From 9b65b82ccba58af4691f58ee095298007854bf96 Mon Sep 17 00:00:00 2001 From: Khiet Tam Nguyen Date: Sat, 31 Jan 2026 01:56:17 +1100 Subject: [PATCH 001/235] feat(template): cloudflare-ddns --- public/svgs/cloudflare-ddns.svg | 8 ++++++++ templates/compose/cloudflare-ddns.yaml | 20 ++++++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 public/svgs/cloudflare-ddns.svg create mode 100644 templates/compose/cloudflare-ddns.yaml diff --git a/public/svgs/cloudflare-ddns.svg b/public/svgs/cloudflare-ddns.svg new file mode 100644 index 000000000..efe800bcc --- /dev/null +++ b/public/svgs/cloudflare-ddns.svg @@ -0,0 +1,8 @@ + + + + + + DDNS + + diff --git a/templates/compose/cloudflare-ddns.yaml b/templates/compose/cloudflare-ddns.yaml new file mode 100644 index 000000000..874f2cffb --- /dev/null +++ b/templates/compose/cloudflare-ddns.yaml @@ -0,0 +1,20 @@ +# documentation: https://github.com/favonia/cloudflare-ddns +# slogan: A small, feature-rich, and robust Cloudflare DDNS updater. +# category: automation +# tags: cloud, ddns +# logo: svgs/cloudflare-ddns.svg + +services: + cloudflare-ddns: + image: favonia/cloudflare-ddns:1 + network_mode: host + restart: unless-stopped + user: "1000:1000" + read_only: true + cap_drop: [all] + security_opt: [no-new-privileges:true] + environment: + - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN} + - DOMAINS=${DOMAINS} + - PROXIED=false + - IP6_PROVIDER=none From 90449d2bb5e7b8370dadb0899f511bb9c5b6c2cc Mon Sep 17 00:00:00 2001 From: Khiet Tam Nguyen <86177399+nktnet1@users.noreply.github.com> Date: Sun, 1 Feb 2026 13:55:44 +1100 Subject: [PATCH 002/235] fix: remove restart: unless-stopped Update templates/compose/cloudflare-ddns.yaml Co-authored-by: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> --- templates/compose/cloudflare-ddns.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/compose/cloudflare-ddns.yaml b/templates/compose/cloudflare-ddns.yaml index 874f2cffb..b44828a70 100644 --- a/templates/compose/cloudflare-ddns.yaml +++ b/templates/compose/cloudflare-ddns.yaml @@ -8,7 +8,6 @@ services: cloudflare-ddns: image: favonia/cloudflare-ddns:1 network_mode: host - restart: unless-stopped user: "1000:1000" read_only: true cap_drop: [all] From 96b9cd3fa543c4e78554af27607ab231d7122e60 Mon Sep 17 00:00:00 2001 From: Khiet Tam Nguyen <86177399+nktnet1@users.noreply.github.com> Date: Sun, 1 Feb 2026 13:56:09 +1100 Subject: [PATCH 003/235] fix: mark the API token env as required, and other env as configurable from the UI Update templates/compose/cloudflare-ddns.yaml Co-authored-by: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> --- templates/compose/cloudflare-ddns.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/compose/cloudflare-ddns.yaml b/templates/compose/cloudflare-ddns.yaml index b44828a70..92f857c41 100644 --- a/templates/compose/cloudflare-ddns.yaml +++ b/templates/compose/cloudflare-ddns.yaml @@ -13,7 +13,7 @@ services: cap_drop: [all] security_opt: [no-new-privileges:true] environment: - - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN} + - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN:?} - DOMAINS=${DOMAINS} - - PROXIED=false - - IP6_PROVIDER=none + - PROXIED=${PROXIED:-false} + - IP6_PROVIDER=${IP6_PROVIDER:-none} From b65f6399df736777a48498aca17c43f9609a5a1f Mon Sep 17 00:00:00 2001 From: Khiet Tam Nguyen <86177399+nktnet1@users.noreply.github.com> Date: Sun, 1 Feb 2026 16:52:14 +1100 Subject: [PATCH 004/235] fix: make domains env compulsory Update templates/compose/cloudflare-ddns.yaml --- templates/compose/cloudflare-ddns.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/compose/cloudflare-ddns.yaml b/templates/compose/cloudflare-ddns.yaml index 92f857c41..4f29a98d4 100644 --- a/templates/compose/cloudflare-ddns.yaml +++ b/templates/compose/cloudflare-ddns.yaml @@ -14,6 +14,6 @@ services: security_opt: [no-new-privileges:true] environment: - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN:?} - - DOMAINS=${DOMAINS} + - DOMAINS=${DOMAINS:?} - PROXIED=${PROXIED:-false} - IP6_PROVIDER=${IP6_PROVIDER:-none} From dcd976ae065e1a2a003f62a12b29e49e41ac157e Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Wed, 11 Mar 2026 11:30:58 +0100 Subject: [PATCH 005/235] fix(git): ensure ssh credentials are propagated to submodule operations - Add gitSshCommand parameter to setGitImportSettings and buildGitCheckoutCommand - Extract hardcoded ssh commands to variables for consistency - Apply custom ssh credentials to all git operations including submodule sync/update - Configure git url rewriting for github token-based authentication with submodules - Add comprehensive test suite for submodule credential propagation --- app/Models/Application.php | 41 +++++--- openapi.json | 27 +++++ openapi.yaml | 21 ++++ tests/Unit/GitSubmoduleCredentialTest.php | 122 ++++++++++++++++++++++ 4 files changed, 196 insertions(+), 15 deletions(-) create mode 100644 tests/Unit/GitSubmoduleCredentialTest.php diff --git a/app/Models/Application.php b/app/Models/Application.php index 34ab4141e..e622c9d54 100644 --- a/app/Models/Application.php +++ b/app/Models/Application.php @@ -1087,12 +1087,14 @@ public function dirOnServer() return application_configuration_dir()."/{$this->uuid}"; } - public function setGitImportSettings(string $deployment_uuid, string $git_clone_command, bool $public = false, ?string $commit = null) + public function setGitImportSettings(string $deployment_uuid, string $git_clone_command, bool $public = false, ?string $commit = null, ?string $gitSshCommand = null) { $baseDir = $this->generateBaseDir($deployment_uuid); $escapedBaseDir = escapeshellarg($baseDir); $isShallowCloneEnabled = $this->settings?->is_git_shallow_clone_enabled ?? false; + $sshCommand = $gitSshCommand ?? 'ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'; + // Use the explicitly passed commit (e.g. from rollback), falling back to the application's git_commit_sha. // Invalid refs will cause the git checkout/fetch command to fail on the remote server. $commitToUse = $commit ?? $this->git_commit_sha; @@ -1102,9 +1104,9 @@ public function setGitImportSettings(string $deployment_uuid, string $git_clone_ // If shallow clone is enabled and we need a specific commit, // we need to fetch that specific commit with depth=1 if ($isShallowCloneEnabled) { - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null\" git fetch --depth=1 origin {$escapedCommit} && git -c advice.detachedHead=false checkout {$escapedCommit} >/dev/null 2>&1"; + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$sshCommand}\" git fetch --depth=1 origin {$escapedCommit} && git -c advice.detachedHead=false checkout {$escapedCommit} >/dev/null 2>&1"; } else { - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null\" git -c advice.detachedHead=false checkout {$escapedCommit} >/dev/null 2>&1"; + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$sshCommand}\" git -c advice.detachedHead=false checkout {$escapedCommit} >/dev/null 2>&1"; } } if ($this->settings->is_git_submodules_enabled) { @@ -1115,10 +1117,10 @@ public function setGitImportSettings(string $deployment_uuid, string $git_clone_ } // Add shallow submodules flag if shallow clone is enabled $submoduleFlags = $isShallowCloneEnabled ? '--depth=1' : ''; - $git_clone_command = "{$git_clone_command} git submodule sync && GIT_SSH_COMMAND=\"ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null\" git submodule update --init --recursive {$submoduleFlags}; fi"; + $git_clone_command = "{$git_clone_command} git submodule sync && GIT_SSH_COMMAND=\"{$sshCommand}\" git submodule update --init --recursive {$submoduleFlags}; fi"; } if ($this->settings->is_git_lfs_enabled) { - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null\" git lfs pull"; + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$sshCommand}\" git lfs pull"; } return $git_clone_command; @@ -1301,12 +1303,18 @@ public function generateGitImportCommands(string $deployment_uuid, int $pull_req } } else { $github_access_token = generateGithubInstallationToken($this->source); + // Configure git to rewrite URLs with the token so submodules on the same host authenticate correctly + $escapedTokenUrl = escapeshellarg("{$source_html_url_scheme}://x-access-token:{$github_access_token}@{$source_html_url_host}/"); + $escapedHostUrl = escapeshellarg("{$source_html_url_scheme}://{$source_html_url_host}/"); + $gitConfigCommand = "git config --global url.{$escapedTokenUrl}.insteadOf {$escapedHostUrl}"; if ($exec_in_docker) { + $commands->push(executeInDocker($deployment_uuid, $gitConfigCommand)); $repoUrl = "$source_html_url_scheme://x-access-token:$github_access_token@$source_html_url_host/{$customRepository}.git"; $escapedRepoUrl = escapeshellarg($repoUrl); $git_clone_command = "{$git_clone_command} {$escapedRepoUrl} {$escapedBaseDir}"; $fullRepoUrl = $repoUrl; } else { + $commands->push($gitConfigCommand); $repoUrl = "$source_html_url_scheme://x-access-token:$github_access_token@$source_html_url_host/{$customRepository}"; $escapedRepoUrl = escapeshellarg($repoUrl); $git_clone_command = "{$git_clone_command} {$escapedRepoUrl} {$escapedBaseDir}"; @@ -1348,11 +1356,12 @@ public function generateGitImportCommands(string $deployment_uuid, int $pull_req } $private_key = base64_encode($private_key); $escapedCustomRepository = escapeshellarg($customRepository); - $git_clone_command_base = "GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" {$git_clone_command} {$escapedCustomRepository} {$escapedBaseDir}"; + $deployKeySshCommand = "ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa"; + $git_clone_command_base = "GIT_SSH_COMMAND=\"{$deployKeySshCommand}\" {$git_clone_command} {$escapedCustomRepository} {$escapedBaseDir}"; if ($only_checkout) { $git_clone_command = $git_clone_command_base; } else { - $git_clone_command = $this->setGitImportSettings($deployment_uuid, $git_clone_command_base, commit: $commit); + $git_clone_command = $this->setGitImportSettings($deployment_uuid, $git_clone_command_base, commit: $commit, gitSshCommand: $deployKeySshCommand); } if ($exec_in_docker) { $commands = collect([ @@ -1375,7 +1384,7 @@ public function generateGitImportCommands(string $deployment_uuid, int $pull_req } else { $commands->push("echo 'Checking out $branch'"); } - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name); + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$deployKeySshCommand}\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name, $deployKeySshCommand); } elseif ($git_type === 'github' || $git_type === 'gitea') { $branch = "pull/{$pull_request_id}/head:$pr_branch_name"; if ($exec_in_docker) { @@ -1383,14 +1392,14 @@ public function generateGitImportCommands(string $deployment_uuid, int $pull_req } else { $commands->push("echo 'Checking out $branch'"); } - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name); + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$deployKeySshCommand}\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name, $deployKeySshCommand); } elseif ($git_type === 'bitbucket') { if ($exec_in_docker) { $commands->push(executeInDocker($deployment_uuid, "echo 'Checking out $branch'")); } else { $commands->push("echo 'Checking out $branch'"); } - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" ".$this->buildGitCheckoutCommand($commit); + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$deployKeySshCommand}\" ".$this->buildGitCheckoutCommand($commit, $deployKeySshCommand); } } @@ -1411,6 +1420,7 @@ public function generateGitImportCommands(string $deployment_uuid, int $pull_req $escapedCustomRepository = escapeshellarg($customRepository); $git_clone_command = "{$git_clone_command} {$escapedCustomRepository} {$escapedBaseDir}"; $git_clone_command = $this->setGitImportSettings($deployment_uuid, $git_clone_command, public: true, commit: $commit); + $otherSshCommand = "ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa"; if ($pull_request_id !== 0) { if ($git_type === 'gitlab') { @@ -1420,7 +1430,7 @@ public function generateGitImportCommands(string $deployment_uuid, int $pull_req } else { $commands->push("echo 'Checking out $branch'"); } - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name); + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$otherSshCommand}\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name, $otherSshCommand); } elseif ($git_type === 'github' || $git_type === 'gitea') { $branch = "pull/{$pull_request_id}/head:$pr_branch_name"; if ($exec_in_docker) { @@ -1428,14 +1438,14 @@ public function generateGitImportCommands(string $deployment_uuid, int $pull_req } else { $commands->push("echo 'Checking out $branch'"); } - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name); + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$otherSshCommand}\" git fetch origin $branch && ".$this->buildGitCheckoutCommand($pr_branch_name, $otherSshCommand); } elseif ($git_type === 'bitbucket') { if ($exec_in_docker) { $commands->push(executeInDocker($deployment_uuid, "echo 'Checking out $branch'")); } else { $commands->push("echo 'Checking out $branch'"); } - $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"ssh -o ConnectTimeout=30 -p {$customPort} -o Port={$customPort} -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa\" ".$this->buildGitCheckoutCommand($commit); + $git_clone_command = "{$git_clone_command} && cd {$escapedBaseDir} && GIT_SSH_COMMAND=\"{$otherSshCommand}\" ".$this->buildGitCheckoutCommand($commit, $otherSshCommand); } } @@ -1684,13 +1694,14 @@ public function fqdns(): Attribute ); } - protected function buildGitCheckoutCommand($target): string + protected function buildGitCheckoutCommand($target, ?string $gitSshCommand = null): string { $escapedTarget = escapeshellarg($target); $command = "git checkout {$escapedTarget}"; if ($this->settings->is_git_submodules_enabled) { - $command .= ' && git submodule update --init --recursive'; + $sshCommand = $gitSshCommand ?? 'ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'; + $command .= " && GIT_SSH_COMMAND=\"{$sshCommand}\" git submodule update --init --recursive"; } return $command; diff --git a/openapi.json b/openapi.json index 69f5ef53d..849dee363 100644 --- a/openapi.json +++ b/openapi.json @@ -3339,6 +3339,15 @@ "schema": { "type": "string" } + }, + { + "name": "docker_cleanup", + "in": "query", + "description": "Perform docker cleanup (prune networks, volumes, etc.).", + "schema": { + "type": "boolean", + "default": true + } } ], "responses": { @@ -5864,6 +5873,15 @@ "schema": { "type": "string" } + }, + { + "name": "docker_cleanup", + "in": "query", + "description": "Perform docker cleanup (prune networks, volumes, etc.).", + "schema": { + "type": "boolean", + "default": true + } } ], "responses": { @@ -10561,6 +10579,15 @@ "schema": { "type": "string" } + }, + { + "name": "docker_cleanup", + "in": "query", + "description": "Perform docker cleanup (prune networks, volumes, etc.).", + "schema": { + "type": "boolean", + "default": true + } } ], "responses": { diff --git a/openapi.yaml b/openapi.yaml index fab3df54e..226295cdb 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -2111,6 +2111,13 @@ paths: required: true schema: type: string + - + name: docker_cleanup + in: query + description: 'Perform docker cleanup (prune networks, volumes, etc.).' + schema: + type: boolean + default: true responses: '200': description: 'Stop application.' @@ -3806,6 +3813,13 @@ paths: required: true schema: type: string + - + name: docker_cleanup + in: query + description: 'Perform docker cleanup (prune networks, volumes, etc.).' + schema: + type: boolean + default: true responses: '200': description: 'Stop database.' @@ -6645,6 +6659,13 @@ paths: required: true schema: type: string + - + name: docker_cleanup + in: query + description: 'Perform docker cleanup (prune networks, volumes, etc.).' + schema: + type: boolean + default: true responses: '200': description: 'Stop service.' diff --git a/tests/Unit/GitSubmoduleCredentialTest.php b/tests/Unit/GitSubmoduleCredentialTest.php new file mode 100644 index 000000000..1adaf735f --- /dev/null +++ b/tests/Unit/GitSubmoduleCredentialTest.php @@ -0,0 +1,122 @@ +application = new Application; + $this->application->forceFill([ + 'uuid' => 'test-app-uuid', + 'git_commit_sha' => 'HEAD', + ]); + + $settings = new ApplicationSetting; + $settings->is_git_shallow_clone_enabled = false; + $settings->is_git_submodules_enabled = true; + $settings->is_git_lfs_enabled = false; + $this->application->setRelation('settings', $settings); + }); + + test('setGitImportSettings uses provided gitSshCommand for submodule update', function () { + $sshCommand = 'ssh -o ConnectTimeout=30 -p 22 -o Port=22 -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa'; + + $result = $this->application->setGitImportSettings( + deployment_uuid: 'test-uuid', + git_clone_command: 'git clone', + public: false, + gitSshCommand: $sshCommand + ); + + expect($result) + ->toContain('GIT_SSH_COMMAND="'.$sshCommand.'" git submodule update --init --recursive') + ->toContain('git submodule sync'); + }); + + test('setGitImportSettings uses default ssh command when no gitSshCommand provided', function () { + $result = $this->application->setGitImportSettings( + deployment_uuid: 'test-uuid', + git_clone_command: 'git clone', + public: false, + ); + + expect($result) + ->toContain('GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" git submodule update --init --recursive'); + }); + + test('setGitImportSettings uses provided gitSshCommand for fetch and checkout', function () { + $this->application->git_commit_sha = 'abc123def456'; + $sshCommand = 'ssh -o ConnectTimeout=30 -p 22 -o Port=22 -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa'; + + $result = $this->application->setGitImportSettings( + deployment_uuid: 'test-uuid', + git_clone_command: 'git clone', + public: false, + gitSshCommand: $sshCommand + ); + + expect($result) + ->toContain('GIT_SSH_COMMAND="'.$sshCommand.'" git -c advice.detachedHead=false checkout'); + }); + + test('setGitImportSettings uses provided gitSshCommand for shallow fetch', function () { + $this->application->git_commit_sha = 'abc123def456'; + $this->application->settings->is_git_shallow_clone_enabled = true; + $sshCommand = 'ssh -o ConnectTimeout=30 -p 22 -o Port=22 -o LogLevel=ERROR -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa'; + + $result = $this->application->setGitImportSettings( + deployment_uuid: 'test-uuid', + git_clone_command: 'git clone', + public: false, + gitSshCommand: $sshCommand + ); + + expect($result) + ->toContain('GIT_SSH_COMMAND="'.$sshCommand.'" git fetch --depth=1 origin'); + }); + + test('setGitImportSettings uses provided gitSshCommand for lfs pull', function () { + $this->application->settings->is_git_lfs_enabled = true; + $sshCommand = 'ssh -o ConnectTimeout=30 -p 22 -i /root/.ssh/id_rsa'; + + $result = $this->application->setGitImportSettings( + deployment_uuid: 'test-uuid', + git_clone_command: 'git clone', + public: false, + gitSshCommand: $sshCommand + ); + + expect($result) + ->toContain('GIT_SSH_COMMAND="'.$sshCommand.'" git lfs pull'); + }); + + test('buildGitCheckoutCommand includes GIT_SSH_COMMAND for submodule update when provided', function () { + $sshCommand = 'ssh -o ConnectTimeout=30 -p 22 -i /root/.ssh/id_rsa'; + + $method = new ReflectionMethod($this->application, 'buildGitCheckoutCommand'); + $result = $method->invoke($this->application, 'main', $sshCommand); + + expect($result) + ->toContain("git checkout 'main'") + ->toContain('GIT_SSH_COMMAND="'.$sshCommand.'" git submodule update --init --recursive'); + }); + + test('buildGitCheckoutCommand uses default ssh command for submodule update when none provided', function () { + $method = new ReflectionMethod($this->application, 'buildGitCheckoutCommand'); + $result = $method->invoke($this->application, 'main'); + + expect($result) + ->toContain('GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" git submodule update --init --recursive'); + }); + + test('buildGitCheckoutCommand omits submodule update when submodules disabled', function () { + $this->application->settings->is_git_submodules_enabled = false; + + $method = new ReflectionMethod($this->application, 'buildGitCheckoutCommand'); + $result = $method->invoke($this->application, 'main'); + + expect($result) + ->toContain("git checkout 'main'") + ->not->toContain('submodule'); + }); +}); From 793077d74fdbadc3c7388f13cfc6e4135dc96bf4 Mon Sep 17 00:00:00 2001 From: Aditya Tripathi Date: Mon, 23 Mar 2026 17:12:02 +0000 Subject: [PATCH 006/235] feat(buildpack): add Railpack as a build pack option --- app/Enums/BuildPackTypes.php | 1 + .../Api/ApplicationsController.php | 10 +- app/Jobs/ApplicationDeploymentJob.php | 176 +++++++++++++++++- app/Livewire/Project/Application/General.php | 2 +- .../Project/New/GithubPrivateRepository.php | 4 +- .../New/GithubPrivateRepositoryDeployKey.php | 4 +- .../Project/New/PublicGitRepository.php | 4 +- app/Models/Application.php | 24 ++- docker/coolify-helper/Dockerfile | 20 ++ openapi.json | 6 + openapi.yaml | 11 +- .../project/application/general.blade.php | 11 +- ...ub-private-repository-deploy-key.blade.php | 1 + .../new/github-private-repository.blade.php | 1 + .../new/public-git-repository.blade.php | 1 + .../ApplicationBuildpackCleanupTest.php | 46 +++++ tests/Feature/ApplicationRailpackTest.php | 168 +++++++++++++++++ tests/Feature/BuildpackSwitchCleanupTest.php | 23 +++ 18 files changed, 485 insertions(+), 28 deletions(-) create mode 100644 tests/Feature/ApplicationRailpackTest.php diff --git a/app/Enums/BuildPackTypes.php b/app/Enums/BuildPackTypes.php index cb51db6d6..eee898823 100644 --- a/app/Enums/BuildPackTypes.php +++ b/app/Enums/BuildPackTypes.php @@ -8,4 +8,5 @@ enum BuildPackTypes: string case STATIC = 'static'; case DOCKERFILE = 'dockerfile'; case DOCKERCOMPOSE = 'dockercompose'; + case RAILPACK = 'railpack'; } diff --git a/app/Http/Controllers/Api/ApplicationsController.php b/app/Http/Controllers/Api/ApplicationsController.php index 3444f9f14..4abf1c6e0 100644 --- a/app/Http/Controllers/Api/ApplicationsController.php +++ b/app/Http/Controllers/Api/ApplicationsController.php @@ -150,7 +150,7 @@ public function applications(Request $request) 'environment_uuid' => ['type' => 'string', 'description' => 'The environment UUID. You need to provide at least one of environment_name or environment_uuid.'], 'git_repository' => ['type' => 'string', 'description' => 'The git repository URL.'], 'git_branch' => ['type' => 'string', 'description' => 'The git branch.'], - 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], + 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'railpack', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], 'ports_exposes' => ['type' => 'string', 'description' => 'The ports to expose.'], 'destination_uuid' => ['type' => 'string', 'description' => 'The destination UUID.'], 'name' => ['type' => 'string', 'description' => 'The application name.'], @@ -318,7 +318,7 @@ public function create_public_application(Request $request) 'git_branch' => ['type' => 'string', 'description' => 'The git branch.'], 'ports_exposes' => ['type' => 'string', 'description' => 'The ports to expose.'], 'destination_uuid' => ['type' => 'string', 'description' => 'The destination UUID.'], - 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], + 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'railpack', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], 'name' => ['type' => 'string', 'description' => 'The application name.'], 'description' => ['type' => 'string', 'description' => 'The application description.'], 'domains' => ['type' => 'string', 'description' => 'The application URLs in a comma-separated list.'], @@ -483,7 +483,7 @@ public function create_private_gh_app_application(Request $request) 'git_branch' => ['type' => 'string', 'description' => 'The git branch.'], 'ports_exposes' => ['type' => 'string', 'description' => 'The ports to expose.'], 'destination_uuid' => ['type' => 'string', 'description' => 'The destination UUID.'], - 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], + 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'railpack', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], 'name' => ['type' => 'string', 'description' => 'The application name.'], 'description' => ['type' => 'string', 'description' => 'The application description.'], 'domains' => ['type' => 'string', 'description' => 'The application URLs in a comma-separated list.'], @@ -644,7 +644,7 @@ public function create_private_deploy_key_application(Request $request) 'environment_name' => ['type' => 'string', 'description' => 'The environment name. You need to provide at least one of environment_name or environment_uuid.'], 'environment_uuid' => ['type' => 'string', 'description' => 'The environment UUID. You need to provide at least one of environment_name or environment_uuid.'], 'dockerfile' => ['type' => 'string', 'description' => 'The Dockerfile content.'], - 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], + 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'railpack', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], 'ports_exposes' => ['type' => 'string', 'description' => 'The ports to expose.'], 'destination_uuid' => ['type' => 'string', 'description' => 'The destination UUID.'], 'name' => ['type' => 'string', 'description' => 'The application name.'], @@ -2318,7 +2318,7 @@ public function delete_by_uuid(Request $request) 'git_branch' => ['type' => 'string', 'description' => 'The git branch.'], 'ports_exposes' => ['type' => 'string', 'description' => 'The ports to expose.'], 'destination_uuid' => ['type' => 'string', 'description' => 'The destination UUID.'], - 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], + 'build_pack' => ['type' => 'string', 'enum' => ['nixpacks', 'railpack', 'static', 'dockerfile', 'dockercompose'], 'description' => 'The build pack type.'], 'name' => ['type' => 'string', 'description' => 'The application name.'], 'description' => ['type' => 'string', 'description' => 'The application description.'], 'domains' => ['type' => 'string', 'description' => 'The application URLs in a comma-separated list.'], diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index e30af5cc7..33905ce59 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -121,6 +121,8 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue private $env_nixpacks_args; + private $env_railpack_args; + private $docker_compose; private $docker_compose_base64; @@ -476,8 +478,12 @@ private function decide_what_to_do() $this->deploy_dockerfile_buildpack(); } elseif ($this->application->build_pack === 'static') { $this->deploy_static_buildpack(); - } else { + } elseif ($this->application->build_pack === 'nixpacks') { $this->deploy_nixpacks_buildpack(); + } elseif ($this->application->build_pack === 'railpack') { + $this->deploy_railpack_buildpack(); + } else { + throw new \RuntimeException("Unsupported build pack: {$this->application->build_pack}"); } $this->post_deployment(); } @@ -921,6 +927,37 @@ private function deploy_nixpacks_buildpack() $this->rolling_update(); } + private function deploy_railpack_buildpack() + { + if ($this->use_build_server) { + $this->server = $this->build_server; + } + $this->application_deployment_queue->addLogEntry("Starting deployment of {$this->customRepository}:{$this->application->git_branch} to {$this->server->name}."); + $this->prepare_builder_image(); + $this->check_git_if_build_needed(); + $this->generate_image_names(); + if (! $this->force_rebuild) { + $this->check_image_locally_or_remotely(); + if ($this->should_skip_build()) { + return; + } + } + $this->clone_repository(); + $this->cleanup_git(); + $this->generate_compose_file(); + + // Save build-time .env file BEFORE the build + $this->save_buildtime_environment_variables(); + + $this->generate_build_env_variables(); + $this->build_railpack_image(); + + // Save runtime environment variables AFTER the build + $this->save_runtime_environment_variables(); + $this->push_to_docker_registry(); + $this->rolling_update(); + } + private function deploy_static_buildpack() { if ($this->use_build_server) { @@ -1943,7 +1980,11 @@ private function deploy_pull_request() if ($this->application->build_pack === 'dockerfile') { $this->add_build_env_variables_to_dockerfile(); } - $this->build_image(); + if ($this->application->build_pack === 'railpack') { + $this->build_railpack_image(); + } else { + $this->build_image(); + } // This overwrites the build-time .env with ALL variables (build-time + runtime) $this->save_runtime_environment_variables(); @@ -2376,6 +2417,137 @@ private function generate_nixpacks_env_variables() $this->env_nixpacks_args = $this->env_nixpacks_args->implode(' '); } + private function generate_railpack_env_variables(): void + { + $this->env_railpack_args = collect([]); + if ($this->pull_request_id === 0) { + foreach ($this->application->railpack_environment_variables as $env) { + if (! is_null($env->real_value) && $env->real_value !== '') { + $this->env_railpack_args->push("--env {$env->key}={$env->real_value}"); + } + } + } else { + foreach ($this->application->railpack_environment_variables_preview as $env) { + if (! is_null($env->real_value) && $env->real_value !== '') { + $this->env_railpack_args->push("--env {$env->key}={$env->real_value}"); + } + } + } + + // Note: COOLIFY_* vars are NOT passed to railpack prepare because railpack treats + // all --env vars as secrets that must be provided during docker buildx build. + // COOLIFY_* vars are informational and available at runtime via .env file. + + $this->env_railpack_args = $this->env_railpack_args->implode(' '); + } + + private function build_railpack_image(): void + { + $this->generate_railpack_env_variables(); + + // Step 1: Generate build plan with railpack prepare + $prepare_command = 'railpack prepare'; + + if ($this->env_railpack_args) { + $prepare_command .= " {$this->env_railpack_args}"; + } + if ($this->application->build_command) { + $prepare_command .= " --build-cmd \"{$this->application->build_command}\""; + } + if ($this->application->start_command) { + $prepare_command .= " --start-cmd \"{$this->application->start_command}\""; + } + if ($this->application->install_command) { + $prepare_command .= " --env RAILPACK_INSTALL_CMD=\"{$this->application->install_command}\""; + } + + $prepare_command .= " --plan-out /artifacts/railpack-plan.json {$this->workdir}"; + + $this->application_deployment_queue->addLogEntry('Generating Railpack build plan.'); + $this->execute_remote_command( + [executeInDocker($this->deployment_uuid, $prepare_command), 'hidden' => true], + ); + + // Step 2: Build image using docker buildx with railpack frontend. + // Railpack's frontend requires full BuildKit (mergeop), so we use a docker-container driver builder. + $this->application_deployment_queue->addLogEntry('Building docker image with Railpack.'); + $this->application_deployment_queue->addLogEntry('To check the current progress, click on Show Debug Logs.'); + + $image_name = $this->application->settings->is_static + ? $this->build_image_name + : $this->production_image_name; + + if ($this->application->settings->is_static && $this->application->static_image) { + $this->pull_latest_image($this->application->static_image); + } + + $cache_args = ''; + if ($this->force_rebuild) { + $cache_args = '--no-cache'; + } else { + $cache_args = "--build-arg cache-key='{$this->application->uuid}'"; + } + + $build_command = 'docker buildx create --name coolify-railpack --driver docker-container 2>/dev/null || true' + .' && docker buildx build --builder coolify-railpack' + ." {$this->addHosts} --network host" + ." --build-arg BUILDKIT_SYNTAX='ghcr.io/railwayapp/railpack-frontend'" + ." {$cache_args}" + .' -f /artifacts/railpack-plan.json' + .' --progress plain' + .' --load' + ." -t {$image_name}" + ." {$this->workdir}"; + + $base64_build_command = base64_encode($build_command); + $this->execute_remote_command( + [ + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), + 'hidden' => true, + ], + [ + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), + 'hidden' => true, + ], + [ + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), + 'hidden' => true, + ] + ); + + // Step 3: If static, copy built assets into nginx image + if ($this->application->settings->is_static) { + $publishDir = trim($this->application->publish_directory, '/'); + $publishDir = $publishDir ? "/{$publishDir}" : ''; + $dockerfile = base64_encode("FROM {$this->application->static_image} +WORKDIR /usr/share/nginx/html/ +LABEL coolify.deploymentId={$this->deployment_uuid} +COPY --from={$this->build_image_name} /app{$publishDir} . +COPY ./nginx.conf /etc/nginx/conf.d/default.conf"); + + if (str($this->application->custom_nginx_configuration)->isNotEmpty()) { + $nginx_config = base64_encode($this->application->custom_nginx_configuration); + } else { + $nginx_config = $this->application->settings->is_spa + ? base64_encode(defaultNginxConfiguration('spa')) + : base64_encode(defaultNginxConfiguration()); + } + + $static_build = $this->dockerBuildkitSupported + ? "DOCKER_BUILDKIT=1 docker build {$this->addHosts} --network host -f {$this->workdir}/Dockerfile --progress plain -t {$this->production_image_name} {$this->workdir}" + : "docker build {$this->addHosts} --network host -f {$this->workdir}/Dockerfile -t {$this->production_image_name} {$this->workdir}"; + + $base64_static_build = base64_encode($static_build); + $this->execute_remote_command( + [executeInDocker($this->deployment_uuid, "echo '{$dockerfile}' | base64 -d | tee {$this->workdir}/Dockerfile > /dev/null")], + [executeInDocker($this->deployment_uuid, "echo '{$nginx_config}' | base64 -d | tee {$this->workdir}/nginx.conf > /dev/null")], + [executeInDocker($this->deployment_uuid, "echo '{$base64_static_build}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true], + [executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true], + [executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true], + ); + } + } + private function generate_coolify_env_variables(bool $forBuildTime = false): Collection { $coolify_envs = collect([]); diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php index ca1daef72..bc24c3944 100644 --- a/app/Livewire/Project/Application/General.php +++ b/app/Livewire/Project/Application/General.php @@ -598,7 +598,7 @@ public function updatedBuildPack() // Sync property to model before checking/modifying $this->syncData(toModel: true); - if ($this->buildPack !== 'nixpacks') { + if ($this->buildPack !== 'nixpacks' && $this->buildPack !== 'railpack') { $this->isStatic = false; $this->application->settings->is_static = false; $this->application->settings->save(); diff --git a/app/Livewire/Project/New/GithubPrivateRepository.php b/app/Livewire/Project/New/GithubPrivateRepository.php index 61ae0e151..c208e2cd2 100644 --- a/app/Livewire/Project/New/GithubPrivateRepository.php +++ b/app/Livewire/Project/New/GithubPrivateRepository.php @@ -62,7 +62,7 @@ class GithubPrivateRepository extends Component protected int $page = 1; - public $build_pack = 'nixpacks'; + public $build_pack = 'railpack'; public bool $show_is_static = true; @@ -82,7 +82,7 @@ public function updatedSelectedRepositoryId(): void public function updatedBuildPack() { - if ($this->build_pack === 'nixpacks') { + if ($this->build_pack === 'nixpacks' || $this->build_pack === 'railpack') { $this->show_is_static = true; $this->port = 3000; } elseif ($this->build_pack === 'static') { diff --git a/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php b/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php index e46ad7d78..f312a9dc0 100644 --- a/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php +++ b/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php @@ -45,7 +45,7 @@ class GithubPrivateRepositoryDeployKey extends Component public string $branch; - public $build_pack = 'nixpacks'; + public $build_pack = 'railpack'; public bool $show_is_static = true; @@ -95,7 +95,7 @@ public function mount() public function updatedBuildPack() { - if ($this->build_pack === 'nixpacks') { + if ($this->build_pack === 'nixpacks' || $this->build_pack === 'railpack') { $this->show_is_static = true; $this->port = 3000; } elseif ($this->build_pack === 'static') { diff --git a/app/Livewire/Project/New/PublicGitRepository.php b/app/Livewire/Project/New/PublicGitRepository.php index 3df31a6a3..eb4ce7b84 100644 --- a/app/Livewire/Project/New/PublicGitRepository.php +++ b/app/Livewire/Project/New/PublicGitRepository.php @@ -57,7 +57,7 @@ class PublicGitRepository extends Component public string $git_repository; - public $build_pack = 'nixpacks'; + public $build_pack = 'railpack'; public bool $show_is_static = true; @@ -99,7 +99,7 @@ public function mount() public function updatedBuildPack() { - if ($this->build_pack === 'nixpacks') { + if ($this->build_pack === 'nixpacks' || $this->build_pack === 'railpack') { $this->show_is_static = true; $this->port = 3000; } elseif ($this->build_pack === 'static') { diff --git a/app/Models/Application.php b/app/Models/Application.php index 4cc2dcf74..b97201faa 100644 --- a/app/Models/Application.php +++ b/app/Models/Application.php @@ -39,7 +39,7 @@ 'git_full_url' => ['type' => 'string', 'nullable' => true, 'description' => 'Git full URL.'], 'docker_registry_image_name' => ['type' => 'string', 'nullable' => true, 'description' => 'Docker registry image name.'], 'docker_registry_image_tag' => ['type' => 'string', 'nullable' => true, 'description' => 'Docker registry image tag.'], - 'build_pack' => ['type' => 'string', 'description' => 'Build pack.', 'enum' => ['nixpacks', 'static', 'dockerfile', 'dockercompose']], + 'build_pack' => ['type' => 'string', 'description' => 'Build pack.', 'enum' => ['nixpacks', 'railpack', 'static', 'dockerfile', 'dockercompose']], 'static_image' => ['type' => 'string', 'description' => 'Static image used when static site is deployed.'], 'install_command' => ['type' => 'string', 'description' => 'Install command.'], 'build_command' => ['type' => 'string', 'description' => 'Build command.'], @@ -854,7 +854,8 @@ public function runtime_environment_variables() { return $this->morphMany(EnvironmentVariable::class, 'resourceable') ->where('is_preview', false) - ->where('key', 'not like', 'NIXPACKS_%'); + ->where('key', 'not like', 'NIXPACKS_%') + ->where('key', 'not like', 'RAILPACK_%'); } public function nixpacks_environment_variables() @@ -864,6 +865,13 @@ public function nixpacks_environment_variables() ->where('key', 'like', 'NIXPACKS_%'); } + public function railpack_environment_variables() + { + return $this->morphMany(EnvironmentVariable::class, 'resourceable') + ->where('is_preview', false) + ->where('key', 'like', 'RAILPACK_%'); + } + public function environment_variables_preview() { return $this->morphMany(EnvironmentVariable::class, 'resourceable') @@ -882,7 +890,8 @@ public function runtime_environment_variables_preview() { return $this->morphMany(EnvironmentVariable::class, 'resourceable') ->where('is_preview', true) - ->where('key', 'not like', 'NIXPACKS_%'); + ->where('key', 'not like', 'NIXPACKS_%') + ->where('key', 'not like', 'RAILPACK_%'); } public function nixpacks_environment_variables_preview() @@ -892,6 +901,13 @@ public function nixpacks_environment_variables_preview() ->where('key', 'like', 'NIXPACKS_%'); } + public function railpack_environment_variables_preview() + { + return $this->morphMany(EnvironmentVariable::class, 'resourceable') + ->where('is_preview', true) + ->where('key', 'like', 'RAILPACK_%'); + } + public function scheduled_tasks(): HasMany { return $this->hasMany(ScheduledTask::class)->orderBy('name', 'asc'); @@ -1011,7 +1027,7 @@ public function deploymentType() public function could_set_build_commands(): bool { - if ($this->build_pack === 'nixpacks') { + if ($this->build_pack === 'nixpacks' || $this->build_pack === 'railpack') { return true; } diff --git a/docker/coolify-helper/Dockerfile b/docker/coolify-helper/Dockerfile index 14879eb96..ebe667437 100644 --- a/docker/coolify-helper/Dockerfile +++ b/docker/coolify-helper/Dockerfile @@ -11,6 +11,10 @@ ARG DOCKER_BUILDX_VERSION=0.25.0 ARG PACK_VERSION=0.38.2 # https://github.com/railwayapp/nixpacks/releases ARG NIXPACKS_VERSION=1.41.0 +# https://github.com/railwayapp/railpack/releases +ARG RAILPACK_VERSION=0.21.0 +# https://github.com/jdx/mise/releases — must match railpack's pinned version (https://raw.githubusercontent.com/railwayapp/railpack/refs/heads/main/core/mise/version.txt) +ARG MISE_VERSION=2026.3.12 # https://github.com/minio/mc/releases ARG MINIO_VERSION=RELEASE.2025-08-13T08-35-41Z @@ -25,17 +29,32 @@ ARG DOCKER_COMPOSE_VERSION ARG DOCKER_BUILDX_VERSION ARG PACK_VERSION ARG NIXPACKS_VERSION +ARG RAILPACK_VERSION +ARG MISE_VERSION USER root WORKDIR /artifacts RUN apk add --no-cache bash curl git git-lfs openssh-client tar tini RUN mkdir -p ~/.docker/cli-plugins + +# Install mise (musl build) at the path railpack expects (/tmp/railpack/mise/mise-VERSION). +# Railpack hardcodes a glibc mise download that fails on Alpine, so we pre-place a musl binary. +RUN mkdir -p /tmp/railpack/mise && \ + if [[ ${TARGETPLATFORM} == 'linux/amd64' ]]; then \ + curl -sSL "https://github.com/jdx/mise/releases/download/v${MISE_VERSION}/mise-v${MISE_VERSION}-linux-x64-musl.tar.gz" | tar xz && \ + mv mise/bin/mise "/tmp/railpack/mise/mise-${MISE_VERSION}" && rm -rf mise; \ + elif [[ ${TARGETPLATFORM} == 'linux/arm64' ]]; then \ + curl -sSL "https://github.com/jdx/mise/releases/download/v${MISE_VERSION}/mise-v${MISE_VERSION}-linux-arm64-musl.tar.gz" | tar xz && \ + mv mise/bin/mise "/tmp/railpack/mise/mise-${MISE_VERSION}" && rm -rf mise; \ + fi + RUN if [[ ${TARGETPLATFORM} == 'linux/amd64' ]]; then \ curl -sSL https://github.com/docker/buildx/releases/download/v${DOCKER_BUILDX_VERSION}/buildx-v${DOCKER_BUILDX_VERSION}.linux-amd64 -o ~/.docker/cli-plugins/docker-buildx && \ curl -sSL https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose && \ (curl -sSL https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz | tar -C /usr/bin/ --no-same-owner -xzv --strip-components=1 docker/docker) && \ (curl -sSL https://github.com/buildpacks/pack/releases/download/v${PACK_VERSION}/pack-v${PACK_VERSION}-linux.tgz | tar -C /usr/local/bin/ --no-same-owner -xzv pack) && \ curl -sSL https://nixpacks.com/install.sh | bash && \ + curl -sSL https://railpack.com/install.sh | RAILPACK_VERSION=${RAILPACK_VERSION} sh && \ chmod +x ~/.docker/cli-plugins/docker-compose /usr/bin/docker /usr/local/bin/pack /root/.docker/cli-plugins/docker-buildx \ ;fi @@ -45,6 +64,7 @@ RUN if [[ ${TARGETPLATFORM} == 'linux/arm64' ]]; then \ (curl -sSL https://download.docker.com/linux/static/stable/aarch64/docker-${DOCKER_VERSION}.tgz | tar -C /usr/bin/ --no-same-owner -xzv --strip-components=1 docker/docker) && \ (curl -sSL https://github.com/buildpacks/pack/releases/download/v${PACK_VERSION}/pack-v${PACK_VERSION}-linux-arm64.tgz | tar -C /usr/local/bin/ --no-same-owner -xzv pack) && \ curl -sSL https://nixpacks.com/install.sh | bash && \ + curl -sSL https://railpack.com/install.sh | RAILPACK_VERSION=${RAILPACK_VERSION} sh && \ chmod +x ~/.docker/cli-plugins/docker-compose /usr/bin/docker /usr/local/bin/pack /root/.docker/cli-plugins/docker-buildx \ ;fi diff --git a/openapi.json b/openapi.json index d119176a1..a23a9df40 100644 --- a/openapi.json +++ b/openapi.json @@ -111,6 +111,7 @@ "type": "string", "enum": [ "nixpacks", + "railpack", "static", "dockerfile", "dockercompose" @@ -564,6 +565,7 @@ "type": "string", "enum": [ "nixpacks", + "railpack", "static", "dockerfile", "dockercompose" @@ -1009,6 +1011,7 @@ "type": "string", "enum": [ "nixpacks", + "railpack", "static", "dockerfile", "dockercompose" @@ -1434,6 +1437,7 @@ "type": "string", "enum": [ "nixpacks", + "railpack", "static", "dockerfile", "dockercompose" @@ -2442,6 +2446,7 @@ "type": "string", "enum": [ "nixpacks", + "railpack", "static", "dockerfile", "dockercompose" @@ -11509,6 +11514,7 @@ "description": "Build pack.", "enum": [ "nixpacks", + "railpack", "static", "dockerfile", "dockercompose" diff --git a/openapi.yaml b/openapi.yaml index 7064be28a..e3168d131 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -81,7 +81,7 @@ paths: description: 'The git branch.' build_pack: type: string - enum: [nixpacks, static, dockerfile, dockercompose] + enum: [nixpacks, railpack, static, dockerfile, dockercompose] description: 'The build pack type.' ports_exposes: type: string @@ -371,7 +371,7 @@ paths: description: 'The destination UUID.' build_pack: type: string - enum: [nixpacks, static, dockerfile, dockercompose] + enum: [nixpacks, railpack, static, dockerfile, dockercompose] description: 'The build pack type.' name: type: string @@ -655,7 +655,7 @@ paths: description: 'The destination UUID.' build_pack: type: string - enum: [nixpacks, static, dockerfile, dockercompose] + enum: [nixpacks, railpack, static, dockerfile, dockercompose] description: 'The build pack type.' name: type: string @@ -923,7 +923,7 @@ paths: description: 'The Dockerfile content.' build_pack: type: string - enum: [nixpacks, static, dockerfile, dockercompose] + enum: [nixpacks, railpack, static, dockerfile, dockercompose] description: 'The build pack type.' ports_exposes: type: string @@ -1556,7 +1556,7 @@ paths: description: 'The destination UUID.' build_pack: type: string - enum: [nixpacks, static, dockerfile, dockercompose] + enum: [nixpacks, railpack, static, dockerfile, dockercompose] description: 'The build pack type.' name: type: string @@ -7256,6 +7256,7 @@ components: description: 'Build pack.' enum: - nixpacks + - railpack - static - dockerfile - dockercompose diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index e27eda8b6..639be8f5d 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -31,6 +31,7 @@
+ @@ -218,16 +219,16 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" id="customDockerRunOptions" label="Custom Docker Options" x-bind:disabled="!canUpdate" /> @else @if ($application->could_set_build_commands()) - @if ($buildPack === 'nixpacks') + @if ($buildPack === 'nixpacks' || $buildPack === 'railpack')
- - -
-
Nixpacks will detect the required configuration +
{{ $buildPack === 'railpack' ? 'Railpack' : 'Nixpacks' }} will detect the required configuration automatically. Framework Specific Docs diff --git a/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php b/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php index 9eb9baea8..3c3313643 100644 --- a/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php +++ b/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php @@ -51,6 +51,7 @@ class="loading loading-xs dark:text-warning loading-spinner">
+ diff --git a/resources/views/livewire/project/new/github-private-repository.blade.php b/resources/views/livewire/project/new/github-private-repository.blade.php index 129c508a9..2d68b1900 100644 --- a/resources/views/livewire/project/new/github-private-repository.blade.php +++ b/resources/views/livewire/project/new/github-private-repository.blade.php @@ -77,6 +77,7 @@ @endforeach + diff --git a/resources/views/livewire/project/new/public-git-repository.blade.php b/resources/views/livewire/project/new/public-git-repository.blade.php index 02489719a..03fc71a5d 100644 --- a/resources/views/livewire/project/new/public-git-repository.blade.php +++ b/resources/views/livewire/project/new/public-git-repository.blade.php @@ -41,6 +41,7 @@ helper="You can select other branches after configuration is done." /> @endif + diff --git a/tests/Feature/ApplicationBuildpackCleanupTest.php b/tests/Feature/ApplicationBuildpackCleanupTest.php index b6b535a76..857410920 100644 --- a/tests/Feature/ApplicationBuildpackCleanupTest.php +++ b/tests/Feature/ApplicationBuildpackCleanupTest.php @@ -117,6 +117,52 @@ expect($application->environment_variables()->where('key', 'REGULAR_VAR')->count())->toBe(1); }); + test('model clears dockerfile fields when build_pack changes from dockerfile to railpack', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM node:18', + 'dockerfile_location' => '/Dockerfile', + 'dockerfile_target_build' => 'production', + 'custom_healthcheck_found' => true, + ]); + + $application->build_pack = 'railpack'; + $application->save(); + $application->refresh(); + + expect($application->build_pack)->toBe('railpack'); + expect($application->dockerfile)->toBeNull(); + expect($application->dockerfile_location)->toBeNull(); + expect($application->dockerfile_target_build)->toBeNull(); + expect($application->custom_healthcheck_found)->toBeFalse(); + }); + + test('model clears dockercompose fields when build_pack changes from dockercompose to railpack', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockercompose', + 'docker_compose_domains' => '{"app": "example.com"}', + 'docker_compose_raw' => 'version: "3.8"\nservices:\n app:\n image: nginx', + ]); + + $application->build_pack = 'railpack'; + $application->save(); + $application->refresh(); + + expect($application->build_pack)->toBe('railpack'); + expect($application->docker_compose_domains)->toBeNull(); + expect($application->docker_compose_raw)->toBeNull(); + }); + test('model does not clear dockerfile fields when switching to dockerfile', function () { $team = Team::factory()->create(); $project = Project::factory()->create(['team_id' => $team->id]); diff --git a/tests/Feature/ApplicationRailpackTest.php b/tests/Feature/ApplicationRailpackTest.php new file mode 100644 index 000000000..f3e49cc21 --- /dev/null +++ b/tests/Feature/ApplicationRailpackTest.php @@ -0,0 +1,168 @@ +create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'railpack', + ]); + + expect($application->could_set_build_commands())->toBeTrue(); + }); + + test('could_set_build_commands returns true for nixpacks', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'nixpacks', + ]); + + expect($application->could_set_build_commands())->toBeTrue(); + }); + + test('could_set_build_commands returns false for dockerfile', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockerfile', + ]); + + expect($application->could_set_build_commands())->toBeFalse(); + }); + + test('railpack_environment_variables returns only RAILPACK_ prefixed vars', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'railpack', + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'RAILPACK_NODE_VERSION', + 'value' => '20', + 'is_buildtime' => true, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'REGULAR_VAR', + 'value' => 'value', + 'is_buildtime' => false, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'NIXPACKS_NODE_VERSION', + 'value' => '18', + 'is_buildtime' => true, + 'is_preview' => false, + ]); + + $railpackVars = $application->railpack_environment_variables; + expect($railpackVars)->toHaveCount(1); + expect($railpackVars->first()->key)->toBe('RAILPACK_NODE_VERSION'); + }); + + test('runtime_environment_variables excludes RAILPACK_ and NIXPACKS_ prefixed vars', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'railpack', + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'RAILPACK_NODE_VERSION', + 'value' => '20', + 'is_buildtime' => true, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'NIXPACKS_NODE_VERSION', + 'value' => '18', + 'is_buildtime' => true, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'APP_ENV', + 'value' => 'production', + 'is_buildtime' => false, + 'is_preview' => false, + ]); + + $runtimeVars = $application->runtime_environment_variables; + expect($runtimeVars)->toHaveCount(1); + expect($runtimeVars->first()->key)->toBe('APP_ENV'); + }); + + test('railpack_environment_variables_preview returns only RAILPACK_ prefixed preview vars', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'railpack', + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'RAILPACK_BUILD_CMD', + 'value' => 'npm run build', + 'is_buildtime' => true, + 'is_preview' => true, + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'REGULAR_VAR', + 'value' => 'value', + 'is_buildtime' => false, + 'is_preview' => true, + ]); + + $previewVars = $application->railpack_environment_variables_preview; + expect($previewVars)->toHaveCount(1); + expect($previewVars->first()->key)->toBe('RAILPACK_BUILD_CMD'); + }); +}); diff --git a/tests/Feature/BuildpackSwitchCleanupTest.php b/tests/Feature/BuildpackSwitchCleanupTest.php index b040f9a8f..babd940cb 100644 --- a/tests/Feature/BuildpackSwitchCleanupTest.php +++ b/tests/Feature/BuildpackSwitchCleanupTest.php @@ -111,6 +111,29 @@ expect($application->dockerfile)->toBeNull(); }); + test('clears dockerfile fields when switching from dockerfile to railpack', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM node:18', + 'dockerfile_location' => '/Dockerfile', + 'dockerfile_target_build' => 'production', + 'custom_healthcheck_found' => true, + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->set('buildPack', 'railpack') + ->call('updatedBuildPack'); + + $application->refresh(); + expect($application->build_pack)->toBe('railpack'); + expect($application->dockerfile)->toBeNull(); + expect($application->dockerfile_location)->toBeNull(); + expect($application->dockerfile_target_build)->toBeNull(); + expect($application->custom_healthcheck_found)->toBeFalse(); + }); + test('clears dockerfile fields when switching from dockerfile to dockercompose', function () { $application = Application::factory()->create([ 'environment_id' => $this->environment->id, From cddbaf581fd319d9266f31a97194c04ea166fe1e Mon Sep 17 00:00:00 2001 From: Aditya Tripathi Date: Mon, 23 Mar 2026 19:02:10 +0000 Subject: [PATCH 007/235] refactor(railpack): extract static image build, fix port logic, bump to v0.22.0 Extract build_railpack_static_image() into its own method, prevent port override when is_static is set, bump Railpack to 0.22.0, and improve test setup with beforeEach and correct polymorphic env var fields. --- app/Jobs/ApplicationDeploymentJob.php | 53 ++++++++++--------- .../Project/New/GithubPrivateRepository.php | 4 +- .../New/GithubPrivateRepositoryDeployKey.php | 4 +- .../Project/New/PublicGitRepository.php | 4 +- docker/coolify-helper/Dockerfile | 2 +- .../ApplicationBuildpackCleanupTest.php | 50 ++++++++++++++--- tests/Feature/ApplicationRailpackTest.php | 38 ++++--------- 7 files changed, 93 insertions(+), 62 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 33905ce59..460a7bf3d 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -483,7 +483,7 @@ private function decide_what_to_do() } elseif ($this->application->build_pack === 'railpack') { $this->deploy_railpack_buildpack(); } else { - throw new \RuntimeException("Unsupported build pack: {$this->application->build_pack}"); + throw new DeploymentException("Unsupported build pack: {$this->application->build_pack}"); } $this->post_deployment(); } @@ -2517,35 +2517,40 @@ private function build_railpack_image(): void // Step 3: If static, copy built assets into nginx image if ($this->application->settings->is_static) { - $publishDir = trim($this->application->publish_directory, '/'); - $publishDir = $publishDir ? "/{$publishDir}" : ''; - $dockerfile = base64_encode("FROM {$this->application->static_image} + $this->build_railpack_static_image(); + } + } + + private function build_railpack_static_image(): void + { + $publishDir = trim($this->application->publish_directory, '/'); + $publishDir = $publishDir ? "/{$publishDir}" : ''; + $dockerfile = base64_encode("FROM {$this->application->static_image} WORKDIR /usr/share/nginx/html/ LABEL coolify.deploymentId={$this->deployment_uuid} COPY --from={$this->build_image_name} /app{$publishDir} . COPY ./nginx.conf /etc/nginx/conf.d/default.conf"); - if (str($this->application->custom_nginx_configuration)->isNotEmpty()) { - $nginx_config = base64_encode($this->application->custom_nginx_configuration); - } else { - $nginx_config = $this->application->settings->is_spa - ? base64_encode(defaultNginxConfiguration('spa')) - : base64_encode(defaultNginxConfiguration()); - } - - $static_build = $this->dockerBuildkitSupported - ? "DOCKER_BUILDKIT=1 docker build {$this->addHosts} --network host -f {$this->workdir}/Dockerfile --progress plain -t {$this->production_image_name} {$this->workdir}" - : "docker build {$this->addHosts} --network host -f {$this->workdir}/Dockerfile -t {$this->production_image_name} {$this->workdir}"; - - $base64_static_build = base64_encode($static_build); - $this->execute_remote_command( - [executeInDocker($this->deployment_uuid, "echo '{$dockerfile}' | base64 -d | tee {$this->workdir}/Dockerfile > /dev/null")], - [executeInDocker($this->deployment_uuid, "echo '{$nginx_config}' | base64 -d | tee {$this->workdir}/nginx.conf > /dev/null")], - [executeInDocker($this->deployment_uuid, "echo '{$base64_static_build}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true], - [executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true], - [executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true], - ); + if (str($this->application->custom_nginx_configuration)->isNotEmpty()) { + $nginx_config = base64_encode($this->application->custom_nginx_configuration); + } else { + $nginx_config = $this->application->settings->is_spa + ? base64_encode(defaultNginxConfiguration('spa')) + : base64_encode(defaultNginxConfiguration()); } + + $static_build = $this->dockerBuildkitSupported + ? "DOCKER_BUILDKIT=1 docker build {$this->addHosts} --network host -f {$this->workdir}/Dockerfile --progress plain -t {$this->production_image_name} {$this->workdir}" + : "docker build {$this->addHosts} --network host -f {$this->workdir}/Dockerfile -t {$this->production_image_name} {$this->workdir}"; + + $base64_static_build = base64_encode($static_build); + $this->execute_remote_command( + [executeInDocker($this->deployment_uuid, "echo '{$dockerfile}' | base64 -d | tee {$this->workdir}/Dockerfile > /dev/null")], + [executeInDocker($this->deployment_uuid, "echo '{$nginx_config}' | base64 -d | tee {$this->workdir}/nginx.conf > /dev/null")], + [executeInDocker($this->deployment_uuid, "echo '{$base64_static_build}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true], + [executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true], + [executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true], + ); } private function generate_coolify_env_variables(bool $forBuildTime = false): Collection diff --git a/app/Livewire/Project/New/GithubPrivateRepository.php b/app/Livewire/Project/New/GithubPrivateRepository.php index c208e2cd2..63240620b 100644 --- a/app/Livewire/Project/New/GithubPrivateRepository.php +++ b/app/Livewire/Project/New/GithubPrivateRepository.php @@ -84,7 +84,9 @@ public function updatedBuildPack() { if ($this->build_pack === 'nixpacks' || $this->build_pack === 'railpack') { $this->show_is_static = true; - $this->port = 3000; + if (! $this->is_static) { + $this->port = 3000; + } } elseif ($this->build_pack === 'static') { $this->show_is_static = false; $this->is_static = false; diff --git a/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php b/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php index f312a9dc0..92d388234 100644 --- a/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php +++ b/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php @@ -97,7 +97,9 @@ public function updatedBuildPack() { if ($this->build_pack === 'nixpacks' || $this->build_pack === 'railpack') { $this->show_is_static = true; - $this->port = 3000; + if (! $this->is_static) { + $this->port = 3000; + } } elseif ($this->build_pack === 'static') { $this->show_is_static = false; $this->is_static = false; diff --git a/app/Livewire/Project/New/PublicGitRepository.php b/app/Livewire/Project/New/PublicGitRepository.php index eb4ce7b84..dd7a682d1 100644 --- a/app/Livewire/Project/New/PublicGitRepository.php +++ b/app/Livewire/Project/New/PublicGitRepository.php @@ -101,7 +101,9 @@ public function updatedBuildPack() { if ($this->build_pack === 'nixpacks' || $this->build_pack === 'railpack') { $this->show_is_static = true; - $this->port = 3000; + if (! $this->isStatic) { + $this->port = 3000; + } } elseif ($this->build_pack === 'static') { $this->show_is_static = false; $this->isStatic = false; diff --git a/docker/coolify-helper/Dockerfile b/docker/coolify-helper/Dockerfile index ebe667437..1f4ca8788 100644 --- a/docker/coolify-helper/Dockerfile +++ b/docker/coolify-helper/Dockerfile @@ -12,7 +12,7 @@ ARG PACK_VERSION=0.38.2 # https://github.com/railwayapp/nixpacks/releases ARG NIXPACKS_VERSION=1.41.0 # https://github.com/railwayapp/railpack/releases -ARG RAILPACK_VERSION=0.21.0 +ARG RAILPACK_VERSION=0.22.0 # https://github.com/jdx/mise/releases — must match railpack's pinned version (https://raw.githubusercontent.com/railwayapp/railpack/refs/heads/main/core/mise/version.txt) ARG MISE_VERSION=2026.3.12 # https://github.com/minio/mc/releases diff --git a/tests/Feature/ApplicationBuildpackCleanupTest.php b/tests/Feature/ApplicationBuildpackCleanupTest.php index 857410920..0dc0a8303 100644 --- a/tests/Feature/ApplicationBuildpackCleanupTest.php +++ b/tests/Feature/ApplicationBuildpackCleanupTest.php @@ -78,26 +78,29 @@ // Add environment variables that should be deleted EnvironmentVariable::create([ - 'application_id' => $application->id, + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, 'key' => 'SERVICE_FQDN_APP', 'value' => 'app.example.com', - 'is_build_time' => false, + 'is_buildtime' => false, 'is_preview' => false, ]); EnvironmentVariable::create([ - 'application_id' => $application->id, + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, 'key' => 'SERVICE_URL_APP', 'value' => 'http://app.example.com', - 'is_build_time' => false, + 'is_buildtime' => false, 'is_preview' => false, ]); EnvironmentVariable::create([ - 'application_id' => $application->id, + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, 'key' => 'REGULAR_VAR', 'value' => 'should_remain', - 'is_build_time' => false, + 'is_buildtime' => false, 'is_preview' => false, ]); @@ -154,6 +157,34 @@ 'docker_compose_raw' => 'version: "3.8"\nservices:\n app:\n image: nginx', ]); + // Add environment variables that should be deleted + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'SERVICE_FQDN_APP', + 'value' => 'app.example.com', + 'is_buildtime' => false, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'SERVICE_URL_APP', + 'value' => 'http://app.example.com', + 'is_buildtime' => false, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'key' => 'REGULAR_VAR', + 'value' => 'should_remain', + 'is_buildtime' => false, + 'is_preview' => false, + ]); + $application->build_pack = 'railpack'; $application->save(); $application->refresh(); @@ -161,6 +192,13 @@ expect($application->build_pack)->toBe('railpack'); expect($application->docker_compose_domains)->toBeNull(); expect($application->docker_compose_raw)->toBeNull(); + + // Verify SERVICE_FQDN_* and SERVICE_URL_* were deleted + expect($application->environment_variables()->where('key', 'SERVICE_FQDN_APP')->count())->toBe(0); + expect($application->environment_variables()->where('key', 'SERVICE_URL_APP')->count())->toBe(0); + + // Verify regular variables remain + expect($application->environment_variables()->where('key', 'REGULAR_VAR')->count())->toBe(1); }); test('model does not clear dockerfile fields when switching to dockerfile', function () { diff --git a/tests/Feature/ApplicationRailpackTest.php b/tests/Feature/ApplicationRailpackTest.php index f3e49cc21..59e8a82e0 100644 --- a/tests/Feature/ApplicationRailpackTest.php +++ b/tests/Feature/ApplicationRailpackTest.php @@ -10,13 +10,15 @@ uses(RefreshDatabase::class); describe('Application Railpack Support', function () { - test('could_set_build_commands returns true for railpack', function () { + beforeEach(function () { $team = Team::factory()->create(); $project = Project::factory()->create(['team_id' => $team->id]); - $environment = Environment::factory()->create(['project_id' => $project->id]); + $this->environment = Environment::factory()->create(['project_id' => $project->id]); + }); + test('could_set_build_commands returns true for railpack', function () { $application = Application::factory()->create([ - 'environment_id' => $environment->id, + 'environment_id' => $this->environment->id, 'build_pack' => 'railpack', ]); @@ -24,12 +26,8 @@ }); test('could_set_build_commands returns true for nixpacks', function () { - $team = Team::factory()->create(); - $project = Project::factory()->create(['team_id' => $team->id]); - $environment = Environment::factory()->create(['project_id' => $project->id]); - $application = Application::factory()->create([ - 'environment_id' => $environment->id, + 'environment_id' => $this->environment->id, 'build_pack' => 'nixpacks', ]); @@ -37,12 +35,8 @@ }); test('could_set_build_commands returns false for dockerfile', function () { - $team = Team::factory()->create(); - $project = Project::factory()->create(['team_id' => $team->id]); - $environment = Environment::factory()->create(['project_id' => $project->id]); - $application = Application::factory()->create([ - 'environment_id' => $environment->id, + 'environment_id' => $this->environment->id, 'build_pack' => 'dockerfile', ]); @@ -50,12 +44,8 @@ }); test('railpack_environment_variables returns only RAILPACK_ prefixed vars', function () { - $team = Team::factory()->create(); - $project = Project::factory()->create(['team_id' => $team->id]); - $environment = Environment::factory()->create(['project_id' => $project->id]); - $application = Application::factory()->create([ - 'environment_id' => $environment->id, + 'environment_id' => $this->environment->id, 'build_pack' => 'railpack', ]); @@ -92,12 +82,8 @@ }); test('runtime_environment_variables excludes RAILPACK_ and NIXPACKS_ prefixed vars', function () { - $team = Team::factory()->create(); - $project = Project::factory()->create(['team_id' => $team->id]); - $environment = Environment::factory()->create(['project_id' => $project->id]); - $application = Application::factory()->create([ - 'environment_id' => $environment->id, + 'environment_id' => $this->environment->id, 'build_pack' => 'railpack', ]); @@ -134,12 +120,8 @@ }); test('railpack_environment_variables_preview returns only RAILPACK_ prefixed preview vars', function () { - $team = Team::factory()->create(); - $project = Project::factory()->create(['team_id' => $team->id]); - $environment = Environment::factory()->create(['project_id' => $project->id]); - $application = Application::factory()->create([ - 'environment_id' => $environment->id, + 'environment_id' => $this->environment->id, 'build_pack' => 'railpack', ]); From ff0de0bc31c80245d310c9d39bd6caa653e00914 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 24 Mar 2026 06:59:29 +0100 Subject: [PATCH 008/235] fix(docker): add docker buildx prune for coolify-railpack builder --- app/Actions/Server/CleanupDocker.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Actions/Server/CleanupDocker.php b/app/Actions/Server/CleanupDocker.php index 0d9ca0153..135623b1f 100644 --- a/app/Actions/Server/CleanupDocker.php +++ b/app/Actions/Server/CleanupDocker.php @@ -51,6 +51,7 @@ public function handle(Server $server, bool $deleteUnusedVolumes = false, bool $ 'docker container prune -f --filter "label=coolify.managed=true" --filter "label!=coolify.proxy=true"', $imagePruneCmd, 'docker builder prune -af', + 'docker buildx prune --builder coolify-railpack -af 2>/dev/null || true', "docker images --filter before=$helperImageWithVersion --filter reference=$helperImage | grep $helperImage | awk '{print $3}' | xargs -r docker rmi -f", "docker images --filter before=$realtimeImageWithVersion --filter reference=$realtimeImage | grep $realtimeImage | awk '{print $3}' | xargs -r docker rmi -f", "docker images --filter before=$helperImageWithoutPrefixVersion --filter reference=$helperImageWithoutPrefix | grep $helperImageWithoutPrefix | awk '{print $3}' | xargs -r docker rmi -f", From 7dd648e549aa9e86299cbd32dc13e26b17a9dfd9 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 24 Mar 2026 06:59:45 +0100 Subject: [PATCH 009/235] feat(seeders): add railpack-static example application seed data Add ApplicationSeeder entry for railpack-static example with railpack build pack and corresponding application settings configuration. --- database/seeders/ApplicationSeeder.php | 16 ++++++++++++++++ database/seeders/ApplicationSettingsSeeder.php | 7 +++++++ 2 files changed, 23 insertions(+) diff --git a/database/seeders/ApplicationSeeder.php b/database/seeders/ApplicationSeeder.php index 2a0273e0f..edb28c377 100644 --- a/database/seeders/ApplicationSeeder.php +++ b/database/seeders/ApplicationSeeder.php @@ -145,5 +145,21 @@ public function run(): void 'source_id' => 1, 'source_type' => GitlabApp::class, ]); + Application::create([ + 'uuid' => 'railpack-static', + 'name' => 'Railpack Static Example', + 'fqdn' => 'http://railpack-static.127.0.0.1.sslip.io', + 'repository_project_id' => 603035348, + 'git_repository' => 'coollabsio/coolify-examples', + 'git_branch' => 'v4.x', + 'base_directory' => '/static', + 'build_pack' => 'railpack', + 'ports_exposes' => '80', + 'environment_id' => 1, + 'destination_id' => 0, + 'destination_type' => StandaloneDocker::class, + 'source_id' => 1, + 'source_type' => GithubApp::class, + ]); } } diff --git a/database/seeders/ApplicationSettingsSeeder.php b/database/seeders/ApplicationSettingsSeeder.php index 87236df8a..e8be0ba70 100644 --- a/database/seeders/ApplicationSettingsSeeder.php +++ b/database/seeders/ApplicationSettingsSeeder.php @@ -22,5 +22,12 @@ public function run(): void $gitlabPublic->settings->is_static = true; $gitlabPublic->settings->save(); } + + $railpackStatic = Application::where('uuid', 'railpack-static')->first(); + if ($railpackStatic) { + $railpackStatic->load(['settings']); + $railpackStatic->settings->is_static = true; + $railpackStatic->settings->save(); + } } } From 4afcbbb2096df7db98663b2aeb93f315b85431a1 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 24 Mar 2026 07:09:24 +0100 Subject: [PATCH 010/235] fix(deployment): properly escape shell arguments in railpack prepare command --- app/Jobs/ApplicationDeploymentJob.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 13511957f..f4ec4abda 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -2454,13 +2454,13 @@ private function build_railpack_image(): void $prepare_command .= " {$this->env_railpack_args}"; } if ($this->application->build_command) { - $prepare_command .= " --build-cmd \"{$this->application->build_command}\""; + $prepare_command .= ' --build-cmd '.escapeShellValue($this->application->build_command); } if ($this->application->start_command) { - $prepare_command .= " --start-cmd \"{$this->application->start_command}\""; + $prepare_command .= ' --start-cmd '.escapeShellValue($this->application->start_command); } if ($this->application->install_command) { - $prepare_command .= " --env RAILPACK_INSTALL_CMD=\"{$this->application->install_command}\""; + $prepare_command .= ' --env '.escapeShellValue("RAILPACK_INSTALL_CMD={$this->application->install_command}"); } $prepare_command .= " --plan-out /artifacts/railpack-plan.json {$this->workdir}"; From 9c8e5645b42703e2b56c31dd6c9a29c8d3a90d6b Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Thu, 26 Mar 2026 13:20:41 +0530 Subject: [PATCH 011/235] feat(application): make ports_exposes optional for portless apps --- .../Api/ApplicationsController.php | 16 ++++----- app/Jobs/ApplicationDeploymentJob.php | 33 +++++++++++-------- app/Livewire/Project/Application/General.php | 3 +- app/Models/Application.php | 2 +- ...exposes_nullable_in_applications_table.php | 22 +++++++++++++ .../project/application/general.blade.php | 9 ++++- 6 files changed, 60 insertions(+), 25 deletions(-) create mode 100644 database/migrations/2026_03_26_000000_make_ports_exposes_nullable_in_applications_table.php diff --git a/app/Http/Controllers/Api/ApplicationsController.php b/app/Http/Controllers/Api/ApplicationsController.php index 66f6a1ef8..6b57d8f5f 100644 --- a/app/Http/Controllers/Api/ApplicationsController.php +++ b/app/Http/Controllers/Api/ApplicationsController.php @@ -144,7 +144,7 @@ public function applications(Request $request) mediaType: 'application/json', schema: new OA\Schema( type: 'object', - required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'git_repository', 'git_branch', 'build_pack', 'ports_exposes'], + required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'git_repository', 'git_branch', 'build_pack'], properties: [ 'project_uuid' => ['type' => 'string', 'description' => 'The project UUID.'], 'server_uuid' => ['type' => 'string', 'description' => 'The server UUID.'], @@ -309,7 +309,7 @@ public function create_public_application(Request $request) mediaType: 'application/json', schema: new OA\Schema( type: 'object', - required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'github_app_uuid', 'git_repository', 'git_branch', 'build_pack', 'ports_exposes'], + required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'github_app_uuid', 'git_repository', 'git_branch', 'build_pack'], properties: [ 'project_uuid' => ['type' => 'string', 'description' => 'The project UUID.'], 'server_uuid' => ['type' => 'string', 'description' => 'The server UUID.'], @@ -474,7 +474,7 @@ public function create_private_gh_app_application(Request $request) mediaType: 'application/json', schema: new OA\Schema( type: 'object', - required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'private_key_uuid', 'git_repository', 'git_branch', 'build_pack', 'ports_exposes'], + required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'private_key_uuid', 'git_repository', 'git_branch', 'build_pack'], properties: [ 'project_uuid' => ['type' => 'string', 'description' => 'The project UUID.'], 'server_uuid' => ['type' => 'string', 'description' => 'The server UUID.'], @@ -776,7 +776,7 @@ public function create_dockerfile_application(Request $request) mediaType: 'application/json', schema: new OA\Schema( type: 'object', - required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'docker_registry_image_name', 'ports_exposes'], + required: ['project_uuid', 'server_uuid', 'environment_name', 'environment_uuid', 'docker_registry_image_name'], properties: [ 'project_uuid' => ['type' => 'string', 'description' => 'The project UUID.'], 'server_uuid' => ['type' => 'string', 'description' => 'The server UUID.'], @@ -1114,7 +1114,7 @@ private function create_application(Request $request, $type) 'git_repository' => ['string', 'required', new ValidGitRepositoryUrl], 'git_branch' => ['string', 'required', new ValidGitBranch], 'build_pack' => ['required', Rule::enum(BuildPackTypes::class)], - 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|required', + 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|nullable', 'docker_compose_domains' => 'array|nullable', 'docker_compose_domains.*' => 'array:name,domain', 'docker_compose_domains.*.name' => 'string|required', @@ -1307,7 +1307,7 @@ private function create_application(Request $request, $type) 'git_repository' => 'string|required', 'git_branch' => ['string', 'required', new ValidGitBranch], 'build_pack' => ['required', Rule::enum(BuildPackTypes::class)], - 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|required', + 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|nullable', 'github_app_uuid' => 'string|required', 'watch_paths' => 'string|nullable', 'docker_compose_domains' => 'array|nullable', @@ -1534,7 +1534,7 @@ private function create_application(Request $request, $type) 'git_repository' => ['string', 'required', new ValidGitRepositoryUrl], 'git_branch' => ['string', 'required', new ValidGitBranch], 'build_pack' => ['required', Rule::enum(BuildPackTypes::class)], - 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|required', + 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|nullable', 'private_key_uuid' => 'string|required', 'watch_paths' => 'string|nullable', 'docker_compose_domains' => 'array|nullable', @@ -1835,7 +1835,7 @@ private function create_application(Request $request, $type) $validationRules = [ 'docker_registry_image_name' => 'string|required', 'docker_registry_image_tag' => 'string', - 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|required', + 'ports_exposes' => 'string|regex:/^(\d+)(,\d+)*$/|nullable', ]; $validationRules = array_merge(sharedDataApplications(), $validationRules); $validator = customApiValidator($request->all(), $validationRules); diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 785e8c8e3..41eb81453 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -1282,7 +1282,7 @@ private function generate_runtime_environment_variables() // Add PORT if not exists, use the first port as default if ($this->build_pack !== 'dockercompose') { - if ($this->application->environment_variables->where('key', 'PORT')->isEmpty()) { + if ($this->application->environment_variables->where('key', 'PORT')->isEmpty() && ! empty($ports)) { $envs->push("PORT={$ports[0]}"); } } @@ -2585,7 +2585,7 @@ private function generate_compose_file() 'image' => $this->production_image_name, 'container_name' => $this->container_name, 'restart' => RESTART_MODE, - 'expose' => $ports, + ...(!empty($ports) ? ['expose' => $ports] : []), 'networks' => [ $this->destination->network => [ 'aliases' => array_merge( @@ -2617,16 +2617,19 @@ private function generate_compose_file() // If custom_healthcheck_found is true, the Dockerfile's HEALTHCHECK will be used // If healthcheck is disabled, no healthcheck will be added if (! $this->application->custom_healthcheck_found && ! $this->application->isHealthcheckDisabled()) { - $docker_compose['services'][$this->container_name]['healthcheck'] = [ - 'test' => [ - 'CMD-SHELL', - $this->generate_healthcheck_commands(), - ], - 'interval' => $this->application->health_check_interval.'s', - 'timeout' => $this->application->health_check_timeout.'s', - 'retries' => $this->application->health_check_retries, - 'start_period' => $this->application->health_check_start_period.'s', - ]; + $healthcheck_command = $this->generate_healthcheck_commands(); + if ($healthcheck_command !== null) { + $docker_compose['services'][$this->container_name]['healthcheck'] = [ + 'test' => [ + 'CMD-SHELL', + $healthcheck_command, + ], + 'interval' => $this->application->health_check_interval.'s', + 'timeout' => $this->application->health_check_timeout.'s', + 'retries' => $this->application->health_check_retries, + 'start_period' => $this->application->health_check_start_period.'s', + ]; + } } if (! is_null($this->application->limits_cpuset)) { @@ -2836,7 +2839,11 @@ private function generate_healthcheck_commands() // HTTP type healthcheck (default) if (! $this->application->health_check_port) { - $health_check_port = (int) $this->application->ports_exposes_array[0]; + if (! empty($this->application->ports_exposes_array)) { + $health_check_port = (int) $this->application->ports_exposes_array[0]; + } else { + return null; + } } else { $health_check_port = (int) $this->application->health_check_port; } diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php index 5c186af70..885c9dbac 100644 --- a/app/Livewire/Project/Application/General.php +++ b/app/Livewire/Project/Application/General.php @@ -153,7 +153,7 @@ protected function rules(): array 'staticImage' => 'required', 'baseDirectory' => array_merge(['required'], array_slice(ValidationPatterns::directoryPathRules(), 1)), 'publishDirectory' => ValidationPatterns::directoryPathRules(), - 'portsExposes' => 'required', + 'portsExposes' => 'nullable', 'portsMappings' => 'nullable', 'customNetworkAliases' => 'nullable', 'dockerfile' => 'nullable', @@ -208,7 +208,6 @@ protected function messages(): array 'buildPack.required' => 'The Build Pack field is required.', 'staticImage.required' => 'The Static Image field is required.', 'baseDirectory.required' => 'The Base Directory field is required.', - 'portsExposes.required' => 'The Exposed Ports field is required.', 'isStatic.required' => 'The Static setting is required.', 'isStatic.boolean' => 'The Static setting must be true or false.', 'isSpa.required' => 'The SPA setting is required.', diff --git a/app/Models/Application.php b/app/Models/Application.php index 4cc2dcf74..75b81920d 100644 --- a/app/Models/Application.php +++ b/app/Models/Application.php @@ -2147,7 +2147,7 @@ public function setConfig($config) 'config.build_pack' => 'required|string', 'config.base_directory' => 'required|string', 'config.publish_directory' => 'required|string', - 'config.ports_exposes' => 'required|string', + 'config.ports_exposes' => 'nullable|string', 'config.settings.is_static' => 'required|boolean', ]); if ($deepValidator->fails()) { diff --git a/database/migrations/2026_03_26_000000_make_ports_exposes_nullable_in_applications_table.php b/database/migrations/2026_03_26_000000_make_ports_exposes_nullable_in_applications_table.php new file mode 100644 index 000000000..ac7b5cb55 --- /dev/null +++ b/database/migrations/2026_03_26_000000_make_ports_exposes_nullable_in_applications_table.php @@ -0,0 +1,22 @@ +string('ports_exposes')->nullable()->change(); + }); + } + + public function down(): void + { + Schema::table('applications', function (Blueprint $table) { + $table->string('ports_exposes')->nullable(false)->default('')->change(); + }); + } +}; diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index d743e346e..9539f47dc 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -492,6 +492,13 @@ class="flex items-start gap-2 p-4 mb-4 text-sm rounded-lg bg-blue-50 dark:bg-blu
@endif @endif + @if (empty($portsExposes) || $portsExposes === '0') + + This application does not expose any ports and will not be reachable through the proxy or your domains. + This behavior is normal for background workers, bots, or scheduled tasks. + If your application needs to handle HTTP traffic, please specify the port(s) it listens on. + + @endif
@if ($isStatic || $buildPack === 'static') @else - @endif From 8c4865215b9ba90f0d37c7d2e81b351e8974001e Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Thu, 26 Mar 2026 13:26:50 +0530 Subject: [PATCH 012/235] feat(ui): show info callout only when domain is set without exposed ports --- resources/views/livewire/project/application/general.blade.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index 9539f47dc..91e462b46 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -492,7 +492,7 @@ class="flex items-start gap-2 p-4 mb-4 text-sm rounded-lg bg-blue-50 dark:bg-blu
@endif @endif - @if (empty($portsExposes) || $portsExposes === '0') + @if ((empty($portsExposes) || $portsExposes === '0') && !empty($fqdn)) This application does not expose any ports and will not be reachable through the proxy or your domains. This behavior is normal for background workers, bots, or scheduled tasks. From 886d01405f5da60c62e4fedd7d0c8d212caf1202 Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Sat, 28 Mar 2026 17:48:10 +0530 Subject: [PATCH 013/235] feat(applications): add configurable restart loop limit --- app/Actions/Docker/GetContainersStatus.php | 17 +-- app/Livewire/Project/Application/Advanced.php | 19 +++ app/Models/Application.php | 1 + .../Application/RestartLimitReached.php | 140 ++++++++++++++++++ ...rt_count_to_applications_and_databases.php | 22 +++ ...pplication-restart-limit-reached.blade.php | 7 + .../project/application/advanced.blade.php | 8 + 7 files changed, 204 insertions(+), 10 deletions(-) create mode 100644 app/Notifications/Application/RestartLimitReached.php create mode 100644 database/migrations/2026_03_27_000000_add_max_restart_count_to_applications_and_databases.php create mode 100644 resources/views/emails/application-restart-limit-reached.blade.php diff --git a/app/Actions/Docker/GetContainersStatus.php b/app/Actions/Docker/GetContainersStatus.php index 5966876c6..cfac83583 100644 --- a/app/Actions/Docker/GetContainersStatus.php +++ b/app/Actions/Docker/GetContainersStatus.php @@ -2,6 +2,7 @@ namespace App\Actions\Docker; +use App\Actions\Application\StopApplication; use App\Actions\Database\StartDatabaseProxy; use App\Actions\Database\StopDatabaseProxy; use App\Actions\Shared\ComplexStatusCheck; @@ -9,6 +10,7 @@ use App\Models\ApplicationPreview; use App\Models\Server; use App\Models\ServiceDatabase; +use App\Notifications\Application\RestartLimitReached as ApplicationRestartLimitReached; use App\Services\ContainerStatusAggregator; use App\Traits\CalculatesExcludedStatus; use Illuminate\Support\Arr; @@ -475,16 +477,11 @@ public function handle(Server $server, ?Collection $containers = null, ?Collecti 'last_restart_type' => 'crash', ]); - // Send notification - $containerName = $application->name; - $projectUuid = data_get($application, 'environment.project.uuid'); - $environmentName = data_get($application, 'environment.name'); - $applicationUuid = data_get($application, 'uuid'); - - if ($projectUuid && $applicationUuid && $environmentName) { - $url = base_url().'/project/'.$projectUuid.'/'.$environmentName.'/application/'.$applicationUuid; - } else { - $url = null; + // Check if restart limit has been reached + $maxAllowedRestarts = $application->max_restart_count ?? 0; + if ($maxAllowedRestarts > 0 && $maxRestartCount >= $maxAllowedRestarts && $previousRestartCount < $maxAllowedRestarts) { + StopApplication::dispatch($application); + $application->environment->project->team?->notify(new ApplicationRestartLimitReached($application)); } } diff --git a/app/Livewire/Project/Application/Advanced.php b/app/Livewire/Project/Application/Advanced.php index cf7ef3e0b..9954c3422 100644 --- a/app/Livewire/Project/Application/Advanced.php +++ b/app/Livewire/Project/Application/Advanced.php @@ -82,6 +82,9 @@ class Advanced extends Component #[Validate(['boolean'])] public bool $isConnectToDockerNetworkEnabled = false; + #[Validate(['integer', 'min:0'])] + public int $maxRestartCount = 10; + public function mount() { try { @@ -144,6 +147,7 @@ public function syncData(bool $toModel = false) $this->disableBuildCache = $this->application->settings->disable_build_cache; $this->injectBuildArgsToDockerfile = $this->application->settings->inject_build_args_to_dockerfile ?? true; $this->includeSourceCommitInBuild = $this->application->settings->include_source_commit_in_build ?? false; + $this->maxRestartCount = $this->application->max_restart_count ?? 10; } } @@ -252,6 +256,21 @@ public function saveCustomName() } } + public function saveMaxRestartCount() + { + try { + $this->authorize('update', $this->application); + $this->validate([ + 'maxRestartCount' => 'integer|min:0', + ]); + $this->application->max_restart_count = $this->maxRestartCount; + $this->application->save(); + $this->dispatch('success', 'Max restart count saved.'); + } catch (\Throwable $e) { + return handleError($e, $this); + } + } + public function render() { return view('livewire.project.application.advanced'); diff --git a/app/Models/Application.php b/app/Models/Application.php index 4cc2dcf74..85a04041b 100644 --- a/app/Models/Application.php +++ b/app/Models/Application.php @@ -125,6 +125,7 @@ class Application extends BaseModel protected $casts = [ 'http_basic_auth_password' => 'encrypted', 'restart_count' => 'integer', + 'max_restart_count' => 'integer', 'last_restart_at' => 'datetime', ]; diff --git a/app/Notifications/Application/RestartLimitReached.php b/app/Notifications/Application/RestartLimitReached.php new file mode 100644 index 000000000..8709e7cd3 --- /dev/null +++ b/app/Notifications/Application/RestartLimitReached.php @@ -0,0 +1,140 @@ +onQueue('high'); + $this->resource_name = data_get($resource, 'name'); + $this->project_uuid = data_get($resource, 'environment.project.uuid'); + $this->environment_uuid = data_get($resource, 'environment.uuid'); + $this->environment_name = data_get($resource, 'environment.name'); + $this->fqdn = data_get($resource, 'fqdn', null); + $this->restart_count = $resource->restart_count; + $this->max_restart_count = $resource->max_restart_count; + if (str($this->fqdn)->explode(',')->count() > 1) { + $this->fqdn = str($this->fqdn)->explode(',')->first(); + } + $this->resource_url = base_url()."/project/{$this->project_uuid}/environment/{$this->environment_uuid}/application/{$this->resource->uuid}"; + } + + public function via(object $notifiable): array + { + return $notifiable->getEnabledChannels('status_change'); + } + + public function toMail(): MailMessage + { + $mail = new MailMessage; + $mail->subject("Coolify: {$this->resource_name} stopped - restart limit reached ({$this->restart_count}/{$this->max_restart_count})"); + $mail->view('emails.application-restart-limit-reached', [ + 'name' => $this->resource_name, + 'fqdn' => $this->fqdn, + 'resource_url' => $this->resource_url, + 'restart_count' => $this->restart_count, + 'max_restart_count' => $this->max_restart_count, + ]); + + return $mail; + } + + public function toDiscord(): DiscordMessage + { + return new DiscordMessage( + title: ':warning: Restart limit reached', + description: "{$this->resource_name} has been stopped after {$this->restart_count} restarts (limit: {$this->max_restart_count}).\n\n[Open Application in Coolify]({$this->resource_url})", + color: DiscordMessage::errorColor(), + isCritical: true, + ); + } + + public function toTelegram(): array + { + $message = "Coolify: {$this->resource_name} has been stopped after {$this->restart_count} restarts (limit: {$this->max_restart_count})."; + + return [ + 'message' => $message, + 'buttons' => [ + [ + 'text' => 'Open Application in Coolify', + 'url' => $this->resource_url, + ], + ], + ]; + } + + public function toPushover(): PushoverMessage + { + $message = "{$this->resource_name} has been stopped after {$this->restart_count} restarts (limit: {$this->max_restart_count})."; + + return new PushoverMessage( + title: 'Restart limit reached', + level: 'error', + message: $message, + buttons: [ + [ + 'text' => 'Open Application in Coolify', + 'url' => $this->resource_url, + ], + ], + ); + } + + public function toSlack(): SlackMessage + { + $title = 'Restart limit reached'; + $description = "{$this->resource_name} has been stopped after {$this->restart_count} restarts (limit: {$this->max_restart_count})"; + + $description .= "\n\n*Project:* ".data_get($this->resource, 'environment.project.name'); + $description .= "\n*Environment:* {$this->environment_name}"; + $description .= "\n*Application URL:* {$this->resource_url}"; + + return new SlackMessage( + title: $title, + description: $description, + color: SlackMessage::errorColor() + ); + } + + public function toWebhook(): array + { + return [ + 'success' => false, + 'message' => 'Restart limit reached', + 'event' => 'restart_limit_reached', + 'application_name' => $this->resource_name, + 'application_uuid' => $this->resource->uuid, + 'restart_count' => $this->restart_count, + 'max_restart_count' => $this->max_restart_count, + 'url' => $this->resource_url, + 'project' => data_get($this->resource, 'environment.project.name'), + 'environment' => $this->environment_name, + 'fqdn' => $this->fqdn, + ]; + } +} diff --git a/database/migrations/2026_03_27_000000_add_max_restart_count_to_applications_and_databases.php b/database/migrations/2026_03_27_000000_add_max_restart_count_to_applications_and_databases.php new file mode 100644 index 000000000..578959c9a --- /dev/null +++ b/database/migrations/2026_03_27_000000_add_max_restart_count_to_applications_and_databases.php @@ -0,0 +1,22 @@ +integer('max_restart_count')->default(10)->after('restart_count'); + }); + } + + public function down(): void + { + Schema::table('applications', function (Blueprint $blueprint) { + $blueprint->dropColumn('max_restart_count'); + }); + } +}; diff --git a/resources/views/emails/application-restart-limit-reached.blade.php b/resources/views/emails/application-restart-limit-reached.blade.php new file mode 100644 index 000000000..e5fa01c00 --- /dev/null +++ b/resources/views/emails/application-restart-limit-reached.blade.php @@ -0,0 +1,7 @@ + +{{ $name }} has been automatically stopped after {{ $restart_count }} crash restarts (limit: {{ $max_restart_count }}). + +The application appears to be in a crash loop. Please investigate the issue and redeploy when ready. + +[Check what is going on]({{ $resource_url }}). + diff --git a/resources/views/livewire/project/application/advanced.blade.php b/resources/views/livewire/project/application/advanced.blade.php index 907500dfa..92020334b 100644 --- a/resources/views/livewire/project/application/advanced.blade.php +++ b/resources/views/livewire/project/application/advanced.blade.php @@ -75,6 +75,14 @@ helper="By default, you do not reach the Coolify defined networks.
Starting a docker compose based resource will have an internal network.
If you connect to a Coolify defined network, you maybe need to use different internal DNS names to connect to a resource.

For more information, check this." canGate="update" :canResource="$application" /> @endif +

Restart Limit

+
+ + Save +

Logs

From 3d9c0b7b50c68efc03e277123dfacfc198237bd7 Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Tue, 31 Mar 2026 11:35:49 +0530 Subject: [PATCH 014/235] refactor(migration): align migration name with actual schema change --- ...> 2026_03_27_000000_add_max_restart_count_to_applications.php} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename database/migrations/{2026_03_27_000000_add_max_restart_count_to_applications_and_databases.php => 2026_03_27_000000_add_max_restart_count_to_applications.php} (100%) diff --git a/database/migrations/2026_03_27_000000_add_max_restart_count_to_applications_and_databases.php b/database/migrations/2026_03_27_000000_add_max_restart_count_to_applications.php similarity index 100% rename from database/migrations/2026_03_27_000000_add_max_restart_count_to_applications_and_databases.php rename to database/migrations/2026_03_27_000000_add_max_restart_count_to_applications.php From 18508e91495e2f5662ecbf918d82e104aaee4845 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 9 Apr 2026 17:13:26 +0200 Subject: [PATCH 015/235] fix(railpack): pass build and start commands via --env instead of dedicated flags Replace --build-cmd and --start-cmd with --env RAILPACK_BUILD_CMD and --env RAILPACK_START_CMD to align with how install_command is already passed, matching the expected railpack CLI interface. --- app/Jobs/ApplicationDeploymentJob.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 26cef35d7..e9b4667ab 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -2498,10 +2498,10 @@ private function build_railpack_image(): void $prepare_command .= " {$this->env_railpack_args}"; } if ($this->application->build_command) { - $prepare_command .= ' --build-cmd '.escapeShellValue($this->application->build_command); + $prepare_command .= ' --env '.escapeShellValue("RAILPACK_BUILD_CMD={$this->application->build_command}"); } if ($this->application->start_command) { - $prepare_command .= ' --start-cmd '.escapeShellValue($this->application->start_command); + $prepare_command .= ' --env '.escapeShellValue("RAILPACK_START_CMD={$this->application->start_command}"); } if ($this->application->install_command) { $prepare_command .= ' --env '.escapeShellValue("RAILPACK_INSTALL_CMD={$this->application->install_command}"); From 0649a424b8468ff8be371643e7ed8d7a5ff539b4 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 9 Apr 2026 17:48:17 +0200 Subject: [PATCH 016/235] fix(buildpack): revert default build pack to nixpacks and reorder selector Change default build_pack from railpack back to nixpacks in all new application flows (GithubPrivateRepository, GithubPrivateRepositoryDeployKey, PublicGitRepository) and reorder the build pack dropdown so Nixpacks appears before Railpack across all relevant views. Add feature tests covering the nixpacks default and selector ordering. --- .../Project/New/GithubPrivateRepository.php | 2 +- .../New/GithubPrivateRepositoryDeployKey.php | 2 +- .../Project/New/PublicGitRepository.php | 2 +- .../project/application/general.blade.php | 2 +- ...ub-private-repository-deploy-key.blade.php | 2 +- .../new/github-private-repository.blade.php | 2 +- .../new/public-git-repository.blade.php | 2 +- ...pplicationGeneralBuildpackSelectorTest.php | 68 +++++++++++++++++++ .../NewApplicationBuildpackDefaultsTest.php | 43 ++++++++++++ 9 files changed, 118 insertions(+), 7 deletions(-) create mode 100644 tests/Feature/ApplicationGeneralBuildpackSelectorTest.php create mode 100644 tests/Feature/NewApplicationBuildpackDefaultsTest.php diff --git a/app/Livewire/Project/New/GithubPrivateRepository.php b/app/Livewire/Project/New/GithubPrivateRepository.php index b9db7373f..be7daddd7 100644 --- a/app/Livewire/Project/New/GithubPrivateRepository.php +++ b/app/Livewire/Project/New/GithubPrivateRepository.php @@ -63,7 +63,7 @@ class GithubPrivateRepository extends Component protected int $page = 1; - public $build_pack = 'railpack'; + public $build_pack = 'nixpacks'; public bool $show_is_static = true; diff --git a/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php b/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php index 1acf5bc18..e81139792 100644 --- a/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php +++ b/app/Livewire/Project/New/GithubPrivateRepositoryDeployKey.php @@ -46,7 +46,7 @@ class GithubPrivateRepositoryDeployKey extends Component public string $branch; - public $build_pack = 'railpack'; + public $build_pack = 'nixpacks'; public bool $show_is_static = true; diff --git a/app/Livewire/Project/New/PublicGitRepository.php b/app/Livewire/Project/New/PublicGitRepository.php index 8213f3cd0..fb24ba284 100644 --- a/app/Livewire/Project/New/PublicGitRepository.php +++ b/app/Livewire/Project/New/PublicGitRepository.php @@ -58,7 +58,7 @@ class PublicGitRepository extends Component public string $git_repository; - public $build_pack = 'railpack'; + public $build_pack = 'nixpacks'; public bool $show_is_static = true; diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index 87465c5d3..2aab1ab92 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -31,8 +31,8 @@
- + diff --git a/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php b/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php index 3c3313643..ca3c977a7 100644 --- a/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php +++ b/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php @@ -51,8 +51,8 @@ class="loading loading-xs dark:text-warning loading-spinner">
- + diff --git a/resources/views/livewire/project/new/github-private-repository.blade.php b/resources/views/livewire/project/new/github-private-repository.blade.php index 31dbed038..acbff15a6 100644 --- a/resources/views/livewire/project/new/github-private-repository.blade.php +++ b/resources/views/livewire/project/new/github-private-repository.blade.php @@ -82,8 +82,8 @@ @endforeach - + diff --git a/resources/views/livewire/project/new/public-git-repository.blade.php b/resources/views/livewire/project/new/public-git-repository.blade.php index 03fc71a5d..1df5cf907 100644 --- a/resources/views/livewire/project/new/public-git-repository.blade.php +++ b/resources/views/livewire/project/new/public-git-repository.blade.php @@ -41,8 +41,8 @@ helper="You can select other branches after configuration is done." /> @endif - + diff --git a/tests/Feature/ApplicationGeneralBuildpackSelectorTest.php b/tests/Feature/ApplicationGeneralBuildpackSelectorTest.php new file mode 100644 index 000000000..9b4c4c00d --- /dev/null +++ b/tests/Feature/ApplicationGeneralBuildpackSelectorTest.php @@ -0,0 +1,68 @@ +team = Team::factory()->create(); + $this->user = User::factory()->create(); + $this->team->members()->attach($this->user->id, ['role' => 'owner']); + + $this->actingAs($this->user); + session(['currentTeam' => $this->team]); + InstanceSettings::unguarded(function () { + InstanceSettings::updateOrCreate(['id' => 0], []); + }); + + $this->project = Project::factory()->create(['team_id' => $this->team->id]); + $this->environment = Environment::factory()->create(['project_id' => $this->project->id]); + $this->privateKey = PrivateKey::create([ + 'name' => 'Test Key', + 'private_key' => '-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACBbhpqHhqv6aI67Mj9abM3DVbmcfYhZAhC7ca4d9UCevAAAAJi/QySHv0Mk +hwAAAAtzc2gtZWQyNTUxOQAAACBbhpqHhqv6aI67Mj9abM3DVbmcfYhZAhC7ca4d9UCevA +AAAECBQw4jg1WRT2IGHMncCiZhURCts2s24HoDS0thHnnRKVuGmoeGq/pojrsyP1pszcNV +uZx9iFkCELtxrh31QJ68AAAAEXNhaWxANzZmZjY2ZDJlMmRkAQIDBA== +-----END OPENSSH PRIVATE KEY-----', + 'team_id' => $this->team->id, + ]); + $this->server = Server::factory()->create([ + 'team_id' => $this->team->id, + 'private_key_id' => $this->privateKey->id, + ]); + $this->destination = StandaloneDocker::where('server_id', $this->server->id)->first() + ?? StandaloneDocker::factory()->create(['server_id' => $this->server->id, 'network' => 'coolify-test']); +}); + +test('existing application buildpack selector lists nixpacks before railpack', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'destination_id' => $this->destination->id, + 'destination_type' => StandaloneDocker::class, + 'build_pack' => 'nixpacks', + 'static_image' => 'nginx:alpine', + 'base_directory' => '/', + 'is_http_basic_auth_enabled' => false, + 'redirect' => 'no', + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->assertSeeInOrder([ + '', + '', + ], false); +}); diff --git a/tests/Feature/NewApplicationBuildpackDefaultsTest.php b/tests/Feature/NewApplicationBuildpackDefaultsTest.php new file mode 100644 index 000000000..49c1ee7b2 --- /dev/null +++ b/tests/Feature/NewApplicationBuildpackDefaultsTest.php @@ -0,0 +1,43 @@ +team = Team::factory()->create(); + $this->user = User::factory()->create(); + $this->team->members()->attach($this->user->id, ['role' => 'owner']); + + $this->actingAs($this->user); + session(['currentTeam' => $this->team]); +}); + +describe('new application buildpack defaults', function () { + test('github app repository flow defaults to nixpacks', function () { + Livewire::test(GithubPrivateRepository::class, ['type' => 'private-gh-app']) + ->assertSet('build_pack', 'nixpacks'); + }); + + test('deploy key repository flow defaults to nixpacks', function () { + Livewire::test(GithubPrivateRepositoryDeployKey::class, ['type' => 'private-deploy-key']) + ->assertSet('build_pack', 'nixpacks'); + }); + + test('public repository flow defaults to nixpacks and lists railpack second', function () { + Livewire::test(PublicGitRepository::class, ['type' => 'public']) + ->assertSet('build_pack', 'nixpacks'); + }); + + test('public repository flow keeps railpack available after branch lookup', function () { + Livewire::test(PublicGitRepository::class, ['type' => 'public']) + ->set('branchFound', true) + ->assertSeeInOrder(['Nixpacks', 'Railpack']); + }); +}); From d7e1b7ec375c8f4d0700e845161c5f24ac51b8be Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 9 Apr 2026 18:45:42 +0200 Subject: [PATCH 017/235] feat(railpack): add config merging, beta badge, and nodejs seeder example - Implement railpack.json + generated config deep merging logic in ApplicationDeploymentJob with JSON validation and assoc array checks - Label Railpack as "Beta" in all build pack selectors and show a visible beta badge when railpack is selected in new-app forms - Add railpack-nodejs Fastify example to ApplicationSeeder - Add ApplicationSeederTest and ApplicationDeploymentRailpackConfigTest covering config merge behavior and seeder correctness --- app/Jobs/ApplicationDeploymentJob.php | 169 ++++++++++++++- database/seeders/ApplicationSeeder.php | 16 ++ .../project/application/general.blade.php | 10 +- ...ub-private-repository-deploy-key.blade.php | 10 +- .../new/github-private-repository.blade.php | 10 +- .../new/public-git-repository.blade.php | 10 +- ...pplicationGeneralBuildpackSelectorTest.php | 20 +- tests/Feature/ApplicationSeederTest.php | 51 +++++ .../NewApplicationBuildpackDefaultsTest.php | 10 +- ...pplicationDeploymentRailpackConfigTest.php | 195 ++++++++++++++++++ 10 files changed, 482 insertions(+), 19 deletions(-) create mode 100644 tests/Feature/ApplicationSeederTest.php create mode 100644 tests/Unit/ApplicationDeploymentRailpackConfigTest.php diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index e9b4667ab..d5c6b1c80 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -33,6 +33,7 @@ use Illuminate\Support\Collection; use Illuminate\Support\Sleep; use Illuminate\Support\Str; +use JsonException; use Spatie\Url\Url; use Symfony\Component\Yaml\Yaml; use Throwable; @@ -48,6 +49,10 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue private const NIXPACKS_PLAN_PATH = '/artifacts/thegameplan.json'; + private const RAILPACK_REPOSITORY_CONFIG_PATH = 'railpack.json'; + + private const RAILPACK_GENERATED_CONFIG_PATH = '.coolify/railpack.generated.json'; + public $tries = 1; public $timeout = 3600; @@ -2487,28 +2492,170 @@ private function generate_railpack_env_variables(): void $this->env_railpack_args = $this->env_railpack_args->implode(' '); } - private function build_railpack_image(): void + private function decode_railpack_config(string $config, string $source): array { - $this->generate_railpack_env_variables(); + try { + $decoded = json_decode($config, true, 512, JSON_THROW_ON_ERROR); + } catch (JsonException $exception) { + throw new DeploymentException("Invalid {$source}: {$exception->getMessage()}", $exception->getCode(), $exception); + } - // Step 1: Generate build plan with railpack prepare + if (! is_array($decoded)) { + throw new DeploymentException("Invalid {$source}: expected a JSON object."); + } + + return $decoded; + } + + private function is_assoc_array(array $value): bool + { + if ($value === []) { + return false; + } + + return array_keys($value) !== range(0, count($value) - 1); + } + + private function merge_railpack_config(array $base, array $overrides): array + { + foreach ($overrides as $key => $value) { + if ( + array_key_exists($key, $base) + && is_array($base[$key]) + && is_array($value) + && $this->is_assoc_array($base[$key]) + && $this->is_assoc_array($value) + ) { + $base[$key] = $this->merge_railpack_config($base[$key], $value); + } else { + $base[$key] = $value; + } + } + + return $base; + } + + private function railpack_config_overrides(): array + { + return []; + } + + private function railpack_prepare_environment_variables(): Collection + { + $variables = collect([]); + + if ($this->application->install_command) { + $variables->put('RAILPACK_INSTALL_CMD', $this->application->install_command); + } + + if ($this->application->build_command) { + $variables->put('RAILPACK_BUILD_CMD', $this->application->build_command); + } + + if ($this->application->start_command) { + $variables->put('RAILPACK_START_CMD', $this->application->start_command); + } + + return $variables; + } + + private function generated_railpack_config_relative_path(): string + { + return self::RAILPACK_GENERATED_CONFIG_PATH; + } + + private function generated_railpack_config_absolute_path(): string + { + return "{$this->workdir}/".self::RAILPACK_GENERATED_CONFIG_PATH; + } + + private function generate_railpack_config_file(): ?string + { + $repositoryConfig = []; + $this->execute_remote_command([ + executeInDocker($this->deployment_uuid, "test -f {$this->workdir}/".self::RAILPACK_REPOSITORY_CONFIG_PATH." && echo 'exists' || echo 'missing'"), + 'hidden' => true, + 'save' => 'railpack_config_exists', + ]); + + if (str($this->saved_outputs->get('railpack_config_exists'))->trim()->toString() === 'exists') { + $this->execute_remote_command([ + executeInDocker($this->deployment_uuid, "cat {$this->workdir}/".self::RAILPACK_REPOSITORY_CONFIG_PATH), + 'hidden' => true, + 'save' => 'railpack_repository_config', + ]); + + $repositoryConfig = $this->decode_railpack_config( + $this->saved_outputs->get('railpack_repository_config', ''), + 'repository railpack.json' + ); + } + + $overrides = $this->railpack_config_overrides(); + if ($repositoryConfig === [] && $overrides === []) { + return null; + } + + $mergedConfig = $this->merge_railpack_config($repositoryConfig, $overrides); + if (! array_key_exists('$schema', $mergedConfig)) { + $mergedConfig['$schema'] = 'https://schema.railpack.com'; + } + + try { + $encodedConfig = json_encode($mergedConfig, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES | JSON_THROW_ON_ERROR); + } catch (JsonException $exception) { + throw new DeploymentException("Failed to encode generated Railpack config: {$exception->getMessage()}", $exception->getCode(), $exception); + } + + $configPath = $this->generated_railpack_config_absolute_path(); + $encodedConfig = base64_encode($encodedConfig); + + $this->execute_remote_command( + [ + executeInDocker($this->deployment_uuid, "mkdir -p {$this->workdir}/.coolify"), + 'hidden' => true, + ], + [ + executeInDocker($this->deployment_uuid, "echo '{$encodedConfig}' | base64 -d | tee {$configPath} > /dev/null"), + 'hidden' => true, + ] + ); + + return $this->generated_railpack_config_relative_path(); + } + + private function railpack_prepare_command(?string $configFilePath = null): string + { $prepare_command = 'railpack prepare'; + $prepareEnvironmentVariables = $this->railpack_prepare_environment_variables() + ->map(fn ($value, $key) => "{$key}=".escapeShellValue($value)) + ->implode(' '); + + if ($prepareEnvironmentVariables !== '') { + $prepare_command = "{$prepareEnvironmentVariables} {$prepare_command}"; + } if ($this->env_railpack_args) { $prepare_command .= " {$this->env_railpack_args}"; } - if ($this->application->build_command) { - $prepare_command .= ' --env '.escapeShellValue("RAILPACK_BUILD_CMD={$this->application->build_command}"); - } - if ($this->application->start_command) { - $prepare_command .= ' --env '.escapeShellValue("RAILPACK_START_CMD={$this->application->start_command}"); - } - if ($this->application->install_command) { - $prepare_command .= ' --env '.escapeShellValue("RAILPACK_INSTALL_CMD={$this->application->install_command}"); + + if ($configFilePath) { + $prepare_command .= ' --config-file '.escapeShellValue($configFilePath); } $prepare_command .= " --plan-out /artifacts/railpack-plan.json {$this->workdir}"; + return $prepare_command; + } + + private function build_railpack_image(): void + { + $this->generate_railpack_env_variables(); + $railpackConfigPath = $this->generate_railpack_config_file(); + + // Step 1: Generate build plan with railpack prepare + $prepare_command = $this->railpack_prepare_command($railpackConfigPath); + $this->application_deployment_queue->addLogEntry('Generating Railpack build plan.'); $this->execute_remote_command( [executeInDocker($this->deployment_uuid, $prepare_command), 'hidden' => true], diff --git a/database/seeders/ApplicationSeeder.php b/database/seeders/ApplicationSeeder.php index edb28c377..212bcce79 100644 --- a/database/seeders/ApplicationSeeder.php +++ b/database/seeders/ApplicationSeeder.php @@ -47,6 +47,22 @@ public function run(): void 'source_id' => 1, 'source_type' => GithubApp::class, ]); + Application::create([ + 'uuid' => 'railpack-nodejs', + 'name' => 'Railpack NodeJS Fastify Example', + 'fqdn' => 'http://railpack-nodejs.127.0.0.1.sslip.io', + 'repository_project_id' => 603035348, + 'git_repository' => 'coollabsio/coolify-examples', + 'git_branch' => 'v4.x', + 'base_directory' => '/nodejs', + 'build_pack' => 'railpack', + 'ports_exposes' => '3000', + 'environment_id' => 1, + 'destination_id' => 0, + 'destination_type' => StandaloneDocker::class, + 'source_id' => 1, + 'source_type' => GithubApp::class, + ]); Application::create([ 'uuid' => 'dockerfile', 'name' => 'Dockerfile Example', diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index 2aab1ab92..382f05278 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -32,7 +32,7 @@ - + @@ -236,11 +236,15 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry"
-
{{ $buildPack === 'railpack' ? 'Railpack' : 'Nixpacks' }} will detect the required configuration - automatically. + @if ($buildPack === 'nixpacks') +
+ + Nixpacks + will detect the required configuration automatically. Framework Specific Docs
+ @endif @endif @endif diff --git a/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php b/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php index ca3c977a7..249ded1f7 100644 --- a/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php +++ b/resources/views/livewire/project/new/github-private-repository-deploy-key.blade.php @@ -52,7 +52,7 @@ class="loading loading-xs dark:text-warning loading-spinner"> - + @@ -61,6 +61,14 @@ class="loading loading-xs dark:text-warning loading-spinner"> @endif
+ @if ($build_pack === 'railpack') +
+ + Beta + +
+ @endif @if ($build_pack === 'dockercompose')
- + @@ -93,6 +93,14 @@ helper="If there is a build process involved (like Svelte, React, Next, etc..), please specify the output directory for the build assets." /> @endif
+ @if ($build_pack === 'railpack') +
+ + Beta + +
+ @endif @if ($build_pack === 'dockercompose')
- + @@ -52,6 +52,14 @@ helper="If there is a build process involved (like Svelte, React, Next, etc..), please specify the output directory for the build assets." /> @endif
+ @if ($build_pack === 'railpack') +
+ + Beta + +
+ @endif @if ($build_pack === 'dockercompose')
Nixpacks', - '', + '', ], false); }); + +test('existing application shows railpack beta badge in build helper copy', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'destination_id' => $this->destination->id, + 'destination_type' => StandaloneDocker::class, + 'build_pack' => 'railpack', + 'static_image' => 'nginx:alpine', + 'base_directory' => '/', + 'is_http_basic_auth_enabled' => false, + 'redirect' => 'no', + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->assertSee('Railpack') + ->assertSee('Beta'); +}); diff --git a/tests/Feature/ApplicationSeederTest.php b/tests/Feature/ApplicationSeederTest.php new file mode 100644 index 000000000..ac39ea4a7 --- /dev/null +++ b/tests/Feature/ApplicationSeederTest.php @@ -0,0 +1,51 @@ +seed([ + UserSeeder::class, + TeamSeeder::class, + PrivateKeySeeder::class, + ServerSeeder::class, + ProjectSeeder::class, + StandaloneDockerSeeder::class, + GithubAppSeeder::class, + ApplicationSeeder::class, + ]); + + $nixpacksExample = Application::where('uuid', 'nodejs')->first(); + $railpackExample = Application::where('uuid', 'railpack-nodejs')->first(); + + expect($nixpacksExample) + ->not->toBeNull() + ->and($nixpacksExample->name)->toBe('NodeJS Fastify Example') + ->and($nixpacksExample->build_pack)->toBe('nixpacks') + ->and($nixpacksExample->base_directory)->toBe('/nodejs') + ->and($nixpacksExample->ports_exposes)->toBe('3000'); + + expect($railpackExample) + ->not->toBeNull() + ->and($railpackExample->name)->toBe('Railpack NodeJS Fastify Example') + ->and($railpackExample->fqdn)->toBe('http://railpack-nodejs.127.0.0.1.sslip.io') + ->and($railpackExample->repository_project_id)->toBe(603035348) + ->and($railpackExample->git_repository)->toBe('coollabsio/coolify-examples') + ->and($railpackExample->git_branch)->toBe('v4.x') + ->and($railpackExample->base_directory)->toBe('/nodejs') + ->and($railpackExample->build_pack)->toBe('railpack') + ->and($railpackExample->ports_exposes)->toBe('3000') + ->and($railpackExample->environment_id)->toBe(1) + ->and($railpackExample->destination_id)->toBe(0) + ->and($railpackExample->source_id)->toBe(1); +}); diff --git a/tests/Feature/NewApplicationBuildpackDefaultsTest.php b/tests/Feature/NewApplicationBuildpackDefaultsTest.php index 49c1ee7b2..f1bcdcb65 100644 --- a/tests/Feature/NewApplicationBuildpackDefaultsTest.php +++ b/tests/Feature/NewApplicationBuildpackDefaultsTest.php @@ -38,6 +38,14 @@ test('public repository flow keeps railpack available after branch lookup', function () { Livewire::test(PublicGitRepository::class, ['type' => 'public']) ->set('branchFound', true) - ->assertSeeInOrder(['Nixpacks', 'Railpack']); + ->assertSeeInOrder(['Nixpacks', 'Railpack (Beta)']) + ->assertSee('Beta'); + }); + + test('deploy key repository flow shows railpack beta label in build pack selector', function () { + Livewire::test(GithubPrivateRepositoryDeployKey::class, ['type' => 'private-deploy-key']) + ->set('current_step', 'repository') + ->assertSee('Railpack (Beta)') + ->assertSee('Beta'); }); }); diff --git a/tests/Unit/ApplicationDeploymentRailpackConfigTest.php b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php new file mode 100644 index 000000000..5cd238b99 --- /dev/null +++ b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php @@ -0,0 +1,195 @@ +recordedCommands[] = $commands; + } +} + +function makeRailpackDeploymentJob(array $applicationAttributes = [], array $savedOutputs = []): array +{ + $job = new TestableRailpackDeploymentJob; + $reflection = new ReflectionClass(ApplicationDeploymentJob::class); + + $application = new Application($applicationAttributes); + + foreach ([ + 'application' => $application, + 'workdir' => '/artifacts/test-app', + 'deployment_uuid' => 'deployment-uuid', + 'saved_outputs' => new Collection($savedOutputs), + 'env_railpack_args' => "--env 'RAILPACK_NODE_VERSION=22'", + ] as $property => $value) { + $reflectionProperty = $reflection->getProperty($property); + $reflectionProperty->setAccessible(true); + $reflectionProperty->setValue($job, $value); + } + + return [$job, $reflection]; +} + +function invokeRailpackMethod(object $job, ReflectionClass $reflection, string $method, array $arguments = []): mixed +{ + $reflectionMethod = $reflection->getMethod($method); + $reflectionMethod->setAccessible(true); + + return $reflectionMethod->invokeArgs($job, $arguments); +} + +it('deep merges repository railpack config with coolify overrides', function () { + $repositoryConfigJson = json_encode([ + '$schema' => 'https://schema.railpack.com', + 'packages' => [ + 'node' => '20', + ], + 'steps' => [ + 'build' => [ + 'inputs' => [['step' => 'install']], + 'commands' => ['npm run build'], + ], + ], + 'deploy' => [ + 'variables' => [ + 'NODE_ENV' => 'production', + ], + 'startCommand' => 'node index.js', + ], + ], JSON_THROW_ON_ERROR); + + [$job, $reflection] = makeRailpackDeploymentJob( + [ + 'install_command' => 'npm ci', + 'build_command' => 'npm run build:prod', + 'start_command' => 'node server.js', + ], + [ + 'railpack_config_exists' => 'exists', + 'railpack_repository_config' => $repositoryConfigJson, + ], + ); + + $repositoryConfig = invokeRailpackMethod( + $job, + $reflection, + 'decode_railpack_config', + [$repositoryConfigJson, 'repository railpack.json'], + ); + $overrides = [ + 'deploy' => [ + 'variables' => [ + 'APP_ENV' => 'production', + ], + ], + 'packages' => [ + 'python' => '3.13', + ], + ]; + $generatedConfig = invokeRailpackMethod($job, $reflection, 'merge_railpack_config', [$repositoryConfig, $overrides]); + + expect($generatedConfig)->toMatchArray([ + '$schema' => 'https://schema.railpack.com', + 'packages' => [ + 'node' => '20', + 'python' => '3.13', + ], + 'steps' => [ + 'build' => [ + 'inputs' => [['step' => 'install']], + 'commands' => ['npm run build'], + ], + ], + 'deploy' => [ + 'variables' => [ + 'NODE_ENV' => 'production', + 'APP_ENV' => 'production', + ], + 'startCommand' => 'node index.js', + ], + ]); +}); + +it('writes a generated railpack config file when repository config exists', function () { + [$job, $reflection] = makeRailpackDeploymentJob( + ['build_command' => 'npm run build'], + [ + 'railpack_config_exists' => 'exists', + 'railpack_repository_config' => json_encode([ + '$schema' => 'https://schema.railpack.com', + 'steps' => [ + 'build' => [ + 'commands' => ['npm run build'], + ], + ], + ], JSON_THROW_ON_ERROR), + ], + ); + + $configPath = invokeRailpackMethod($job, $reflection, 'generate_railpack_config_file'); + + expect($configPath)->toBe('.coolify/railpack.generated.json'); + expect($job->recordedCommands)->toHaveCount(3); +}); + +it('does not generate a railpack config file for command overrides alone', function () { + [$job, $reflection] = makeRailpackDeploymentJob([ + 'install_command' => 'npm ci', + 'build_command' => 'npm run build', + 'start_command' => 'node server.js', + ]); + + $configPath = invokeRailpackMethod($job, $reflection, 'generate_railpack_config_file'); + + expect($configPath)->toBeNull(); + expect($job->recordedCommands)->toHaveCount(1); +}); + +it('fails fast when repository railpack config is invalid json', function () { + [$job, $reflection] = makeRailpackDeploymentJob( + ['build_command' => 'npm run build'], + [ + 'railpack_config_exists' => 'exists', + 'railpack_repository_config' => '{"steps":{"build":', + ], + ); + + expect(fn () => invokeRailpackMethod($job, $reflection, 'generate_railpack_config_file')) + ->toThrow(DeploymentException::class, 'Invalid repository railpack.json'); +}); + +it('builds railpack prepare command using process env vars for command overrides', function () { + [$job, $reflection] = makeRailpackDeploymentJob( + [ + 'install_command' => 'npm ci', + 'build_command' => 'npm run build', + 'start_command' => 'node server.js', + ], + ); + + $command = invokeRailpackMethod( + $job, + $reflection, + 'railpack_prepare_command', + ['.coolify/railpack.generated.json'], + ); + + expect($command)->toContain("railpack prepare --env 'RAILPACK_NODE_VERSION=22'"); + expect($command)->toContain('RAILPACK_INSTALL_CMD='.escapeshellarg('npm ci')); + expect($command)->toContain('RAILPACK_BUILD_CMD='.escapeshellarg('npm run build')); + expect($command)->toContain('RAILPACK_START_CMD='.escapeshellarg('node server.js')); + expect($command)->toContain('--config-file '.escapeshellarg('.coolify/railpack.generated.json')); + expect($command)->toContain('--plan-out /artifacts/railpack-plan.json /artifacts/test-app'); + expect($command)->not->toContain("--env 'RAILPACK_BUILD_CMD="); + expect($command)->not->toContain("--env 'RAILPACK_START_CMD="); + expect($command)->not->toContain("--env 'RAILPACK_INSTALL_CMD="); +}); From 3c51b1aaccee3fdd906c33f9f5527f3fded49e6b Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 9 Apr 2026 19:01:52 +0200 Subject: [PATCH 018/235] fix(railpack): pass command overrides through supported prepare/build args Use Railpack's install env handling and dedicated CLI flags for build/start overrides, and forward install commands into docker build secrets so image builds stay aligned with prepare-time configuration. Update the railpack config test to cover the new command format. --- app/Jobs/ApplicationDeploymentJob.php | 47 +++++++++---------- ...pplicationDeploymentRailpackConfigTest.php | 14 +++--- 2 files changed, 30 insertions(+), 31 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index d5c6b1c80..40f917601 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -2540,25 +2540,6 @@ private function railpack_config_overrides(): array return []; } - private function railpack_prepare_environment_variables(): Collection - { - $variables = collect([]); - - if ($this->application->install_command) { - $variables->put('RAILPACK_INSTALL_CMD', $this->application->install_command); - } - - if ($this->application->build_command) { - $variables->put('RAILPACK_BUILD_CMD', $this->application->build_command); - } - - if ($this->application->start_command) { - $variables->put('RAILPACK_START_CMD', $this->application->start_command); - } - - return $variables; - } - private function generated_railpack_config_relative_path(): string { return self::RAILPACK_GENERATED_CONFIG_PATH; @@ -2627,12 +2608,17 @@ private function generate_railpack_config_file(): ?string private function railpack_prepare_command(?string $configFilePath = null): string { $prepare_command = 'railpack prepare'; - $prepareEnvironmentVariables = $this->railpack_prepare_environment_variables() - ->map(fn ($value, $key) => "{$key}=".escapeShellValue($value)) - ->implode(' '); - if ($prepareEnvironmentVariables !== '') { - $prepare_command = "{$prepareEnvironmentVariables} {$prepare_command}"; + if ($this->application->install_command) { + $prepare_command .= ' --env '.escapeShellValue("RAILPACK_INSTALL_CMD={$this->application->install_command}"); + } + + if ($this->application->build_command) { + $prepare_command .= ' --build-cmd '.escapeShellValue($this->application->build_command); + } + + if ($this->application->start_command) { + $prepare_command .= ' --start-cmd '.escapeShellValue($this->application->start_command); } if ($this->env_railpack_args) { @@ -2681,11 +2667,22 @@ private function build_railpack_image(): void $cache_args = "--build-arg cache-key='{$this->application->uuid}'"; } + $installCommandEnv = ''; + $installCommandSecret = ''; + if ($this->application->install_command) { + $installCommandEnv = 'env RAILPACK_INSTALL_CMD='.escapeShellValue($this->application->install_command).' '; + $installCommandSecret = ' --secret id=RAILPACK_INSTALL_CMD,env=RAILPACK_INSTALL_CMD'; + $cache_args .= ' --build-arg secrets-hash='.$this->generate_secrets_hash(collect([ + 'RAILPACK_INSTALL_CMD' => $this->application->install_command, + ])); + } + $build_command = 'docker buildx create --name coolify-railpack --driver docker-container 2>/dev/null || true' - .' && docker buildx build --builder coolify-railpack' + ." && {$installCommandEnv}docker buildx build --builder coolify-railpack" ." {$this->addHosts} --network host" ." --build-arg BUILDKIT_SYNTAX='ghcr.io/railwayapp/railpack-frontend'" ." {$cache_args}" + ."{$installCommandSecret}" .' -f /artifacts/railpack-plan.json' .' --progress plain' .' --load' diff --git a/tests/Unit/ApplicationDeploymentRailpackConfigTest.php b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php index 5cd238b99..63ad618ae 100644 --- a/tests/Unit/ApplicationDeploymentRailpackConfigTest.php +++ b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php @@ -167,7 +167,7 @@ function invokeRailpackMethod(object $job, ReflectionClass $reflection, string $ ->toThrow(DeploymentException::class, 'Invalid repository railpack.json'); }); -it('builds railpack prepare command using process env vars for command overrides', function () { +it('builds railpack prepare command using railpack env for install and cli flags for build/start overrides', function () { [$job, $reflection] = makeRailpackDeploymentJob( [ 'install_command' => 'npm ci', @@ -183,13 +183,15 @@ function invokeRailpackMethod(object $job, ReflectionClass $reflection, string $ ['.coolify/railpack.generated.json'], ); - expect($command)->toContain("railpack prepare --env 'RAILPACK_NODE_VERSION=22'"); - expect($command)->toContain('RAILPACK_INSTALL_CMD='.escapeshellarg('npm ci')); - expect($command)->toContain('RAILPACK_BUILD_CMD='.escapeshellarg('npm run build')); - expect($command)->toContain('RAILPACK_START_CMD='.escapeshellarg('node server.js')); + expect($command)->toContain('railpack prepare'); + expect($command)->toContain('--env '.escapeshellarg('RAILPACK_INSTALL_CMD=npm ci')); + expect($command)->toContain("--env 'RAILPACK_NODE_VERSION=22'"); + expect($command)->toContain('--build-cmd '.escapeshellarg('npm run build')); + expect($command)->toContain('--start-cmd '.escapeshellarg('node server.js')); expect($command)->toContain('--config-file '.escapeshellarg('.coolify/railpack.generated.json')); expect($command)->toContain('--plan-out /artifacts/railpack-plan.json /artifacts/test-app'); expect($command)->not->toContain("--env 'RAILPACK_BUILD_CMD="); expect($command)->not->toContain("--env 'RAILPACK_START_CMD="); - expect($command)->not->toContain("--env 'RAILPACK_INSTALL_CMD="); + expect($command)->not->toContain('RAILPACK_BUILD_CMD='); + expect($command)->not->toContain('RAILPACK_START_CMD='); }); From 6b1b1b14f295c73f4d90587809bb4b81ce6a3ddd Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Tue, 14 Apr 2026 18:50:01 +0530 Subject: [PATCH 019/235] feat(ui): move Sentinel to dedicated tab with sidebar navigation and logs page --- app/Livewire/Server/Charts.php | 24 +++ app/Livewire/Server/Sentinel.php | 19 +- app/Livewire/Server/Sentinel/Logs.php | 31 ++++ app/Livewire/Server/Sentinel/Show.php | 28 +++ .../server/sidebar-sentinel.blade.php | 10 ++ .../views/components/server/sidebar.blade.php | 5 - .../views/livewire/server/charts.blade.php | 25 ++- .../views/livewire/server/navbar.blade.php | 26 ++- .../views/livewire/server/sentinel.blade.php | 170 +++++++----------- .../livewire/server/sentinel/logs.blade.php | 13 ++ .../livewire/server/sentinel/show.blade.php | 16 ++ routes/web.php | 6 +- 12 files changed, 242 insertions(+), 131 deletions(-) create mode 100644 app/Livewire/Server/Sentinel/Logs.php create mode 100644 app/Livewire/Server/Sentinel/Show.php create mode 100644 resources/views/components/server/sidebar-sentinel.blade.php create mode 100644 resources/views/livewire/server/sentinel/logs.blade.php create mode 100644 resources/views/livewire/server/sentinel/show.blade.php diff --git a/app/Livewire/Server/Charts.php b/app/Livewire/Server/Charts.php index d0db87f57..c09c11b60 100644 --- a/app/Livewire/Server/Charts.php +++ b/app/Livewire/Server/Charts.php @@ -2,11 +2,15 @@ namespace App\Livewire\Server; +use App\Actions\Server\StartSentinel; use App\Models\Server; +use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Livewire\Component; class Charts extends Component { + use AuthorizesRequests; + public Server $server; public $chartId = 'server'; @@ -28,6 +32,26 @@ public function mount(string $server_uuid) } } + public function toggleMetrics() + { + try { + $this->authorize('update', $this->server); + $this->server->settings->is_metrics_enabled = ! $this->server->settings->is_metrics_enabled; + $this->server->settings->save(); + $this->server->refresh(); + + if ($this->server->isMetricsEnabled()) { + StartSentinel::run($this->server, true); + $this->dispatch('success', 'Metrics enabled. Restarting Sentinel.'); + } else { + $this->server->restartSentinel(); + $this->dispatch('success', 'Metrics disabled. Restarting Sentinel.'); + } + } catch (\Throwable $e) { + return handleError($e, $this); + } + } + public function pollData() { if ($this->poll || $this->interval <= 10) { diff --git a/app/Livewire/Server/Sentinel.php b/app/Livewire/Server/Sentinel.php index a4b35891b..f90af5a16 100644 --- a/app/Livewire/Server/Sentinel.php +++ b/app/Livewire/Server/Sentinel.php @@ -15,8 +15,6 @@ class Sentinel extends Component public Server $server; - public array $parameters = []; - public bool $isMetricsEnabled; #[Validate(['required', 'string', 'max:500', 'regex:/\A[a-zA-Z0-9._\-+=\/]+\z/'])] @@ -51,15 +49,9 @@ public function getListeners() ]; } - public function mount(string $server_uuid) + public function mount() { - try { - $this->server = Server::ownedByCurrentTeam()->whereUuid($server_uuid)->firstOrFail(); - $this->parameters = get_route_parameters(); - $this->syncData(); - } catch (\Throwable) { - return redirect()->route('server.index'); - } + $this->syncData(); } public function syncData(bool $toModel = false) @@ -110,20 +102,21 @@ public function restartSentinel() } } - public function updatedIsSentinelEnabled($value) + public function toggleSentinel() { try { $this->authorize('manageSentinel', $this->server); - if ($value === true) { + if (! $this->isSentinelEnabled) { if ($this->server->isBuildServer()) { - $this->isSentinelEnabled = false; $this->dispatch('error', 'Sentinel cannot be enabled on build servers.'); return; } + $this->isSentinelEnabled = true; $customImage = isDev() ? $this->sentinelCustomDockerImage : null; StartSentinel::run($this->server, true, null, $customImage); } else { + $this->isSentinelEnabled = false; $this->isMetricsEnabled = false; $this->isSentinelDebugEnabled = false; StopSentinel::dispatch($this->server); diff --git a/app/Livewire/Server/Sentinel/Logs.php b/app/Livewire/Server/Sentinel/Logs.php new file mode 100644 index 000000000..513776a6f --- /dev/null +++ b/app/Livewire/Server/Sentinel/Logs.php @@ -0,0 +1,31 @@ +parameters = get_route_parameters(); + try { + $this->server = Server::ownedByCurrentTeam()->whereUuid(request()->server_uuid)->first(); + if (is_null($this->server)) { + return redirect()->route('server.index'); + } + } catch (\Throwable $e) { + return handleError($e, $this); + } + } + + public function render() + { + return view('livewire.server.sentinel.logs'); + } +} diff --git a/app/Livewire/Server/Sentinel/Show.php b/app/Livewire/Server/Sentinel/Show.php new file mode 100644 index 000000000..4bfc4c398 --- /dev/null +++ b/app/Livewire/Server/Sentinel/Show.php @@ -0,0 +1,28 @@ +parameters = get_route_parameters(); + try { + $this->server = Server::ownedByCurrentTeam()->whereUuid(request()->server_uuid)->firstOrFail(); + } catch (\Throwable $e) { + return handleError($e, $this); + } + } + + public function render() + { + return view('livewire.server.sentinel.show'); + } +} diff --git a/resources/views/components/server/sidebar-sentinel.blade.php b/resources/views/components/server/sidebar-sentinel.blade.php new file mode 100644 index 000000000..8249c9413 --- /dev/null +++ b/resources/views/components/server/sidebar-sentinel.blade.php @@ -0,0 +1,10 @@ +
+ + Configuration + + + Logs + +
diff --git a/resources/views/components/server/sidebar.blade.php b/resources/views/components/server/sidebar.blade.php index 2d7649fab..82ec985e3 100644 --- a/resources/views/components/server/sidebar.blade.php +++ b/resources/views/components/server/sidebar.blade.php @@ -6,11 +6,6 @@ href="{{ route('server.advanced', ['server_uuid' => $server->uuid]) }}">Advanced @endif - @if ($server->isFunctional() && !$server->isSwarm() && !$server->isBuildServer()) - Sentinel - - @endif Private Key diff --git a/resources/views/livewire/server/charts.blade.php b/resources/views/livewire/server/charts.blade.php index 51953ab9a..0acb79b93 100644 --- a/resources/views/livewire/server/charts.blade.php +++ b/resources/views/livewire/server/charts.blade.php @@ -6,7 +6,18 @@
-

Metrics

+
+

Metrics

+ @if ($server->isMetricsEnabled()) + + Disable Metrics + + @elseif ($server->isSentinelEnabled()) + + Enable Metrics + + @endif +
Basic metrics for your server.
@if ($server->isMetricsEnabled())
@@ -288,8 +299,16 @@
@else -
Metrics are disabled for this server. Enable them in Sentinel settings.
+ @if ($server->isSentinelEnabled()) + + Metrics are disabled for this server. Click "Enable Metrics" above to start collecting metrics. + + @else + + Metrics require Sentinel to be enabled. + Please enable Sentinel first. + + @endif @endif
diff --git a/resources/views/livewire/server/navbar.blade.php b/resources/views/livewire/server/navbar.blade.php index 4e53cd80e..bf55ca7f6 100644 --- a/resources/views/livewire/server/navbar.blade.php +++ b/resources/views/livewire/server/navbar.blade.php @@ -58,6 +58,17 @@ class="mx-1 dark:hover:fill-white fill-black dark:fill-warning">
@endif + @if ($server->isSentinelEnabled()) +
+
+ @if ($server->isSentinelLive()) + + @else + + @endif +
+
+ @endif
{{ data_get($server, 'name') }}
@@ -70,7 +81,7 @@ class="flex items-center gap-6 overflow-x-scroll sm:overflow-x-hidden scrollbar @if (!$server->isSwarmWorker() && !$server->settings->is_build_server) - routeIs('server.proxy') || request()->routeIs('server.proxy.*') ? 'dark:text-white' : '' }} flex items-center gap-1" href="{{ route('server.proxy', [ 'server_uuid' => data_get($server, 'uuid'), ]) }}" {{ wireNavigate() }}> Proxy @@ -82,6 +93,19 @@ class="flex items-center gap-6 overflow-x-scroll sm:overflow-x-hidden scrollbar @endif @endif + @if ($server->isFunctional() && !$server->isSwarm() && !$server->settings->is_build_server) + + Sentinel + @if ($server->isSentinelEnabled() && !$server->isSentinelLive()) + + + + @endif + + @endif diff --git a/resources/views/livewire/server/sentinel.blade.php b/resources/views/livewire/server/sentinel.blade.php index 27a6d7eed..95e8c64e2 100644 --- a/resources/views/livewire/server/sentinel.blade.php +++ b/resources/views/livewire/server/sentinel.blade.php @@ -1,111 +1,67 @@
- - {{ data_get_str($server, 'name')->limit(10) }} > Sentinel | Coolify - - -
- -
-
-
-

Sentinel

- - @if ($server->isSentinelEnabled()) -
- @if ($server->isSentinelLive()) - - Save - Restart - - Sentinel Logs - - - - Logs - - @else - - Save - Sync - - Sentinel Logs - - - - Logs - - @endif -
- @endif + +
+

Sentinel

+ + @if (!$isSentinelEnabled) + Enable Sentinel + @else +
+ Save + + {{ $server->isSentinelLive() ? 'Restart' : 'Sync' }} + + Disable Sentinel
-
-
- - @if ($server->isSentinelEnabled()) - @if (isDev()) - - @endif - - @else - @if (isDev()) - - @endif - - @endif -
- @if (isDev() && $server->isSentinelEnabled()) -
- -
- @endif - @if ($server->isSentinelEnabled()) -
- - Regenerate -
- - - -
-
- - - -
-
- @endif -
- + @endif
-
+
+ @if ($isSentinelEnabled && isDev()) +
+ +
+ @endif + @if (isDev() && $server->isSentinelEnabled()) +
+ +
+ @endif + @if ($server->isSentinelEnabled()) +
+ + + Regenerate +
+ +
+
+ + + +
+
+ @endif +
+
diff --git a/resources/views/livewire/server/sentinel/logs.blade.php b/resources/views/livewire/server/sentinel/logs.blade.php new file mode 100644 index 000000000..f92f0ab42 --- /dev/null +++ b/resources/views/livewire/server/sentinel/logs.blade.php @@ -0,0 +1,13 @@ +
+ + Sentinel Logs | Coolify + + +
+ +
+

Logs

+ +
+
+
diff --git a/resources/views/livewire/server/sentinel/show.blade.php b/resources/views/livewire/server/sentinel/show.blade.php new file mode 100644 index 000000000..d859a5e14 --- /dev/null +++ b/resources/views/livewire/server/sentinel/show.blade.php @@ -0,0 +1,16 @@ +
+ + Sentinel Configuration | Coolify + + + @if ($server->isFunctional()) +
+ +
+ +
+
+ @else +
Server is not validated. Validate first.
+ @endif +
diff --git a/routes/web.php b/routes/web.php index fad3c5d29..e739adba4 100644 --- a/routes/web.php +++ b/routes/web.php @@ -57,7 +57,8 @@ use App\Livewire\Server\Resources as ResourcesShow; use App\Livewire\Server\Security\Patches; use App\Livewire\Server\Security\TerminalAccess; -use App\Livewire\Server\Sentinel as ServerSentinel; +use App\Livewire\Server\Sentinel\Logs as SentinelLogs; +use App\Livewire\Server\Sentinel\Show as SentinelShow; use App\Livewire\Server\Show as ServerShow; use App\Livewire\Server\Swarm as ServerSwarm; use App\Livewire\Settings\Advanced as SettingsAdvanced; @@ -279,7 +280,8 @@ Route::get('/', ServerShow::class)->name('server.show'); Route::get('/advanced', ServerAdvanced::class)->name('server.advanced'); Route::get('/swarm', ServerSwarm::class)->name('server.swarm'); - Route::get('/sentinel', ServerSentinel::class)->name('server.sentinel'); + Route::get('/sentinel', SentinelShow::class)->name('server.sentinel'); + Route::get('/sentinel/logs', SentinelLogs::class)->name('server.sentinel.logs'); Route::get('/private-key', PrivateKeyShow::class)->name('server.private-key'); Route::get('/cloud-provider-token', CloudProviderTokenShow::class)->name('server.cloud-provider-token'); Route::get('/ca-certificate', CaCertificateShow::class)->name('server.ca-certificate'); From f8d095c9b9753bb607fdfa278787be16a2f17608 Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Tue, 14 Apr 2026 18:59:08 +0530 Subject: [PATCH 020/235] fix(routes): fix application metrics link and rename server.charts to server.metrics --- resources/views/components/server/sidebar.blade.php | 2 +- resources/views/livewire/project/shared/metrics.blade.php | 2 +- routes/web.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/resources/views/components/server/sidebar.blade.php b/resources/views/components/server/sidebar.blade.php index 82ec985e3..63590f768 100644 --- a/resources/views/components/server/sidebar.blade.php +++ b/resources/views/components/server/sidebar.blade.php @@ -32,7 +32,7 @@ Log Drains Metrics + href="{{ route('server.metrics', ['server_uuid' => $server->uuid]) }}">Metrics @endif @if (!$server->isBuildServer() && !$server->settings->is_cloudflare_tunnel) Metrics are not available for Docker Compose applications yet!
@elseif(!$resource->destination->server->isMetricsEnabled())
Metrics are only available for servers with Sentinel & Metrics enabled!
-
Go to Server settings to enable it.
+
Go to Server Metrics to enable it.
@else @if (!str($resource->status)->contains('running'))
Metrics are only available when the application container is running!
diff --git a/routes/web.php b/routes/web.php index e739adba4..80760aff4 100644 --- a/routes/web.php +++ b/routes/web.php @@ -289,7 +289,7 @@ Route::get('/cloudflare-tunnel', CloudflareTunnel::class)->name('server.cloudflare-tunnel'); Route::get('/destinations', ServerDestinations::class)->name('server.destinations'); Route::get('/log-drains', LogDrains::class)->name('server.log-drains'); - Route::get('/metrics', ServerCharts::class)->name('server.charts'); + Route::get('/metrics', ServerCharts::class)->name('server.metrics'); Route::get('/danger', DeleteServer::class)->name('server.delete'); Route::get('/proxy', ProxyShow::class)->name('server.proxy'); Route::get('/proxy/dynamic', ProxyDynamicConfigurations::class)->name('server.proxy.dynamic-confs'); From 65ca7e2df36feb1dbdcce65295be58fbba977647 Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Tue, 14 Apr 2026 19:01:01 +0530 Subject: [PATCH 021/235] refactor(ui): use callout components for application metrics alerts --- .../livewire/project/shared/metrics.blade.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/resources/views/livewire/project/shared/metrics.blade.php b/resources/views/livewire/project/shared/metrics.blade.php index e94a691d3..e86a86226 100644 --- a/resources/views/livewire/project/shared/metrics.blade.php +++ b/resources/views/livewire/project/shared/metrics.blade.php @@ -5,13 +5,19 @@
Basic metrics for your application container.
@if ($resource->getMorphClass() === 'App\Models\Application' && $resource->build_pack === 'dockercompose') -
Metrics are not available for Docker Compose applications yet!
+ + Metrics are not available for Docker Compose applications yet! + @elseif(!$resource->destination->server->isMetricsEnabled()) -
Metrics are only available for servers with Sentinel & Metrics enabled!
-
Go to Server Metrics to enable it.
+ + Metrics are only available for servers with Sentinel & Metrics enabled. + Go to Server Metrics to enable it. + @else @if (!str($resource->status)->contains('running')) -
Metrics are only available when the application container is running!
+ + Metrics are only available when the application container is running! + @else
From 2a5e1f483855bb675dff4585f40340452b07df6c Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Tue, 14 Apr 2026 19:05:40 +0530 Subject: [PATCH 022/235] fix(ui): server metrics charts were not loading after enabling metrics --- app/Livewire/Server/Charts.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Livewire/Server/Charts.php b/app/Livewire/Server/Charts.php index c09c11b60..7c555959f 100644 --- a/app/Livewire/Server/Charts.php +++ b/app/Livewire/Server/Charts.php @@ -43,6 +43,7 @@ public function toggleMetrics() if ($this->server->isMetricsEnabled()) { StartSentinel::run($this->server, true); $this->dispatch('success', 'Metrics enabled. Restarting Sentinel.'); + $this->redirect(route('server.metrics', ['server_uuid' => $this->server->uuid]), navigate: true); } else { $this->server->restartSentinel(); $this->dispatch('success', 'Metrics disabled. Restarting Sentinel.'); From 2ca0ee7d197d9be39b33af1e4299f263e93b79eb Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Tue, 14 Apr 2026 19:11:27 +0530 Subject: [PATCH 023/235] feat(ui): show warning callout on sentinel page if sentinel is out of sync --- resources/views/livewire/server/sentinel.blade.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/resources/views/livewire/server/sentinel.blade.php b/resources/views/livewire/server/sentinel.blade.php index 95e8c64e2..bbe0b7037 100644 --- a/resources/views/livewire/server/sentinel.blade.php +++ b/resources/views/livewire/server/sentinel.blade.php @@ -15,7 +15,12 @@
@endif
-
+ @if ($isSentinelEnabled && !$server->isSentinelLive()) + + Sentinel is not in sync with your server. Click "Sync" to re-sync. + + @endif +
@if ($isSentinelEnabled && isDev())
Date: Wed, 15 Apr 2026 11:30:43 +0300 Subject: [PATCH 024/235] feat: add emqx service template --- public/svgs/emqx-enterprise.svg | 7 +++++++ templates/compose/emqx-enterprise.yaml | 22 ++++++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 public/svgs/emqx-enterprise.svg create mode 100644 templates/compose/emqx-enterprise.yaml diff --git a/public/svgs/emqx-enterprise.svg b/public/svgs/emqx-enterprise.svg new file mode 100644 index 000000000..e67e1bffe --- /dev/null +++ b/public/svgs/emqx-enterprise.svg @@ -0,0 +1,7 @@ + + + + + + + diff --git a/templates/compose/emqx-enterprise.yaml b/templates/compose/emqx-enterprise.yaml new file mode 100644 index 000000000..1d62ea6f9 --- /dev/null +++ b/templates/compose/emqx-enterprise.yaml @@ -0,0 +1,22 @@ +# documentation: https://www.emqx.io/docs/en/latest/deploy/install-docker.html +# slogan: Open-source MQTT broker for IoT, IIoT, and connected vehicles. +# category: iot +# tags: mqtt,broker,iot,messaging,emqx,iiot +# logo: svgs/emqx-enterprise.svg +# port: 18083 + +services: + emqx: + image: emqx/emqx-enterprise:6.2.0 + environment: + - SERVICE_URL_EMQX_18083 + - EMQX_DASHBOARD__DEFAULT_PASSWORD=${SERVICE_PASSWORD_EMQX} + volumes: + - emqx_data:/opt/emqx/data + - emqx_log:/opt/emqx/log + healthcheck: + test: ["CMD", "/opt/emqx/bin/emqx", "ctl", "status"] + interval: 10s + timeout: 30s + retries: 5 + start_period: 30s From be6acd6f24983d47d3da0d7e0f520a98320e2da7 Mon Sep 17 00:00:00 2001 From: Mohmmad Qunibi <82610649+MohmmadQunibi@users.noreply.github.com> Date: Wed, 15 Apr 2026 19:11:03 +0300 Subject: [PATCH 025/235] Changed the category of emqx to Networking --- templates/compose/emqx-enterprise.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/compose/emqx-enterprise.yaml b/templates/compose/emqx-enterprise.yaml index 1d62ea6f9..0f62c1983 100644 --- a/templates/compose/emqx-enterprise.yaml +++ b/templates/compose/emqx-enterprise.yaml @@ -1,6 +1,6 @@ # documentation: https://www.emqx.io/docs/en/latest/deploy/install-docker.html # slogan: Open-source MQTT broker for IoT, IIoT, and connected vehicles. -# category: iot +# category: Networking # tags: mqtt,broker,iot,messaging,emqx,iiot # logo: svgs/emqx-enterprise.svg # port: 18083 From 950c4e5936c9e5cd179bc913047940bf0825ceaa Mon Sep 17 00:00:00 2001 From: Mohmmad Qunibi <82610649+MohmmadQunibi@users.noreply.github.com> Date: Mon, 20 Apr 2026 12:17:08 +0300 Subject: [PATCH 026/235] Update EMQX image to use 'latest' tag --- templates/compose/emqx-enterprise.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/compose/emqx-enterprise.yaml b/templates/compose/emqx-enterprise.yaml index 0f62c1983..e68c894bf 100644 --- a/templates/compose/emqx-enterprise.yaml +++ b/templates/compose/emqx-enterprise.yaml @@ -7,7 +7,7 @@ services: emqx: - image: emqx/emqx-enterprise:6.2.0 + image: emqx/emqx-enterprise:latest environment: - SERVICE_URL_EMQX_18083 - EMQX_DASHBOARD__DEFAULT_PASSWORD=${SERVICE_PASSWORD_EMQX} From 60d8aba323bf3332f2e5772d321106e2e5fd617c Mon Sep 17 00:00:00 2001 From: Hendrik Kleinwaechter Date: Wed, 22 Apr 2026 21:18:18 +0200 Subject: [PATCH 027/235] feat: configurable stop grace period for applications Adds stop_grace_period to application settings (seconds, 1-3600, default 30). Used in place of the hardcoded docker stop -t 30 in the four places that stop application containers: rolling update shutdown, manual stop, stop on another server, and preview deployment stop. Non-positive values fall back to the default via ($val > 0) ? $val : default, with tests covering 0 and -10 so the cast does not blow up if a bad value ever lands in the db. Picks up Jack Coy's work from #7125 which went dormant. His commits are squashed here with credit below. Co-authored-by: Jack Coy --- app/Actions/Application/StopApplication.php | 5 +- .../Application/StopApplicationOneServer.php | 6 ++- app/Jobs/ApplicationDeploymentJob.php | 13 ++++-- app/Livewire/Project/Application/Advanced.php | 35 ++++++++++++++ app/Livewire/Project/Application/Previews.php | 5 +- app/Models/ApplicationSetting.php | 1 + bootstrap/helpers/constants.php | 1 + ...p_grace_period_to_application_settings.php | 31 +++++++++++++ .../project/application/advanced.blade.php | 16 ++++++- .../Unit/ApplicationSettingStaticCastTest.php | 46 +++++++++++++++++++ 10 files changed, 152 insertions(+), 7 deletions(-) create mode 100644 database/migrations/2025_11_05_091558_add_stop_grace_period_to_application_settings.php diff --git a/app/Actions/Application/StopApplication.php b/app/Actions/Application/StopApplication.php index e86e30f04..2badcbb67 100644 --- a/app/Actions/Application/StopApplication.php +++ b/app/Actions/Application/StopApplication.php @@ -36,10 +36,13 @@ public function handle(Application $application, bool $previewDeployments = fals : getCurrentApplicationContainerStatus($server, $application->id, 0); $containersToStop = $containers->pluck('Names')->toArray(); + $timeout = ($application->settings->stop_grace_period > 0) + ? $application->settings->stop_grace_period + : DEFAULT_STOP_GRACE_PERIOD_SECONDS; foreach ($containersToStop as $containerName) { instant_remote_process(command: [ - "docker stop -t 30 $containerName", + "docker stop --time=$timeout $containerName", "docker rm -f $containerName", ], server: $server, throwError: false); } diff --git a/app/Actions/Application/StopApplicationOneServer.php b/app/Actions/Application/StopApplicationOneServer.php index bf9fdee72..cb51bc865 100644 --- a/app/Actions/Application/StopApplicationOneServer.php +++ b/app/Actions/Application/StopApplicationOneServer.php @@ -20,13 +20,17 @@ public function handle(Application $application, Server $server) } try { $containers = getCurrentApplicationContainerStatus($server, $application->id, 0); + $timeout = ($application->settings->stop_grace_period > 0) + ? $application->settings->stop_grace_period + : DEFAULT_STOP_GRACE_PERIOD_SECONDS; + if ($containers->count() > 0) { foreach ($containers as $container) { $containerName = data_get($container, 'Names'); if ($containerName) { instant_remote_process( [ - "docker stop -t 30 $containerName", + "docker stop --time=$timeout $containerName", "docker rm -f $containerName", ], $server diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 7e5025c8a..229f46cd8 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -3310,14 +3310,21 @@ private function build_image() private function graceful_shutdown_container(string $containerName, bool $skipRemove = false) { try { - $timeout = isDev() ? 1 : 30; + if (isDev()) { + $timeout = 1; + } else { + $timeout = ($this->application->settings->stop_grace_period > 0) + ? $this->application->settings->stop_grace_period + : DEFAULT_STOP_GRACE_PERIOD_SECONDS; + } + if ($skipRemove) { $this->execute_remote_command( - ["docker stop -t $timeout $containerName", 'hidden' => true, 'ignore_errors' => true] + ["docker stop --time=$timeout $containerName", 'hidden' => true, 'ignore_errors' => true] ); } else { $this->execute_remote_command( - ["docker stop -t $timeout $containerName", 'hidden' => true, 'ignore_errors' => true], + ["docker stop --time=$timeout $containerName", 'hidden' => true, 'ignore_errors' => true], ["docker rm -f $containerName", 'hidden' => true, 'ignore_errors' => true] ); } diff --git a/app/Livewire/Project/Application/Advanced.php b/app/Livewire/Project/Application/Advanced.php index cf7ef3e0b..862181ecf 100644 --- a/app/Livewire/Project/Application/Advanced.php +++ b/app/Livewire/Project/Application/Advanced.php @@ -61,6 +61,9 @@ class Advanced extends Component #[Validate(['string', 'nullable'])] public ?string $gpuOptions = null; + #[Validate(['string', 'nullable'])] + public ?string $stopGracePeriod = null; + #[Validate(['boolean'])] public bool $isBuildServerEnabled = false; @@ -145,6 +148,10 @@ public function syncData(bool $toModel = false) $this->injectBuildArgsToDockerfile = $this->application->settings->inject_build_args_to_dockerfile ?? true; $this->includeSourceCommitInBuild = $this->application->settings->include_source_commit_in_build ?? false; } + + // Load stop_grace_period separately since it has its own save handler + // Convert null to empty string to prevent dirty detection issues + $this->stopGracePeriod = $this->application->settings->stop_grace_period ?? ''; } private function resetDefaultLabels() @@ -252,6 +259,34 @@ public function saveCustomName() } } + public function saveStopGracePeriod() + { + try { + $this->authorize('update', $this->application); + + // Convert empty string to null, otherwise cast to integer + $value = ($this->stopGracePeriod === '' || $this->stopGracePeriod === null) + ? null + : (int) $this->stopGracePeriod; + + // Validate the integer value + if ($value !== null && ($value < 1 || $value > 3600)) { + $this->dispatch('error', 'Stop grace period must be between 1 and 3600 seconds.'); + + return; + } + + // Save to model + $this->application->settings->stop_grace_period = $value; + $this->application->settings->save(); + + // User feedback + $this->dispatch('success', 'Stop grace period updated.'); + } catch (\Throwable $e) { + return handleError($e, $this); + } + } + public function render() { return view('livewire.project.application.advanced'); diff --git a/app/Livewire/Project/Application/Previews.php b/app/Livewire/Project/Application/Previews.php index c887e9b83..9dd494f5c 100644 --- a/app/Livewire/Project/Application/Previews.php +++ b/app/Livewire/Project/Application/Previews.php @@ -338,10 +338,13 @@ public function addDockerImagePreview() private function stopContainers(array $containers, $server) { $containersToStop = collect($containers)->pluck('Names')->toArray(); + $timeout = ($this->application->settings->stop_grace_period > 0) + ? $this->application->settings->stop_grace_period + : DEFAULT_STOP_GRACE_PERIOD_SECONDS; foreach ($containersToStop as $containerName) { instant_remote_process(command: [ - "docker stop -t 30 $containerName", + "docker stop --time=$timeout $containerName", "docker rm -f $containerName", ], server: $server, throwError: false); } diff --git a/app/Models/ApplicationSetting.php b/app/Models/ApplicationSetting.php index 731a9b5da..c365bd187 100644 --- a/app/Models/ApplicationSetting.php +++ b/app/Models/ApplicationSetting.php @@ -26,6 +26,7 @@ class ApplicationSetting extends Model 'is_git_lfs_enabled' => 'boolean', 'is_git_shallow_clone_enabled' => 'boolean', 'docker_images_to_keep' => 'integer', + 'stop_grace_period' => 'integer', ]; protected $fillable = [ diff --git a/bootstrap/helpers/constants.php b/bootstrap/helpers/constants.php index bae2573de..ee6a3bc03 100644 --- a/bootstrap/helpers/constants.php +++ b/bootstrap/helpers/constants.php @@ -16,6 +16,7 @@ '@yearly' => '0 0 1 1 *', ]; const RESTART_MODE = 'unless-stopped'; +const DEFAULT_STOP_GRACE_PERIOD_SECONDS = 30; const DATABASE_DOCKER_IMAGES = [ 'bitnami/mariadb', diff --git a/database/migrations/2025_11_05_091558_add_stop_grace_period_to_application_settings.php b/database/migrations/2025_11_05_091558_add_stop_grace_period_to_application_settings.php new file mode 100644 index 000000000..cc702ce5c --- /dev/null +++ b/database/migrations/2025_11_05_091558_add_stop_grace_period_to_application_settings.php @@ -0,0 +1,31 @@ +integer('stop_grace_period') + ->nullable() + ->after('use_build_secrets') + ->comment('Seconds to wait for graceful shutdown before forcing container stop (1-3600). Null uses default of 30 seconds.'); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('application_settings', function (Blueprint $table) { + $table->dropColumn('stop_grace_period'); + }); + } +}; diff --git a/resources/views/livewire/project/application/advanced.blade.php b/resources/views/livewire/project/application/advanced.blade.php index a9f8c7233..362539a3c 100644 --- a/resources/views/livewire/project/application/advanced.blade.php +++ b/resources/views/livewire/project/application/advanced.blade.php @@ -86,7 +86,21 @@ helper="Readonly labels are disabled. You need to set the labels in the labels section." disabled instantSave id="isStripprefixEnabled" label="Strip Prefixes" canGate="update" :canResource="$application" /> @endif - +

Operations

+
+ + Save +

Logs

diff --git a/tests/Unit/ApplicationSettingStaticCastTest.php b/tests/Unit/ApplicationSettingStaticCastTest.php index 35ab7faaf..d06ee920d 100644 --- a/tests/Unit/ApplicationSettingStaticCastTest.php +++ b/tests/Unit/ApplicationSettingStaticCastTest.php @@ -103,3 +103,49 @@ ->and($casts[$field])->toBe('boolean'); } }); + +it('casts stop_grace_period to integer', function () { + $setting = new ApplicationSetting; + $casts = $setting->getCasts(); + + expect($casts)->toHaveKey('stop_grace_period') + ->and($casts['stop_grace_period'])->toBe('integer'); +}); + +it('handles null stop_grace_period for default behavior', function () { + $setting = new ApplicationSetting; + $setting->stop_grace_period = null; + + expect($setting->stop_grace_period)->toBeNull(); +}); + +it('casts stop_grace_period from string to integer', function () { + $setting = new ApplicationSetting; + $setting->stop_grace_period = '60'; + + expect($setting->stop_grace_period)->toBe(60) + ->and($setting->stop_grace_period)->toBeInt(); +}); + +it('casts stop_grace_period zero to integer (documents fallback trigger)', function () { + // Value of 0 is not a valid grace period — consumers guard with + // `($value > 0) ? $value : DEFAULT_STOP_GRACE_PERIOD_SECONDS`, so + // the cast itself must still round-trip cleanly without throwing. + $setting = new ApplicationSetting; + $setting->stop_grace_period = 0; + + expect($setting->stop_grace_period)->toBe(0) + ->and($setting->stop_grace_period)->toBeInt(); +}); + +it('casts stop_grace_period negative value to integer (documents fallback trigger)', function () { + // Negative values should never be persisted (UI validates `min=1`), + // but if one slips through (direct DB write, older data), the cast + // must not throw and consumers will treat it as the fallback via the + // `> 0` guard. + $setting = new ApplicationSetting; + $setting->stop_grace_period = -10; + + expect($setting->stop_grace_period)->toBe(-10) + ->and($setting->stop_grace_period)->toBeInt(); +}); From 3f88e85aacfbdad7b62c7f588d4f221a173c61ae Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Thu, 23 Apr 2026 14:53:31 +0530 Subject: [PATCH 028/235] feat(ui): add resource details view --- .../Project/Application/Configuration.php | 2 +- .../Project/Database/Configuration.php | 2 +- .../Project/Service/Configuration.php | 2 +- .../Project/Shared/ResourceDetails.php | 91 +++++++++++++++++++ .../components/forms/copy-button.blade.php | 13 ++- .../project/application/general.blade.php | 3 + .../database/clickhouse/general.blade.php | 3 + .../database/dragonfly/general.blade.php | 3 + .../project/database/keydb/general.blade.php | 3 + .../database/mariadb/general.blade.php | 3 + .../database/mongodb/general.blade.php | 3 + .../project/database/mysql/general.blade.php | 3 + .../database/postgresql/general.blade.php | 3 + .../project/database/redis/general.blade.php | 3 + .../project/service/stack-form.blade.php | 3 + .../project/shared/resource-details.blade.php | 57 ++++++++++++ 16 files changed, 191 insertions(+), 6 deletions(-) create mode 100644 app/Livewire/Project/Shared/ResourceDetails.php create mode 100644 resources/views/livewire/project/shared/resource-details.blade.php diff --git a/app/Livewire/Project/Application/Configuration.php b/app/Livewire/Project/Application/Configuration.php index cc1bf15b9..ad025bed5 100644 --- a/app/Livewire/Project/Application/Configuration.php +++ b/app/Livewire/Project/Application/Configuration.php @@ -35,7 +35,7 @@ public function mount() $project = currentTeam() ->projects() - ->select('id', 'uuid', 'team_id') + ->select('id', 'uuid', 'name', 'team_id') ->where('uuid', request()->route('project_uuid')) ->firstOrFail(); $environment = $project->environments() diff --git a/app/Livewire/Project/Database/Configuration.php b/app/Livewire/Project/Database/Configuration.php index 7c64a6eef..a62fbf2fe 100644 --- a/app/Livewire/Project/Database/Configuration.php +++ b/app/Livewire/Project/Database/Configuration.php @@ -34,7 +34,7 @@ public function mount() $project = currentTeam() ->projects() - ->select('id', 'uuid', 'team_id') + ->select('id', 'uuid', 'name', 'team_id') ->where('uuid', request()->route('project_uuid')) ->firstOrFail(); $environment = $project->environments() diff --git a/app/Livewire/Project/Service/Configuration.php b/app/Livewire/Project/Service/Configuration.php index 2d69ceb12..bf0a6b6a2 100644 --- a/app/Livewire/Project/Service/Configuration.php +++ b/app/Livewire/Project/Service/Configuration.php @@ -51,7 +51,7 @@ public function mount() $this->query = request()->query(); $project = currentTeam() ->projects() - ->select('id', 'uuid', 'team_id') + ->select('id', 'uuid', 'name', 'team_id') ->where('uuid', request()->route('project_uuid')) ->firstOrFail(); $environment = $project->environments() diff --git a/app/Livewire/Project/Shared/ResourceDetails.php b/app/Livewire/Project/Shared/ResourceDetails.php new file mode 100644 index 000000000..8a4117c39 --- /dev/null +++ b/app/Livewire/Project/Shared/ResourceDetails.php @@ -0,0 +1,91 @@ +authorize('view', $this->resource); + + $environment = $this->resource->environment ?? null; + if ($environment) { + $this->environment_uuid = $environment->uuid; + $this->environment_name = $environment->name; + $project = $environment->project ?? null; + if ($project) { + $this->project_uuid = $project->uuid; + $this->project_name = $project->name; + } + } + + $server = $this->resolveServer(); + if ($server) { + $this->server_uuid = $server->uuid; + $this->server_name = $server->name; + } + + if ($this->resource instanceof Service) { + $this->stack_applications = $this->resource->applications + ->map(fn ($app) => [ + 'name' => $app->human_name ?: $app->name, + 'uuid' => $app->uuid, + ]) + ->values() + ->all(); + + $this->stack_databases = $this->resource->databases + ->map(fn ($db) => [ + 'name' => $db->human_name ?: $db->name, + 'uuid' => $db->uuid, + ]) + ->values() + ->all(); + } + } + + private function resolveServer() + { + try { + if (isset($this->resource->destination) && $this->resource->destination && isset($this->resource->destination->server)) { + return $this->resource->destination->server; + } + if (method_exists($this->resource, 'server') && $this->resource->server) { + return $this->resource->server; + } + } catch (\Throwable $e) { + return null; + } + + return null; + } + + public function render() + { + return view('livewire.project.shared.resource-details'); + } +} diff --git a/resources/views/components/forms/copy-button.blade.php b/resources/views/components/forms/copy-button.blade.php index 12fadc595..eb3f3d8a4 100644 --- a/resources/views/components/forms/copy-button.blade.php +++ b/resources/views/components/forms/copy-button.blade.php @@ -1,7 +1,13 @@ -@props(['text']) +@props(['text', 'label' => null]) -
- +
+ @if ($label) + + @endif +
+ +
diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index fe3ef3686..e0d1153e8 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -12,6 +12,9 @@
{{ $application->compose_parsing_version }}
@endif Save + + + @if ($buildPack === 'dockercompose') diff --git a/resources/views/livewire/project/database/clickhouse/general.blade.php b/resources/views/livewire/project/database/clickhouse/general.blade.php index 9283172ad..5fd006e8e 100644 --- a/resources/views/livewire/project/database/clickhouse/general.blade.php +++ b/resources/views/livewire/project/database/clickhouse/general.blade.php @@ -5,6 +5,9 @@ Save + + +
diff --git a/resources/views/livewire/project/database/dragonfly/general.blade.php b/resources/views/livewire/project/database/dragonfly/general.blade.php index ce46e47dd..0e29948a2 100644 --- a/resources/views/livewire/project/database/dragonfly/general.blade.php +++ b/resources/views/livewire/project/database/dragonfly/general.blade.php @@ -5,6 +5,9 @@ Save + + +
diff --git a/resources/views/livewire/project/database/keydb/general.blade.php b/resources/views/livewire/project/database/keydb/general.blade.php index ee3f8fd0c..1964fd5f3 100644 --- a/resources/views/livewire/project/database/keydb/general.blade.php +++ b/resources/views/livewire/project/database/keydb/general.blade.php @@ -5,6 +5,9 @@ Save + + +
diff --git a/resources/views/livewire/project/database/mariadb/general.blade.php b/resources/views/livewire/project/database/mariadb/general.blade.php index 1154124d1..ab6badda5 100644 --- a/resources/views/livewire/project/database/mariadb/general.blade.php +++ b/resources/views/livewire/project/database/mariadb/general.blade.php @@ -5,6 +5,9 @@ Save + + +
diff --git a/resources/views/livewire/project/database/mongodb/general.blade.php b/resources/views/livewire/project/database/mongodb/general.blade.php index e9e5d621d..787bc7ad5 100644 --- a/resources/views/livewire/project/database/mongodb/general.blade.php +++ b/resources/views/livewire/project/database/mongodb/general.blade.php @@ -5,6 +5,9 @@ Save + + +
diff --git a/resources/views/livewire/project/database/mysql/general.blade.php b/resources/views/livewire/project/database/mysql/general.blade.php index bb3916ec8..80dcad117 100644 --- a/resources/views/livewire/project/database/mysql/general.blade.php +++ b/resources/views/livewire/project/database/mysql/general.blade.php @@ -5,6 +5,9 @@ Save + + +
diff --git a/resources/views/livewire/project/database/postgresql/general.blade.php b/resources/views/livewire/project/database/postgresql/general.blade.php index 9c956f5b3..3f51bf31d 100644 --- a/resources/views/livewire/project/database/postgresql/general.blade.php +++ b/resources/views/livewire/project/database/postgresql/general.blade.php @@ -19,6 +19,9 @@ Save + + +
diff --git a/resources/views/livewire/project/database/redis/general.blade.php b/resources/views/livewire/project/database/redis/general.blade.php index 73ee5f0e5..e644a9107 100644 --- a/resources/views/livewire/project/database/redis/general.blade.php +++ b/resources/views/livewire/project/database/redis/general.blade.php @@ -5,6 +5,9 @@ Save + + +
diff --git a/resources/views/livewire/project/service/stack-form.blade.php b/resources/views/livewire/project/service/stack-form.blade.php index e63e7a509..0aec7c873 100644 --- a/resources/views/livewire/project/service/stack-form.blade.php +++ b/resources/views/livewire/project/service/stack-form.blade.php @@ -12,6 +12,9 @@ @endcan + + +
Configuration
diff --git a/resources/views/livewire/project/shared/resource-details.blade.php b/resources/views/livewire/project/shared/resource-details.blade.php new file mode 100644 index 000000000..3be82da12 --- /dev/null +++ b/resources/views/livewire/project/shared/resource-details.blade.php @@ -0,0 +1,57 @@ +
+
Identifiers for this resource. Read-only
+ +
+
+

Resource

+
+ + +
+
+ + @if ($environment_uuid) +
+

Environment

+
+ + +
+
+ @endif + + @if ($project_uuid) +
+

Project

+
+ + +
+
+ @endif + + @if ($server_uuid) +
+

Server

+
+ + +
+
+ @endif + + @if (! empty($stack_applications) || ! empty($stack_databases)) +
+

Stack Sub-Resources

+
+ @foreach ($stack_applications as $item) + + @endforeach + @foreach ($stack_databases as $item) + + @endforeach +
+
+ @endif +
+
From d371f0ed28f14d7700b668db364a369d4c19d30b Mon Sep 17 00:00:00 2001 From: ShadowArcanist <162910371+ShadowArcanist@users.noreply.github.com> Date: Thu, 23 Apr 2026 16:13:09 +0530 Subject: [PATCH 029/235] feat(destination): show resources that are deployed on the destination --- app/Livewire/Destination/Show.php | 62 +++++++++++++++++++ app/Models/StandaloneDocker.php | 5 +- .../views/livewire/destination/show.blade.php | 20 ++++++ 3 files changed, 86 insertions(+), 1 deletion(-) diff --git a/app/Livewire/Destination/Show.php b/app/Livewire/Destination/Show.php index 9d55d7462..11afbbccc 100644 --- a/app/Livewire/Destination/Show.php +++ b/app/Livewire/Destination/Show.php @@ -24,6 +24,8 @@ class Show extends Component #[Validate(['string', 'required'])] public string $serverIp; + public array $resources = []; + public function mount(string $destination_uuid) { try { @@ -33,11 +35,71 @@ public function mount(string $destination_uuid) } $this->destination = $destination; $this->syncData(); + $this->loadResources(); } catch (\Throwable $e) { return handleError($e, $this); } } + public function loadResources(): void + { + if ($this->destination->getMorphClass() !== \App\Models\StandaloneDocker::class) { + return; + } + + $this->resources = $this->collectResources([ + $this->destination->applications, + $this->destination->services, + $this->destination->postgresqls, + $this->destination->redis, + $this->destination->mongodbs, + $this->destination->mysqls, + $this->destination->mariadbs, + $this->destination->keydbs, + $this->destination->dragonflies, + $this->destination->clickhouses, + ]); + } + + protected function collectResources(array $groups): array + { + $rows = []; + foreach ($groups as $group) { + foreach ($group as $resource) { + $rows[] = $this->resourceRow($resource); + } + } + + return $rows; + } + + protected function resourceRow($resource): array + { + $type = match (true) { + $resource instanceof \App\Models\Application => 'application', + $resource instanceof \App\Models\Service => 'service', + default => 'database', + }; + $environment = $resource->environment; + $project = $environment?->project; + $routeName = "project.{$type}.configuration"; + $url = ($project && $environment) + ? route($routeName, [ + 'project_uuid' => $project->uuid, + 'environment_uuid' => $environment->uuid, + "{$type}_uuid" => $resource->uuid, + ]) + : null; + + return [ + 'type' => $type, + 'name' => $resource->name, + 'project' => $project?->name, + 'environment' => $environment?->name, + 'url' => $url, + ]; + } + public function syncData(bool $toModel = false) { if ($toModel) { diff --git a/app/Models/StandaloneDocker.php b/app/Models/StandaloneDocker.php index d6b4d1a1c..d12a15a7c 100644 --- a/app/Models/StandaloneDocker.php +++ b/app/Models/StandaloneDocker.php @@ -134,8 +134,11 @@ public function databases() $mongodbs = $this->mongodbs; $mysqls = $this->mysqls; $mariadbs = $this->mariadbs; + $keydbs = $this->keydbs; + $dragonflies = $this->dragonflies; + $clickhouses = $this->clickhouses; - return $postgresqls->concat($redis)->concat($mongodbs)->concat($mysqls)->concat($mariadbs); + return $postgresqls->concat($redis)->concat($mongodbs)->concat($mysqls)->concat($mariadbs)->concat($keydbs)->concat($dragonflies)->concat($clickhouses); } public function attachedTo() diff --git a/resources/views/livewire/destination/show.blade.php b/resources/views/livewire/destination/show.blade.php index 27260e920..1bb179823 100644 --- a/resources/views/livewire/destination/show.blade.php +++ b/resources/views/livewire/destination/show.blade.php @@ -28,4 +28,24 @@ @endif
+ + @if ($destination->getMorphClass() === 'App\Models\StandaloneDocker') +
+

Resources

+
Applications, services, and databases deployed to this network.
+ @if (count($resources) === 0) +
No resources are using this destination.
+ @else +
+ @foreach ($resources as $row) + +
{{ ucfirst($row['type']) }}: {{ $row['name'] }}
+
{{ $row['project'] }} / {{ $row['environment'] }}
+ + @endforeach +
+ @endif +
+ @endif
From 9208ed102206a67b06ea3dfa978b996106c6500d Mon Sep 17 00:00:00 2001 From: Mohmmad Qunibi <82610649+MohmmadQunibi@users.noreply.github.com> Date: Mon, 27 Apr 2026 09:25:16 +0300 Subject: [PATCH 030/235] Update EMQX image version to 6.2.0 --- templates/compose/emqx-enterprise.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/compose/emqx-enterprise.yaml b/templates/compose/emqx-enterprise.yaml index e68c894bf..0f62c1983 100644 --- a/templates/compose/emqx-enterprise.yaml +++ b/templates/compose/emqx-enterprise.yaml @@ -7,7 +7,7 @@ services: emqx: - image: emqx/emqx-enterprise:latest + image: emqx/emqx-enterprise:6.2.0 environment: - SERVICE_URL_EMQX_18083 - EMQX_DASHBOARD__DEFAULT_PASSWORD=${SERVICE_PASSWORD_EMQX} From 71771c7d3a2265254e92568955596d0c59016e0d Mon Sep 17 00:00:00 2001 From: Mohmmad Qunibi <82610649+MohmmadQunibi@users.noreply.github.com> Date: Mon, 27 Apr 2026 09:25:48 +0300 Subject: [PATCH 031/235] Add ports configuration for EMQX Enterprise --- templates/compose/emqx-enterprise.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/templates/compose/emqx-enterprise.yaml b/templates/compose/emqx-enterprise.yaml index 0f62c1983..01d063b6f 100644 --- a/templates/compose/emqx-enterprise.yaml +++ b/templates/compose/emqx-enterprise.yaml @@ -11,6 +11,11 @@ services: environment: - SERVICE_URL_EMQX_18083 - EMQX_DASHBOARD__DEFAULT_PASSWORD=${SERVICE_PASSWORD_EMQX} + ports: + - "1883:1883" + - "8083:8083" + - "8084:8084" + - "8883:8883" volumes: - emqx_data:/opt/emqx/data - emqx_log:/opt/emqx/log From e658d2f9a303aed81ba0a0b684e4910b66eba7d9 Mon Sep 17 00:00:00 2001 From: Romain ROCHAS Date: Mon, 27 Apr 2026 16:24:03 +0700 Subject: [PATCH 032/235] fix(magic env) HEX secrets creating double the length of their name --- bootstrap/helpers/shared.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php index 9f0f2cd73..d55a00a4c 100644 --- a/bootstrap/helpers/shared.php +++ b/bootstrap/helpers/shared.php @@ -1463,13 +1463,13 @@ function generateEnvValue(string $command, Service|Application|null $service = n $generatedValue = base64_encode(Str::random(32)); break; case 'HEX_32': - $generatedValue = bin2hex(Str::random(32)); + $generatedValue = bin2hex(Str::random(16)); break; case 'HEX_64': - $generatedValue = bin2hex(Str::random(64)); + $generatedValue = bin2hex(Str::random(32)); break; case 'HEX_128': - $generatedValue = bin2hex(Str::random(128)); + $generatedValue = bin2hex(Str::random(64)); break; case 'USER': $generatedValue = Str::random(16); From b3339d1034079a75e5a05c48c840c1f308fc89fd Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 28 Apr 2026 14:37:31 +0200 Subject: [PATCH 033/235] feat(railpack): add buildpack control var filtering and dev seeder Extract NIXPACKS_/RAILPACK_ prefix filtering into a reusable `scopeWithoutBuildpackControlVariables` query scope on EnvironmentVariable. Apply scope consistently to runtime vars, runtime preview vars, and buildtime var generation in ApplicationDeploymentJob. Refactor `generate_railpack_env_variables` to return a Collection. Add `RAILPACK_FRONTEND_IMAGE` constant and bake it into the coolify-helper Dockerfile as a build arg. Add DevelopmentRailpackExamplesSeeder (dev/local env only) for seeding example Railpack apps, wired into DatabaseSeeder. Add tests: - ApplicationDeploymentControlVarFilteringTest: verifies control vars are excluded from runtime and buildtime envs - DevelopmentRailpackExamplesSeederTest: verifies seeder behavior - ApplicationDeploymentRailpackEnvParityTest: parity checks for env handling across build/runtime paths --- app/Jobs/ApplicationDeploymentJob.php | 175 ++++--- app/Models/Application.php | 6 +- app/Models/EnvironmentVariable.php | 31 +- database/seeders/DatabaseSeeder.php | 6 + .../DevelopmentRailpackExamplesSeeder.php | 441 ++++++++++++++++++ docker/coolify-helper/Dockerfile | 2 + openapi.json | 12 +- openapi.yaml | 12 +- ...ationDeploymentControlVarFilteringTest.php | 287 ++++++++++++ .../DevelopmentRailpackExamplesSeederTest.php | 121 +++++ ...pplicationDeploymentRailpackConfigTest.php | 37 +- ...icationDeploymentRailpackEnvParityTest.php | 124 +++++ 12 files changed, 1177 insertions(+), 77 deletions(-) create mode 100644 database/seeders/DevelopmentRailpackExamplesSeeder.php create mode 100644 tests/Feature/ApplicationDeploymentControlVarFilteringTest.php create mode 100644 tests/Feature/DevelopmentRailpackExamplesSeederTest.php create mode 100644 tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index e12c8eabf..fbf981483 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -53,6 +53,8 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue private const RAILPACK_GENERATED_CONFIG_PATH = '.coolify/railpack.generated.json'; + private const RAILPACK_FRONTEND_IMAGE_ENV = '${RAILPACK_FRONTEND_IMAGE}'; + public $tries = 1; public $timeout = 3600; @@ -1259,11 +1261,11 @@ private function generate_runtime_environment_variables() $envs = collect([]); $sort = $this->application->settings->is_env_sorting_enabled; if ($sort) { - $sorted_environment_variables = $this->application->environment_variables->sortBy('key'); - $sorted_environment_variables_preview = $this->application->environment_variables_preview->sortBy('key'); + $sorted_environment_variables = $this->application->runtime_environment_variables->sortBy('key'); + $sorted_environment_variables_preview = $this->application->runtime_environment_variables_preview->sortBy('key'); } else { - $sorted_environment_variables = $this->application->environment_variables->sortBy('id'); - $sorted_environment_variables_preview = $this->application->environment_variables_preview->sortBy('id'); + $sorted_environment_variables = $this->application->runtime_environment_variables->sortBy('id'); + $sorted_environment_variables_preview = $this->application->runtime_environment_variables_preview->sortBy('id'); } if ($this->build_pack === 'dockercompose') { $sorted_environment_variables = $sorted_environment_variables->filter(function ($env) { @@ -1634,6 +1636,7 @@ private function generate_buildtime_environment_variables() // 4. Add user-defined build-time variables LAST (highest priority - can override everything) if ($this->pull_request_id === 0) { $sorted_environment_variables = $this->application->environment_variables() + ->withoutBuildpackControlVariables() ->where('is_buildtime', true) // ONLY build-time variables ->orderBy($this->application->settings->is_env_sorting_enabled ? 'key' : 'id') ->get(); @@ -1686,6 +1689,7 @@ private function generate_buildtime_environment_variables() } } else { $sorted_environment_variables = $this->application->environment_variables_preview() + ->withoutBuildpackControlVariables() ->where('is_buildtime', true) // ONLY build-time variables ->orderBy($this->application->settings->is_env_sorting_enabled ? 'key' : 'id') ->get(); @@ -2468,28 +2472,114 @@ private function generate_nixpacks_env_variables() $this->env_nixpacks_args = $this->env_nixpacks_args->implode(' '); } - private function generate_railpack_env_variables(): void + private function generate_railpack_env_variables(): Collection + { + $variables = $this->railpack_build_variables(); + + $this->env_railpack_args = $variables + ->map(function ($value, $key) { + return '--env '.escapeShellValue("{$key}={$value}"); + }) + ->implode(' '); + + return $variables; + } + + private function railpack_environment_variables_collection(): Collection { - $this->env_railpack_args = collect([]); if ($this->pull_request_id === 0) { - foreach ($this->application->railpack_environment_variables as $env) { - if (! is_null($env->real_value) && $env->real_value !== '') { - $this->env_railpack_args->push("--env {$env->key}={$env->real_value}"); - } - } - } else { - foreach ($this->application->railpack_environment_variables_preview as $env) { - if (! is_null($env->real_value) && $env->real_value !== '') { - $this->env_railpack_args->push("--env {$env->key}={$env->real_value}"); - } - } + return $this->application->railpack_environment_variables; } - // Note: COOLIFY_* vars are NOT passed to railpack prepare because railpack treats - // all --env vars as secrets that must be provided during docker buildx build. - // COOLIFY_* vars are informational and available at runtime via .env file. + return $this->application->railpack_environment_variables_preview; + } - $this->env_railpack_args = $this->env_railpack_args->implode(' '); + private function normalize_resolved_build_variable_value(EnvironmentVariable $environmentVariable): ?string + { + $resolvedValue = $environmentVariable->getResolvedValueWithServer($this->mainServer); + if (is_null($resolvedValue) || $resolvedValue === '') { + return null; + } + + if ($environmentVariable->is_literal || $environmentVariable->is_multiline) { + return trim($resolvedValue, "'"); + } + + return $resolvedValue; + } + + private function railpack_build_variables(): Collection + { + $variables = $this->railpack_environment_variables_collection() + ->mapWithKeys(function (EnvironmentVariable $environmentVariable) { + $value = $this->normalize_resolved_build_variable_value($environmentVariable); + if (is_null($value) || $value === '') { + return []; + } + + return [$environmentVariable->key => $value]; + }); + + if ($this->application->install_command) { + $variables->put('RAILPACK_INSTALL_CMD', $this->application->install_command); + } + + return $variables; + } + + private function railpack_build_environment_prefix(Collection $variables): string + { + if ($variables->isEmpty()) { + return ''; + } + + return 'env '.$variables + ->map(function ($value, $key) { + return "{$key}=".escapeShellValue($value); + }) + ->implode(' ').' '; + } + + private function railpack_build_secret_flags(Collection $variables): string + { + if ($variables->isEmpty()) { + return ''; + } + + return ' '.$variables + ->map(function ($value, $key) { + return "--secret id={$key},env={$key}"; + }) + ->implode(' '); + } + + private function railpack_build_command(string $imageName, Collection $variables): string + { + $cacheArgs = ''; + if ($this->force_rebuild) { + $cacheArgs = '--no-cache'; + } else { + $cacheArgs = "--build-arg cache-key='{$this->application->uuid}'"; + } + + if ($variables->isNotEmpty()) { + $cacheArgs .= ' --build-arg secrets-hash='.$this->generate_secrets_hash($variables); + } + + $environmentPrefix = $this->railpack_build_environment_prefix($variables); + $secretFlags = $this->railpack_build_secret_flags($variables); + + return 'docker buildx create --name coolify-railpack --driver docker-container 2>/dev/null || true' + ." && {$environmentPrefix}docker buildx build --builder coolify-railpack" + ." {$this->addHosts} --network host" + .' --build-arg BUILDKIT_SYNTAX="'.self::RAILPACK_FRONTEND_IMAGE_ENV.'"' + ." {$cacheArgs}" + ."{$secretFlags}" + .' -f /artifacts/railpack-plan.json' + .' --progress plain' + .' --load' + ." -t {$imageName}" + ." {$this->workdir}"; } private function decode_railpack_config(string $config, string $source): array @@ -2609,10 +2699,6 @@ private function railpack_prepare_command(?string $configFilePath = null): strin { $prepare_command = 'railpack prepare'; - if ($this->application->install_command) { - $prepare_command .= ' --env '.escapeShellValue("RAILPACK_INSTALL_CMD={$this->application->install_command}"); - } - if ($this->application->build_command) { $prepare_command .= ' --build-cmd '.escapeShellValue($this->application->build_command); } @@ -2636,7 +2722,7 @@ private function railpack_prepare_command(?string $configFilePath = null): strin private function build_railpack_image(): void { - $this->generate_railpack_env_variables(); + $railpackVariables = $this->generate_railpack_env_variables(); $railpackConfigPath = $this->generate_railpack_config_file(); // Step 1: Generate build plan with railpack prepare @@ -2660,34 +2746,7 @@ private function build_railpack_image(): void $this->pull_latest_image($this->application->static_image); } - $cache_args = ''; - if ($this->force_rebuild) { - $cache_args = '--no-cache'; - } else { - $cache_args = "--build-arg cache-key='{$this->application->uuid}'"; - } - - $installCommandEnv = ''; - $installCommandSecret = ''; - if ($this->application->install_command) { - $installCommandEnv = 'env RAILPACK_INSTALL_CMD='.escapeShellValue($this->application->install_command).' '; - $installCommandSecret = ' --secret id=RAILPACK_INSTALL_CMD,env=RAILPACK_INSTALL_CMD'; - $cache_args .= ' --build-arg secrets-hash='.$this->generate_secrets_hash(collect([ - 'RAILPACK_INSTALL_CMD' => $this->application->install_command, - ])); - } - - $build_command = 'docker buildx create --name coolify-railpack --driver docker-container 2>/dev/null || true' - ." && {$installCommandEnv}docker buildx build --builder coolify-railpack" - ." {$this->addHosts} --network host" - ." --build-arg BUILDKIT_SYNTAX='ghcr.io/railwayapp/railpack-frontend'" - ." {$cache_args}" - ."{$installCommandSecret}" - .' -f /artifacts/railpack-plan.json' - .' --progress plain' - .' --load' - ." -t {$image_name}" - ." {$this->workdir}"; + $build_command = $this->railpack_build_command($image_name, $railpackVariables); $base64_build_command = base64_encode($build_command); $this->execute_remote_command( @@ -2859,7 +2918,7 @@ private function generate_env_variables() // For build process, include only environment variables where is_buildtime = true if ($this->pull_request_id === 0) { $envs = $this->application->environment_variables() - ->where('key', 'not like', 'NIXPACKS_%') + ->withoutBuildpackControlVariables() ->where('is_buildtime', true) ->get(); @@ -2871,7 +2930,7 @@ private function generate_env_variables() } } else { $envs = $this->application->environment_variables_preview() - ->where('key', 'not like', 'NIXPACKS_%') + ->withoutBuildpackControlVariables() ->where('is_buildtime', true) ->get(); @@ -3951,7 +4010,7 @@ private function add_build_env_variables_to_dockerfile() if ($this->pull_request_id === 0) { // Only add environment variables that are available during build $envs = $this->application->environment_variables() - ->where('key', 'not like', 'NIXPACKS_%') + ->withoutBuildpackControlVariables() ->where('is_buildtime', true) ->get(); foreach ($envs as $env) { @@ -3973,7 +4032,7 @@ private function add_build_env_variables_to_dockerfile() } else { // Only add preview environment variables that are available during build $envs = $this->application->environment_variables_preview() - ->where('key', 'not like', 'NIXPACKS_%') + ->withoutBuildpackControlVariables() ->where('is_buildtime', true) ->get(); foreach ($envs as $env) { diff --git a/app/Models/Application.php b/app/Models/Application.php index 2201b1d16..2a364e13f 100644 --- a/app/Models/Application.php +++ b/app/Models/Application.php @@ -960,8 +960,7 @@ public function runtime_environment_variables() { return $this->morphMany(EnvironmentVariable::class, 'resourceable') ->where('is_preview', false) - ->where('key', 'not like', 'NIXPACKS_%') - ->where('key', 'not like', 'RAILPACK_%'); + ->withoutBuildpackControlVariables(); } public function nixpacks_environment_variables() @@ -996,8 +995,7 @@ public function runtime_environment_variables_preview() { return $this->morphMany(EnvironmentVariable::class, 'resourceable') ->where('is_preview', true) - ->where('key', 'not like', 'NIXPACKS_%') - ->where('key', 'not like', 'RAILPACK_%'); + ->withoutBuildpackControlVariables(); } public function nixpacks_environment_variables_preview() diff --git a/app/Models/EnvironmentVariable.php b/app/Models/EnvironmentVariable.php index 83212267c..25e2dcfb3 100644 --- a/app/Models/EnvironmentVariable.php +++ b/app/Models/EnvironmentVariable.php @@ -3,6 +3,7 @@ namespace App\Models; use App\Models\EnvironmentVariable as ModelsEnvironmentVariable; +use Illuminate\Database\Eloquent\Builder; use Illuminate\Database\Eloquent\Casts\Attribute; use OpenApi\Attributes as OA; @@ -32,6 +33,8 @@ )] class EnvironmentVariable extends BaseModel { + public const BUILDPACK_CONTROL_VARIABLE_PREFIXES = ['NIXPACKS_', 'RAILPACK_']; + protected $attributes = [ 'is_runtime' => true, 'is_buildtime' => true, @@ -78,7 +81,7 @@ class EnvironmentVariable extends BaseModel protected static function booted() { - static::created(function (EnvironmentVariable $environment_variable) { + static::created(function (ModelsEnvironmentVariable $environment_variable) { if ($environment_variable->resourceable_type === Application::class && ! $environment_variable->is_preview) { $found = ModelsEnvironmentVariable::where('key', $environment_variable->key) ->where('resourceable_type', Application::class) @@ -109,7 +112,7 @@ protected static function booted() ]); }); - static::saving(function (EnvironmentVariable $environmentVariable) { + static::saving(function (ModelsEnvironmentVariable $environmentVariable) { $environmentVariable->updateIsShared(); }); } @@ -119,6 +122,30 @@ public function service() return $this->belongsTo(Service::class); } + public function scopeWithoutBuildpackControlVariables(Builder $query): Builder + { + foreach (self::BUILDPACK_CONTROL_VARIABLE_PREFIXES as $prefix) { + $query->where('key', 'not like', "{$prefix}%"); + } + + return $query; + } + + public static function isBuildpackControlKey(?string $key): bool + { + if (blank($key)) { + return false; + } + + foreach (self::BUILDPACK_CONTROL_VARIABLE_PREFIXES as $prefix) { + if (str($key)->startsWith($prefix)) { + return true; + } + } + + return false; + } + protected function value(): Attribute { return Attribute::make( diff --git a/database/seeders/DatabaseSeeder.php b/database/seeders/DatabaseSeeder.php index 57ccab4ae..4f5c4431a 100644 --- a/database/seeders/DatabaseSeeder.php +++ b/database/seeders/DatabaseSeeder.php @@ -31,5 +31,11 @@ public function run(): void CaSslCertSeeder::class, PersonalAccessTokenSeeder::class, ]); + + if (in_array(config('app.env'), ['local', 'development', 'dev'], true)) { + $this->call([ + DevelopmentRailpackExamplesSeeder::class, + ]); + } } } diff --git a/database/seeders/DevelopmentRailpackExamplesSeeder.php b/database/seeders/DevelopmentRailpackExamplesSeeder.php new file mode 100644 index 000000000..4629f29ca --- /dev/null +++ b/database/seeders/DevelopmentRailpackExamplesSeeder.php @@ -0,0 +1,441 @@ +isDevelopmentEnvironment()) { + $this->command?->warn('Skipping DevelopmentRailpackExamplesSeeder outside development mode.'); + + return; + } + + $this->ensureDevelopmentPrerequisitesExist(); + $destination = StandaloneDocker::query()->find(0); + + if (! $destination) { + throw new RuntimeException('StandaloneDocker with id=0 is required before running DevelopmentRailpackExamplesSeeder.'); + } + + $environment = $this->prepareEnvironment(); + + foreach (self::examples() as $example) { + $this->upsertApplication($environment, $destination, $example); + } + } + + /** + * @return array> + */ + public static function examples(): array + { + return [ + [ + 'uuid' => 'railpack-simple-webserver', + 'name' => 'Railpack Simple Webserver Example', + 'base_directory' => '/node/simple-webserver', + 'ports_exposes' => '3000', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-expressjs', + 'name' => 'Railpack Express.js Example', + 'base_directory' => '/node/expressjs', + 'ports_exposes' => '3000', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-fastify', + 'name' => 'Railpack Fastify Example', + 'base_directory' => '/node/fastify', + 'ports_exposes' => '3000', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-nestjs', + 'name' => 'Railpack NestJS Example', + 'base_directory' => '/node/nestjs', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start:prod', + ], + [ + 'uuid' => 'railpack-adonisjs', + 'name' => 'Railpack AdonisJS Example', + 'base_directory' => '/node/adonisjs', + 'ports_exposes' => '3333', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-hono', + 'name' => 'Railpack Hono Example', + 'base_directory' => '/node/hono', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-koa', + 'name' => 'Railpack Koa Example', + 'base_directory' => '/node/koa', + 'ports_exposes' => '3000', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-nextjs-ssr', + 'name' => 'Railpack Next.js SSR Example', + 'base_directory' => '/node/nextjs/ssr', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-nuxtjs-ssr', + 'name' => 'Railpack NuxtJS SSR Example', + 'base_directory' => '/node/nuxtjs/ssr', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run preview -- --host 0.0.0.0 --port 3000', + ], + [ + 'uuid' => 'railpack-astro-ssr', + 'name' => 'Railpack Astro SSR Example', + 'base_directory' => '/node/astro/ssr', + 'ports_exposes' => '4321', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-sveltekit-ssr', + 'name' => 'Railpack SvelteKit SSR Example', + 'base_directory' => '/node/sveltekit/ssr', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-tanstack-start-ssr', + 'name' => 'Railpack TanStack Start SSR Example', + 'base_directory' => '/node/tanstack-start/ssr', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-angular-ssr', + 'name' => 'Railpack Angular SSR Example', + 'base_directory' => '/node/angular/ssr', + 'ports_exposes' => '4000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-vue-ssr', + 'name' => 'Railpack Vue SSR Example', + 'base_directory' => '/node/vue/ssr', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run start', + ], + [ + 'uuid' => 'railpack-qwik-ssr', + 'name' => 'Railpack Qwik SSR Example', + 'base_directory' => '/node/qwik/ssr', + 'ports_exposes' => '3000', + 'build_command' => 'npm run build', + 'start_command' => 'npm run serve', + ], + [ + 'uuid' => 'railpack-react-static', + 'name' => 'Railpack React Static Example', + 'base_directory' => '/node/react', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/dist', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-vite-static', + 'name' => 'Railpack Vite Static Example', + 'base_directory' => '/node/vite', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/dist', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-eleventy-static', + 'name' => 'Railpack Eleventy Static Example', + 'base_directory' => '/node/eleventy', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/_site', + 'is_static' => true, + ], + [ + 'uuid' => 'railpack-gatsby-static', + 'name' => 'Railpack Gatsby Static Example', + 'base_directory' => '/node/gatsby', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/public', + 'is_static' => true, + ], + [ + 'uuid' => 'railpack-nextjs-static', + 'name' => 'Railpack Next.js Static Example', + 'base_directory' => '/node/nextjs/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/out', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-nuxtjs-static', + 'name' => 'Railpack NuxtJS Static Example', + 'base_directory' => '/node/nuxtjs/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/.output/public', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-astro-static', + 'name' => 'Railpack Astro Static Example', + 'base_directory' => '/node/astro/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/dist', + 'is_static' => true, + ], + [ + 'uuid' => 'railpack-sveltekit-static', + 'name' => 'Railpack SvelteKit Static Example', + 'base_directory' => '/node/sveltekit/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/build', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-tanstack-start-static', + 'name' => 'Railpack TanStack Start Static Example', + 'base_directory' => '/node/tanstack-start/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/.output/public', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-angular-static', + 'name' => 'Railpack Angular Static Example', + 'base_directory' => '/node/angular/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/dist/static/browser', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-vue-static', + 'name' => 'Railpack Vue Static Example', + 'base_directory' => '/node/vue/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/dist', + 'is_static' => true, + 'is_spa' => true, + ], + [ + 'uuid' => 'railpack-qwik-static', + 'name' => 'Railpack Qwik Static Example', + 'base_directory' => '/node/qwik/static', + 'ports_exposes' => '80', + 'build_command' => 'npm run build', + 'publish_directory' => '/dist', + 'is_static' => true, + 'is_spa' => true, + ], + ]; + } + + private function ensureDevelopmentPrerequisitesExist(): void + { + Team::query()->firstOrCreate( + ['id' => 0], + [ + 'name' => 'Root Team', + 'description' => 'The root team', + 'personal_team' => true, + ], + ); + + PrivateKey::query()->firstOrCreate( + ['id' => 1], + [ + 'uuid' => 'ssh', + 'team_id' => 0, + 'name' => 'Testing Host Key', + 'description' => 'This is a test docker container', + 'private_key' => <<<'KEY' +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACBbhpqHhqv6aI67Mj9abM3DVbmcfYhZAhC7ca4d9UCevAAAAJi/QySHv0Mk +hwAAAAtzc2gtZWQyNTUxOQAAACBbhpqHhqv6aI67Mj9abM3DVbmcfYhZAhC7ca4d9UCevA +AAAECBQw4jg1WRT2IGHMncCiZhURCts2s24HoDS0thHnnRKVuGmoeGq/pojrsyP1pszcNV +uZx9iFkCELtxrh31QJ68AAAAEXNhaWxANzZmZjY2ZDJlMmRkAQIDBA== +-----END OPENSSH PRIVATE KEY----- +KEY, + ], + ); + + Server::query()->firstOrCreate( + ['id' => 0], + [ + 'uuid' => 'localhost', + 'name' => 'localhost', + 'description' => 'This is a test docker container in development mode', + 'ip' => 'coolify-testing-host', + 'team_id' => 0, + 'private_key_id' => 1, + 'proxy' => [ + 'type' => ProxyTypes::TRAEFIK->value, + 'status' => ProxyStatus::EXITED->value, + ], + ], + ); + + StandaloneDocker::query()->firstOrCreate( + ['id' => 0], + [ + 'uuid' => 'docker', + 'name' => 'Standalone Docker 1', + 'network' => 'coolify', + 'server_id' => 0, + ], + ); + + $this->ensurePublicGithubSourceExists(); + } + + private function ensurePublicGithubSourceExists(): void + { + GithubApp::query()->firstOrCreate( + ['id' => 0], + [ + 'uuid' => 'github-public', + 'name' => 'Public GitHub', + 'api_url' => 'https://api.github.com', + 'html_url' => 'https://github.com', + 'is_public' => true, + 'team_id' => 0, + ], + ); + } + + private function isDevelopmentEnvironment(): bool + { + return in_array(config('app.env'), ['local', 'development', 'dev'], true); + } + + private function prepareEnvironment(): Environment + { + $project = Project::query()->firstOrNew(['uuid' => self::PROJECT_UUID]); + $project->fill([ + 'name' => 'Railpack Examples', + 'description' => 'Development-only Railpack examples from coollabsio/coolify-examples@next.', + 'team_id' => 0, + ]); + $project->save(); + + $environment = $project->environments()->first(); + + if (! $environment) { + $environment = $project->environments()->create([ + 'name' => 'production', + 'uuid' => self::ENVIRONMENT_UUID, + ]); + } else { + $environment->update([ + 'name' => 'production', + 'uuid' => self::ENVIRONMENT_UUID, + ]); + } + + return $environment; + } + + /** + * @param array $example + */ + private function upsertApplication(Environment $environment, StandaloneDocker $destination, array $example): void + { + $application = Application::withTrashed()->firstOrNew(['uuid' => $example['uuid']]); + $application->fill([ + 'name' => $example['name'], + 'description' => $example['name'], + 'fqdn' => "http://{$example['uuid']}.127.0.0.1.sslip.io", + 'repository_project_id' => self::REPOSITORY_PROJECT_ID, + 'git_repository' => self::GIT_REPOSITORY, + 'git_branch' => self::GIT_BRANCH, + 'build_pack' => 'railpack', + 'ports_exposes' => $example['ports_exposes'], + 'base_directory' => $example['base_directory'], + 'publish_directory' => $example['publish_directory'] ?? null, + 'static_image' => 'nginx:alpine', + 'install_command' => $example['install_command'] ?? null, + 'build_command' => $example['build_command'] ?? null, + 'start_command' => $example['start_command'] ?? null, + 'environment_id' => $environment->id, + 'destination_id' => $destination->id, + 'destination_type' => StandaloneDocker::class, + 'source_id' => 0, + 'source_type' => GithubApp::class, + ]); + $application->save(); + + if ($application->trashed()) { + $application->restore(); + } + + $application->settings()->updateOrCreate( + ['application_id' => $application->id], + [ + 'is_static' => $example['is_static'] ?? false, + 'is_spa' => $example['is_spa'] ?? false, + ], + ); + } +} diff --git a/docker/coolify-helper/Dockerfile b/docker/coolify-helper/Dockerfile index 1b95efe6c..35798000b 100644 --- a/docker/coolify-helper/Dockerfile +++ b/docker/coolify-helper/Dockerfile @@ -34,6 +34,8 @@ ARG MISE_VERSION USER root WORKDIR /artifacts +ENV RAILPACK_VERSION=${RAILPACK_VERSION} +ENV RAILPACK_FRONTEND_IMAGE=ghcr.io/railwayapp/railpack-frontend:v${RAILPACK_VERSION} RUN apk upgrade --no-cache && \ apk add --no-cache bash curl git git-lfs openssh-client tar tini RUN mkdir -p ~/.docker/cli-plugins diff --git a/openapi.json b/openapi.json index d8557e607..453289970 100644 --- a/openapi.json +++ b/openapi.json @@ -4386,8 +4386,8 @@ "description": "Number of days to retain backups locally" }, "database_backup_retention_max_storage_locally": { - "type": "integer", - "description": "Max storage (MB) for local backups" + "type": "number", + "description": "Max storage (GB) for local backups" }, "database_backup_retention_amount_s3": { "type": "integer", @@ -4398,8 +4398,8 @@ "description": "Number of days to retain backups in S3" }, "database_backup_retention_max_storage_s3": { - "type": "integer", - "description": "Max storage (MB) for S3 backups" + "type": "number", + "description": "Max storage (GB) for S3 backups" }, "timeout": { "type": "integer", @@ -4956,7 +4956,7 @@ "description": "Retention days of the backup locally" }, "database_backup_retention_max_storage_locally": { - "type": "integer", + "type": "number", "description": "Max storage of the backup locally" }, "database_backup_retention_amount_s3": { @@ -4968,7 +4968,7 @@ "description": "Retention days of the backup in s3" }, "database_backup_retention_max_storage_s3": { - "type": "integer", + "type": "number", "description": "Max storage of the backup in S3" }, "timeout": { diff --git a/openapi.yaml b/openapi.yaml index df2515b06..a3844bb18 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -2765,8 +2765,8 @@ paths: type: integer description: 'Number of days to retain backups locally' database_backup_retention_max_storage_locally: - type: integer - description: 'Max storage (MB) for local backups' + type: number + description: 'Max storage (GB) for local backups' database_backup_retention_amount_s3: type: integer description: 'Number of backups to retain in S3' @@ -2774,8 +2774,8 @@ paths: type: integer description: 'Number of days to retain backups in S3' database_backup_retention_max_storage_s3: - type: integer - description: 'Max storage (MB) for S3 backups' + type: number + description: 'Max storage (GB) for S3 backups' timeout: type: integer description: 'Backup job timeout in seconds (min: 60, max: 36000)' @@ -3160,7 +3160,7 @@ paths: type: integer description: 'Retention days of the backup locally' database_backup_retention_max_storage_locally: - type: integer + type: number description: 'Max storage of the backup locally' database_backup_retention_amount_s3: type: integer @@ -3169,7 +3169,7 @@ paths: type: integer description: 'Retention days of the backup in s3' database_backup_retention_max_storage_s3: - type: integer + type: number description: 'Max storage of the backup in S3' timeout: type: integer diff --git a/tests/Feature/ApplicationDeploymentControlVarFilteringTest.php b/tests/Feature/ApplicationDeploymentControlVarFilteringTest.php new file mode 100644 index 000000000..0fa4af749 --- /dev/null +++ b/tests/Feature/ApplicationDeploymentControlVarFilteringTest.php @@ -0,0 +1,287 @@ +recordedCommands[] = $commands; + + foreach ($commands as $command) { + $commandString = is_array($command) ? ($command['command'] ?? $command[0] ?? null) : $command; + + if (! is_string($commandString)) { + continue; + } + + if (preg_match('/echo .*?([A-Za-z0-9+\\/=]{16,}).*?\\| base64 -d \\| tee \\/artifacts\\/test-app\\/Dockerfile > \\/dev\\/null/', $commandString, $matches) === 1) { + $this->writtenDockerfile = base64_decode($matches[1]) ?: null; + } + } + } +} + +function makeDeploymentControlVarFixture(array $applicationAttributes = []): array +{ + $team = Team::create([ + 'name' => 'Control Var Team', + 'description' => 'Team for deployment control var tests.', + 'personal_team' => false, + 'show_boarding' => false, + ]); + $project = Project::create([ + 'name' => 'Control Var Project', + 'team_id' => $team->id, + ]); + $environment = Environment::where('project_id', $project->id)->firstOrFail(); + $server = Server::factory()->create([ + 'team_id' => $team->id, + ]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockerfile', + ...$applicationAttributes, + ]); + + $application->settings()->update([ + 'inject_build_args_to_dockerfile' => true, + 'include_source_commit_in_build' => false, + 'is_env_sorting_enabled' => false, + ]); + + return [$application->fresh(), $server]; +} + +function createApplicationEnvironmentVariable(Application $application, array $attributes): EnvironmentVariable +{ + return EnvironmentVariable::create([ + 'resourceable_type' => Application::class, + 'resourceable_id' => $application->id, + 'is_preview' => false, + 'is_runtime' => true, + 'is_buildtime' => true, + 'is_multiline' => false, + 'is_literal' => false, + ...$attributes, + ]); +} + +function makeControlVarFilteringJob(Application $application, Server $server, array $overrides = []): array +{ + $job = new TestableControlVarFilteringDeploymentJob; + $reflection = new ReflectionClass(ApplicationDeploymentJob::class); + + $queue = Mockery::mock(ApplicationDeploymentQueue::class); + $queue->shouldReceive('addLogEntry')->andReturnNull(); + + $properties = [ + 'application' => $application->fresh(), + 'application_deployment_queue' => $queue, + 'build_pack' => $application->build_pack, + 'mainServer' => $server, + 'pull_request_id' => 0, + 'commit' => 'HEAD', + 'workdir' => '/artifacts/test-app', + 'deployment_uuid' => 'deployment-uuid', + 'dockerfile_location' => '/Dockerfile', + 'container_name' => 'control-var-app', + 'coolify_variables' => null, + 'dockerSecretsSupported' => false, + ]; + + $mergedProperties = array_merge($properties, $overrides); + $mergedProperties['saved_outputs'] = new Collection($overrides['saved_outputs'] ?? []); + + if (($mergedProperties['pull_request_id'] ?? 0) !== 0 && ! array_key_exists('preview', $mergedProperties)) { + $mergedProperties['preview'] = ApplicationPreview::create([ + 'application_id' => $application->id, + 'pull_request_id' => $mergedProperties['pull_request_id'], + 'pull_request_html_url' => 'https://example.com/pr/'.$mergedProperties['pull_request_id'], + 'fqdn' => 'https://preview.example.com', + ]); + } + + foreach ($mergedProperties as $property => $value) { + $reflectionProperty = $reflection->getProperty($property); + $reflectionProperty->setAccessible(true); + $reflectionProperty->setValue($job, $value); + } + + return [$job, $reflection]; +} + +function invokeDeploymentJobMethod(object $job, ReflectionClass $reflection, string $method): mixed +{ + $reflectionMethod = $reflection->getMethod($method); + $reflectionMethod->setAccessible(true); + + return $reflectionMethod->invoke($job); +} + +function readDeploymentJobProperty(object $job, ReflectionClass $reflection, string $property): mixed +{ + $reflectionProperty = $reflection->getProperty($property); + $reflectionProperty->setAccessible(true); + + return $reflectionProperty->getValue($job); +} + +it('filters buildpack control vars from generic build args', function () { + [$application, $server] = makeDeploymentControlVarFixture(); + + createApplicationEnvironmentVariable($application, [ + 'key' => 'APP_ENV', + 'value' => 'production', + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'NIXPACKS_NODE_VERSION', + 'value' => '22', + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'RAILPACK_NODE_VERSION', + 'value' => '20', + ]); + + [$job, $reflection] = makeControlVarFilteringJob($application, $server); + + invokeDeploymentJobMethod($job, $reflection, 'generate_env_variables'); + + /** @var Collection $envArgs */ + $envArgs = readDeploymentJobProperty($job, $reflection, 'env_args'); + + expect($envArgs->get('APP_ENV'))->toBe('production'); + expect($envArgs->has('NIXPACKS_NODE_VERSION'))->toBeFalse(); + expect($envArgs->has('RAILPACK_NODE_VERSION'))->toBeFalse(); +}); + +it('filters buildpack control vars from preview build-time env files', function () { + [$application, $server] = makeDeploymentControlVarFixture(); + + createApplicationEnvironmentVariable($application, [ + 'key' => 'APP_ENV', + 'value' => 'production', + 'is_preview' => true, + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'NIXPACKS_NODE_VERSION', + 'value' => '22', + 'is_preview' => true, + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'RAILPACK_NODE_VERSION', + 'value' => '20', + 'is_preview' => true, + ]); + + [$job, $reflection] = makeControlVarFilteringJob($application, $server, [ + 'pull_request_id' => 42, + ]); + + /** @var Collection $buildtimeEnvs */ + $buildtimeEnvs = invokeDeploymentJobMethod($job, $reflection, 'generate_buildtime_environment_variables'); + + expect($buildtimeEnvs->contains(fn (string $env) => str($env)->startsWith('APP_ENV=')))->toBeTrue(); + expect($buildtimeEnvs->contains(fn (string $env) => str($env)->startsWith('NIXPACKS_NODE_VERSION=')))->toBeFalse(); + expect($buildtimeEnvs->contains(fn (string $env) => str($env)->startsWith('RAILPACK_NODE_VERSION=')))->toBeFalse(); +}); + +it('filters buildpack control vars from preview runtime env fallback', function () { + [$application, $server] = makeDeploymentControlVarFixture(); + + createApplicationEnvironmentVariable($application, [ + 'key' => 'APP_NAME', + 'value' => 'coolify', + 'is_runtime' => true, + 'is_buildtime' => false, + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'NIXPACKS_NODE_VERSION', + 'value' => '22', + 'is_runtime' => true, + 'is_buildtime' => false, + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'RAILPACK_NODE_VERSION', + 'value' => '20', + 'is_runtime' => true, + 'is_buildtime' => false, + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'PREVIEW_FLAG', + 'value' => 'enabled', + 'is_preview' => true, + 'is_runtime' => true, + 'is_buildtime' => false, + ]); + + $application->environment_variables_preview() + ->whereIn('key', ['APP_NAME', 'NIXPACKS_NODE_VERSION', 'RAILPACK_NODE_VERSION']) + ->delete(); + + [$job, $reflection] = makeControlVarFilteringJob($application, $server, [ + 'pull_request_id' => 99, + ]); + + /** @var Collection $runtimeEnvs */ + $runtimeEnvs = invokeDeploymentJobMethod($job, $reflection, 'generate_runtime_environment_variables'); + + expect($runtimeEnvs->contains(fn (string $env) => str($env)->startsWith('APP_NAME=')))->toBeTrue(); + expect($runtimeEnvs->contains(fn (string $env) => str($env)->startsWith('PREVIEW_FLAG=')))->toBeTrue(); + expect($runtimeEnvs->contains(fn (string $env) => str($env)->startsWith('NIXPACKS_NODE_VERSION=')))->toBeFalse(); + expect($runtimeEnvs->contains(fn (string $env) => str($env)->startsWith('RAILPACK_NODE_VERSION=')))->toBeFalse(); +}); + +it('filters buildpack control vars from dockerfile arg injection', function () { + [$application, $server] = makeDeploymentControlVarFixture(); + + createApplicationEnvironmentVariable($application, [ + 'key' => 'APP_ENV', + 'value' => 'production', + 'is_runtime' => false, + 'is_buildtime' => true, + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'NIXPACKS_NODE_VERSION', + 'value' => '22', + 'is_runtime' => false, + 'is_buildtime' => true, + ]); + createApplicationEnvironmentVariable($application, [ + 'key' => 'RAILPACK_NODE_VERSION', + 'value' => '20', + 'is_runtime' => false, + 'is_buildtime' => true, + ]); + + [$job, $reflection] = makeControlVarFilteringJob($application, $server, [ + 'saved_outputs' => [ + 'dockerfile' => "FROM php:8.4-cli\nRUN php -v", + ], + ]); + + invokeDeploymentJobMethod($job, $reflection, 'add_build_env_variables_to_dockerfile'); + + expect($job->writtenDockerfile)->toContain('ARG APP_ENV=production'); + expect($job->writtenDockerfile)->not->toContain('ARG NIXPACKS_NODE_VERSION='); + expect($job->writtenDockerfile)->not->toContain('ARG RAILPACK_NODE_VERSION='); +}); diff --git a/tests/Feature/DevelopmentRailpackExamplesSeederTest.php b/tests/Feature/DevelopmentRailpackExamplesSeederTest.php new file mode 100644 index 000000000..2f224fda7 --- /dev/null +++ b/tests/Feature/DevelopmentRailpackExamplesSeederTest.php @@ -0,0 +1,121 @@ +seed([ + UserSeeder::class, + TeamSeeder::class, + PrivateKeySeeder::class, + ServerSeeder::class, + ProjectSeeder::class, + StandaloneDockerSeeder::class, + GithubAppSeeder::class, + ]); +} + +it('can seed the railpack examples directly on a clean development database', function () { + config()->set('app.env', 'local'); + + $this->seed(DevelopmentRailpackExamplesSeeder::class); + + expect(Team::query()->find(0))->not->toBeNull(); + expect(PrivateKey::query()->find(1))->not->toBeNull(); + expect(Server::query()->find(0))->not->toBeNull(); + expect(StandaloneDocker::query()->find(0))->not->toBeNull(); + expect(GithubApp::query()->find(0))->not->toBeNull(); + expect(Project::query()->where('uuid', DevelopmentRailpackExamplesSeeder::PROJECT_UUID)->exists())->toBeTrue(); + expect(Application::query()->count())->toBe(count(DevelopmentRailpackExamplesSeeder::examples())); +}); + +it('seeds the railpack examples in development mode', function () { + config()->set('app.env', 'local'); + + seedRailpackExamplePrerequisites(); + $this->seed(DevelopmentRailpackExamplesSeeder::class); + + $project = Project::query() + ->where('uuid', DevelopmentRailpackExamplesSeeder::PROJECT_UUID) + ->first(); + + expect($project) + ->not->toBeNull() + ->and($project->name)->toBe('Railpack Examples') + ->and($project->environments)->toHaveCount(1) + ->and($project->environments->first()->uuid)->toBe(DevelopmentRailpackExamplesSeeder::ENVIRONMENT_UUID); + + $applications = $project->applications()->with('settings')->orderBy('uuid')->get(); + + expect($applications)->toHaveCount(count(DevelopmentRailpackExamplesSeeder::examples())); + expect($applications->every(fn (Application $application) => $application->build_pack === 'railpack'))->toBeTrue(); + expect($applications->every(fn (Application $application) => $application->git_repository === DevelopmentRailpackExamplesSeeder::GIT_REPOSITORY))->toBeTrue(); + expect($applications->every(fn (Application $application) => $application->git_branch === DevelopmentRailpackExamplesSeeder::GIT_BRANCH))->toBeTrue(); + + $nestjs = $applications->firstWhere('uuid', 'railpack-nestjs'); + $angularStatic = $applications->firstWhere('uuid', 'railpack-angular-static'); + $eleventyStatic = $applications->firstWhere('uuid', 'railpack-eleventy-static'); + + expect($nestjs) + ->not->toBeNull() + ->and($nestjs->base_directory)->toBe('/node/nestjs') + ->and($nestjs->ports_exposes)->toBe('3000') + ->and($nestjs->build_command)->toBe('npm run build') + ->and($nestjs->start_command)->toBe('npm run start:prod') + ->and($nestjs->settings->is_static)->toBeFalse(); + + expect($angularStatic) + ->not->toBeNull() + ->and($angularStatic->publish_directory)->toBe('/dist/static/browser') + ->and($angularStatic->ports_exposes)->toBe('80') + ->and($angularStatic->settings->is_static)->toBeTrue() + ->and($angularStatic->settings->is_spa)->toBeTrue(); + + expect($eleventyStatic) + ->not->toBeNull() + ->and($eleventyStatic->publish_directory)->toBe('/_site') + ->and($eleventyStatic->settings->is_static)->toBeTrue() + ->and($eleventyStatic->settings->is_spa)->toBeFalse(); +}); + +it('skips the railpack examples outside development mode', function () { + config()->set('app.env', 'testing'); + + seedRailpackExamplePrerequisites(); + $this->seed(DevelopmentRailpackExamplesSeeder::class); + + expect(Project::query()->where('uuid', DevelopmentRailpackExamplesSeeder::PROJECT_UUID)->exists())->toBeFalse(); + expect(Application::query()->where('uuid', 'railpack-nextjs-ssr')->exists())->toBeFalse(); +}); + +it('is idempotent when run multiple times', function () { + config()->set('app.env', 'local'); + + seedRailpackExamplePrerequisites(); + $this->seed(DevelopmentRailpackExamplesSeeder::class); + $this->seed(DevelopmentRailpackExamplesSeeder::class); + + $project = Project::query() + ->where('uuid', DevelopmentRailpackExamplesSeeder::PROJECT_UUID) + ->first(); + + expect($project)->not->toBeNull(); + expect($project->applications()->count())->toBe(count(DevelopmentRailpackExamplesSeeder::examples())); +}); diff --git a/tests/Unit/ApplicationDeploymentRailpackConfigTest.php b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php index 63ad618ae..e3516268c 100644 --- a/tests/Unit/ApplicationDeploymentRailpackConfigTest.php +++ b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php @@ -30,6 +30,9 @@ function makeRailpackDeploymentJob(array $applicationAttributes = [], array $sav 'deployment_uuid' => 'deployment-uuid', 'saved_outputs' => new Collection($savedOutputs), 'env_railpack_args' => "--env 'RAILPACK_NODE_VERSION=22'", + 'force_rebuild' => false, + 'addHosts' => '', + 'secrets_hash_key' => 'testing-app-key', ] as $property => $value) { $reflectionProperty = $reflection->getProperty($property); $reflectionProperty->setAccessible(true); @@ -175,6 +178,9 @@ function invokeRailpackMethod(object $job, ReflectionClass $reflection, string $ 'start_command' => 'node server.js', ], ); + $envRailpackArgsProperty = $reflection->getProperty('env_railpack_args'); + $envRailpackArgsProperty->setAccessible(true); + $envRailpackArgsProperty->setValue($job, "--env 'RAILPACK_NODE_VERSION=22' --env 'RAILPACK_INSTALL_CMD=npm ci'"); $command = invokeRailpackMethod( $job, @@ -184,8 +190,8 @@ function invokeRailpackMethod(object $job, ReflectionClass $reflection, string $ ); expect($command)->toContain('railpack prepare'); - expect($command)->toContain('--env '.escapeshellarg('RAILPACK_INSTALL_CMD=npm ci')); expect($command)->toContain("--env 'RAILPACK_NODE_VERSION=22'"); + expect($command)->toContain("--env 'RAILPACK_INSTALL_CMD=npm ci'"); expect($command)->toContain('--build-cmd '.escapeshellarg('npm run build')); expect($command)->toContain('--start-cmd '.escapeshellarg('node server.js')); expect($command)->toContain('--config-file '.escapeshellarg('.coolify/railpack.generated.json')); @@ -195,3 +201,32 @@ function invokeRailpackMethod(object $job, ReflectionClass $reflection, string $ expect($command)->not->toContain('RAILPACK_BUILD_CMD='); expect($command)->not->toContain('RAILPACK_START_CMD='); }); + +it('builds railpack docker command with matching env and secret flags for all railpack variables', function () { + [$job, $reflection] = makeRailpackDeploymentJob([ + 'uuid' => 'application-uuid', + ]); + + $command = invokeRailpackMethod( + $job, + $reflection, + 'railpack_build_command', + [ + 'coollabsio/coolify:test', + collect([ + 'RAILPACK_NODE_VERSION' => '22', + 'RAILPACK_INSTALL_CMD' => 'npm ci && npm run postinstall', + 'SECRET_JSON' => '{"token":"abc"}', + ]), + ], + ); + + expect($command)->toContain("env RAILPACK_NODE_VERSION='22'"); + expect($command)->toContain("RAILPACK_INSTALL_CMD='npm ci && npm run postinstall'"); + expect($command)->toContain("SECRET_JSON='{\"token\":\"abc\"}'"); + expect($command)->toContain('--secret id=RAILPACK_NODE_VERSION,env=RAILPACK_NODE_VERSION'); + expect($command)->toContain('--secret id=RAILPACK_INSTALL_CMD,env=RAILPACK_INSTALL_CMD'); + expect($command)->toContain('--secret id=SECRET_JSON,env=SECRET_JSON'); + expect($command)->toContain(' --build-arg secrets-hash='); + expect($command)->toContain('--build-arg BUILDKIT_SYNTAX="${RAILPACK_FRONTEND_IMAGE}"'); +}); diff --git a/tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php b/tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php new file mode 100644 index 000000000..8ed7b2c41 --- /dev/null +++ b/tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php @@ -0,0 +1,124 @@ +shouldReceive('getAttribute')->with('install_command')->andReturn('npm ci && npm run postinstall'); + + $nodeVersion = Mockery::mock(EnvironmentVariable::class)->makePartial(); + $nodeVersion->forceFill([ + 'key' => 'RAILPACK_NODE_VERSION', + 'is_literal' => false, + 'is_multiline' => false, + ]); + $nodeVersion->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn('22'); + + $literalValue = Mockery::mock(EnvironmentVariable::class)->makePartial(); + $literalValue->forceFill([ + 'key' => 'RAILPACK_CUSTOM_FLAG', + 'is_literal' => true, + 'is_multiline' => false, + ]); + $literalValue->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn("'hello world'"); + + $jsonValue = Mockery::mock(EnvironmentVariable::class)->makePartial(); + $jsonValue->forceFill([ + 'key' => 'RAILPACK_JSON', + 'is_literal' => false, + 'is_multiline' => false, + ]); + $jsonValue->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn('{"token":"abc"}'); + + $nullValue = Mockery::mock(EnvironmentVariable::class)->makePartial(); + $nullValue->forceFill([ + 'key' => 'RAILPACK_NULL', + 'is_literal' => false, + 'is_multiline' => false, + ]); + $nullValue->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn(null); + + $application->shouldReceive('getAttribute') + ->with('railpack_environment_variables') + ->andReturn(collect([$nodeVersion, $literalValue, $jsonValue, $nullValue])); + + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + $job->shouldAllowMockingProtectedMethods(); + + $reflection = new ReflectionClass(ApplicationDeploymentJob::class); + $applicationProperty = $reflection->getProperty('application'); + $applicationProperty->setAccessible(true); + $applicationProperty->setValue($job, $application); + + $pullRequestProperty = $reflection->getProperty('pull_request_id'); + $pullRequestProperty->setAccessible(true); + $pullRequestProperty->setValue($job, 0); + + $mainServerProperty = $reflection->getProperty('mainServer'); + $mainServerProperty->setAccessible(true); + $mainServerProperty->setValue($job, Mockery::mock(Server::class)); + + $method = $reflection->getMethod('generate_railpack_env_variables'); + $method->setAccessible(true); + $variables = $method->invoke($job); + + $envArgsProperty = $reflection->getProperty('env_railpack_args'); + $envArgsProperty->setAccessible(true); + $envArgs = $envArgsProperty->getValue($job); + + expect($variables->all())->toBe([ + 'RAILPACK_NODE_VERSION' => '22', + 'RAILPACK_CUSTOM_FLAG' => 'hello world', + 'RAILPACK_JSON' => '{"token":"abc"}', + 'RAILPACK_INSTALL_CMD' => 'npm ci && npm run postinstall', + ]); + expect($envArgs)->toContain("--env 'RAILPACK_NODE_VERSION=22'"); + expect($envArgs)->toContain("--env 'RAILPACK_CUSTOM_FLAG=hello world'"); + expect($envArgs)->toContain("--env 'RAILPACK_JSON={\"token\":\"abc\"}'"); + expect($envArgs)->toContain("--env 'RAILPACK_INSTALL_CMD=npm ci && npm run postinstall'"); + expect($envArgs)->not->toContain('RAILPACK_NULL'); +}); + +it('uses preview railpack environment variables for preview deployments', function () { + $application = Mockery::mock(Application::class); + $application->shouldReceive('getAttribute')->with('install_command')->andReturn(null); + + $previewValue = Mockery::mock(EnvironmentVariable::class)->makePartial(); + $previewValue->forceFill([ + 'key' => 'RAILPACK_PREVIEW_ONLY', + 'is_literal' => false, + 'is_multiline' => false, + ]); + $previewValue->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn('preview-value'); + + $application->shouldReceive('getAttribute') + ->with('railpack_environment_variables_preview') + ->andReturn(collect([$previewValue])); + + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + $job->shouldAllowMockingProtectedMethods(); + + $reflection = new ReflectionClass(ApplicationDeploymentJob::class); + $applicationProperty = $reflection->getProperty('application'); + $applicationProperty->setAccessible(true); + $applicationProperty->setValue($job, $application); + + $pullRequestProperty = $reflection->getProperty('pull_request_id'); + $pullRequestProperty->setAccessible(true); + $pullRequestProperty->setValue($job, 42); + + $mainServerProperty = $reflection->getProperty('mainServer'); + $mainServerProperty->setAccessible(true); + $mainServerProperty->setValue($job, Mockery::mock(Server::class)); + + $method = $reflection->getMethod('generate_railpack_env_variables'); + $method->setAccessible(true); + $variables = $method->invoke($job); + + expect($variables->all())->toBe([ + 'RAILPACK_PREVIEW_ONLY' => 'preview-value', + ]); +}); From 28320858caae09713368dfe19b78121fb285747a Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 30 Apr 2026 15:22:15 +0200 Subject: [PATCH 034/235] feat(railpack): log generated config and build plan, add multi-language dev examples Log Railpack config JSON (dev-only) after generation and capture railpack-plan.json post-prepare step. In prod, strip secrets array before logging. In dev, log full plan. Add 10 multi-language seeder examples (Python/Flask, Go/Gin, Rust, Laravel, Symfony, Rails, Elixir/Phoenix, Bun) targeting v4.x branch. Support per-example git_branch override in upsertApplication. --- app/Jobs/ApplicationDeploymentJob.php | 23 ++++++ .../DevelopmentRailpackExamplesSeeder.php | 74 ++++++++++++++++++- 2 files changed, 96 insertions(+), 1 deletion(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index fbf981483..85f438879 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -2692,6 +2692,10 @@ private function generate_railpack_config_file(): ?string ] ); + if (isDev()) { + $this->application_deployment_queue->addLogEntry('Generated Railpack config: '.json_encode($mergedConfig, JSON_PRETTY_PRINT), hidden: true); + } + return $this->generated_railpack_config_relative_path(); } @@ -2731,8 +2735,27 @@ private function build_railpack_image(): void $this->application_deployment_queue->addLogEntry('Generating Railpack build plan.'); $this->execute_remote_command( [executeInDocker($this->deployment_uuid, $prepare_command), 'hidden' => true], + [ + executeInDocker($this->deployment_uuid, 'cat /artifacts/railpack-plan.json'), + 'hidden' => true, + 'save' => 'railpack_plan', + ], ); + $railpackPlanRaw = $this->saved_outputs->get('railpack_plan'); + if (! empty($railpackPlanRaw)) { + if (isDev()) { + $this->application_deployment_queue->addLogEntry("Final Railpack plan: {$railpackPlanRaw}", hidden: true); + } else { + $parsedPlan = json_decode($railpackPlanRaw, true); + if (is_array($parsedPlan)) { + // Strip secrets array to avoid logging variable names in production. + unset($parsedPlan['secrets']); + $this->application_deployment_queue->addLogEntry('Final Railpack plan: '.json_encode($parsedPlan, JSON_PRETTY_PRINT), hidden: true); + } + } + } + // Step 2: Build image using docker buildx with railpack frontend. // Railpack's frontend requires full BuildKit (mergeop), so we use a docker-container driver builder. $this->application_deployment_queue->addLogEntry('Building docker image with Railpack.'); diff --git a/database/seeders/DevelopmentRailpackExamplesSeeder.php b/database/seeders/DevelopmentRailpackExamplesSeeder.php index 4629f29ca..dec7864db 100644 --- a/database/seeders/DevelopmentRailpackExamplesSeeder.php +++ b/database/seeders/DevelopmentRailpackExamplesSeeder.php @@ -288,6 +288,78 @@ public static function examples(): array 'is_static' => true, 'is_spa' => true, ], + // Multi-language examples (only available on v4.x branch). + [ + 'uuid' => 'railpack-python-flask', + 'name' => 'Railpack Python Flask Example', + 'base_directory' => '/flask', + 'ports_exposes' => '5000', + 'git_branch' => 'v4.x', + 'start_command' => 'gunicorn app:app --bind 0.0.0.0:5000', + ], + [ + 'uuid' => 'railpack-go-gin', + 'name' => 'Railpack Go Gin Example', + 'base_directory' => '/go/gin', + 'ports_exposes' => '8080', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-rust', + 'name' => 'Railpack Rust Example', + 'base_directory' => '/rust', + 'ports_exposes' => '8080', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-laravel', + 'name' => 'Railpack Laravel Example', + 'base_directory' => '/laravel', + 'ports_exposes' => '80', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-laravel-pure', + 'name' => 'Railpack Laravel Pure Example', + 'base_directory' => '/laravel-pure', + 'ports_exposes' => '80', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-laravel-inertia', + 'name' => 'Railpack Laravel Inertia Example', + 'base_directory' => '/laravel-inertia', + 'ports_exposes' => '80', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-symfony', + 'name' => 'Railpack Symfony Example', + 'base_directory' => '/symfony', + 'ports_exposes' => '80', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-rails', + 'name' => 'Railpack Ruby on Rails Example', + 'base_directory' => '/rails-example', + 'ports_exposes' => '3000', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-elixir-phoenix', + 'name' => 'Railpack Elixir Phoenix Example', + 'base_directory' => '/elixir-phoenix', + 'ports_exposes' => '4000', + 'git_branch' => 'v4.x', + ], + [ + 'uuid' => 'railpack-bun', + 'name' => 'Railpack Bun Example', + 'base_directory' => '/bun', + 'ports_exposes' => '3000', + 'git_branch' => 'v4.x', + ], ]; } @@ -409,7 +481,7 @@ private function upsertApplication(Environment $environment, StandaloneDocker $d 'fqdn' => "http://{$example['uuid']}.127.0.0.1.sslip.io", 'repository_project_id' => self::REPOSITORY_PROJECT_ID, 'git_repository' => self::GIT_REPOSITORY, - 'git_branch' => self::GIT_BRANCH, + 'git_branch' => $example['git_branch'] ?? self::GIT_BRANCH, 'build_pack' => 'railpack', 'ports_exposes' => $example['ports_exposes'], 'base_directory' => $example['base_directory'], From ec71d33f5e5c80ee4e9bc87aaebd578fdd15a675 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 30 Apr 2026 16:27:08 +0200 Subject: [PATCH 035/235] fix(railpack): pin frontend image version via config constant Remove RAILPACK_FRONTEND_IMAGE env var from helper Dockerfile and resolve the image ref at runtime using a new `railpack_version` constant in config. Eliminates Docker build-time env interpolation for BUILDKIT_SYNTAX arg. --- app/Jobs/ApplicationDeploymentJob.php | 5 ++--- config/constants.php | 1 + docker/coolify-helper/Dockerfile | 1 - tests/Unit/ApplicationDeploymentRailpackConfigTest.php | 5 ++++- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 85f438879..420fe8fd4 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -53,8 +53,6 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue private const RAILPACK_GENERATED_CONFIG_PATH = '.coolify/railpack.generated.json'; - private const RAILPACK_FRONTEND_IMAGE_ENV = '${RAILPACK_FRONTEND_IMAGE}'; - public $tries = 1; public $timeout = 3600; @@ -2568,11 +2566,12 @@ private function railpack_build_command(string $imageName, Collection $variables $environmentPrefix = $this->railpack_build_environment_prefix($variables); $secretFlags = $this->railpack_build_secret_flags($variables); + $frontendImage = 'ghcr.io/railwayapp/railpack-frontend:v'.config('constants.coolify.railpack_version'); return 'docker buildx create --name coolify-railpack --driver docker-container 2>/dev/null || true' ." && {$environmentPrefix}docker buildx build --builder coolify-railpack" ." {$this->addHosts} --network host" - .' --build-arg BUILDKIT_SYNTAX="'.self::RAILPACK_FRONTEND_IMAGE_ENV.'"' + ." --build-arg BUILDKIT_SYNTAX=\"{$frontendImage}\"" ." {$cacheArgs}" ."{$secretFlags}" .' -f /artifacts/railpack-plan.json' diff --git a/config/constants.php b/config/constants.php index 867cc22d9..dedafa7d5 100644 --- a/config/constants.php +++ b/config/constants.php @@ -5,6 +5,7 @@ 'version' => '4.1.0', 'helper_version' => '1.0.13', 'realtime_version' => '1.0.14', + 'railpack_version' => '0.22.0', 'self_hosted' => env('SELF_HOSTED', true), 'autoupdate' => env('AUTOUPDATE'), 'base_config_path' => env('BASE_CONFIG_PATH', '/data/coolify'), diff --git a/docker/coolify-helper/Dockerfile b/docker/coolify-helper/Dockerfile index 35798000b..263c5a311 100644 --- a/docker/coolify-helper/Dockerfile +++ b/docker/coolify-helper/Dockerfile @@ -35,7 +35,6 @@ ARG MISE_VERSION USER root WORKDIR /artifacts ENV RAILPACK_VERSION=${RAILPACK_VERSION} -ENV RAILPACK_FRONTEND_IMAGE=ghcr.io/railwayapp/railpack-frontend:v${RAILPACK_VERSION} RUN apk upgrade --no-cache && \ apk add --no-cache bash curl git git-lfs openssh-client tar tini RUN mkdir -p ~/.docker/cli-plugins diff --git a/tests/Unit/ApplicationDeploymentRailpackConfigTest.php b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php index e3516268c..5314fa6b8 100644 --- a/tests/Unit/ApplicationDeploymentRailpackConfigTest.php +++ b/tests/Unit/ApplicationDeploymentRailpackConfigTest.php @@ -4,6 +4,9 @@ use App\Jobs\ApplicationDeploymentJob; use App\Models\Application; use Illuminate\Support\Collection; +use Tests\TestCase; + +uses(TestCase::class); class TestableRailpackDeploymentJob extends ApplicationDeploymentJob { @@ -228,5 +231,5 @@ function invokeRailpackMethod(object $job, ReflectionClass $reflection, string $ expect($command)->toContain('--secret id=RAILPACK_INSTALL_CMD,env=RAILPACK_INSTALL_CMD'); expect($command)->toContain('--secret id=SECRET_JSON,env=SECRET_JSON'); expect($command)->toContain(' --build-arg secrets-hash='); - expect($command)->toContain('--build-arg BUILDKIT_SYNTAX="${RAILPACK_FRONTEND_IMAGE}"'); + expect($command)->toContain('--build-arg BUILDKIT_SYNTAX="ghcr.io/railwayapp/railpack-frontend:v'.config('constants.coolify.railpack_version').'"'); }); From ace643d3d8375308ac98f9b6d1e546559d1bbd1d Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 30 Apr 2026 16:38:58 +0200 Subject: [PATCH 036/235] fix(railpack): query buildtime env vars directly instead of via computed attribute Replace `railpack_environment_variables_collection()` helper (which returned pre-filtered Eloquent attribute collections) with inline queries on `environment_variables()` / `environment_variables_preview()` filtered by `is_buildtime`. This ensures Railpack build variables are sourced from the same query path as the rest of the deployment pipeline and avoids relying on a now-removed accessor that silently included all railpack vars regardless of build context. --- app/Jobs/ApplicationDeploymentJob.php | 25 +++++++++++-------- ...icationDeploymentRailpackEnvParityTest.php | 14 ++++++----- 2 files changed, 23 insertions(+), 16 deletions(-) diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 420fe8fd4..6f9aabfd5 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -2483,15 +2483,6 @@ private function generate_railpack_env_variables(): Collection return $variables; } - private function railpack_environment_variables_collection(): Collection - { - if ($this->pull_request_id === 0) { - return $this->application->railpack_environment_variables; - } - - return $this->application->railpack_environment_variables_preview; - } - private function normalize_resolved_build_variable_value(EnvironmentVariable $environmentVariable): ?string { $resolvedValue = $environmentVariable->getResolvedValueWithServer($this->mainServer); @@ -2506,9 +2497,23 @@ private function normalize_resolved_build_variable_value(EnvironmentVariable $en return $resolvedValue; } + /** + * All buildtime variables that must reach the Railpack build. + * + * Railpack's BuildKit frontend treats every `--env` passed to `railpack prepare` + * as a build secret entry in the generated plan, then pairs it with `--secret id=,env=` + * on `docker buildx build`. Because Railpack's schema disallows top-level `variables` + * (unlike Nixpacks, which bakes variables into the plan), this `--env` → `--secret` + * channel is the only way user-defined buildtime variables become available to + * commands declared with `useSecrets: true`. + */ private function railpack_build_variables(): Collection { - $variables = $this->railpack_environment_variables_collection() + $envCollection = $this->pull_request_id === 0 + ? $this->application->environment_variables()->where('is_buildtime', true)->get() + : $this->application->environment_variables_preview()->where('is_buildtime', true)->get(); + + $variables = $envCollection ->mapWithKeys(function (EnvironmentVariable $environmentVariable) { $value = $this->normalize_resolved_build_variable_value($environmentVariable); if (is_null($value) || $value === '') { diff --git a/tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php b/tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php index 8ed7b2c41..487268fb6 100644 --- a/tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php +++ b/tests/Unit/ApplicationDeploymentRailpackEnvParityTest.php @@ -41,9 +41,10 @@ ]); $nullValue->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn(null); - $application->shouldReceive('getAttribute') - ->with('railpack_environment_variables') - ->andReturn(collect([$nodeVersion, $literalValue, $jsonValue, $nullValue])); + $envQuery = Mockery::mock(); + $envQuery->shouldReceive('where')->with('is_buildtime', true)->once()->andReturnSelf(); + $envQuery->shouldReceive('get')->once()->andReturn(collect([$nodeVersion, $literalValue, $jsonValue, $nullValue])); + $application->shouldReceive('environment_variables')->once()->andReturn($envQuery); $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); $job->shouldAllowMockingProtectedMethods(); @@ -94,9 +95,10 @@ ]); $previewValue->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn('preview-value'); - $application->shouldReceive('getAttribute') - ->with('railpack_environment_variables_preview') - ->andReturn(collect([$previewValue])); + $previewQuery = Mockery::mock(); + $previewQuery->shouldReceive('where')->with('is_buildtime', true)->once()->andReturnSelf(); + $previewQuery->shouldReceive('get')->once()->andReturn(collect([$previewValue])); + $application->shouldReceive('environment_variables_preview')->once()->andReturn($previewQuery); $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); $job->shouldAllowMockingProtectedMethods(); From b6ca6b1b2038795481027580773fd86e4183fad4 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 30 Apr 2026 18:31:41 +0200 Subject: [PATCH 037/235] feat(railpack): expose COOLIFY_* vars at build time and generalize buildpack control flag MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Mirrors Nixpacks behavior: inject COOLIFY_* and SOURCE_COMMIT into railpack build variables so apps (e.g. SPAs baking public URLs) can read them via /run/secrets/. Rename is_nixpacks → is_buildpack_control to cover both NIXPACKS_ and RAILPACK_ prefixed keys. Update the env variable view and appends list accordingly. Promote generate_coolify_env_variables to protected for testability. --- app/Jobs/ApplicationDeploymentJob.php | 10 ++- app/Models/EnvironmentVariable.php | 12 +--- .../environment-variable/show.blade.php | 8 +-- ...icationDeploymentRailpackEnvParityTest.php | 69 +++++++++++++++++++ ...nvironmentVariableBuildpackControlTest.php | 37 ++++++++++ 5 files changed, 122 insertions(+), 14 deletions(-) create mode 100644 tests/Unit/EnvironmentVariableBuildpackControlTest.php diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 6f9aabfd5..0131d218a 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -2527,6 +2527,14 @@ private function railpack_build_variables(): Collection $variables->put('RAILPACK_INSTALL_CMD', $this->application->install_command); } + // Mirror Nixpacks behavior: expose COOLIFY_* and SOURCE_COMMIT to the build so apps + // (e.g. SPAs baking the public URL) can read them via /run/secrets/. + foreach ($this->generate_coolify_env_variables(forBuildTime: true) as $key => $value) { + if (! is_null($value) && $value !== '') { + $variables->put($key, $value); + } + } + return $variables; } @@ -2829,7 +2837,7 @@ private function build_railpack_static_image(): void ); } - private function generate_coolify_env_variables(bool $forBuildTime = false): Collection + protected function generate_coolify_env_variables(bool $forBuildTime = false): Collection { $coolify_envs = collect([]); $local_branch = $this->branch; diff --git a/app/Models/EnvironmentVariable.php b/app/Models/EnvironmentVariable.php index 25e2dcfb3..ac0d238b3 100644 --- a/app/Models/EnvironmentVariable.php +++ b/app/Models/EnvironmentVariable.php @@ -77,7 +77,7 @@ class EnvironmentVariable extends BaseModel 'resourceable_id' => 'integer', ]; - protected $appends = ['real_value', 'is_shared', 'is_really_required', 'is_nixpacks', 'is_coolify']; + protected $appends = ['real_value', 'is_shared', 'is_really_required', 'is_buildpack_control', 'is_coolify']; protected static function booted() { @@ -215,16 +215,10 @@ protected function isReallyRequired(): Attribute ); } - protected function isNixpacks(): Attribute + protected function isBuildpackControl(): Attribute { return Attribute::make( - get: function () { - if (str($this->key)->startsWith('NIXPACKS_')) { - return true; - } - - return false; - } + get: fn () => self::isBuildpackControlKey($this->key), ); } diff --git a/resources/views/livewire/project/shared/environment-variable/show.blade.php b/resources/views/livewire/project/shared/environment-variable/show.blade.php index 6630d0500..cbb7afa2f 100644 --- a/resources/views/livewire/project/shared/environment-variable/show.blade.php +++ b/resources/views/livewire/project/shared/environment-variable/show.blade.php @@ -58,7 +58,7 @@ @endif @else - @if (!$env->is_nixpacks) + @if (!$env->is_buildpack_control) @@ -67,7 +67,7 @@ helper="Make this variable available in the running container at runtime." label="Available at Runtime" /> @if (!$isMagicVariable) - @if (!$env->is_nixpacks) + @if (!$env->is_buildpack_control) @if ($is_multiline === false) @endif @else - @if (!$env->is_nixpacks) + @if (!$env->is_buildpack_control) @@ -245,7 +245,7 @@ helper="Make this variable available in the running container at runtime." label="Available at Runtime" /> @if (!$isMagicVariable) - @if (!$env->is_nixpacks) + @if (!$env->is_buildpack_control) @if ($is_multiline === false) makePartial(); $job->shouldAllowMockingProtectedMethods(); + $job->shouldReceive('generate_coolify_env_variables')->andReturn(collect([])); $reflection = new ReflectionClass(ApplicationDeploymentJob::class); $applicationProperty = $reflection->getProperty('application'); @@ -102,6 +103,7 @@ $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); $job->shouldAllowMockingProtectedMethods(); + $job->shouldReceive('generate_coolify_env_variables')->andReturn(collect([])); $reflection = new ReflectionClass(ApplicationDeploymentJob::class); $applicationProperty = $reflection->getProperty('application'); @@ -124,3 +126,70 @@ 'RAILPACK_PREVIEW_ONLY' => 'preview-value', ]); }); + +it('merges coolify env variables into railpack build variables', function () { + $application = Mockery::mock(Application::class); + $application->shouldReceive('getAttribute')->with('install_command')->andReturn(null); + + $userVar = Mockery::mock(EnvironmentVariable::class)->makePartial(); + $userVar->forceFill([ + 'key' => 'MY_BUILD_VAR', + 'is_literal' => false, + 'is_multiline' => false, + ]); + $userVar->shouldReceive('getResolvedValueWithServer')->once()->with(Mockery::type(Server::class))->andReturn('hello'); + + $envQuery = Mockery::mock(); + $envQuery->shouldReceive('where')->with('is_buildtime', true)->once()->andReturnSelf(); + $envQuery->shouldReceive('get')->once()->andReturn(collect([$userVar])); + $application->shouldReceive('environment_variables')->once()->andReturn($envQuery); + + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + $job->shouldAllowMockingProtectedMethods(); + $job->shouldReceive('generate_coolify_env_variables') + ->with(true) + ->andReturn(collect([ + 'COOLIFY_URL' => 'https://app.example.com', + 'COOLIFY_FQDN' => 'app.example.com', + 'COOLIFY_BRANCH' => 'main', + 'COOLIFY_RESOURCE_UUID' => 'app-uuid', + 'SOURCE_COMMIT' => 'abc123', + 'EMPTY_VAR' => '', + 'NULL_VAR' => null, + ])); + + $reflection = new ReflectionClass(ApplicationDeploymentJob::class); + $applicationProperty = $reflection->getProperty('application'); + $applicationProperty->setAccessible(true); + $applicationProperty->setValue($job, $application); + + $pullRequestProperty = $reflection->getProperty('pull_request_id'); + $pullRequestProperty->setAccessible(true); + $pullRequestProperty->setValue($job, 0); + + $mainServerProperty = $reflection->getProperty('mainServer'); + $mainServerProperty->setAccessible(true); + $mainServerProperty->setValue($job, Mockery::mock(Server::class)); + + $method = $reflection->getMethod('generate_railpack_env_variables'); + $method->setAccessible(true); + $variables = $method->invoke($job); + + expect($variables->all())->toBe([ + 'MY_BUILD_VAR' => 'hello', + 'COOLIFY_URL' => 'https://app.example.com', + 'COOLIFY_FQDN' => 'app.example.com', + 'COOLIFY_BRANCH' => 'main', + 'COOLIFY_RESOURCE_UUID' => 'app-uuid', + 'SOURCE_COMMIT' => 'abc123', + ]); + + $envArgsProperty = $reflection->getProperty('env_railpack_args'); + $envArgsProperty->setAccessible(true); + $envArgs = $envArgsProperty->getValue($job); + + expect($envArgs)->toContain("--env 'COOLIFY_URL=https://app.example.com'"); + expect($envArgs)->toContain("--env 'SOURCE_COMMIT=abc123'"); + expect($envArgs)->not->toContain('EMPTY_VAR'); + expect($envArgs)->not->toContain('NULL_VAR'); +}); diff --git a/tests/Unit/EnvironmentVariableBuildpackControlTest.php b/tests/Unit/EnvironmentVariableBuildpackControlTest.php new file mode 100644 index 000000000..1a277bcdd --- /dev/null +++ b/tests/Unit/EnvironmentVariableBuildpackControlTest.php @@ -0,0 +1,37 @@ +key = 'NIXPACKS_NODE_VERSION'; + + expect($env->is_buildpack_control)->toBeTrue(); +}); + +it('flags RAILPACK_ keys as buildpack control variables', function () { + $env = new EnvironmentVariable; + $env->key = 'RAILPACK_NODE_VERSION'; + + expect($env->is_buildpack_control)->toBeTrue(); +}); + +it('does not flag user-defined keys as buildpack control variables', function () { + $env = new EnvironmentVariable; + $env->key = 'MY_BUILD_VAR'; + + expect($env->is_buildpack_control)->toBeFalse(); +}); + +it('does not flag empty key as buildpack control variable', function () { + $env = new EnvironmentVariable; + + expect($env->is_buildpack_control)->toBeFalse(); +}); + +it('lists is_buildpack_control in appends and drops legacy is_nixpacks', function () { + $env = new EnvironmentVariable; + + expect($env->getAppends())->toContain('is_buildpack_control'); + expect($env->getAppends())->not->toContain('is_nixpacks'); +}); From 22a2c05a1d4fddb6e64bb552c7eaf8a4ccb694d3 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Tue, 5 May 2026 15:32:43 +0200 Subject: [PATCH 038/235] test(railpack): add API, Livewire UI tests and e2e smoke script Add feature tests covering railpack build pack via REST API and Livewire UI components, plus a bash smoke test that deploys seeded railpack-* example apps against the local dev stack and verifies COOLIFY_*, SOURCE_COMMIT, and RAILPACK_* env vars land correctly. --- scripts/railpack-smoke.sh | 322 ++++++++++++++++ tests/Feature/Api/RailpackApiTest.php | 345 ++++++++++++++++++ .../Livewire/RailpackLivewireUiTest.php | 121 ++++++ 3 files changed, 788 insertions(+) create mode 100755 scripts/railpack-smoke.sh create mode 100644 tests/Feature/Api/RailpackApiTest.php create mode 100644 tests/Feature/Livewire/RailpackLivewireUiTest.php diff --git a/scripts/railpack-smoke.sh b/scripts/railpack-smoke.sh new file mode 100755 index 000000000..92e621c3b --- /dev/null +++ b/scripts/railpack-smoke.sh @@ -0,0 +1,322 @@ +#!/usr/bin/env bash +# +# Railpack end-to-end deploy smoke test against the local dev stack. +# +# Walks a curated set of railpack-* example apps from +# DevelopmentRailpackExamplesSeeder, triggers a deploy via the Coolify API, +# waits for the deployment queue to finish, then exec()s into the resulting +# container and checks that COOLIFY_*, SOURCE_COMMIT, and any RAILPACK_* +# build inputs landed correctly. Optionally curls the FQDN. +# +# Requires: +# - Dev stack running: spin up (or docker compose -f docker-compose.dev.yml up -d) +# - Seeder run: php artisan db:seed --class=DevelopmentRailpackExamplesSeeder +# - Personal token: PersonalAccessTokenSeeder run (creates Bearer 'root') +# - jq, curl available on host +# +# Usage: +# scripts/railpack-smoke.sh # default subset +# scripts/railpack-smoke.sh --app railpack-laravel # single app +# scripts/railpack-smoke.sh --all # every seeded railpack-* app +# scripts/railpack-smoke.sh --timeout 900 # build wait per app, seconds +# scripts/railpack-smoke.sh --no-curl # skip FQDN curl +# scripts/railpack-smoke.sh --extra-env KEY=VALUE # build+runtime env (alias of --both-env) +# scripts/railpack-smoke.sh --build-env KEY=VALUE # buildtime-only env (must reach build, NOT runtime) +# scripts/railpack-smoke.sh --runtime-env KEY=VALUE # runtime-only env (must reach runtime, NOT build) +# scripts/railpack-smoke.sh --both-env KEY=VALUE # buildtime+runtime env +# +set -euo pipefail + +API_BASE="${COOLIFY_API_BASE:-http://localhost:8000/api/v1}" +TOKEN="${COOLIFY_API_TOKEN:-root}" +TIMEOUT="${SMOKE_TIMEOUT:-600}" +DO_CURL=1 +BUILD_ENVS=() +RUNTIME_ENVS=() +BOTH_ENVS=() +APPS=() + +DEFAULT_APPS=( + railpack-expressjs + railpack-nestjs + railpack-nextjs-ssr + railpack-vite-static + railpack-astro-static + railpack-python-flask + railpack-go-gin + railpack-rust + railpack-laravel + railpack-bun +) + +while (( $# > 0 )); do + case "$1" in + --app) APPS+=("$2"); shift 2 ;; + --all) APPS=(__ALL__); shift ;; + --timeout) TIMEOUT="$2"; shift 2 ;; + --no-curl) DO_CURL=0; shift ;; + --extra-env|--both-env) BOTH_ENVS+=("$2"); shift 2 ;; + --build-env) BUILD_ENVS+=("$2"); shift 2 ;; + --runtime-env) RUNTIME_ENVS+=("$2"); shift 2 ;; + --base) API_BASE="$2"; shift 2 ;; + --token) TOKEN="$2"; shift 2 ;; + -h|--help) sed -n '2,30p' "$0"; exit 0 ;; + *) echo "unknown arg: $1" >&2; exit 2 ;; + esac +done + +if ! command -v jq >/dev/null; then + echo "jq required" >&2; exit 2 +fi +if ! command -v docker >/dev/null; then + echo "docker required" >&2; exit 2 +fi + +curl_api() { + local method="$1"; shift + local path="$1"; shift + curl -fsS -X "$method" \ + -H "Authorization: Bearer ${TOKEN}" \ + -H "Content-Type: application/json" \ + "${API_BASE}${path}" \ + "$@" +} + +if (( ${#APPS[@]} == 0 )); then + APPS=("${DEFAULT_APPS[@]}") +fi + +if [[ "${APPS[0]}" == "__ALL__" ]]; then + mapfile -t APPS < <(curl_api GET /applications | jq -r '.[].uuid' | grep '^railpack-' || true) +fi + +log() { printf '[%s] %s\n' "$(date +%H:%M:%S)" "$*"; } +fail() { printf '\033[31m[FAIL]\033[0m %s: %s\n' "$1" "$2"; FAILED+=("$1: $2"); } +pass() { printf '\033[32m[ OK ]\033[0m %s: %s\n' "$1" "$2"; } + +upsert_env() { + local app_uuid="$1" key="$2" value="$3" buildtime="$4" runtime="$5" existing + existing=$(curl_api GET "/applications/${app_uuid}/envs" | jq -r --arg k "$key" '.[] | select(.key==$k) | .uuid' | head -1) + local payload + payload=$(jq -nc --arg k "$key" --arg v "$value" --argjson b "$buildtime" --argjson r "$runtime" \ + '{key:$k, value:$v, is_buildtime:$b, is_runtime:$r, is_preview:false}') + if [[ -n "$existing" ]]; then + curl_api PATCH "/applications/${app_uuid}/envs" --data "$payload" >/dev/null + log " env ${key} updated (buildtime=${buildtime} runtime=${runtime})" + else + curl_api POST "/applications/${app_uuid}/envs" --data "$payload" >/dev/null + log " env ${key} created (buildtime=${buildtime} runtime=${runtime})" + fi +} + +ensure_envs() { + local app_uuid="$1" kv key value + for kv in "${BUILD_ENVS[@]:-}"; do + [[ -z "$kv" ]] && continue + key="${kv%%=*}"; value="${kv#*=}" + upsert_env "$app_uuid" "$key" "$value" true false + done + for kv in "${RUNTIME_ENVS[@]:-}"; do + [[ -z "$kv" ]] && continue + key="${kv%%=*}"; value="${kv#*=}" + upsert_env "$app_uuid" "$key" "$value" false true + done + for kv in "${BOTH_ENVS[@]:-}"; do + [[ -z "$kv" ]] && continue + key="${kv%%=*}"; value="${kv#*=}" + upsert_env "$app_uuid" "$key" "$value" true true + done +} + +trigger_deploy() { + local app_uuid="$1" + curl_api POST "/applications/${app_uuid}/start?force=true&instant_deploy=true" \ + | jq -r '.deployment_uuid // empty' +} + +wait_for_deploy() { + local dep_uuid="$1" deadline="$2" status + while (( $(date +%s) < deadline )); do + status=$(curl_api GET "/deployments/${dep_uuid}" | jq -r '.status // "unknown"') + case "$status" in + finished) echo finished; return 0 ;; + failed|cancelled) echo "$status"; return 1 ;; + queued|in_progress) sleep 5 ;; + *) sleep 5 ;; + esac + done + echo timeout; return 1 +} + +container_for_app() { + local app_uuid="$1" + docker ps --filter "name=^${app_uuid}-" --format '{{.Names}}' | head -1 +} + +assert_envs_present() { + local container="$1" app_uuid="$2" + local env_dump + env_dump=$(docker exec "$container" env 2>/dev/null || true) + + local missing=() + for required in COOLIFY_FQDN COOLIFY_URL COOLIFY_BRANCH COOLIFY_RESOURCE_UUID COOLIFY_CONTAINER_NAME SOURCE_COMMIT; do + if ! grep -q "^${required}=" <<<"$env_dump"; then + missing+=("$required") + fi + done + + local resource_uuid + resource_uuid=$(grep '^COOLIFY_RESOURCE_UUID=' <<<"$env_dump" | cut -d= -f2- || true) + if [[ "$resource_uuid" != "$app_uuid" ]]; then + missing+=("COOLIFY_RESOURCE_UUID-mismatch(got=${resource_uuid})") + fi + + if (( ${#missing[@]} == 0 )); then + pass "$app_uuid" "runtime envs present (${resource_uuid})" + return 0 + fi + fail "$app_uuid" "missing/incorrect envs: ${missing[*]}" + return 1 +} + +deploy_logs_text() { + local dep_uuid="$1" + curl_api GET "/deployments/${dep_uuid}" | jq -r '(.logs | fromjson? // []) | .[].output' 2>/dev/null +} + +assert_runtime_only_envs() { + local container="$1" app_uuid="$2" + [[ ${#RUNTIME_ENVS[@]} -eq 0 ]] && return 0 + local env_dump key value actual + env_dump=$(docker exec "$container" env 2>/dev/null || true) + for kv in "${RUNTIME_ENVS[@]}"; do + key="${kv%%=*}"; value="${kv#*=}" + if ! grep -q "^${key}=" <<<"$env_dump"; then + fail "$app_uuid" "runtime-only env ${key} missing at runtime" + return 1 + fi + actual=$(grep "^${key}=" <<<"$env_dump" | head -1 | cut -d= -f2-) + if [[ "$actual" != "$value" ]]; then + fail "$app_uuid" "runtime env ${key} value mismatch (got=${actual} want=${value})" + return 1 + fi + done + pass "$app_uuid" "runtime-only envs present at runtime (${#RUNTIME_ENVS[@]} key(s))" +} + +assert_build_only_envs() { + local container="$1" app_uuid="$2" dep_uuid="$3" + [[ ${#BUILD_ENVS[@]} -eq 0 ]] && return 0 + local env_dump logs key + env_dump=$(docker exec "$container" env 2>/dev/null || true) + logs=$(deploy_logs_text "$dep_uuid") + + for kv in "${BUILD_ENVS[@]}"; do + key="${kv%%=*}" + # Reach build: railpack passes buildtime envs as docker buildx --secret id=KEY + if ! grep -q -- "--secret id=${key}" <<<"$logs"; then + fail "$app_uuid" "build-only env ${key} not seen as --secret in deploy logs" + return 1 + fi + # Must NOT leak to runtime container + if grep -q "^${key}=" <<<"$env_dump"; then + fail "$app_uuid" "build-only env ${key} LEAKED to runtime container" + return 1 + fi + done + pass "$app_uuid" "build-only envs in build secret + absent at runtime (${#BUILD_ENVS[@]} key(s))" +} + +assert_both_envs() { + local container="$1" app_uuid="$2" dep_uuid="$3" + [[ ${#BOTH_ENVS[@]} -eq 0 ]] && return 0 + local env_dump logs key + env_dump=$(docker exec "$container" env 2>/dev/null || true) + logs=$(deploy_logs_text "$dep_uuid") + for kv in "${BOTH_ENVS[@]}"; do + key="${kv%%=*}" + if [[ "$key" =~ ^RAILPACK_ ]]; then + # RAILPACK_* are buildtime-only by railpack convention; skip runtime check + grep -q -- "--secret id=${key}" <<<"$logs" \ + || { fail "$app_uuid" "${key} not seen in build secrets"; return 1; } + continue + fi + grep -q "^${key}=" <<<"$env_dump" \ + || { fail "$app_uuid" "both-env ${key} missing at runtime"; return 1; } + done + pass "$app_uuid" "both-envs reached runtime (${#BOTH_ENVS[@]} key(s))" +} + +assert_fqdn_responds() { + local app_uuid="$1" + local fqdn + fqdn=$(curl_api GET "/applications/${app_uuid}" | jq -r '.fqdn // empty') + [[ -z "$fqdn" ]] && return 0 + local code + code=$(curl -ksSL -o /dev/null -w '%{http_code}' --max-time 10 "$fqdn" || echo "000") + case "$code" in + 2*|3*) pass "$app_uuid" "fqdn ${fqdn} -> ${code}" ;; + *) fail "$app_uuid" "fqdn ${fqdn} -> ${code}" ;; + esac +} + +run_one() { + local app_uuid="$1" + log "==> ${app_uuid}" + + if ! curl_api GET "/applications/${app_uuid}" >/dev/null 2>&1; then + fail "$app_uuid" "application not found via API (run seeder?)" + return + fi + + ensure_envs "$app_uuid" + + local dep + dep=$(trigger_deploy "$app_uuid") + if [[ -z "$dep" ]]; then + fail "$app_uuid" "no deployment_uuid returned" + return + fi + log " deploy queued: ${dep}" + + local deadline=$(( $(date +%s) + TIMEOUT )) + local result + result=$(wait_for_deploy "$dep" "$deadline") || { + fail "$app_uuid" "deploy ${result}" + return + } + pass "$app_uuid" "deploy ${result}" + + sleep 2 + local container + container=$(container_for_app "$app_uuid") + if [[ -z "$container" ]]; then + fail "$app_uuid" "no running container matching name=^${app_uuid}-" + return + fi + pass "$app_uuid" "container ${container} running" + + assert_envs_present "$container" "$app_uuid" || true + assert_runtime_only_envs "$container" "$app_uuid" || true + assert_build_only_envs "$container" "$app_uuid" "$dep" || true + assert_both_envs "$container" "$app_uuid" "$dep" || true + + if (( DO_CURL )); then + assert_fqdn_responds "$app_uuid" || true + fi +} + +FAILED=() +for app in "${APPS[@]}"; do + run_one "$app" +done + +echo +echo "=== summary ===" +if (( ${#FAILED[@]} == 0 )); then + echo "all apps passed" + exit 0 +fi +printf '%s failure(s):\n' "${#FAILED[@]}" +printf ' - %s\n' "${FAILED[@]}" +exit 1 diff --git a/tests/Feature/Api/RailpackApiTest.php b/tests/Feature/Api/RailpackApiTest.php new file mode 100644 index 000000000..c9dbced4b --- /dev/null +++ b/tests/Feature/Api/RailpackApiTest.php @@ -0,0 +1,345 @@ + InstanceSettings::firstOrCreate(['id' => 0])); + + $this->team = Team::factory()->create(); + $this->user = User::factory()->create(); + $this->team->members()->attach($this->user->id, ['role' => 'owner']); + session(['currentTeam' => $this->team]); + + $plainTextToken = Str::random(40); + $token = $this->user->tokens()->create([ + 'name' => 'railpack-api-test-'.Str::random(6), + 'token' => hash('sha256', $plainTextToken), + 'abilities' => ['*'], + 'team_id' => $this->team->id, + ]); + $this->bearerToken = $token->getKey().'|'.$plainTextToken; + + $this->server = Server::factory()->create(['team_id' => $this->team->id]); + $this->destination = StandaloneDocker::where('server_id', $this->server->id)->first(); + $this->project = Project::factory()->create(['team_id' => $this->team->id]); + $this->environment = Environment::factory()->create(['project_id' => $this->project->id]); +}); + +function railpackApiHeaders(string $bearerToken): array +{ + return [ + 'Authorization' => 'Bearer '.$bearerToken, + 'Content-Type' => 'application/json', + ]; +} + +function makeRailpackApp(array $overrides = []): Application +{ + return Application::factory()->create(array_merge([ + 'environment_id' => test()->environment->id, + 'destination_id' => test()->destination->id, + 'destination_type' => test()->destination->getMorphClass(), + 'build_pack' => 'railpack', + ], $overrides)); +} + +describe('PATCH /api/v1/applications/{uuid} build_pack=railpack', function () { + test('rejects unsupported build_pack at controller layer', function () { + $app = makeRailpackApp(); + + $response = $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->patchJson("/api/v1/applications/{$app->uuid}", [ + 'build_pack' => 'totally-bogus', + ]); + + $response->assertStatus(422); + }); + + test('switching from dockerfile to railpack clears dockerfile fields', function () { + $app = makeRailpackApp([ + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM node:20', + 'dockerfile_location' => '/Dockerfile', + 'dockerfile_target_build' => 'production', + 'custom_healthcheck_found' => true, + ]); + + $response = $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->patchJson("/api/v1/applications/{$app->uuid}", [ + 'build_pack' => 'railpack', + ]); + + $response->assertOk(); + + $app->refresh(); + expect($app->build_pack)->toBe('railpack'); + expect($app->dockerfile)->toBeNull(); + // NOTE: dockerfile_location is normalized to '/Dockerfile' by the model + // mutator when set to null, so we cannot assert it becomes null here. + expect($app->dockerfile_target_build)->toBeNull(); + expect((bool) $app->custom_healthcheck_found)->toBeFalse(); + }); + + test('switching from dockercompose to railpack clears compose fields and SERVICE_* envs', function () { + $app = makeRailpackApp([ + 'build_pack' => 'dockercompose', + 'docker_compose_domains' => '{"app": "example.com"}', + 'docker_compose_raw' => "version: '3'\nservices:\n app:\n image: nginx", + ]); + + $app->environment_variables()->createMany([ + ['key' => 'SERVICE_FQDN_APP', 'value' => 'app.example.com', 'is_buildtime' => false, 'is_preview' => false], + ['key' => 'SERVICE_URL_APP', 'value' => 'http://app.example.com', 'is_buildtime' => false, 'is_preview' => false], + ['key' => 'REGULAR_VAR', 'value' => 'keep_me', 'is_buildtime' => false, 'is_preview' => false], + ]); + + $response = $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->patchJson("/api/v1/applications/{$app->uuid}", [ + 'build_pack' => 'railpack', + ]); + + $response->assertOk(); + + $app->refresh(); + expect($app->build_pack)->toBe('railpack'); + expect($app->docker_compose_domains)->toBeNull(); + expect($app->docker_compose_raw)->toBeNull(); + expect($app->environment_variables()->where('key', 'SERVICE_FQDN_APP')->count())->toBe(0); + expect($app->environment_variables()->where('key', 'SERVICE_URL_APP')->count())->toBe(0); + expect($app->environment_variables()->where('key', 'REGULAR_VAR')->count())->toBe(1); + }); + + test('install/build/start commands persist for railpack apps', function () { + $app = makeRailpackApp(); + + $response = $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->patchJson("/api/v1/applications/{$app->uuid}", [ + 'install_command' => 'npm ci', + 'build_command' => 'npm run build', + 'start_command' => 'node server.js', + ]); + + $response->assertOk(); + + $app->refresh(); + expect($app->install_command)->toBe('npm ci'); + expect($app->build_command)->toBe('npm run build'); + expect($app->start_command)->toBe('node server.js'); + }); +}); + +describe('POST /api/v1/applications/{uuid}/envs RAILPACK_* handling', function () { + test('adding RAILPACK_NODE_VERSION via API surfaces in railpack_environment_variables only', function () { + $app = makeRailpackApp(); + + $response = $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'RAILPACK_NODE_VERSION', + 'value' => '20', + 'is_buildtime' => true, + 'is_runtime' => false, + 'is_preview' => false, + ]); + + $response->assertCreated(); + + $app->refresh(); + expect($app->railpack_environment_variables)->toHaveCount(1); + expect($app->railpack_environment_variables->first()->key)->toBe('RAILPACK_NODE_VERSION'); + expect($app->runtime_environment_variables->where('key', 'RAILPACK_NODE_VERSION'))->toHaveCount(0); + }); + + test('runtime envs added via API surface in runtime_environment_variables but not railpack_*', function () { + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'APP_ENV', + 'value' => 'production', + 'is_runtime' => true, + 'is_buildtime' => false, + 'is_preview' => false, + ])->assertCreated(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'NIXPACKS_NODE_VERSION', + 'value' => '18', + 'is_buildtime' => true, + 'is_runtime' => false, + 'is_preview' => false, + ])->assertCreated(); + + $app->refresh(); + $runtime = $app->runtime_environment_variables; + expect($runtime->pluck('key')->all())->toBe(['APP_ENV']); + expect($app->railpack_environment_variables)->toHaveCount(0); + }); + + test('preview RAILPACK_* envs surface in railpack_environment_variables_preview only', function () { + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'RAILPACK_BUILD_CMD', + 'value' => 'npm run build', + 'is_buildtime' => true, + 'is_runtime' => false, + 'is_preview' => true, + ])->assertCreated(); + + $app->refresh(); + expect($app->railpack_environment_variables_preview)->toHaveCount(1); + expect($app->railpack_environment_variables)->toHaveCount(0); + }); + + test('buildtime-only env has is_buildtime=true and is_runtime=false', function () { + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'API_KEY', + 'value' => 'sekret', + 'is_buildtime' => true, + 'is_runtime' => false, + 'is_preview' => false, + ])->assertCreated(); + + $app->refresh(); + $env = $app->environment_variables()->where('key', 'API_KEY')->first(); + expect($env)->not->toBeNull(); + expect((bool) $env->is_buildtime)->toBeTrue(); + expect((bool) $env->is_runtime)->toBeFalse(); + // Buildtime-only non-RAILPACK_ var: visible to runtime relation (it's not a buildpack-control var) + // but is_runtime flag is false; consumers gate runtime via is_runtime, not via the relation alone. + expect($env->resourceable_id)->toBe($app->id); + }); + + test('runtime-only env has is_runtime=true and is_buildtime=false', function () { + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'LOG_LEVEL', + 'value' => 'debug', + 'is_buildtime' => false, + 'is_runtime' => true, + 'is_preview' => false, + ])->assertCreated(); + + $app->refresh(); + $env = $app->environment_variables()->where('key', 'LOG_LEVEL')->first(); + expect((bool) $env->is_buildtime)->toBeFalse(); + expect((bool) $env->is_runtime)->toBeTrue(); + }); + + test('railpack build variables collection includes only is_buildtime=true entries', function () { + // Sanity check the underlying query used by the deploy job: railpack_build_variables() + // pulls $application->environment_variables()->where('is_buildtime', true)->get() + // (see ApplicationDeploymentJob::railpack_build_variables). + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'BUILD_ARG', + 'value' => 'in-build', + 'is_buildtime' => true, + 'is_runtime' => false, + 'is_preview' => false, + ])->assertCreated(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'RUNTIME_ARG', + 'value' => 'in-runtime', + 'is_buildtime' => false, + 'is_runtime' => true, + 'is_preview' => false, + ])->assertCreated(); + + $app->refresh(); + $buildtime = $app->environment_variables()->where('is_buildtime', true)->pluck('key')->all(); + expect($buildtime)->toContain('BUILD_ARG'); + expect($buildtime)->not->toContain('RUNTIME_ARG'); + }); + + test('user-defined COOLIFY_FQDN takes precedence over auto-generated', function () { + // Documents generate_coolify_env_variables() override behavior: + // it skips generation when application->environment_variables already has the key. + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'COOLIFY_FQDN', + 'value' => 'overridden.example.com', + 'is_buildtime' => true, + 'is_runtime' => true, + 'is_preview' => false, + ])->assertCreated(); + + $app->refresh(); + $env = $app->environment_variables()->where('key', 'COOLIFY_FQDN')->first(); + expect($env)->not->toBeNull(); + expect($env->value)->toBe('overridden.example.com'); + // Confirm the model relation used by override-skip logic finds it + expect($app->environment_variables->where('key', 'COOLIFY_FQDN')->isEmpty())->toBeFalse(); + }); + + test('is_literal flag persists on create', function () { + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'RAILPACK_LITERAL_FLAG', + 'value' => '$NOT_INTERPOLATED', + 'is_buildtime' => true, + 'is_runtime' => false, + 'is_preview' => false, + 'is_literal' => true, + ])->assertCreated(); + + $app->refresh(); + $env = $app->environment_variables()->where('key', 'RAILPACK_LITERAL_FLAG')->first(); + expect((bool) $env->is_literal)->toBeTrue(); + }); + + test('PATCH env updates buildtime/runtime flags', function () { + $app = makeRailpackApp(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->postJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'TOGGLE_VAR', + 'value' => 'v1', + 'is_buildtime' => true, + 'is_runtime' => true, + 'is_preview' => false, + ])->assertCreated(); + + $this->withHeaders(railpackApiHeaders($this->bearerToken)) + ->patchJson("/api/v1/applications/{$app->uuid}/envs", [ + 'key' => 'TOGGLE_VAR', + 'value' => 'v2', + 'is_buildtime' => false, + 'is_runtime' => true, + 'is_multiline' => false, + 'is_shown_once' => false, + ])->assertStatus(201); + + $app->refresh(); + $env = $app->environment_variables()->where('key', 'TOGGLE_VAR')->first(); + expect($env->value)->toBe('v2'); + expect((bool) $env->is_buildtime)->toBeFalse(); + expect((bool) $env->is_runtime)->toBeTrue(); + }); +}); diff --git a/tests/Feature/Livewire/RailpackLivewireUiTest.php b/tests/Feature/Livewire/RailpackLivewireUiTest.php new file mode 100644 index 000000000..b21037b11 --- /dev/null +++ b/tests/Feature/Livewire/RailpackLivewireUiTest.php @@ -0,0 +1,121 @@ +team = Team::factory()->create(); + $this->user = User::factory()->create(); + $this->team->members()->attach($this->user->id, ['role' => 'owner']); + + $this->actingAs($this->user); + session(['currentTeam' => $this->team]); + InstanceSettings::unguarded(function () { + InstanceSettings::updateOrCreate(['id' => 0], []); + }); + + $this->project = Project::factory()->create(['team_id' => $this->team->id]); + $this->environment = Environment::factory()->create(['project_id' => $this->project->id]); +}); + +describe('PublicGitRepository port handling for railpack', function () { + test('switching to railpack resets port to 3000 when not static', function () { + Livewire::test(PublicGitRepository::class, ['type' => 'public']) + ->set('build_pack', 'dockerfile') + ->assertSet('port', 3000) + ->set('build_pack', 'railpack') + ->assertSet('port', 3000); + }); + + test('switching to railpack preserves port when isStatic is true', function () { + $component = Livewire::test(PublicGitRepository::class, ['type' => 'public']) + ->set('isStatic', true) + ->call('instantSave'); + + // After instantSave with isStatic=true, port becomes 80 + $component->assertSet('port', 80); + + // Switching from nixpacks to railpack should NOT clobber port back to 3000 + $component->set('build_pack', 'railpack') + ->assertSet('port', 80); + }); + + test('switching to static sets port to 80 and disables show_is_static', function () { + Livewire::test(PublicGitRepository::class, ['type' => 'public']) + ->set('build_pack', 'static') + ->assertSet('port', 80) + ->assertSet('isStatic', false) + ->assertSet('show_is_static', false); + }); +}); + +describe('General view railpack helper text', function () { + beforeEach(function () { + $this->privateKey = PrivateKey::create([ + 'name' => 'Test Key', + 'private_key' => '-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACBbhpqHhqv6aI67Mj9abM3DVbmcfYhZAhC7ca4d9UCevAAAAJi/QySHv0Mk +hwAAAAtzc2gtZWQyNTUxOQAAACBbhpqHhqv6aI67Mj9abM3DVbmcfYhZAhC7ca4d9UCevA +AAAECBQw4jg1WRT2IGHMncCiZhURCts2s24HoDS0thHnnRKVuGmoeGq/pojrsyP1pszcNV +uZx9iFkCELtxrh31QJ68AAAAEXNhaWxANzZmZjY2ZDJlMmRkAQIDBA== +-----END OPENSSH PRIVATE KEY-----', + 'team_id' => $this->team->id, + ]); + $this->server = Server::factory()->create([ + 'team_id' => $this->team->id, + 'private_key_id' => $this->privateKey->id, + ]); + $this->destination = StandaloneDocker::where('server_id', $this->server->id)->first() + ?? StandaloneDocker::factory()->create(['server_id' => $this->server->id, 'network' => 'coolify-test']); + }); + + test('railpack app shows railpack.json helper text and not nixpacks.toml', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'destination_id' => $this->destination->id, + 'destination_type' => StandaloneDocker::class, + 'build_pack' => 'railpack', + 'static_image' => 'nginx:alpine', + 'base_directory' => '/', + 'is_http_basic_auth_enabled' => false, + 'redirect' => 'no', + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->assertSee('railpack.json') + ->assertDontSee('nixpacks.toml'); + }); + + test('nixpacks app shows nixpacks.toml helper text and not railpack.json', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'destination_id' => $this->destination->id, + 'destination_type' => StandaloneDocker::class, + 'build_pack' => 'nixpacks', + 'static_image' => 'nginx:alpine', + 'base_directory' => '/', + 'is_http_basic_auth_enabled' => false, + 'redirect' => 'no', + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->assertSee('nixpacks.toml') + ->assertDontSee('railpack.json'); + }); +}); From 4e446559a8b76a5f53f069086a84856617f5b5af Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 May 2026 17:58:22 +0000 Subject: [PATCH 039/235] build(deps): bump phpseclib/phpseclib from 3.0.51 to 3.0.52 Bumps [phpseclib/phpseclib](https://github.com/phpseclib/phpseclib) from 3.0.51 to 3.0.52. - [Release notes](https://github.com/phpseclib/phpseclib/releases) - [Changelog](https://github.com/phpseclib/phpseclib/blob/master/CHANGELOG.md) - [Commits](https://github.com/phpseclib/phpseclib/compare/3.0.51...3.0.52) --- updated-dependencies: - dependency-name: phpseclib/phpseclib dependency-version: 3.0.52 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/composer.lock b/composer.lock index 2f27235f5..dab750228 100644 --- a/composer.lock +++ b/composer.lock @@ -5156,16 +5156,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.51", + "version": "3.0.52", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748" + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d59c94077f9c9915abb51ddb52ce85188ece1748", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/2adaefc83df2ec548558307690f376dd7d4f4fce", + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce", "shasum": "" }, "require": { @@ -5246,7 +5246,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.51" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.52" }, "funding": [ { @@ -5262,7 +5262,7 @@ "type": "tidelift" } ], - "time": "2026-04-10T01:33:53+00:00" + "time": "2026-04-27T07:02:15+00:00" }, { "name": "phpstan/phpdoc-parser", From 635b9732b6193469f873c3e7ba296c13a073f7c2 Mon Sep 17 00:00:00 2001 From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com> Date: Thu, 7 May 2026 12:22:59 +0200 Subject: [PATCH 040/235] chore: remove DESIGN.md design specification file --- DESIGN.md | 752 ------------------------------------------------------ 1 file changed, 752 deletions(-) delete mode 100644 DESIGN.md diff --git a/DESIGN.md b/DESIGN.md deleted file mode 100644 index 9520fdf23..000000000 --- a/DESIGN.md +++ /dev/null @@ -1,752 +0,0 @@ ---- -version: alpha -name: Coolify -description: Self-hosted PaaS. Dark-first utilitarian UI. Purple (light) / yellow (dark) accent swap. Sharp 2px radii. Inset box-shadow inputs with 4px dirty-bar indicator. -colors: - # Brand - coollabs: "#6b16ed" - coollabs-50: "#f5f0ff" - coollabs-100: "#7317ff" - coollabs-200: "#5a12c7" - coollabs-300: "#4a0fa3" - # Dark-mode accent (warning scale) - warning: "#fcd452" - warning-50: "#fefce8" - warning-100: "#fef9c3" - warning-200: "#fef08a" - warning-300: "#fde047" - warning-400: "#fcd452" - warning-500: "#facc15" - warning-600: "#ca8a04" - warning-700: "#a16207" - warning-800: "#854d0e" - warning-900: "#713f12" - # Dark surfaces - base: "#101010" - coolgray-100: "#181818" - coolgray-200: "#202020" - coolgray-300: "#242424" - coolgray-400: "#282828" - coolgray-500: "#323232" - # Light surfaces (Tailwind neutrals) - surface: "#ffffff" - background: "#f9fafb" - border: "#e5e5e5" - text: "#000000" - text-muted: "#737373" - text-placeholder: "#d4d4d4" - # Semantic - success: "#22C55E" - error: "#dc2626" - primary: "{colors.coollabs}" -typography: - h1: - fontFamily: "'Geist Sans', Inter, sans-serif" - fontSize: 1.875rem - fontWeight: 700 - lineHeight: 1.2 - h2: - fontFamily: "'Geist Sans', Inter, sans-serif" - fontSize: 1.25rem - fontWeight: 700 - h3: - fontFamily: "'Geist Sans', Inter, sans-serif" - fontSize: 1.125rem - fontWeight: 700 - h4: - fontFamily: "'Geist Sans', Inter, sans-serif" - fontSize: 1rem - fontWeight: 700 - body-md: - fontFamily: "'Geist Sans', Inter, sans-serif" - fontSize: 0.875rem - fontWeight: 400 - lineHeight: 1.25rem - label-md: - fontFamily: "'Geist Sans', Inter, sans-serif" - fontSize: 0.875rem - fontWeight: 500 - label-sm: - fontFamily: "'Geist Sans', Inter, sans-serif" - fontSize: 0.75rem - fontWeight: 700 - lineHeight: 1rem - mono: - fontFamily: "'Geist Mono', SFMono-Regular, Consolas, 'Liberation Mono', Menlo, monospace" - fontSize: 0.875rem - fontWeight: 400 -rounded: - sm: 0.125rem # default — inputs, buttons, cards, modals - md: 0.25rem # coolbox - lg: 0.5rem # callouts - full: 9999px # badges, pills -spacing: - xs: 0.25rem - sm: 0.5rem - md: 1rem - lg: 1.5rem - xl: 2rem - section: 3rem - sidebar-width: 14rem - button-height: 2rem - card-min-height: 4rem - input-py: 0.375rem -components: - button: - backgroundColor: "{colors.surface}" - textColor: "{colors.text}" - rounded: "{rounded.sm}" - height: "{spacing.button-height}" - padding: 0 0.5rem - button-dark: - backgroundColor: "{colors.coolgray-100}" - textColor: "#ffffff" - button-hover: - backgroundColor: "#f5f5f5" - button-hover-dark: - backgroundColor: "{colors.coolgray-200}" - button-highlighted: - backgroundColor: "{colors.coollabs-50}" - textColor: "{colors.coollabs-200}" - button-highlighted-hover: - backgroundColor: "{colors.coollabs}" - textColor: "#ffffff" - button-error: - backgroundColor: "#fef2f2" - textColor: "#991b1b" - button-error-hover: - backgroundColor: "#fca5a5" - textColor: "#ffffff" - input: - backgroundColor: "{colors.surface}" - textColor: "{colors.text}" - rounded: "{rounded.sm}" - padding: 0.375rem 0.5rem - input-dark: - backgroundColor: "{colors.coolgray-100}" - textColor: "#ffffff" - textarea: - typography: "{typography.mono}" - backgroundColor: "{colors.surface}" - rounded: "{rounded.sm}" - box: - backgroundColor: "{colors.surface}" - textColor: "{colors.text}" - rounded: "{rounded.sm}" - padding: "{spacing.sm}" - height: "{spacing.card-min-height}" - box-dark: - backgroundColor: "{colors.coolgray-100}" - textColor: "#ffffff" - box-hover: - backgroundColor: "#f5f5f5" - box-hover-dark: - backgroundColor: "{colors.coollabs-100}" - textColor: "#ffffff" - coolbox: - backgroundColor: "{colors.surface}" - rounded: "{rounded.md}" - padding: "{spacing.sm}" - height: "{spacing.card-min-height}" - badge-success: - backgroundColor: "{colors.success}" - size: 0.75rem - rounded: "{rounded.full}" - badge-warning: - backgroundColor: "{colors.warning}" - size: 0.75rem - rounded: "{rounded.full}" - badge-error: - backgroundColor: "{colors.error}" - size: 0.75rem - rounded: "{rounded.full}" - deprecated-badge: - backgroundColor: "rgba(252, 212, 82, 0.15)" - textColor: "{colors.warning}" - rounded: "{rounded.full}" - padding: 0.125rem 0.5rem - callout-warning: - backgroundColor: "{colors.warning-50}" - textColor: "{colors.warning-800}" - rounded: "{rounded.lg}" - padding: "{spacing.md}" - callout-danger: - backgroundColor: "#fef2f2" - textColor: "#991b1b" - rounded: "{rounded.lg}" - padding: "{spacing.md}" - callout-info: - backgroundColor: "#eff6ff" - textColor: "#1e40af" - rounded: "{rounded.lg}" - padding: "{spacing.md}" - callout-success: - backgroundColor: "#f0fdf4" - textColor: "#166534" - rounded: "{rounded.lg}" - padding: "{spacing.md}" - dropdown: - backgroundColor: "{colors.surface}" - rounded: "{rounded.sm}" - padding: "{spacing.xs}" - dropdown-dark: - backgroundColor: "{colors.coolgray-200}" - dropdown-item-hover: - backgroundColor: "#f5f5f5" - dropdown-item-hover-dark: - backgroundColor: "{colors.coollabs}" - textColor: "#ffffff" - menu-item-active: - backgroundColor: "#e5e5e5" - textColor: "{colors.text}" - rounded: "{rounded.sm}" - menu-item-active-dark: - backgroundColor: "{colors.coolgray-200}" - textColor: "{colors.warning}" - tag: - backgroundColor: "#f5f5f5" - textColor: "{colors.text-muted}" - padding: 0.25rem 0.5rem - kbd: - rounded: "{rounded.sm}" - padding: 0 0.5rem - toast: - backgroundColor: "{colors.surface}" - rounded: "{rounded.sm}" - padding: "{spacing.md}" - width: 20rem - modal-input: - backgroundColor: "{colors.surface}" - rounded: "{rounded.sm}" - modal-input-dark: - backgroundColor: "{colors.base}" - modal-confirmation: - backgroundColor: "#f5f5f5" - rounded: "{rounded.sm}" - modal-confirmation-dark: - backgroundColor: "{colors.base}" ---- - -# Coolify Design System - -## Overview - -Coolify is a self-hosted PaaS (Heroku/Netlify/Vercel alternative) built with Laravel 12, Livewire 3, and Tailwind CSS v4. UI is **dark-first, dense, utilitarian** — operators want information density over whitespace. - -Brand personality: precise, engineered, no-nonsense. No flourish. No gradients outside a single branded upsell. Flat surfaces differentiated by tonal depth, not shadow. - -Two signature traits define the system: - -1. **Purple/Yellow accent swap.** Light mode uses `coollabs` purple `#6b16ed`. Dark mode swaps to `warning` yellow `#fcd452` for focus rings, active nav items, helper icons, loading spinners, highlighted text, helper links. Never use purple as an accent in dark mode. -2. **Inset box-shadow inputs with a 4px "dirty bar".** Inputs and selects have no border — they use `box-shadow: inset 4px 0 0 transparent, inset 0 0 0 2px `. When the field is focused or has unsaved changes (`wire:dirty`), the left 4px becomes the accent color — a live visual indicator of modified state. This is the single most distinctive UI detail in Coolify. - -Sharp geometry everywhere: 2px corner radius by default (`rounded-sm`). 8px only on callouts. Shadows used sparingly — one `shadow-sm` on boxes, one drop-shadow on toasts. The rest is flat tonal layers. - -## Colors - -Source of truth: `resources/css/app.css` `@theme` block (Tailwind v4). - -### Palettes - -- **Primary / Coollabs (`#6b16ed`)** — brand purple. Light-mode accent. Used for focus rings, active states, highlighted buttons, spinners, scrollbar thumb. Scale: `coollabs-50 #f5f0ff` (backgrounds), `coollabs #6b16ed` (base), `coollabs-100 #7317ff` (dark-mode button hover), `coollabs-200 #5a12c7` (light-mode text), `coollabs-300 #4a0fa3` (deepest). -- **Warning (`#fcd452`)** — dark-mode accent + callout palette. Full yellow scale `warning-50` through `warning-900`. Swaps in for coollabs under `.dark`. -- **Coolgray (dark surface ladder)** — five shades building dark-mode depth: `base #101010` (page) → `coolgray-100 #181818` (components) → `-200 #202020` (elevated / active nav) → `-300 #242424` (input borders, button borders) → `-400 #282828` (tooltips) → `-500 #323232` (subtle overlays). -- **Semantic** — `success #22C55E` for running/healthy, `error #dc2626` for stopped/danger. -- **Light surfaces** — `gray-50 #f9fafb` (page), `white` (components), `neutral-200 #e5e5e5` (borders), `neutral-500 #737373` (muted text), `neutral-300 #d4d4d4` (placeholders). - -### Dark-mode heading rule (critical) - -Body default text in dark mode is `neutral-400 #a3a3a3`. Headings and card titles MUST explicitly force `text-white` — otherwise they render near-invisible on `coolgray-100 #181818`. This is enforced globally: `h1–h4` all have `dark:text-white` in `app.css`. - -### Default border override - -Tailwind v4 defaults `border-color` to `currentcolor`. Coolify overrides it in `@layer base`: - -```css -*, ::after, ::before, ::backdrop, ::file-selector-button { - border-color: var(--color-coolgray-200, currentcolor); -} -``` - -So any `border` utility without an explicit color gets `coolgray-200 #202020` in dark mode. - -## Typography - -Fonts loaded in `resources/css/fonts.css` (all `woff2`, `font-display: swap`): - -- **Geist Sans** — primary UI font. Variable weight `100 900`. Inter as fallback (static weights 100–900). -- **Geist Mono** — monospace for code, logs, textareas. Variable weight `100 900`. - -Applied via `@theme`: - -```css ---font-sans: 'Geist Sans', Inter, sans-serif; ---font-mono: 'Geist Mono', 'SFMono-Regular', Consolas, 'Liberation Mono', Menlo, monospace; ---font-logs: 'Geist Mono', 'SFMono-Regular', Consolas, 'Liberation Mono', Menlo, monospace; -``` - -### Heading hierarchy (Tailwind utilities) - -| Element | Utility | -|---|---| -| `h1` | `text-3xl font-bold dark:text-white` | -| `h2` | `text-xl font-bold dark:text-white` | -| `h3` | `text-lg font-bold dark:text-white` | -| `h4` | `text-base font-bold dark:text-white` | - -### Body - -| Context | Utility | -|---|---| -| Body default | `text-sm font-sans antialiased` | -| Label | `text-sm font-medium` | -| Badge / status text | `text-xs font-bold` | -| Box description | `text-xs font-bold text-neutral-500` | -| Caption / kbd | `text-xs` | - -## Layout - -Fixed left sidebar layout on desktop. Mobile collapses to a sticky top bar with hamburger menu overlay. - -### Structure - -- **Sidebar** — fixed, `w-56` (14rem / 224px), `hidden lg:flex`. Inner `flex flex-col overflow-y-auto gap-y-5 scrollbar`. Nav `bg-white dark:bg-base border-r`. -- **Main content** — `lg:pl-56` offset. Inner padding `p-4 sm:px-6 lg:px-8 lg:py-6`. -- **Mobile top bar** — `sticky top-0 z-40 lg:hidden` with `bg-white/95 dark:bg-base/95 backdrop-blur-sm`. - -### Spacing scale - -| Token | Value | Use | -|---|---|---| -| `p-2` | 0.5rem | Component internal padding | -| `p-4` | 1rem | Callout padding | -| `py-1.5` | 0.375rem | Input vertical padding | -| `h-8` | 2rem | Button height | -| `px-2` | 0.5rem | Button horizontal padding | -| `gap-2` | 0.5rem | Button gap | -| `px-2 py-1` | 0.25rem / 0.5rem | Menu item padding | -| `gap-3` | 0.75rem | Menu item gap | -| `mb-12` | 3rem | Section margin | -| `min-h-[4rem]` | 4rem | Card min-height | - -No grid system — flex layouts everywhere. - -## Elevation & Depth - -**Flat + tonal.** Hierarchy comes from background color, not shadows. - -### Dark tonal ladder - -``` -#101010 (base) page background - #181818 (coolgray-100) cards, inputs, components - #202020 (coolgray-200) elevated surfaces, borders, nav active - #242424 (coolgray-300) input borders, button borders - #282828 (coolgray-400) tooltips, hover states - #323232 (coolgray-500) subtle overlays -``` - -### Light tonal ladder - -``` -#f9fafb (gray-50) page background - #ffffff (white) cards, inputs, components - #e5e5e5 (neutral-200) borders - #f5f5f5 (neutral-100) hover backgrounds - #d4d4d4 (neutral-300) deeper hover, nav active -``` - -### Shadows (used sparingly) - -- Boxes: `shadow-sm` (`0 1px 2px 0 rgba(0,0,0,0.05)`) -- Toasts: `shadow-[0_5px_15px_-3px_rgb(0_0_0_/_0.08)]` -- Slide-over: `shadow-lg` -- Modal-input: `drop-shadow-sm` - -### Input inset box-shadow system (distinctive) - -Inputs and selects use `box-shadow` instead of `border` — this enables the 4px left dirty-bar indicator: - -```css -/* default */ box-shadow: inset 4px 0 0 transparent, inset 0 0 0 2px #e5e5e5; -/* default dark */ inset 4px 0 0 transparent, inset 0 0 0 2px #242424; -/* focus light */ inset 4px 0 0 #6b16ed, inset 0 0 0 2px #e5e5e5; -/* focus dark */ inset 4px 0 0 #fcd452, inset 0 0 0 2px #242424; -/* dirty (same as focus) — set via wire:dirty.class */ -/* disabled / readonly */ box-shadow: none; -``` - -Variant `input-sticky` uses `1px` outer shadow instead of `2px`. - -### Focus ring (buttons, links, checkboxes, non-input) - -`focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-coollabs dark:focus-visible:ring-warning focus-visible:ring-offset-2 dark:focus-visible:ring-offset-base` - -## Shapes - -- **Default** — `rounded-sm` (2px). Everything: inputs, buttons, cards, modals, toasts, dropdowns. -- **Coolbox** — `rounded` (4px). Alternate card style with ring-hover. -- **Callouts** — `rounded-lg` (8px). Only exception to the sharp rule. -- **Badges / deprecated badge / pills / avatars** — `rounded-full`. - -Never mix radii within the same view. - -## Components - -All component classes live in `resources/css/utilities.css` as `@utility` blocks, consumed by Blade components under `resources/views/components/`. - -### Forms - -#### Button - -Utility `.button` (`resources/css/utilities.css`): - -``` -flex gap-2 justify-center items-center px-2 h-8 text-sm text-black normal-case rounded-sm border-2 outline-0 cursor-pointer font-medium bg-white border-neutral-200 hover:bg-neutral-100 dark:bg-coolgray-100 dark:text-white dark:hover:text-white dark:hover:bg-coolgray-200 dark:border-coolgray-300 hover:text-black disabled:cursor-not-allowed min-w-fit dark:disabled:text-neutral-600 disabled:border-transparent disabled:hover:bg-transparent disabled:bg-transparent disabled:text-neutral-300 focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-coollabs dark:focus-visible:ring-warning focus-visible:ring-offset-2 dark:focus-visible:ring-offset-base -``` - -Attribute variants (in `app.css`): - -- `button[isHighlighted]` → `text-coollabs-200 dark:text-white bg-coollabs-50 dark:bg-coollabs/20 border-coollabs dark:border-coollabs-100 hover:bg-coollabs hover:text-white dark:hover:bg-coollabs-100 dark:hover:text-white` -- `button[isError]` → `text-red-800 dark:text-red-300 bg-red-50 dark:bg-red-900/30 border-red-300 dark:border-red-800 hover:bg-red-300 hover:text-white dark:hover:bg-red-800 dark:hover:text-white` - -Loading: `` — inline `w-4 h-4 dark:text-warning animate-spin` SVG. - -#### Input - -Utility chain `.input-select` → `.input`: - -``` -block py-1.5 w-full text-sm text-black rounded-sm border-0 dark:bg-coolgray-100 dark:text-white disabled:bg-neutral-200 disabled:text-neutral-500 dark:disabled:bg-coolgray-100/40 placeholder:text-neutral-300 dark:placeholder:text-neutral-700 read-only:text-neutral-500 read-only:bg-neutral-200 dark:read-only:text-neutral-500 dark:read-only:bg-coolgray-100/40 focus-visible:outline-none -``` - -Plus the inset box-shadow system (see Elevation). Password variant: `.input[type="password"]` gets `pr-[2.4rem]` for the eye icon. - -**Dirty indicator.** Livewire sets the focus-colored shadow via `wire:dirty.class`: - -```blade -wire:dirty.class="[box-shadow:inset_4px_0_0_#6b16ed,inset_0_0_0_2px_#e5e5e5] dark:[box-shadow:inset_4px_0_0_#fcd452,inset_0_0_0_2px_#242424]" -``` - -Variant `.input-sticky` — same shape, `1px` outer shadow (thinner border). - -#### Select - -Extends `.input-select` + custom SVG dropdown arrow: - -```css -background-image: url("data:image/svg+xml,...stroke='%23000000'..."); -padding-right: 2.5rem; -``` - -Dark mode swaps the SVG stroke to `%23ffffff`. - -#### Checkbox - -Input class: -``` -dark:border-neutral-700 text-coolgray-400 dark:bg-coolgray-100 rounded-sm cursor-pointer dark:disabled:bg-base dark:disabled:cursor-not-allowed focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-coollabs dark:focus-visible:ring-warning focus-visible:ring-offset-2 dark:focus-visible:ring-offset-base -``` - -Container: -``` -form-control flex max-w-full flex-row items-center gap-4 py-1 pr-2 dark:hover:bg-coolgray-100 cursor-pointer -``` - -#### Textarea - -Uses the same `input` utility + `font-mono` + dirty-bar via `wire:dirty.class` (identical to input). Optional `@keydown.tab=handleKeydown` inserts 2 spaces on Tab. - -#### Copy-Button - -`resources/views/components/forms/copy-button.blade.php` — readonly `.input` with an absolute-positioned copy icon right-side. Copied state shows a green check (`text-green-500`) for 1 second. Only renders in secure contexts (`window.isSecureContext`). - -### Containers - -#### Box - -Utility `.box`: -``` -relative flex lg:flex-row flex-col p-2 transition-colors cursor-pointer min-h-[4rem] dark:bg-coolgray-100 shadow-sm bg-white border text-black dark:text-white hover:text-black border-neutral-200 dark:border-coolgray-300 hover:bg-neutral-100 dark:hover:bg-coollabs-100 dark:hover:text-white hover:no-underline rounded-sm -``` - -**Critical child text rule.** On dark hover, background becomes purple `#7317ff` — description text `#737373` disappears. Utilities `.box-title` and `.box-description` include `dark:group-hover:text-white group-hover:text-black` to flip text contrast. - -Variants: `.box-boarding`, `.box-without-bg`, `.box-without-bg-without-border`. - -#### Coolbox - -Utility `.coolbox`: -``` -relative flex transition-all duration-150 dark:bg-coolgray-100 bg-white p-2 rounded border border-neutral-200 dark:border-coolgray-400 hover:ring-2 dark:hover:ring-warning hover:ring-coollabs cursor-pointer min-h-[4rem] -``` - -Distinguished by `rounded` (4px, not 2px) and **ring-hover** instead of background change. - -### Status & Badges - -#### Badge base - -``` -inline-block w-3 h-3 text-xs font-bold rounded-full leading-none border border-neutral-200 dark:border-black -``` - -Fill utilities: `.badge-success` (`bg-success`), `.badge-warning` (`bg-warning`), `.badge-error` (`bg-error`). Dashboard variant `.badge-dashboard` is `absolute top-1 right-1 w-2.5 h-2.5`. - -#### Status indicator pattern - -Badge + label side-by-side. Components in `resources/views/components/status/`: - -| Component | Badge | Text color | Loading? | -|---|---|---|---| -| `status/running` | `badge-success` | `text-success` (`#22C55E`) | Swaps to `badge-warning` while checking proxy | -| `status/degraded` | `badge-warning` | `dark:text-warning` (`#fcd452`) | `` + `wire:loading.delay.longer` | -| `status/restarting` | `badge-warning` | `dark:text-warning` | `` | -| `status/stopped` | `badge-error` | `text-error` (`#dc2626`) | `` | - -Layout: `
` → badge → `
{label}
` → optional `({health})` in same color. - -#### Deprecated Badge - -`resources/views/components/deprecated-badge.blade.php`: -``` -px-2 py-0.5 text-xs font-medium leading-normal rounded-full bg-warning/15 text-warning border border-warning/30 -``` - -#### Tag - -Utility `.tag`: -``` -px-2 py-1 cursor-pointer box-description dark:bg-coolgray-100 dark:hover:bg-coolgray-300 bg-neutral-100 hover:bg-neutral-200 -``` - -### Overlays - -#### Callout - -Four types (`warning`, `danger`, `info`, `success`). Base: `relative p-4 border rounded-lg`. - -| Type | Background | Border | Title text | Body text | -|---|---|---|---|---| -| warning | `bg-warning-50 dark:bg-warning-900/30` | `border-warning-300 dark:border-warning-800` | `text-warning-800 dark:text-warning-300` | `text-warning-700 dark:text-warning-200` | -| danger | `bg-red-50 dark:bg-red-900/30` | `border-red-300 dark:border-red-800` | `text-red-800 dark:text-red-300` | `text-red-700 dark:text-red-200` | -| info | `bg-blue-50 dark:bg-blue-900/30` | `border-blue-300 dark:border-blue-800` | `text-blue-800 dark:text-blue-300` | `text-blue-700 dark:text-blue-200` | -| success | `bg-green-50 dark:bg-green-900/30` | `border-green-300 dark:border-green-800` | `text-green-800 dark:text-green-300` | `text-green-700 dark:text-green-200` | - -Icon colors (600 light / 400 dark) match type. - -#### Modal (input variant) - -`resources/views/components/modal.blade.php`: -``` -relative w-full lg:w-auto lg:min-w-2xl lg:max-w-4xl border rounded-sm drop-shadow-sm bg-white border-neutral-200 dark:bg-base dark:border-coolgray-300 flex flex-col -``` - -Backdrop: `bg-black/20 backdrop-blur-xs`. Close button: `w-8 h-8 rounded-full hover:bg-neutral-100 dark:hover:bg-coolgray-300` top-right, 24px `stroke-width=1.5` X icon. - -#### Modal Confirmation - -`resources/views/components/modal-confirmation.blade.php` — destructive-action 2-or-3-step wizard (checkboxes → confirm text → password): -``` -relative w-full border rounded-none sm:rounded-sm min-w-full lg:min-w-[36rem] max-w-full sm:max-w-[48rem] h-screen sm:h-auto max-h-screen sm:max-h-[calc(100vh-2rem)] bg-neutral-100 border-neutral-400 dark:bg-base dark:border-coolgray-300 flex flex-col -``` - -Uses `` for warning. Password step hidden for OAuth users. - -#### Confirm Modal - -`resources/views/components/confirm-modal.blade.php` — Livewire-bound simpler confirm dialog. - -#### Popup / Popup-Small - -Fixed bottom-right notification card with title / description / action button. `bg-white dark:bg-coolgray-100 border dark:border-coolgray-300 shadow-lg sm:rounded-sm`. Popup is responsive max-w-4xl, Popup-Small is `max-w-[46rem]`. - -#### Slide-Over - -`resources/views/components/slide-over.blade.php`: - -Outer: `fixed inset-y-0 right-0 flex max-w-full pl-10` - -Panel: `max-w-xl w-screen flex flex-col h-full py-6 overflow-hidden border-l shadow-lg bg-neutral-50 dark:bg-base dark:border-neutral-800 border-neutral-200` - -#### Toast - -`resources/views/components/toast.blade.php` — Alpine-powered stacked toast system. - -- Container: `fixed ... sm:max-w-xs z-9999`, positioned via `position` param (`top-right` / `top-left` / `top-center` / `bottom-right` / `bottom-left` / `bottom-center`). -- Toast shell: `relative flex flex-col items-start shadow-[0_5px_15px_-3px_rgb(0_0_0_/_0.08)] w-full dark:bg-coolgray-100 bg-white dark:border dark:border-coolgray-200 rounded-sm sm:max-w-xs`. -- Stacks up to 4 (oldest gets scale 82% then burns). -- Auto-dismiss after 4 s. Hover on container pauses dismissal and expands stack. -- HTML payload sanitized via `window.sanitizeHTML` (XSS guard). -- Per-toast copy-to-clipboard + close buttons. - -Icon colors: - -| Type | Class | -|---|---| -| success | `text-green-500` | -| info | `text-blue-500` | -| warning | `text-orange-400` | -| danger | `text-red-500` | -| default | `text-gray-800` | - -#### Helper / Tooltip - -`resources/views/components/helper.blade.php`. Icon utility `.info-helper`: -``` -cursor-pointer text-coollabs dark:text-warning -``` - -Popup utility `.info-helper-popup`: -``` -hidden absolute z-40 text-xs rounded-sm text-neutral-700 group-hover:block dark:border-coolgray-500 border-neutral-900 dark:bg-coolgray-400 bg-neutral-200 dark:text-neutral-300 max-w-sm whitespace-normal break-words -``` - -Shown on parent `.group:hover`. Supports rich HTML (links colored `text-coollabs dark:text-warning underline`). - -### Navigation - -#### Sidebar / Navbar - -Component: `resources/views/components/navbar.blade.php`. - -Root nav: `flex flex-col flex-1 px-2 bg-white border-r dark:border-coolgray-200 border-neutral-300 dark:bg-base` - -Menu list: `flex flex-col flex-1 gap-y-7` → inner `flex flex-col h-full space-y-1.5`. - -Utility `.menu-item`: -``` -flex gap-3 items-center px-2 py-1 w-full text-sm dark:hover:bg-coolgray-100 dark:hover:text-white hover:bg-neutral-300 rounded-sm truncate min-w-0 -``` - -Utility `.menu-item-active`: -``` -text-black rounded-sm dark:bg-coolgray-200 dark:text-warning bg-neutral-200 overflow-hidden -``` - -Icon `.menu-item-icon`: `flex-shrink-0 w-6 h-6 dark:hover:text-white`. Sub-items use `gap-2` + `w-4 h-4` icons. - -#### Breadcrumbs - -`resources/views/components/resources/breadcrumbs.blade.php` — project → environment → resource trail. Desktop: `