coolify/app/Livewire/Project/New/DockerCompose.php

<?php

namespace App\Livewire\Project\New;

use App\Models\EnvironmentVariable;
use App\Models\Project;
use App\Models\Service;
use App\Models\StandaloneDocker;
use App\Models\SwarmDocker;
use Livewire\Component;
use Symfony\Component\Yaml\Yaml;

class DockerCompose extends Component
{
    public string $dockerComposeRaw = '';

    public string $envFile = '';

    public array $parameters;

    public array $query;

    public function mount()
    {
        $this->parameters = get_route_parameters();
        $this->query = request()->query();
        if (isDev()) {
            $this->dockerComposeRaw = file_get_contents(base_path('templates/test-database-detection.yaml'));
        }
    }

    public function submit()
    {
        $server_id = $this->query['server_id'];
        try {
            $this->validate([
                'dockerComposeRaw' => 'required',
            ]);
            $this->dockerComposeRaw = Yaml::dump(Yaml::parse($this->dockerComposeRaw), 10, 2, Yaml::DUMP_MULTI_LINE_LITERAL_BLOCK);

            // Validate for command injection BEFORE saving to database
            validateDockerComposeForInjection($this->dockerComposeRaw);

            $project = Project::where('uuid', $this->parameters['project_uuid'])->first();
            $environment = $project->load(['environments'])->environments->where('uuid', $this->parameters['environment_uuid'])->first();

            $destination_uuid = $this->query['destination'];
            $destination = StandaloneDocker::where('uuid', $destination_uuid)->first();
            if (! $destination) {
                $destination = SwarmDocker::where('uuid', $destination_uuid)->first();
            }
            if (! $destination) {
                throw new \Exception('Destination not found. What?!');
            }
            $destination_class = $destination->getMorphClass();

            $service = Service::create([
                'docker_compose_raw' => $this->dockerComposeRaw,
                'environment_id' => $environment->id,
                'server_id' => (int) $server_id,
                'destination_id' => $destination->id,
                'destination_type' => $destination_class,
            ]);

            $variables = parseEnvFormatToArray($this->envFile);
            foreach ($variables as $key => $data) {
                // Extract value and comment from parsed data
                // Handle both array format ['value' => ..., 'comment' => ...] and plain string values
                $value = is_array($data) ? ($data['value'] ?? '') : $data;
                $comment = is_array($data) ? ($data['comment'] ?? null) : null;

                EnvironmentVariable::create([
                    'key' => $key,
                    'value' => $value,
                    'comment' => $comment,
                    'is_preview' => false,
                    'resourceable_id' => $service->id,
                    'resourceable_type' => $service->getMorphClass(),
                ]);
            }
            $service->parse(isNew: true);

            // Apply service-specific application prerequisites
            applyServiceApplicationPrerequisites($service);

            return redirect()->route('project.service.configuration', [
                'service_uuid' => $service->uuid,
                'environment_uuid' => $environment->uuid,
                'project_uuid' => $project->uuid,
            ]);
        } catch (\Throwable $e) {
            return handleError($e, $this);
        }
    }
}
wip: services 2023-09-19 13:51:13 +00:00			`<?php`

wip: migrate to livewire 3 2023-12-07 18:06:32 +00:00			`namespace App\Livewire\Project\New;`
wip: services 2023-09-19 13:51:13 +00:00
puh, fixes 2023-09-26 12:45:52 +00:00			`use App\Models\EnvironmentVariable;`
wip: services 2023-09-19 13:51:13 +00:00			`use App\Models\Project;`
wip: services 2023-09-20 13:42:41 +00:00			`use App\Models\Service;`
fix: docker compose destination network 2024-08-13 02:44:25 +00:00			`use App\Models\StandaloneDocker;`
			`use App\Models\SwarmDocker;`
Fix styling 2024-06-10 20:43:34 +00:00			`use Livewire\Component;`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`use Symfony\Component\Yaml\Yaml;`
wip: services 2023-09-19 13:51:13 +00:00
			`class DockerCompose extends Component`
			`{`
feat: services 2023-09-25 13:48:43 +00:00			`public string $dockerComposeRaw = '';`
Fix styling 2024-06-10 20:43:34 +00:00
puh, fixes 2023-09-26 12:45:52 +00:00			`public string $envFile = '';`
Fix styling 2024-06-10 20:43:34 +00:00
wip: services 2023-09-19 13:51:13 +00:00			`public array $parameters;`
Fix styling 2024-06-10 20:43:34 +00:00
wip: services 2023-09-19 13:51:13 +00:00			`public array $query;`
Fix styling 2024-06-10 20:43:34 +00:00
wip: services 2023-09-19 13:51:13 +00:00			`public function mount()`
			`{`
			`$this->parameters = get_route_parameters();`
			`$this->query = request()->query();`
			`if (isDev()) {`
refactor(docker-compose): replace hardcoded Docker Compose configuration with external YAML template for improved database detection testing 2025-06-04 09:32:06 +00:00			`$this->dockerComposeRaw = file_get_contents(base_path('templates/test-database-detection.yaml'));`
wip: services 2023-09-19 13:51:13 +00:00			`}`
			`}`
Fix styling 2024-06-10 20:43:34 +00:00
wip: services 2023-09-19 13:51:13 +00:00			`public function submit()`
			`{`
fix: docker compose validation 2024-03-14 08:21:48 +00:00			`$server_id = $this->query['server_id'];`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`try {`
			`$this->validate([`
Fix styling 2024-06-10 20:43:34 +00:00			`'dockerComposeRaw' => 'required',`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`]);`
feat: services 2023-09-25 13:48:43 +00:00			`$this->dockerComposeRaw = Yaml::dump(Yaml::parse($this->dockerComposeRaw), 10, 2, Yaml::DUMP_MULTI_LINE_LITERAL_BLOCK);`
fix: prevent command injection in Docker Compose parsing - add pre-save validation This commit addresses a critical security issue where malicious Docker Compose data was being saved to the database before validation occurred. Problem: - Service models were saved to database first - Validation ran afterwards during parse() - Malicious data persisted even when validation failed - User saw error but damage was already done Solution: 1. Created validateDockerComposeForInjection() to validate YAML before save 2. Added pre-save validation to all Service creation/update points: - Livewire: DockerCompose.php, StackForm.php - API: ServicesController.php (create, update, one-click) 3. Validates service names and volume paths (string + array formats) 4. Blocks shell metacharacters: backticks, $(), \|, ;, &, >, <, newlines Security fixes: - Volume source paths (string format) - validated before save - Volume source paths (array format) - validated before save - Service names - validated before save - Environment variable patterns - safe ${VAR} allowed, ${VAR:-$(cmd)} blocked Testing: - 60 security tests pass (176 assertions) - PreSaveValidationTest.php: 15 tests for pre-save validation - ValidateShellSafePathTest.php: 15 tests for core validation - VolumeSecurityTest.php: 15 tests for volume parsing - ServiceNameSecurityTest.php: 15 tests for service names Related commits: - Previous: Added validation during parse() phase - This commit: Moves validation before database save 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-10-15 19:46:26 +00:00
			`// Validate for command injection BEFORE saving to database`
			`validateDockerComposeForInjection($this->dockerComposeRaw);`

Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45. 2025-01-07 14:31:43 +00:00			`$project = Project::where('uuid', $this->parameters['project_uuid'])->first();`
new uuid routes 2024-11-22 15:03:20 +00:00			`$environment = $project->load(['environments'])->environments->where('uuid', $this->parameters['environment_uuid'])->first();`
fix: docker compose destination network 2024-08-13 02:44:25 +00:00
			`$destination_uuid = $this->query['destination'];`
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45. 2025-01-07 14:31:43 +00:00			`$destination = StandaloneDocker::where('uuid', $destination_uuid)->first();`
fix: docker compose destination network 2024-08-13 02:44:25 +00:00			`if (! $destination) {`
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45. 2025-01-07 14:31:43 +00:00			`$destination = SwarmDocker::where('uuid', $destination_uuid)->first();`
fix: docker compose destination network 2024-08-13 02:44:25 +00:00			`}`
			`if (! $destination) {`
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45. 2025-01-07 14:31:43 +00:00			`throw new \Exception('Destination not found. What?!');`
fix: docker compose destination network 2024-08-13 02:44:25 +00:00			`}`
			`$destination_class = $destination->getMorphClass();`

Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45. 2025-01-07 14:31:43 +00:00			`$service = Service::create([`
feat: services 2023-09-25 13:48:43 +00:00			`'docker_compose_raw' => $this->dockerComposeRaw,`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`'environment_id' => $environment->id,`
			`'server_id' => (int) $server_id,`
fix: docker compose destination network 2024-08-13 02:44:25 +00:00			`'destination_id' => $destination->id,`
			`'destination_type' => $destination_class,`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`]);`
fix: docker compose destination network 2024-08-13 02:44:25 +00:00
puh, fixes 2023-09-26 12:45:52 +00:00			`$variables = parseEnvFormatToArray($this->envFile);`
feat: add comment field to environment variables - Add comment field to EnvironmentVariable model and database - Update parseEnvFormatToArray to extract inline comments from env files - Update Livewire components to handle comment field - Add UI for displaying and editing comments - Add tests for comment parsing functionality 2025-11-18 09:10:29 +00:00			`foreach ($variables as $key => $data) {`
			`// Extract value and comment from parsed data`
feat: enhance environment variable handling to support mixed formats and add comprehensive tests 2025-11-18 11:48:40 +00:00			`// Handle both array format ['value' => ..., 'comment' => ...] and plain string values`
			`$value = is_array($data) ? ($data['value'] ?? '') : $data;`
			`$comment = is_array($data) ? ($data['comment'] ?? null) : null;`
feat: add comment field to environment variables - Add comment field to EnvironmentVariable model and database - Update parseEnvFormatToArray to extract inline comments from env files - Update Livewire components to handle comment field - Add UI for displaying and editing comments - Add tests for comment parsing functionality 2025-11-18 09:10:29 +00:00
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45. 2025-01-07 14:31:43 +00:00			`EnvironmentVariable::create([`
puh, fixes 2023-09-26 12:45:52 +00:00			`'key' => $key,`
feat: add comment field to environment variables - Add comment field to EnvironmentVariable model and database - Update parseEnvFormatToArray to extract inline comments from env files - Update Livewire components to handle comment field - Add UI for displaying and editing comments - Add tests for comment parsing functionality 2025-11-18 09:10:29 +00:00			`'value' => $value,`
			`'comment' => $comment,`
puh, fixes 2023-09-26 12:45:52 +00:00			`'is_preview' => false,`
feat: migrate env variables to polymorphic relationship fix: proxy status query ui 2024-12-17 09:38:32 +00:00			`'resourceable_id' => $service->id,`
			`'resourceable_type' => $service->getMorphClass(),`
puh, fixes 2023-09-26 12:45:52 +00:00			`]);`
			`}`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`$service->parse(isNew: true);`
wip: services 2023-09-21 15:48:31 +00:00
Refactor: Centralize service application prerequisites Refactors the Appwrite and Beszel service-specific application settings to use a centralized constant-based approach, following the same pattern as NEEDS_TO_CONNECT_TO_PREDEFINED_NETWORK. Changes: - Added NEEDS_TO_DISABLE_GZIP constant for services requiring gzip disabled - Added NEEDS_TO_DISABLE_STRIPPREFIX constant for services requiring stripprefix disabled - Created applyServiceApplicationPrerequisites() helper function in bootstrap/helpers/services.php - Updated all service creation flows to use the centralized helper: * app/Livewire/Project/Resource/Create.php (web handler) * app/Http/Controllers/Api/ServicesController.php (API handler - BUG FIX) * app/Livewire/Project/New/DockerCompose.php (custom compose handler) * app/Http/Controllers/Api/ApplicationsController.php (API custom compose handler) - Added comprehensive unit tests for the new helper function Benefits: - Single source of truth for service prerequisites - DRY - eliminates code duplication between web and API handlers - Fixes bug where API-created services didn't get prerequisites applied - Easy to extend for future services (just edit the constant) - More maintainable and testable Related commits: 3a94f1ea1 (Beszel), 02b18c86e (Appwrite) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-11-28 15:33:27 +00:00			`// Apply service-specific application prerequisites`
			`applyServiceApplicationPrerequisites($service);`

fix: routing, switch back to old one 2023-12-27 15:45:01 +00:00			`return redirect()->route('project.service.configuration', [`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`'service_uuid' => $service->uuid,`
new uuid routes 2024-11-22 15:03:20 +00:00			`'environment_uuid' => $environment->uuid,`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`'project_uuid' => $project->uuid,`
			`]);`
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45. 2025-01-07 14:31:43 +00:00			`} catch (\Throwable $e) {`
- package updates - feat: service fixes - ui: help menu 2023-09-25 10:49:55 +00:00			`return handleError($e, $this);`
			`}`
wip: services 2023-09-19 13:51:13 +00:00			`}`
			`}`