Backstage Weekly 78 - Simplified Microsoft Auth, Scaffolder breaking change, first Project Area Maintainers
By Jorge Lainfiesta • April 10th, 2023Hi y’all! Happy Easter for those celebrating with a Monday off! For the rest of us, let’s at least celebrate these Backstage updates and mind a small heads-up:
- Microsoft (ie. Azure) Auth provider now manages more complexity, so you don’t have to
- The first Project Area Maintainers are now listed on GitHub!
- Watch out for errors in your Scaffolder templates: a bug was introduced in the
EntityPickerin 1.12 - BONUS: Attending KubeCon EU? I’ll be giving a talk on selling Backstage to internal and external stakeholders on Friday at 11 am. See you there!
Microsoft Auth provider now manages tokens for multiple resources
jamieklassen contributed a whole round of improvements to the Microsoft Auth provider, from backend tests to frontend token management. The goal is to make the Microsoft Auth Provider to only negotiate the strictly needed permissions. For instance, when requesting Azure tokens (e.g. AKS, Virtual Machines, Machine, Learning Services, etc.), the Provider will not hit the Microsoft endpoint or fetch user info when refreshing scoped permissions.
This improved Microsoft Auth provider will be released as part of Backstage 1.13, expected next week. Check out the PR for additional context.
Using managed Backstage lets you focus on building value for your team instead of learning internals and upgrading your instance. Get a Roadie Backstage demo
New Project Area Maintainers
With the new governance model in place, the Backstage team has started to execute it. Firstly, they promoted org members and enabled a form to request access to existing contributors. If you’ve made contributions for three months or more, open an issue with your Org Membership request.
Last week, the current Project Areas got their assignees merged into main. As outlined in the Governance doc, Project Area Maintainers “are expected to review and merge pull requests towards their area, and also drive development and manage tech health.” This is the highest contributor tier before being a Core Maintainer.
The existing areas include Catalog, Discoverability, Kubernetes, and TechDocs, assigned to Spotify teams.
An area worthy of special mention is Helm Charts, whose owners include Andrew Block and Tom Coufal from Red Hat. This marks Backstage’s first official ownership delegation to organizations outside of Spotify.
Bug: Scaffolder’s EntityPicker and GitHub Groups
If you’ve upgraded to Backstage 1.12, you may experience problems with your Scaffolder templates that use EntityPicker and GitHub’s groups. The bug was introduced by #16577, which enables support for full entity refs. The problem is that full entity refs are unlikely to match the group IDs fetched from GitHub, leading to access errors when executing the template.
The bug will be fixed on Backstage 1.13, thanks to Ben’s PR, which will include a way to extract which value to get out of a step by using pick. In the meantime, you can manually extract the Group ref without the entity path with something like Gra.
KubeCon EU: Backstage every day!
Starting from Tuesday 18th, with the Backstage project meeting, two Spotify talks on Wednesday, an adopter Talk on Thursday, and two business talks on Friday.
My talk is about empowering Backstage champions to feel more confident when selling the framework internally and externally. Immediately after—you don’t even have to change rooms!—, you’ll hear from Kasper Nissen and Brian Nielsen on how they used Backstage to drive compliance at Lunar Bank.
Let me know if you’re attending KubeCon, I’d love to catch up with you IRL! You can reply to this email and I’ll get back to you.
Talk to you next week!
Jorge L