Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@harnessio/backstage-plugin-feature-flags
Advanced tools
Website: [https://harness.io/](https://harness.io/)
Website: https://harness.io/
Welcome to the Harness Feature Flags plugin for Backstage!
yarn add --cwd packages/app @harnessio/backstage-plugin-feature-flags
yarn install
If you are looking to get started with Backstage, check out backstage.io/docs.
For testing purposes, you can also clone this repository to try out the plugin. It contains an example Backstage app setup which is pre-installed with Harness plugins. However, you must create a new Backstage app if you are looking to get started with Backstage.
app-config.yaml
under the proxy
config. Add your Harness Personal Access Token or Service Account Token for x-api-key
. See the Harness docs for generating an API Key.# In app-config.yaml
proxy:
# ... existing proxy settings
'/harness':
target: 'https://app.harness.io/'
headers:
'x-api-key': '<YOUR PAT/SAT>'
# ...
Notes:
Plugin uses token configured here to make Harness API calls. Make sure this token has the necessary permissions
Set the value of target to your on-prem URL if you are using the Harness on-prem offering
EntityPage.tsx
, add the new featureFlagList
component to render <EntityHarnessFeatureFlagContent />
whenever the service is using Harness Feature Flags. Something like this -// In packages/app/src/components/catalog/EntityPage.tsx
import {
isHarnessFeatureFlagAvailable,
EntityHarnessFeatureFlagContent,
} from '@harnessio/backstage-plugin-feature-flags';
...
const featureFlagList = (
<EntitySwitch>
<EntitySwitch.Case if={isHarnessFeatureFlagAvailable}>
<EntityHarnessFeatureFlagContent />
</EntitySwitch.Case>
<EntitySwitch.Case>
<EmptyState
title="No Feature Flags available for this entity"
missing="info"
description="You need to add an annotation to your component if you want to enable Feature Flags for it. You can read more about annotations in Backstage by clicking the button below."
action={
<Button
variant="contained"
color="primary"
href="https://backstage.io/docs/features/software-catalog/well-known-annotations"
>
Read more
</Button>
}
/>
</EntitySwitch.Case>
</EntitySwitch>
);
...
const serviceEntityPage = (
<EntityLayout>
<EntityLayout.Route path="/feature-flag" title="Feature Flags">
{featureFlagList}
</EntityLayout.Route>
</EntityLayout>
);
...
catalog-info.yaml
file. Here is an example: https://github.com/harness/backstage-plugins/blob/main/examples/catalog-harness-cicd.yamlapiVersion: backstage.io/v1alpha1
kind: Component
metadata:
# ...
annotations:
# mandatory annotation
harness.io/project-url: <harness_project_url>
# optional annotations
# harness.io/ci-pipelineIds: <pipelineId1,pipelineId2,pipelineId3 etc>
# harness.io/cd-serviceId: <serviceId>
spec:
type: service
# ...
Note: Refer to this page on how to get these values from your Harness account.
By default, the plugin will take all the pipelines inside the configured Harness project and show their executions. However, if your service has quiet a few pipelines, you can additionally configure the pipelines as well as associated services to show those specific execution details for the display.
If you have a separate Harness hosted URL other than https://app.harness.io
, you can configure baseUrl
for harness
in app-config.yaml
This step is optional. The default value of harness.baseUrl
is https://app.harness.io/
# In app-config.yaml
harness:
baseUrl: https://app.harness.io/
FAQs
Website: [https://harness.io/](https://harness.io/)
The npm package @harnessio/backstage-plugin-feature-flags receives a total of 309 weekly downloads. As such, @harnessio/backstage-plugin-feature-flags popularity was classified as not popular.
We found that @harnessio/backstage-plugin-feature-flags demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.