diff --git a/.changeset/dry-pianos-brush.md b/.changeset/dry-pianos-brush.md new file mode 100644 index 0000000000..c749962a83 --- /dev/null +++ b/.changeset/dry-pianos-brush.md @@ -0,0 +1,51 @@ +--- +'@backstage/create-app': patch +--- + +Incorporate usage of the tokenManager into the backend created using `create-app`. + +In existing backends, update the `PluginEnvironment` to include a `tokenManager`: + +```diff +// packages/backend/src/types.ts + +... +import { + ... ++ TokenManager, +} from '@backstage/backend-common'; + +export type PluginEnvironment = { + ... ++ tokenManager: TokenManager; +}; +``` + +Then, create a `ServerTokenManager`. This can either be a `noop` that requires no secret and validates all requests by default, or one that uses a secret from your `app-config.yaml` to generate and validate tokens. + +```diff +// packages/backend/src/index.ts + +... +import { + ... ++ ServerTokenManager, +} from '@backstage/backend-common'; +... + +function makeCreateEnv(config: Config) { + ... + // CHOOSE ONE + // TokenManager not requiring a secret ++ const tokenManager = ServerTokenManager.noop(); + // OR TokenManager requiring a secret ++ const tokenManager = ServerTokenManager.fromConfig(config); + + ... + return (plugin: string): PluginEnvironment => { + ... +- return { logger, cache, database, config, reader, discovery }; ++ return { logger, cache, database, config, reader, discovery, tokenManager }; + }; +} +``` diff --git a/.changeset/green-toes-search.md b/.changeset/green-toes-search.md new file mode 100644 index 0000000000..2bdba7e31a --- /dev/null +++ b/.changeset/green-toes-search.md @@ -0,0 +1,28 @@ +--- +'@backstage/plugin-techdocs-backend': minor +--- + +**BREAKING** `DefaultTechDocsCollator` has a new required option `tokenManager`. See the create-app changelog for how to create a `tokenManager` and add it to the `PluginEnvironment`. It can then be passed to the collator in `createPlugin`: + +```diff +// packages/backend/src/plugins/search.ts + +... +export default async function createPlugin({ + ... ++ tokenManager, +}: PluginEnvironment) { + ... + + indexBuilder.addCollator({ + defaultRefreshIntervalSeconds: 600, + collator: DefaultTechDocsCollator.fromConfig(config, { + discovery, + logger, ++ tokenManager, + }), + }); + + ... +} +``` diff --git a/.changeset/lemon-moons-stare.md b/.changeset/lemon-moons-stare.md new file mode 100644 index 0000000000..4b7818d403 --- /dev/null +++ b/.changeset/lemon-moons-stare.md @@ -0,0 +1,5 @@ +--- +'@backstage/backend-common': patch +--- + +Create a `TokenManager` interface and `ServerTokenManager` implementation to generate and validate server tokens for authenticated backend-to-backend API requests. diff --git a/.changeset/odd-flowers-hope.md b/.changeset/odd-flowers-hope.md deleted file mode 100644 index b07af54680..0000000000 --- a/.changeset/odd-flowers-hope.md +++ /dev/null @@ -1,88 +0,0 @@ ---- -'@backstage/backend-common': patch -'@backstage/create-app': patch -'@backstage/plugin-catalog-backend': minor -'@backstage/plugin-techdocs-backend': minor ---- - -Create a TokenManager interface and ServerTokenManager implementation to generate and validate server tokens for authenticated backend-to-backend API requests. Incorporate usage of the tokenManager into the backend created using `create-app`. - -**BREAKING** `DefaultCatalogCollator` and `DefaultTechDocsCollator` now require a `tokenManager` to be passed in the `options` argument. - -In existing backends, update the `PluginEnvironment` to include a `tokenManager`: - -```diff -// packages/backend/src/types.ts - -... -import { - ... -+ TokenManager, -} from '@backstage/backend-common'; - -export type PluginEnvironment = { - ... -+ tokenManager: TokenManager; -}; -``` - -Then, create a `ServerTokenManager`. This can either be a `noop` that requires no secret and validates all requests by default, or one that uses a secret from your `app-config.yaml` to generate and validate tokens. - -```diff -// packages/backend/src/index.ts - -... -import { - ... -+ ServerTokenManager, -} from '@backstage/backend-common'; -... - -function makeCreateEnv(config: Config) { - ... - // CHOOSE ONE - // TokenManager not requiring a secret -+ const tokenManager = ServerTokenManager.noop(); - // OR TokenManager requiring a secret -+ const tokenManager = ServerTokenManager.fromConfig(config); - - ... - return (plugin: string): PluginEnvironment => { - ... -- return { logger, cache, database, config, reader, discovery }; -+ return { logger, cache, database, config, reader, discovery, tokenManager }; - }; -} -``` - -Finally, pull the `tokenManager` from the search plugin environment and pass it to both collators. - -```diff -// packages/backend/src/plugins/search.ts - -... -export default async function createPlugin({ - ... -+ tokenManager, -}: PluginEnvironment) { - ... - indexBuilder.addCollator({ - defaultRefreshIntervalSeconds: 600, - collator: DefaultCatalogCollator.fromConfig(config, { - discovery, -+ tokenManager, - }), - }); - - indexBuilder.addCollator({ - defaultRefreshIntervalSeconds: 600, - collator: DefaultTechDocsCollator.fromConfig(config, { - discovery, - logger, -+ tokenManager, - }), - }); - - ... -} -``` diff --git a/.changeset/young-bikes-argue.md b/.changeset/young-bikes-argue.md new file mode 100644 index 0000000000..a9f09cd12b --- /dev/null +++ b/.changeset/young-bikes-argue.md @@ -0,0 +1,27 @@ +--- +'@backstage/plugin-catalog-backend': minor +--- + +**BREAKING** `DefaultCatalogCollator` has a new required option `tokenManager`. See the create-app changelog for how to create a `tokenManager` and add it to the `PluginEnvironment`. It can then be passed to the collator in `createPlugin`: + +```diff +// packages/backend/src/plugins/search.ts + +... +export default async function createPlugin({ + ... ++ tokenManager, +}: PluginEnvironment) { + ... + + indexBuilder.addCollator({ + defaultRefreshIntervalSeconds: 600, + collator: DefaultCatalogCollator.fromConfig(config, { + discovery, ++ tokenManager, + }), + }); + + ... +} +```