Currently, anyone can create repositories in Backstage, which leads to several issues:
Incomplete or improperly formatted repositories
Repositories being deleted before they should be removed
Potential security concerns due to unrestricted access
Remediation
Implement access controls in Backstage to restrict repository creation and removal to authorized users only.
Only SourceFuse GitHub users should be allowed to create new repositories in Backstage.
Within the SourceFuse GitHub users, only designated Project Administrators should have the ability to edit or remove an existing repository once it has been created.
This solution will mitigate security concerns by limiting repository management actions to trusted and authorized personnel, ensuring proper formatting and preventing accidental or unauthorized deletions.
Current Issue:
Currently, anyone can create repositories in Backstage, which leads to several issues:
Remediation