Configuring the SpectroCloud Frontend Plugin#
The SpectroCloud frontend plugin can be configured to customize its behavior and integrate with Backstage's permission framework.
Configuration Options#
Add the following to your app-config.yaml:
spectrocloud:
annotationPrefix: terasky.backstage.io # Optional, default value
enablePermissions: true # Enable permission checks
Configuration Parameters#
| Parameter | Type | Default | Description |
|---|---|---|---|
annotationPrefix |
string | terasky.backstage.io |
Prefix used for SpectroCloud entity annotations |
enablePermissions |
boolean | false |
Enable frontend permission checks |
Permission Configuration#
Available Permissions#
The frontend respects the following permissions:
| Permission | Description | Controls |
|---|---|---|
spectrocloud.cluster.view-info |
View cluster information | Cluster card visibility |
spectrocloud.cluster.download-kubeconfig |
Download kubeconfig | Download button |
spectrocloud.cluster.view-pack-values |
View pack values | Pack expansion |
spectrocloud.cluster.view-pack-manifests |
View pack manifests | Manifest tabs |
spectrocloud.profile.view-info |
View profile information | Profile card visibility |
spectrocloud.profile.view-clusters |
View clusters for profile | Cluster list expansion |
Enabling Permissions#
To enable permission checks:
-
Enable in config:
-
Configure permission policies (using RBAC plugin):
p, role:default/developers, spectrocloud.cluster.view-info, read, allow p, role:default/developers, spectrocloud.profile.view-info, read, allow p, role:default/platform-team, spectrocloud.cluster.download-kubeconfig, read, allow p, role:default/platform-team, spectrocloud.cluster.view-pack-values, read, allow
Entity Card Configuration#
Cluster Card#
The cluster card automatically displays for entities with:
- kind: Resource
- spec.type: spectrocloud-cluster
Required annotations:
metadata:
annotations:
terasky.backstage.io/cluster-id: <cluster-uid>
terasky.backstage.io/project-id: <project-uid> # Optional
terasky.backstage.io/instance: <instance-name> # Optional
Profile Card#
The profile card automatically displays for entities with:
- kind: Resource
- spec.type: spectrocloud-cluster-profile
Required annotations:
metadata:
annotations:
terasky.backstage.io/profile-id: <profile-uid>
terasky.backstage.io/project-id: <project-uid> # Optional
terasky.backstage.io/instance: <instance-name> # Optional
Customization#
Custom Annotation Prefix#
If using a different annotation prefix:
Ensure the ingestor plugin uses the same prefix.
Best Practices#
Security#
- Enable permissions in production environments
- Use least-privilege permission policies
- Regularly audit kubeconfig download access
Performance#
- The frontend fetches data on-demand from the backend
- Use the refresh button to get latest data
- Pack content is loaded lazily when expanded
User Experience#
- Provide clear permission feedback to users
- Document which roles have which permissions
- Use meaningful profile and cluster names
Troubleshooting#
Common Issues#
- Card Shows "Loading" Forever
- Check backend plugin is running
- Verify API endpoint is accessible
-
Check browser network tab for errors
-
Permission Denied Messages
- Verify
enablePermissionsis set correctly - Check user's permission policies
-
Review backend logs
-
Missing Data
- Verify entity has required annotations
- Check annotation prefix matches config
- Ensure backend can reach SpectroCloud API