chore(openshift-image-registry): add missing CORS configuration to te…

…st plugin with the bundled backstage app

Signed-off-by: Christoph Jerolimov <[email protected]>

workspaces/openshift-image-registry/app-config.yaml

@@ -15,7 +15,25 @@ backend:
   baseUrl: http://localhost:7007
   listen:
     port: 7007
+    # Uncomment the following host directive to bind to specific interfaces
+    # host: 127.0.0.1
+  csp:
+    connect-src: ["'self'", 'http:', 'https:']
+    # Content-Security-Policy directives follow the Helmet format: https://helmetjs.github.io/#reference
+    # Default Helmet Content-Security-Policy values can be removed by setting the key to false
+  cors:
+    origin: http://localhost:3000
+    methods: [GET, HEAD, PATCH, POST, PUT, DELETE]
+    credentials: true
+  # This is for local development only, it is not recommended to use this in production
+  # The production database configuration is stored in app-config.production.yaml
+  database:
+    client: better-sqlite3
+    connection: ':memory:'
+  # workingDirectory: /tmp # Use this to configure a working directory for the scaffolder, defaults to the OS temp-dir
 
+# You can also copy this section into a file called app-config.local.yaml
+# and fill in the values.
 proxy:
   endpoints:
     '/openshift-image-registry/api':
@@ -26,3 +44,10 @@ proxy:
       changeOrigin: true
       # Change to "false" in case of using self hosted OpenShift cluster with a self-signed certificate
       secure: true
+      # credentials: dangerously-allow-unauthenticated
+
+auth:
+  # see https://backstage.io/docs/auth/ to learn about auth providers
+  providers:
+    # See https://backstage.io/docs/auth/guest/provider
+    guest: {}