ARC-101 - permission related fixes (#246)

sadarunnisa-sf · web-flow · commit 87066a533424 · 2025-06-13T22:09:45.000+05:30
## Description

Please include a summary of the change and which issue is fixed. Please
also include relevant motivation and context. List any dependencies that
are required for this change.

Fixes # (issue)

## Type of change

Please delete options that are not relevant.

- [ ] Bug fix (non-breaking change which fixes an issue)
- [X] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] Intermediate change (work in progress)

## How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration

- [ ] Test A
- [ ] Test B

## Checklist:

- [ ] Performed a self-review of my own code
- [ ] npm test passes on your machine
- [ ] New tests added or existing tests modified to cover all changes
- [ ] Code conforms with the style guide
- [ ] API Documentation in code was updated
- [ ] Any dependent changes have been merged and published in downstream
modules
diff --git a/app-config.yaml b/app-config.yaml
@@ -311,7 +311,3 @@ catalog:
 # kubernetes:
 # see https://backstage.io/docs/features/kubernetes/configuration for kubernetes configuration options
 # see https://backstage.io/docs/permissions/getting-started for more on the permission framework
-
-## setting this to `false` will disable permissions
-permission:
-  enabled: true
diff --git a/packages/backend/package.json b/packages/backend/package.json
@@ -36,6 +36,7 @@
     "@backstage/plugin-auth-node": "^0.5.2",
     "@backstage/plugin-catalog-backend": "^1.26.0",
     "@backstage/plugin-catalog-backend-module-github": "^0.7.3",
+    "@backstage/plugin-catalog-backend-module-github-org": "^0.3.10",
     "@backstage/plugin-catalog-backend-module-logs": "^0.1.0",
     "@backstage/plugin-catalog-backend-module-scaffolder-entity-model": "^0.2.0",
     "@backstage/plugin-kubernetes-backend": "^0.18.6",
diff --git a/packages/backend/src/index.ts b/packages/backend/src/index.ts
@@ -4,11 +4,11 @@ import { createBackendModule } from '@backstage/backend-plugin-api';
 
 import { scaffolderActionsExtensionPoint } from '@backstage/plugin-scaffolder-node/alpha';
 import { createMicroserviceAction } from './plugins/sourceloop-ms';
+import { createExtensionAction } from './plugins/sourceloop-extension';
 import { createScaffoldAction } from './plugins/sourceloop-scaffold';
 import { modifyIaCModules } from './plugins/iac-scaffold';
 import { deleteDirectory } from './plugins/iac-scaffold';
 
-
 const scaffolderModuleCustomExtensions = createBackendModule({
   pluginId: 'scaffolder', // name of the plugin that the module is targeting
   moduleId: 'arc-microservice',
@@ -21,6 +21,7 @@ const scaffolderModuleCustomExtensions = createBackendModule({
         scaffolder.addActions(
           createMicroserviceAction(),
           createScaffoldAction(),
+          createExtensionAction(),
           modifyIaCModules(),
           deleteDirectory()
         );
@@ -30,6 +31,7 @@ const scaffolderModuleCustomExtensions = createBackendModule({
 });
 
 
+
 const backend = createBackend();
 
 backend.add(import('@backstage/plugin-app-backend/alpha'));
@@ -48,10 +50,6 @@ backend.add(import('./extensions/catalogPermissionRules'));
 // See https://backstage.io/docs/features/software-catalog/configuration#subscribing-to-catalog-errors
 backend.add(import('@backstage/plugin-catalog-backend-module-logs'));
 
-// permission plugin
-backend.add(import('@backstage/plugin-permission-backend/alpha'));
-backend.add(import('./plugins/permission'));
-
 // search plugin
 backend.add(import('@backstage/plugin-search-backend/alpha'));
 // search engine
@@ -72,4 +70,5 @@ backend.add(import('@backstage-community/plugin-jenkins-backend'));
 backend.add(
   import('@internal/backstage-plugin-jenkins-with-reporting-backend-backend'),
 );
+
 backend.start();
diff --git a/packages/backend/src/plugins/sourceloop-extension.ts b/packages/backend/src/plugins/sourceloop-extension.ts
@@ -4,24 +4,27 @@ import { createTemplateAction } from '@backstage/plugin-scaffolder-node';
 import * as utils from '../utility';
 
 export function createExtensionAction() {
-  return createTemplateAction({
-    id: 'run:extension',
-    description: 'Create all the provided extension',
-    schema: {
-      input: {
-        type: 'object',
-        required: ['extensions'],
-        properties: {
-          extensions: {
-            title: 'Extension List',
-            description: 'List of the extensions to generate',
-            type: 'array',
+ 
+  return createTemplateAction<{
+    command: string;
+  }>({
+        id: 'run:extension',
+        description: 'Create all the provided extension',
+        schema: {
+          input: {
+            type: 'object',
+            required: ['extensions'],
+            properties: {
+              extensions: {
+                title: 'Extension List',
+                description: 'List of the extensions to generate',
+                type: 'array',
+              },
+            },
           },
-        },
-      },
     },
     async handler(ctx: any) { // NOSONAR
-
+      ctx.logger.info('Running extension command', ctx.input, ctx.input.command);
       const extensions = ctx.input.extensions;
       const cwd=ctx.workspacePath;
       if (extensions) {
diff --git a/packages/backend/src/plugins/sourceloop-ms.ts b/packages/backend/src/plugins/sourceloop-ms.ts
@@ -62,6 +62,7 @@ export function createMicroserviceAction() {
           process.chdir(cwd);
           if (sourceloop) {
             ctx.logger.info(`Generating service based on ${service}`);
+            try{
             await utils.runWithEnv(env, 'microservice', [service, '-y'], {
               uniquePrefix: prefix,
               baseService: service,
@@ -75,10 +76,16 @@ export function createMicroserviceAction() {
                 ...utils.buildOptions,
               }),
             });
+          } catch (e) {
+            ctx.logger.error(`Error generating service based on ${service}`, e);
+            ctx.logger.error(`Error: ${e}`);
+            process.chdir(originalCwd);
+          }
             ctx.logger.info('Done');
           } else {
             if(facade) {
               ctx.logger.info(`Generating facade: ${service}`);
+              try{
               await utils.runWithEnv(env, 'microservice', [service.name, '-y'], {
                 uniquePrefix: prefix,
                 facade: true,
@@ -88,9 +95,15 @@ export function createMicroserviceAction() {
                   ...utils.buildOptions,
                 }),
               });
+            } catch (e) { 
+              ctx.logger.error(`Error generating facade: ${service}`, e);
+              ctx.logger.error(`Error: ${e}`);
+              process.chdir(originalCwd);
+            }
               ctx.logger.info(`Done generating facade: ${service}`);
             } else {
               ctx.logger.info(`Generating microservice: ${service.name}`);
+              try{
               await utils.runWithEnv(env, 'microservice', [service.name, '-y'], {
                 uniquePrefix: prefix,
                 datasourceType: databaseType,
@@ -102,6 +115,12 @@ export function createMicroserviceAction() {
                   ...utils.buildOptions,
                 }),
               });
+            }
+            catch (e) {
+              ctx.logger.error(`Error generating microservice: ${service.name}`, e);
+              ctx.logger.error(`Error: ${e}`);
+              process.chdir(originalCwd);
+            }
               ctx.logger.info(`Done generating microservice: ${service.name}`);
             }
           }
diff --git a/packages/backend/src/plugins/sourceloop-scaffold.ts b/packages/backend/src/plugins/sourceloop-scaffold.ts
@@ -36,6 +36,7 @@ export function createScaffoldAction() {
       },
     },
     async handler(ctx: any) { // NOSONAR
+       
       const { signal } = ctx;
       ctx.logger.info(`Templating using Yeoman generator: ${ctx.input.name}`);
 
@@ -47,6 +48,7 @@ export function createScaffoldAction() {
       const description=ctx.input.description;
       const env = utils.getEnv(cwd, 'scaffold');
       const originalCwd = process.cwd();
+      try {
       console.log("originalCwd -------",originalCwd);
       process.chdir(cwd);
       console.log("new workspacepath cwd -------",cwd);
@@ -58,15 +60,24 @@ export function createScaffoldAction() {
         description,
         integrateWithBackstage: true,
       });
+     
+    } catch (e) {
+      console.log("error in scaffold action -------",e);
+      ctx.logger.error(`Error: ${e}`);  
       process.chdir(originalCwd);
-      console.log("again updated to  originalCwd-------",originalCwd);
+    }
+      process.chdir(originalCwd);
+      console.log("updated to  originalCwd-------",originalCwd);
       await mkdir(`${ctx.workspacePath}/.github/workflows`,()=>{});
       await writeFile(
         `${ctx.workspacePath}/.github/workflows/build-image.yaml`,
         GITHUB_DOCKER_BUILD_ACTION,
         { signal },
         _ => {},
       );
+    
+
     },
+    
   });
 }
diff --git a/patches/@backstage+plugin-auth-node+0.5.2.patch b/patches/@backstage+plugin-auth-node+0.5.2.patch
@@ -0,0 +1,135 @@
+diff --git a/node_modules/@backstage/plugin-auth-node/dist/index.cjs.js b/node_modules/@backstage/plugin-auth-node/dist/index.cjs.js
+index d19613e..3a4bfa1 100644
+--- a/node_modules/@backstage/plugin-auth-node/dist/index.cjs.js
++++ b/node_modules/@backstage/plugin-auth-node/dist/index.cjs.js
+@@ -7,6 +7,7 @@ var jose = require('jose');
+ var url = require('url');
+ var pickBy = require('lodash/pickBy');
+ var zodToJsonSchema = require('zod-to-json-schema');
++var {stringifyEntityRef}  = require('@backstage/catalog-model');
+ 
+ function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e : { default: e }; }
+ 
+@@ -857,39 +858,93 @@ function createSignInResolverFactory(options) {
+   return factory;
+ }
+ 
+-function readDeclarativeSignInResolver(options) {
+-  const resolvers = options.config.getOptionalConfigArray("signIn.resolvers")?.map((resolverConfig) => {
+-    const resolverName = resolverConfig.getString("resolver");
+-    if (!Object.hasOwn(options.signInResolverFactories, resolverName)) {
+-      throw new Error(
+-        `Sign-in resolver '${resolverName}' is not available`
++const getUserEntity = async (info, ctx) => {
++    const { fullProfile } = info.result;
++    const userId = fullProfile.username;
++    if (!userId) {
++      throw new Error(`GitHub user profile does not contain a username`);
++    }
++
++    const userEntity = stringifyEntityRef({
++      kind: "User",
++      name: userId,
++      namespace:"default"
++
++    });
++    return ctx.issueToken({
++      claims: {
++        sub: userEntity,
++        ent: [userEntity],
++      }
++    });
++  };
++
++  function readDeclarativeSignInResolver(options) {
++    const resolvers = options.config.getOptionalConfigArray("signIn.resolvers")?.map((resolverConfig) => {
++      const resolverName = resolverConfig.getString("resolver");
++      if (!Object.hasOwn(options.signInResolverFactories, resolverName)) {
++        throw new Error(
++          `Sign-in resolver '${resolverName}' is not available`
++        );
++      }
++      const resolver = options.signInResolverFactories[resolverName];
++      const { resolver: _ignored, ...resolverOptions } = resolverConfig.get();
++      return resolver(
++        Object.keys(resolverOptions).length > 0 ? resolverOptions : void 0
+       );
++    }) ?? [];
++    if (resolvers.length === 0) {
++      return void 0;
+     }
+-    const resolver = options.signInResolverFactories[resolverName];
+-    const { resolver: _ignored, ...resolverOptions } = resolverConfig.get();
+-    return resolver(
+-      Object.keys(resolverOptions).length > 0 ? resolverOptions : void 0
+-    );
+-  }) ?? [];
+-  if (resolvers.length === 0) {
+-    return void 0;
+-  }
+-  return async (profile, context) => {
+-    for (const resolver of resolvers) {
+-      try {
+-        return await resolver(profile, context);
+-      } catch (error) {
+-        if (error?.name === "NotFoundError") {
+-          continue;
++    return async (profile, context) => {
++      for (const resolver of resolvers) {
++        try {
++          return await getUserEntity(profile, context);
++        } catch (error) {
++          if (error?.name === "NotFoundError") {
++            console.log ('resolver error---------------',error, error?.name);
++            continue;
++          }
++          throw error;
+         }
+-        throw error;
+       }
+-    }
+-    throw new Error(
+-      "Failed to sign-in, unable to resolve user identity. Please verify that your catalog contains the expected User entities that would match your configured sign-in resolver."
+-    );
+-  };
+-}
++      throw new Error("Failed to sign-in, unable to resolve user identity");
++    };
++  }
++
++// function readDeclarativeSignInResolver(options) {
++//   const resolvers = options.config.getOptionalConfigArray("signIn.resolvers")?.map((resolverConfig) => {
++//     const resolverName = resolverConfig.getString("resolver");
++//     if (!Object.hasOwn(options.signInResolverFactories, resolverName)) {
++//       throw new Error(
++//         `Sign-in resolver '${resolverName}' is not available`
++//       );
++//     }
++//     const resolver = options.signInResolverFactories[resolverName];
++//     const { resolver: _ignored, ...resolverOptions } = resolverConfig.get();
++//     return resolver(
++//       Object.keys(resolverOptions).length > 0 ? resolverOptions : void 0
++//     );
++//   }) ?? [];
++//   if (resolvers.length === 0) {
++//     return void 0;
++//   }
++//   return async (profile, context) => {
++//     for (const resolver of resolvers) {
++//       try {
++//         return await resolver(profile, context);
++//       } catch (error) {
++//         if (error?.name === "NotFoundError") {
++//           continue;
++//         }
++//         throw error;
++//       }
++//     }
++//     throw new Error(
++//       "Failed to sign-in, unable to resolve user identity. Please verify that your catalog contains the expected User entities that would match your configured sign-in resolver."
++//     );
++//   };
++// }
+ 
+ const reEmail = /^([^@+]+)(\+[^@]+)?(@.*)$/;
+ exports.commonSignInResolvers = void 0;
diff --git a/patches/@backstage+plugin-catalog-backend+1.26.0.patch b/patches/@backstage+plugin-catalog-backend+1.26.0.patch
diff --git a/patches/@backstage+plugin-scaffolder-backend-module-github+0.5.0.patch b/patches/@backstage+plugin-scaffolder-backend-module-github+0.5.0.patch
diff --git a/yarn.lock b/yarn.lock
