Skip to content

Add docker registry credentials store and app-level selection #7790

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
prem-prakash wants to merge 4 commits into
base: next
Choose a base branch
from
Open

Add docker registry credentials store and app-level selection #7790

prem-prakash wants to merge 4 commits into from

Conversation

@prem-prakash
Copy link

@prem-prakash prem-prakash commented Dec 28, 2025
edited
Loading

/claim #2499

🎯 Partial Implementation: Docker Registry Credential Store

This PR implements the credential storage portion of #2499, providing a solid foundation for Docker registry authentication while deferring the image management UI to a future PR.

📦 What's Included

This PR addresses the credential store requirements from #2499:

✅ Credential Storage & Management

  • Store Docker registry credentials (username, password, registry URL)
  • Associate credentials with applications via application selector
  • Secure password encryption (using Laravel's encrypted casts)
  • UI for creating and editing registry credentials
  • Ability to clear credentials (both username and password)

✅ Validation Improvements

  • Fixed asymmetric validation where only one field would show errors
  • Proper "both or neither" validation for username/password pairs
  • Consistent error messages on both fields when incomplete
  • Input trimming and empty string → null conversion

✅ Test Coverage

  • 4 feature tests covering create/edit flows (DockerRegistryLivewireTest)
  • 2 unit tests for deployment integration (ApplicationDeploymentJobDockerRegistryLoginTest)
  • 6 tests total, 31 assertions - all passing ✅

🎥 Demo Video

Videos.Library.Loom.-.28.December.2025.fe45d731a47c49ee85c556ae5a9d62f9.mp4

🔧 Technical Changes

Backend:

  • app/Livewire/Security/DockerRegistry/Create.php - Removed required_with validation, added explicit null checks
  • app/Livewire/Security/DockerRegistry/Show.php - Fixed credential change validation to error both fields
  • app/Models/DockerRegistry.php - Model-level trimming via booted() hook (already existed)

Tests:

  • tests/Feature/DockerRegistryLivewireTest.php - Comprehensive Livewire component tests
  • tests/Unit/ApplicationDeploymentJobDockerRegistryLoginTest.php - Deployment integration tests

📋 What's NOT Included (Future PR)

This PR intentionally excludes the image management UI portion of #2499:

❌ Deferred to Future PR:

  • Docker image browsing/listing from registries
  • Image tag selection UI
  • Image search and filtering
  • Interactive image selector component

🤔 Why Partial Implementation?

  1. Smaller, focused PR - Easier to review, test, and merge (167 lines vs potential 500+)
  2. Foundation first - Credentials are prerequisite for image management
  3. Lower risk - Credential storage is well-defined; image UI needs UX discussion
  4. Faster value - Users can start using private registries immediately
  5. Iterative approach - Validate credential foundation before building complex UI

🚀 Immediate Value

Users can now:

  • ✅ Store credentials for private Docker registries (GitHub Container Registry, Docker Hub, etc.)
  • ✅ Authenticate with registries during application deployments
  • ✅ Manage multiple registry credential sets per team
  • ✅ Associate different credentials with different applications

📝 Testing

All tests passing locally and aligned with codebase patterns:

$ spin exec coolify php artisan test --filter "DockerRegistry"
PASS  Tests\Unit\ApplicationDeploymentJobDockerRegistryLoginTest
PASS  Tests\Feature\DockerRegistryLivewireTest
Tests:  6 passed (31 assertions)

Test coverage includes:

  • Creating registries with trimmed credentials ✅
  • Validation requiring both username and password ✅
  • Clearing credentials (both fields) ✅
  • Changing credentials with proper validation ✅
  • Deployment integration when credentials present/missing ✅

🎯 Next Steps

After this PR merges, the image management UI (#2499 remaining portion) can be built on top of this credential foundation in a separate PR.

Related: Partially addresses #2499 (credential store only; image management deferred)

@gitguardian
Copy link

gitguardian bot commented Dec 28, 2025
edited
Loading

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
While these secrets were previously flagged, we no longer have a reference to the
specific commits where they were detected. Once a secret has been leaked into a git
repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@prem-prakash prem-prakash mentioned this pull request Dec 28, 2025
Open
@prem-prakash prem-prakash force-pushed the fix-docker-registry-credentials branch from f02e811 to 9496998 Compare December 28, 2025 03:50
@prem-prakash @claude
fix(registry): improve docker registry credential validation
2e69c51 
- Remove `required_with` validation rules that caused asymmetric errors
- Add explicit null checks after trimming for clearer validation logic
- Fix Show component to add errors to both fields when credentials incomplete
- Add comprehensive tests for create/edit flows and credential handling
- Use stdClass in unit tests to avoid encryption issues

Changes:
- Create.php: Replace `required_with` with custom validation after trim
- Show.php: Combine credential checks to ensure both fields error together
- Added DockerRegistryLivewireTest.php with 4 feature tests (24 assertions)
- Added ApplicationDeploymentJobDockerRegistryLoginTest.php with 2 unit tests

All tests passing (6 tests, 31 assertions).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
@prem-prakash prem-prakash mentioned this pull request Dec 28, 2025
Open
9 tasks
@algora-pbc algora-pbc bot added the 🙋 Bounty claim Issues or PRs that have a Bounty ready to be claimed. label Dec 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

🙋 Bounty claim Issues or PRs that have a Bounty ready to be claimed.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@prem-prakash