cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: architecture cleanup — OIDC dedup, PKCE, K8s hardening
Some checks failed
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 1m6s
Details
CI / docker (push) Successful in 59s
Details
CI / deploy-feature (push) Has been skipped
Details
CI / deploy (push) Failing after 2m59s
Details

Browse Source 
- Extract OidcProviderHelper for shared discovery + JWK source construction
- Add SystemRole.normalizeScope() to centralize role normalization
- Merge duplicate claim extraction in OidcTokenExchanger
- Add PKCE (S256) to OIDC authorization flow (frontend + backend)
- Add SecurityContext (runAsNonRoot) to all K8s deployments
- Fix postgres probe to use $POSTGRES_USER instead of hardcoded username
- Remove default credentials from Dockerfile
- Extract sanitize_branch() to shared .gitea/sanitize-branch.sh
- Fix sidebar to use /exchanges/ paths directly, remove legacy redirects
- Centralize basePath computation in router.tsx via config module

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-06 21:57:29 +02:00
parent 07ff576eb6
commit c502a42f17
19 changed files with 191 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ui/src/components/sidebar-utils.ts
View File

@@ -58,7 +58,7 @@ export function writeCollapsed(key: string, value: boolean): void {
/**
* Apps tree — one node per app, routes as children.
* Paths: /apps/{appId}, /apps/{appId}/{routeId}
* Paths: /exchanges/{appId}, /exchanges/{appId}/{routeId}
*/
export function buildAppTreeNodes(
apps: SidebarApp[],
@@ -72,7 +72,7 @@ export function buildAppTreeNodes(
label: app.name,
icon: statusDot(app.health),
badge: formatCount(app.exchangeCount),
path: `/apps/${app.id}`,
path: `/exchanges/${app.id}`,
starrable: true,
starKey: `app:${app.id}`,
children: app.routes.map((r) => ({