Closed jmadureira closed 1 year ago
@jmadureira are you able to get tekton pipelines in backstage?. cause i am also stucked with authorizationBearerToken
@Va-asu I'm unable to get it working on Backstage because the tekton plugin always includes the Authorization
header. A quick hack would be to simply not include the header if no token is provided.
You can also check if it works in your case by manually making the request. It would be something like:
curl -v "https://<your tekton URL>/apis/tekton.dev/v1beta1/namespaces/<your namespace>/pipelineruns?labelSelector=<some label selector you might have>" -H "Content-type: application/json"
For additional reference taken from Tekton documentation which may help #9 you're opened:
The Dashboard does not provide its own authentication or authorization, however it will pass on any authentication headers provided to it by a proxy deployed in front of the Dashboard. These are then handled by the Kubernetes API server allowing for full access control via Kubernetes RBAC. In case of forbidden access the Dashboard will display corresponding error notifications.
This indicates that the "proper" solution involves correctly configuring Kubernetes RBAC which may not be possible in some installations.
Hello all,
will try to release a new version of the plugin tomorrow, in which the authorizationBearerToken
is optional.
Thank you @rannox , it will be very helpful for us.
This was implemented in version v0.2.6.
Just delete the authorizationBearerToken
param from the app-config.yaml
.
I am will be happy for your feedback, if this change helped you out? :)
@rannox Thank you for the new release. I've tested and it works as expected and will close this issue.
Hopefully this will also help @Va-asu with this issues.
Hello
I'm currently working on a Tekton setup where the API is open but in read-only mode. As a result I can freely make requests without having to provide the
Authorization
header.The problem is that since this plugin assumes that the
authorizationBearerToken
is mandatory all requests it makes to Tekton includes theAuthorization
header which will cause it to fail with a401
status code.Considering that this setup is a possibility is it possible to make the
authorizationBearerToken
attribute optional?