Debanitrkl
commented
4 months ago Hi @stuartsaid thanks for pointing this out, we have already merged the fix https://github.com/harness/backstage-plugins/pull/136 for this, will release the newer version of the plugin soon, till then you can use the following in app-config.yaml to make the plugin work.
proxy:
endpoints:
'/harness/prod':
target: https://app.harness.io/
+ credentials: dangerously-allow-unauthenticated
headers:
x-api-key: ${X-API-KEY}
stuartsaid
In Backstage v1.26.0 the backend was made secure by default, this includes the backend proxy which is used with the harness CI plugin. https://backstage.io/docs/releases/v1.26.0#auth-improvements
However requests from the CI plugin frontend do not include an authorization token, and therefore are rejected by the backend. I believe this is because the standard JavaScript fetch is used in the line below (and potentially others). If this was changed to the one exported from Backstage, it should have the authorization token included and therefore work.
https://github.com/harness/backstage-plugins/blob/bf0dd73ed0926a936f92030cb17161d70ae9870b/plugins/harness-ci-cd/src/hooks/useGetExecutionsList.ts#L84-L91