diff --git a/.changeset/silly-jeans-wonder.md b/.changeset/silly-jeans-wonder.md new file mode 100644 index 0000000000..ae4259300f --- /dev/null +++ b/.changeset/silly-jeans-wonder.md @@ -0,0 +1,5 @@ +--- +'@backstage/integration': patch +--- + +Renamed ClientSecret to AzureClientSecretCredential and ManagedIdentity to AzureManagedIdentityCredential diff --git a/packages/integration/api-report.md b/packages/integration/api-report.md index 928b888a93..c2501b4ac2 100644 --- a/packages/integration/api-report.md +++ b/packages/integration/api-report.md @@ -39,7 +39,16 @@ export type AwsS3IntegrationConfig = { }; // @public -export type AzureCredential = ClientSecret | ManagedIdentity; +export type AzureClientSecretCredential = { + tenantId: string; + clientId: string; + clientSecret: string; +}; + +// @public +export type AzureCredential = + | AzureClientSecretCredential + | AzureManagedIdentityCredential; // @public export class AzureIntegration implements ScmIntegration { @@ -69,6 +78,11 @@ export type AzureIntegrationConfig = { credential?: AzureCredential; }; +// @public +export type AzureManagedIdentityCredential = { + clientId: string; +}; + // @public export class BitbucketCloudIntegration implements ScmIntegration { constructor(integrationConfig: BitbucketCloudIntegrationConfig); @@ -158,13 +172,6 @@ export type BitbucketServerIntegrationConfig = { password?: string; }; -// @public -export type ClientSecret = { - tenantId: string; - clientId: string; - clientSecret: string; -}; - // @public export class DefaultGithubCredentialsProvider implements GithubCredentialsProvider @@ -572,11 +579,6 @@ export interface IntegrationsByType { gitlab: ScmIntegrationsGroup; } -// @public -export type ManagedIdentity = { - clientId: string; -}; - // @public export function parseGerritGitilesUrl( config: GerritIntegrationConfig, diff --git a/packages/integration/src/azure/config.ts b/packages/integration/src/azure/config.ts index 6d80bee516..3f12f3ef13 100644 --- a/packages/integration/src/azure/config.ts +++ b/packages/integration/src/azure/config.ts @@ -51,7 +51,7 @@ export type AzureIntegrationConfig = { * Authenticate using a client secret that was generated for an App Registration. * @public */ -export type ClientSecret = { +export type AzureClientSecretCredential = { /** * The Azure Active Directory tenant */ @@ -71,7 +71,7 @@ export type ClientSecret = { * Authenticate using a managed identity available at the deployment environment. * @public */ -export type ManagedIdentity = { +export type AzureManagedIdentityCredential = { /** * The clientId */ @@ -82,11 +82,13 @@ export type ManagedIdentity = { * Credential used to authenticate to Azure Active Directory. * @public */ -export type AzureCredential = ClientSecret | ManagedIdentity; -export const isServicePrincipal = ( +export type AzureCredential = + | AzureClientSecretCredential + | AzureManagedIdentityCredential; +export const isAzureClientSecretCredential = ( credential: Partial, -): credential is ClientSecret => { - const clientSecretCredential = credential as ClientSecret; +): credential is AzureClientSecretCredential => { + const clientSecretCredential = credential as AzureClientSecretCredential; return ( Object.keys(credential).length === 3 && @@ -96,12 +98,12 @@ export const isServicePrincipal = ( ); }; -export const isManagedIdentity = ( +export const isAzureManagedIdentityCredential = ( credential: Partial, -): credential is ManagedIdentity => { +): credential is AzureManagedIdentityCredential => { return ( Object.keys(credential).length === 1 && - (credential as ManagedIdentity).clientId !== undefined + (credential as AzureManagedIdentityCredential).clientId !== undefined ); }; @@ -133,8 +135,8 @@ export function readAzureIntegrationConfig( if ( credential && - !isServicePrincipal(credential) && - !isManagedIdentity(credential) + !isAzureClientSecretCredential(credential) && + !isAzureManagedIdentityCredential(credential) ) { throw new Error( `Invalid Azure integration config, credential is not valid`, diff --git a/packages/integration/src/azure/core.ts b/packages/integration/src/azure/core.ts index cd0345b1f8..31aa13d91f 100644 --- a/packages/integration/src/azure/core.ts +++ b/packages/integration/src/azure/core.ts @@ -17,8 +17,8 @@ import { AzureUrl } from './AzureUrl'; import { AzureIntegrationConfig, - isManagedIdentity, - isServicePrincipal, + isAzureManagedIdentityCredential, + isAzureClientSecretCredential, } from './config'; import { ClientSecretCredential, @@ -81,7 +81,7 @@ export async function getAzureRequestOptions( const { token, credential } = config; if (credential) { - if (isServicePrincipal(credential)) { + if (isAzureClientSecretCredential(credential)) { const servicePrincipal = new ClientSecretCredential( credential.tenantId, credential.clientId, @@ -90,7 +90,7 @@ export async function getAzureRequestOptions( const accessToken = await servicePrincipal.getToken(azureDevOpsScope); headers.Authorization = `Bearer ${accessToken.token}`; - } else if (isManagedIdentity(credential)) { + } else if (isAzureManagedIdentityCredential(credential)) { const managedIdentity = new ManagedIdentityCredential( credential.clientId, ); diff --git a/packages/integration/src/azure/index.ts b/packages/integration/src/azure/index.ts index 808043fdb0..21cf069807 100644 --- a/packages/integration/src/azure/index.ts +++ b/packages/integration/src/azure/index.ts @@ -22,8 +22,8 @@ export { export type { AzureIntegrationConfig, AzureCredential, - ManagedIdentity, - ClientSecret, + AzureManagedIdentityCredential, + AzureClientSecretCredential, } from './config'; export { getAzureCommitsUrl,