Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 2. Breaking changes
This section lists breaking changes in Red Hat Developer Hub 1.6.
2.1. The Topology-specific permission topology.view.read is removed
Previously, the Topology plugin used topology.view.read permission to control access. Users were unable to configure Topology permissions using the RBAC UI. With this update, users can configure Kubernetes plugin permissions using the RBAC UI, which now governs the access to the Topology plugin. You can now use Kubernetes plugin permissions kubernetes.clusters.read, kubernetes.resources.read and kubernetes.proxy for the Topology plugin, as the Topology-specific permission topology.view.read is removed.
If you are using a CSV permission file, update the following lines:
Old Topology permission definition
p, role:default/topology-viewer, topology.view.read, read, allow p, role:default/topology-viewer, kubernetes.proxy, use, allow
p, role:default/topology-viewer, topology.view.read, read, allow
p, role:default/topology-viewer, kubernetes.proxy, use, allowNew Topology permission definition
p, role:default/topology-viewer, kubernetes.clusters.read, read, allow p, role:default/topology-viewer, kubernetes.resources.read, read, allow p, role:default/topology-viewer, kubernetes.proxy, use, allow
p, role:default/topology-viewer, kubernetes.clusters.read, read, allow
p, role:default/topology-viewer, kubernetes.resources.read, read, allow
p, role:default/topology-viewer, kubernetes.proxy, use, allowAdditional resources
2.2. Migration to the core Auditor service
The Auditor format, including audit fields and event names, and IDs, has been updated to align with the new Auditor service conventions defined by the upstream Backstage Auditor Service. Filtering queries based on the old format may fail to work as expected.
Additional resources
2.3. Red Hat Developer Hub introduces the Backstage Audit Log Service
Red Hat Developer Hub 1.6 introduces the Backstage Audit Log Service, which replaces the custom audit logging system. This is a significant structural and behavioral change to how audit events are generated and consumed.
The key changes introduced by this transition include the following:
- Audit logging is now delegated to Backstage plugins. Each plugin in Backstage is responsible for implementing and emitting its own audit events.
- Audit event names, structure, and content may differ per plugin. Audit events are scoped and designed independently within each plugin using the standardized upstream mechanism, which automatically captures actor details and plugin context.
-
New Event Structure and Naming: Audit event names now follow Backstage’s conventions (for example, lowercase, kebab-case names), and include structured metadata such as
actionType. Legacy Developer Hub event names (for example,ScaffolderTaskCreation,CatalogEntityDeletion) are no longer used. - Enhanced Log Context: Each audit event includes the plugin context, making it easier to filter logs for specific functional areas. You can filter by the event IDs or metadata associated with that plugin.
Additional resources
2.4. The Tekton-specific permission tekton.view.read is removed
Previously, the Tekton plugin used tekton.view.read permission to control access. Users were unable to configure Tekton permissions using the RBAC UI. With this update, users can configure Kubernetes plugin permissions using the RBAC UI, which now governs the access to the Tekton plugin. You can now use Kubernetes plugin permissions kubernetes.clusters.read, kubernetes.resources.read and kubernetes.proxy for the Tekton plugin, as the Tekton-specific permission tekton.view.read is removed.
If you are using a CSV permission file, update the following lines:
Old Tekton permission definition
p, role:default/tekton-viewer, tekton.view.read, read, allow p, role:default/tekton-viewer, kubernetes.proxy, use, allow
p, role:default/tekton-viewer, tekton.view.read, read, allow
p, role:default/tekton-viewer, kubernetes.proxy, use, allowNew Tekton permission definition
p, role:default/tekton-viewer, kubernetes.clusters.read, read, allow p, role:default/tekton-viewer, kubernetes.resources.read, read, allow p, role:default/tekton-viewer, kubernetes.proxy, use, allow
p, role:default/tekton-viewer, kubernetes.clusters.read, read, allow
p, role:default/tekton-viewer, kubernetes.resources.read, read, allow
p, role:default/tekton-viewer, kubernetes.proxy, use, allowAdditional resources
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}