageConfigSchemaVersion": 1