Plugins & Integrations
Published on November 15th, 2022Overview
Roadie can be extended with a wide variety of plugins and integrations that connect your developer portal to the tools and services your teams use every day. These range from simple UI components that display data from external APIs to powerful backend integrations that automatically ingest entities into your catalog.
If an integration or plugin is supported by Roadie, adding a plugin can be done entirely within the Roadie UI.
Types of Plugins & Integrations
Integrations and plugins come in many shapes and sizes, but there are some common patterns.
Frontend Plugins
Frontend plugins render UI components within Roadie. They typically make API calls to external services and display the results as cards, tabs, or pages.
Examples include:
| Plugin | Description |
|---|---|
| PagerDuty | Shows on-call schedules and active incidents |
| Datadog | Displays dashboards and graphs |
| Jira | Shows linked issues and project status |
Frontend plugins usually require:
- An API token or secret stored in Roadie for authentication
- Component annotations to link catalog entities to external resources
- UI configuration to add cards or tabs to entity pages
Integrations: Entity Providers (Auto-Ingestion)
Entity providers automatically create and maintain entities in your catalog without requiring YAML files. They connect to external systems, discover resources, and register them as catalog entities.
Examples include:
| Integration | Description |
|---|---|
| AWS Resources | Ingests Lambda, EKS, S3, RDS, and other AWS resources |
| GitHub Teams | Imports users and groups from GitHub organisations |
| Okta | Syncs users and groups from Okta |
| Microsoft Graph | Imports users and groups from Azure AD |
| Kubernetes Ingestor | Creates entities from Kubernetes resources |
Entity providers typically require:
- Service account credentials or API tokens with read access
- Configuration specifying which resources to discover
- Mapping rules to transform external data into catalog entities
Integration: Auto-Discovery
Auto-discovery integrations scan your source code management systems to find and import catalog-info.yaml files automatically.
These include:
| Platform | Description |
|---|---|
| GitHub Discovery | Discovers catalog files across GitHub repos |
| GitLab | Scans GitLab projects for catalog files |
| Bitbucket | Discovers entities in Bitbucket workspaces |
| Azure DevOps | Finds catalog files in Azure repos |
| AWS S3 | Imports catalog files from S3 buckets |
Connectivity & Environments
Plugins and integrations need to connect to external services. Roadie supports three connectivity patterns depending on where your services are hosted:
| Environment | Description |
|---|---|
| Cloud Hosted | Direct connection to cloud services (GitHub.com, PagerDuty, Datadog, etc.) |
| Internet Accessible via IP Whitelist | Self-hosted services accessible from the internet; whitelist Roadie's IP ranges |
| Private Network via Broker | On-premise or private network services connected securely via the Roadie Broker |
Each plugin's documentation includes an "At a Glance" section showing which environments are supported.
The Roadie Broker
For services that aren't accessible from the public internet, the Roadie Broker provides a secure tunnel into your infrastructure.
Key benefits:
- Connections are established outbound from your network
- Tokens and credentials stay in your infrastructure
- You control exactly what Roadie can access via an allowlist
- Full audit logging of all requests
The Broker is commonly used for:
- Self-hosted GitHub Enterprise, GitLab, or Bitbucket
- Internal Kubernetes clusters
- On-premise Jenkins, SonarQube, or ArgoCD
- Any internal API or service
Authentication & Configuration
Secrets
Most plugins require API tokens or credentials to authenticate with external services. These are stored securely as Secrets in Roadie.
To configure a secret:
- Navigate to Administration → Secrets
- Find the secret name (e.g.,
PAGERDUTY_TOKEN) - Click the edit icon and paste your token
- Click Save
Proxies
Some plugins require a Proxy to route requests through Roadie's backend. Proxies handle authentication and can transform requests before forwarding them.
Types of proxies:
| Proxy Type | Use Case |
|---|---|
| Standard Proxy | Routes requests and injects authentication headers |
| Authenticated Proxy | Includes a Roadie-minted token for your service to verify |
Proxies are configured at Administration → Settings → Plugins → Proxy.
Integration-Specific Authentication
Some integrations use dedicated authentication mechanisms:
| Integration | Authentication Method |
|---|---|
| GitHub | GitHub App installed in your organisation |
| AWS | IAM Roles with cross-account trust |
| OAuth Client | |
| GitLab | OAuth or Personal Access Token |
Prerequisites
To configure plugins and integrations, you typically need:
- Admin access to your Roadie instance (Assigning Admins)
- API credentials from the external service
- Network access from Roadie to the service (or Broker configured)
Further Reading
| Topic | Description |
|---|---|
| Configuring Backstage Plugins | Add plugin UI components to your pages |
| Setting Secrets | Store API tokens securely |
| Broker Integration | Connect to private network services |
| Custom Plugins | Build your own plugins for Roadie |
