Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
@harnessio/backstage-plugin-harness-chaos
Advanced tools
Website: [https://harness.io/](https://harness.io/)
Website: https://harness.io/
Welcome to the Harness Chaos Engineering plugin for Backstage!
yarn add --cwd packages/app @harnessio/backstage-plugin-chaos
yarn install
If you are looking to get started with Backstage, check out backstage.io/docs.
For testing purposes, you can also clone this repository to try out the plugin. It contains an example Backstage app setup which is pre-installed with Harness plugins. However, you must create a new Backstage app if you are looking to get started with Backstage.
app-config.yaml
under the proxy
config. Add your Harness Personal Access Token or Service Account Token for x-api-key
. See the Harness docs for generating an API Key.# In app-config.yaml
proxy:
# ... existing proxy settings
'/harness':
target: 'https://app.harness.io/'
headers:
'x-api-key': '<YOUR PAT/SAT>'
# ...
Notes:
Plugin uses token configured here to make Harness API calls. Make sure this token has the necessary permissions
Set the value of target to your on-prem URL if you are using the Harness on-prem offering
EntityPage.tsx
, update the chaosContent
component to render <EntityHarnessChaosContent />
whenever the service/project is using Harness Chaos Engineering. Something like this -// In packages/app/src/components/catalog/EntityPage.tsx
import {
EntityHarnessChaosContent,
isHarnessChaosAvailable,
} from '@harnessio/backstage-plugin-harness-chaos';
...
const chaosContent = (
<EntitySwitch>
<EntitySwitch.Case if={isHarnessChaosAvailable}>
<EntityHarnessChaosContent />
</EntitySwitch.Case>
<EntitySwitch.Case>
<EmptyState
title="No Chaos data available for this entity"
missing="info"
description="You need to add an annotation to your component if you want to enable Chaos for it. You can read more about annotations in Backstage by clicking the button below."
action={
<Button
variant="contained"
color="primary"
href="https://backstage.io/docs/features/software-catalog/well-known-annotations"
>
Read more
</Button>
}
/>
</EntitySwitch.Case>
</EntitySwitch>
);
...
const serviceEntityPage = (
<EntityLayout>
<EntityLayout.Route path="/chaos" title="Chaos Engineering">
{chaosContent}
</EntityLayout.Route>
</EntityLayout>
);
...
catalog-info.yaml
file. (optional)By default, all the chaos experiments will be fetched from the provided project url, providing optional annotations will fetch experiments for a specific application map.
Based upon the annotations that the user provides, we decide which version of experiments table to show.
For ease of use of the user, we check if project url is provided and then see if the service tag or network tag is provided. If only the project url is provided we default to V1 table that shows experiments for all infrastructures else if we see the other annotations also, we show service specific or application map specific experiments.
NOTE: service tag based filtering will be available at a later date.
Refer image below to locate an application map tag.
Here is an example: catalog-info.yaml
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
# ...
annotations:
# mandatory annotation
harness.io/project-url: <harness_project_url>
# optional annotations
harness.io/application-map-tags: |
<nm-name_1>: <nm-label_1>
<nm-name_2>: <nm-label_2>
spec:
type: service
# ...
If you have a separate Harness hosted URL other than https://app.harness.io
, you can configure baseUrl
for harness
in app-config.yaml
This step is optional. The default value of harness.baseUrl
is https://app.harness.io/
# In app-config.yaml
harness:
baseUrl: https://app.harness.io/
FAQs
Website: [https://harness.io/](https://harness.io/)
The npm package @harnessio/backstage-plugin-harness-chaos receives a total of 254 weekly downloads. As such, @harnessio/backstage-plugin-harness-chaos popularity was classified as not popular.
We found that @harnessio/backstage-plugin-harness-chaos demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.