rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/resources/views/livewire/source/github/create.blade.php
Andras Bacsai a69339804c feat: add warnings for system-wide GitHub Apps 
Added warning callouts to inform users that system-wide GitHub Apps are not recommended for security reasons.

Changes:
- Added warning callout in Create view when system-wide checkbox is enabled
- Added warning callout in Change view when GitHub App is system-wide
- Warning explains that system-wide apps are shared across all teams and can access repositories from any team
- Recommends creating team-specific GitHub Apps for better security and isolation

The warnings only appear on self-hosted instances where system-wide option is available (not on cloud).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-25 10:50:50 +02:00

63 lines
3.4 KiB
PHP
Raw Blame History

@can('createAnyResource')
<form wire:submit='createGitHubApp' class="flex flex-col w-full gap-2">
<div class="pb-2">This is required, if you would like to get full integration (commit / pull request
deployments, etc)
with GitHub.</div>
<div class="flex gap-2">
<x-forms.input id="name" label="Name" required />
<x-forms.input helper="If empty, your GitHub user will be used."
placeholder="If empty, your GitHub user will be used." id="organization" label="Organization (on GitHub)" />
</div>
@if (!isCloud())
<div class="w-48">
<x-forms.checkbox id="is_system_wide" label="System Wide"
helper="If checked, this GitHub App will be available for everyone in this Coolify instance." />
</div>
@if ($is_system_wide)
<x-callout type="warning" title="Not Recommended">
System-wide GitHub Apps are shared across all teams on this Coolify instance. This means any team can use this GitHub App to deploy applications from your repositories. For better security and isolation, it's recommended to create team-specific GitHub Apps instead.
</x-callout>
@endif
@endif
<div x-data="{
activeAccordion: '',
setActiveAccordion(id) {
this.activeAccordion = (this.activeAccordion == id) ? '' : id
}
}" class="relative w-full py-2 mx-auto overflow-hidden text-sm font-normal rounded-md">
<div x-data="{ id: $id('accordion') }" class="cursor-pointer">
<button @click="setActiveAccordion(id)"
class="flex items-center justify-between w-full px-1 py-2 text-left select-none dark:hover:text-white hover:bg-white/5"
type="button">
<h4>Self-hosted / Enterprise GitHub</h4>
<svg class="w-4 h-4 duration-200 ease-out" :class="{ 'rotate-180': activeAccordion == id }"
viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor"
stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<polyline points="6 9 12 15 18 9"></polyline>
</svg>
</button>
<div x-show="activeAccordion==id" x-collapse x-cloak class="px-2">
<div class="flex flex-col gap-2 pt-0 opacity-70">
<div class="flex gap-2">
<x-forms.input id="html_url" label="HTML Url" required />
<x-forms.input id="api_url" label="API Url" required />
</div>
<div class="flex gap-2">
<x-forms.input id="custom_user" label="Custom Git User" required />
<x-forms.input id="custom_port" type="number" label="Custom Git Port" required />
</div>
</div>
</div>
</div>
</div>
<x-forms.button class="mt-4" type="submit">
Continue
</x-forms.button>
</form>
@else
<x-callout type="warning" title="Permission Required">
You don't have permission to create new GitHub Apps. Please contact your team administrator for access.
</x-callout>
@endcan
Reference in a new issue View git blame Copy permalink