Skip to content

feat: Code Templates + Refactor Dev Env #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
johnnyhuy merged 50 commits into from
Sep 14, 2024
Merged

feat: Code Templates + Refactor Dev Env #27

johnnyhuy merged 50 commits into from
Sep 14, 2024

Conversation

@johnnyhuy
Copy link
Contributor

@johnnyhuy johnnyhuy commented Sep 14, 2024
edited
Loading

  • Added unit tests for DefaultPermissionPolicy.
  • Enhanced App component with CatalogTable integration and GitLab authentication provider.
  • Implemented DefaultPermissionPolicy for permission handling.
  • Integrated GitHub and GitLab authentication providers and scaffolder backend modules.
  • Added comprehensive documentation for Backstage code templates, including examples and custom actions guide.
  • Added various API definitions and templates for GitHub and GitLab.
  • Added documentation for Account Management Component and Mobile Banking App.

Changes walkthrough 📝

Relevant files
Tests
1 files
module.test.ts
Add unit tests for DefaultPermissionPolicy                             

plugins/permission-backend-module-default/src/module.test.ts

  • Added unit tests for DefaultPermissionPolicy.
  • Created mock functions for policy queries and users.
  • Implemented tests for various permission scenarios.
    		•  +110/-0 
    Enhancement
    4 files
    App.tsx
    Enhance App component with CatalogTable and GitLab auth   

    packages/app/src/App.tsx

  • Integrated CatalogTable into CatalogIndexPage.
  • Added GitLab authentication provider.
  • Enhanced ScaffolderPage with group filtering.
    		•  +37/-3   
    module.ts
    Implement DefaultPermissionPolicy for permission handling

    plugins/permission-backend-module-default/src/module.ts

  • Implemented DefaultPermissionPolicy class.
  • Defined permission handling logic for read and write groups.
  • Registered DefaultPermissionPolicy in permission module.
    		•  +61/-0   
    index.ts
    Integrate GitHub and GitLab auth providers and scaffolder modules

    packages/backend/src/index.ts

  • Added GitHub and GitLab authentication providers.
  • Integrated scaffolder backend modules for GitHub and GitLab.
  • Replaced allow-all policy with DefaultPermissionPolicy.
    		•  +5/-11   
    index.ts
    Export DefaultPermissionPolicy                                                     

    plugins/permission-backend-module-default/src/index.ts

    • Exported DefaultPermissionPolicy as default.
    		 +8/-0     
    Configuration changes
    1 files
    .eslintrc.js
    Add ESLint configuration for permission-backend-module-default

    plugins/permission-backend-module-default/.eslintrc.js

  • Added ESLint configuration for the permission-backend-module-default
    plugin.
    		•  +1/-0     
    Documentation
    9 files
    code-templates.md
    Add documentation for Backstage code templates                     

    docs/code-templates.md

  • Added comprehensive documentation for Backstage code templates.
  • Included examples, template structure, and custom actions guide.
    		•  +373/-0 
    .cursorrules
    Add cursor rules for Backstage web development                     

    .cursorrules

  • Added cursor rules for Backstage web development.
  • Included guidelines for code style, naming conventions, and
    performance optimization.
    		•  +213/-0 
    core-banking-api.yaml
    Add core banking API definition                                                   

    examples/apis/core-banking-api.yaml

  • Added API definition for core banking operations.
  • Included endpoints for account details and transactions.
    		•  +116/-0 
    template.yaml
    Add GitLab merge request template for documentation           

    examples/templates/gitlab-merge-request/template.yaml

  • Added GitLab merge request template for documentation.
  • Defined parameters, steps, and output for the template.
    		•  +99/-0   
    template.yaml
    Add GitHub pull request template for documentation             

    examples/templates/github-pull-request/template.yaml

  • Added GitHub pull request template for documentation.
  • Defined parameters, steps, and output for the template.
    		•  +99/-0   
    template.yaml
    Add GitLab blank repository template                                         

    examples/templates/gitlab-blank-repo/template.yaml

  • Added GitLab blank repository template.
  • Defined parameters, steps, and output for the template.
    		•  +95/-0   
    template.yaml
    Add GitHub blank repository template                                         

    examples/templates/github-blank-repo/template.yaml

  • Added GitHub blank repository template.
  • Defined parameters, steps, and output for the template.
    		•  +92/-0   
    index.md
    Add documentation for Account Management Component             

    examples/components/account-management-service/docs/index.md

  • Added documentation for Account Management Component.
  • Included key features and usage guidelines.
    		•  +58/-0   
    contributing.md
    Add contributing guide for Mobile Banking App                       

    examples/components/mobile-banking-app/docs/contributing.md

  • Added contributing guide for Mobile Banking App.
  • Included steps for making changes and submitting pull requests.
    		•  +61/-0   

    💡 PR-Agent usage:
    Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

    johnnyhuy added 30 commits July 29, 2024 16:22
    @johnnyhuy
    Update site name and navigation links, customize React components and…
    2d50f36 
    … resources

- Update site name to `echoHello Backstage` and add additional navigation links
- Remove custom React component customization section from development documentation
- Update main heading in index to plain text and add new customization guide for React components in a dedicated file
    @johnnyhuy
    refactor: Enhance App component with CatalogTable integration
    332baf9 
    - Add `CatalogTable` to the imports in `App.tsx`
- Adjust `CatalogIndexPage` to include more specified columns
    @johnnyhuy
    Merge branch 'main' of github.com:echohello-dev/backstage into featur…
    4b45d7d 
    …e/new-code-templates
    @johnnyhuy
    Add documentation for Backstage code templates and actions
    d27e36c 
    - Documented Backstage code templates in `docs/code-templates.md`
- Added information on standardization, automation, customization, and onboarding using templates
- Included examples of template collections and the basic structure of a template directory in Backstage
    @johnnyhuy
    docs: Add guidelines for custom actions in Backstage
    157700e 
    - Added new section on writing custom actions in Backstage
- Included guidelines for defining unique ID and input schema for custom actions
- Documented steps for implementing handler function for custom logic
    @johnnyhuy
    Update documentation templates for GitHub and GitLab.
    bbe8844 
    - Add new template files and documentation for GitLab and GitHub
- Include new plugins in backend package.json for GitHub and GitLab integration
- Update app-config.yaml with GitLab integration and token variable
    @johnnyhuy
    chore: Update configuration files for consistent templates
    0e2434b 
    - Update file paths for github and gitlab templates
- Add new file entry for gitlab template target
    @johnnyhuy
    Update template configurations for GitHub and GitLab integrations
    2c8a687 
    - Update template.yaml files for GitHub and GitLab
- Modify parameters and actions for better consistency
- Update links and descriptions in documentation
    @johnnyhuy
    feat: Add new files and configurations to default-catalog.
    957f52e 
    - Define new Group and User objects in YAML files
- Include metadata and spec details for the new Group and User
- Add new fields such as description, links, profile, and children to the files
    @johnnyhuy
    chore: Revise version numbering and logging in Makefile
    bd2ac3e 
    - Update version numbering in Makefile to include commit count
- Add debug level logging variable in Makefile
    @johnnyhuy
    feat: Add GitLab authentication provider support.
    d32ebd0 
    - Add `gitlabAuthApiRef` alongside `githubAuthApiRef` in `App.tsx`
- Improve handling of OAuth endpoints in `githubAuth` function
- Update dependencies for GitLab authentication and various plugin versions bump
    @johnnyhuy
    chore: Standardize file naming conventions across project.
    3b60a5c 
    - Update user's name field to `johnnyhuy`
- Fix target path in catalog configuration
- Correct file name in default catalog
    @johnnyhuy
    docs: Enhance software template documentation
    cf92e48 
    - Add custom field `Repository Picker` for software templates to streamline repository selection
- Introduce `Built-in Actions` for SCM providers to simplify scaffolding tasks
- Provide example usage of the `Repository Picker` for clarity and ease of use in Backstage instances
    @johnnyhuy
    chore: Remove unnecessary template files and properties
    05552af 
    - Delete unnecessary files and update properties in template.yaml in the examples/templates/github directory
- Update allowedOwners field with `echohello-dev` value in the components section of template.yaml in the examples/templates/github directory
    @johnnyhuy
    docs: Revamp code templates and documentation structure
    195b945 
    - Restructure the template directory in [docs/code-templates.md]
- Add detailed links for creating templates
- Specify key template sections and how to reference parameters
- List built-in actions for scaffolding tasks
    @johnnyhuy
    Revamp GitHub template configuration and authentication options
    d398d70 
    - Refactored GitHub Pull Request templates for improved user interaction
- Added detailed explanation of template rendering and token handling in documentation
- Enhanced user authentication options for repo URL access and token usage
    @johnnyhuy
    Update GitHub templates and catalog info metadata
    0696e0b 
    - Update YAML templates with new metadata and spec details
- Include required parameters for various actions
- Adjust output and annotations to reflect changes in parameters
    @johnnyhuy
    Refactor gitlab template and code template docs
    fa17ef8 
    - Added tags and updated metadata for template.yaml
- Changed required parameter name and added new properties in template.yaml
- Updated owner property to use parameters.owner in template.yaml
- Added Nunjucks templating language documentation in code-templates.md
    @johnnyhuy
    feat: Update GitHub pull request template structure
    17a0bcc 
    - Refactor pull request template to improve readability and organization
- Update template field names for clarity and consistency
- Add condition to include description in template if present
    @johnnyhuy
    feat: Refactor template descriptions and parameters
    1545e1f 
    - Add descriptive fields to template files for better user experience
- Update metadata fields and variable interpolation in template files
- Improve template formatting and remove redundant variables
    @johnnyhuy
    refactor: Standardize repository key names in templates
    d97d41f 
    - Update key naming in YAML templates for GitHub and GitLab pull requests
- Rename `allowedRepositories` to `allowedRepos` in both templates
    @johnnyhuy
    Update catalog configuration files and permissions
    f21ba66 
    - Update allowed repo in the gitlab-merge-request template
- Modify `memberOf` field for `Johnny Huynh` user in users.yaml
- Add new file entry to the `catalog` section in app-config.production.yaml
- Define new group `developers` with metadata and profile info in groups.yaml in default-catalog
    @johnnyhuy
    Update permissions backend module and configurations
    15166bb 
    - Remove `org.yaml` from examples directory
- Add new package.json and README for default backend module of permissions plugin
- Implement test file for `DefaultPermissionPolicy` with various permission checks
    @johnnyhuy
    refactor: Reorganize file structure and update permissions
    108fb92 
    - Move files and update file paths to organize them under the default-catalog directory
- Update permissions for readGroups, writeGroups, and adminGroups to include development and production groups
- Update user profiles for guest users in the default-catalog and development/production namespaces
    @johnnyhuy
    Refactor permission policy module configurations
    65287fa 
    - Added a check for 'read' action in DefaultPermissionPolicy class
- Included a test case for reading and writing permissions in module.test.ts
    @johnnyhuy
    docs: Consolidate user authentication configuration across files
    8500299 
    - Refactor group metadata in `groups.yaml` to remove duplication and unnecessary blocks
- Add new group `admins` with specific details in `groups.yaml`
- Update `app-config.production.yaml` to include `userEntityRef` field in `guest` auth provider section
    @johnnyhuy
    refactor: Refactor permission handling logic in module.
    a03e227 
    - Update group arrays in `module.ts`
- Refactor permission handling logic in `DefaultPermissionPolicy`
    @johnnyhuy
    feat: Update app configuration files and integrations
    ba85b0b 
    - Refactor app configuration to remove unused integrations and update authentication settings
- Rename file `all.yaml` to `catalog-info.yaml` for consistency in the default catalog configuration
    @johnnyhuy
    refactor: Refactor template configurations for Git hosting platforms
    1fc7fb8 
    - Refactored variable naming in `gitlab/template.yaml`
- Simplified template configuration in `github-pull-request/template.yaml`
- Fixed spacing issues in `mkdocs.yml` template structure
    @johnnyhuy
    Update template files for GitLab and GitHub catalog.
    6e41458 
    - Update GitLab template metadata and configurations
- Rename GitLab template file and adjust visibility settings
- Delete unnecessary files and adjust template paths
    @johnnyhuy
    fix: Refactor indentation and remove unnecessary quotes on catalog in…
    3b0d878 
    …fo files

- Fixed indentation issue in description field in catalog-info.yaml
- Removed unnecessary quotes from catalogInfoPath in template.yaml
    @johnnyhuy
    chore: Remove unnecessary template files and metadata
    ac20f29 
    - Remove unnecessary files and metadata details from default catalog templates
- Clean up documentation for clarity and consistency
- Delete redundant files from template folders
    @johnnyhuy
    chore: Update environment configurations and debugging settings
    af8c79e 
    - Add `LOG_LEVEL=debug` to the .env.example file
- Include an `envFile` setting for launching backend, app, and chrome debugger in VS Code launch configurations
    @johnnyhuy
    chore: Remove unused template files for GitHub and GitLab
    1f1090f 
    - Remove unused template files for GitHub and GitLab
- Refactored code for better performance
- Updated dependencies to latest versions
    @johnnyhuy
    Add new users, components, and APIs to examples.
    abb302d 
    - Add new users `grid-guru` and `flexbox-master` with profile information and group membership
- Define a template for creating a blank repository in GitLab with parameters and steps for repository creation
- Create a new user `vue-solo` with metadata and specifications, assigning them to the `js-jedis` group
    @johnnyhuy
    chore: Update file paths and dependencies across all files
    2ca9ef7 
    - Fix file path for the `templates` directory in the `all.yaml` file
- Update file paths for increased clarity and organization in the codebase
    @johnnyhuy
    docs: Enhance documentation for Account Management Component.
    bcd80cb 
    - Added new documentation files for Account Management Component
- Updated API documentation with User Management API section
- Improved integration guide for Account Management Component
    @johnnyhuy
    chore: Update ownership metadata for various components and APIs
    ab5dc64 
    - Update ownership details for multiple APIs and components
- Change owner metadata across various files
- Ensure consistency in owner details for different parts of the system
    @johnnyhuy
    Update ownership information for various systems
    927102d 
    - Update ownership information for multiple systems
- Make consistent owner changes across files
    @johnnyhuy
    chore: Improve API and component documentation.
    081829d 
    - Update API and component files to improve overall structure and consistency
- Add `implements` and `providesApis` sections to relevant files
- Remove unnecessary lines and empty spaces from certain files
    @johnnyhuy
    refactor: Refactor file structure and configurations
    8246f38 
    - Add new configuration files for various components and resources
- Update API specifications with detailed definitions and endpoints
- Delete outdated or unnecessary files for better repository organization
    @johnnyhuy
    Enhance Mobile Banking App documentation.
    f9e4851 
    - Documented key components, data fetching, UI/UX considerations, security, and performance optimization for the Account Overview feature in the mobile banking app
- Added troubleshooting guide for common issues in the Mobile Banking App including app crashes on startup, authentication failures, and slow performance
- Detailed user authentication flow, security measures, integration details, and error handling strategies for the Authentication feature in the mobile banking app
    @johnnyhuy
    Update documentation across various files in examples.
    25a5901 
    - Update API definition for better readability and formatting in customer-engagement-api.yaml
- Add documentation, installation instructions, and usage examples for UI Component Library in ui-component-library/docs/index.md
- Include references to new spec files and dependencies in updated all.yaml
- Introduce utility functions library and UI component library as new components in respective YAML files
    @johnnyhuy
    feat: Add new allowed item in app configuration file
    7d5d44c 
    - Add new allowed item "Domain" in app-config.yaml
- Update navigation in mkdocs.yml for formatCurrency function page
    @johnnyhuy
    refactor: Update system configurations and dependencies
    041dd94 
    - Refactored system configurations across multiple files
- Updated domain, owner, and dependencies for digital-banking-platform, core-banking-system, and customer-engagement-system
- Improved consistency and clarity in system definitions by aligning naming conventions and relationships
    @johnnyhuy
    Merge branch 'main' into feature/new-code-templates
    8936292
    @echohello-codium-ai-pr-agent echohello-codium-ai-pr-agent bot added documentation Improvements or additions to documentation enhancement New feature or request Tests Review effort [1-5]: 4 labels Sep 14, 2024
    @echohello-codium-ai-pr-agent
    Copy link
    Contributor

    echohello-codium-ai-pr-agent bot commented Sep 14, 2024

    PR Review 🔍

    ⏱️ Estimated effort to review [1-5]

    4, because the PR includes a wide range of changes across multiple files and systems, involving both backend and frontend modifications, new features, refactoring, and documentation updates. The complexity and breadth of the changes require a thorough review to ensure functionality, security, and maintainability.

    🧪 Relevant tests

    Yes

    ⚡ Possible issues

    Possible Bug: The tests in 'module.test.ts' might not cover all edge cases, especially with complex permission logic. Consider adding more comprehensive tests to cover all potential user group interactions and permission denials.

    Performance Concern: The addition of multiple authentication providers and permission checks could potentially impact the performance of the system. It's recommended to monitor the performance metrics closely after deployment.

    🔒 Security concerns

    No apparent security issues were introduced in the PR changes as per the provided code snippets. However, it's crucial to ensure that all new environment variables, especially those related to authentication (like API keys and tokens), are properly secured and not exposed in the codebase.

    @echohello-codium-ai-pr-agent
    Copy link
    Contributor

    echohello-codium-ai-pr-agent bot commented Sep 14, 2024

    PR Code Suggestions ✨

    CategorySuggestion                                                                                                                                    Score
    Best practice
    Add a section on security practices to enhance the safety and integrity of template usage

    Consider adding a section on security practices for template creation and usage. This
    could include guidelines on sanitizing user inputs, securing template storage, and
    handling sensitive data securely within templates.

    docs/code-templates.md [104]

     ## Key Sections
 
+## Security Practices
+- **Input Sanitization**: Ensure all user inputs are sanitized to prevent injection attacks.
+- **Secure Storage**: Store templates in a secure location with restricted access.
+- **Sensitive Data Handling**: Use encryption and environment variables to handle sensitive data within templates.
+
    Suggestion importance[1-10]: 9

    Why: Adding a section on security practices is crucial for ensuring the safety and integrity of template usage. This suggestion addresses a significant aspect that is currently missing in the documentation.

    		9
    Separate staging and production server URLs to enhance safety

    It's recommended to separate the staging server URL from the production server URL to
    avoid accidental pushes to the production environment. Consider using environment-specific
    configurations or variables.

    examples/apis/core-banking-api.yaml [21-24]

     - url: https://api.digitalbanking.com
   description: Production server
-- url: https://api.digitalbanking.com/staging
+- url: ${STAGING_API_URL}
   description: Staging server
    Suggestion importance[1-10]: 9

    Why: This suggestion enhances safety by preventing accidental pushes to the production environment, which is a significant improvement in best practices for API configuration.

    		9
    Add error handling for asynchronous operations in test cases

    Consider adding error handling for the asynchronous operations in the test cases. This
    ensures that any exceptions thrown during the execution of policy.handle are properly
    caught and handled, making the tests more robust and reliable.

    plugins/permission-backend-module-default/src/module.test.ts [51]

    -const decision = await policy.handle(request, user);
+let decision;
+try {
+  decision = await policy.handle(request, user);
+} catch (error) {
+  fail(`Error during policy handling: ${error}`);
+}
    Suggestion importance[1-10]: 8

    Why: Adding error handling for asynchronous operations in the test cases is a good practice that can make the tests more robust and reliable. This suggestion correctly identifies a potential improvement in the test cases.

    		8
    Use more descriptive variable names in lambda expressions

    Consider using a more descriptive variable name than ref in lambda expressions to enhance
    code readability and maintainability.

    plugins/permission-backend-module-default/src/module.ts [40]

    -user?.identity.ownershipEntityRefs.some(ref => writeGroups.includes(ref))
+user?.identity.ownershipEntityRefs.some(ownershipRef => writeGroups.includes(ownershipRef))
    Suggestion importance[1-10]: 6

    Why: Using more descriptive variable names can enhance code readability and maintainability. While this is a good practice, the impact of this change is relatively minor compared to other suggestions.

    		6
    Include a last updated timestamp to keep the documentation current and reliable

    To ensure the documentation remains relevant and up-to-date, consider adding a versioning
    note or a last updated timestamp at the beginning or end of the document. This helps users
    know if the content is current with the latest practices and software versions.

    docs/code-templates.md [1]

     # Code Templates
 
+*Last updated: 2023-09-15*
+
    Suggestion importance[1-10]: 6

    Why: Adding a last updated timestamp is a good practice for maintaining the relevance and reliability of the documentation. However, it is a minor improvement compared to other suggestions.

    		6
    Maintainability
    Simplify permission checks by using an array of allowed actions

    Replace the repeated checks for request.permission.attributes.action with a single check
    combined with an array of allowed actions. This will simplify the condition and make the
    code easier to maintain and extend.

    plugins/permission-backend-module-default/src/module.ts [33-42]

    +const allowedActions = ['create', 'read', 'delete', 'update'];
 if (
-  (request.permission.name === taskCancelPermission.name ||
-  request.permission.name === actionExecutePermission.name ||
-  request.permission.attributes.action === 'create' ||
-  request.permission.attributes.action === 'read' ||
-  request.permission.attributes.action === 'delete' ||
-  request.permission.attributes.action === 'update') &&
+  [taskCancelPermission.name, actionExecutePermission.name, ...allowedActions].includes(request.permission.attributes.action) &&
   user?.identity.ownershipEntityRefs.some(ref => writeGroups.includes(ref))
 ) {
   return { result: AuthorizeResult.ALLOW };
 }
    Suggestion importance[1-10]: 9

    Why: Simplifying the permission checks by using an array of allowed actions improves code readability and maintainability. This suggestion effectively addresses a key area for improvement in the code.

    		9
    Break down the 'Making Changes' section into sub-sections for better clarity and navigation

    To enhance clarity and accessibility, consider breaking down the 'Making Changes' section
    into sub-sections, each detailing a specific part of the process.

    examples/components/mobile-banking-app/docs/contributing.md [13-23]

    +### Branching
 1. Create a new branch for your feature or bug fix:
    ```
    git checkout -b feature/your-feature-name
    ```
-   2. Make your changes, following our [Coding Standards](development/coding_standards.md).
-   3. Write or update tests for your changes.
-   4. Run the test suite to ensure all tests pass:
+### Making Changes
+2. Make your changes, following our [Coding Standards](development/coding_standards.md).
+### Testing
+3. Write or update tests for your changes.
+4. Run the test suite to ensure all tests pass:
    ```
    npm run test
    ```
-   5. Commit your changes with a clear and descriptive commit message.
+### Committing
+5. Commit your changes with a clear and descriptive commit message.
    Suggestion importance[1-10]: 9

    Why: Breaking down the 'Making Changes' section into sub-sections significantly improves readability and navigation, making it easier for contributors to follow the process.

    		9
    Reduce code duplication by refactoring repeated object creation in tests

    Refactor the repeated creation of request and user objects in each test case by moving
    them to the beforeEach block or a helper function. This will reduce code duplication and
    improve test maintainability.

    plugins/permission-backend-module-default/src/module.test.ts [46-49]

    -const request = createRequest('example.permission', {
-  action: 'read',
+let request, user;
+beforeEach(() => {
+  request = createRequest('example.permission', { action: 'read' });
+  user = createUser('example-user', ['developers']);
 });
-const user = createUser('example-user', ['developers']);
    Suggestion importance[1-10]: 7

    Why: Refactoring the repeated creation of request and user objects can reduce code duplication and improve maintainability. However, the suggestion does not account for the different actions and groups used in each test, which may limit its applicability.

    		7
    Enhancement
    Add a troubleshooting section to help users resolve common issues with templates

    It's beneficial to include a troubleshooting section that addresses common issues users
    might encounter while working with templates, such as template rendering errors or issues
    with parameter configurations.

    docs/code-templates.md [104]

     ## Key Sections
 
+## Troubleshooting
+
+- **Template Rendering Errors**: Ensure all placeholders are correctly formatted and all required parameters are provided.
+- **Parameter Configuration Issues**: Verify that the YAML definitions are correct and all required fields are included.
+
    Suggestion importance[1-10]: 8

    Why: A troubleshooting section would be very helpful for users to resolve common issues, improving the overall user experience and reducing potential frustration.

    		8
    Enhance error handling in the API by providing detailed error messages and schemas

    To improve the API's response handling, consider providing more detailed error messages
    and possibly a schema for error responses. This can help clients handle errors more
    effectively.

    examples/apis/core-banking-api.yaml [46-50]

     '400':
-  description: Bad request
+  description: Bad request - The request could not be understood by the server due to malformed syntax.
+  content:
+    application/json:
+      schema:
+        $ref: '#/components/schemas/Error'
 '404':
-  description: Account not found
+  description: Account not found - The account with the given ID does not exist.
+  content:
+    application/json:
+      schema:
+        $ref: '#/components/schemas/Error'
 '500':
-  description: Internal server error
+  description: Internal server error - The server encountered an unexpected condition.
+  content:
+    application/json:
+      schema:
+        $ref: '#/components/schemas/Error'
    Suggestion importance[1-10]: 8

    Why: Providing detailed error messages and schemas improves the API's usability and helps clients handle errors more effectively, which is a valuable enhancement.

    		8
    Add a step to ensure necessary tools are installed before setting up the development environment

    Consider adding a section about setting up the necessary tools and dependencies before
    starting development. This can help contributors ensure they have the correct setup before
    they begin making changes.

    examples/components/mobile-banking-app/docs/contributing.md [7-9]

     1. Fork the repository on GitHub.
 2. Clone your forked repository to your local machine.
-3. Set up the development environment as described in the [Getting Started](getting_started.md) guide.
+3. Ensure you have the necessary tools installed (e.g., Node.js, npm).
+4. Set up the development environment as described in the [Getting Started](getting_started.md) guide.
    Suggestion importance[1-10]: 8

    Why: This suggestion is valuable as it ensures contributors have the necessary tools installed before setting up the development environment, which can prevent potential setup issues.

    		8
    Add a troubleshooting section to assist contributors with common issues

    Adding a troubleshooting section could be beneficial for addressing common issues that
    contributors might face during the setup or development process.

    examples/components/mobile-banking-app/docs/contributing.md [61]

    +## Troubleshooting
+If you encounter issues during setup or development, refer to our [Troubleshooting Guide](troubleshooting.md) or seek help on our community forums.
+
 Thank you for contributing to the Mobile Banking App!
    Suggestion importance[1-10]: 8

    Why: A troubleshooting section is a valuable addition that can help contributors resolve common issues, improving their overall experience and reducing potential frustration.

    		8
    Enhance documentation clarity by adding visual aids that illustrate the template creation process

    To improve the clarity and usability of the documentation, consider adding visual aids
    such as diagrams or flowcharts that illustrate the template creation process and how the
    scaffolding works in Backstage.

    docs/code-templates.md [24]

     ## Getting Started
 
+![Template Creation Process](/path/to/diagram.png)
+
+This diagram illustrates the steps involved in creating and using a template in Backstage.
+
    Suggestion importance[1-10]: 7

    Why: Visual aids can significantly enhance the clarity and usability of the documentation, making it easier for users to understand the template creation process. However, this is more of an enhancement than a critical addition.

    		7
    Provide a direct link to the GitHub repository in the 'Fork the repository' step

    It would be beneficial to provide a direct link to the GitHub repository in the 'Fork the
    repository' step to streamline the process for new contributors.

    examples/components/mobile-banking-app/docs/contributing.md [7]

    -1. Fork the repository on GitHub.
+1. Fork the repository on [GitHub](https://github.com/your-repository-url).
    Suggestion importance[1-10]: 7

    Why: Providing a direct link to the GitHub repository is a minor but useful enhancement that can streamline the process for new contributors.

    		7
    Security
    Add regex validation to the 'repoUrl' parameter to enhance security

    To ensure the security of the GitLab merge request process, validate the 'repoUrl'
    parameter to prevent injection attacks. Consider adding a regex pattern to validate the
    URL format.

    examples/templates/gitlab-merge-request/template.yaml [46-58]

     repoUrl:
   title: Repository Location
   type: string
+  pattern: '^[a-zA-Z0-9]+(?:-[a-zA-Z0-9]+)*$'
   ui:field: RepoUrlPicker
   ui:options:
     requestUserCredentials:
       secretsKey: USER_OAUTH_TOKEN
     allowedHosts:
       - gitlab.com
     allowedOwners:
       - echohello
     allowedRepos:
       - example
    Suggestion importance[1-10]: 7

    Why: Adding regex validation to the 'repoUrl' parameter enhances security by preventing potential injection attacks, which is an important security improvement.

    		7
    Use environment-specific tokens for better security and flexibility

    Consider using environment-specific tokens instead of a single global token to enhance
    security and flexibility. This can be managed through environment variables or a secure
    vault solution.

    examples/templates/github-pull-request/template.yaml [85]

    -token: ${{ secrets.USER_OAUTH_TOKEN }}
+token: ${{ secrets.GITHUB_TOKEN }}
    Suggestion importance[1-10]: 6

    Why: Using environment-specific tokens can enhance security and flexibility, but the improvement is relatively minor compared to other security measures.

    		6

    @johnnyhuy
    chore: Update dependencies and adjust backend plugins
    7a506c2 
    - Update dependencies in package.json
- Remove outdated authentication and permission modules
- Add new search backend module for catalog integration
    @johnnyhuy
    Merge branch 'main' of github.com:echohello-dev/backstage into featur…
    a311472 
    …e/new-code-templates
    @johnnyhuy
    chore: Update dependencies to latest versions
    c678274 
    - Update version of "@backstage/plugin-scaffolder-backend" to "^1.24.0" in package.json
- Refactored backend code for improved performance and readability
    @johnnyhuy
    Remove unnecessary restore-keys from GitHub workflows
    7a306a1 
    - Refactor GitHub workflow files
- Remove unnecessary restore-keys for cache action blocks
    @johnnyhuy johnnyhuy merged commit c014dbb into main Sep 14, 2024
    @johnnyhuy johnnyhuy deleted the feature/new-code-templates branch September 14, 2024 10:40
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    No reviews

    Assignees

    No one assigned

    Labels

    documentation Improvements or additions to documentation enhancement New feature or request Review effort [1-5]: 4 Tests

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    2 participants

    @johnnyhuy