UNPKG

@coder/backstage-plugin-coder

Version:

Create and manage Coder workspaces from Backstage

coder/backstage-plugins

317 lines (241 loc) 9.75 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
# Integrate Coder Workspaces into Backstage Create and manage [Coder workspaces](https://coder.com/docs/v2/latest) from Backstage. ## Screenshots ![Coder authentication](./screenshots/coder-auth.png) ![Workspace list page](./screenshots/catalog-item.png) ## Features - Users link their Coder accounts with Backstage via tokens - Associate Coder workspaces with catalog items in Backstage - Workspace list component for viewing and managing workspaces ## Setup This assumes you already have a [Coder](https://github.com/coder/coder) deployment running. Replace `https://coder.example.com` with your Coder deployment access URL. This also assumes you have a template that has a parameter for a git repository URL (e.g. `git_repo_url`) that auto-clones the repository or uses [envbuilder](https://coder.com/docs/v2/latest/templates/devcontainers) to build the Dev Container. 1. If you have a standalone Backstage app (you didn't clone this repo), then do ```bash yarn --cwd packages/app add @coder/backstage-plugin-coder ``` 2. Add the proxy key to your `app-config.yaml`: ```yaml proxy: endpoints: '/coder': # Replace with your Coder deployment access URL (add a trailing slash) target: 'https://coder.example.com/' changeOrigin: true # Add methods based on what API calls you need allowedMethods: ['GET', 'POST'] allowedHeaders: ['Authorization', 'Coder-Session-Token'] headers: X-Custom-Source: backstage ``` 3. Add the `CoderProvider` to the application: ```tsx // packages/app/src/App.tsx import { type CoderAppConfig, CoderProvider, } from '@coder/backstage-plugin-coder'; const appConfig: CoderAppConfig = { deployment: { accessUrl: 'https://coder.example.com', }, // Set the default template (and parameters) for // catalog items. Individual properties can be overridden // by a repo's catalog-info.yaml file workspaces: { defaultTemplateName: 'devcontainers', defaultMode: 'manual', // This property defines which parameters in your Coder // workspace templates are used to store repository links repoUrlParamKeys: ['custom_repo', 'repo_url'], params: { repo: 'custom', region: 'eu-helsinki', }, }, }; // ... export default app.createRoot( <CoderProvider appConfig={appConfig}> <AlertDisplay /> <OAuthRequestDialog /> <AppRouter> <Root>{routes}</Root> </AppRouter> </CoderProvider>, ); ``` **Note:** You can also wrap a single page or component with `CoderProvider` if you only need Coder in a specific part of your app. See our [API reference](./docs/README.md) (particularly the section on [the `CoderProvider` component](./docs/components.md#coderprovider)) for more details. 4. Add the `CoderWorkspacesCard` card to the entity page in your app: ```tsx // packages/app/src/components/catalog/EntityPage.tsx import { CoderWorkspacesCard } from '@coder/backstage-plugin-coder'; // We recommend placing the component inside of overviewContent const overviewContent = ( <Grid container spacing={3} alignItems="stretch"> {entityWarningContent} <Grid item md={6}> <EntityAboutCard variant="gridItem" /> </Grid> {/* Coder component should go inside Grid to help it work with MUI layouts */} <Grid item md={6} xs={12}> <CoderWorkspacesCard readEntityData /> </Grid> {/* Other elements for overviewContent go here */} </Grid> ); ``` ### OAuth2 Authentication Setup The Coder plugin uses Backstage's native OAuth2 system for secure authentication. This requires both backend and frontend configuration. > [!NOTE] > **New Backend System Required**: This setup uses Backstage's New Backend System and the `@coder/plugin-auth-backend-module-coder-provider` module. #### Two Ways to Use Coder Authentication Coder is registered as an auth provider. You can use it for: **Resource Access (Default)** - Users authenticate to Coder via button in workspace card for API access. **Sign-In Provider (Optional)** - Users can sign in to Backstage with Coder for seamless workspace access. > [!TIP] > Resource Access = backend + frontend setup below. Sign-In Provider = Resource Access + signIn configuration (see Optional section). #### Backend Setup 1. **Install the auth backend module**: ```bash yarn workspace backend add @coder/plugin-auth-backend-module-coder-provider ``` 2. **Register the module** in `packages/backend/src/index.ts`: ```typescript backend.add(import('@coder/plugin-auth-backend-module-coder-provider')); ``` 3. **Create an OAuth2 application in Coder**: - Navigate to **Deployment Settings → OAuth2 Applications** in your Coder deployment - Create a new application - Set the callback URL to: `https://your-backstage-instance.com/api/auth/coder/handler/frame` - For local development: `http://localhost:7007/api/auth/coder/handler/frame` - Save the client ID and client secret 4. **Configure OAuth credentials** in `app-config.yaml` (use environment variables): ```yaml auth: providers: coder: development: clientId: ${CODER_OAUTH_CLIENT_ID} clientSecret: ${CODER_OAUTH_CLIENT_SECRET} deploymentUrl: ${CODER_DEPLOYMENT_URL} ``` For complete backend setup details, see [@coder/plugin-auth-backend-module-coder-provider README](../auth-backend-module-coder-provider/README.md). #### Frontend Setup (Required) **Register the Coder auth API** in `packages/app/src/apis.ts`: ```typescript import { OAuth2 } from '@backstage/core-app-api'; import { coderAuthApiRef } from '@coder/backstage-plugin-coder'; import { discoveryApiRef, oauthRequestApiRef, configApiRef, createApiFactory, } from '@backstage/core-plugin-api'; export const apis: AnyApiFactory[] = [ // ... other APIs createApiFactory({ api: coderAuthApiRef, deps: { discoveryApi: discoveryApiRef, oauthRequestApi: oauthRequestApiRef, configApi: configApiRef, }, factory: ({ discoveryApi, oauthRequestApi, configApi }) => OAuth2.create({ discoveryApi, oauthRequestApi, provider: { id: 'coder', title: 'Coder', icon: () => null, }, environment: configApi.getOptionalString('auth.environment'), defaultScopes: [], }), }), ]; ``` #### Optional: Enable Sign-In Provider To enable Coder as a Backstage sign-in provider (users can sign in to Backstage with Coder): 1. **Add sign-in resolver** to your existing `auth.providers.coder` configuration in `app-config.yaml`: ```yaml auth: providers: coder: development: # ... OAuth credentials above signIn: resolvers: - resolver: usernameMatchingUserEntityName ``` 2. **Configure SignInPage** in `packages/app/src/App.tsx`: ```typescript import { coderAuthApiRef } from '@coder/backstage-plugin-coder'; import { SignInPage } from '@backstage/core-components'; const app = createApp({ components: { SignInPage: props => ( <SignInPage {...props} providers={[ { id: 'coder-auth-provider', title: 'Coder', message: 'Sign in using Coder', apiRef: coderAuthApiRef, }, // ... other providers ]} /> ), }, }); ``` 3. **Add to User Settings** (shows connected providers): ```typescript import { CoderProviderSettings } from '@coder/backstage-plugin-coder'; import { UserSettingsPage } from '@backstage/plugin-user-settings'; <Route path="/settings" element={<UserSettingsPage providerSettings={<CoderProviderSettings />} />} />; ``` #### How OAuth Works - **Resource Access:** Click "Sign in with Coder OAuth" in workspace card → OAuth popup → token stored - **Sign-In Provider:** Sign in via Backstage login page → token automatically available Both support managing connections in Settings → Authentication Providers. Token persistence and refresh handled by Backstage's `OAuth2` helper. ### `catalog-info.yaml` files In addition to the above, you can define additional properties on your specific repo's `catalog-info.yaml` file. Example: ```yaml apiVersion: backstage.io/v1alpha1 kind: Component metadata: name: python-project spec: type: other lifecycle: unknown owner: pms # Properties for the Coder plugin are placed here coder: templateName: 'devcontainers' mode: 'auto' params: repo: 'custom' region: 'us-pittsburgh' ``` You can find more information about what properties are available (and how they're applied) in our [`catalog-info.yaml` file documentation](./docs/api-reference/catalog-info.md). ## Roadmap This plugin is in active development. The following features are planned: - [x] OAuth2 support (vs. token auth) for linking Coder accounts - [ ] Example component using the Coder API to make authenticated requests on behalf of the user - [ ] Add support for only rendering component if `catalog-info.yaml` indicates the item is compatible with Coder - [ ] OAuth support (vs. token auth) for linking Coder accounts - [ ] "Open in Coder" button/card component for catalog items - [ ] Example creating workspaces with Backstage Scaffolder - [ ] Example dedicated "Coder" page in Backstage ## Contributing This plugin is part of the Backstage community. We welcome contributions!