phasehq / console Goto Github PK
View Code? Open in Web Editor NEWApplication secrets and configuration management for developers.
Home Page: https://phase.dev
License: Other
Application secrets and configuration management for developers.
Home Page: https://phase.dev
License: Other
When multiple tokens are created, particularly tokens with no expiry, its impossible to know which tokens are actually in use.
last_used_at
field to the Service Token model and update this value when it is used either by the CLI / SDK / APIThis could be merged with #114 as some of the model and schema changes will overlap
Currently, input masking is handled by the browser by leveraging the html input type="password"
attribute. Which this handles masking well, it introduces a few problems
Use a password font such as this one to mask inputs.
Manually replacing masked characters with *
or โข
symbols. While this masks characters, it creates several other issues such as managing the value vs displayValue of inputs, removing the ability to manually copy values, etc
Alternative approaches are welcome
Navigating to an app and environment requires several clicks.
Add a tree list of apps and envs in the sidebar that the user has access to. Under the "Apps" item:
Apps
|
|--App 1
| |
| |-- Dev
| |-- Staging
|
|--App 2
| |-- Dev
|
|--App 3
| |
| |-- Dev
| |-- Staging
| |-- Production
On slower systems it takes a while to unlock the keyring, would be helpful to have a indicator.
In you replace-variable.sh
you are string replacing every *.js
file instead of matches with BAKED_
.
Run the output of find
through grep
for a significant speed up.
Thank you for your post on build one run many post.
Pipe the output of find through grep. This way you are running sed
only on matching files
in
change:
find /app/public /app/.next -type f -name "*.js" |
while read file; do
to
find /app/public /app/.next -type f -name "*.js" | xargs grep -i -l "BAKED_" |
while read file; do
It would be great to introduce a new feature where the create secret API returns the ID of the newly created secret instead of the generic message "Created 1 secrets". Also the id also can be used to directly retrieve the secret data.
Currently there is no way to filer audit logs.
Add drop-down selection to application audit logs screen for the following potential filters:
Currently it is possible add a blank space while naming a key belonging to a secret. This can cause issues.
Don't allow blank space ' ' characters. While the user is typing a key name automatically replace each space character ' ' with an underscore '_'.
Here's a generic regex expression that is in compliance with the dotenv convention:
^[A-Z][A-Z0-9_]*(_[A-Z0-9]+)*$
Currently there is no meta image.
The Phase Console login screen UI is has scaling issues on mobile.
Make sure the login screen is responsive on devices with smaller screens.
If applicable, add screenshots to help explain your problem.
Add any other context about the problem here.
When a secret's path is updated via the CLI / API / SDK, an update event is shown in the UI but the diff of the previous vs current path is not shown
Steps to reproduce the behavior:
The difference between the previous and current path should be displayed
The app card currently shows no information about any integrations that might exist for the given app
Show a list of icons representing any thirdy party integrations that are set up for the app. The list can be truncated to 3-4 items with a +n
for apps with several integrations
There could also be a small count tag against each icon to denote multiple syncs for a given service, for example gitlab (2)
, vault
, nomad (3)
etc
Currently all log events created by Service Tokens are displayed as ๐ Service token
which makes it hard to trace access.
View this secret
to view the Service Token in the App > Service Tokens screenOverlapping icon
Steps to reproduce the behavior:
Only one eye icon should be displayed
Browser - Windows Edge
OS - Windows
Frontend container throws Axios ECONNREFUSED on login with GitHub (out of the box config)
AxiosError: connect ECONNREFUSED 127.0.0.1:443
I'm a new user trying out the platform on local.
I'm following the docker compose docs at https://docs.phase.dev/self-hosting/docker-compose.
Configured GitHub OAuth app with Authorization callback URL as https://localhost/api/auth/callback/github
Updated .env with auth keys, spun up with docker-compose -f docker-compose.yml up -d
Frontend container throws:
AxiosError: connect ECONNREFUSED 127.0.0.1:443
or
AxiosError: connect ECONNREFUSED 127.0.0.1:80
if I change the protocol to http
Steps to reproduce the behavior:
docker-compose -f docker-compose.yml up -d
https://localhost/api/auth/error?error=Callback
with 302 statushttps://localhost/api/auth/signin?error=Callback
with 302 statushttps://localhost/login?callbackUrl=https%3A%2F%2Flocalhost%2F&error=Callback
AxiosError: connect ECONNREFUSED 127.0.0.1:443
docker-compose version 1.29.2, build 5becea4c
โฏ docker version
Client:
Version: 20.10.16
API version: 1.41
Go version: go1.17.10
Git commit: aa7e414
OS/Arch: darwin/arm64
Server: Docker Desktop 4.9.1 (81317)
Engine:
Version: 20.10.16
Create a new nginx config that doesn't use https for local docker compose dev environment.
Input fields allow users to input very lengthy strings, causing the UI of the application to break.
Steps to reproduce the behavior:
The input validation should restrict the number of characters I put in the input field.
User Dashboard
We've recently set up Phase alongside Google OAuth, but the initial login refuses to work. When I try to login, the app fails to redirect to the correct callback URL, causing "Secure Connection Failed". Here's the logs from the Frontend:
[next-auth][error][OAUTH_CALLBACK_ERROR]
https://next-auth.js.org/errors#oauth_callback_error invalid_grant (Bad Request) {
error: OPError: invalid_grant (Bad Request)
at processResponse (/app/node_modules/openid-client/lib/helpers/process_response.js:38:13)
at Client.grant (/app/node_modules/openid-client/lib/client.js:1327:22)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Client.callback (/app/node_modules/openid-client/lib/client.js:476:24)
at async oAuthCallback (/app/node_modules/next-auth/core/lib/oauth/callback.js:109:16)
at async Object.callback (/app/node_modules/next-auth/core/routes/callback.js:52:11)
at async AuthHandler (/app/node_modules/next-auth/core/index.js:208:28)
at async NextAuthApiHandler (/app/node_modules/next-auth/next/index.js:22:19)
at async K (/app/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16545)
at async U.render (/app/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16981) {
name: 'OAuthCallbackError',
code: undefined
},
providerId: 'google',
message: 'invalid_grant (Bad Request)'
}
While I can also see in the backend logs, after enabling debug mode, that the user data comes through just fine from Google. There's something failing at the frontend since I can confirm that the configuration is correct.
Environment:
NEXT_PUBLIC_BACKEND_API_BASE=https://phase.site.com/service
NEXTAUTH_URL=https://phase.site.com
NEXTAUTH_SECRET=areallylongsecret
NEXT_TELEMETRY_DISABLED=1
NEXT_PUBLIC_NEXTAUTH_PROVIDERS=google
OAUTH_REDIRECT_URI=https://phase.site.com
Do let me know if any more information is required.
Steps to reproduce the behavior:
The user is logged in.
Secrets can be created with references to other secrets in the same or other environments.
For example:
PROFILE_API=${API_BASE_URL}/profile
or
HEALTH_ENDPOINT=${production.BASE_URL}/health
Creating these references are error prone since they are cases sensitive and a single character mistake can lead to a broken reference.
An autocomplete dropdown that shows suggestions based on the characters entered after the ${
to start a reference. For example, if creating a secret with the value:
PROFILE_API=${AP
The dropdown should match and suggest completions:
PROFILE_API=${AP...
API_BASE_URL
API_TOKEN
This should ideally work across environments as well, however this comes with significant complexity as secrets in other environments must be fetched and decrypted for this to work, and access to other environments will depend on the logged in user and role.
It would also be helpful to be able to highlight referenced secrets in the editor, so the user can visually confirm that the reference is correct.
PROFILE_API=${API_BASE_URL}/profile
Hovering a reference could also show the referenced value in a tooltip
After inputing a team name in step one, the user only discovers that this team name is not available after clicking the finish button in step 3. This user experience is a little poor, since the user will continuessly navigate between the first step and last step and will also have to wait for some time (depending on their network speed) in step 3 before getting that error.
User should see team name availability as they type in the team name. Something similar to typing in a new repo name in Github
Importing secrets from an existing .env file is only possible via the Phase CLI currently.
Add the ability to drag and drop / click to select a .env file to import secrets into Phase. When there are no secrets present, it should be the primary empty state:
Making changes to secrets currently shows a "You have undeployed changes to this environment." warning banner and an amber highlight to affected secrets, but it can be difficult to determine what changes were made other than which secrets are affected.
Clicking the warning banner should show a modal with details of secrets affected, with diffs of specific properties changed, such as tags, comments, etc. For example:
GOOGLE_CLIENT_ID
TEST
SESSION_COOKIE_DOMAIN
Ideally, something inspired by VSCode's diffs would be great:
Allow apps keys to be recovered once an app has been deleted.
when a tag is added/updated in the secret an update event can be seen using the history dialog box.
When the same is done below UI problem is observed
There must be a proper symmetric UI with some descriptive text
OS: Linux (Debain)
Browser: Firefox
N/A
Add the ability to delete your team / organisation
For managing and deleting teams:
Please create a DB_USER when demo secret when the "Create example secrets" toggle is on.
Currently users need to manually visit /signup
to create a new organisation if they are a member of an existing org.
The Email templates need several improvements
All email templates need a rework:
https://github.com/phasehq/console/tree/main/backend/api/templates/backend/api/email_templates
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.