Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: Plugin doesn't work with the new backend architecture #8

Open
javier-fiore opened this issue Jun 25, 2024 · 3 comments
Open

Error: Plugin doesn't work with the new backend architecture #8

javier-fiore opened this issue Jun 25, 2024 · 3 comments

Comments

@javier-fiore
Copy link

When we try to use this plugin whit the new backend architecture, we receive a 401 unauthorized when it try to access to circleCI api.

Maybe you must update this repo with the scaffolding created with create-app program to make it work with the new backstage.
@supersol
Copy link

supersol commented Jul 5, 2024

@javier-fiore
Maybe this helps. Lots of googling brought me here. I think they just gave up supporting this plugin. I'm using the one from the older repo @backstage/plugin-circleci
And I also had this issue. So I solved it adding

    proxy:
      endpoints:
        /circleci/api:
          changeOrigin: true
          headers:
            Circle-Token: ${CIRCLECI_AUTH_TOKEN}
          target: https://circleci.com/api/v1.1
          credentials: dangerously-allow-unauthenticated

I have all the setup in local network so for me it's pretty safe. Backstage forced auth internally between plugins. I have no idea where do I need set those internal credentials, so I just allowed access without them.
https://backstage.io/docs/plugins/proxying/

@javier-fiore
Copy link
Author

@javier-fiore Maybe this helps. Lots of googling brought me here. I think they just gave up supporting this plugin. I'm using the one from the older repo @backstage/plugin-circleci And I also had this issue. So I solved it adding

    proxy:
      endpoints:
        /circleci/api:
          changeOrigin: true
          headers:
            Circle-Token: ${CIRCLECI_AUTH_TOKEN}
          target: https://circleci.com/api/v1.1
          credentials: dangerously-allow-unauthenticated

I have all the setup in local network so for me it's pretty safe. Backstage forced auth internally between plugins. I have no idea where do I need set those internal credentials, so I just allowed access without them. https://backstage.io/docs/plugins/proxying/

It works, but I am afraid to use this kind of configuration. At this time, ti works as workaround, but i think that there is a bug here. Thanks a lot!

@phclark
Copy link

phclark commented Aug 28, 2024

+1, requiring adopters to disable backend authentication shouldn't be an acceptable workaround for production systems. Looking through the code, it looks like this plugin uses the circleci-api package to make requests, overwriting the URL to use the backend proxy. I think it should be possible to use the Backstage IdentityApi to add the user's Backstage authentication information to the request so that the Backstage backend auth system doesn't return a 401, but would leave this up to the maintainers to decide the best path here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@javier-fiore @supersol @phclark