paulononato/backstage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Forward user token to scaffolder taskworker for subsequent api requests

Browse Source 
Signed-off-by: Erik Larsson <erik.larsson@schibsted.com>
This commit is contained in:
Erik Larsson
2021-04-01 15:24:33 +02:00
parent 93dc706eea
commit 84c54474dd
5 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.changeset/eight-plums-hide.md
+5
View File
@@ -0,0 +1,5 @@
---
'@backstage/plugin-scaffolder-backend': patch
---
Forward user token to scaffolder taskworker for subsequent api requests
plugins/scaffolder-backend/src/scaffolder/actions/types.ts
+4
View File
@@ -32,6 +32,10 @@ export type ActionContext<Input extends InputBase> = {
logger: Logger;
logStream: Writable;
/**
* User token forwarded from initial request, for use in subsequent api requests
*/
token?: string | undefined;
workspacePath: string;
input: Input;
output(name: string, value: JsonValue): void;
plugins/scaffolder-backend/src/scaffolder/tasks/TaskWorker.ts
+1
View File
@@ -134,6 +134,7 @@ export class TaskWorker {
logger: taskLogger,
logStream: stream,
input,
token: task.spec.token,
workspacePath,
async createTemporaryDirectory() {
const tmpDir = await fs.mkdtemp(
plugins/scaffolder-backend/src/scaffolder/tasks/types.ts
+1
View File
@@ -44,6 +44,7 @@ export type DbTaskEventRow = {
export type TaskSpec = {
baseUrl?: string;
token?: string | undefined;
values: JsonObject;
steps: Array<{
id: string;
plugins/scaffolder-backend/src/service/router.ts
+5 -1
View File
@@ -358,8 +358,9 @@ export async function createRouter(
.post('/v2/tasks', async (req, res) => {
const templateName: string = req.body.templateName;
const values: TemplaterValues = req.body.values;
const token = getBearerToken(req.headers.authorization);
const template = await entityClient.findTemplate(templateName, {
token: getBearerToken(req.headers.authorization),
token,
});
let taskSpec;
@@ -386,6 +387,7 @@ export async function createRouter(
taskSpec = {
baseUrl,
token,
values,
steps: template.spec.steps.map((step, index) => ({
...step,
@@ -412,6 +414,8 @@ export async function createRouter(
if (!task) {
throw new NotFoundError(`Task with id ${taskId} does not exist`);
}
// Do not disclose token
delete task.spec.token;
res.status(200).json(task);
})
.get('/v2/tasks/:taskId/eventstream', async (req, res) => {