first release

Author: Jujuyeh

.DS_Store

@@ -0,0 +1 @@
+module.exports = require('@backstage/cli/config/eslint-factory')(__dirname);

.eslintrc.js

@@ -0,0 +1,134 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Snowpack dependency directory (https://snowpack.dev/)
+web_modules/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional stylelint cache
+.stylelintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variable files
+.env
+.env.development.local
+.env.test.local
+.env.production.local
+.env.local
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+.parcel-cache
+
+# Next.js build output
+.next
+out
+
+# Nuxt.js build / generate output
+.nuxt
+dist
+
+# Gatsby files
+.cache/
+# Comment in the public line in if your project uses Gatsby and not Next.js
+# https://nextjs.org/blog/next-9-1#public-directory-support
+# public
+
+# vuepress build output
+.vuepress/dist
+
+# vuepress v2.x temp and cache directory
+.temp
+.cache
+
+# Docusaurus cache and generated files
+.docusaurus
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# TernJS port file
+.tern-port
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test
+
+# yarn v2
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.*
+yarn.lock
+
+# tsc
+dist-types/

.gitignore

@@ -1,2 +1,118 @@
-# backstage-plugin-sysdig
-Backstage Sysdig Plugin
+# Sysdig Plugin for Backstage
+
+
+Welcome to the official Sysdig Plugin for Backstage. This plugin will show you the latest Vulnerabilities and Posture reports of your services using Sysdig Secure.
+
+![Example](img/example1.png)
+![Example](img/example2.png)
+
+## Pre-requisites
+
+For this plugin to work, you will access to Sysdig Secure.
+
+You must provide:
+
+- Your **Sysdig Secure API Key**.
+- Your **Sysdig Secure Endpoint** (region for SaS).
+
+Please refer to the [official documentation](https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges/) for more details.
+
+## Getting started
+
+
+### Install the package
+
+```bash
+# From your Backstage root directory
+yarn --cwd packages/app add @sysdig/backstage-plugin-sysdig
+```
+
+### Add the route
+
+Add the **Sysdig page** to the Entity routes in `packages/app/src/components/catalog/EntityPage.tsx`:
+
+```diff
++ import { SysdigPage } from '@sysdig/backstage-plugin-sysdig';
+
+...
+
+
+const serviceEntityPage = (
+  <EntityLayoutWrapper>
+
+  ...
+
++    <EntityLayout.Route path="/sysdig" title="Sysdig">
++      <SysdigPage />
++    </EntityLayout.Route>
+
+  ...
+
+  </EntityPageLayout>
+)
+```
+
+### Add the Sysdig connection settings
+
+Edit `app-config.yaml` and add to the API endpoints the following details:
+
+```diff
+proxy:
+  endpoints:
++     '/sysdig':
++       target: 'https://secure.sysdig.com/'
++       changeOrigin: true
++       allowedMethods: ['GET']
++       headers:
++         "Authorization": "Bearer ${SYSDIG_SECURE_TOKEN}"
++         "Content-Type": "application/json"
++         "Accept": "application/json"
++         "X-Sysdig-Product": "SDS"
+```
+
+Replace the value for `target` with your Sysdig Secure Endpoint.
+
+You can replace `${SYSDIG_SECURE_TOKEN}` with your Sysdig Secure API Token, or you can set it to the `SYSDIG_SECURE_TOKEN` environment variable when deploying your Backstage instance.
+
+
+## How to annotate services
+
+All added annotations are available and documented in the [source file](./src/lib/annotations.ts).
+
+Be aware that not all annotations are needed, the different reports may or may not work depending on which information is provided. For example, to get Registry scanning results, you will need to annotate the corresponding services with registry data.
+
+### Example
+
+```yaml
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: sock-shop-carts
+  annotations:
+    # VM Runtime
+    sysdigcloud.com/kubernetes-cluster-name: sock-shop-cluster
+    sysdigcloud.com/kubernetes-namespace-name: sock-shop
+    sysdigcloud.com/kubernetes-workload-name: sock-shop-carts
+    sysdigcloud.com/kubernetes-workload-type: deployment
+
+    # VM Registry
+    sysdigcloud.com/registry-vendor: harbor
+    sysdigcloud.com/registry-name: registry-harbor-registry.registry.svc.cluster.local:5443
+
+    # VM Pipeline
+    sysdigcloud.com/image-freetext: ghcr.io/sysdiglabs
+    
+    # Posture
+    sysdigcloud.com/resource-name: sock-shop-carts
+    sysdigcloud.com/resource-type: "Deployment"
+  description: |
+    This is the Sock shop service that keeps track of socks pairs to be purchased.
+spec:
+  type: service
+  lifecycle: experimental
+  owner: team-c
+  system: sock-shop
+  dependsOn:
+    - component:default/sock-shop-carts-db
+
+```

README.md

@@ -0,0 +1,27 @@
+/*
+ * Copyright 2023 The Backstage Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import React from 'react';
+import { createDevApp } from '@backstage/dev-utils';
+import { sysdigPlugin, SysdigPage } from '../src/plugin';
+
+createDevApp()
+  .registerPlugin(sysdigPlugin)
+  .addPage({
+    element: <SysdigPage />,
+    title: 'Root Page',
+    path: '/sysdig'
+  })
+  .render();

dev/index.tsx

@@ -0,0 +1,50 @@
+{
+  "name": "@sysdig/backstage-plugin-sysdig",
+  "version": "0.0.0",
+  "main": "src/index.ts",
+  "types": "src/index.ts",
+  "license": "Apache-2.0",
+  "publishConfig": {
+    "access": "public",
+    "main": "dist/index.esm.js",
+    "types": "dist/index.d.ts"
+  },
+  "backstage": {
+    "role": "frontend-plugin"
+  },
+  "sideEffects": false,
+  "scripts": {
+    "start": "backstage-cli package start",
+    "build": "backstage-cli package build",
+    "lint": "backstage-cli package lint",
+    "test": "backstage-cli package test",
+    "clean": "backstage-cli package clean",
+    "prepack": "backstage-cli package prepack",
+    "postpack": "backstage-cli package postpack"
+  },
+  "dependencies": {
+    "@backstage/core-components": "workspace:^",
+    "@backstage/core-plugin-api": "workspace:^",
+    "@backstage/theme": "workspace:^",
+    "@material-ui/core": "^4.9.13",
+    "@material-ui/icons": "^4.9.1",
+    "@material-ui/lab": "^4.0.0-alpha.61",
+    "react-use": "^17.2.4"
+  },
+  "peerDependencies": {
+    "react": "^16.13.1 || ^17.0.0"
+  },
+  "devDependencies": {
+    "@backstage/cli": "workspace:^",
+    "@backstage/core-app-api": "workspace:^",
+    "@backstage/dev-utils": "workspace:^",
+    "@backstage/test-utils": "workspace:^",
+    "@testing-library/jest-dom": "^5.10.1",
+    "@testing-library/react": "^12.1.3",
+    "@testing-library/user-event": "^14.0.0",
+    "msw": "^1.0.0"
+  },
+  "files": [
+    "dist"
+  ]
+}

img/example1.png

@@ -0,0 +1,42 @@
+/*
+ * Copyright 2023 The Backstage Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import React from 'react';
+import { SysdigComponent } from './SysdigComponent';
+import { rest } from 'msw';
+import { setupServer } from 'msw/node';
+import { screen } from '@testing-library/react';
+import {
+  setupRequestMockHandlers,
+  renderInTestApp,
+} from "@backstage/test-utils";
+
+describe('SysdigComponent', () => {
+  const server = setupServer();
+  // Enable sane handlers for network requests
+  setupRequestMockHandlers(server);
+
+  // setup mock response
+  beforeEach(() => {
+    server.use(
+      rest.get('/*', (_, res, ctx) => res(ctx.status(200), ctx.json({}))),
+    );
+  });
+
+  it('should render', async () => {
+    await renderInTestApp(<SysdigComponent />);
+    expect(screen.getByText('Welcome to sysdig!')).toBeInTheDocument();
+  });
+});