search

awslabs / app-development-for-backstage-io-on-aws

A developer portal to meet your Enterprise needs. Fast, secure, and at-scale.
https://opaonaws.io/
Apache License 2.0
160 stars 28 forks source link

Can't use due to an issue creating from any of the provided templates. #14

Closed m0un10 closed 1 year ago

m0un10 commented 1 year ago

Cool project! I just finished watching the videos and tried to take it for a spin with the serverless app.

Given these inputs

Screenshot 2023-06-23 at 7 39 07 am

it fails with

Screenshot 2023-06-23 at 7 39 53 am

The error in the log is as follows

InputError: Invalid input passed to action baws:create-s3-bucket, instance requires property "envProviders"[3](http://localhost:3000/create/tasks/5d11026d-1e25-489e-8e30-cec88ad6d55d#line-3)    at NunjucksWorkflowRunner.executeStep (/Users/omitted/work/open/[github.com/awslabs/app-development-for-backstage-io-on-aws/backstage/node_modules/@backstage/plugin-scaffolder-backend/dist/cjs/ScaffolderEntitiesProcessor-d9bc7a90.cjs.js:5773:17

The log of bawsGetAwsEnvProviders step which is supposed to provide the envProviders is

Screenshot 2023-06-23 at 7 39 39 am

It's using the latest template (at the time of writing).. https://github.com/awslabs/app-development-for-backstage-io-on-aws/blob/b4ca094/backstage-reference/templates/example-serverless-rest-api/template.yaml

I get similar issues from the baws:deploy-boilerplate action in the other templates. Similarly, it succeeds but fails on the next actions (e.g. baws:create-secret) which has to use it's outputs. The error is Invalid input passed to action baws:create-secret, instance requires property "accountId", instance requires property "region".

For what it's worth, the default Node template worked fine. It's the one that just creates the node repo in github and doesn't use any of the AWS plugins.

In summary, I don't think we're able to use this extension to Backstage in any meaningful way yet. But we would love to!

acwatson commented 1 year ago

Hi m0un10. Thanks for your interest in our project!

It looks like something is not quite right with your Backstage user session. The error message you are seeing that says "No user context provided for action" is written out when the code can't get a reference to the Backstage entity for the current user.

Did you have any issues logging in or with the identity provider configurations? You could try logging out and logging in again.

m0un10 commented 1 year ago

I switched out the Okta part and I'm using Guest for evaluation. If my configuration is wrong, maybe the prior step could fail with an error rather than sending a null/empty value to the next step?

Any suggestions for bumping up the logging around the baws:get-env-providers or baws:deploy-boilerplate actions to get more insights? They both seem to fail to grab the user context and if that's the root cause, it would be good to get more feedback to help with a resolution.

z-sourcecode commented 1 year ago

Hi @m0un10 Thanks for your feedback. The solution needs an identity provider(Okta/AD etc..) configured in order to resolve your user associated groups. those groups are associated with permitted IAM roles(In a dynamodb security table) which is necessary in order to provision resources on your AWS account.

Please review our videos and follow the readMe instructions and let us know if you managed to resolve the issue.

As for the error handling: We relay on backstage user context and API to provide us information about the user, which is why the error isn't descriptive. but we will work on improving the errors messaging to handle scenarios like this.