Add GitHub auth to dev environment (#2188)

Signed-off-by: Marek Libra <marek.libra@gmail.com>

Author: mareklibra

workspaces/x2a/.changeset/jolly-lizards-heal.md

@@ -0,0 +1,7 @@
+---
+'@red-hat-developer-hub/backstage-plugin-x2a-backend': patch
+'@red-hat-developer-hub/backstage-plugin-x2a-common': patch
+'@red-hat-developer-hub/backstage-plugin-x2a': patch
+---
+
+Add configuration for GitHub auth provider in the DEV env

workspaces/x2a/app-config.yaml

@@ -67,9 +67,25 @@ techdocs:
 
 auth:
   # see https://backstage.io/docs/auth/ to learn about auth providers
+  environment: development
   providers:
     # See https://backstage.io/docs/auth/guest/provider
     guest: {}
+    gitlab:
+      development:
+        clientId: ${AUTH_GITLAB_CLIENT_ID}
+        clientSecret: ${AUTH_GITLAB_CLIENT_SECRET}
+        signIn:
+          resolvers:
+            - resolver: emailMatchingUserEntityProfileEmail
+            # - resolver: usernameMatchingUserEntityName
+    github:
+      development:
+        clientId: ${AUTH_GITHUB_CLIENT_ID}
+        clientSecret: ${AUTH_GITHUB_CLIENT_SECRET}
+        signIn:
+          resolvers:
+            - resolver: emailMatchingUserEntityProfileEmail
 
 scaffolder: {}
   # see https://backstage.io/docs/features/software-templates/configuration for software template options
@@ -80,3 +96,20 @@ catalog:
     pullRequestBranchName: backstage-integration
   rules:
     - allow: [Component, System, API, Resource, Location]
+  locations:
+    - type: file
+      target: ../../entities/users.yaml
+      rules:
+        - allow: [User]
+
+permission:
+  # Reenable when the RBAC plugin is loaded
+  enabled: false
+  rbac:
+    policies-csv-file: ../../entities/example-rbac-policy.csv
+    policyFileReload: true
+    pluginsWithPermission:
+      - x2a
+    admin:
+      users:
+        - name: user:default/mareklibra

workspaces/x2a/entities/example-rbac-policy.csv

@@ -0,0 +1,7 @@
+p, role:default/x2aAdmin, x2a.admin, read, allow
+p, role:default/x2aAdmin, x2a.admin, update, allow
+
+p, role:default/x2aUser, x2a.user, update, allow
+
+g, user:development/guest, role:default/x2aUser
+g, user:default/mareklibra, role:default/x2aAdmin

workspaces/x2a/entities/users.yaml

@@ -0,0 +1,10 @@
+---
+apiVersion: backstage.io/v1alpha1
+kind: User
+metadata:
+  name: mareklibra
+spec:
+  profile:
+    displayName: Marek Libra
+    email: foo@bar.com
+  memberOf: []

workspaces/x2a/plugins/x2a-backend/dev/index.ts

@@ -14,61 +14,27 @@
  * limitations under the License.
  */
 import { createBackend } from '@backstage/backend-defaults';
-import { mockServices } from '@backstage/backend-test-utils';
-import { catalogServiceMock } from '@backstage/plugin-catalog-node/testUtils';
-
-// TEMPLATE NOTE:
-// This is the development setup for your plugin that wires up a
-// minimal backend that can use both real and mocked plugins and services.
-//
-// Start up the backend by running `yarn start` in the package directory.
-// Once it's up and running, try out the following requests:
-//
-// Create a new todo item, standalone or for the sample component:
-//
-//   curl http://localhost:7007/api/x2a/todos -H 'Content-Type: application/json' -d '{"title": "My Todo"}'
-//   curl http://localhost:7007/api/x2a/todos -H 'Content-Type: application/json' -d '{"title": "My Todo", "entityRef": "component:default/sample"}'
-//
-// List TODOs:
-//
-//   curl http://localhost:7007/api/x2a/todos
-//
-// Explicitly make an unauthenticated request, or with service auth:
-//
-//   curl http://localhost:7007/api/x2a/todos -H 'Authorization: Bearer mock-none-token'
-//   curl http://localhost:7007/api/x2a/todos -H 'Authorization: Bearer mock-service-token'
+// import { catalogServiceMock } from '@backstage/plugin-catalog-node/testUtils';
 
 const backend = createBackend();
 
+// TODO: Needs more work, failing:
+// - The @backstage/plugin-permission-backend in PluginPermissionMetadataCollector.permissionFactory() calls FetchUrlReader constructor with no params which is not supported (options are mandatory). Causing access to undefined.
+// backend.add(import('@backstage/plugin-permission-backend'));
+// backend.add(import('@backstage-community/plugin-rbac-backend'))
+
 // TEMPLATE NOTE:
 // Mocking the auth and httpAuth service allows you to call your plugin API without
 // having to authenticate.
 //
 // If you want to use real auth, you can install the following instead:
-//   backend.add(import('@backstage/plugin-auth-backend'));
-//   backend.add(import('@backstage/plugin-auth-backend-module-guest-provider'));
-backend.add(mockServices.auth.factory());
-backend.add(mockServices.httpAuth.factory());
+backend.add(import('@backstage/plugin-auth-backend'));
+backend.add(import('@backstage/plugin-auth-backend-module-guest-provider'));
+backend.add(import('@backstage/plugin-auth-backend-module-github-provider'));
+// backend.add(mockServices.auth.factory());
+// backend.add(mockServices.httpAuth.factory());
 
-// TEMPLATE NOTE:
-// Rather than using a real catalog you can use a mock with a fixed set of entities.
-backend.add(
-  catalogServiceMock.factory({
-    entities: [
-      {
-        apiVersion: 'backstage.io/v1alpha1',
-        kind: 'Component',
-        metadata: {
-          name: 'sample',
-          title: 'Sample Component',
-        },
-        spec: {
-          type: 'service',
-        },
-      },
-    ],
-  }),
-);
+backend.add(import('@backstage/plugin-catalog-backend'));
 
 backend.add(import('../src'));
 

workspaces/x2a/plugins/x2a-backend/package.json

@@ -39,6 +39,10 @@
     "@backstage/backend-plugin-api": "^1.5.0",
     "@backstage/catalog-client": "^1.12.1",
     "@backstage/errors": "^1.2.7",
+    "@backstage/plugin-auth-backend": "^0.26.0",
+    "@backstage/plugin-auth-backend-module-github-provider": "^0.4.0",
+    "@backstage/plugin-auth-backend-module-guest-provider": "^0.2.15",
+    "@backstage/plugin-catalog-backend": "^3.3.1",
     "@backstage/plugin-catalog-node": "^1.20.0",
     "@backstage/plugin-permission-common": "^0.9.4",
     "@backstage/types": "^1.2.2",

workspaces/x2a/plugins/x2a/dev/index.tsx

@@ -15,6 +15,7 @@
  */
 import { createDevApp } from '@backstage/dev-utils';
 import { x2APlugin, X2APage } from '../src/plugin';
+import { githubAuthApiRef } from '@backstage/core-plugin-api';
 
 createDevApp()
   .registerPlugin(x2APlugin)
@@ -23,4 +24,10 @@ createDevApp()
     title: 'Root Page',
     path: '/x2a',
   })
+  .addSignInProvider({
+    id: 'github-auth-provider',
+    title: 'GitHub',
+    message: 'Sign in using GitHub',
+    apiRef: githubAuthApiRef,
+  })
   .render();

workspaces/x2a/plugins/x2a/package.json

@@ -34,12 +34,14 @@
     "postpack": "backstage-cli package postpack"
   },
   "dependencies": {
+    "@backstage/catalog-model": "^1.7.6",
     "@backstage/core-components": "^0.18.5",
     "@backstage/core-plugin-api": "^1.12.0",
     "@backstage/theme": "^0.7.0",
     "@material-ui/core": "^4.12.2",
     "@material-ui/icons": "^4.9.1",
     "@material-ui/lab": "4.0.0-alpha.61",
+    "@mui/material": "^7.3.7",
     "@red-hat-developer-hub/backstage-plugin-x2a-common": "workspace:*",
     "react-use": "^17.2.4"
   },