From 96d0d39fd8bf2ff1826a238daba7ecb68242f04e Mon Sep 17 00:00:00 2001 From: thevinodpatidar Date: Thu, 30 Oct 2025 16:35:22 +0530 Subject: [PATCH 01/53] Add Postgresus one-click service template --- public/svgs/postgresus.svg | 1 + templates/compose/postgresus.yaml | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 public/svgs/postgresus.svg create mode 100644 templates/compose/postgresus.yaml diff --git a/public/svgs/postgresus.svg b/public/svgs/postgresus.svg new file mode 100644 index 000000000..a45e81167 --- /dev/null +++ b/public/svgs/postgresus.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/templates/compose/postgresus.yaml b/templates/compose/postgresus.yaml new file mode 100644 index 000000000..8c71ae163 --- /dev/null +++ b/templates/compose/postgresus.yaml @@ -0,0 +1,20 @@ +# documentation: https://postgresus.com +# slogan: Postgresus is a free, open source and self-hosted tool to backup PostgreSQL. +# category: devtools +# tags: postgres,backup,self-hosted,open-source +# logo: svgs/postgresus.svg +# port: 4005 + +services: + postgresus: + image: rostislavdugin/postgresus:latest + environment: + - SERVICE_URL_POSTGRESUS_4005 + volumes: + - postgresus-data:/postgresus-data + healthcheck: + test: + ["CMD", "wget", "-qO-", "http://localhost:4005/api/v1/system/health"] + interval: 5s + timeout: 10s + retries: 5 From b131a89d030c671f12bf17dcc6dd13e3b68ac1ce Mon Sep 17 00:00:00 2001 From: thevinodpatidar Date: Thu, 30 Oct 2025 16:58:14 +0530 Subject: [PATCH 02/53] Add Postgresus service template files --- templates/service-templates-latest.json | 15 +++++++++++++++ templates/service-templates.json | 15 +++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/templates/service-templates-latest.json b/templates/service-templates-latest.json index dfabce600..5bee88282 100644 --- a/templates/service-templates-latest.json +++ b/templates/service-templates-latest.json @@ -3375,6 +3375,21 @@ "minversion": "0.0.0", "port": "9000" }, + "postgresus": { + "documentation": "https://postgresus.com?utm_source=coolify.io", + "slogan": "Postgresus is a free, open source and self-hosted tool to backup PostgreSQL.", + "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX1VSTF9QT1NUR1JFU1VTXzQwMDUKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3RncmVzdXMtZGF0YTovcG9zdGdyZXN1cy1kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIHdnZXQKICAgICAgICAtICctcU8tJwogICAgICAgIC0gJ2h0dHA6Ly9sb2NhbGhvc3Q6NDAwNS9hcGkvdjEvc3lzdGVtL2hlYWx0aCcKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiA1Cg==", + "tags": [ + "postgres", + "backup", + "self-hosted", + "open-source" + ], + "category": "devtools", + "logo": "svgs/postgresus.svg", + "minversion": "0.0.0", + "port": "4005" + }, "postiz": { "documentation": "https://docs.postiz.com?utm_source=coolify.io", "slogan": "Open source social media scheduling tool.", diff --git a/templates/service-templates.json b/templates/service-templates.json index 3d49b1620..0d35416b8 100644 --- a/templates/service-templates.json +++ b/templates/service-templates.json @@ -3375,6 +3375,21 @@ "minversion": "0.0.0", "port": "9000" }, + "postgresus": { + "documentation": "https://postgresus.com?utm_source=coolify.io", + "slogan": "Postgresus is a free, open source and self-hosted tool to backup PostgreSQL.", + "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX0ZRRE5fUE9TVEdSRVNVU180MDA1CiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3VzLWRhdGE6L3Bvc3RncmVzdXMtZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLXFPLScKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjQwMDUvYXBpL3YxL3N5c3RlbS9oZWFsdGgnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogNQo=", + "tags": [ + "postgres", + "backup", + "self-hosted", + "open-source" + ], + "category": "devtools", + "logo": "svgs/postgresus.svg", + "minversion": "0.0.0", + "port": "4005" + }, "postiz": { "documentation": "https://docs.postiz.com?utm_source=coolify.io", "slogan": "Open source social media scheduling tool.", From 8a0b37c85128ee756e24e58e5e29d0cc48bbf081 Mon Sep 17 00:00:00 2001 From: "Mgs. M. Rizqi Fadhlurrahman" Date: Fri, 31 Oct 2025 08:45:42 +0700 Subject: [PATCH 03/53] chore: update Nixpacks version to 1.41.0 --- docker/coolify-helper/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/coolify-helper/Dockerfile b/docker/coolify-helper/Dockerfile index 212703798..14879eb96 100644 --- a/docker/coolify-helper/Dockerfile +++ b/docker/coolify-helper/Dockerfile @@ -10,7 +10,7 @@ ARG DOCKER_BUILDX_VERSION=0.25.0 # https://github.com/buildpacks/pack/releases ARG PACK_VERSION=0.38.2 # https://github.com/railwayapp/nixpacks/releases -ARG NIXPACKS_VERSION=1.40.0 +ARG NIXPACKS_VERSION=1.41.0 # https://github.com/minio/mc/releases ARG MINIO_VERSION=RELEASE.2025-08-13T08-35-41Z From 3be0dc07b8f3b1d5900053de2e23a578588d4202 Mon Sep 17 00:00:00 2001 From: thevinodpatidar Date: Fri, 31 Oct 2025 11:00:41 +0530 Subject: [PATCH 04/53] Change version and documentation url --- templates/compose/postgresus.yaml | 6 +++--- templates/service-templates-latest.json | 8 +++----- templates/service-templates.json | 8 +++----- 3 files changed, 9 insertions(+), 13 deletions(-) diff --git a/templates/compose/postgresus.yaml b/templates/compose/postgresus.yaml index 8c71ae163..a3a8a55e9 100644 --- a/templates/compose/postgresus.yaml +++ b/templates/compose/postgresus.yaml @@ -1,13 +1,13 @@ -# documentation: https://postgresus.com +# documentation: https://postgresus.com/#guide # slogan: Postgresus is a free, open source and self-hosted tool to backup PostgreSQL. # category: devtools -# tags: postgres,backup,self-hosted,open-source +# tags: postgres,backup # logo: svgs/postgresus.svg # port: 4005 services: postgresus: - image: rostislavdugin/postgresus:latest + image: rostislavdugin/postgresus:7fb59bb5d02fbaf856b0bcfc7a0786575818b96f # Released on 30 Sep, 2025 environment: - SERVICE_URL_POSTGRESUS_4005 volumes: diff --git a/templates/service-templates-latest.json b/templates/service-templates-latest.json index 5bee88282..3633a306f 100644 --- a/templates/service-templates-latest.json +++ b/templates/service-templates-latest.json @@ -3376,14 +3376,12 @@ "port": "9000" }, "postgresus": { - "documentation": "https://postgresus.com?utm_source=coolify.io", + "documentation": "https://postgresus.com/#guide?utm_source=coolify.io", "slogan": "Postgresus is a free, open source and self-hosted tool to backup PostgreSQL.", - "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX1VSTF9QT1NUR1JFU1VTXzQwMDUKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3RncmVzdXMtZGF0YTovcG9zdGdyZXN1cy1kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIHdnZXQKICAgICAgICAtICctcU8tJwogICAgICAgIC0gJ2h0dHA6Ly9sb2NhbGhvc3Q6NDAwNS9hcGkvdjEvc3lzdGVtL2hlYWx0aCcKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiA1Cg==", + "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czo3ZmI1OWJiNWQwMmZiYWY4NTZiMGJjZmM3YTA3ODY1NzU4MThiOTZmJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfUE9TVEdSRVNVU180MDA1CiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3VzLWRhdGE6L3Bvc3RncmVzdXMtZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLXFPLScKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjQwMDUvYXBpL3YxL3N5c3RlbS9oZWFsdGgnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogNQo=", "tags": [ "postgres", - "backup", - "self-hosted", - "open-source" + "backup" ], "category": "devtools", "logo": "svgs/postgresus.svg", diff --git a/templates/service-templates.json b/templates/service-templates.json index 0d35416b8..0d356c5ed 100644 --- a/templates/service-templates.json +++ b/templates/service-templates.json @@ -3376,14 +3376,12 @@ "port": "9000" }, "postgresus": { - "documentation": "https://postgresus.com?utm_source=coolify.io", + "documentation": "https://postgresus.com/#guide?utm_source=coolify.io", "slogan": "Postgresus is a free, open source and self-hosted tool to backup PostgreSQL.", - "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX0ZRRE5fUE9TVEdSRVNVU180MDA1CiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3VzLWRhdGE6L3Bvc3RncmVzdXMtZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLXFPLScKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjQwMDUvYXBpL3YxL3N5c3RlbS9oZWFsdGgnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogNQo=", + "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czo3ZmI1OWJiNWQwMmZiYWY4NTZiMGJjZmM3YTA3ODY1NzU4MThiOTZmJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX1BPU1RHUkVTVVNfNDAwNQogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGdyZXN1cy1kYXRhOi9wb3N0Z3Jlc3VzLWRhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gd2dldAogICAgICAgIC0gJy1xTy0nCiAgICAgICAgLSAnaHR0cDovL2xvY2FsaG9zdDo0MDA1L2FwaS92MS9zeXN0ZW0vaGVhbHRoJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDUK", "tags": [ "postgres", - "backup", - "self-hosted", - "open-source" + "backup" ], "category": "devtools", "logo": "svgs/postgresus.svg", From d291d85311df4480c2b5fe8e4b0600c93ca59c9c Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Mon, 3 Nov 2025 13:02:14 +0100 Subject: [PATCH 05/53] feat: add RestoreDatabase command for PostgreSQL dump restoration --- .../Commands/Cloud/RestoreDatabase.php | 219 ++++++++++++++++++ 1 file changed, 219 insertions(+) create mode 100644 app/Console/Commands/Cloud/RestoreDatabase.php diff --git a/app/Console/Commands/Cloud/RestoreDatabase.php b/app/Console/Commands/Cloud/RestoreDatabase.php new file mode 100644 index 000000000..6c60d1c6c --- /dev/null +++ b/app/Console/Commands/Cloud/RestoreDatabase.php @@ -0,0 +1,219 @@ +debug = $this->option('debug'); + + if (! $this->isDevelopment()) { + $this->error('This command can only be run in development mode.'); + + return 1; + } + + $filePath = $this->argument('file'); + + if (! file_exists($filePath)) { + $this->error("File not found: {$filePath}"); + + return 1; + } + + if (! is_readable($filePath)) { + $this->error("File is not readable: {$filePath}"); + + return 1; + } + + try { + $this->info('Starting database restoration...'); + + $database = config('database.connections.pgsql.database'); + $host = config('database.connections.pgsql.host'); + $port = config('database.connections.pgsql.port'); + $username = config('database.connections.pgsql.username'); + $password = config('database.connections.pgsql.password'); + + if (! $database || ! $username) { + $this->error('Database configuration is incomplete.'); + + return 1; + } + + $this->info("Restoring to database: {$database}"); + + // Drop all tables + if (! $this->dropAllTables($database, $host, $port, $username, $password)) { + return 1; + } + + // Restore the database dump + if (! $this->restoreDatabaseDump($filePath, $database, $host, $port, $username, $password)) { + return 1; + } + + $this->info('Database restoration completed successfully!'); + + return 0; + } catch (\Exception $e) { + $this->error("An error occurred: {$e->getMessage()}"); + + return 1; + } + } + + private function dropAllTables(string $database, string $host, string $port, string $username, string $password): bool + { + $this->info('Dropping all tables...'); + + // SQL to drop all tables + $dropTablesSQL = <<<'SQL' + DO $$ DECLARE + r RECORD; + BEGIN + FOR r IN (SELECT tablename FROM pg_tables WHERE schemaname = 'public') LOOP + EXECUTE 'DROP TABLE IF EXISTS ' || quote_ident(r.tablename) || ' CASCADE'; + END LOOP; + END $$; + SQL; + + // Build the psql command to drop all tables + $command = sprintf( + 'PGPASSWORD=%s psql -h %s -p %s -U %s -d %s -c %s', + escapeshellarg($password), + escapeshellarg($host), + escapeshellarg($port), + escapeshellarg($username), + escapeshellarg($database), + escapeshellarg($dropTablesSQL) + ); + + if ($this->debug) { + $this->line('Executing drop command:'); + $this->line($command); + } + + $output = shell_exec($command.' 2>&1'); + + if ($this->debug) { + $this->line("Output: {$output}"); + } + + $this->info('All tables dropped successfully.'); + + return true; + } + + private function restoreDatabaseDump(string $filePath, string $database, string $host, string $port, string $username, string $password): bool + { + $this->info('Restoring database from dump file...'); + + // Handle gzipped files by decompressing first + $actualFile = $filePath; + if (str_ends_with($filePath, '.gz')) { + $actualFile = rtrim($filePath, '.gz'); + $this->info('Decompressing gzipped dump file...'); + + $decompressCommand = sprintf( + 'gunzip -c %s > %s', + escapeshellarg($filePath), + escapeshellarg($actualFile) + ); + + if ($this->debug) { + $this->line('Executing decompress command:'); + $this->line($decompressCommand); + } + + $decompressOutput = shell_exec($decompressCommand.' 2>&1'); + if ($this->debug && $decompressOutput) { + $this->line("Decompress output: {$decompressOutput}"); + } + } + + // Use pg_restore for custom format dumps + $command = sprintf( + 'PGPASSWORD=%s pg_restore -h %s -p %s -U %s -d %s -v %s', + escapeshellarg($password), + escapeshellarg($host), + escapeshellarg($port), + escapeshellarg($username), + escapeshellarg($database), + escapeshellarg($actualFile) + ); + + if ($this->debug) { + $this->line('Executing restore command:'); + $this->line($command); + } + + // Execute the restore command + $process = proc_open( + $command, + [ + 1 => ['pipe', 'w'], + 2 => ['pipe', 'w'], + ], + $pipes + ); + + if (! is_resource($process)) { + $this->error('Failed to start restoration process.'); + + return false; + } + + $output = stream_get_contents($pipes[1]); + $error = stream_get_contents($pipes[2]); + $exitCode = proc_close($process); + + // Clean up decompressed file if we created one + if ($actualFile !== $filePath && file_exists($actualFile)) { + unlink($actualFile); + } + + if ($this->debug) { + if ($output) { + $this->line('Output:'); + $this->line($output); + } + if ($error) { + $this->line('Error output:'); + $this->line($error); + } + $this->line("Exit code: {$exitCode}"); + } + + if ($exitCode !== 0) { + $this->error("Restoration failed with exit code: {$exitCode}"); + if ($error) { + $this->error('Error details:'); + $this->error($error); + } + + return false; + } + + if ($output && ! $this->debug) { + $this->line($output); + } + + return true; + } + + private function isDevelopment(): bool + { + return app()->environment(['local', 'development', 'dev']); + } +} From fbaa5eb3696f9588c0a78623988e9c07c384a115 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 08:43:33 +0100 Subject: [PATCH 06/53] feat: Update ApplicationSetting model to include additional boolean casts - Changed `$cast` to `$casts` in ApplicationSetting model to enable proper boolean casting for new fields. - Added boolean fields: `is_spa`, `is_build_server_enabled`, `is_preserve_repository_enabled`, `is_container_label_escape_enabled`, `is_container_label_readonly_enabled`, and `use_build_secrets`. fix: Update Livewire component to reflect new property names - Updated references in the Livewire component for the new camelCase property names. - Adjusted bindings and IDs for consistency with the updated model. test: Add unit tests for ApplicationSetting boolean casting - Created tests to verify boolean casting for `is_static` and other boolean fields in ApplicationSetting. - Ensured all boolean fields are correctly defined in the casts array. test: Implement tests for SynchronizesModelData trait - Added tests to verify the functionality of the SynchronizesModelData trait, ensuring it correctly syncs properties between the component and the model. - Included tests for handling non-existent properties gracefully. --- app/Livewire/Project/Application/General.php | 525 ++++++++++-------- app/Models/ApplicationSetting.php | 8 +- .../project/application/general.blade.php | 102 ++-- .../Unit/ApplicationSettingStaticCastTest.php | 105 ++++ tests/Unit/SynchronizesModelDataTest.php | 163 ++++++ 5 files changed, 615 insertions(+), 288 deletions(-) create mode 100644 tests/Unit/ApplicationSettingStaticCastTest.php create mode 100644 tests/Unit/SynchronizesModelDataTest.php diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php index 8e8add430..03db8b1c8 100644 --- a/app/Livewire/Project/Application/General.php +++ b/app/Livewire/Project/Application/General.php @@ -3,7 +3,6 @@ namespace App\Livewire\Project\Application; use App\Actions\Application\GenerateConfig; -use App\Livewire\Concerns\SynchronizesModelData; use App\Models\Application; use App\Support\ValidationPatterns; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; @@ -15,7 +14,6 @@ class General extends Component { use AuthorizesRequests; - use SynchronizesModelData; public string $applicationId; @@ -29,85 +27,83 @@ class General extends Component public ?string $fqdn = null; - public string $git_repository; + public string $gitRepository; - public string $git_branch; + public string $gitBranch; - public ?string $git_commit_sha = null; + public ?string $gitCommitSha = null; - public ?string $install_command = null; + public ?string $installCommand = null; - public ?string $build_command = null; + public ?string $buildCommand = null; - public ?string $start_command = null; + public ?string $startCommand = null; - public string $build_pack; + public string $buildPack; - public string $static_image; + public string $staticImage; - public string $base_directory; + public string $baseDirectory; - public ?string $publish_directory = null; + public ?string $publishDirectory = null; - public ?string $ports_exposes = null; + public ?string $portsExposes = null; - public ?string $ports_mappings = null; + public ?string $portsMappings = null; - public ?string $custom_network_aliases = null; + public ?string $customNetworkAliases = null; public ?string $dockerfile = null; - public ?string $dockerfile_location = null; + public ?string $dockerfileLocation = null; - public ?string $dockerfile_target_build = null; + public ?string $dockerfileTargetBuild = null; - public ?string $docker_registry_image_name = null; + public ?string $dockerRegistryImageName = null; - public ?string $docker_registry_image_tag = null; + public ?string $dockerRegistryImageTag = null; - public ?string $docker_compose_location = null; + public ?string $dockerComposeLocation = null; - public ?string $docker_compose = null; + public ?string $dockerCompose = null; - public ?string $docker_compose_raw = null; + public ?string $dockerComposeRaw = null; - public ?string $docker_compose_custom_start_command = null; + public ?string $dockerComposeCustomStartCommand = null; - public ?string $docker_compose_custom_build_command = null; + public ?string $dockerComposeCustomBuildCommand = null; - public ?string $custom_labels = null; + public ?string $customDockerRunOptions = null; - public ?string $custom_docker_run_options = null; + public ?string $preDeploymentCommand = null; - public ?string $pre_deployment_command = null; + public ?string $preDeploymentCommandContainer = null; - public ?string $pre_deployment_command_container = null; + public ?string $postDeploymentCommand = null; - public ?string $post_deployment_command = null; + public ?string $postDeploymentCommandContainer = null; - public ?string $post_deployment_command_container = null; + public ?string $customNginxConfiguration = null; - public ?string $custom_nginx_configuration = null; + public bool $isStatic = false; - public bool $is_static = false; + public bool $isSpa = false; - public bool $is_spa = false; + public bool $isBuildServerEnabled = false; - public bool $is_build_server_enabled = false; + public bool $isPreserveRepositoryEnabled = false; - public bool $is_preserve_repository_enabled = false; + public bool $isContainerLabelEscapeEnabled = true; - public bool $is_container_label_escape_enabled = true; + public bool $isContainerLabelReadonlyEnabled = false; - public bool $is_container_label_readonly_enabled = false; + public bool $isHttpBasicAuthEnabled = false; - public bool $is_http_basic_auth_enabled = false; + public ?string $httpBasicAuthUsername = null; - public ?string $http_basic_auth_username = null; + public ?string $httpBasicAuthPassword = null; - public ?string $http_basic_auth_password = null; - - public ?string $watch_paths = null; + public ?string $watchPaths = null; public string $redirect; @@ -141,46 +137,46 @@ protected function rules(): array 'name' => ValidationPatterns::nameRules(), 'description' => ValidationPatterns::descriptionRules(), 'fqdn' => 'nullable', - 'git_repository' => 'required', - 'git_branch' => 'required', - 'git_commit_sha' => 'nullable', - 'install_command' => 'nullable', - 'build_command' => 'nullable', - 'start_command' => 'nullable', - 'build_pack' => 'required', - 'static_image' => 'required', - 'base_directory' => 'required', - 'publish_directory' => 'nullable', - 'ports_exposes' => 'required', - 'ports_mappings' => 'nullable', - 'custom_network_aliases' => 'nullable', + 'gitRepository' => 'required', + 'gitBranch' => 'required', + 'gitCommitSha' => 'nullable', + 'installCommand' => 'nullable', + 'buildCommand' => 'nullable', + 'startCommand' => 'nullable', + 'buildPack' => 'required', + 'staticImage' => 'required', + 'baseDirectory' => 'required', + 'publishDirectory' => 'nullable', + 'portsExposes' => 'required', + 'portsMappings' => 'nullable', + 'customNetworkAliases' => 'nullable', 'dockerfile' => 'nullable', - 'docker_registry_image_name' => 'nullable', - 'docker_registry_image_tag' => 'nullable', - 'dockerfile_location' => 'nullable', - 'docker_compose_location' => 'nullable', - 'docker_compose' => 'nullable', - 'docker_compose_raw' => 'nullable', - 'dockerfile_target_build' => 'nullable', - 'docker_compose_custom_start_command' => 'nullable', - 'docker_compose_custom_build_command' => 'nullable', - 'custom_labels' => 'nullable', - 'custom_docker_run_options' => 'nullable', - 'pre_deployment_command' => 'nullable', - 'pre_deployment_command_container' => 'nullable', - 'post_deployment_command' => 'nullable', - 'post_deployment_command_container' => 'nullable', - 'custom_nginx_configuration' => 'nullable', - 'is_static' => 'boolean|required', - 'is_spa' => 'boolean|required', - 'is_build_server_enabled' => 'boolean|required', - 'is_container_label_escape_enabled' => 'boolean|required', - 'is_container_label_readonly_enabled' => 'boolean|required', - 'is_preserve_repository_enabled' => 'boolean|required', - 'is_http_basic_auth_enabled' => 'boolean|required', - 'http_basic_auth_username' => 'string|nullable', - 'http_basic_auth_password' => 'string|nullable', - 'watch_paths' => 'nullable', + 'dockerRegistryImageName' => 'nullable', + 'dockerRegistryImageTag' => 'nullable', + 'dockerfileLocation' => 'nullable', + 'dockerComposeLocation' => 'nullable', + 'dockerCompose' => 'nullable', + 'dockerComposeRaw' => 'nullable', + 'dockerfileTargetBuild' => 'nullable', + 'dockerComposeCustomStartCommand' => 'nullable', + 'dockerComposeCustomBuildCommand' => 'nullable', + 'customLabels' => 'nullable', + 'customDockerRunOptions' => 'nullable', + 'preDeploymentCommand' => 'nullable', + 'preDeploymentCommandContainer' => 'nullable', + 'postDeploymentCommand' => 'nullable', + 'postDeploymentCommandContainer' => 'nullable', + 'customNginxConfiguration' => 'nullable', + 'isStatic' => 'boolean|required', + 'isSpa' => 'boolean|required', + 'isBuildServerEnabled' => 'boolean|required', + 'isContainerLabelEscapeEnabled' => 'boolean|required', + 'isContainerLabelReadonlyEnabled' => 'boolean|required', + 'isPreserveRepositoryEnabled' => 'boolean|required', + 'isHttpBasicAuthEnabled' => 'boolean|required', + 'httpBasicAuthUsername' => 'string|nullable', + 'httpBasicAuthPassword' => 'string|nullable', + 'watchPaths' => 'nullable', 'redirect' => 'string|required', ]; } @@ -193,26 +189,26 @@ protected function messages(): array 'name.required' => 'The Name field is required.', 'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().', 'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.', - 'git_repository.required' => 'The Git Repository field is required.', - 'git_branch.required' => 'The Git Branch field is required.', - 'build_pack.required' => 'The Build Pack field is required.', - 'static_image.required' => 'The Static Image field is required.', - 'base_directory.required' => 'The Base Directory field is required.', - 'ports_exposes.required' => 'The Exposed Ports field is required.', - 'is_static.required' => 'The Static setting is required.', - 'is_static.boolean' => 'The Static setting must be true or false.', - 'is_spa.required' => 'The SPA setting is required.', - 'is_spa.boolean' => 'The SPA setting must be true or false.', - 'is_build_server_enabled.required' => 'The Build Server setting is required.', - 'is_build_server_enabled.boolean' => 'The Build Server setting must be true or false.', - 'is_container_label_escape_enabled.required' => 'The Container Label Escape setting is required.', - 'is_container_label_escape_enabled.boolean' => 'The Container Label Escape setting must be true or false.', - 'is_container_label_readonly_enabled.required' => 'The Container Label Readonly setting is required.', - 'is_container_label_readonly_enabled.boolean' => 'The Container Label Readonly setting must be true or false.', - 'is_preserve_repository_enabled.required' => 'The Preserve Repository setting is required.', - 'is_preserve_repository_enabled.boolean' => 'The Preserve Repository setting must be true or false.', - 'is_http_basic_auth_enabled.required' => 'The HTTP Basic Auth setting is required.', - 'is_http_basic_auth_enabled.boolean' => 'The HTTP Basic Auth setting must be true or false.', + 'gitRepository.required' => 'The Git Repository field is required.', + 'gitBranch.required' => 'The Git Branch field is required.', + 'buildPack.required' => 'The Build Pack field is required.', + 'staticImage.required' => 'The Static Image field is required.', + 'baseDirectory.required' => 'The Base Directory field is required.', + 'portsExposes.required' => 'The Exposed Ports field is required.', + 'isStatic.required' => 'The Static setting is required.', + 'isStatic.boolean' => 'The Static setting must be true or false.', + 'isSpa.required' => 'The SPA setting is required.', + 'isSpa.boolean' => 'The SPA setting must be true or false.', + 'isBuildServerEnabled.required' => 'The Build Server setting is required.', + 'isBuildServerEnabled.boolean' => 'The Build Server setting must be true or false.', + 'isContainerLabelEscapeEnabled.required' => 'The Container Label Escape setting is required.', + 'isContainerLabelEscapeEnabled.boolean' => 'The Container Label Escape setting must be true or false.', + 'isContainerLabelReadonlyEnabled.required' => 'The Container Label Readonly setting is required.', + 'isContainerLabelReadonlyEnabled.boolean' => 'The Container Label Readonly setting must be true or false.', + 'isPreserveRepositoryEnabled.required' => 'The Preserve Repository setting is required.', + 'isPreserveRepositoryEnabled.boolean' => 'The Preserve Repository setting must be true or false.', + 'isHttpBasicAuthEnabled.required' => 'The HTTP Basic Auth setting is required.', + 'isHttpBasicAuthEnabled.boolean' => 'The HTTP Basic Auth setting must be true or false.', 'redirect.required' => 'The Redirect setting is required.', 'redirect.string' => 'The Redirect setting must be a string.', ] @@ -220,43 +216,43 @@ protected function messages(): array } protected $validationAttributes = [ - 'application.name' => 'name', - 'application.description' => 'description', - 'application.fqdn' => 'FQDN', - 'application.git_repository' => 'Git repository', - 'application.git_branch' => 'Git branch', - 'application.git_commit_sha' => 'Git commit SHA', - 'application.install_command' => 'Install command', - 'application.build_command' => 'Build command', - 'application.start_command' => 'Start command', - 'application.build_pack' => 'Build pack', - 'application.static_image' => 'Static image', - 'application.base_directory' => 'Base directory', - 'application.publish_directory' => 'Publish directory', - 'application.ports_exposes' => 'Ports exposes', - 'application.ports_mappings' => 'Ports mappings', - 'application.dockerfile' => 'Dockerfile', - 'application.docker_registry_image_name' => 'Docker registry image name', - 'application.docker_registry_image_tag' => 'Docker registry image tag', - 'application.dockerfile_location' => 'Dockerfile location', - 'application.docker_compose_location' => 'Docker compose location', - 'application.docker_compose' => 'Docker compose', - 'application.docker_compose_raw' => 'Docker compose raw', - 'application.custom_labels' => 'Custom labels', - 'application.dockerfile_target_build' => 'Dockerfile target build', - 'application.custom_docker_run_options' => 'Custom docker run commands', - 'application.custom_network_aliases' => 'Custom docker network aliases', - 'application.docker_compose_custom_start_command' => 'Docker compose custom start command', - 'application.docker_compose_custom_build_command' => 'Docker compose custom build command', - 'application.custom_nginx_configuration' => 'Custom Nginx configuration', - 'application.settings.is_static' => 'Is static', - 'application.settings.is_spa' => 'Is SPA', - 'application.settings.is_build_server_enabled' => 'Is build server enabled', - 'application.settings.is_container_label_escape_enabled' => 'Is container label escape enabled', - 'application.settings.is_container_label_readonly_enabled' => 'Is container label readonly', - 'application.settings.is_preserve_repository_enabled' => 'Is preserve repository enabled', - 'application.watch_paths' => 'Watch paths', - 'application.redirect' => 'Redirect', + 'name' => 'name', + 'description' => 'description', + 'fqdn' => 'FQDN', + 'gitRepository' => 'Git repository', + 'gitBranch' => 'Git branch', + 'gitCommitSha' => 'Git commit SHA', + 'installCommand' => 'Install command', + 'buildCommand' => 'Build command', + 'startCommand' => 'Start command', + 'buildPack' => 'Build pack', + 'staticImage' => 'Static image', + 'baseDirectory' => 'Base directory', + 'publishDirectory' => 'Publish directory', + 'portsExposes' => 'Ports exposes', + 'portsMappings' => 'Ports mappings', + 'dockerfile' => 'Dockerfile', + 'dockerRegistryImageName' => 'Docker registry image name', + 'dockerRegistryImageTag' => 'Docker registry image tag', + 'dockerfileLocation' => 'Dockerfile location', + 'dockerComposeLocation' => 'Docker compose location', + 'dockerCompose' => 'Docker compose', + 'dockerComposeRaw' => 'Docker compose raw', + 'customLabels' => 'Custom labels', + 'dockerfileTargetBuild' => 'Dockerfile target build', + 'customDockerRunOptions' => 'Custom docker run commands', + 'customNetworkAliases' => 'Custom docker network aliases', + 'dockerComposeCustomStartCommand' => 'Docker compose custom start command', + 'dockerComposeCustomBuildCommand' => 'Docker compose custom build command', + 'customNginxConfiguration' => 'Custom Nginx configuration', + 'isStatic' => 'Is static', + 'isSpa' => 'Is SPA', + 'isBuildServerEnabled' => 'Is build server enabled', + 'isContainerLabelEscapeEnabled' => 'Is container label escape enabled', + 'isContainerLabelReadonlyEnabled' => 'Is container label readonly', + 'isPreserveRepositoryEnabled' => 'Is preserve repository enabled', + 'watchPaths' => 'Watch paths', + 'redirect' => 'Redirect', ]; public function mount() @@ -266,14 +262,14 @@ public function mount() if (is_null($this->parsedServices) || empty($this->parsedServices)) { $this->dispatch('error', 'Failed to parse your docker-compose file. Please check the syntax and try again.'); // Still sync data even if parse fails, so form fields are populated - $this->syncFromModel(); + $this->syncData(); return; } } catch (\Throwable $e) { $this->dispatch('error', $e->getMessage()); // Still sync data even on error, so form fields are populated - $this->syncFromModel(); + $this->syncData(); } if ($this->application->build_pack === 'dockercompose') { // Only update if user has permission @@ -325,57 +321,112 @@ public function mount() // Sync data from model to properties at the END, after all business logic // This ensures any modifications to $this->application during mount() are reflected in properties - $this->syncFromModel(); + $this->syncData(); } - protected function getModelBindings(): array + public function syncData(bool $toModel = false): void { - return [ - 'name' => 'application.name', - 'description' => 'application.description', - 'fqdn' => 'application.fqdn', - 'git_repository' => 'application.git_repository', - 'git_branch' => 'application.git_branch', - 'git_commit_sha' => 'application.git_commit_sha', - 'install_command' => 'application.install_command', - 'build_command' => 'application.build_command', - 'start_command' => 'application.start_command', - 'build_pack' => 'application.build_pack', - 'static_image' => 'application.static_image', - 'base_directory' => 'application.base_directory', - 'publish_directory' => 'application.publish_directory', - 'ports_exposes' => 'application.ports_exposes', - 'ports_mappings' => 'application.ports_mappings', - 'custom_network_aliases' => 'application.custom_network_aliases', - 'dockerfile' => 'application.dockerfile', - 'dockerfile_location' => 'application.dockerfile_location', - 'dockerfile_target_build' => 'application.dockerfile_target_build', - 'docker_registry_image_name' => 'application.docker_registry_image_name', - 'docker_registry_image_tag' => 'application.docker_registry_image_tag', - 'docker_compose_location' => 'application.docker_compose_location', - 'docker_compose' => 'application.docker_compose', - 'docker_compose_raw' => 'application.docker_compose_raw', - 'docker_compose_custom_start_command' => 'application.docker_compose_custom_start_command', - 'docker_compose_custom_build_command' => 'application.docker_compose_custom_build_command', - 'custom_labels' => 'application.custom_labels', - 'custom_docker_run_options' => 'application.custom_docker_run_options', - 'pre_deployment_command' => 'application.pre_deployment_command', - 'pre_deployment_command_container' => 'application.pre_deployment_command_container', - 'post_deployment_command' => 'application.post_deployment_command', - 'post_deployment_command_container' => 'application.post_deployment_command_container', - 'custom_nginx_configuration' => 'application.custom_nginx_configuration', - 'is_static' => 'application.settings.is_static', - 'is_spa' => 'application.settings.is_spa', - 'is_build_server_enabled' => 'application.settings.is_build_server_enabled', - 'is_preserve_repository_enabled' => 'application.settings.is_preserve_repository_enabled', - 'is_container_label_escape_enabled' => 'application.settings.is_container_label_escape_enabled', - 'is_container_label_readonly_enabled' => 'application.settings.is_container_label_readonly_enabled', - 'is_http_basic_auth_enabled' => 'application.is_http_basic_auth_enabled', - 'http_basic_auth_username' => 'application.http_basic_auth_username', - 'http_basic_auth_password' => 'application.http_basic_auth_password', - 'watch_paths' => 'application.watch_paths', - 'redirect' => 'application.redirect', - ]; + if ($toModel) { + $this->validate(); + + // Application properties + $this->application->name = $this->name; + $this->application->description = $this->description; + $this->application->fqdn = $this->fqdn; + $this->application->git_repository = $this->gitRepository; + $this->application->git_branch = $this->gitBranch; + $this->application->git_commit_sha = $this->gitCommitSha; + $this->application->install_command = $this->installCommand; + $this->application->build_command = $this->buildCommand; + $this->application->start_command = $this->startCommand; + $this->application->build_pack = $this->buildPack; + $this->application->static_image = $this->staticImage; + $this->application->base_directory = $this->baseDirectory; + $this->application->publish_directory = $this->publishDirectory; + $this->application->ports_exposes = $this->portsExposes; + $this->application->ports_mappings = $this->portsMappings; + $this->application->custom_network_aliases = $this->customNetworkAliases; + $this->application->dockerfile = $this->dockerfile; + $this->application->dockerfile_location = $this->dockerfileLocation; + $this->application->dockerfile_target_build = $this->dockerfileTargetBuild; + $this->application->docker_registry_image_name = $this->dockerRegistryImageName; + $this->application->docker_registry_image_tag = $this->dockerRegistryImageTag; + $this->application->docker_compose_location = $this->dockerComposeLocation; + $this->application->docker_compose = $this->dockerCompose; + $this->application->docker_compose_raw = $this->dockerComposeRaw; + $this->application->docker_compose_custom_start_command = $this->dockerComposeCustomStartCommand; + $this->application->docker_compose_custom_build_command = $this->dockerComposeCustomBuildCommand; + $this->application->custom_labels = base64_encode($this->customLabels); + $this->application->custom_docker_run_options = $this->customDockerRunOptions; + $this->application->pre_deployment_command = $this->preDeploymentCommand; + $this->application->pre_deployment_command_container = $this->preDeploymentCommandContainer; + $this->application->post_deployment_command = $this->postDeploymentCommand; + $this->application->post_deployment_command_container = $this->postDeploymentCommandContainer; + $this->application->custom_nginx_configuration = $this->customNginxConfiguration; + $this->application->is_http_basic_auth_enabled = $this->isHttpBasicAuthEnabled; + $this->application->http_basic_auth_username = $this->httpBasicAuthUsername; + $this->application->http_basic_auth_password = $this->httpBasicAuthPassword; + $this->application->watch_paths = $this->watchPaths; + $this->application->redirect = $this->redirect; + + // Application settings properties + $this->application->settings->is_static = $this->isStatic; + $this->application->settings->is_spa = $this->isSpa; + $this->application->settings->is_build_server_enabled = $this->isBuildServerEnabled; + $this->application->settings->is_preserve_repository_enabled = $this->isPreserveRepositoryEnabled; + $this->application->settings->is_container_label_escape_enabled = $this->isContainerLabelEscapeEnabled; + $this->application->settings->is_container_label_readonly_enabled = $this->isContainerLabelReadonlyEnabled; + + $this->application->settings->save(); + } else { + // From model to properties + $this->name = $this->application->name; + $this->description = $this->application->description; + $this->fqdn = $this->application->fqdn; + $this->gitRepository = $this->application->git_repository; + $this->gitBranch = $this->application->git_branch; + $this->gitCommitSha = $this->application->git_commit_sha; + $this->installCommand = $this->application->install_command; + $this->buildCommand = $this->application->build_command; + $this->startCommand = $this->application->start_command; + $this->buildPack = $this->application->build_pack; + $this->staticImage = $this->application->static_image; + $this->baseDirectory = $this->application->base_directory; + $this->publishDirectory = $this->application->publish_directory; + $this->portsExposes = $this->application->ports_exposes; + $this->portsMappings = $this->application->ports_mappings; + $this->customNetworkAliases = $this->application->custom_network_aliases; + $this->dockerfile = $this->application->dockerfile; + $this->dockerfileLocation = $this->application->dockerfile_location; + $this->dockerfileTargetBuild = $this->application->dockerfile_target_build; + $this->dockerRegistryImageName = $this->application->docker_registry_image_name; + $this->dockerRegistryImageTag = $this->application->docker_registry_image_tag; + $this->dockerComposeLocation = $this->application->docker_compose_location; + $this->dockerCompose = $this->application->docker_compose; + $this->dockerComposeRaw = $this->application->docker_compose_raw; + $this->dockerComposeCustomStartCommand = $this->application->docker_compose_custom_start_command; + $this->dockerComposeCustomBuildCommand = $this->application->docker_compose_custom_build_command; + $this->customLabels = $this->application->parseContainerLabels(); + $this->customDockerRunOptions = $this->application->custom_docker_run_options; + $this->preDeploymentCommand = $this->application->pre_deployment_command; + $this->preDeploymentCommandContainer = $this->application->pre_deployment_command_container; + $this->postDeploymentCommand = $this->application->post_deployment_command; + $this->postDeploymentCommandContainer = $this->application->post_deployment_command_container; + $this->customNginxConfiguration = $this->application->custom_nginx_configuration; + $this->isHttpBasicAuthEnabled = $this->application->is_http_basic_auth_enabled; + $this->httpBasicAuthUsername = $this->application->http_basic_auth_username; + $this->httpBasicAuthPassword = $this->application->http_basic_auth_password; + $this->watchPaths = $this->application->watch_paths; + $this->redirect = $this->application->redirect; + + // Application settings properties + $this->isStatic = $this->application->settings->is_static; + $this->isSpa = $this->application->settings->is_spa; + $this->isBuildServerEnabled = $this->application->settings->is_build_server_enabled; + $this->isPreserveRepositoryEnabled = $this->application->settings->is_preserve_repository_enabled; + $this->isContainerLabelEscapeEnabled = $this->application->settings->is_container_label_escape_enabled; + $this->isContainerLabelReadonlyEnabled = $this->application->settings->is_container_label_readonly_enabled; + } } public function instantSave() @@ -387,7 +438,7 @@ public function instantSave() $oldIsContainerLabelEscapeEnabled = $this->application->settings->is_container_label_escape_enabled; $oldIsPreserveRepositoryEnabled = $this->application->settings->is_preserve_repository_enabled; - $this->syncToModel(); + $this->syncData(toModel: true); if ($this->application->settings->isDirty('is_spa')) { $this->generateNginxConfiguration($this->application->settings->is_spa ? 'spa' : 'static'); @@ -395,24 +446,27 @@ public function instantSave() if ($this->application->isDirty('is_http_basic_auth_enabled')) { $this->application->save(); } + $this->application->settings->save(); + $this->dispatch('success', 'Settings saved.'); $this->application->refresh(); - $this->syncFromModel(); + + $this->syncData(); // If port_exposes changed, reset default labels - if ($oldPortsExposes !== $this->ports_exposes || $oldIsContainerLabelEscapeEnabled !== $this->is_container_label_escape_enabled) { + if ($oldPortsExposes !== $this->portsExposes || $oldIsContainerLabelEscapeEnabled !== $this->isContainerLabelEscapeEnabled) { $this->resetDefaultLabels(false); } - if ($oldIsPreserveRepositoryEnabled !== $this->is_preserve_repository_enabled) { - if ($this->is_preserve_repository_enabled === false) { + if ($oldIsPreserveRepositoryEnabled !== $this->isPreserveRepositoryEnabled) { + if ($this->isPreserveRepositoryEnabled === false) { $this->application->fileStorages->each(function ($storage) { - $storage->is_based_on_git = $this->is_preserve_repository_enabled; + $storage->is_based_on_git = $this->isPreserveRepositoryEnabled; $storage->save(); }); } } - if ($this->is_container_label_readonly_enabled) { + if ($this->isContainerLabelReadonlyEnabled) { $this->resetDefaultLabels(false); } } catch (\Throwable $e) { @@ -441,7 +495,7 @@ public function loadComposeFile($isInit = false, $showToast = true) // Sync the docker_compose_raw from the model to the component property // This ensures the Monaco editor displays the loaded compose file - $this->syncFromModel(); + $this->syncData(); $this->parsedServiceDomains = $this->application->docker_compose_domains ? json_decode($this->application->docker_compose_domains, true) : []; // Convert service names with dots and dashes to use underscores for HTML form binding @@ -507,7 +561,7 @@ public function generateDomain(string $serviceName) public function updatedBaseDirectory() { - if ($this->build_pack === 'dockercompose') { + if ($this->buildPack === 'dockercompose') { $this->loadComposeFile(); } } @@ -527,24 +581,24 @@ public function updatedBuildPack() } catch (\Illuminate\Auth\Access\AuthorizationException $e) { // User doesn't have permission, revert the change and return $this->application->refresh(); - $this->syncFromModel(); + $this->syncData(); return; } // Sync property to model before checking/modifying - $this->syncToModel(); + $this->syncData(toModel: true); - if ($this->build_pack !== 'nixpacks') { - $this->is_static = false; + if ($this->buildPack !== 'nixpacks') { + $this->isStatic = false; $this->application->settings->is_static = false; $this->application->settings->save(); } else { - $this->ports_exposes = 3000; - $this->application->ports_exposes = 3000; + $this->portsExposes = '3000'; + $this->application->ports_exposes = '3000'; $this->resetDefaultLabels(false); } - if ($this->build_pack === 'dockercompose') { + if ($this->buildPack === 'dockercompose') { // Only update if user has permission try { $this->authorize('update', $this->application); @@ -567,9 +621,9 @@ public function updatedBuildPack() $this->application->environment_variables_preview()->where('key', 'LIKE', 'SERVICE_URL_%')->delete(); } } - if ($this->build_pack === 'static') { - $this->ports_exposes = 80; - $this->application->ports_exposes = 80; + if ($this->buildPack === 'static') { + $this->portsExposes = '80'; + $this->application->ports_exposes = '80'; $this->resetDefaultLabels(false); $this->generateNginxConfiguration(); } @@ -586,10 +640,10 @@ public function getWildcardDomain() if ($server) { $fqdn = generateUrl(server: $server, random: $this->application->uuid); $this->fqdn = $fqdn; - $this->syncToModel(); + $this->syncData(toModel: true); $this->application->save(); $this->application->refresh(); - $this->syncFromModel(); + $this->syncData(); $this->resetDefaultLabels(); $this->dispatch('success', 'Wildcard domain generated.'); } @@ -603,11 +657,11 @@ public function generateNginxConfiguration($type = 'static') try { $this->authorize('update', $this->application); - $this->custom_nginx_configuration = defaultNginxConfiguration($type); - $this->syncToModel(); + $this->customNginxConfiguration = defaultNginxConfiguration($type); + $this->syncData(toModel: true); $this->application->save(); $this->application->refresh(); - $this->syncFromModel(); + $this->syncData(); $this->dispatch('success', 'Nginx configuration generated.'); } catch (\Throwable $e) { return handleError($e, $this); @@ -617,16 +671,15 @@ public function generateNginxConfiguration($type = 'static') public function resetDefaultLabels($manualReset = false) { try { - if (! $this->is_container_label_readonly_enabled && ! $manualReset) { + if (! $this->isContainerLabelReadonlyEnabled && ! $manualReset) { return; } $this->customLabels = str(implode('|coolify|', generateLabelsApplication($this->application)))->replace('|coolify|', "\n"); - $this->custom_labels = base64_encode($this->customLabels); - $this->syncToModel(); + $this->application->custom_labels = base64_encode($this->customLabels); $this->application->save(); $this->application->refresh(); - $this->syncFromModel(); - if ($this->build_pack === 'dockercompose') { + $this->syncData(); + if ($this->buildPack === 'dockercompose') { $this->loadComposeFile(showToast: false); } $this->dispatch('configurationChanged'); @@ -722,7 +775,7 @@ public function submit($showToaster = true) $this->dispatch('warning', __('warning.sslipdomain')); } - $this->syncToModel(); + $this->syncData(toModel: true); if ($this->application->isDirty('redirect')) { $this->setRedirect(); @@ -742,42 +795,42 @@ public function submit($showToaster = true) $this->application->save(); } - if ($this->build_pack === 'dockercompose' && $oldDockerComposeLocation !== $this->docker_compose_location) { + if ($this->buildPack === 'dockercompose' && $oldDockerComposeLocation !== $this->dockerComposeLocation) { $compose_return = $this->loadComposeFile(showToast: false); if ($compose_return instanceof \Livewire\Features\SupportEvents\Event) { return; } } - if ($oldPortsExposes !== $this->ports_exposes || $oldIsContainerLabelEscapeEnabled !== $this->is_container_label_escape_enabled) { + if ($oldPortsExposes !== $this->portsExposes || $oldIsContainerLabelEscapeEnabled !== $this->isContainerLabelEscapeEnabled) { $this->resetDefaultLabels(); } - if ($this->build_pack === 'dockerimage') { + if ($this->buildPack === 'dockerimage') { $this->validate([ - 'docker_registry_image_name' => 'required', + 'dockerRegistryImageName' => 'required', ]); } - if ($this->custom_docker_run_options) { - $this->custom_docker_run_options = str($this->custom_docker_run_options)->trim()->toString(); - $this->application->custom_docker_run_options = $this->custom_docker_run_options; + if ($this->customDockerRunOptions) { + $this->customDockerRunOptions = str($this->customDockerRunOptions)->trim()->toString(); + $this->application->custom_docker_run_options = $this->customDockerRunOptions; } if ($this->dockerfile) { $port = get_port_from_dockerfile($this->dockerfile); - if ($port && ! $this->ports_exposes) { - $this->ports_exposes = $port; + if ($port && ! $this->portsExposes) { + $this->portsExposes = $port; $this->application->ports_exposes = $port; } } - if ($this->base_directory && $this->base_directory !== '/') { - $this->base_directory = rtrim($this->base_directory, '/'); - $this->application->base_directory = $this->base_directory; + if ($this->baseDirectory && $this->baseDirectory !== '/') { + $this->baseDirectory = rtrim($this->baseDirectory, '/'); + $this->application->base_directory = $this->baseDirectory; } - if ($this->publish_directory && $this->publish_directory !== '/') { - $this->publish_directory = rtrim($this->publish_directory, '/'); - $this->application->publish_directory = $this->publish_directory; + if ($this->publishDirectory && $this->publishDirectory !== '/') { + $this->publishDirectory = rtrim($this->publishDirectory, '/'); + $this->application->publish_directory = $this->publishDirectory; } - if ($this->build_pack === 'dockercompose') { + if ($this->buildPack === 'dockercompose') { $this->application->docker_compose_domains = json_encode($this->parsedServiceDomains); if ($this->application->isDirty('docker_compose_domains')) { foreach ($this->parsedServiceDomains as $service) { @@ -809,11 +862,11 @@ public function submit($showToaster = true) $this->application->custom_labels = base64_encode($this->customLabels); $this->application->save(); $this->application->refresh(); - $this->syncFromModel(); + $this->syncData(); $showToaster && ! $warning && $this->dispatch('success', 'Application settings updated!'); } catch (\Throwable $e) { $this->application->refresh(); - $this->syncFromModel(); + $this->syncData(); return handleError($e, $this); } finally { diff --git a/app/Models/ApplicationSetting.php b/app/Models/ApplicationSetting.php index 4b03c69e1..26cb937b3 100644 --- a/app/Models/ApplicationSetting.php +++ b/app/Models/ApplicationSetting.php @@ -7,8 +7,14 @@ class ApplicationSetting extends Model { - protected $cast = [ + protected $casts = [ 'is_static' => 'boolean', + 'is_spa' => 'boolean', + 'is_build_server_enabled' => 'boolean', + 'is_preserve_repository_enabled' => 'boolean', + 'is_container_label_escape_enabled' => 'boolean', + 'is_container_label_readonly_enabled' => 'boolean', + 'use_build_secrets' => 'boolean', 'is_auto_deploy_enabled' => 'boolean', 'is_force_https_enabled' => 'boolean', 'is_debug_enabled' => 'boolean', diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index 7759e0604..2484005ef 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -23,7 +23,7 @@ @if (!$application->dockerfile && $application->build_pack !== 'dockerimage')
- @@ -31,7 +31,7 @@ @if ($application->settings->is_static || $application->build_pack === 'static') - @@ -66,7 +66,7 @@
@endif @if ($application->settings->is_static || $application->build_pack === 'static') - @can('update', $application) @@ -77,13 +77,13 @@ @endif
@if ($application->could_set_build_commands()) - @endif @if ($application->settings->is_static && $application->build_pack !== 'static') @endif
@@ -164,15 +164,15 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
@if ($application->build_pack === 'dockerimage') @if ($application->destination->server->isSwarm()) - - @else - - @endif @@ -181,18 +181,18 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" $application->destination->server->isSwarm() || $application->additional_servers->count() > 0 || $application->settings->is_build_server_enabled) - - @else - - @@ -206,20 +206,20 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" @else @if ($application->could_set_build_commands()) @if ($application->build_pack === 'nixpacks')
Nixpacks will detect the required configuration @@ -239,16 +239,16 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" @endcan
@@ -261,12 +261,12 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
@@ -274,36 +274,36 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
@endif
@else
- @if ($application->build_pack === 'dockerfile' && !$application->dockerfile) - @endif @if ($application->build_pack === 'dockerfile') - @endif @if ($application->could_set_build_commands()) @if ($application->settings->is_static) - @else - @endif @endif @@ -313,21 +313,21 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
@endif @if ($application->build_pack !== 'dockercompose')
@endif @@ -344,18 +344,18 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" @endcan
@if ($application->settings->is_raw_compose_deployment_enabled) - @else @if ((int) $application->compose_parsing_version >= 3) - @endif - @@ -363,11 +363,11 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
{{-- --}} + id="isContainerLabelReadonlyEnabled" instantSave> --}}
@endif @if ($application->dockerfile) @@ -378,30 +378,30 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"

Network

@if ($application->settings->is_static || $application->build_pack === 'static') - @else @if ($application->settings->is_container_label_readonly_enabled === false) - @else - @endif @endif @if (!$application->destination->server->isSwarm()) - @endif @if (!$application->destination->server->isSwarm()) - + wire:model="customNetworkAliases" x-bind:disabled="!canUpdate" /> @endif
@@ -409,14 +409,14 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
@if ($application->is_http_basic_auth_enabled)
- -
@endif @@ -432,11 +432,11 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
@can('update', $application) @@ -455,21 +455,21 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"

Pre/Post Deployment Commands

@if ($application->build_pack === 'dockercompose') - @endif
@if ($application->build_pack === 'dockercompose') @endif
diff --git a/tests/Unit/ApplicationSettingStaticCastTest.php b/tests/Unit/ApplicationSettingStaticCastTest.php new file mode 100644 index 000000000..35ab7faaf --- /dev/null +++ b/tests/Unit/ApplicationSettingStaticCastTest.php @@ -0,0 +1,105 @@ +is_static = true; + + // Verify it's cast to boolean + expect($setting->is_static)->toBeTrue() + ->and($setting->is_static)->toBeBool(); +}); + +it('casts is_static to boolean when false', function () { + $setting = new ApplicationSetting; + $setting->is_static = false; + + // Verify it's cast to boolean + expect($setting->is_static)->toBeFalse() + ->and($setting->is_static)->toBeBool(); +}); + +it('casts is_static from string "1" to boolean true', function () { + $setting = new ApplicationSetting; + $setting->is_static = '1'; + + // Should cast string to boolean + expect($setting->is_static)->toBeTrue() + ->and($setting->is_static)->toBeBool(); +}); + +it('casts is_static from string "0" to boolean false', function () { + $setting = new ApplicationSetting; + $setting->is_static = '0'; + + // Should cast string to boolean + expect($setting->is_static)->toBeFalse() + ->and($setting->is_static)->toBeBool(); +}); + +it('casts is_static from integer 1 to boolean true', function () { + $setting = new ApplicationSetting; + $setting->is_static = 1; + + // Should cast integer to boolean + expect($setting->is_static)->toBeTrue() + ->and($setting->is_static)->toBeBool(); +}); + +it('casts is_static from integer 0 to boolean false', function () { + $setting = new ApplicationSetting; + $setting->is_static = 0; + + // Should cast integer to boolean + expect($setting->is_static)->toBeFalse() + ->and($setting->is_static)->toBeBool(); +}); + +it('has casts array property defined correctly', function () { + $setting = new ApplicationSetting; + + // Verify the casts property exists and is configured + $casts = $setting->getCasts(); + + expect($casts)->toHaveKey('is_static') + ->and($casts['is_static'])->toBe('boolean'); +}); + +it('casts all boolean fields correctly', function () { + $setting = new ApplicationSetting; + + // Get all casts + $casts = $setting->getCasts(); + + // Verify all expected boolean fields are cast + $expectedBooleanCasts = [ + 'is_static', + 'is_spa', + 'is_build_server_enabled', + 'is_preserve_repository_enabled', + 'is_container_label_escape_enabled', + 'is_container_label_readonly_enabled', + 'use_build_secrets', + 'is_auto_deploy_enabled', + 'is_force_https_enabled', + 'is_debug_enabled', + 'is_preview_deployments_enabled', + 'is_pr_deployments_public_enabled', + 'is_git_submodules_enabled', + 'is_git_lfs_enabled', + 'is_git_shallow_clone_enabled', + ]; + + foreach ($expectedBooleanCasts as $field) { + expect($casts)->toHaveKey($field) + ->and($casts[$field])->toBe('boolean'); + } +}); diff --git a/tests/Unit/SynchronizesModelDataTest.php b/tests/Unit/SynchronizesModelDataTest.php new file mode 100644 index 000000000..4551fb056 --- /dev/null +++ b/tests/Unit/SynchronizesModelDataTest.php @@ -0,0 +1,163 @@ + 'application.settings.is_static', + ]; + } + + // Expose protected method for testing + public function testSync(): void + { + $this->syncToModel(); + } + }; + + // Create real ApplicationSetting instance + $settings = new ApplicationSetting; + $settings->is_static = false; + + // Create Application instance + $application = new Application; + $application->setRelation('settings', $settings); + + $component->application = $application; + $component->is_static = true; + + // Sync to model + $component->testSync(); + + // Verify the value was set on the model + expect($component->application->settings->is_static)->toBeTrue(); +}); + +it('syncs boolean values correctly', function () { + $component = new class + { + use SynchronizesModelData; + + public bool $is_spa = true; + + public bool $is_build_server_enabled = false; + + public Application $application; + + protected function getModelBindings(): array + { + return [ + 'is_spa' => 'application.settings.is_spa', + 'is_build_server_enabled' => 'application.settings.is_build_server_enabled', + ]; + } + + public function testSync(): void + { + $this->syncToModel(); + } + }; + + $settings = new ApplicationSetting; + $settings->is_spa = false; + $settings->is_build_server_enabled = true; + + $application = new Application; + $application->setRelation('settings', $settings); + + $component->application = $application; + + $component->testSync(); + + expect($component->application->settings->is_spa)->toBeTrue() + ->and($component->application->settings->is_build_server_enabled)->toBeFalse(); +}); + +it('syncs from model to component correctly', function () { + $component = new class + { + use SynchronizesModelData; + + public bool $is_static = false; + + public bool $is_spa = false; + + public Application $application; + + protected function getModelBindings(): array + { + return [ + 'is_static' => 'application.settings.is_static', + 'is_spa' => 'application.settings.is_spa', + ]; + } + + public function testSyncFrom(): void + { + $this->syncFromModel(); + } + }; + + $settings = new ApplicationSetting; + $settings->is_static = true; + $settings->is_spa = true; + + $application = new Application; + $application->setRelation('settings', $settings); + + $component->application = $application; + + $component->testSyncFrom(); + + expect($component->is_static)->toBeTrue() + ->and($component->is_spa)->toBeTrue(); +}); + +it('handles properties that do not exist gracefully', function () { + $component = new class + { + use SynchronizesModelData; + + public Application $application; + + protected function getModelBindings(): array + { + return [ + 'non_existent_property' => 'application.name', + ]; + } + + public function testSync(): void + { + $this->syncToModel(); + } + }; + + $application = new Application; + $component->application = $application; + + // Should not throw an error + $component->testSync(); + + expect(true)->toBeTrue(); +}); From 3d9c4954c141caf14c5223fad019c165fb99156a Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 08:51:05 +0100 Subject: [PATCH 07/53] feat: Enhance General component with additional properties and validation rules --- app/Livewire/Project/Application/General.php | 45 ++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php index 03db8b1c8..7e606459b 100644 --- a/app/Livewire/Project/Application/General.php +++ b/app/Livewire/Project/Application/General.php @@ -7,6 +7,7 @@ use App\Support\ValidationPatterns; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Illuminate\Support\Collection; +use Livewire\Attributes\Validate; use Livewire\Component; use Spatie\Url\Url; use Visus\Cuid2\Cuid2; @@ -21,92 +22,136 @@ class General extends Component public Collection $services; + #[Validate('required|regex:/^[a-zA-Z0-9\s\-_.\/:()]+$/')] public string $name; + #[Validate(['string', 'nullable'])] public ?string $description = null; + #[Validate(['nullable'])] public ?string $fqdn = null; + #[Validate(['required'])] public string $gitRepository; + #[Validate(['required'])] public string $gitBranch; + #[Validate(['string', 'nullable'])] public ?string $gitCommitSha = null; + #[Validate(['string', 'nullable'])] public ?string $installCommand = null; + #[Validate(['string', 'nullable'])] public ?string $buildCommand = null; + #[Validate(['string', 'nullable'])] public ?string $startCommand = null; + #[Validate(['required'])] public string $buildPack; + #[Validate(['required'])] public string $staticImage; + #[Validate(['required'])] public string $baseDirectory; + #[Validate(['string', 'nullable'])] public ?string $publishDirectory = null; + #[Validate(['string', 'nullable'])] public ?string $portsExposes = null; + #[Validate(['string', 'nullable'])] public ?string $portsMappings = null; + #[Validate(['string', 'nullable'])] public ?string $customNetworkAliases = null; + #[Validate(['string', 'nullable'])] public ?string $dockerfile = null; + #[Validate(['string', 'nullable'])] public ?string $dockerfileLocation = null; + #[Validate(['string', 'nullable'])] public ?string $dockerfileTargetBuild = null; + #[Validate(['string', 'nullable'])] public ?string $dockerRegistryImageName = null; + #[Validate(['string', 'nullable'])] public ?string $dockerRegistryImageTag = null; + #[Validate(['string', 'nullable'])] public ?string $dockerComposeLocation = null; + #[Validate(['string', 'nullable'])] public ?string $dockerCompose = null; + #[Validate(['string', 'nullable'])] public ?string $dockerComposeRaw = null; + #[Validate(['string', 'nullable'])] public ?string $dockerComposeCustomStartCommand = null; + #[Validate(['string', 'nullable'])] public ?string $dockerComposeCustomBuildCommand = null; + #[Validate(['string', 'nullable'])] public ?string $customDockerRunOptions = null; + #[Validate(['string', 'nullable'])] public ?string $preDeploymentCommand = null; + #[Validate(['string', 'nullable'])] public ?string $preDeploymentCommandContainer = null; + #[Validate(['string', 'nullable'])] public ?string $postDeploymentCommand = null; + #[Validate(['string', 'nullable'])] public ?string $postDeploymentCommandContainer = null; + #[Validate(['string', 'nullable'])] public ?string $customNginxConfiguration = null; + #[Validate(['boolean', 'required'])] public bool $isStatic = false; + #[Validate(['boolean', 'required'])] public bool $isSpa = false; + #[Validate(['boolean', 'required'])] public bool $isBuildServerEnabled = false; + #[Validate(['boolean', 'required'])] public bool $isPreserveRepositoryEnabled = false; + #[Validate(['boolean', 'required'])] public bool $isContainerLabelEscapeEnabled = true; + #[Validate(['boolean', 'required'])] public bool $isContainerLabelReadonlyEnabled = false; + #[Validate(['boolean', 'required'])] public bool $isHttpBasicAuthEnabled = false; + #[Validate(['string', 'nullable'])] public ?string $httpBasicAuthUsername = null; + #[Validate(['string', 'nullable'])] public ?string $httpBasicAuthPassword = null; + #[Validate(['nullable'])] public ?string $watchPaths = null; + #[Validate(['string', 'required'])] public string $redirect; + #[Validate(['nullable'])] public $customLabels; public bool $labelsChanged = false; From faa62dec57129b9c0df2afa192eadea9f9ae22ef Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 09:18:05 +0100 Subject: [PATCH 08/53] refactor: Remove SynchronizesModelData trait and implement syncData method for model synchronization --- .cursor/rules/frontend-patterns.mdc | 351 +++++++++++++++++- .../Concerns/SynchronizesModelData.php | 35 -- app/Livewire/Project/Service/EditDomain.php | 35 +- app/Livewire/Project/Service/FileStorage.php | 35 +- .../Service/ServiceApplicationView.php | 75 +++- app/Livewire/Project/Shared/HealthChecks.php | 121 ++++-- tests/Unit/SynchronizesModelDataTest.php | 163 -------- 7 files changed, 548 insertions(+), 267 deletions(-) delete mode 100644 app/Livewire/Concerns/SynchronizesModelData.php delete mode 100644 tests/Unit/SynchronizesModelDataTest.php diff --git a/.cursor/rules/frontend-patterns.mdc b/.cursor/rules/frontend-patterns.mdc index 663490d3b..4730160b2 100644 --- a/.cursor/rules/frontend-patterns.mdc +++ b/.cursor/rules/frontend-patterns.mdc @@ -267,18 +267,365 @@ For complete documentation, see **[form-components.mdc](mdc:.cursor/rules/form-c ## Form Handling Patterns +### Livewire Component Data Synchronization Pattern + +**IMPORTANT**: All Livewire components must use the **manual `syncData()` pattern** for synchronizing component properties with Eloquent models. + +#### Property Naming Convention +- **Component properties**: Use camelCase (e.g., `$gitRepository`, `$isStatic`) +- **Database columns**: Use snake_case (e.g., `git_repository`, `is_static`) +- **View bindings**: Use camelCase matching component properties (e.g., `id="gitRepository"`) + +#### The syncData() Method Pattern + +```php +use Livewire\Attributes\Validate; +use Illuminate\Foundation\Auth\Access\AuthorizesRequests; + +class MyComponent extends Component +{ + use AuthorizesRequests; + + public Application $application; + + // Properties with validation attributes + #[Validate(['required'])] + public string $name; + + #[Validate(['string', 'nullable'])] + public ?string $description = null; + + #[Validate(['boolean', 'required'])] + public bool $isStatic = false; + + public function mount() + { + $this->authorize('view', $this->application); + $this->syncData(); // Load from model + } + + public function syncData(bool $toModel = false): void + { + if ($toModel) { + $this->validate(); + + // Sync TO model (camelCase → snake_case) + $this->application->name = $this->name; + $this->application->description = $this->description; + $this->application->is_static = $this->isStatic; + + $this->application->save(); + } else { + // Sync FROM model (snake_case → camelCase) + $this->name = $this->application->name; + $this->description = $this->application->description; + $this->isStatic = $this->application->is_static; + } + } + + public function submit() + { + $this->authorize('update', $this->application); + $this->syncData(toModel: true); // Save to model + $this->dispatch('success', 'Saved successfully.'); + } +} +``` + +#### Validation with #[Validate] Attributes + +All component properties should have `#[Validate]` attributes: + +```php +// Boolean properties +#[Validate(['boolean'])] +public bool $isEnabled = false; + +// Required strings +#[Validate(['string', 'required'])] +public string $name; + +// Nullable strings +#[Validate(['string', 'nullable'])] +public ?string $description = null; + +// With constraints +#[Validate(['integer', 'min:1'])] +public int $timeout; +``` + +#### Benefits of syncData() Pattern + +- **Explicit Control**: Clear visibility of what's being synchronized +- **Type Safety**: #[Validate] attributes provide compile-time validation info +- **Easy Debugging**: Single method to check for data flow issues +- **Maintainability**: All sync logic in one place +- **Flexibility**: Can add custom logic (encoding, transformations, etc.) + +#### Creating New Form Components with syncData() + +#### Step-by-Step Component Creation Guide + +**Step 1: Define properties in camelCase with #[Validate] attributes** +```php +use Livewire\Attributes\Validate; +use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Livewire\Component; + +class MyFormComponent extends Component +{ + use AuthorizesRequests; + + // The model we're syncing with + public Application $application; + + // Component properties in camelCase with validation + #[Validate(['string', 'required'])] + public string $name; + + #[Validate(['string', 'nullable'])] + public ?string $gitRepository = null; + + #[Validate(['string', 'nullable'])] + public ?string $installCommand = null; + + #[Validate(['boolean'])] + public bool $isStatic = false; +} +``` + +**Step 2: Implement syncData() method** +```php +public function syncData(bool $toModel = false): void +{ + if ($toModel) { + $this->validate(); + + // Sync TO model (component camelCase → database snake_case) + $this->application->name = $this->name; + $this->application->git_repository = $this->gitRepository; + $this->application->install_command = $this->installCommand; + $this->application->is_static = $this->isStatic; + + $this->application->save(); + } else { + // Sync FROM model (database snake_case → component camelCase) + $this->name = $this->application->name; + $this->gitRepository = $this->application->git_repository; + $this->installCommand = $this->application->install_command; + $this->isStatic = $this->application->is_static; + } +} +``` + +**Step 3: Implement mount() to load initial data** +```php +public function mount() +{ + $this->authorize('view', $this->application); + $this->syncData(); // Load data from model to component properties +} +``` + +**Step 4: Implement action methods with authorization** +```php +public function instantSave() +{ + try { + $this->authorize('update', $this->application); + $this->syncData(toModel: true); // Save component properties to model + $this->dispatch('success', 'Settings saved.'); + } catch (\Throwable $e) { + return handleError($e, $this); + } +} + +public function submit() +{ + try { + $this->authorize('update', $this->application); + $this->syncData(toModel: true); // Save component properties to model + $this->dispatch('success', 'Changes saved successfully.'); + } catch (\Throwable $e) { + return handleError($e, $this); + } +} +``` + +**Step 5: Create Blade view with camelCase bindings** +```blade +
+
+ + + + + + + + + + Save Changes + + +
+``` + +**Key Points**: +- Use `wire:model="camelCase"` and `id="camelCase"` in Blade views +- Component properties are camelCase, database columns are snake_case +- Always include authorization checks (`authorize()`, `canGate`, `canResource`) +- Use `instantSave` for checkboxes that save immediately without form submission + +#### Special Patterns + +**Pattern 1: Related Models (e.g., Application → Settings)** +```php +public function syncData(bool $toModel = false): void +{ + if ($toModel) { + $this->validate(); + + // Sync main model + $this->application->name = $this->name; + $this->application->save(); + + // Sync related model + $this->application->settings->is_static = $this->isStatic; + $this->application->settings->save(); + } else { + // From main model + $this->name = $this->application->name; + + // From related model + $this->isStatic = $this->application->settings->is_static; + } +} +``` + +**Pattern 2: Custom Encoding/Decoding** +```php +public function syncData(bool $toModel = false): void +{ + if ($toModel) { + $this->validate(); + + // Encode before saving + $this->application->custom_labels = base64_encode($this->customLabels); + $this->application->save(); + } else { + // Decode when loading + $this->customLabels = $this->application->parseContainerLabels(); + } +} +``` + +**Pattern 3: Error Rollback** +```php +public function submit() +{ + $this->authorize('update', $this->resource); + $original = $this->model->getOriginal(); + + try { + $this->syncData(toModel: true); + $this->dispatch('success', 'Saved successfully.'); + } catch (\Throwable $e) { + // Rollback on error + $this->model->setRawAttributes($original); + $this->model->save(); + $this->syncData(); // Reload from model + return handleError($e, $this); + } +} +``` + +#### Property Type Patterns + +**Required Strings** +```php +#[Validate(['string', 'required'])] +public string $name; // No ?, no default, always has value +``` + +**Nullable Strings** +```php +#[Validate(['string', 'nullable'])] +public ?string $description = null; // ?, = null, can be empty +``` + +**Booleans** +```php +#[Validate(['boolean'])] +public bool $isEnabled = false; // Always has default value +``` + +**Integers with Constraints** +```php +#[Validate(['integer', 'min:1'])] +public int $timeout; // Required + +#[Validate(['integer', 'min:1', 'nullable'])] +public ?int $port = null; // Nullable +``` + +#### Testing Checklist + +After creating a new component with syncData(), verify: + +- [ ] All checkboxes save correctly (especially `instantSave` ones) +- [ ] All form inputs persist to database +- [ ] Custom encoded fields (like labels) display correctly if applicable +- [ ] Form validation works for all fields +- [ ] No console errors in browser +- [ ] Authorization checks work (`@can` directives and `authorize()` calls) +- [ ] Error rollback works if exceptions occur +- [ ] Related models save correctly if applicable (e.g., Application + ApplicationSetting) + +#### Common Pitfalls to Avoid + +1. **snake_case in component properties**: Always use camelCase for component properties (e.g., `$gitRepository` not `$git_repository`) +2. **Missing #[Validate] attributes**: Every property should have validation attributes for type safety +3. **Forgetting to call syncData()**: Must call `syncData()` in `mount()` to load initial data +4. **Missing authorization**: Always use `authorize()` in methods and `canGate`/`canResource` in views +5. **View binding mismatch**: Use camelCase in Blade (e.g., `id="gitRepository"` not `id="git_repository"`) +6. **wire:model vs wire:model.live**: Use `.live` for `instantSave` checkboxes to avoid timing issues +7. **Validation sync**: If using `rules()` method, keep it in sync with `#[Validate]` attributes +8. **Related models**: Don't forget to save both main and related models in syncData() method + ### Livewire Forms ```php class ServerCreateForm extends Component { public $name; public $ip; - + protected $rules = [ 'name' => 'required|min:3', 'ip' => 'required|ip', ]; - + public function save() { $this->validate(); diff --git a/app/Livewire/Concerns/SynchronizesModelData.php b/app/Livewire/Concerns/SynchronizesModelData.php deleted file mode 100644 index f8218c715..000000000 --- a/app/Livewire/Concerns/SynchronizesModelData.php +++ /dev/null @@ -1,35 +0,0 @@ - Array mapping property names to model keys (e.g., ['content' => 'fileStorage.content']) - */ - abstract protected function getModelBindings(): array; - - /** - * Synchronize component properties TO the model. - * Copies values from component properties to the model. - */ - protected function syncToModel(): void - { - foreach ($this->getModelBindings() as $property => $modelKey) { - data_set($this, $modelKey, $this->{$property}); - } - } - - /** - * Synchronize component properties FROM the model. - * Copies values from the model to component properties. - */ - protected function syncFromModel(): void - { - foreach ($this->getModelBindings() as $property => $modelKey) { - $this->{$property} = data_get($this, $modelKey); - } - } -} diff --git a/app/Livewire/Project/Service/EditDomain.php b/app/Livewire/Project/Service/EditDomain.php index f759dd71e..371c860ca 100644 --- a/app/Livewire/Project/Service/EditDomain.php +++ b/app/Livewire/Project/Service/EditDomain.php @@ -2,14 +2,16 @@ namespace App\Livewire\Project\Service; -use App\Livewire\Concerns\SynchronizesModelData; use App\Models\ServiceApplication; +use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Livewire\Attributes\Validate; use Livewire\Component; use Spatie\Url\Url; class EditDomain extends Component { - use SynchronizesModelData; + use AuthorizesRequests; + public $applicationId; public ServiceApplication $application; @@ -20,6 +22,7 @@ class EditDomain extends Component public $forceSaveDomains = false; + #[Validate(['nullable'])] public ?string $fqdn = null; protected $rules = [ @@ -28,16 +31,24 @@ class EditDomain extends Component public function mount() { - $this->application = ServiceApplication::query()->findOrFail($this->applicationId); + $this->application = ServiceApplication::ownedByCurrentTeam()->findOrFail($this->applicationId); $this->authorize('view', $this->application); - $this->syncFromModel(); + $this->syncData(); } - protected function getModelBindings(): array + public function syncData(bool $toModel = false): void { - return [ - 'fqdn' => 'application.fqdn', - ]; + if ($toModel) { + $this->validate(); + + // Sync to model + $this->application->fqdn = $this->fqdn; + + $this->application->save(); + } else { + // Sync from model + $this->fqdn = $this->application->fqdn; + } } public function confirmDomainUsage() @@ -64,8 +75,8 @@ public function submit() if ($warning) { $this->dispatch('warning', __('warning.sslipdomain')); } - // Sync to model for domain conflict check - $this->syncToModel(); + // Sync to model for domain conflict check (without validation) + $this->application->fqdn = $this->fqdn; // Check for domain conflicts if not forcing save if (! $this->forceSaveDomains) { $result = checkDomainUsage(resource: $this->application); @@ -83,7 +94,7 @@ public function submit() $this->validate(); $this->application->save(); $this->application->refresh(); - $this->syncFromModel(); + $this->syncData(); updateCompose($this->application); if (str($this->application->fqdn)->contains(',')) { $this->dispatch('warning', 'Some services do not support multiple domains, which can lead to problems and is NOT RECOMMENDED.

Only use multiple domains if you know what you are doing.'); @@ -96,7 +107,7 @@ public function submit() $originalFqdn = $this->application->getOriginal('fqdn'); if ($originalFqdn !== $this->application->fqdn) { $this->application->fqdn = $originalFqdn; - $this->syncFromModel(); + $this->syncData(); } return handleError($e, $this); diff --git a/app/Livewire/Project/Service/FileStorage.php b/app/Livewire/Project/Service/FileStorage.php index 40539b13e..2ce4374a0 100644 --- a/app/Livewire/Project/Service/FileStorage.php +++ b/app/Livewire/Project/Service/FileStorage.php @@ -2,7 +2,6 @@ namespace App\Livewire\Project\Service; -use App\Livewire\Concerns\SynchronizesModelData; use App\Models\Application; use App\Models\InstanceSettings; use App\Models\LocalFileVolume; @@ -19,11 +18,12 @@ use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Hash; +use Livewire\Attributes\Validate; use Livewire\Component; class FileStorage extends Component { - use AuthorizesRequests, SynchronizesModelData; + use AuthorizesRequests; public LocalFileVolume $fileStorage; @@ -37,8 +37,10 @@ class FileStorage extends Component public bool $isReadOnly = false; + #[Validate(['nullable'])] public ?string $content = null; + #[Validate(['required', 'boolean'])] public bool $isBasedOnGit = false; protected $rules = [ @@ -61,15 +63,24 @@ public function mount() } $this->isReadOnly = $this->fileStorage->isReadOnlyVolume(); - $this->syncFromModel(); + $this->syncData(); } - protected function getModelBindings(): array + public function syncData(bool $toModel = false): void { - return [ - 'content' => 'fileStorage.content', - 'isBasedOnGit' => 'fileStorage.is_based_on_git', - ]; + if ($toModel) { + $this->validate(); + + // Sync to model + $this->fileStorage->content = $this->content; + $this->fileStorage->is_based_on_git = $this->isBasedOnGit; + + $this->fileStorage->save(); + } else { + // Sync from model + $this->content = $this->fileStorage->content; + $this->isBasedOnGit = $this->fileStorage->is_based_on_git; + } } public function convertToDirectory() @@ -96,7 +107,7 @@ public function loadStorageOnServer() $this->authorize('update', $this->resource); $this->fileStorage->loadStorageOnServer(); - $this->syncFromModel(); + $this->syncData(); $this->dispatch('success', 'File storage loaded from server.'); } catch (\Throwable $e) { return handleError($e, $this); @@ -165,14 +176,16 @@ public function submit() if ($this->fileStorage->is_directory) { $this->content = null; } - $this->syncToModel(); + // Sync component properties to model + $this->fileStorage->content = $this->content; + $this->fileStorage->is_based_on_git = $this->isBasedOnGit; $this->fileStorage->save(); $this->fileStorage->saveStorageOnServer(); $this->dispatch('success', 'File updated.'); } catch (\Throwable $e) { $this->fileStorage->setRawAttributes($original); $this->fileStorage->save(); - $this->syncFromModel(); + $this->syncData(); return handleError($e, $this); } diff --git a/app/Livewire/Project/Service/ServiceApplicationView.php b/app/Livewire/Project/Service/ServiceApplicationView.php index 20358218f..2a661c4cf 100644 --- a/app/Livewire/Project/Service/ServiceApplicationView.php +++ b/app/Livewire/Project/Service/ServiceApplicationView.php @@ -2,20 +2,19 @@ namespace App\Livewire\Project\Service; -use App\Livewire\Concerns\SynchronizesModelData; use App\Models\InstanceSettings; use App\Models\ServiceApplication; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Hash; +use Livewire\Attributes\Validate; use Livewire\Component; use Spatie\Url\Url; class ServiceApplicationView extends Component { use AuthorizesRequests; - use SynchronizesModelData; public ServiceApplication $application; @@ -31,20 +30,28 @@ class ServiceApplicationView extends Component public $forceSaveDomains = false; + #[Validate(['nullable'])] public ?string $humanName = null; + #[Validate(['nullable'])] public ?string $description = null; + #[Validate(['nullable'])] public ?string $fqdn = null; + #[Validate(['string', 'nullable'])] public ?string $image = null; + #[Validate(['required', 'boolean'])] public bool $excludeFromStatus = false; + #[Validate(['nullable', 'boolean'])] public bool $isLogDrainEnabled = false; + #[Validate(['nullable', 'boolean'])] public bool $isGzipEnabled = false; + #[Validate(['nullable', 'boolean'])] public bool $isStripprefixEnabled = false; protected $rules = [ @@ -79,7 +86,15 @@ public function instantSaveAdvanced() return; } - $this->syncToModel(); + // Sync component properties to model + $this->application->human_name = $this->humanName; + $this->application->description = $this->description; + $this->application->fqdn = $this->fqdn; + $this->application->image = $this->image; + $this->application->exclude_from_status = $this->excludeFromStatus; + $this->application->is_log_drain_enabled = $this->isLogDrainEnabled; + $this->application->is_gzip_enabled = $this->isGzipEnabled; + $this->application->is_stripprefix_enabled = $this->isStripprefixEnabled; $this->application->save(); $this->dispatch('success', 'You need to restart the service for the changes to take effect.'); } catch (\Throwable $e) { @@ -114,24 +129,39 @@ public function mount() try { $this->parameters = get_route_parameters(); $this->authorize('view', $this->application); - $this->syncFromModel(); + $this->syncData(); } catch (\Throwable $e) { return handleError($e, $this); } } - protected function getModelBindings(): array + public function syncData(bool $toModel = false): void { - return [ - 'humanName' => 'application.human_name', - 'description' => 'application.description', - 'fqdn' => 'application.fqdn', - 'image' => 'application.image', - 'excludeFromStatus' => 'application.exclude_from_status', - 'isLogDrainEnabled' => 'application.is_log_drain_enabled', - 'isGzipEnabled' => 'application.is_gzip_enabled', - 'isStripprefixEnabled' => 'application.is_stripprefix_enabled', - ]; + if ($toModel) { + $this->validate(); + + // Sync to model + $this->application->human_name = $this->humanName; + $this->application->description = $this->description; + $this->application->fqdn = $this->fqdn; + $this->application->image = $this->image; + $this->application->exclude_from_status = $this->excludeFromStatus; + $this->application->is_log_drain_enabled = $this->isLogDrainEnabled; + $this->application->is_gzip_enabled = $this->isGzipEnabled; + $this->application->is_stripprefix_enabled = $this->isStripprefixEnabled; + + $this->application->save(); + } else { + // Sync from model + $this->humanName = $this->application->human_name; + $this->description = $this->application->description; + $this->fqdn = $this->application->fqdn; + $this->image = $this->application->image; + $this->excludeFromStatus = $this->application->exclude_from_status; + $this->isLogDrainEnabled = $this->application->is_log_drain_enabled; + $this->isGzipEnabled = $this->application->is_gzip_enabled; + $this->isStripprefixEnabled = $this->application->is_stripprefix_enabled; + } } public function convertToDatabase() @@ -193,8 +223,15 @@ public function submit() if ($warning) { $this->dispatch('warning', __('warning.sslipdomain')); } - // Sync to model for domain conflict check - $this->syncToModel(); + // Sync to model for domain conflict check (without validation) + $this->application->human_name = $this->humanName; + $this->application->description = $this->description; + $this->application->fqdn = $this->fqdn; + $this->application->image = $this->image; + $this->application->exclude_from_status = $this->excludeFromStatus; + $this->application->is_log_drain_enabled = $this->isLogDrainEnabled; + $this->application->is_gzip_enabled = $this->isGzipEnabled; + $this->application->is_stripprefix_enabled = $this->isStripprefixEnabled; // Check for domain conflicts if not forcing save if (! $this->forceSaveDomains) { $result = checkDomainUsage(resource: $this->application); @@ -212,7 +249,7 @@ public function submit() $this->validate(); $this->application->save(); $this->application->refresh(); - $this->syncFromModel(); + $this->syncData(); updateCompose($this->application); if (str($this->application->fqdn)->contains(',')) { $this->dispatch('warning', 'Some services do not support multiple domains, which can lead to problems and is NOT RECOMMENDED.

Only use multiple domains if you know what you are doing.'); @@ -224,7 +261,7 @@ public function submit() $originalFqdn = $this->application->getOriginal('fqdn'); if ($originalFqdn !== $this->application->fqdn) { $this->application->fqdn = $originalFqdn; - $this->syncFromModel(); + $this->syncData(); } return handleError($e, $this); diff --git a/app/Livewire/Project/Shared/HealthChecks.php b/app/Livewire/Project/Shared/HealthChecks.php index c8029761d..05f786690 100644 --- a/app/Livewire/Project/Shared/HealthChecks.php +++ b/app/Livewire/Project/Shared/HealthChecks.php @@ -2,42 +2,54 @@ namespace App\Livewire\Project\Shared; -use App\Livewire\Concerns\SynchronizesModelData; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Livewire\Attributes\Validate; use Livewire\Component; class HealthChecks extends Component { use AuthorizesRequests; - use SynchronizesModelData; public $resource; // Explicit properties + #[Validate(['boolean'])] public bool $healthCheckEnabled = false; + #[Validate(['string'])] public string $healthCheckMethod; + #[Validate(['string'])] public string $healthCheckScheme; + #[Validate(['string'])] public string $healthCheckHost; + #[Validate(['nullable', 'string'])] public ?string $healthCheckPort = null; + #[Validate(['string'])] public string $healthCheckPath; + #[Validate(['integer'])] public int $healthCheckReturnCode; + #[Validate(['nullable', 'string'])] public ?string $healthCheckResponseText = null; + #[Validate(['integer', 'min:1'])] public int $healthCheckInterval; + #[Validate(['integer', 'min:1'])] public int $healthCheckTimeout; + #[Validate(['integer', 'min:1'])] public int $healthCheckRetries; + #[Validate(['integer'])] public int $healthCheckStartPeriod; + #[Validate(['boolean'])] public bool $customHealthcheckFound = false; protected $rules = [ @@ -56,36 +68,69 @@ class HealthChecks extends Component 'customHealthcheckFound' => 'boolean', ]; - protected function getModelBindings(): array - { - return [ - 'healthCheckEnabled' => 'resource.health_check_enabled', - 'healthCheckMethod' => 'resource.health_check_method', - 'healthCheckScheme' => 'resource.health_check_scheme', - 'healthCheckHost' => 'resource.health_check_host', - 'healthCheckPort' => 'resource.health_check_port', - 'healthCheckPath' => 'resource.health_check_path', - 'healthCheckReturnCode' => 'resource.health_check_return_code', - 'healthCheckResponseText' => 'resource.health_check_response_text', - 'healthCheckInterval' => 'resource.health_check_interval', - 'healthCheckTimeout' => 'resource.health_check_timeout', - 'healthCheckRetries' => 'resource.health_check_retries', - 'healthCheckStartPeriod' => 'resource.health_check_start_period', - 'customHealthcheckFound' => 'resource.custom_healthcheck_found', - ]; - } - public function mount() { $this->authorize('view', $this->resource); - $this->syncFromModel(); + $this->syncData(); + } + + public function syncData(bool $toModel = false): void + { + if ($toModel) { + $this->validate(); + + // Sync to model + $this->resource->health_check_enabled = $this->healthCheckEnabled; + $this->resource->health_check_method = $this->healthCheckMethod; + $this->resource->health_check_scheme = $this->healthCheckScheme; + $this->resource->health_check_host = $this->healthCheckHost; + $this->resource->health_check_port = $this->healthCheckPort; + $this->resource->health_check_path = $this->healthCheckPath; + $this->resource->health_check_return_code = $this->healthCheckReturnCode; + $this->resource->health_check_response_text = $this->healthCheckResponseText; + $this->resource->health_check_interval = $this->healthCheckInterval; + $this->resource->health_check_timeout = $this->healthCheckTimeout; + $this->resource->health_check_retries = $this->healthCheckRetries; + $this->resource->health_check_start_period = $this->healthCheckStartPeriod; + $this->resource->custom_healthcheck_found = $this->customHealthcheckFound; + + $this->resource->save(); + } else { + // Sync from model + $this->healthCheckEnabled = $this->resource->health_check_enabled; + $this->healthCheckMethod = $this->resource->health_check_method; + $this->healthCheckScheme = $this->resource->health_check_scheme; + $this->healthCheckHost = $this->resource->health_check_host; + $this->healthCheckPort = $this->resource->health_check_port; + $this->healthCheckPath = $this->resource->health_check_path; + $this->healthCheckReturnCode = $this->resource->health_check_return_code; + $this->healthCheckResponseText = $this->resource->health_check_response_text; + $this->healthCheckInterval = $this->resource->health_check_interval; + $this->healthCheckTimeout = $this->resource->health_check_timeout; + $this->healthCheckRetries = $this->resource->health_check_retries; + $this->healthCheckStartPeriod = $this->resource->health_check_start_period; + $this->customHealthcheckFound = $this->resource->custom_healthcheck_found; + } } public function instantSave() { $this->authorize('update', $this->resource); - $this->syncToModel(); + // Sync component properties to model + $this->resource->health_check_enabled = $this->healthCheckEnabled; + $this->resource->health_check_method = $this->healthCheckMethod; + $this->resource->health_check_scheme = $this->healthCheckScheme; + $this->resource->health_check_host = $this->healthCheckHost; + $this->resource->health_check_port = $this->healthCheckPort; + $this->resource->health_check_path = $this->healthCheckPath; + $this->resource->health_check_return_code = $this->healthCheckReturnCode; + $this->resource->health_check_response_text = $this->healthCheckResponseText; + $this->resource->health_check_interval = $this->healthCheckInterval; + $this->resource->health_check_timeout = $this->healthCheckTimeout; + $this->resource->health_check_retries = $this->healthCheckRetries; + $this->resource->health_check_start_period = $this->healthCheckStartPeriod; + $this->resource->custom_healthcheck_found = $this->customHealthcheckFound; $this->resource->save(); $this->dispatch('success', 'Health check updated.'); } @@ -96,7 +141,20 @@ public function submit() $this->authorize('update', $this->resource); $this->validate(); - $this->syncToModel(); + // Sync component properties to model + $this->resource->health_check_enabled = $this->healthCheckEnabled; + $this->resource->health_check_method = $this->healthCheckMethod; + $this->resource->health_check_scheme = $this->healthCheckScheme; + $this->resource->health_check_host = $this->healthCheckHost; + $this->resource->health_check_port = $this->healthCheckPort; + $this->resource->health_check_path = $this->healthCheckPath; + $this->resource->health_check_return_code = $this->healthCheckReturnCode; + $this->resource->health_check_response_text = $this->healthCheckResponseText; + $this->resource->health_check_interval = $this->healthCheckInterval; + $this->resource->health_check_timeout = $this->healthCheckTimeout; + $this->resource->health_check_retries = $this->healthCheckRetries; + $this->resource->health_check_start_period = $this->healthCheckStartPeriod; + $this->resource->custom_healthcheck_found = $this->customHealthcheckFound; $this->resource->save(); $this->dispatch('success', 'Health check updated.'); } catch (\Throwable $e) { @@ -111,7 +169,20 @@ public function toggleHealthcheck() $wasEnabled = $this->healthCheckEnabled; $this->healthCheckEnabled = ! $this->healthCheckEnabled; - $this->syncToModel(); + // Sync component properties to model + $this->resource->health_check_enabled = $this->healthCheckEnabled; + $this->resource->health_check_method = $this->healthCheckMethod; + $this->resource->health_check_scheme = $this->healthCheckScheme; + $this->resource->health_check_host = $this->healthCheckHost; + $this->resource->health_check_port = $this->healthCheckPort; + $this->resource->health_check_path = $this->healthCheckPath; + $this->resource->health_check_return_code = $this->healthCheckReturnCode; + $this->resource->health_check_response_text = $this->healthCheckResponseText; + $this->resource->health_check_interval = $this->healthCheckInterval; + $this->resource->health_check_timeout = $this->healthCheckTimeout; + $this->resource->health_check_retries = $this->healthCheckRetries; + $this->resource->health_check_start_period = $this->healthCheckStartPeriod; + $this->resource->custom_healthcheck_found = $this->customHealthcheckFound; $this->resource->save(); if ($this->healthCheckEnabled && ! $wasEnabled && $this->resource->isRunning()) { diff --git a/tests/Unit/SynchronizesModelDataTest.php b/tests/Unit/SynchronizesModelDataTest.php deleted file mode 100644 index 4551fb056..000000000 --- a/tests/Unit/SynchronizesModelDataTest.php +++ /dev/null @@ -1,163 +0,0 @@ - 'application.settings.is_static', - ]; - } - - // Expose protected method for testing - public function testSync(): void - { - $this->syncToModel(); - } - }; - - // Create real ApplicationSetting instance - $settings = new ApplicationSetting; - $settings->is_static = false; - - // Create Application instance - $application = new Application; - $application->setRelation('settings', $settings); - - $component->application = $application; - $component->is_static = true; - - // Sync to model - $component->testSync(); - - // Verify the value was set on the model - expect($component->application->settings->is_static)->toBeTrue(); -}); - -it('syncs boolean values correctly', function () { - $component = new class - { - use SynchronizesModelData; - - public bool $is_spa = true; - - public bool $is_build_server_enabled = false; - - public Application $application; - - protected function getModelBindings(): array - { - return [ - 'is_spa' => 'application.settings.is_spa', - 'is_build_server_enabled' => 'application.settings.is_build_server_enabled', - ]; - } - - public function testSync(): void - { - $this->syncToModel(); - } - }; - - $settings = new ApplicationSetting; - $settings->is_spa = false; - $settings->is_build_server_enabled = true; - - $application = new Application; - $application->setRelation('settings', $settings); - - $component->application = $application; - - $component->testSync(); - - expect($component->application->settings->is_spa)->toBeTrue() - ->and($component->application->settings->is_build_server_enabled)->toBeFalse(); -}); - -it('syncs from model to component correctly', function () { - $component = new class - { - use SynchronizesModelData; - - public bool $is_static = false; - - public bool $is_spa = false; - - public Application $application; - - protected function getModelBindings(): array - { - return [ - 'is_static' => 'application.settings.is_static', - 'is_spa' => 'application.settings.is_spa', - ]; - } - - public function testSyncFrom(): void - { - $this->syncFromModel(); - } - }; - - $settings = new ApplicationSetting; - $settings->is_static = true; - $settings->is_spa = true; - - $application = new Application; - $application->setRelation('settings', $settings); - - $component->application = $application; - - $component->testSyncFrom(); - - expect($component->is_static)->toBeTrue() - ->and($component->is_spa)->toBeTrue(); -}); - -it('handles properties that do not exist gracefully', function () { - $component = new class - { - use SynchronizesModelData; - - public Application $application; - - protected function getModelBindings(): array - { - return [ - 'non_existent_property' => 'application.name', - ]; - } - - public function testSync(): void - { - $this->syncToModel(); - } - }; - - $application = new Application; - $component->application = $application; - - // Should not throw an error - $component->testSync(); - - expect(true)->toBeTrue(); -}); From 7520d6ca97bb0b494a1db8575461d336a52e0bb0 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 09:24:37 +0100 Subject: [PATCH 09/53] feat: Update version numbers to 4.0.0-beta.440 and 4.0.0-beta.441 --- config/constants.php | 2 +- other/nightly/versions.json | 4 ++-- versions.json | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/config/constants.php b/config/constants.php index 503fe3808..5fa9bb552 100644 --- a/config/constants.php +++ b/config/constants.php @@ -2,7 +2,7 @@ return [ 'coolify' => [ - 'version' => '4.0.0-beta.439', + 'version' => '4.0.0-beta.440', 'helper_version' => '1.0.11', 'realtime_version' => '1.0.10', 'self_hosted' => env('SELF_HOSTED', true), diff --git a/other/nightly/versions.json b/other/nightly/versions.json index 2e5cc5e84..0d0c87238 100644 --- a/other/nightly/versions.json +++ b/other/nightly/versions.json @@ -1,10 +1,10 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.435" + "version": "4.0.0-beta.440" }, "nightly": { - "version": "4.0.0-beta.436" + "version": "4.0.0-beta.441" }, "helper": { "version": "1.0.11" diff --git a/versions.json b/versions.json index edf4a3700..0d0c87238 100644 --- a/versions.json +++ b/versions.json @@ -1,10 +1,10 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.439" + "version": "4.0.0-beta.440" }, "nightly": { - "version": "4.0.0-beta.440" + "version": "4.0.0-beta.441" }, "helper": { "version": "1.0.11" From 7b589abfbeaf8df9b462080bff3203eddbcef091 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 09:48:59 +0100 Subject: [PATCH 10/53] fix: fix SPA toggle nginx regeneration and add confirmation modal - Fix SPA toggle not triggering nginx configuration regeneration by capturing old value before syncData - Fix similar issue with is_http_basic_auth_enabled using value comparison instead of isDirty - Remove redundant application settings save() call - Add confirmation modal to nginx generation button to prevent accidental overwrites - Pass correct type parameter (spa/static) to generateNginxConfiguration method --- app/Livewire/Project/Application/General.php | 10 +++++----- .../livewire/project/application/general.blade.php | 10 +++++++--- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php index 7e606459b..fb306e092 100644 --- a/app/Livewire/Project/Application/General.php +++ b/app/Livewire/Project/Application/General.php @@ -482,18 +482,18 @@ public function instantSave() $oldPortsExposes = $this->application->ports_exposes; $oldIsContainerLabelEscapeEnabled = $this->application->settings->is_container_label_escape_enabled; $oldIsPreserveRepositoryEnabled = $this->application->settings->is_preserve_repository_enabled; + $oldIsSpa = $this->application->settings->is_spa; + $oldIsHttpBasicAuthEnabled = $this->application->is_http_basic_auth_enabled; $this->syncData(toModel: true); - if ($this->application->settings->isDirty('is_spa')) { - $this->generateNginxConfiguration($this->application->settings->is_spa ? 'spa' : 'static'); + if ($oldIsSpa !== $this->isSpa) { + $this->generateNginxConfiguration($this->isSpa ? 'spa' : 'static'); } - if ($this->application->isDirty('is_http_basic_auth_enabled')) { + if ($oldIsHttpBasicAuthEnabled !== $this->isHttpBasicAuthEnabled) { $this->application->save(); } - $this->application->settings->save(); - $this->dispatch('success', 'Settings saved.'); $this->application->refresh(); diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index 2484005ef..bfec17dc6 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -70,9 +70,13 @@ placeholder="Empty means default configuration will be used." label="Custom Nginx Configuration" helper="You can add custom Nginx configuration here." x-bind:disabled="!canUpdate" /> @can('update', $application) - - Generate Default Nginx Configuration - + @endcan @endif
From a45e674c392201c1ebe561825e1b87e34733ebf3 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 09:57:12 +0100 Subject: [PATCH 11/53] Update app/Livewire/Project/Application/General.php Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- app/Livewire/Project/Application/General.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php index fb306e092..a83e6f70a 100644 --- a/app/Livewire/Project/Application/General.php +++ b/app/Livewire/Project/Application/General.php @@ -401,7 +401,9 @@ public function syncData(bool $toModel = false): void $this->application->docker_compose_raw = $this->dockerComposeRaw; $this->application->docker_compose_custom_start_command = $this->dockerComposeCustomStartCommand; $this->application->docker_compose_custom_build_command = $this->dockerComposeCustomBuildCommand; - $this->application->custom_labels = base64_encode($this->customLabels); + $this->application->custom_labels = is_null($this->customLabels) + ? null + : base64_encode($this->customLabels); $this->application->custom_docker_run_options = $this->customDockerRunOptions; $this->application->pre_deployment_command = $this->preDeploymentCommand; $this->application->pre_deployment_command_container = $this->preDeploymentCommandContainer; From 9cbc2467151daeaf9b656503d209553b3dba38ce Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 4 Nov 2025 09:04:18 +0000 Subject: [PATCH 12/53] docs: update changelog --- CHANGELOG.md | 47 +++++++++++++++++++++++++---------------------- 1 file changed, 25 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9493827a3..bafa8fcb7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,36 +4,19 @@ # Changelog ## [unreleased] -### 🚀 Features - -- Add token validation functionality for Hetzner and DigitalOcean providers -- Add dev_helper_version to instance settings and update related functionality - ### 🐛 Bug Fixes -- Change SMTP port input type to number for better validation -- Remove unnecessary step attribute from maximum storage input fields -- Update boarding flow logic to complete onboarding when server is created -- Convert network aliases to string for display -- Improve custom_network_aliases handling and testing -- Remove duplicate custom_labels from config hash calculation -- Improve run script and enhance sticky header style - -### 🚜 Refactor - -- Improve handling of custom network aliases -- Remove unused submodules -- Update subproject commit hashes +- Fix SPA toggle nginx regeneration and add confirmation modal ### 📚 Documentation - Update changelog -- Add service & database deployment logging plan -### ⚙️ Miscellaneous Tasks +## [4.0.0-beta.439] - 2025-11-03 -- Update version numbers to 4.0.0-beta.439 and 4.0.0-beta.440 -- Add .workspaces to .gitignore +### 📚 Documentation + +- Update changelog ## [4.0.0-beta.438] - 2025-10-29 @@ -46,6 +29,12 @@ ### 🚀 Features - Add funding information for Coollabs including sponsorship plans and channels - Update Evolution API slogan to better reflect its capabilities - *(templates)* Update plane compose to v1.0.0 +- Add token validation functionality for Hetzner and DigitalOcean providers +- Add dev_helper_version to instance settings and update related functionality +- Add RestoreDatabase command for PostgreSQL dump restoration +- Update ApplicationSetting model to include additional boolean casts +- Enhance General component with additional properties and validation rules +- Update version numbers to 4.0.0-beta.440 and 4.0.0-beta.441 ### 🐛 Bug Fixes @@ -83,6 +72,13 @@ ### 🐛 Bug Fixes - *(templates)* Update minio image to use coollabsio fork in Plane - Prevent login rate limit bypass via spoofed headers - Correct login rate limiter key format to include IP address +- Change SMTP port input type to number for better validation +- Remove unnecessary step attribute from maximum storage input fields +- Update boarding flow logic to complete onboarding when server is created +- Convert network aliases to string for display +- Improve custom_network_aliases handling and testing +- Remove duplicate custom_labels from config hash calculation +- Improve run script and enhance sticky header style ### 💼 Other @@ -97,6 +93,10 @@ ### 🚜 Refactor - Remove staging URL logic from ServerPatchCheck constructor - Streamline Docker build process with matrix strategy for multi-architecture support - Simplify project data retrieval and enhance OAuth settings handling +- Improve handling of custom network aliases +- Remove unused submodules +- Update subproject commit hashes +- Remove SynchronizesModelData trait and implement syncData method for model synchronization ### 📚 Documentation @@ -107,6 +107,7 @@ ### 📚 Documentation - Update changelog - Update changelog - Update changelog +- Add service & database deployment logging plan ### 🧪 Testing @@ -118,6 +119,8 @@ ### ⚙️ Miscellaneous Tasks - Add category field to siyuan.yaml - Update siyuan category in service templates - Add spacing and format callout text in modal +- Update version numbers to 4.0.0-beta.439 and 4.0.0-beta.440 +- Add .workspaces to .gitignore ## [4.0.0-beta.437] - 2025-10-21 From 26bbf94d6628817d6ea0af60cb13221718df4e47 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 10:51:41 +0100 Subject: [PATCH 13/53] fix: update syncData method to use data_get for safer property access --- app/Livewire/Project/Service/ServiceApplicationView.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/Livewire/Project/Service/ServiceApplicationView.php b/app/Livewire/Project/Service/ServiceApplicationView.php index 2a661c4cf..09392ab09 100644 --- a/app/Livewire/Project/Service/ServiceApplicationView.php +++ b/app/Livewire/Project/Service/ServiceApplicationView.php @@ -157,10 +157,10 @@ public function syncData(bool $toModel = false): void $this->description = $this->application->description; $this->fqdn = $this->application->fqdn; $this->image = $this->application->image; - $this->excludeFromStatus = $this->application->exclude_from_status; - $this->isLogDrainEnabled = $this->application->is_log_drain_enabled; - $this->isGzipEnabled = $this->application->is_gzip_enabled; - $this->isStripprefixEnabled = $this->application->is_stripprefix_enabled; + $this->excludeFromStatus = data_get($this->application, 'exclude_from_status', false); + $this->isLogDrainEnabled = data_get($this->application, 'is_log_drain_enabled', false); + $this->isGzipEnabled = data_get($this->application, 'is_gzip_enabled', true); + $this->isStripprefixEnabled = data_get($this->application, 'is_stripprefix_enabled', true); } } From a89413bdbe5349c0da7a752237e398dbb9e391b8 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 13:48:31 +0100 Subject: [PATCH 14/53] fix: update version numbers to 4.0.0-beta.441 and 4.0.0-beta.442 --- config/constants.php | 2 +- other/nightly/versions.json | 4 ++-- versions.json | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/config/constants.php b/config/constants.php index 5fa9bb552..fd2adb860 100644 --- a/config/constants.php +++ b/config/constants.php @@ -2,7 +2,7 @@ return [ 'coolify' => [ - 'version' => '4.0.0-beta.440', + 'version' => '4.0.0-beta.441', 'helper_version' => '1.0.11', 'realtime_version' => '1.0.10', 'self_hosted' => env('SELF_HOSTED', true), diff --git a/other/nightly/versions.json b/other/nightly/versions.json index 0d0c87238..5d070a6bb 100644 --- a/other/nightly/versions.json +++ b/other/nightly/versions.json @@ -1,10 +1,10 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.440" + "version": "4.0.0-beta.441" }, "nightly": { - "version": "4.0.0-beta.441" + "version": "4.0.0-beta.442" }, "helper": { "version": "1.0.11" diff --git a/versions.json b/versions.json index 0d0c87238..5d070a6bb 100644 --- a/versions.json +++ b/versions.json @@ -1,10 +1,10 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.440" + "version": "4.0.0-beta.441" }, "nightly": { - "version": "4.0.0-beta.441" + "version": "4.0.0-beta.442" }, "helper": { "version": "1.0.11" From 51b5c0a1dd7906e449b3a93410fdf359b6d25fd9 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 21:06:12 +0100 Subject: [PATCH 15/53] fix: clean up input attributes for PostgreSQL settings in general.blade.php --- .../database/postgresql/general.blade.php | 55 ++++++++++--------- 1 file changed, 28 insertions(+), 27 deletions(-) diff --git a/resources/views/livewire/project/database/postgresql/general.blade.php b/resources/views/livewire/project/database/postgresql/general.blade.php index 290d18fca..9c378a33f 100644 --- a/resources/views/livewire/project/database/postgresql/general.blade.php +++ b/resources/views/livewire/project/database/postgresql/general.blade.php @@ -31,11 +31,11 @@
@if ($database->started_at)
- - @else
- - + +
@endif
- - + +
@if ($database->isExited()) - + @else - @endif
@if ($enableSsl)
@if ($database->isExited()) - @@ -131,8 +130,8 @@ @else - + @@ -164,22 +163,24 @@
- +
- +
+
+

Advanced

+ instantSave="instantSaveAdvanced" id="isLogDrainEnabled" label="Drain Logs" canGate="update" + :canResource="$database" />
From 8775b3f74d7661a66fb1fc7c15f378ecd6be2944 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 4 Nov 2025 21:15:59 +0100 Subject: [PATCH 16/53] fix: enhance menu item styles and update theme color meta tag --- resources/css/utilities.css | 4 +- resources/views/layouts/app.blade.php | 31 +- resources/views/layouts/base.blade.php | 430 +++++++++++++------------ 3 files changed, 235 insertions(+), 230 deletions(-) diff --git a/resources/css/utilities.css b/resources/css/utilities.css index f819280d5..f5d173204 100644 --- a/resources/css/utilities.css +++ b/resources/css/utilities.css @@ -124,7 +124,7 @@ @utility menu { } @utility menu-item { - @apply flex gap-3 items-center px-2 py-1 w-full text-sm sm:pr-0 dark:hover:bg-coolgray-100 dark:hover:text-white hover:bg-neutral-300 min-w-fit sm:min-w-64; + @apply flex gap-3 items-center px-2 py-1 w-full text-sm sm:pr-0 dark:hover:bg-coolgray-100 dark:hover:text-white hover:bg-neutral-300 min-w-fit sm:min-w-64 text-black dark:text-neutral-400; } @utility menu-item-active { @@ -220,7 +220,7 @@ @utility title { } @utility subtitle { - @apply pt-2 pb-9; + @apply pt-2 pb-9 text-neutral-500 dark:text-neutral-400; } @utility fullscreen { diff --git a/resources/views/layouts/app.blade.php b/resources/views/layouts/app.blade.php index 0a7909761..01a128bd2 100644 --- a/resources/views/layouts/app.blade.php +++ b/resources/views/layouts/app.blade.php @@ -9,15 +9,16 @@ @auth
+ open: false, + init() { + this.pageWidth = localStorage.getItem('pageWidth'); + if (!this.pageWidth) { + this.pageWidth = 'full'; + localStorage.setItem('pageWidth', 'full'); + } + } + }" x-cloak class="mx-auto text-neutral-800 dark:text-white" + :class="pageWidth === 'full' ? '' : 'max-w-7xl'"> -
+
- Coolify + Coolify
@@ -66,4 +69,4 @@
@endauth -@endsection +@endsection \ No newline at end of file diff --git a/resources/views/layouts/base.blade.php b/resources/views/layouts/base.blade.php index a4c72a5d8..0bb7a3c34 100644 --- a/resources/views/layouts/base.blade.php +++ b/resources/views/layouts/base.blade.php @@ -2,17 +2,19 @@ + - + @@ -73,102 +75,102 @@ @section('body') - - - - + }, timeout); + return; + } else { + window.location.reload(); + } + }) + window.Livewire.on('info', (message) => { + if (typeof message === 'string') { + window.toast('Info', { + type: 'info', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Info', { + type: 'info', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'info', + description: message[1], + }) + } + }) + window.Livewire.on('error', (message) => { + if (typeof message === 'string') { + window.toast('Error', { + type: 'danger', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Error', { + type: 'danger', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'danger', + description: message[1], + }) + } + }) + window.Livewire.on('warning', (message) => { + if (typeof message === 'string') { + window.toast('Warning', { + type: 'warning', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Warning', { + type: 'warning', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'warning', + description: message[1], + }) + } + }) + window.Livewire.on('success', (message) => { + if (typeof message === 'string') { + window.toast('Success', { + type: 'success', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Success', { + type: 'success', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'success', + description: message[1], + }) + } + }) + }); + + @show - + \ No newline at end of file From 5b79844a3a11ee35ada53e71e85874a5d6a2137d Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Wed, 5 Nov 2025 08:48:10 +0100 Subject: [PATCH 17/53] fix: update docker stop command to use --time instead of --timeout --- app/Actions/Database/StartClickhouse.php | 2 +- app/Actions/Database/StartDragonfly.php | 2 +- app/Actions/Database/StartKeydb.php | 2 +- app/Actions/Database/StartMariadb.php | 2 +- app/Actions/Database/StartMongodb.php | 2 +- app/Actions/Database/StartMysql.php | 2 +- app/Actions/Database/StartPostgresql.php | 2 +- app/Actions/Database/StartRedis.php | 2 +- app/Actions/Database/StopDatabase.php | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/app/Actions/Database/StartClickhouse.php b/app/Actions/Database/StartClickhouse.php index 38f6d7bc8..7fdfe9aeb 100644 --- a/app/Actions/Database/StartClickhouse.php +++ b/app/Actions/Database/StartClickhouse.php @@ -105,7 +105,7 @@ public function handle(StandaloneClickhouse $database) $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo 'Pulling {$database->image} image.'"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml pull"; - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "echo 'Database started.'"; diff --git a/app/Actions/Database/StartDragonfly.php b/app/Actions/Database/StartDragonfly.php index 300221d24..d1bb119af 100644 --- a/app/Actions/Database/StartDragonfly.php +++ b/app/Actions/Database/StartDragonfly.php @@ -192,7 +192,7 @@ public function handle(StandaloneDragonfly $database) if ($this->database->enable_ssl) { $this->commands[] = "chown -R 999:999 $this->configuration_dir/ssl/server.key $this->configuration_dir/ssl/server.crt"; } - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "echo 'Database started.'"; diff --git a/app/Actions/Database/StartKeydb.php b/app/Actions/Database/StartKeydb.php index 3a2ceebb3..128469e24 100644 --- a/app/Actions/Database/StartKeydb.php +++ b/app/Actions/Database/StartKeydb.php @@ -208,7 +208,7 @@ public function handle(StandaloneKeydb $database) if ($this->database->enable_ssl) { $this->commands[] = "chown -R 999:999 $this->configuration_dir/ssl/server.key $this->configuration_dir/ssl/server.crt"; } - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "echo 'Database started.'"; diff --git a/app/Actions/Database/StartMariadb.php b/app/Actions/Database/StartMariadb.php index 8a936c8ae..29dd7b8fe 100644 --- a/app/Actions/Database/StartMariadb.php +++ b/app/Actions/Database/StartMariadb.php @@ -209,7 +209,7 @@ public function handle(StandaloneMariadb $database) $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo 'Pulling {$database->image} image.'"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml pull"; - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "echo 'Database started.'"; diff --git a/app/Actions/Database/StartMongodb.php b/app/Actions/Database/StartMongodb.php index 19699d684..5982b68be 100644 --- a/app/Actions/Database/StartMongodb.php +++ b/app/Actions/Database/StartMongodb.php @@ -260,7 +260,7 @@ public function handle(StandaloneMongodb $database) $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo 'Pulling {$database->image} image.'"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml pull"; - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; if ($this->database->enable_ssl) { diff --git a/app/Actions/Database/StartMysql.php b/app/Actions/Database/StartMysql.php index 25546fa9d..c1df8d6db 100644 --- a/app/Actions/Database/StartMysql.php +++ b/app/Actions/Database/StartMysql.php @@ -210,7 +210,7 @@ public function handle(StandaloneMysql $database) $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo 'Pulling {$database->image} image.'"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml pull"; - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; diff --git a/app/Actions/Database/StartPostgresql.php b/app/Actions/Database/StartPostgresql.php index ac011acbe..925020af8 100644 --- a/app/Actions/Database/StartPostgresql.php +++ b/app/Actions/Database/StartPostgresql.php @@ -223,7 +223,7 @@ public function handle(StandalonePostgresql $database) $this->commands[] = "echo '{$readme}' > $this->configuration_dir/README.md"; $this->commands[] = "echo 'Pulling {$database->image} image.'"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml pull"; - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; if ($this->database->enable_ssl) { diff --git a/app/Actions/Database/StartRedis.php b/app/Actions/Database/StartRedis.php index 8a7ae42a4..4c99a0213 100644 --- a/app/Actions/Database/StartRedis.php +++ b/app/Actions/Database/StartRedis.php @@ -205,7 +205,7 @@ public function handle(StandaloneRedis $database) if ($this->database->enable_ssl) { $this->commands[] = "chown -R 999:999 $this->configuration_dir/ssl/server.key $this->configuration_dir/ssl/server.crt"; } - $this->commands[] = "docker stop --timeout=10 $container_name 2>/dev/null || true"; + $this->commands[] = "docker stop --time=10 $container_name 2>/dev/null || true"; $this->commands[] = "docker rm -f $container_name 2>/dev/null || true"; $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d"; $this->commands[] = "echo 'Database started.'"; diff --git a/app/Actions/Database/StopDatabase.php b/app/Actions/Database/StopDatabase.php index 63f5b1979..5c881e743 100644 --- a/app/Actions/Database/StopDatabase.php +++ b/app/Actions/Database/StopDatabase.php @@ -49,7 +49,7 @@ private function stopContainer($database, string $containerName, int $timeout = { $server = $database->destination->server; instant_remote_process(command: [ - "docker stop --timeout=$timeout $containerName", + "docker stop --time=$timeout $containerName", "docker rm -f $containerName", ], server: $server, throwError: false); } From 54964d54d471a06d3a98209ab3ff15e83fbbbaeb Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Wed, 5 Nov 2025 08:59:05 +0100 Subject: [PATCH 18/53] fix: clean up utility classes and improve readability in Blade templates --- resources/css/utilities.css | 6 +- resources/views/layouts/app.blade.php | 25 +- resources/views/layouts/base.blade.php | 422 +++++++++--------- .../project/application/general.blade.php | 80 ++-- 4 files changed, 259 insertions(+), 274 deletions(-) diff --git a/resources/css/utilities.css b/resources/css/utilities.css index f5d173204..5d8a6bfa1 100644 --- a/resources/css/utilities.css +++ b/resources/css/utilities.css @@ -124,7 +124,7 @@ @utility menu { } @utility menu-item { - @apply flex gap-3 items-center px-2 py-1 w-full text-sm sm:pr-0 dark:hover:bg-coolgray-100 dark:hover:text-white hover:bg-neutral-300 min-w-fit sm:min-w-64 text-black dark:text-neutral-400; + @apply flex gap-3 items-center px-2 py-1 w-full text-sm sm:pr-0 dark:hover:bg-coolgray-100 dark:hover:text-white hover:bg-neutral-300 min-w-fit sm:min-w-64; } @utility menu-item-active { @@ -152,7 +152,7 @@ @utility custom-modal { } @utility navbar-main { - @apply flex flex-col gap-4 justify-items-start pb-2 border-b-2 border-solid h-fit md:flex-row sm:justify-between dark:border-coolgray-200 border-neutral-200 md:items-center; + @apply flex flex-col gap-4 justify-items-start pb-2 border-b-2 border-solid h-fit md:flex-row sm:justify-between dark:border-coolgray-200 border-neutral-200 md:items-center text-neutral-700 dark:text-neutral-400; } @utility loading { @@ -220,7 +220,7 @@ @utility title { } @utility subtitle { - @apply pt-2 pb-9 text-neutral-500 dark:text-neutral-400; + @apply pt-2 pb-9; } @utility fullscreen { diff --git a/resources/views/layouts/app.blade.php b/resources/views/layouts/app.blade.php index 01a128bd2..fae2e1b6d 100644 --- a/resources/views/layouts/app.blade.php +++ b/resources/views/layouts/app.blade.php @@ -9,16 +9,15 @@ @auth
+ open: false, + init() { + this.pageWidth = localStorage.getItem('pageWidth'); + if (!this.pageWidth) { + this.pageWidth = 'full'; + localStorage.setItem('pageWidth', 'full'); + } + } + }" x-cloak class="mx-auto" :class="pageWidth === 'full' ? '' : 'max-w-7xl'"> @endauth -@endsection \ No newline at end of file +@endsection diff --git a/resources/views/layouts/base.blade.php b/resources/views/layouts/base.blade.php index 0bb7a3c34..c577f7248 100644 --- a/resources/views/layouts/base.blade.php +++ b/resources/views/layouts/base.blade.php @@ -2,7 +2,7 @@ - + } + }) + window.Livewire.on('info', (message) => { + if (typeof message === 'string') { + window.toast('Info', { + type: 'info', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Info', { + type: 'info', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'info', + description: message[1], + }) + } + }) + window.Livewire.on('error', (message) => { + if (typeof message === 'string') { + window.toast('Error', { + type: 'danger', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Error', { + type: 'danger', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'danger', + description: message[1], + }) + } + }) + window.Livewire.on('warning', (message) => { + if (typeof message === 'string') { + window.toast('Warning', { + type: 'warning', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Warning', { + type: 'warning', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'warning', + description: message[1], + }) + } + }) + window.Livewire.on('success', (message) => { + if (typeof message === 'string') { + window.toast('Success', { + type: 'success', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Success', { + type: 'success', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'success', + description: message[1], + }) + } + }) + }); + + @show - \ No newline at end of file + diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index bfec17dc6..8e614a4e9 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -23,16 +23,15 @@ @if (!$application->dockerfile && $application->build_pack !== 'dockerimage')
- + @if ($application->settings->is_static || $application->build_pack === 'static') - + @@ -75,7 +74,9 @@ submitAction="generateNginxConfiguration('{{ $application->settings->is_spa ? 'spa' : 'static' }}')" :actions="[ 'This will overwrite your current custom Nginx configuration.', - 'The default configuration will be generated based on your application type (' . ($application->settings->is_spa ? 'SPA' : 'static') . ').', + 'The default configuration will be generated based on your application type (' . + ($application->settings->is_spa ? 'SPA' : 'static') . + ').', ]" /> @endcan @endif @@ -94,13 +95,11 @@ @if ($application->build_pack !== 'dockercompose')
@if ($application->settings->is_container_label_readonly_enabled == false) - @else - @can('update', $application) @@ -210,21 +209,17 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" + id="customDockerRunOptions" label="Custom Docker Options" x-bind:disabled="!canUpdate" /> @else @if ($application->could_set_build_commands()) @if ($application->build_pack === 'nixpacks')
+ id="installCommand" label="Install Command" x-bind:disabled="!canUpdate" /> + id="buildCommand" label="Build Command" x-bind:disabled="!canUpdate" /> + id="startCommand" label="Start Command" x-bind:disabled="!canUpdate" />
Nixpacks will detect the required configuration automatically. @@ -246,13 +241,12 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" id="baseDirectory" label="Base Directory" helper="Directory to use as root. Useful for monorepos." />
- @@ -264,13 +258,11 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" you doing.
@@ -278,15 +270,14 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
+ placeholder="services/api/**" id="watchPaths" label="Watch Paths" + x-bind:disabled="shouldDisable()" />
@endif
@else
- @if ($application->build_pack === 'dockerfile' && !$application->dockerfile) @@ -297,8 +288,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" @endif @if ($application->build_pack === 'dockerfile') - @endif @@ -317,8 +307,8 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
+ placeholder="src/pages/**" id="watchPaths" label="Watch Paths" + x-bind:disabled="!canUpdate" />
@endif + instantSave id="isBuildServerEnabled" label="Use a Build Server?" + x-bind:disabled="!canUpdate" />
@endif @endif @@ -359,8 +349,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" helper="You need to modify the docker compose file in the git repository." monacoEditorLanguage="yaml" useMonacoEditor /> @endif - @endif @@ -386,13 +375,11 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" x-bind:disabled="!canUpdate" /> @else @if ($application->settings->is_container_label_readonly_enabled === false) - @else - @endif @@ -413,15 +400,14 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
+ label="Enable" id="isHttpBasicAuthEnabled" x-bind:disabled="!canUpdate" />
@if ($application->is_http_basic_auth_enabled)
- +
@endif
@@ -472,8 +458,8 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" id="postDeploymentCommand" label="Post-deployment " helper="An optional script or command to execute in the newly built container after the deployment completes.
It is always executed with 'sh -c', so you do not need add it manually." /> @if ($application->build_pack === 'dockercompose') - @endif
From 6245c9d9711b03706b11a5414eaefbdbd2af72a0 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Wed, 5 Nov 2025 09:00:25 +0100 Subject: [PATCH 19/53] fix: enhance styling for page width component in Blade template --- resources/views/layouts/app.blade.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/resources/views/layouts/app.blade.php b/resources/views/layouts/app.blade.php index fae2e1b6d..0ef021458 100644 --- a/resources/views/layouts/app.blade.php +++ b/resources/views/layouts/app.blade.php @@ -17,7 +17,8 @@ localStorage.setItem('pageWidth', 'full'); } } - }" x-cloak class="mx-auto" :class="pageWidth === 'full' ? '' : 'max-w-7xl'"> + }" x-cloak class="mx-auto dark:text-inherit text-black" + :class="pageWidth === 'full' ? '' : 'max-w-7xl'">
- or + or continue with
diff --git a/resources/views/auth/register.blade.php b/resources/views/auth/register.blade.php index 3db943726..cdfa52a98 100644 --- a/resources/views/auth/register.blade.php +++ b/resources/views/auth/register.blade.php @@ -33,7 +33,8 @@ function getOldOrLocal($key, $localValue)

Root User Setup

-

This user will be the root user with full admin access.

+

This user will be the root user with full + admin access.

@@ -58,13 +59,16 @@ function getOldOrLocal($key, $localValue) -
+

- Your password should be min 8 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one symbol. + Your password should be min 8 characters long and contain at least one uppercase letter, + one lowercase letter, one number, and one symbol.

- + Create Account @@ -74,17 +78,18 @@ function getOldOrLocal($key, $localValue)
- + Already have an account?
- + {{ __('auth.already_registered') }}
- + \ No newline at end of file diff --git a/resources/views/auth/reset-password.blade.php b/resources/views/auth/reset-password.blade.php index a4a07ebd6..3e0c237b4 100644 --- a/resources/views/auth/reset-password.blade.php +++ b/resources/views/auth/reset-password.blade.php @@ -47,16 +47,19 @@ label="{{ __('input.email') }}" /> - + -
+

- Your password should be min 8 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one symbol. + Your password should be min 8 characters long and contain at least one uppercase letter, + one lowercase letter, one number, and one symbol.

- + {{ __('auth.reset_password') }} @@ -66,17 +69,18 @@
- + Remember your password?
- + Back to Login - + \ No newline at end of file diff --git a/resources/views/auth/two-factor-challenge.blade.php b/resources/views/auth/two-factor-challenge.blade.php index d4531cbe8..05dbcc90c 100644 --- a/resources/views/auth/two-factor-challenge.blade.php +++ b/resources/views/auth/two-factor-challenge.blade.php @@ -120,7 +120,7 @@ class="mt-2 text-sm dark:text-neutral-400 hover:text-black dark:hover:text-white
- + Need help?
diff --git a/resources/views/layouts/base.blade.php b/resources/views/layouts/base.blade.php index c577f7248..7bb366cd4 100644 --- a/resources/views/layouts/base.blade.php +++ b/resources/views/layouts/base.blade.php @@ -2,7 +2,7 @@ - + }, timeout); + return; + } else { + window.location.reload(); + } + }) + window.Livewire.on('info', (message) => { + if (typeof message === 'string') { + window.toast('Info', { + type: 'info', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Info', { + type: 'info', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'info', + description: message[1], + }) + } + }) + window.Livewire.on('error', (message) => { + if (typeof message === 'string') { + window.toast('Error', { + type: 'danger', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Error', { + type: 'danger', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'danger', + description: message[1], + }) + } + }) + window.Livewire.on('warning', (message) => { + if (typeof message === 'string') { + window.toast('Warning', { + type: 'warning', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Warning', { + type: 'warning', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'warning', + description: message[1], + }) + } + }) + window.Livewire.on('success', (message) => { + if (typeof message === 'string') { + window.toast('Success', { + type: 'success', + description: message, + }) + return; + } + if (message.length == 1) { + window.toast('Success', { + type: 'success', + description: message[0], + }) + } else if (message.length == 2) { + window.toast(message[0], { + type: 'success', + description: message[1], + }) + } + }) + }); + + @show - + \ No newline at end of file From dbf7957795b60020663759ac0ba9172375a3a58f Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 08:54:35 +0100 Subject: [PATCH 27/53] fix: inserting ARG statements in Dockerfile after FROM instructions --- app/Jobs/ApplicationDeploymentJob.php | 55 +++++++++++++++++++++------ 1 file changed, 44 insertions(+), 11 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index a240a759a..1dfcaaafc 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -3226,6 +3226,20 @@ private function generate_secrets_hash($variables) return hash_hmac('sha256', $secrets_string, $this->secrets_hash_key); } + protected function findFromInstructionLines($dockerfile): array + { + $fromLines = []; + foreach ($dockerfile as $index => $line) { + $trimmedLine = trim($line); + // Check if line starts with FROM (case-insensitive) + if (preg_match('/^FROM\s+/i', $trimmedLine)) { + $fromLines[] = $index; + } + } + + return $fromLines; + } + private function add_build_env_variables_to_dockerfile() { if ($this->dockerBuildkitSupported) { @@ -3238,6 +3252,18 @@ private function add_build_env_variables_to_dockerfile() 'ignore_errors' => true, ]); $dockerfile = collect(str($this->saved_outputs->get('dockerfile'))->trim()->explode("\n")); + + // Find all FROM instruction positions + $fromLines = $this->findFromInstructionLines($dockerfile); + + // If no FROM instructions found, skip ARG insertion + if (empty($fromLines)) { + return; + } + + // Collect all ARG statements to insert + $argsToInsert = collect(); + if ($this->pull_request_id === 0) { // Only add environment variables that are available during build $envs = $this->application->environment_variables() @@ -3246,9 +3272,9 @@ private function add_build_env_variables_to_dockerfile() ->get(); foreach ($envs as $env) { if (data_get($env, 'is_multiline') === true) { - $dockerfile->splice(1, 0, ["ARG {$env->key}"]); + $argsToInsert->push("ARG {$env->key}"); } else { - $dockerfile->splice(1, 0, ["ARG {$env->key}={$env->real_value}"]); + $argsToInsert->push("ARG {$env->key}={$env->real_value}"); } } // Add Coolify variables as ARGs @@ -3258,9 +3284,7 @@ private function add_build_env_variables_to_dockerfile() ->map(function ($var) { return "ARG {$var}"; }); - foreach ($coolify_vars as $arg) { - $dockerfile->splice(1, 0, [$arg]); - } + $argsToInsert = $argsToInsert->merge($coolify_vars); } } else { // Only add preview environment variables that are available during build @@ -3270,9 +3294,9 @@ private function add_build_env_variables_to_dockerfile() ->get(); foreach ($envs as $env) { if (data_get($env, 'is_multiline') === true) { - $dockerfile->splice(1, 0, ["ARG {$env->key}"]); + $argsToInsert->push("ARG {$env->key}"); } else { - $dockerfile->splice(1, 0, ["ARG {$env->key}={$env->real_value}"]); + $argsToInsert->push("ARG {$env->key}={$env->real_value}"); } } // Add Coolify variables as ARGs @@ -3282,15 +3306,24 @@ private function add_build_env_variables_to_dockerfile() ->map(function ($var) { return "ARG {$var}"; }); - foreach ($coolify_vars as $arg) { - $dockerfile->splice(1, 0, [$arg]); - } + $argsToInsert = $argsToInsert->merge($coolify_vars); } } + // Add secrets hash if we have environment variables if ($envs->isNotEmpty()) { $secrets_hash = $this->generate_secrets_hash($envs); - $dockerfile->splice(1, 0, ["ARG COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}"]); + $argsToInsert->push("ARG COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}"); + } + + // Insert ARGs after each FROM instruction (in reverse order to maintain correct line numbers) + if ($argsToInsert->isNotEmpty()) { + foreach (array_reverse($fromLines) as $fromLineIndex) { + // Insert all ARGs after this FROM instruction + foreach ($argsToInsert->reverse() as $arg) { + $dockerfile->splice($fromLineIndex + 1, 0, [$arg]); + } + } } $dockerfile_base64 = base64_encode($dockerfile->implode("\n")); From 4968e9fa2bf622df15da5292534f9709a5d64338 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 08:54:40 +0100 Subject: [PATCH 28/53] test: add unit tests for Dockerfile ARG insertion logic --- tests/Unit/DockerfileArgInsertionTest.php | 218 ++++++++++++++++++++++ 1 file changed, 218 insertions(+) create mode 100644 tests/Unit/DockerfileArgInsertionTest.php diff --git a/tests/Unit/DockerfileArgInsertionTest.php b/tests/Unit/DockerfileArgInsertionTest.php new file mode 100644 index 000000000..593f09145 --- /dev/null +++ b/tests/Unit/DockerfileArgInsertionTest.php @@ -0,0 +1,218 @@ +makePartial(); + + $dockerfile = collect([ + 'FROM node:16', + 'WORKDIR /app', + 'COPY . .', + ]); + + $result = $job->findFromInstructionLines($dockerfile); + + expect($result)->toBe([0]); +}); + +it('finds FROM instructions with comments before', function () { + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + + $dockerfile = collect([ + '# Build stage', + '# Another comment', + 'FROM node:16', + 'WORKDIR /app', + ]); + + $result = $job->findFromInstructionLines($dockerfile); + + expect($result)->toBe([2]); +}); + +it('finds multiple FROM instructions in multi-stage dockerfile', function () { + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + + $dockerfile = collect([ + 'FROM node:16 AS builder', + 'WORKDIR /app', + 'RUN npm install', + '', + 'FROM nginx:alpine', + 'COPY --from=builder /app/dist /usr/share/nginx/html', + ]); + + $result = $job->findFromInstructionLines($dockerfile); + + expect($result)->toBe([0, 4]); +}); + +it('handles FROM with different cases', function () { + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + + $dockerfile = collect([ + 'from node:16', + 'From nginx:alpine', + 'FROM alpine:latest', + ]); + + $result = $job->findFromInstructionLines($dockerfile); + + expect($result)->toBe([0, 1, 2]); +}); + +it('returns empty array when no FROM instructions found', function () { + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + + $dockerfile = collect([ + '# Just comments', + 'WORKDIR /app', + 'RUN npm install', + ]); + + $result = $job->findFromInstructionLines($dockerfile); + + expect($result)->toBe([]); +}); + +it('inserts ARGs after FROM in simple dockerfile', function () { + $dockerfile = collect([ + 'FROM node:16', + 'WORKDIR /app', + 'COPY . .', + ]); + + $fromLines = [0]; + $argsToInsert = collect(['ARG MY_VAR=value', 'ARG ANOTHER_VAR']); + + foreach (array_reverse($fromLines) as $fromLineIndex) { + foreach ($argsToInsert->reverse() as $arg) { + $dockerfile->splice($fromLineIndex + 1, 0, [$arg]); + } + } + + expect($dockerfile[0])->toBe('FROM node:16'); + expect($dockerfile[1])->toBe('ARG MY_VAR=value'); + expect($dockerfile[2])->toBe('ARG ANOTHER_VAR'); + expect($dockerfile[3])->toBe('WORKDIR /app'); +}); + +it('inserts ARGs after each FROM in multi-stage dockerfile', function () { + $dockerfile = collect([ + 'FROM node:16 AS builder', + 'WORKDIR /app', + '', + 'FROM nginx:alpine', + 'COPY --from=builder /app/dist /usr/share/nginx/html', + ]); + + $fromLines = [0, 3]; + $argsToInsert = collect(['ARG MY_VAR=value']); + + foreach (array_reverse($fromLines) as $fromLineIndex) { + foreach ($argsToInsert->reverse() as $arg) { + $dockerfile->splice($fromLineIndex + 1, 0, [$arg]); + } + } + + // First stage + expect($dockerfile[0])->toBe('FROM node:16 AS builder'); + expect($dockerfile[1])->toBe('ARG MY_VAR=value'); + expect($dockerfile[2])->toBe('WORKDIR /app'); + + // Second stage (index shifted by +1 due to inserted ARG) + expect($dockerfile[4])->toBe('FROM nginx:alpine'); + expect($dockerfile[5])->toBe('ARG MY_VAR=value'); +}); + +it('inserts ARGs after FROM when comments precede FROM', function () { + $dockerfile = collect([ + '# Build stage comment', + 'FROM node:16', + 'WORKDIR /app', + ]); + + $fromLines = [1]; + $argsToInsert = collect(['ARG MY_VAR=value']); + + foreach (array_reverse($fromLines) as $fromLineIndex) { + foreach ($argsToInsert->reverse() as $arg) { + $dockerfile->splice($fromLineIndex + 1, 0, [$arg]); + } + } + + expect($dockerfile[0])->toBe('# Build stage comment'); + expect($dockerfile[1])->toBe('FROM node:16'); + expect($dockerfile[2])->toBe('ARG MY_VAR=value'); + expect($dockerfile[3])->toBe('WORKDIR /app'); +}); + +it('handles real-world nuxt multi-stage dockerfile with comments', function () { + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + + $dockerfile = collect([ + '# Build Stage 1', + '', + 'FROM node:22-alpine AS build', + 'WORKDIR /app', + '', + 'RUN corepack enable', + '', + '# Copy package.json and your lockfile, here we add pnpm-lock.yaml for illustration', + 'COPY package.json pnpm-lock.yaml .npmrc ./', + '', + '# Install dependencies', + 'RUN pnpm i', + '', + '# Copy the entire project', + 'COPY . ./', + '', + '# Build the project', + 'RUN pnpm run build', + '', + '# Build Stage 2', + '', + 'FROM node:22-alpine', + 'WORKDIR /app', + '', + '# Only `.output` folder is needed from the build stage', + 'COPY --from=build /app/.output/ ./', + '', + '# Change the port and host', + 'ENV PORT=80', + 'ENV HOST=0.0.0.0', + '', + 'EXPOSE 80', + '', + 'CMD ["node", "/app/server/index.mjs"]', + ]); + + // Find FROM instructions + $fromLines = $job->findFromInstructionLines($dockerfile); + + expect($fromLines)->toBe([2, 21]); + + // Simulate ARG insertion + $argsToInsert = collect(['ARG BUILD_VAR=production']); + + foreach (array_reverse($fromLines) as $fromLineIndex) { + foreach ($argsToInsert->reverse() as $arg) { + $dockerfile->splice($fromLineIndex + 1, 0, [$arg]); + } + } + + // Verify first stage + expect($dockerfile[2])->toBe('FROM node:22-alpine AS build'); + expect($dockerfile[3])->toBe('ARG BUILD_VAR=production'); + expect($dockerfile[4])->toBe('WORKDIR /app'); + + // Verify second stage (index shifted by +1 due to first ARG insertion) + expect($dockerfile[22])->toBe('FROM node:22-alpine'); + expect($dockerfile[23])->toBe('ARG BUILD_VAR=production'); + expect($dockerfile[24])->toBe('WORKDIR /app'); +}); From df3dd84dfcfa117870060cee3ed87e474433fa1e Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 09:03:17 +0100 Subject: [PATCH 29/53] rebranded gcool to jean --- gcool.json => jean.json | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename gcool.json => jean.json (100%) diff --git a/gcool.json b/jean.json similarity index 100% rename from gcool.json rename to jean.json From d21ab6e11b6df37d22031f3ef7311a5d9c7761fc Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 09:04:45 +0100 Subject: [PATCH 30/53] fixed jean.json --- jean.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jean.json b/jean.json index 629d8569a..0be55f89b 100644 --- a/jean.json +++ b/jean.json @@ -1,6 +1,6 @@ { "scripts": { - "onWorktreeCreate": "cp $GCOOL_ROOT_PATH/.env .", + "onWorktreeCreate": "cp $JEAN_ROOT_PATH/.env .", "run": "docker rm -f coolify coolify-realtime coolify-minio coolify-testing-host coolify-redis coolify-db coolify-mail coolify-vite && spin up" } } From 88aa24057b9441ca8cf243d2e6837219a56865c8 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 09:21:41 +0100 Subject: [PATCH 31/53] fix: update environment variable mapping in deployment job --- app/Jobs/ApplicationDeploymentJob.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index a240a759a..08a6aa9cc 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -3289,7 +3289,10 @@ private function add_build_env_variables_to_dockerfile() } if ($envs->isNotEmpty()) { - $secrets_hash = $this->generate_secrets_hash($envs); + $envs_mapped = $envs->mapWithKeys(function ($env) { + return [$env->key => $env->real_value]; + }); + $secrets_hash = $this->generate_secrets_hash($envs_mapped); $dockerfile->splice(1, 0, ["ARG COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}"]); } From 1ab5dbca208e7c94258cde84b5fe54b80a6fbb18 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 12:30:03 +0100 Subject: [PATCH 32/53] fix: preserve empty strings and remove empty sections in docker-compose - Preserve empty string environment variables instead of converting to null Empty strings and null have different semantics in Docker Compose: * Empty string (VAR: ""): Variable is set to "" in container (e.g., HTTP_PROXY="" means "no proxy") * Null (VAR: null): Variable is unset/removed from container environment - Remove empty top-level sections (volumes, configs, secrets) from generated compose files These sections now only appear when they contain actual content, following Docker Compose best practices - Add safety check for missing volumes in validateComposeFile to prevent iteration errors - Add comprehensive unit tests for both fixes Fixes #7126 --- bootstrap/helpers/docker.php | 3 + bootstrap/helpers/parsers.php | 52 ++++- ...ckerComposeEmptyStringPreservationTest.php | 188 +++++++++++++++++ ...DockerComposeEmptyTopLevelSectionsTest.php | 194 ++++++++++++++++++ 4 files changed, 427 insertions(+), 10 deletions(-) create mode 100644 tests/Unit/DockerComposeEmptyStringPreservationTest.php create mode 100644 tests/Unit/DockerComposeEmptyTopLevelSectionsTest.php diff --git a/bootstrap/helpers/docker.php b/bootstrap/helpers/docker.php index d6c9b5bdf..5bccb50f1 100644 --- a/bootstrap/helpers/docker.php +++ b/bootstrap/helpers/docker.php @@ -1073,6 +1073,9 @@ function validateComposeFile(string $compose, int $server_id): string|Throwable } $yaml_compose = Yaml::parse($compose); foreach ($yaml_compose['services'] as $service_name => $service) { + if (! isset($service['volumes'])) { + continue; + } foreach ($service['volumes'] as $volume_name => $volume) { if (data_get($volume, 'type') === 'bind' && data_get($volume, 'content')) { unset($yaml_compose['services'][$service_name]['volumes'][$volume_name]['content']); diff --git a/bootstrap/helpers/parsers.php b/bootstrap/helpers/parsers.php index 01ae50f6b..beb643d7d 100644 --- a/bootstrap/helpers/parsers.php +++ b/bootstrap/helpers/parsers.php @@ -1164,13 +1164,17 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int $environment = $environment->filter(function ($value, $key) { return ! str($key)->startsWith('SERVICE_FQDN_'); })->map(function ($value, $key) use ($resource) { - // if value is empty, set it to null so if you set the environment variable in the .env file (Coolify's UI), it will used + // Preserve empty strings; only override if database value exists and is non-empty + // This is important because empty strings and null have different semantics in Docker: + // - Empty string: Variable is set to "" (e.g., HTTP_PROXY="" means "no proxy") + // - Null: Variable is unset/removed from container environment if (str($value)->isEmpty()) { - if ($resource->environment_variables()->where('key', $key)->exists()) { - $value = $resource->environment_variables()->where('key', $key)->first()->value; - } else { - $value = null; + $dbEnv = $resource->environment_variables()->where('key', $key)->first(); + // Only use database override if it exists AND has a non-empty value + if ($dbEnv && str($dbEnv->value)->isNotEmpty()) { + $value = $dbEnv->value; } + // Keep empty string as-is (don't convert to null) } return $value; @@ -1299,6 +1303,18 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int return array_search($key, $customOrder); }); + // Remove empty top-level sections (volumes, networks, configs, secrets) + // Keep only non-empty sections to match Docker Compose best practices + $topLevel = $topLevel->filter(function ($value, $key) { + // Always keep 'services' section + if ($key === 'services') { + return true; + } + + // Keep section only if it has content + return $value instanceof Collection ? $value->isNotEmpty() : ! empty($value); + }); + $cleanedCompose = Yaml::dump(convertToArray($topLevel), 10, 2); $resource->docker_compose = $cleanedCompose; @@ -2122,13 +2138,17 @@ function serviceParser(Service $resource): Collection $environment = $environment->filter(function ($value, $key) { return ! str($key)->startsWith('SERVICE_FQDN_'); })->map(function ($value, $key) use ($resource) { - // if value is empty, set it to null so if you set the environment variable in the .env file (Coolify's UI), it will used + // Preserve empty strings; only override if database value exists and is non-empty + // This is important because empty strings and null have different semantics in Docker: + // - Empty string: Variable is set to "" (e.g., HTTP_PROXY="" means "no proxy") + // - Null: Variable is unset/removed from container environment if (str($value)->isEmpty()) { - if ($resource->environment_variables()->where('key', $key)->exists()) { - $value = $resource->environment_variables()->where('key', $key)->first()->value; - } else { - $value = null; + $dbEnv = $resource->environment_variables()->where('key', $key)->first(); + // Only use database override if it exists AND has a non-empty value + if ($dbEnv && str($dbEnv->value)->isNotEmpty()) { + $value = $dbEnv->value; } + // Keep empty string as-is (don't convert to null) } return $value; @@ -2251,6 +2271,18 @@ function serviceParser(Service $resource): Collection return array_search($key, $customOrder); }); + // Remove empty top-level sections (volumes, networks, configs, secrets) + // Keep only non-empty sections to match Docker Compose best practices + $topLevel = $topLevel->filter(function ($value, $key) { + // Always keep 'services' section + if ($key === 'services') { + return true; + } + + // Keep section only if it has content + return $value instanceof Collection ? $value->isNotEmpty() : ! empty($value); + }); + $cleanedCompose = Yaml::dump(convertToArray($topLevel), 10, 2); $resource->docker_compose = $cleanedCompose; diff --git a/tests/Unit/DockerComposeEmptyStringPreservationTest.php b/tests/Unit/DockerComposeEmptyStringPreservationTest.php new file mode 100644 index 000000000..71f59ce81 --- /dev/null +++ b/tests/Unit/DockerComposeEmptyStringPreservationTest.php @@ -0,0 +1,188 @@ +toBeTrue('applicationParser function should exist'); + + // The code should NOT unconditionally set $value = null for empty strings + // Instead, it should preserve empty strings when no database override exists + + // Check for the pattern where we only override with database values when they're non-empty + // We're checking the fix is in place by looking for the logic pattern + $pattern1 = str_contains($parsersFile, 'if (str($value)->isEmpty())'); + expect($pattern1)->toBeTrue('Empty string check should exist'); +}); + +it('ensures parsers.php preserves empty strings in service parser', function () { + $parsersFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/parsers.php'); + + // Find the serviceParser function's environment mapping logic + $hasServiceParser = str_contains($parsersFile, 'function serviceParser('); + expect($hasServiceParser)->toBeTrue('serviceParser function should exist'); + + // The code should NOT unconditionally set $value = null for empty strings + // Same check as above for service parser + $pattern1 = str_contains($parsersFile, 'if (str($value)->isEmpty())'); + expect($pattern1)->toBeTrue('Empty string check should exist'); +}); + +it('verifies YAML parsing preserves empty strings correctly', function () { + // Test that Symfony YAML parser handles empty strings as we expect + $yamlWithEmptyString = <<<'YAML' +environment: + HTTP_PROXY: "" + HTTPS_PROXY: '' + NO_PROXY: "localhost" +YAML; + + $parsed = Yaml::parse($yamlWithEmptyString); + + // Empty strings should remain as empty strings, not null + expect($parsed['environment']['HTTP_PROXY'])->toBe(''); + expect($parsed['environment']['HTTPS_PROXY'])->toBe(''); + expect($parsed['environment']['NO_PROXY'])->toBe('localhost'); +}); + +it('verifies YAML parsing handles null values correctly', function () { + // Test that null values are preserved as null + $yamlWithNull = <<<'YAML' +environment: + HTTP_PROXY: null + HTTPS_PROXY: + NO_PROXY: "localhost" +YAML; + + $parsed = Yaml::parse($yamlWithNull); + + // Null should remain null + expect($parsed['environment']['HTTP_PROXY'])->toBeNull(); + expect($parsed['environment']['HTTPS_PROXY'])->toBeNull(); + expect($parsed['environment']['NO_PROXY'])->toBe('localhost'); +}); + +it('verifies YAML serialization preserves empty strings', function () { + // Test that empty strings serialize back correctly + $data = [ + 'environment' => [ + 'HTTP_PROXY' => '', + 'HTTPS_PROXY' => '', + 'NO_PROXY' => 'localhost', + ], + ]; + + $yaml = Yaml::dump($data, 10, 2); + + // Empty strings should be serialized with quotes + expect($yaml)->toContain("HTTP_PROXY: ''"); + expect($yaml)->toContain("HTTPS_PROXY: ''"); + expect($yaml)->toContain('NO_PROXY: localhost'); + + // Should NOT contain "null" + expect($yaml)->not->toContain('HTTP_PROXY: null'); +}); + +it('verifies YAML serialization handles null values', function () { + // Test that null values serialize as null + $data = [ + 'environment' => [ + 'HTTP_PROXY' => null, + 'HTTPS_PROXY' => null, + 'NO_PROXY' => 'localhost', + ], + ]; + + $yaml = Yaml::dump($data, 10, 2); + + // Null should be serialized as "null" + expect($yaml)->toContain('HTTP_PROXY: null'); + expect($yaml)->toContain('HTTPS_PROXY: null'); + expect($yaml)->toContain('NO_PROXY: localhost'); + + // Should NOT contain empty quotes for null values + expect($yaml)->not->toContain("HTTP_PROXY: ''"); +}); + +it('verifies empty string round-trip through YAML', function () { + // Test full round-trip: empty string -> YAML -> parse -> serialize -> parse + $original = [ + 'environment' => [ + 'HTTP_PROXY' => '', + 'NO_PROXY' => 'localhost', + ], + ]; + + // Serialize to YAML + $yaml1 = Yaml::dump($original, 10, 2); + + // Parse back + $parsed1 = Yaml::parse($yaml1); + + // Verify empty string is preserved + expect($parsed1['environment']['HTTP_PROXY'])->toBe(''); + expect($parsed1['environment']['NO_PROXY'])->toBe('localhost'); + + // Serialize again + $yaml2 = Yaml::dump($parsed1, 10, 2); + + // Parse again + $parsed2 = Yaml::parse($yaml2); + + // Should still be empty string, not null + expect($parsed2['environment']['HTTP_PROXY'])->toBe(''); + expect($parsed2['environment']['NO_PROXY'])->toBe('localhost'); + + // Both YAML representations should be equivalent + expect($yaml1)->toBe($yaml2); +}); + +it('verifies str()->isEmpty() behavior with empty strings and null', function () { + // Test Laravel's str()->isEmpty() helper behavior + + // Empty string should be considered empty + expect(str('')->isEmpty())->toBeTrue(); + + // Null should be considered empty + expect(str(null)->isEmpty())->toBeTrue(); + + // String with content should not be empty + expect(str('value')->isEmpty())->toBeFalse(); + + // This confirms that we need additional logic to distinguish + // between empty string ('') and null, since both are "isEmpty" +}); + +it('verifies the distinction between empty string and null in PHP', function () { + // Document PHP's behavior for empty strings vs null + + $emptyString = ''; + $nullValue = null; + + // They are different values + expect($emptyString === $nullValue)->toBeFalse(); + + // Empty string is not null + expect($emptyString === '')->toBeTrue(); + expect($nullValue === null)->toBeTrue(); + + // isset() treats them differently + $arrayWithEmpty = ['key' => '']; + $arrayWithNull = ['key' => null]; + + expect(isset($arrayWithEmpty['key']))->toBeTrue(); + expect(isset($arrayWithNull['key']))->toBeFalse(); +}); diff --git a/tests/Unit/DockerComposeEmptyTopLevelSectionsTest.php b/tests/Unit/DockerComposeEmptyTopLevelSectionsTest.php new file mode 100644 index 000000000..bfd674053 --- /dev/null +++ b/tests/Unit/DockerComposeEmptyTopLevelSectionsTest.php @@ -0,0 +1,194 @@ +toContain('Remove empty top-level sections') + ->toContain('->filter(function ($value, $key)'); +}); + +it('verifies YAML dump produces empty objects for empty arrays', function () { + // Demonstrate the problem: empty arrays serialize as empty objects + $data = [ + 'services' => ['web' => ['image' => 'nginx']], + 'volumes' => [], + 'configs' => [], + 'secrets' => [], + ]; + + $yaml = Yaml::dump($data, 10, 2); + + // Empty arrays become empty objects in YAML + expect($yaml)->toContain('volumes: { }'); + expect($yaml)->toContain('configs: { }'); + expect($yaml)->toContain('secrets: { }'); +}); + +it('verifies YAML dump omits keys that are not present', function () { + // Demonstrate the solution: omit empty keys entirely + $data = [ + 'services' => ['web' => ['image' => 'nginx']], + // Don't include volumes, configs, secrets at all + ]; + + $yaml = Yaml::dump($data, 10, 2); + + // Keys that don't exist are not in the output + expect($yaml)->not->toContain('volumes:'); + expect($yaml)->not->toContain('configs:'); + expect($yaml)->not->toContain('secrets:'); + expect($yaml)->toContain('services:'); +}); + +it('verifies collection filter removes empty items', function () { + // Test Laravel Collection filter behavior + $collection = collect([ + 'services' => collect(['web' => ['image' => 'nginx']]), + 'volumes' => collect([]), + 'networks' => collect(['coolify' => ['external' => true]]), + 'configs' => collect([]), + 'secrets' => collect([]), + ]); + + $filtered = $collection->filter(function ($value, $key) { + // Always keep services + if ($key === 'services') { + return true; + } + + // Keep only non-empty collections + return $value->isNotEmpty(); + }); + + // Should have services and networks (non-empty) + expect($filtered)->toHaveKey('services'); + expect($filtered)->toHaveKey('networks'); + + // Should NOT have volumes, configs, secrets (empty) + expect($filtered)->not->toHaveKey('volumes'); + expect($filtered)->not->toHaveKey('configs'); + expect($filtered)->not->toHaveKey('secrets'); +}); + +it('verifies filtered collections serialize cleanly to YAML', function () { + // Full test: filter then serialize + $collection = collect([ + 'services' => collect(['web' => ['image' => 'nginx']]), + 'volumes' => collect([]), + 'networks' => collect(['coolify' => ['external' => true]]), + 'configs' => collect([]), + 'secrets' => collect([]), + ]); + + $filtered = $collection->filter(function ($value, $key) { + if ($key === 'services') { + return true; + } + + return $value->isNotEmpty(); + }); + + $yaml = Yaml::dump($filtered->toArray(), 10, 2); + + // Should have services and networks + expect($yaml)->toContain('services:'); + expect($yaml)->toContain('networks:'); + + // Should NOT have empty sections + expect($yaml)->not->toContain('volumes:'); + expect($yaml)->not->toContain('configs:'); + expect($yaml)->not->toContain('secrets:'); +}); + +it('ensures services section is always kept even if empty', function () { + // Services should never be filtered out + $collection = collect([ + 'services' => collect([]), + 'volumes' => collect([]), + ]); + + $filtered = $collection->filter(function ($value, $key) { + if ($key === 'services') { + return true; // Always keep + } + + return $value->isNotEmpty(); + }); + + // Services should be present + expect($filtered)->toHaveKey('services'); + + // Volumes should be removed + expect($filtered)->not->toHaveKey('volumes'); +}); + +it('verifies non-empty sections are preserved', function () { + // Non-empty sections should remain + $collection = collect([ + 'services' => collect(['web' => ['image' => 'nginx']]), + 'volumes' => collect(['data' => ['driver' => 'local']]), + 'networks' => collect(['coolify' => ['external' => true]]), + 'configs' => collect(['app_config' => ['file' => './config']]), + 'secrets' => collect(['db_password' => ['file' => './secret']]), + ]); + + $filtered = $collection->filter(function ($value, $key) { + if ($key === 'services') { + return true; + } + + return $value->isNotEmpty(); + }); + + // All sections should be present (none are empty) + expect($filtered)->toHaveKey('services'); + expect($filtered)->toHaveKey('volumes'); + expect($filtered)->toHaveKey('networks'); + expect($filtered)->toHaveKey('configs'); + expect($filtered)->toHaveKey('secrets'); + + // Count should be 5 (all original keys) + expect($filtered->count())->toBe(5); +}); + +it('verifies mixed empty and non-empty sections', function () { + // Mixed scenario: some empty, some not + $collection = collect([ + 'services' => collect(['web' => ['image' => 'nginx']]), + 'volumes' => collect([]), // Empty + 'networks' => collect(['coolify' => ['external' => true]]), // Not empty + 'configs' => collect([]), // Empty + 'secrets' => collect(['db_password' => ['file' => './secret']]), // Not empty + ]); + + $filtered = $collection->filter(function ($value, $key) { + if ($key === 'services') { + return true; + } + + return $value->isNotEmpty(); + }); + + // Should have: services, networks, secrets + expect($filtered)->toHaveKey('services'); + expect($filtered)->toHaveKey('networks'); + expect($filtered)->toHaveKey('secrets'); + + // Should NOT have: volumes, configs + expect($filtered)->not->toHaveKey('volumes'); + expect($filtered)->not->toHaveKey('configs'); + + // Count should be 3 + expect($filtered->count())->toBe(3); +}); From f89c5d2b21687b36bcac27f294ea9adeb92cbcd0 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 12:41:04 +0100 Subject: [PATCH 33/53] fix: enhance onWorktreeCreate script to include directory creation and settings copy --- jean.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jean.json b/jean.json index 0be55f89b..c625e08c0 100644 --- a/jean.json +++ b/jean.json @@ -1,6 +1,6 @@ { "scripts": { - "onWorktreeCreate": "cp $JEAN_ROOT_PATH/.env .", + "onWorktreeCreate": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json", "run": "docker rm -f coolify coolify-realtime coolify-minio coolify-testing-host coolify-redis coolify-db coolify-mail coolify-vite && spin up" } } From bcd225bd22d494f7160185afe7ac2aa5eeb7af77 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 14:30:39 +0100 Subject: [PATCH 34/53] feat: Implement required port validation for service applications - Added `requiredPort` property to `ServiceApplicationView` to track the required port for services. - Introduced modal confirmation for removing required ports, including methods to confirm or cancel the action. - Enhanced `Service` model with `getRequiredPort` and `requiresPort` methods to retrieve port information from service templates. - Implemented `extractPortFromUrl` method in `ServiceApplication` to extract port from FQDN URLs. - Updated frontend views to display warnings when required ports are missing from domains. - Created unit tests for service port validation and extraction logic, ensuring correct behavior for various scenarios. - Added feature tests for Livewire component handling of domain submissions with required ports. --- app/Livewire/Project/Service/EditDomain.php | 55 ++++++ .../Service/ServiceApplicationView.php | 55 ++++++ app/Models/Service.php | 25 +++ app/Models/ServiceApplication.php | 47 +++++ bootstrap/helpers/parsers.php | 39 ++-- .../project/service/edit-domain.blade.php | 67 ++++++- .../service-application-view.blade.php | 71 ++++++- .../Feature/DatabaseBackupCreationApiTest.php | 2 - .../Service/EditDomainPortValidationTest.php | 154 ++++++++++++++++ ...ckerComposeEmptyStringPreservationTest.php | 128 ++++++++++++- tests/Unit/Policies/PrivateKeyPolicyTest.php | 1 - .../Unit/ServicePortSpecificVariablesTest.php | 174 ++++++++++++++++++ tests/Unit/ServiceRequiredPortTest.php | 153 +++++++++++++++ 13 files changed, 938 insertions(+), 33 deletions(-) create mode 100644 tests/Feature/Service/EditDomainPortValidationTest.php create mode 100644 tests/Unit/ServicePortSpecificVariablesTest.php create mode 100644 tests/Unit/ServiceRequiredPortTest.php diff --git a/app/Livewire/Project/Service/EditDomain.php b/app/Livewire/Project/Service/EditDomain.php index 371c860ca..a9a7de878 100644 --- a/app/Livewire/Project/Service/EditDomain.php +++ b/app/Livewire/Project/Service/EditDomain.php @@ -22,6 +22,12 @@ class EditDomain extends Component public $forceSaveDomains = false; + public $showPortWarningModal = false; + + public $forceRemovePort = false; + + public $requiredPort = null; + #[Validate(['nullable'])] public ?string $fqdn = null; @@ -33,6 +39,7 @@ public function mount() { $this->application = ServiceApplication::ownedByCurrentTeam()->findOrFail($this->applicationId); $this->authorize('view', $this->application); + $this->requiredPort = $this->application->service->getRequiredPort(); $this->syncData(); } @@ -58,6 +65,19 @@ public function confirmDomainUsage() $this->submit(); } + public function confirmRemovePort() + { + $this->forceRemovePort = true; + $this->showPortWarningModal = false; + $this->submit(); + } + + public function cancelRemovePort() + { + $this->showPortWarningModal = false; + $this->syncData(); // Reset to original FQDN + } + public function submit() { try { @@ -91,6 +111,41 @@ public function submit() $this->forceSaveDomains = false; } + // Check for required port + if (! $this->forceRemovePort) { + $service = $this->application->service; + $requiredPort = $service->getRequiredPort(); + + if ($requiredPort !== null) { + // Check if all FQDNs have a port + $fqdns = str($this->fqdn)->trim()->explode(','); + $missingPort = false; + + foreach ($fqdns as $fqdn) { + $fqdn = trim($fqdn); + if (empty($fqdn)) { + continue; + } + + $port = ServiceApplication::extractPortFromUrl($fqdn); + if ($port === null) { + $missingPort = true; + break; + } + } + + if ($missingPort) { + $this->requiredPort = $requiredPort; + $this->showPortWarningModal = true; + + return; + } + } + } else { + // Reset the force flag after using it + $this->forceRemovePort = false; + } + $this->validate(); $this->application->save(); $this->application->refresh(); diff --git a/app/Livewire/Project/Service/ServiceApplicationView.php b/app/Livewire/Project/Service/ServiceApplicationView.php index 09392ab09..1d8d8b247 100644 --- a/app/Livewire/Project/Service/ServiceApplicationView.php +++ b/app/Livewire/Project/Service/ServiceApplicationView.php @@ -30,6 +30,12 @@ class ServiceApplicationView extends Component public $forceSaveDomains = false; + public $showPortWarningModal = false; + + public $forceRemovePort = false; + + public $requiredPort = null; + #[Validate(['nullable'])] public ?string $humanName = null; @@ -129,12 +135,26 @@ public function mount() try { $this->parameters = get_route_parameters(); $this->authorize('view', $this->application); + $this->requiredPort = $this->application->service->getRequiredPort(); $this->syncData(); } catch (\Throwable $e) { return handleError($e, $this); } } + public function confirmRemovePort() + { + $this->forceRemovePort = true; + $this->showPortWarningModal = false; + $this->submit(); + } + + public function cancelRemovePort() + { + $this->showPortWarningModal = false; + $this->syncData(); // Reset to original FQDN + } + public function syncData(bool $toModel = false): void { if ($toModel) { @@ -246,6 +266,41 @@ public function submit() $this->forceSaveDomains = false; } + // Check for required port + if (! $this->forceRemovePort) { + $service = $this->application->service; + $requiredPort = $service->getRequiredPort(); + + if ($requiredPort !== null) { + // Check if all FQDNs have a port + $fqdns = str($this->fqdn)->trim()->explode(','); + $missingPort = false; + + foreach ($fqdns as $fqdn) { + $fqdn = trim($fqdn); + if (empty($fqdn)) { + continue; + } + + $port = ServiceApplication::extractPortFromUrl($fqdn); + if ($port === null) { + $missingPort = true; + break; + } + } + + if ($missingPort) { + $this->requiredPort = $requiredPort; + $this->showPortWarningModal = true; + + return; + } + } + } else { + // Reset the force flag after using it + $this->forceRemovePort = false; + } + $this->validate(); $this->application->save(); $this->application->refresh(); diff --git a/app/Models/Service.php b/app/Models/Service.php index c4b8623e0..12d3d6a11 100644 --- a/app/Models/Service.php +++ b/app/Models/Service.php @@ -1184,6 +1184,31 @@ public function documentation() return data_get($service, 'documentation', config('constants.urls.docs')); } + /** + * Get the required port for this service from the template definition. + */ + public function getRequiredPort(): ?int + { + try { + $services = get_service_templates(); + $serviceName = str($this->name)->beforeLast('-')->value(); + $service = data_get($services, $serviceName, []); + $port = data_get($service, 'port'); + + return $port ? (int) $port : null; + } catch (\Throwable) { + return null; + } + } + + /** + * Check if this service requires a port to function correctly. + */ + public function requiresPort(): bool + { + return $this->getRequiredPort() !== null; + } + public function applications() { return $this->hasMany(ServiceApplication::class); diff --git a/app/Models/ServiceApplication.php b/app/Models/ServiceApplication.php index 5cafc9042..49bd56206 100644 --- a/app/Models/ServiceApplication.php +++ b/app/Models/ServiceApplication.php @@ -118,6 +118,53 @@ public function fqdns(): Attribute ); } + /** + * Extract port number from a given FQDN URL. + * Returns null if no port is specified. + */ + public static function extractPortFromUrl(string $url): ?int + { + try { + // Ensure URL has a scheme for proper parsing + if (! str_starts_with($url, 'http://') && ! str_starts_with($url, 'https://')) { + $url = 'http://'.$url; + } + + $parsed = parse_url($url); + $port = $parsed['port'] ?? null; + + return $port ? (int) $port : null; + } catch (\Throwable) { + return null; + } + } + + /** + * Check if all FQDNs have a port specified. + */ + public function allFqdnsHavePort(): bool + { + if (is_null($this->fqdn) || $this->fqdn === '') { + return false; + } + + $fqdns = explode(',', $this->fqdn); + + foreach ($fqdns as $fqdn) { + $fqdn = trim($fqdn); + if (empty($fqdn)) { + continue; + } + + $port = self::extractPortFromUrl($fqdn); + if ($port === null) { + return false; + } + } + + return true; + } + public function getFilesFromServer(bool $isInit = false) { getFilesystemVolumesFromServer($this, $isInit); diff --git a/bootstrap/helpers/parsers.php b/bootstrap/helpers/parsers.php index beb643d7d..1deec45d7 100644 --- a/bootstrap/helpers/parsers.php +++ b/bootstrap/helpers/parsers.php @@ -1164,17 +1164,21 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int $environment = $environment->filter(function ($value, $key) { return ! str($key)->startsWith('SERVICE_FQDN_'); })->map(function ($value, $key) use ($resource) { - // Preserve empty strings; only override if database value exists and is non-empty - // This is important because empty strings and null have different semantics in Docker: + // Preserve empty strings and null values with correct Docker Compose semantics: // - Empty string: Variable is set to "" (e.g., HTTP_PROXY="" means "no proxy") - // - Null: Variable is unset/removed from container environment - if (str($value)->isEmpty()) { + // - Null: Variable is unset/removed from container environment (may inherit from host) + if ($value === null) { + // User explicitly wants variable unset - respect that + // NEVER override from database - null means "inherit from environment" + // Keep as null (will be excluded from container environment) + } elseif ($value === '') { + // Empty string - allow database override for backward compatibility $dbEnv = $resource->environment_variables()->where('key', $key)->first(); // Only use database override if it exists AND has a non-empty value if ($dbEnv && str($dbEnv->value)->isNotEmpty()) { $value = $dbEnv->value; } - // Keep empty string as-is (don't convert to null) + // Otherwise keep empty string as-is } return $value; @@ -1605,21 +1609,22 @@ function serviceParser(Service $resource): Collection ]); } if (substr_count(str($key)->value(), '_') === 3) { - $newKey = str($key)->beforeLast('_'); + // For port-specific variables (e.g., SERVICE_FQDN_UMAMI_3000), + // keep the port suffix in the key and use the URL with port $resource->environment_variables()->updateOrCreate([ - 'key' => $newKey->value(), + 'key' => $key->value(), 'resourceable_type' => get_class($resource), 'resourceable_id' => $resource->id, ], [ - 'value' => $fqdn, + 'value' => $fqdnWithPort, 'is_preview' => false, ]); $resource->environment_variables()->updateOrCreate([ - 'key' => $newKey->value(), + 'key' => $key->value(), 'resourceable_type' => get_class($resource), 'resourceable_id' => $resource->id, ], [ - 'value' => $url, + 'value' => $urlWithPort, 'is_preview' => false, ]); } @@ -2138,17 +2143,21 @@ function serviceParser(Service $resource): Collection $environment = $environment->filter(function ($value, $key) { return ! str($key)->startsWith('SERVICE_FQDN_'); })->map(function ($value, $key) use ($resource) { - // Preserve empty strings; only override if database value exists and is non-empty - // This is important because empty strings and null have different semantics in Docker: + // Preserve empty strings and null values with correct Docker Compose semantics: // - Empty string: Variable is set to "" (e.g., HTTP_PROXY="" means "no proxy") - // - Null: Variable is unset/removed from container environment - if (str($value)->isEmpty()) { + // - Null: Variable is unset/removed from container environment (may inherit from host) + if ($value === null) { + // User explicitly wants variable unset - respect that + // NEVER override from database - null means "inherit from environment" + // Keep as null (will be excluded from container environment) + } elseif ($value === '') { + // Empty string - allow database override for backward compatibility $dbEnv = $resource->environment_variables()->where('key', $key)->first(); // Only use database override if it exists AND has a non-empty value if ($dbEnv && str($dbEnv->value)->isNotEmpty()) { $value = $dbEnv->value; } - // Keep empty string as-is (don't convert to null) + // Otherwise keep empty string as-is } return $value; diff --git a/resources/views/livewire/project/service/edit-domain.blade.php b/resources/views/livewire/project/service/edit-domain.blade.php index a126eca5b..0691146f6 100644 --- a/resources/views/livewire/project/service/edit-domain.blade.php +++ b/resources/views/livewire/project/service/edit-domain.blade.php @@ -1,7 +1,13 @@
-
Note: If a service has a defined port, do not delete it.
If you want to use your custom - domain, you can add it with a port.
+ @if($requiredPort) + + This service requires port {{ $requiredPort }} to function correctly. All domains must include this port number (or any other port if you know what you're doing). +

+ Example: http://app.coolify.io:{{ $requiredPort }} + + @endif + @@ -18,4 +24,61 @@ + + @if ($showPortWarningModal) +
+ +
+ @endif
diff --git a/resources/views/livewire/project/service/service-application-view.blade.php b/resources/views/livewire/project/service/service-application-view.blade.php index b95dc6540..5fb4a62d0 100644 --- a/resources/views/livewire/project/service/service-application-view.blade.php +++ b/resources/views/livewire/project/service/service-application-view.blade.php @@ -22,6 +22,14 @@ @endcan
+ @if($requiredPort && !$application->serviceType()?->contains(str($application->image)->before(':'))) + + This service requires port {{ $requiredPort }} to function correctly. All domains must include this port number (or any other port if you know what you're doing). +

+ Example: http://app.coolify.io:{{ $requiredPort }} + + @endif +
@@ -68,9 +76,9 @@
-
    @@ -81,4 +89,61 @@
+ + @if ($showPortWarningModal) +
+ +
+ @endif
diff --git a/tests/Feature/DatabaseBackupCreationApiTest.php b/tests/Feature/DatabaseBackupCreationApiTest.php index 16a65dff2..893141de3 100644 --- a/tests/Feature/DatabaseBackupCreationApiTest.php +++ b/tests/Feature/DatabaseBackupCreationApiTest.php @@ -1,7 +1,5 @@ user = User::factory()->create(); + $this->team = Team::factory()->create(); + $this->user->teams()->attach($this->team, ['role' => 'owner']); + $this->actingAs($this->user); + + // Create server + $this->server = Server::factory()->create([ + 'team_id' => $this->team->id, + ]); + + // Create standalone docker destination + $this->destination = StandaloneDocker::factory()->create([ + 'server_id' => $this->server->id, + ]); + + // Create project and environment + $this->project = Project::factory()->create([ + 'team_id' => $this->team->id, + ]); + + $this->environment = Environment::factory()->create([ + 'project_id' => $this->project->id, + ]); + + // Create service with a name that maps to a template with required port + $this->service = Service::factory()->create([ + 'name' => 'supabase-test123', + 'server_id' => $this->server->id, + 'destination_id' => $this->destination->id, + 'destination_type' => $this->destination->getMorphClass(), + 'environment_id' => $this->environment->id, + ]); + + // Create service application + $this->serviceApplication = ServiceApplication::factory()->create([ + 'service_id' => $this->service->id, + 'fqdn' => 'http://example.com:8000', + ]); + + // Mock get_service_templates to return a service with required port + if (! function_exists('get_service_templates_mock')) { + function get_service_templates_mock() + { + return collect([ + 'supabase' => [ + 'name' => 'Supabase', + 'port' => '8000', + 'documentation' => 'https://supabase.com', + ], + ]); + } + } +}); + +it('loads the EditDomain component with required port', function () { + Livewire::test(EditDomain::class, ['applicationId' => $this->serviceApplication->id]) + ->assertSet('requiredPort', 8000) + ->assertSet('fqdn', 'http://example.com:8000') + ->assertOk(); +}); + +it('shows warning modal when trying to remove required port', function () { + Livewire::test(EditDomain::class, ['applicationId' => $this->serviceApplication->id]) + ->set('fqdn', 'http://example.com') // Remove port + ->call('submit') + ->assertSet('showPortWarningModal', true) + ->assertSet('requiredPort', 8000); +}); + +it('allows port removal when user confirms', function () { + Livewire::test(EditDomain::class, ['applicationId' => $this->serviceApplication->id]) + ->set('fqdn', 'http://example.com') // Remove port + ->call('submit') + ->assertSet('showPortWarningModal', true) + ->call('confirmRemovePort') + ->assertSet('showPortWarningModal', false); + + // Verify the FQDN was updated in database + $this->serviceApplication->refresh(); + expect($this->serviceApplication->fqdn)->toBe('http://example.com'); +}); + +it('cancels port removal when user cancels', function () { + $originalFqdn = $this->serviceApplication->fqdn; + + Livewire::test(EditDomain::class, ['applicationId' => $this->serviceApplication->id]) + ->set('fqdn', 'http://example.com') // Remove port + ->call('submit') + ->assertSet('showPortWarningModal', true) + ->call('cancelRemovePort') + ->assertSet('showPortWarningModal', false) + ->assertSet('fqdn', $originalFqdn); // Should revert to original +}); + +it('allows saving when port is changed to different port', function () { + Livewire::test(EditDomain::class, ['applicationId' => $this->serviceApplication->id]) + ->set('fqdn', 'http://example.com:3000') // Change to different port + ->call('submit') + ->assertSet('showPortWarningModal', false); // Should not show warning + + // Verify the FQDN was updated + $this->serviceApplication->refresh(); + expect($this->serviceApplication->fqdn)->toBe('http://example.com:3000'); +}); + +it('allows saving when all domains have ports (multiple domains)', function () { + Livewire::test(EditDomain::class, ['applicationId' => $this->serviceApplication->id]) + ->set('fqdn', 'http://example.com:8000,https://app.example.com:8080') + ->call('submit') + ->assertSet('showPortWarningModal', false); // Should not show warning +}); + +it('shows warning when at least one domain is missing port (multiple domains)', function () { + Livewire::test(EditDomain::class, ['applicationId' => $this->serviceApplication->id]) + ->set('fqdn', 'http://example.com:8000,https://app.example.com') // Second domain missing port + ->call('submit') + ->assertSet('showPortWarningModal', true); +}); + +it('does not show warning for services without required port', function () { + // Create a service without required port (e.g., cloudflared) + $serviceWithoutPort = Service::factory()->create([ + 'name' => 'cloudflared-test456', + 'server_id' => $this->server->id, + 'destination_id' => $this->destination->id, + 'destination_type' => $this->destination->getMorphClass(), + 'environment_id' => $this->environment->id, + ]); + + $appWithoutPort = ServiceApplication::factory()->create([ + 'service_id' => $serviceWithoutPort->id, + 'fqdn' => 'http://example.com', + ]); + + Livewire::test(EditDomain::class, ['applicationId' => $appWithoutPort->id]) + ->set('fqdn', 'http://example.com') // No port + ->call('submit') + ->assertSet('showPortWarningModal', false); // Should not show warning +}); diff --git a/tests/Unit/DockerComposeEmptyStringPreservationTest.php b/tests/Unit/DockerComposeEmptyStringPreservationTest.php index 71f59ce81..df654f2ea 100644 --- a/tests/Unit/DockerComposeEmptyStringPreservationTest.php +++ b/tests/Unit/DockerComposeEmptyStringPreservationTest.php @@ -19,13 +19,13 @@ $hasApplicationParser = str_contains($parsersFile, 'function applicationParser('); expect($hasApplicationParser)->toBeTrue('applicationParser function should exist'); - // The code should NOT unconditionally set $value = null for empty strings - // Instead, it should preserve empty strings when no database override exists + // The code should distinguish between null and empty string + // Check for the pattern where we explicitly check for null vs empty string + $hasNullCheck = str_contains($parsersFile, 'if ($value === null)'); + $hasEmptyStringCheck = str_contains($parsersFile, "} elseif (\$value === '') {"); - // Check for the pattern where we only override with database values when they're non-empty - // We're checking the fix is in place by looking for the logic pattern - $pattern1 = str_contains($parsersFile, 'if (str($value)->isEmpty())'); - expect($pattern1)->toBeTrue('Empty string check should exist'); + expect($hasNullCheck)->toBeTrue('Should have explicit null check'); + expect($hasEmptyStringCheck)->toBeTrue('Should have explicit empty string check'); }); it('ensures parsers.php preserves empty strings in service parser', function () { @@ -35,10 +35,13 @@ $hasServiceParser = str_contains($parsersFile, 'function serviceParser('); expect($hasServiceParser)->toBeTrue('serviceParser function should exist'); - // The code should NOT unconditionally set $value = null for empty strings - // Same check as above for service parser - $pattern1 = str_contains($parsersFile, 'if (str($value)->isEmpty())'); - expect($pattern1)->toBeTrue('Empty string check should exist'); + // The code should distinguish between null and empty string + // Same check as application parser + $hasNullCheck = str_contains($parsersFile, 'if ($value === null)'); + $hasEmptyStringCheck = str_contains($parsersFile, "} elseif (\$value === '') {"); + + expect($hasNullCheck)->toBeTrue('Should have explicit null check'); + expect($hasEmptyStringCheck)->toBeTrue('Should have explicit empty string check'); }); it('verifies YAML parsing preserves empty strings correctly', function () { @@ -186,3 +189,108 @@ expect(isset($arrayWithEmpty['key']))->toBeTrue(); expect(isset($arrayWithNull['key']))->toBeFalse(); }); + +it('verifies YAML null syntax options all produce PHP null', function () { + // Test all three ways to write null in YAML + $yamlWithNullSyntax = <<<'YAML' +environment: + VAR_NO_VALUE: + VAR_EXPLICIT_NULL: null + VAR_TILDE: ~ + VAR_EMPTY_STRING: "" +YAML; + + $parsed = Yaml::parse($yamlWithNullSyntax); + + // All three null syntaxes should produce PHP null + expect($parsed['environment']['VAR_NO_VALUE'])->toBeNull(); + expect($parsed['environment']['VAR_EXPLICIT_NULL'])->toBeNull(); + expect($parsed['environment']['VAR_TILDE'])->toBeNull(); + + // Empty string should remain empty string + expect($parsed['environment']['VAR_EMPTY_STRING'])->toBe(''); +}); + +it('verifies null round-trip through YAML', function () { + // Test full round-trip: null -> YAML -> parse -> serialize -> parse + $original = [ + 'environment' => [ + 'NULL_VAR' => null, + 'EMPTY_VAR' => '', + 'VALUE_VAR' => 'localhost', + ], + ]; + + // Serialize to YAML + $yaml1 = Yaml::dump($original, 10, 2); + + // Parse back + $parsed1 = Yaml::parse($yaml1); + + // Verify types are preserved + expect($parsed1['environment']['NULL_VAR'])->toBeNull(); + expect($parsed1['environment']['EMPTY_VAR'])->toBe(''); + expect($parsed1['environment']['VALUE_VAR'])->toBe('localhost'); + + // Serialize again + $yaml2 = Yaml::dump($parsed1, 10, 2); + + // Parse again + $parsed2 = Yaml::parse($yaml2); + + // Should still have correct types + expect($parsed2['environment']['NULL_VAR'])->toBeNull(); + expect($parsed2['environment']['EMPTY_VAR'])->toBe(''); + expect($parsed2['environment']['VALUE_VAR'])->toBe('localhost'); + + // Both YAML representations should be equivalent + expect($yaml1)->toBe($yaml2); +}); + +it('verifies null vs empty string behavior difference', function () { + // Document the critical difference between null and empty string + + // Null in YAML + $yamlNull = "VAR: null\n"; + $parsedNull = Yaml::parse($yamlNull); + expect($parsedNull['VAR'])->toBeNull(); + + // Empty string in YAML + $yamlEmpty = "VAR: \"\"\n"; + $parsedEmpty = Yaml::parse($yamlEmpty); + expect($parsedEmpty['VAR'])->toBe(''); + + // They should NOT be equal + expect($parsedNull['VAR'] === $parsedEmpty['VAR'])->toBeFalse(); + + // Verify type differences + expect(is_null($parsedNull['VAR']))->toBeTrue(); + expect(is_string($parsedEmpty['VAR']))->toBeTrue(); +}); + +it('verifies parser logic distinguishes null from empty string', function () { + // Test the exact === comparison behavior + $nullValue = null; + $emptyString = ''; + + // PHP strict comparison + expect($nullValue === null)->toBeTrue(); + expect($emptyString === '')->toBeTrue(); + expect($nullValue === $emptyString)->toBeFalse(); + + // This is what the parser should use for correct behavior + if ($nullValue === null) { + $nullHandled = true; + } else { + $nullHandled = false; + } + + if ($emptyString === '') { + $emptyHandled = true; + } else { + $emptyHandled = false; + } + + expect($nullHandled)->toBeTrue(); + expect($emptyHandled)->toBeTrue(); +}); diff --git a/tests/Unit/Policies/PrivateKeyPolicyTest.php b/tests/Unit/Policies/PrivateKeyPolicyTest.php index dd0037403..6844d92f7 100644 --- a/tests/Unit/Policies/PrivateKeyPolicyTest.php +++ b/tests/Unit/Policies/PrivateKeyPolicyTest.php @@ -1,6 +1,5 @@ toBeTrue('Should have comment about port-specific variables'); + expect($usesFqdnWithPort)->toBeTrue('Should use $fqdnWithPort for port variables'); + expect($usesUrlWithPort)->toBeTrue('Should use $urlWithPort for port variables'); +}); + +it('verifies SERVICE_URL variable naming convention', function () { + // Test the naming convention for port-specific variables + + // Base variable (no port): SERVICE_URL_UMAMI + $baseKey = 'SERVICE_URL_UMAMI'; + expect(substr_count($baseKey, '_'))->toBe(2); + + // Port-specific variable: SERVICE_URL_UMAMI_3000 + $portKey = 'SERVICE_URL_UMAMI_3000'; + expect(substr_count($portKey, '_'))->toBe(3); + + // Extract service name + $serviceName = str($portKey)->after('SERVICE_URL_')->beforeLast('_')->lower()->value(); + expect($serviceName)->toBe('umami'); + + // Extract port + $port = str($portKey)->afterLast('_')->value(); + expect($port)->toBe('3000'); +}); + +it('verifies SERVICE_FQDN variable naming convention', function () { + // Test the naming convention for port-specific FQDN variables + + // Base variable (no port): SERVICE_FQDN_POSTGRES + $baseKey = 'SERVICE_FQDN_POSTGRES'; + expect(substr_count($baseKey, '_'))->toBe(2); + + // Port-specific variable: SERVICE_FQDN_POSTGRES_5432 + $portKey = 'SERVICE_FQDN_POSTGRES_5432'; + expect(substr_count($portKey, '_'))->toBe(3); + + // Extract service name + $serviceName = str($portKey)->after('SERVICE_FQDN_')->beforeLast('_')->lower()->value(); + expect($serviceName)->toBe('postgres'); + + // Extract port + $port = str($portKey)->afterLast('_')->value(); + expect($port)->toBe('5432'); +}); + +it('verifies URL with port format', function () { + // Test that URLs with ports are formatted correctly + $baseUrl = 'http://umami-abc123.domain.com'; + $port = '3000'; + + $urlWithPort = "$baseUrl:$port"; + + expect($urlWithPort)->toBe('http://umami-abc123.domain.com:3000'); + expect($urlWithPort)->toContain(':3000'); +}); + +it('verifies FQDN with port format', function () { + // Test that FQDNs with ports are formatted correctly + $baseFqdn = 'postgres-xyz789.domain.com'; + $port = '5432'; + + $fqdnWithPort = "$baseFqdn:$port"; + + expect($fqdnWithPort)->toBe('postgres-xyz789.domain.com:5432'); + expect($fqdnWithPort)->toContain(':5432'); +}); + +it('verifies port extraction from variable name', function () { + // Test extracting port from various variable names + $tests = [ + 'SERVICE_URL_APP_3000' => '3000', + 'SERVICE_URL_API_8080' => '8080', + 'SERVICE_FQDN_DB_5432' => '5432', + 'SERVICE_FQDN_REDIS_6379' => '6379', + ]; + + foreach ($tests as $varName => $expectedPort) { + $port = str($varName)->afterLast('_')->value(); + expect($port)->toBe($expectedPort, "Port extraction failed for $varName"); + } +}); + +it('verifies service name extraction with port suffix', function () { + // Test extracting service name when port is present + $tests = [ + 'SERVICE_URL_APP_3000' => 'app', + 'SERVICE_URL_MY_API_8080' => 'my_api', + 'SERVICE_FQDN_DB_5432' => 'db', + 'SERVICE_FQDN_REDIS_CACHE_6379' => 'redis_cache', + ]; + + foreach ($tests as $varName => $expectedService) { + if (str($varName)->startsWith('SERVICE_URL_')) { + $serviceName = str($varName)->after('SERVICE_URL_')->beforeLast('_')->lower()->value(); + } else { + $serviceName = str($varName)->after('SERVICE_FQDN_')->beforeLast('_')->lower()->value(); + } + expect($serviceName)->toBe($expectedService, "Service name extraction failed for $varName"); + } +}); + +it('verifies distinction between base and port-specific variables', function () { + // Test that base and port-specific variables are different + $baseUrl = 'SERVICE_URL_UMAMI'; + $portUrl = 'SERVICE_URL_UMAMI_3000'; + + expect($baseUrl)->not->toBe($portUrl); + expect(substr_count($baseUrl, '_'))->toBe(2); + expect(substr_count($portUrl, '_'))->toBe(3); + + // Port-specific should contain port number + expect(str($portUrl)->contains('_3000'))->toBeTrue(); + expect(str($baseUrl)->contains('_3000'))->toBeFalse(); +}); + +it('verifies multiple port variables for same service', function () { + // Test that a service can have multiple port-specific variables + $service = 'api'; + $ports = ['3000', '8080', '9090']; + + foreach ($ports as $port) { + $varName = "SERVICE_URL_API_$port"; + + // Should have 3 underscores + expect(substr_count($varName, '_'))->toBe(3); + + // Should extract correct service name + $serviceName = str($varName)->after('SERVICE_URL_')->beforeLast('_')->lower()->value(); + expect($serviceName)->toBe('api'); + + // Should extract correct port + $extractedPort = str($varName)->afterLast('_')->value(); + expect($extractedPort)->toBe($port); + } +}); + +it('verifies common port numbers are handled correctly', function () { + // Test common port numbers used in applications + $commonPorts = [ + '80' => 'HTTP', + '443' => 'HTTPS', + '3000' => 'Node.js/React', + '5432' => 'PostgreSQL', + '6379' => 'Redis', + '8080' => 'Alternative HTTP', + '9000' => 'PHP-FPM', + ]; + + foreach ($commonPorts as $port => $description) { + $varName = "SERVICE_URL_APP_$port"; + + expect(substr_count($varName, '_'))->toBe(3, "Failed for $description port $port"); + + $extractedPort = str($varName)->afterLast('_')->value(); + expect($extractedPort)->toBe((string) $port, "Port extraction failed for $description"); + } +}); diff --git a/tests/Unit/ServiceRequiredPortTest.php b/tests/Unit/ServiceRequiredPortTest.php new file mode 100644 index 000000000..70bf2bca2 --- /dev/null +++ b/tests/Unit/ServiceRequiredPortTest.php @@ -0,0 +1,153 @@ + [ + 'name' => 'Supabase', + 'port' => '8000', + ], + 'umami' => [ + 'name' => 'Umami', + 'port' => '3000', + ], + ]); + + $service = Mockery::mock(Service::class)->makePartial(); + $service->name = 'supabase-xyz123'; + + // Mock the get_service_templates function to return our mock data + $service->shouldReceive('getRequiredPort')->andReturn(8000); + + expect($service->getRequiredPort())->toBe(8000); +}); + +it('returns null for service without required port', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->name = 'cloudflared-xyz123'; + + // Mock to return null for services without port + $service->shouldReceive('getRequiredPort')->andReturn(null); + + expect($service->getRequiredPort())->toBeNull(); +}); + +it('requiresPort returns true when service has required port', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('getRequiredPort')->andReturn(8000); + $service->shouldReceive('requiresPort')->andReturnUsing(function () use ($service) { + return $service->getRequiredPort() !== null; + }); + + expect($service->requiresPort())->toBeTrue(); +}); + +it('requiresPort returns false when service has no required port', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('getRequiredPort')->andReturn(null); + $service->shouldReceive('requiresPort')->andReturnUsing(function () use ($service) { + return $service->getRequiredPort() !== null; + }); + + expect($service->requiresPort())->toBeFalse(); +}); + +it('extracts port from URL with http scheme', function () { + $url = 'http://example.com:3000'; + $port = ServiceApplication::extractPortFromUrl($url); + + expect($port)->toBe(3000); +}); + +it('extracts port from URL with https scheme', function () { + $url = 'https://example.com:8080'; + $port = ServiceApplication::extractPortFromUrl($url); + + expect($port)->toBe(8080); +}); + +it('extracts port from URL without scheme', function () { + $url = 'example.com:5000'; + $port = ServiceApplication::extractPortFromUrl($url); + + expect($port)->toBe(5000); +}); + +it('returns null for URL without port', function () { + $url = 'http://example.com'; + $port = ServiceApplication::extractPortFromUrl($url); + + expect($port)->toBeNull(); +}); + +it('returns null for URL without port and without scheme', function () { + $url = 'example.com'; + $port = ServiceApplication::extractPortFromUrl($url); + + expect($port)->toBeNull(); +}); + +it('handles invalid URLs gracefully', function () { + $url = 'not-a-valid-url:::'; + $port = ServiceApplication::extractPortFromUrl($url); + + expect($port)->toBeNull(); +}); + +it('checks if all FQDNs have port - single FQDN with port', function () { + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->fqdn = 'http://example.com:3000'; + + $result = $app->allFqdnsHavePort(); + + expect($result)->toBeTrue(); +}); + +it('checks if all FQDNs have port - single FQDN without port', function () { + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->fqdn = 'http://example.com'; + + $result = $app->allFqdnsHavePort(); + + expect($result)->toBeFalse(); +}); + +it('checks if all FQDNs have port - multiple FQDNs all with ports', function () { + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->fqdn = 'http://example.com:3000,https://example.org:8080'; + + $result = $app->allFqdnsHavePort(); + + expect($result)->toBeTrue(); +}); + +it('checks if all FQDNs have port - multiple FQDNs one without port', function () { + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->fqdn = 'http://example.com:3000,https://example.org'; + + $result = $app->allFqdnsHavePort(); + + expect($result)->toBeFalse(); +}); + +it('checks if all FQDNs have port - empty FQDN', function () { + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->fqdn = ''; + + $result = $app->allFqdnsHavePort(); + + expect($result)->toBeFalse(); +}); + +it('checks if all FQDNs have port - null FQDN', function () { + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->fqdn = null; + + $result = $app->allFqdnsHavePort(); + + expect($result)->toBeFalse(); +}); From 2768805996dbf7f7374d4c759bbfefd4ec73972c Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 14:33:42 +0100 Subject: [PATCH 35/53] fix: update helper_version to 1.0.12 in constants configuration --- config/constants.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/constants.php b/config/constants.php index 25581f4ad..02a1eaae6 100644 --- a/config/constants.php +++ b/config/constants.php @@ -3,7 +3,7 @@ return [ 'coolify' => [ 'version' => '4.0.0-beta.442', - 'helper_version' => '1.0.11', + 'helper_version' => '1.0.12', 'realtime_version' => '1.0.10', 'self_hosted' => env('SELF_HOSTED', true), 'autoupdate' => env('AUTOUPDATE'), From 24bcce3f9bd0f19c4c4aac2012b5d1cdbda3532c Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 14:36:34 +0100 Subject: [PATCH 36/53] Update app/Console/Commands/SyncBunny.php Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- app/Console/Commands/SyncBunny.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/app/Console/Commands/SyncBunny.php b/app/Console/Commands/SyncBunny.php index 1a76b33d1..64e91fa0a 100644 --- a/app/Console/Commands/SyncBunny.php +++ b/app/Console/Commands/SyncBunny.php @@ -82,8 +82,26 @@ private function syncReleasesToGitHubRepo(): bool return false; } + $this->info('Checking for changes...'); + $statusOutput = []; + exec('cd '.escapeshellarg($tmpDir).' && git status --porcelain json/releases.json 2>&1', $statusOutput, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to check repository status: '.implode("\n", $statusOutput)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + if (empty(array_filter($statusOutput))) { + $this->info('Releases are already up to date. No changes to commit.'); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return true; + } + $commitMessage = 'Update releases.json with latest releases - '.date('Y-m-d H:i:s'); - exec("cd $tmpDir && git commit -m '$commitMessage' 2>&1", $output, $returnCode); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git commit -m '.escapeshellarg($commitMessage).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to commit changes: '.implode("\n", $output)); exec("rm -rf $tmpDir"); From 2d64cdad7c3bfbb27d077df42fcff2664099ce40 Mon Sep 17 00:00:00 2001 From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com> Date: Thu, 6 Nov 2025 14:36:59 +0100 Subject: [PATCH 37/53] ci(claude): remove unused workflows --- .github/workflows/claude-code-review.yml | 79 ------------------------ .github/workflows/claude.yml | 65 ------------------- 2 files changed, 144 deletions(-) delete mode 100644 .github/workflows/claude-code-review.yml delete mode 100644 .github/workflows/claude.yml diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml deleted file mode 100644 index a2c92df59..000000000 --- a/.github/workflows/claude-code-review.yml +++ /dev/null @@ -1,79 +0,0 @@ -name: Claude Code Review - -on: - pull_request: - types: [opened, synchronize] - # Optional: Only run on specific file changes - # paths: - # - "src/**/*.ts" - # - "src/**/*.tsx" - # - "src/**/*.js" - # - "src/**/*.jsx" - -jobs: - claude-review: - if: false - # Optional: Filter by PR author - # if: | - # github.event.pull_request.user.login == 'external-contributor' || - # github.event.pull_request.user.login == 'new-developer' || - # github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR' - - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: read - issues: read - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - name: Run Claude Code Review - id: claude-review - uses: anthropics/claude-code-action@beta - with: - claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} - - # Optional: Specify model (defaults to Claude Sonnet 4, uncomment for Claude Opus 4.1) - # model: "claude-opus-4-1-20250805" - - # Direct prompt for automated review (no @claude mention needed) - direct_prompt: | - Please review this pull request and provide feedback on: - - Code quality and best practices - - Potential bugs or issues - - Performance considerations - - Security concerns - - Test coverage - - Be constructive and helpful in your feedback. - - # Optional: Use sticky comments to make Claude reuse the same comment on subsequent pushes to the same PR - # use_sticky_comment: true - - # Optional: Customize review based on file types - # direct_prompt: | - # Review this PR focusing on: - # - For TypeScript files: Type safety and proper interface usage - # - For API endpoints: Security, input validation, and error handling - # - For React components: Performance, accessibility, and best practices - # - For tests: Coverage, edge cases, and test quality - - # Optional: Different prompts for different authors - # direct_prompt: | - # ${{ github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR' && - # 'Welcome! Please review this PR from a first-time contributor. Be encouraging and provide detailed explanations for any suggestions.' || - # 'Please provide a thorough code review focusing on our coding standards and best practices.' }} - - # Optional: Add specific tools for running tests or linting - # allowed_tools: "Bash(npm run test),Bash(npm run lint),Bash(npm run typecheck)" - - # Optional: Skip review for certain conditions - # if: | - # !contains(github.event.pull_request.title, '[skip-review]') && - # !contains(github.event.pull_request.title, '[WIP]') - diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml deleted file mode 100644 index 9daf0e90e..000000000 --- a/.github/workflows/claude.yml +++ /dev/null @@ -1,65 +0,0 @@ -name: Claude Code - -on: - issue_comment: - types: [created] - pull_request_review_comment: - types: [created] - issues: - types: [opened, assigned] - pull_request_review: - types: [submitted] - -jobs: - claude: - if: | - (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || - (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || - (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || - (github.event_name == 'issues' && github.event.action == 'labeled' && github.event.label.name == 'Claude') || - (github.event_name == 'pull_request' && github.event.action == 'labeled' && github.event.label.name == 'Claude') || - (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: read - issues: read - id-token: write - actions: read # Required for Claude to read CI results on PRs - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - name: Run Claude Code - id: claude - uses: anthropics/claude-code-action@v1 - with: - anthropic_api_key: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} - - # This is an optional setting that allows Claude to read CI results on PRs - additional_permissions: | - actions: read - - # Optional: Specify model (defaults to Claude Sonnet 4, uncomment for Claude Opus 4.1) - # model: "claude-opus-4-1-20250805" - - # Optional: Customize the trigger phrase (default: @claude) - # trigger_phrase: "/claude" - - # Optional: Trigger when specific user is assigned to an issue - # assignee_trigger: "claude-bot" - - # Optional: Allow Claude to run specific commands - # allowed_tools: "Bash(npm install),Bash(npm run build),Bash(npm run test:*),Bash(npm run lint:*)" - - # Optional: Add custom instructions for Claude to customize its behavior for your project - # custom_instructions: | - # Follow our coding standards - # Ensure all new code has tests - # Use TypeScript for new files - - # Optional: Custom environment variables for Claude - # claude_env: | - # NODE_ENV: test From 6557514954ac36ebd95f5eb704acee887ee9e61f Mon Sep 17 00:00:00 2001 From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com> Date: Thu, 6 Nov 2025 14:40:54 +0100 Subject: [PATCH 38/53] ci(workflows): improve security and update actions - set top-level explicit permissions for each GitHub Actions workflow for improved security and deduplication of permissions. - add `persist-credentials: false` to actions/checkout for improved security - see https://github.com/actions/checkout#checkout-v4 - update actions/checkout from v4 to v5 --- ...lock-closed-issues-discussions-and-prs.yml | 7 ++++- .../chore-manage-stale-issues-and-prs.yml | 4 +++ .github/workflows/chore-pr-comments.yml | 15 +++-------- ...e-remove-labels-and-assignees-on-close.yml | 4 +++ .github/workflows/cleanup-ghcr-untagged.yml | 9 +++---- .github/workflows/coolify-helper-next.yml | 26 ++++++++++--------- .github/workflows/coolify-helper.yml | 25 +++++++++--------- .../workflows/coolify-production-build.yml | 19 +++++++++----- .github/workflows/coolify-realtime-next.yml | 26 ++++++++++--------- .github/workflows/coolify-realtime.yml | 25 +++++++++--------- .github/workflows/coolify-staging-build.yml | 14 +++++----- .github/workflows/coolify-testing-host.yml | 25 +++++++++--------- .github/workflows/generate-changelog.yml | 1 + 13 files changed, 110 insertions(+), 90 deletions(-) diff --git a/.github/workflows/chore-lock-closed-issues-discussions-and-prs.yml b/.github/workflows/chore-lock-closed-issues-discussions-and-prs.yml index d00853964..365842254 100644 --- a/.github/workflows/chore-lock-closed-issues-discussions-and-prs.yml +++ b/.github/workflows/chore-lock-closed-issues-discussions-and-prs.yml @@ -4,6 +4,11 @@ on: schedule: - cron: '0 1 * * *' +permissions: + issues: write + discussions: write + pull-requests: write + jobs: lock-threads: runs-on: ubuntu-latest @@ -13,5 +18,5 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} issue-inactive-days: '30' - pr-inactive-days: '30' discussion-inactive-days: '30' + pr-inactive-days: '30' diff --git a/.github/workflows/chore-manage-stale-issues-and-prs.yml b/.github/workflows/chore-manage-stale-issues-and-prs.yml index 58a2b7d7e..d61005549 100644 --- a/.github/workflows/chore-manage-stale-issues-and-prs.yml +++ b/.github/workflows/chore-manage-stale-issues-and-prs.yml @@ -4,6 +4,10 @@ on: schedule: - cron: '0 2 * * *' +permissions: + issues: write + pull-requests: write + jobs: manage-stale: runs-on: ubuntu-latest diff --git a/.github/workflows/chore-pr-comments.yml b/.github/workflows/chore-pr-comments.yml index 8836c6632..1d94bec81 100644 --- a/.github/workflows/chore-pr-comments.yml +++ b/.github/workflows/chore-pr-comments.yml @@ -3,20 +3,13 @@ on: pull_request_target: types: - labeled + +permissions: + pull-requests: write + jobs: add-comment: runs-on: ubuntu-latest - permissions: - pull-requests: write - contents: read - actions: none - checks: none - deployments: none - issues: none - packages: none - repository-projects: none - security-events: none - statuses: none strategy: matrix: include: diff --git a/.github/workflows/chore-remove-labels-and-assignees-on-close.yml b/.github/workflows/chore-remove-labels-and-assignees-on-close.yml index 194984ddc..8ac199a08 100644 --- a/.github/workflows/chore-remove-labels-and-assignees-on-close.yml +++ b/.github/workflows/chore-remove-labels-and-assignees-on-close.yml @@ -8,6 +8,10 @@ on: pull_request_target: types: [closed] +permissions: + issues: write + pull-requests: write + jobs: remove-labels-and-assignees: runs-on: ubuntu-latest diff --git a/.github/workflows/cleanup-ghcr-untagged.yml b/.github/workflows/cleanup-ghcr-untagged.yml index 394fba68f..a86cedcb0 100644 --- a/.github/workflows/cleanup-ghcr-untagged.yml +++ b/.github/workflows/cleanup-ghcr-untagged.yml @@ -1,17 +1,14 @@ name: Cleanup Untagged GHCR Images on: - workflow_dispatch: # Manual trigger only + workflow_dispatch: -env: - GITHUB_REGISTRY: ghcr.io +permissions: + packages: write jobs: cleanup-all-packages: runs-on: ubuntu-latest - permissions: - contents: read - packages: write strategy: matrix: package: ['coolify', 'coolify-helper', 'coolify-realtime', 'coolify-testing-host'] diff --git a/.github/workflows/coolify-helper-next.yml b/.github/workflows/coolify-helper-next.yml index a4a2a21f6..ba8a69d28 100644 --- a/.github/workflows/coolify-helper-next.yml +++ b/.github/workflows/coolify-helper-next.yml @@ -7,6 +7,10 @@ on: - .github/workflows/coolify-helper-next.yml - docker/coolify-helper/Dockerfile +permissions: + contents: read + packages: write + env: GITHUB_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io @@ -15,11 +19,10 @@ env: jobs: amd64: runs-on: ubuntu-latest - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -54,11 +57,10 @@ jobs: coolify.managed=true aarch64: runs-on: [ self-hosted, arm64 ] - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -94,12 +96,12 @@ jobs: merge-manifest: runs-on: ubuntu-latest - permissions: - contents: read - packages: write needs: [ amd64, aarch64 ] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false + - uses: docker/setup-buildx-action@v3 - name: Login to ${{ env.GITHUB_REGISTRY }} diff --git a/.github/workflows/coolify-helper.yml b/.github/workflows/coolify-helper.yml index 56c3eaa17..738a3480c 100644 --- a/.github/workflows/coolify-helper.yml +++ b/.github/workflows/coolify-helper.yml @@ -7,6 +7,10 @@ on: - .github/workflows/coolify-helper.yml - docker/coolify-helper/Dockerfile +permissions: + contents: read + packages: write + env: GITHUB_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io @@ -15,11 +19,10 @@ env: jobs: amd64: runs-on: ubuntu-latest - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -54,11 +57,10 @@ jobs: coolify.managed=true aarch64: runs-on: [ self-hosted, arm64 ] - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -93,12 +95,11 @@ jobs: coolify.managed=true merge-manifest: runs-on: ubuntu-latest - permissions: - contents: read - packages: write needs: [ amd64, aarch64 ] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/coolify-production-build.yml b/.github/workflows/coolify-production-build.yml index cd1f002b8..b6cfd34ae 100644 --- a/.github/workflows/coolify-production-build.yml +++ b/.github/workflows/coolify-production-build.yml @@ -14,6 +14,10 @@ on: - templates/** - CHANGELOG.md +permissions: + contents: read + packages: write + env: GITHUB_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io @@ -23,7 +27,9 @@ jobs: amd64: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -58,7 +64,9 @@ jobs: aarch64: runs-on: [self-hosted, arm64] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -92,12 +100,11 @@ jobs: merge-manifest: runs-on: ubuntu-latest - permissions: - contents: read - packages: write needs: [amd64, aarch64] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/coolify-realtime-next.yml b/.github/workflows/coolify-realtime-next.yml index ad590146b..7a6071bde 100644 --- a/.github/workflows/coolify-realtime-next.yml +++ b/.github/workflows/coolify-realtime-next.yml @@ -11,6 +11,10 @@ on: - docker/coolify-realtime/package-lock.json - docker/coolify-realtime/soketi-entrypoint.sh +permissions: + contents: read + packages: write + env: GITHUB_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io @@ -19,11 +23,10 @@ env: jobs: amd64: runs-on: ubuntu-latest - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -59,11 +62,11 @@ jobs: aarch64: runs-on: [ self-hosted, arm64 ] - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false + - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -99,12 +102,11 @@ jobs: merge-manifest: runs-on: ubuntu-latest - permissions: - contents: read - packages: write needs: [ amd64, aarch64 ] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/coolify-realtime.yml b/.github/workflows/coolify-realtime.yml index d00621cc2..1074af3ee 100644 --- a/.github/workflows/coolify-realtime.yml +++ b/.github/workflows/coolify-realtime.yml @@ -11,6 +11,10 @@ on: - docker/coolify-realtime/package-lock.json - docker/coolify-realtime/soketi-entrypoint.sh +permissions: + contents: read + packages: write + env: GITHUB_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io @@ -19,11 +23,10 @@ env: jobs: amd64: runs-on: ubuntu-latest - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -59,11 +62,10 @@ jobs: aarch64: runs-on: [ self-hosted, arm64 ] - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -99,12 +101,11 @@ jobs: merge-manifest: runs-on: ubuntu-latest - permissions: - contents: read - packages: write needs: [ amd64, aarch64 ] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/coolify-staging-build.yml b/.github/workflows/coolify-staging-build.yml index df737c9c3..67b7b03e8 100644 --- a/.github/workflows/coolify-staging-build.yml +++ b/.github/workflows/coolify-staging-build.yml @@ -17,6 +17,10 @@ on: - templates/** - CHANGELOG.md +permissions: + contents: read + packages: write + env: GITHUB_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io @@ -34,11 +38,10 @@ jobs: platform: linux/aarch64 runner: ubuntu-24.04-arm runs-on: ${{ matrix.runner }} - permissions: - contents: read - packages: write steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Sanitize branch name for Docker tag id: sanitize @@ -82,11 +85,10 @@ jobs: merge-manifest: runs-on: ubuntu-24.04 needs: build-push - permissions: - contents: read - packages: write steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Sanitize branch name for Docker tag id: sanitize diff --git a/.github/workflows/coolify-testing-host.yml b/.github/workflows/coolify-testing-host.yml index 95a228114..c4aecd85e 100644 --- a/.github/workflows/coolify-testing-host.yml +++ b/.github/workflows/coolify-testing-host.yml @@ -7,6 +7,10 @@ on: - .github/workflows/coolify-testing-host.yml - docker/testing-host/Dockerfile +permissions: + contents: read + packages: write + env: GITHUB_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io @@ -15,11 +19,10 @@ env: jobs: amd64: runs-on: ubuntu-latest - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -50,11 +53,10 @@ jobs: aarch64: runs-on: [ self-hosted, arm64 ] - permissions: - contents: read - packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Login to ${{ env.GITHUB_REGISTRY }} uses: docker/login-action@v3 @@ -85,12 +87,11 @@ jobs: merge-manifest: runs-on: ubuntu-latest - permissions: - contents: read - packages: write needs: [ amd64, aarch64 ] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/generate-changelog.yml b/.github/workflows/generate-changelog.yml index 935a88721..f62b41736 100644 --- a/.github/workflows/generate-changelog.yml +++ b/.github/workflows/generate-changelog.yml @@ -16,6 +16,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: + persist-credentials: false fetch-depth: 0 - name: Generate changelog From 4e734492e01bf379978e594a206022af377eb632 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 14:57:19 +0100 Subject: [PATCH 39/53] fix: escape shell arguments in syncBunny command execution --- app/Console/Commands/SyncBunny.php | 31 +++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/app/Console/Commands/SyncBunny.php b/app/Console/Commands/SyncBunny.php index 64e91fa0a..e634feadb 100644 --- a/app/Console/Commands/SyncBunny.php +++ b/app/Console/Commands/SyncBunny.php @@ -50,7 +50,7 @@ private function syncReleasesToGitHubRepo(): bool // Clone the repository $this->info('Cloning coolify-cdn repository...'); - exec("gh repo clone coollabsio/coolify-cdn $tmpDir 2>&1", $output, $returnCode); + exec('gh repo clone coollabsio/coolify-cdn '.escapeshellarg($tmpDir).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to clone repository: '.implode("\n", $output)); @@ -59,10 +59,10 @@ private function syncReleasesToGitHubRepo(): bool // Create feature branch $this->info('Creating feature branch...'); - exec("cd $tmpDir && git checkout -b $branchName 2>&1", $output, $returnCode); + exec('cd '.escapeshellarg($tmpDir).' && git checkout -b '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to create branch: '.implode("\n", $output)); - exec("rm -rf $tmpDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); return false; } @@ -70,14 +70,23 @@ private function syncReleasesToGitHubRepo(): bool // Write releases.json $this->info('Writing releases.json...'); $releasesPath = "$tmpDir/json/releases.json"; - file_put_contents($releasesPath, json_encode($releases, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)); + $jsonContent = json_encode($releases, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); + $bytesWritten = file_put_contents($releasesPath, $jsonContent); + + if ($bytesWritten === false) { + $this->error("Failed to write releases.json to: $releasesPath"); + $this->error('Possible reasons: directory does not exist, permission denied, or disk full.'); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } // Stage and commit $this->info('Committing changes...'); - exec("cd $tmpDir && git add json/releases.json 2>&1", $output, $returnCode); + exec('cd '.escapeshellarg($tmpDir).' && git add json/releases.json 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to stage changes: '.implode("\n", $output)); - exec("rm -rf $tmpDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); return false; } @@ -104,17 +113,17 @@ private function syncReleasesToGitHubRepo(): bool exec('cd '.escapeshellarg($tmpDir).' && git commit -m '.escapeshellarg($commitMessage).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to commit changes: '.implode("\n", $output)); - exec("rm -rf $tmpDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); return false; } // Push to remote $this->info('Pushing branch to remote...'); - exec("cd $tmpDir && git push origin $branchName 2>&1", $output, $returnCode); + exec('cd '.escapeshellarg($tmpDir).' && git push origin '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to push branch: '.implode("\n", $output)); - exec("rm -rf $tmpDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); return false; } @@ -123,11 +132,11 @@ private function syncReleasesToGitHubRepo(): bool $this->info('Creating pull request...'); $prTitle = 'Update releases.json - '.date('Y-m-d H:i:s'); $prBody = 'Automated update of releases.json with latest '.count($releases).' releases from GitHub API'; - $prCommand = "gh pr create --repo coollabsio/coolify-cdn --title '$prTitle' --body '$prBody' --base main --head $branchName 2>&1"; + $prCommand = 'gh pr create --repo coollabsio/coolify-cdn --title '.escapeshellarg($prTitle).' --body '.escapeshellarg($prBody).' --base main --head '.escapeshellarg($branchName).' 2>&1'; exec($prCommand, $output, $returnCode); // Clean up - exec("rm -rf $tmpDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); if ($returnCode !== 0) { $this->error('Failed to create PR: '.implode("\n", $output)); From f005602147bb59aad048d12ede2d1291fc9ce21d Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 6 Nov 2025 15:00:24 +0100 Subject: [PATCH 40/53] fix: remove Gozunga from the list of sponsors in README --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index f159cde89..456a1268e 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,6 @@ ## Big Sponsors * [Dade2](https://dade2.net/?ref=coolify.io) - IT Consulting, Cloud Solutions & System Integration * [Formbricks](https://formbricks.com?ref=coolify.io) - The open source feedback platform * [GoldenVM](https://billing.goldenvm.com?ref=coolify.io) - Premium virtual machine hosting solutions -* [Gozunga](https://gozunga.com?ref=coolify.io) - Seriously Simple Cloud Infrastructure * [Hetzner](http://htznr.li/CoolifyXHetzner) - Server, cloud, hosting, and data center solutions * [Hostinger](https://www.hostinger.com/vps/coolify-hosting?ref=coolify.io) - Web hosting and VPS solutions * [JobsCollider](https://jobscollider.com/remote-jobs?ref=coolify.io) - 30,000+ remote jobs for developers From ffa4123a721d13c41d881965c1e78dd68e6fce87 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 6 Nov 2025 14:06:03 +0000 Subject: [PATCH 41/53] chore(deps-dev): bump tar from 7.5.1 to 7.5.2 Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.1 to 7.5.2. - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-tar/compare/v7.5.1...v7.5.2) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9e8fe7328..f8ef518d2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -916,7 +916,8 @@ "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz", "integrity": "sha512-9BCxFwvbGg/RsZK9tjXd8s4UcwR0MWeFQ1XEKIQVVvAGJyINdrqKMcTRyLoK8Rse1GjzLV9cwjWV1olXRWEXVA==", "dev": true, - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/@tailwindcss/forms": { "version": "0.5.10", @@ -1431,8 +1432,7 @@ "version": "5.5.0", "resolved": "https://registry.npmjs.org/@xterm/xterm/-/xterm-5.5.0.tgz", "integrity": "sha512-hqJHYaQb5OptNunnyAnkHyM8aCjZ1MEIDTQu1iIbbTD/xops91NB5yq1ZK/dC2JDbVWtF23zUtl9JE2NqwT87A==", - "license": "MIT", - "peer": true + "license": "MIT" }, "node_modules/asynckit": { "version": "0.4.0", @@ -1595,6 +1595,7 @@ "integrity": "sha512-T0iLjnyNWahNyv/lcjS2y4oE358tVS/SYQNxYXGAJ9/GLgH4VCvOQ/mhTjqU88mLZCQgiG8RIegFHYCdVC+j5w==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@socket.io/component-emitter": "~3.1.0", "debug": "~4.3.1", @@ -1609,6 +1610,7 @@ "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "ms": "^2.1.3" }, @@ -1627,6 +1629,7 @@ "integrity": "sha512-HqD3yTBfnBxIrbnM1DoD6Pcq8NECnh8d4As1Qgh0z5Gg3jRRIqijury0CL3ghu/edArpUYiYqQiDUQBIs4np3Q==", "dev": true, "license": "MIT", + "peer": true, "engines": { "node": ">=10.0.0" } @@ -2388,7 +2391,6 @@ "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", "dev": true, "license": "MIT", - "peer": true, "engines": { "node": ">=12" }, @@ -2465,7 +2467,6 @@ "integrity": "sha512-wp3HqIIUc1GRyu1XrP6m2dgyE9MoCsXVsWNlohj0rjSkLf+a0jLvEyVubdg58oMk7bhjBWnFClgp8jfAa6Ak4Q==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "tweetnacl": "^1.0.3" } @@ -2550,6 +2551,7 @@ "integrity": "sha512-hJVXfu3E28NmzGk8o1sHhN3om52tRvwYeidbj7xKy2eIIse5IoKX3USlS6Tqt3BHAtflLIkCQBkzVrEEfWUyYQ==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@socket.io/component-emitter": "~3.1.0", "debug": "~4.3.2", @@ -2566,6 +2568,7 @@ "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "ms": "^2.1.3" }, @@ -2584,6 +2587,7 @@ "integrity": "sha512-/GbIKmo8ioc+NIWIhwdecY0ge+qVBSMdgxGygevmdHj24bsfgtCmcUUcQ5ZzcylGFHsN3k4HB4Cgkl96KVnuew==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@socket.io/component-emitter": "~3.1.0", "debug": "~4.3.1" @@ -2598,6 +2602,7 @@ "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "ms": "^2.1.3" }, @@ -2646,8 +2651,7 @@ "version": "4.1.10", "resolved": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-4.1.10.tgz", "integrity": "sha512-P3nr6WkvKV/ONsTzj6Gb57sWPMX29EPNPopo7+FcpkQaNsrNpZ1pv8QmrYI2RqEKD7mlGqLnGovlcYnBK0IqUA==", - "license": "MIT", - "peer": true + "license": "MIT" }, "node_modules/tapable": { "version": "2.3.0", @@ -2664,11 +2668,11 @@ } }, "node_modules/tar": { - "version": "7.5.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.1.tgz", - "integrity": "sha512-nlGpxf+hv0v7GkWBK2V9spgactGOp0qvfWRxUMjqHyzrt3SgwE48DIv/FhqPHJYLHpgW1opq3nERbz5Anq7n1g==", + "version": "7.5.2", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.2.tgz", + "integrity": "sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==", "dev": true, - "license": "ISC", + "license": "BlueOak-1.0.0", "dependencies": { "@isaacs/fs-minipass": "^4.0.0", "chownr": "^3.0.0", @@ -2716,7 +2720,6 @@ "integrity": "sha512-+Oxm7q9hDoLMyJOYfUYBuHQo+dkAloi33apOPP56pzj+vsdJDzr+j1NISE5pyaAuKL4A3UD34qd0lx5+kfKp2g==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "esbuild": "^0.25.0", "fdir": "^6.4.4", @@ -2816,7 +2819,6 @@ "integrity": "sha512-rjOV2ecxMd5SiAmof2xzh2WxntRcigkX/He4YFJ6WdRvVUrbt6DxC1Iujh10XLl8xCDRDtGKMeO3D+pRQ1PP9w==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@vue/compiler-dom": "3.5.16", "@vue/compiler-sfc": "3.5.16", @@ -2839,6 +2841,7 @@ "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "dev": true, "license": "MIT", + "peer": true, "engines": { "node": ">=10.0.0" }, @@ -2860,6 +2863,7 @@ "resolved": "https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-2.1.2.tgz", "integrity": "sha512-TEU+nJVUUnA4CYJFLvK5X9AOeH4KvDvhIfm0vV1GaQRtchnG0hgK5p8hw/xjv8cunWYCsiPCSDzObPyhEwq3KQ==", "dev": true, + "peer": true, "engines": { "node": ">=0.4.0" } From 560c98e280b68e4da1fe3acfcbef2b92a081fa17 Mon Sep 17 00:00:00 2001 From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com> Date: Thu, 6 Nov 2025 15:11:13 +0100 Subject: [PATCH 42/53] ci(workflow): fix changelog generation --- .github/workflows/generate-changelog.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/generate-changelog.yml b/.github/workflows/generate-changelog.yml index f62b41736..935a88721 100644 --- a/.github/workflows/generate-changelog.yml +++ b/.github/workflows/generate-changelog.yml @@ -16,7 +16,6 @@ jobs: - name: Checkout uses: actions/checkout@v4 with: - persist-credentials: false fetch-depth: 0 - name: Generate changelog From 3801be2fd4427899ca1b47c95a94ae14e1e7cb46 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 08:19:47 +0100 Subject: [PATCH 43/53] ci(workflows): refactor build-push jobs to use matrix strategy for multi-architecture support --- .github/workflows/coolify-helper-next.yml | 69 ++++++------------ .github/workflows/coolify-helper.yml | 69 ++++++------------ .../workflows/coolify-production-build.yml | 68 ++++++------------ .github/workflows/coolify-realtime-next.yml | 71 ++++++------------- .github/workflows/coolify-realtime.yml | 70 ++++++------------ .github/workflows/coolify-testing-host.yml | 65 ++++++----------- 6 files changed, 126 insertions(+), 286 deletions(-) diff --git a/.github/workflows/coolify-helper-next.yml b/.github/workflows/coolify-helper-next.yml index ba8a69d28..fec54d54a 100644 --- a/.github/workflows/coolify-helper-next.yml +++ b/.github/workflows/coolify-helper-next.yml @@ -17,8 +17,17 @@ env: IMAGE_NAME: "coollabsio/coolify-helper" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -43,60 +52,22 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-helper/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - labels: | - coolify.managed=true - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-helper/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -126,14 +97,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:next - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:next diff --git a/.github/workflows/coolify-helper.yml b/.github/workflows/coolify-helper.yml index 738a3480c..0c9996ec8 100644 --- a/.github/workflows/coolify-helper.yml +++ b/.github/workflows/coolify-helper.yml @@ -17,8 +17,17 @@ env: IMAGE_NAME: "coollabsio/coolify-helper" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -43,59 +52,21 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-helper/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - labels: | - coolify.managed=true - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-helper/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -125,14 +96,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest diff --git a/.github/workflows/coolify-production-build.yml b/.github/workflows/coolify-production-build.yml index b6cfd34ae..21871b103 100644 --- a/.github/workflows/coolify-production-build.yml +++ b/.github/workflows/coolify-production-build.yml @@ -24,8 +24,17 @@ env: IMAGE_NAME: "coollabsio/coolify" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -50,57 +59,20 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/production/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - - aarch64: - runs-on: [self-hosted, arm64] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/production/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} merge-manifest: - runs-on: ubuntu-latest - needs: [amd64, aarch64] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -130,14 +102,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest diff --git a/.github/workflows/coolify-realtime-next.yml b/.github/workflows/coolify-realtime-next.yml index 7a6071bde..7ab4dcc42 100644 --- a/.github/workflows/coolify-realtime-next.yml +++ b/.github/workflows/coolify-realtime-next.yml @@ -21,8 +21,17 @@ env: IMAGE_NAME: "coollabsio/coolify-realtime" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -47,62 +56,22 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-realtime/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - labels: | - coolify.managed=true - - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-realtime/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -132,14 +101,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:next - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:next diff --git a/.github/workflows/coolify-realtime.yml b/.github/workflows/coolify-realtime.yml index 1074af3ee..5efe445c5 100644 --- a/.github/workflows/coolify-realtime.yml +++ b/.github/workflows/coolify-realtime.yml @@ -21,8 +21,17 @@ env: IMAGE_NAME: "coollabsio/coolify-realtime" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -47,61 +56,22 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-realtime/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - labels: | - coolify.managed=true - - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-realtime/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -131,14 +101,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest diff --git a/.github/workflows/coolify-testing-host.yml b/.github/workflows/coolify-testing-host.yml index c4aecd85e..24133887a 100644 --- a/.github/workflows/coolify-testing-host.yml +++ b/.github/workflows/coolify-testing-host.yml @@ -17,8 +17,17 @@ env: IMAGE_NAME: "coollabsio/coolify-testing-host" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -38,56 +47,22 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/testing-host/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - labels: | - coolify.managed=true - - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/testing-host/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -112,13 +87,15 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - uses: sarisia/actions-status-discord@v1 From 73985350ec1dbef1a62c3379ab2bd95eafd6f1b5 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 08:26:58 +0100 Subject: [PATCH 44/53] fix: update version numbers to 4.0.0-beta.443 and 4.0.0-beta.444 --- config/constants.php | 2 +- other/nightly/versions.json | 4 ++-- versions.json | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/config/constants.php b/config/constants.php index 02a1eaae6..770e00ffe 100644 --- a/config/constants.php +++ b/config/constants.php @@ -2,7 +2,7 @@ return [ 'coolify' => [ - 'version' => '4.0.0-beta.442', + 'version' => '4.0.0-beta.443', 'helper_version' => '1.0.12', 'realtime_version' => '1.0.10', 'self_hosted' => env('SELF_HOSTED', true), diff --git a/other/nightly/versions.json b/other/nightly/versions.json index a83b4c8ce..0d9519bf8 100644 --- a/other/nightly/versions.json +++ b/other/nightly/versions.json @@ -1,10 +1,10 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.442" + "version": "4.0.0-beta.443" }, "nightly": { - "version": "4.0.0-beta.443" + "version": "4.0.0-beta.444" }, "helper": { "version": "1.0.11" diff --git a/versions.json b/versions.json index a83b4c8ce..0d9519bf8 100644 --- a/versions.json +++ b/versions.json @@ -1,10 +1,10 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.442" + "version": "4.0.0-beta.443" }, "nightly": { - "version": "4.0.0-beta.443" + "version": "4.0.0-beta.444" }, "helper": { "version": "1.0.11" From 183c70e3c854aeec9dad957939631525f6634cee Mon Sep 17 00:00:00 2001 From: hareland Date: Fri, 7 Nov 2025 13:29:49 +0100 Subject: [PATCH 45/53] **Update rybbit.yaml schema: add category field and adjust tags formatting** --- templates/compose/rybbit.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/templates/compose/rybbit.yaml b/templates/compose/rybbit.yaml index 3c8f7564c..fe214bf16 100644 --- a/templates/compose/rybbit.yaml +++ b/templates/compose/rybbit.yaml @@ -1,6 +1,7 @@ # documentation: https://rybbit.io/docs # slogan: Open-source, privacy-first web analytics. -# tags: analytics,web,privacy,self-hosted,clickhouse,postgres +# category: analytics +# tags: analytics, web, privacy, self-hosted, clickhouse, postgres # logo: svgs/rybbit.svg # port: 3002 @@ -130,4 +131,4 @@ services: 0 - \ No newline at end of file + From b08ea4402add7b41d12ce4a84499bb11beb3a15f Mon Sep 17 00:00:00 2001 From: hareland Date: Fri, 7 Nov 2025 13:46:12 +0100 Subject: [PATCH 46/53] Embystat: change category from 'media' to 'analytics' --- templates/compose/embystat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/compose/embystat.yaml b/templates/compose/embystat.yaml index 957f67dfb..165a9f21d 100644 --- a/templates/compose/embystat.yaml +++ b/templates/compose/embystat.yaml @@ -1,6 +1,6 @@ # documentation: https://github.com/mregni/EmbyStat # slogan: EmbyStat is a web analytics tool, designed to provide insight into website traffic and user behavior. -# category: media +# category: analytics # tags: media, server, movies, tv, music # port: 6555 From 07ce375ac501dd7d853869d3db07d89b431a5aef Mon Sep 17 00:00:00 2001 From: hareland Date: Fri, 7 Nov 2025 13:50:19 +0100 Subject: [PATCH 47/53] Embystat: change category from 'media' to 'analytics' --- templates/compose/embystat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/compose/embystat.yaml b/templates/compose/embystat.yaml index 165a9f21d..84e25d4a8 100644 --- a/templates/compose/embystat.yaml +++ b/templates/compose/embystat.yaml @@ -1,7 +1,7 @@ # documentation: https://github.com/mregni/EmbyStat # slogan: EmbyStat is a web analytics tool, designed to provide insight into website traffic and user behavior. # category: analytics -# tags: media, server, movies, tv, music +# tags: analytics, insights, statistics, web, traffic # port: 6555 services: From 468d5fe7d77dfe1f1f34770a81e45062c272c92d Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 14:03:19 +0100 Subject: [PATCH 48/53] refactor: improve docker compose validation and transaction handling in StackForm --- app/Livewire/Project/Service/StackForm.php | 25 ++++++++++------ bootstrap/helpers/parsers.php | 30 +++++++++++++------- tests/Unit/VolumeArrayFormatSecurityTest.php | 30 ++++++++++++++++++++ tests/Unit/VolumeSecurityTest.php | 21 ++++++++++++++ 4 files changed, 88 insertions(+), 18 deletions(-) diff --git a/app/Livewire/Project/Service/StackForm.php b/app/Livewire/Project/Service/StackForm.php index 85cd21a7f..8a7b6e090 100644 --- a/app/Livewire/Project/Service/StackForm.php +++ b/app/Livewire/Project/Service/StackForm.php @@ -5,6 +5,7 @@ use App\Models\Service; use App\Support\ValidationPatterns; use Illuminate\Support\Collection; +use Illuminate\Support\Facades\DB; use Livewire\Component; class StackForm extends Component @@ -22,7 +23,7 @@ class StackForm extends Component public string $dockerComposeRaw; - public string $dockerCompose; + public ?string $dockerCompose = null; public ?bool $connectToDockerNetwork = null; @@ -30,7 +31,7 @@ protected function rules(): array { $baseRules = [ 'dockerComposeRaw' => 'required', - 'dockerCompose' => 'required', + 'dockerCompose' => 'nullable', 'name' => ValidationPatterns::nameRules(), 'description' => ValidationPatterns::descriptionRules(), 'connectToDockerNetwork' => 'nullable', @@ -140,18 +141,26 @@ public function submit($notify = true) $this->validate(); $this->syncData(true); - // Validate for command injection BEFORE saving to database + // Validate for command injection BEFORE any database operations validateDockerComposeForInjection($this->service->docker_compose_raw); - $this->service->save(); - $this->service->saveExtraFields($this->fields); - $this->service->parse(); - $this->service->refresh(); - $this->service->saveComposeConfigs(); + // Use transaction to ensure atomicity - if parse fails, save is rolled back + DB::transaction(function () { + $this->service->save(); + $this->service->saveExtraFields($this->fields); + $this->service->parse(); + $this->service->refresh(); + $this->service->saveComposeConfigs(); + }); + $this->dispatch('refreshEnvs'); $this->dispatch('refreshServices'); $notify && $this->dispatch('success', 'Service saved.'); } catch (\Throwable $e) { + // On error, refresh from database to restore clean state + $this->service->refresh(); + $this->syncData(false); + return handleError($e, $this); } finally { if (is_null($this->service->config_hash)) { diff --git a/bootstrap/helpers/parsers.php b/bootstrap/helpers/parsers.php index 1deec45d7..a210aa1cc 100644 --- a/bootstrap/helpers/parsers.php +++ b/bootstrap/helpers/parsers.php @@ -59,11 +59,13 @@ function validateDockerComposeForInjection(string $composeYaml): void if (isset($volume['source'])) { $source = $volume['source']; if (is_string($source)) { - // Allow simple env vars and env vars with defaults (validated in parseDockerVolumeString) + // Allow env vars and env vars with defaults (validated in parseDockerVolumeString) + // Also allow env vars followed by safe path concatenation (e.g., ${VAR}/path) $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $source); $isEnvVarWithDefault = preg_match('/^\$\{[^}]+:-[^}]*\}$/', $source); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $source); - if (! $isSimpleEnvVar && ! $isEnvVarWithDefault) { + if (! $isSimpleEnvVar && ! $isEnvVarWithDefault && ! $isEnvVarWithPath) { try { validateShellSafePath($source, 'volume source'); } catch (\Exception $e) { @@ -310,15 +312,17 @@ function parseDockerVolumeString(string $volumeString): array // Validate source path for command injection attempts // We validate the final source value after environment variable processing if ($source !== null) { - // Allow simple environment variables like ${VAR_NAME} or ${VAR} - // but validate everything else for shell metacharacters + // Allow environment variables like ${VAR_NAME} or ${VAR} + // Also allow env vars followed by safe path concatenation (e.g., ${VAR}/path) $sourceStr = is_string($source) ? $source : $source; // Skip validation for simple environment variable references - // Pattern: ${WORD_CHARS} with no special characters inside + // Pattern 1: ${WORD_CHARS} with no special characters inside + // Pattern 2: ${WORD_CHARS}/path/to/file (env var with path concatenation) $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $sourceStr); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $sourceStr); - if (! $isSimpleEnvVar) { + if (! $isSimpleEnvVar && ! $isEnvVarWithPath) { try { validateShellSafePath($sourceStr, 'volume source'); } catch (\Exception $e) { @@ -711,9 +715,12 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int // Validate source and target for command injection (array/long syntax) if ($source !== null && ! empty($source->value())) { $sourceValue = $source->value(); - // Allow simple environment variable references + // Allow environment variable references and env vars with path concatenation $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $sourceValue); - if (! $isSimpleEnvVar) { + $isEnvVarWithDefault = preg_match('/^\$\{[^}]+:-[^}]*\}$/', $sourceValue); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $sourceValue); + + if (! $isSimpleEnvVar && ! $isEnvVarWithDefault && ! $isEnvVarWithPath) { try { validateShellSafePath($sourceValue, 'volume source'); } catch (\Exception $e) { @@ -1812,9 +1819,12 @@ function serviceParser(Service $resource): Collection // Validate source and target for command injection (array/long syntax) if ($source !== null && ! empty($source->value())) { $sourceValue = $source->value(); - // Allow simple environment variable references + // Allow environment variable references and env vars with path concatenation $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $sourceValue); - if (! $isSimpleEnvVar) { + $isEnvVarWithDefault = preg_match('/^\$\{[^}]+:-[^}]*\}$/', $sourceValue); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $sourceValue); + + if (! $isSimpleEnvVar && ! $isEnvVarWithDefault && ! $isEnvVarWithPath) { try { validateShellSafePath($sourceValue, 'volume source'); } catch (\Exception $e) { diff --git a/tests/Unit/VolumeArrayFormatSecurityTest.php b/tests/Unit/VolumeArrayFormatSecurityTest.php index 97a6819b2..08174fff3 100644 --- a/tests/Unit/VolumeArrayFormatSecurityTest.php +++ b/tests/Unit/VolumeArrayFormatSecurityTest.php @@ -194,6 +194,36 @@ ->not->toThrow(Exception::class); }); +test('array-format with environment variable and path concatenation', function () { + // This is the reported issue #7127 - ${VAR}/path should be allowed + $dockerComposeYaml = <<<'YAML' +services: + web: + image: nginx + volumes: + - type: bind + source: '${VOLUMES_PATH}/mysql' + target: /var/lib/mysql + - type: bind + source: '${DATA_PATH}/config' + target: /etc/config + - type: bind + source: '${VOLUME_PATH}/app_data' + target: /app/data +YAML; + + $parsed = Yaml::parse($dockerComposeYaml); + + // Verify all three volumes have the correct source format + expect($parsed['services']['web']['volumes'][0]['source'])->toBe('${VOLUMES_PATH}/mysql'); + expect($parsed['services']['web']['volumes'][1]['source'])->toBe('${DATA_PATH}/config'); + expect($parsed['services']['web']['volumes'][2]['source'])->toBe('${VOLUME_PATH}/app_data'); + + // The validation should allow this - the reported bug was that it was blocked + expect(fn () => validateDockerComposeForInjection($dockerComposeYaml)) + ->not->toThrow(Exception::class); +}); + test('array-format with malicious environment variable default', function () { $dockerComposeYaml = <<<'YAML' services: diff --git a/tests/Unit/VolumeSecurityTest.php b/tests/Unit/VolumeSecurityTest.php index d7f20fc0e..f4cd6c268 100644 --- a/tests/Unit/VolumeSecurityTest.php +++ b/tests/Unit/VolumeSecurityTest.php @@ -94,6 +94,27 @@ } }); +test('parseDockerVolumeString accepts environment variables with path concatenation', function () { + $volumes = [ + '${VOLUMES_PATH}/mysql:/var/lib/mysql', + '${DATA_PATH}/config:/etc/config', + '${VOLUME_PATH}/app_data:/app', + '${MY_VAR_123}/deep/nested/path:/data', + '${VAR}/path:/app', + '${VAR}_suffix:/app', + '${VAR}-suffix:/app', + '${VAR}.ext:/app', + '${VOLUMES_PATH}/mysql:/var/lib/mysql:ro', + '${DATA_PATH}/config:/etc/config:rw', + ]; + + foreach ($volumes as $volume) { + $result = parseDockerVolumeString($volume); + expect($result)->toBeArray(); + expect($result['source'])->not->toBeNull(); + } +}); + test('parseDockerVolumeString rejects environment variables with command injection in default', function () { $maliciousVolumes = [ '${VAR:-`whoami`}:/app', From 049affe216c2afcf995ec3e2ed3a0fc548b156d3 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 14:04:09 +0100 Subject: [PATCH 49/53] refactor: rename onWorktreeCreate script to setup in jean.json --- jean.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/jean.json b/jean.json index c625e08c0..c81ca07c4 100644 --- a/jean.json +++ b/jean.json @@ -1,6 +1,5 @@ { "scripts": { - "onWorktreeCreate": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json", - "run": "docker rm -f coolify coolify-realtime coolify-minio coolify-testing-host coolify-redis coolify-db coolify-mail coolify-vite && spin up" + "setup": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json", } } From e86575d6f7ca8471d70766ec4c55fd1058e3db26 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 14:14:43 +0100 Subject: [PATCH 50/53] fix: guard against null or empty docker compose in saveComposeConfigs method --- app/Models/Service.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/Models/Service.php b/app/Models/Service.php index 12d3d6a11..ef755d105 100644 --- a/app/Models/Service.php +++ b/app/Models/Service.php @@ -1287,6 +1287,11 @@ public function workdir() public function saveComposeConfigs() { + // Guard against null or empty docker_compose + if (! $this->docker_compose) { + return; + } + $workdir = $this->workdir(); instant_remote_process([ From 7fd1d799b4f230daa8301df0bf37f7c74e33dcd9 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 14:04:09 +0100 Subject: [PATCH 51/53] refactor: rename onWorktreeCreate script to setup in jean.json --- jean.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/jean.json b/jean.json index c625e08c0..c81ca07c4 100644 --- a/jean.json +++ b/jean.json @@ -1,6 +1,5 @@ { "scripts": { - "onWorktreeCreate": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json", - "run": "docker rm -f coolify coolify-realtime coolify-minio coolify-testing-host coolify-redis coolify-db coolify-mail coolify-vite && spin up" + "setup": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json", } } From 775216e7a57f40e6efb620a0dc826564e081e510 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 14:33:25 +0100 Subject: [PATCH 52/53] jean jean --- jean.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jean.json b/jean.json index c81ca07c4..4e5c788ed 100644 --- a/jean.json +++ b/jean.json @@ -1,5 +1,5 @@ { "scripts": { - "setup": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json", + "setup": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json" } } From 712d60c75b5db2cad57906c9a71fb3c6538fa29c Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Fri, 7 Nov 2025 15:19:57 +0100 Subject: [PATCH 53/53] feat: ensure .env file exists for docker compose and auto-inject in payloads --- app/Actions/Service/StartService.php | 4 ++++ app/Jobs/ApplicationDeploymentJob.php | 6 ++++++ bootstrap/helpers/parsers.php | 6 ++++++ 3 files changed, 16 insertions(+) diff --git a/app/Actions/Service/StartService.php b/app/Actions/Service/StartService.php index dfef6a566..50011c74f 100644 --- a/app/Actions/Service/StartService.php +++ b/app/Actions/Service/StartService.php @@ -22,6 +22,10 @@ public function handle(Service $service, bool $pullLatestImages = false, bool $s $service->isConfigurationChanged(save: true); $commands[] = 'cd '.$service->workdir(); $commands[] = "echo 'Saved configuration files to {$service->workdir()}.'"; + // Ensure .env file exists before docker compose tries to load it + // This is defensive programming - saveComposeConfigs() already creates it, + // but we guarantee it here in case of any edge cases or manual deployments + $commands[] = 'touch .env'; if ($pullLatestImages) { $commands[] = "echo 'Pulling images.'"; $commands[] = 'docker compose pull'; diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index ea8cdff95..0fd007e9a 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -3029,6 +3029,12 @@ private function stop_running_container(bool $force = false) private function start_by_compose_file() { + // Ensure .env file exists before docker compose tries to load it (defensive programming) + $this->execute_remote_command( + ["touch {$this->workdir}/.env", 'hidden' => true], + ["touch {$this->configuration_dir}/.env", 'hidden' => true], + ); + if ($this->application->build_pack === 'dockerimage') { $this->application_deployment_queue->addLogEntry('Pulling latest images from the registry.'); $this->execute_remote_command( diff --git a/bootstrap/helpers/parsers.php b/bootstrap/helpers/parsers.php index a210aa1cc..9b17e6810 100644 --- a/bootstrap/helpers/parsers.php +++ b/bootstrap/helpers/parsers.php @@ -1300,6 +1300,9 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int if ($depends_on->count() > 0) { $payload['depends_on'] = $depends_on; } + // Auto-inject .env file so Coolify environment variables are available inside containers + // This makes Applications behave consistently with manual .env file usage + $payload['env_file'] = ['.env']; if ($isPullRequest) { $serviceName = addPreviewDeploymentSuffix($serviceName, $pullRequestId); } @@ -2279,6 +2282,9 @@ function serviceParser(Service $resource): Collection if ($depends_on->count() > 0) { $payload['depends_on'] = $depends_on; } + // Auto-inject .env file so Coolify environment variables are available inside containers + // This makes Services behave consistently with Applications + $payload['env_file'] = ['.env']; $parsedServices->put($serviceName, $payload); }