
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
@coder/backstage-plugin-coder
Advanced tools
Create and manage Coder workspaces from Backstage.
This assumes you already have a Coder deployment running.
Replace https://coder.example.com
with your Coder deployment access URL. This also assumes
you have a template that has a parameter for a git repository URL (e.g. git_repo_url
) that auto-clones
the repository or uses envbuilder to build
the Dev Container.
If you have a standalone Backstage app (you didn't clone this repo), then do
yarn --cwd packages/app add @coder/backstage-plugin-coder
Add the proxy key to your app-config.yaml
:
proxy:
endpoints:
'/coder':
# Replace with your Coder deployment access URL and a trailing /
target: 'https://coder.example.com/'
changeOrigin: true
allowedMethods: ['GET']
allowedHeaders: ['Authorization', 'Coder-Session-Token']
headers:
X-Custom-Source: backstage
Add the CoderProvider
to the application:
// In packages/app/src/App.tsx
import {
type CoderAppConfig,
CoderProvider,
} from '@coder/backstage-plugin-coder';
const appConfig: CoderAppConfig = {
deployment: {
accessUrl: 'https://coder.example.com',
},
// Set the default template (and parameters) for
// catalog items. This can be overridden in the
// catalog-info.yaml for specific items.
workspaces: {
templateName: 'devcontainers',
mode: 'manual',
// This parameter is used to filter Coder workspaces
// by a repo URL parameter.
repoUrlParamKeys: ['custom_repo', 'repo_url'],
params: {
repo: 'custom',
region: 'eu-helsinki',
},
},
};
// ...
export default app.createRoot(
<CoderProvider appConfig={appConfig}>
<AlertDisplay />
<OAuthRequestDialog />
<AppRouter>
<Root>{routes}</Root>
</AppRouter>
</CoderProvider>,
);
Note: You can also wrap a single page or component with CoderProvider
if you only need Coder in a specific part of your app. See our API reference (particularly the section on the CoderProvider
component) for more details.
Add the CoderWorkspacesCard
card to the entity page in your app:
// In packages/app/src/components/catalog/EntityPage.tsx
import { CoderWorkspacesCard } from '@coder/backstage-plugin-coder';
// ...
<Grid item md={6} xs={12}>
<CoderWorkspacesCard readEntityData />
</Grid>;
This plugin is in active development. The following features are planned:
catalog-info.yaml
indicates the item is compatible with CoderThis plugin is part of the Backstage community. We welcome contributions!
FAQs
Create and manage Coder workspaces from Backstage
We found that @coder/backstage-plugin-coder demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.