gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 21:41:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: M13 — GUI operations (bulk ops, deployment timeline, policy editor, target wizard, audit export, short-lived creds)

Browse Source 
Bulk certificate operations: multi-select checkboxes on certificates list with
bulk action bar for triggering renewal, revocation (with RFC 5280 reason modal
and progress bar), and owner reassignment across selected certificates.

Deployment status timeline: visual 4-step lifecycle pipeline (Requested → Issued
→ Deploying → Active) on certificate detail page, powered by per-cert job queries
with animated status indicators for active steps and failure states.

Inline policy editor: edit/save/cancel interface on certificate detail page for
changing renewal policy and certificate profile assignments via dropdown selectors
with lazy-loaded policy and profile lists.

Target connector configuration wizard: 3-step modal (Select Type → Configure →
Review) with type-specific configuration fields for NGINX, Apache, HAProxy, F5
BIG-IP, and IIS targets including required field validation.

Audit trail export: CSV and JSON download buttons on audit page with applied
filters preserved in export. Added action filter input for narrower searches.

Short-lived credentials dashboard: new page at /short-lived showing ephemeral
certificates (profile TTL < 1 hour) with live TTL countdown, auto-refresh every
10 seconds, profile lookup, and stats bar (active/expired/profiles).

DataTable enhanced with optional selectable/selectedKeys/onSelectionChange props
for checkbox multi-select with select-all toggle and row highlighting.

Frontend tests expanded from 53 to 79: full API client endpoint coverage for
profiles, owners, teams, agent groups, revocation, approval/rejection, policy
violations, and issuer creation.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Shankar
2026-03-22 15:07:10 -04:00
parent 458a8c2740
commit cc4c59fbdc
11 changed files with 1206 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files
web/src/api/client.test.ts
+249
View File
@@ -10,23 +10,50 @@ import {
triggerDeployment,
updateCertificate,
archiveCertificate,
revokeCertificate,
getAgents,
getAgent,
registerAgent,
getJobs,
cancelJob,
approveRenewal,
rejectRenewal,
getNotifications,
markNotificationRead,
getAuditEvents,
getPolicies,
createPolicy,
updatePolicy,
deletePolicy,
getPolicyViolations,
getIssuers,
createIssuer,
testIssuerConnection,
deleteIssuer,
getTargets,
createTarget,
deleteTarget,
getProfiles,
getProfile,
createProfile,
updateProfile,
deleteProfile,
getOwners,
getOwner,
createOwner,
updateOwner,
deleteOwner,
getTeams,
getTeam,
createTeam,
updateTeam,
deleteTeam,
getAgentGroups,
getAgentGroup,
createAgentGroup,
updateAgentGroup,
deleteAgentGroup,
getAgentGroupMembers,
getHealth,
} from './client';
@@ -209,6 +236,15 @@ describe('API Client', () => {
expect(init.method).toBe('POST');
expect(JSON.parse(init.body)).toEqual({ target_id: 't-nginx' });
});
it('revokeCertificate sends POST with reason', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ status: 'revoked' }));
await revokeCertificate('mc-test', 'keyCompromise');
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/certificates/mc-test/revoke');
expect(init.method).toBe('POST');
expect(JSON.parse(init.body)).toEqual({ reason: 'keyCompromise' });
});
});
// ─── Agents ─────────────────────────────────────────
@@ -357,6 +393,219 @@ describe('API Client', () => {
});
});
// ─── Approval ──────────────────────────────────────
describe('Renewal Approvals', () => {
it('approveRenewal sends POST', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ message: 'approved' }));
await approveRenewal('job-123');
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/jobs/job-123/approve');
expect(init.method).toBe('POST');
});
it('rejectRenewal sends POST with reason', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ message: 'rejected' }));
await rejectRenewal('job-123', 'not authorized');
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/jobs/job-123/reject');
expect(init.method).toBe('POST');
expect(JSON.parse(init.body)).toEqual({ reason: 'not authorized' });
});
});
// ─── Profiles ────────────────────────────────────────
describe('Profiles', () => {
it('getProfiles sends GET', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ data: [], total: 0, page: 1, per_page: 50 }));
await getProfiles();
expect(mockFetch.mock.calls[0][0]).toContain('/api/v1/profiles');
});
it('getProfile fetches by ID', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'prof-1', name: 'Standard' }));
const profile = await getProfile('prof-1');
expect(mockFetch.mock.calls[0][0]).toBe('/api/v1/profiles/prof-1');
expect(profile.id).toBe('prof-1');
});
it('createProfile sends POST', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'prof-new', name: 'New Profile' }));
await createProfile({ name: 'New Profile' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/profiles');
expect(init.method).toBe('POST');
});
it('updateProfile sends PUT', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'prof-1', name: 'Updated' }));
await updateProfile('prof-1', { name: 'Updated' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/profiles/prof-1');
expect(init.method).toBe('PUT');
});
it('deleteProfile sends DELETE', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ message: 'deleted' }));
await deleteProfile('prof-1');
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/profiles/prof-1');
expect(init.method).toBe('DELETE');
});
});
// ─── Owners ──────────────────────────────────────────
describe('Owners', () => {
it('getOwners sends GET', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ data: [], total: 0, page: 1, per_page: 50 }));
await getOwners();
expect(mockFetch.mock.calls[0][0]).toContain('/api/v1/owners');
});
it('getOwner fetches by ID', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'o-alice', name: 'Alice' }));
const owner = await getOwner('o-alice');
expect(mockFetch.mock.calls[0][0]).toBe('/api/v1/owners/o-alice');
expect(owner.name).toBe('Alice');
});
it('createOwner sends POST', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'o-new', name: 'Bob' }));
await createOwner({ name: 'Bob', email: 'bob@example.com' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/owners');
expect(init.method).toBe('POST');
});
it('updateOwner sends PUT', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'o-alice', name: 'Alice Updated' }));
await updateOwner('o-alice', { name: 'Alice Updated' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/owners/o-alice');
expect(init.method).toBe('PUT');
});
it('deleteOwner sends DELETE', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ message: 'deleted' }));
await deleteOwner('o-alice');
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/owners/o-alice');
expect(init.method).toBe('DELETE');
});
});
// ─── Teams ───────────────────────────────────────────
describe('Teams', () => {
it('getTeams sends GET', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ data: [], total: 0, page: 1, per_page: 50 }));
await getTeams();
expect(mockFetch.mock.calls[0][0]).toContain('/api/v1/teams');
});
it('getTeam fetches by ID', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 't-platform', name: 'Platform' }));
const team = await getTeam('t-platform');
expect(mockFetch.mock.calls[0][0]).toBe('/api/v1/teams/t-platform');
expect(team.name).toBe('Platform');
});
it('createTeam sends POST', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 't-new', name: 'New Team' }));
await createTeam({ name: 'New Team' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/teams');
expect(init.method).toBe('POST');
});
it('updateTeam sends PUT', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 't-platform', name: 'Updated' }));
await updateTeam('t-platform', { name: 'Updated' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/teams/t-platform');
expect(init.method).toBe('PUT');
});
it('deleteTeam sends DELETE', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ message: 'deleted' }));
await deleteTeam('t-platform');
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/teams/t-platform');
expect(init.method).toBe('DELETE');
});
});
// ─── Agent Groups ────────────────────────────────────
describe('Agent Groups', () => {
it('getAgentGroups sends GET', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ data: [], total: 0, page: 1, per_page: 50 }));
await getAgentGroups();
expect(mockFetch.mock.calls[0][0]).toContain('/api/v1/agent-groups');
});
it('getAgentGroup fetches by ID', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'ag-linux', name: 'Linux Servers' }));
const group = await getAgentGroup('ag-linux');
expect(mockFetch.mock.calls[0][0]).toBe('/api/v1/agent-groups/ag-linux');
expect(group.name).toBe('Linux Servers');
});
it('createAgentGroup sends POST', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'ag-new', name: 'New Group' }));
await createAgentGroup({ name: 'New Group' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/agent-groups');
expect(init.method).toBe('POST');
});
it('updateAgentGroup sends PUT', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'ag-linux', name: 'Updated' }));
await updateAgentGroup('ag-linux', { name: 'Updated' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/agent-groups/ag-linux');
expect(init.method).toBe('PUT');
});
it('deleteAgentGroup sends DELETE', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ message: 'deleted' }));
await deleteAgentGroup('ag-linux');
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/agent-groups/ag-linux');
expect(init.method).toBe('DELETE');
});
it('getAgentGroupMembers fetches members', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ data: [], total: 0, page: 1, per_page: 50 }));
await getAgentGroupMembers('ag-linux');
expect(mockFetch.mock.calls[0][0]).toBe('/api/v1/agent-groups/ag-linux/members');
});
});
// ─── Policy Violations ───────────────────────────────
describe('Policy Violations', () => {
it('getPolicyViolations sends GET', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ data: [], total: 0, page: 1, per_page: 50 }));
await getPolicyViolations('pol-1');
expect(mockFetch.mock.calls[0][0]).toBe('/api/v1/policies/pol-1/violations');
});
});
// ─── Issuer Create ───────────────────────────────────
describe('Issuer Create', () => {
it('createIssuer sends POST', async () => {
mockFetch.mockReturnValueOnce(mockJsonResponse({ id: 'iss-new', name: 'New Issuer' }));
await createIssuer({ name: 'New Issuer', type: 'local_ca' });
const [url, init] = mockFetch.mock.calls[0];
expect(url).toBe('/api/v1/issuers');
expect(init.method).toBe('POST');
});
});
// ─── Audit ──────────────────────────────────────────
describe('Audit', () => {
web/src/components/DataTable.tsx
+62 -14
View File
@@ -12,9 +12,12 @@ interface DataTableProps<T> {
emptyMessage?: string;
isLoading?: boolean;
keyField?: string;
selectable?: boolean;
selectedKeys?: Set<string>;
onSelectionChange?: (keys: Set<string>) => void;
}
export default function DataTable<T>({ columns, data, onRowClick, emptyMessage, isLoading, keyField = 'id' }: DataTableProps<T>) {
export default function DataTable<T>({ columns, data, onRowClick, emptyMessage, isLoading, keyField = 'id', selectable, selectedKeys, onSelectionChange }: DataTableProps<T>) {
if (isLoading) {
return (
<div className="flex items-center justify-center py-16 text-slate-400">
@@ -35,11 +38,41 @@ export default function DataTable<T>({ columns, data, onRowClick, emptyMessage,
);
}
const allKeys = data.map((item) => (item as Record<string, unknown>)[keyField] as string);
const allSelected = selectable && selectedKeys && allKeys.length > 0 && allKeys.every(k => selectedKeys.has(k));
const toggleAll = () => {
if (!onSelectionChange) return;
if (allSelected) {
onSelectionChange(new Set());
} else {
onSelectionChange(new Set(allKeys));
}
};
const toggleOne = (key: string) => {
if (!onSelectionChange || !selectedKeys) return;
const next = new Set(selectedKeys);
if (next.has(key)) next.delete(key);
else next.add(key);
onSelectionChange(next);
};
return (
<div className="overflow-x-auto">
<table className="w-full text-sm">
<thead>
<tr className="border-b-2 border-slate-700">
{selectable && (
<th className="px-3 py-3 w-10">
<input
type="checkbox"
checked={allSelected || false}
onChange={toggleAll}
className="rounded border-slate-600 bg-slate-900 text-blue-600 focus:ring-blue-500 focus:ring-offset-0 cursor-pointer"
/>
</th>
)}
{columns.map(col => (
<th key={col.key} className={`px-4 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider ${col.className || ''}`}>
{col.label}
@@ -48,19 +81,34 @@ export default function DataTable<T>({ columns, data, onRowClick, emptyMessage,
</tr>
</thead>
<tbody>
{data.map((item, i) => (
<tr
key={(item as Record<string, unknown>)[keyField] as string ?? `row-${i}`}
onClick={() => onRowClick?.(item)}
className={`border-b border-slate-700/50 transition-colors hover:bg-blue-500/5 ${onRowClick ? 'cursor-pointer' : ''}`}
>
{columns.map(col => (
<td key={col.key} className={`px-4 py-3 ${col.className || ''}`}>
{col.render(item)}
</td>
))}
</tr>
))}
{data.map((item, i) => {
const rowKey = (item as Record<string, unknown>)[keyField] as string ?? `row-${i}`;
const isSelected = selectable && selectedKeys?.has(rowKey);
return (
<tr
key={rowKey}
onClick={() => onRowClick?.(item)}
className={`border-b border-slate-700/50 transition-colors hover:bg-blue-500/5 ${onRowClick ? 'cursor-pointer' : ''} ${isSelected ? 'bg-blue-500/10' : ''}`}
>
{selectable && (
<td className="px-3 py-3 w-10">
<input
type="checkbox"
checked={isSelected || false}
onChange={(e) => { e.stopPropagation(); toggleOne(rowKey); }}
onClick={(e) => e.stopPropagation()}
className="rounded border-slate-600 bg-slate-900 text-blue-600 focus:ring-blue-500 focus:ring-offset-0 cursor-pointer"
/>
</td>
)}
{columns.map(col => (
<td key={col.key} className={`px-4 py-3 ${col.className || ''}`}>
{col.render(item)}
</td>
))}
</tr>
);
})}
</tbody>
</table>
</div>
web/src/components/Layout.tsx
+1
View File
@@ -14,6 +14,7 @@ const nav = [
{ to: '/owners', label: 'Owners', icon: 'M16 7a4 4 0 11-8 0 4 4 0 018 0zM12 14a7 7 0 00-7 7h14a7 7 0 00-7-7z' },
{ to: '/teams', label: 'Teams', icon: 'M17 20h5v-2a3 3 0 00-5.356-1.857M17 20H7m10 0v-2c0-.656-.126-1.283-.356-1.857M7 20H2v-2a3 3 0 015.356-1.857M7 20v-2c0-.656.126-1.283.356-1.857m0 0a5.002 5.002 0 019.288 0M15 7a3 3 0 11-6 0 3 3 0 016 0zm6 3a2 2 0 11-4 0 2 2 0 014 0zM7 10a2 2 0 11-4 0 2 2 0 014 0z' },
{ to: '/agent-groups', label: 'Agent Groups', icon: 'M19 11H5m14 0a2 2 0 012 2v6a2 2 0 01-2 2H5a2 2 0 01-2-2v-6a2 2 0 012-2m14 0V9a2 2 0 00-2-2M5 11V9a2 2 0 012-2m0 0V5a2 2 0 012-2h6a2 2 0 012 2v2M7 7h10 M9 3v2m6-2v2' },
{ to: '/short-lived', label: 'Short-Lived', icon: 'M13 10V3L4 14h7v7l9-11h-7z' },
{ to: '/audit', label: 'Audit Trail', icon: 'M12 8v4l3 3m6-3a9 9 0 11-18 0 9 9 0 0118 0z' },
];
web/src/main.tsx
+2
View File
@@ -21,6 +21,7 @@ import OwnersPage from './pages/OwnersPage';
import TeamsPage from './pages/TeamsPage';
import AgentGroupsPage from './pages/AgentGroupsPage';
import AuditPage from './pages/AuditPage';
import ShortLivedPage from './pages/ShortLivedPage';
import './index.css';
const queryClient = new QueryClient({
@@ -57,6 +58,7 @@ createRoot(document.getElementById('root')!).render(
<Route path="teams" element={<TeamsPage />} />
<Route path="agent-groups" element={<AgentGroupsPage />} />
<Route path="audit" element={<AuditPage />} />
<Route path="short-lived" element={<ShortLivedPage />} />
</Route>
</Routes>
</BrowserRouter>
web/src/pages/AuditPage.tsx
+63 -3
View File
@@ -18,6 +18,7 @@ const actionColors: Record<string, string> = {
expiration_alert_sent: 'text-amber-400',
agent_registered: 'text-blue-400',
policy_violated: 'text-red-400',
certificate_revoked: 'text-red-400',
};
const RESOURCE_TYPES = ['', 'certificate', 'agent', 'job', 'notification', 'policy', 'target', 'issuer'];
@@ -29,14 +30,49 @@ const TIME_RANGES = [
{ label: 'Last 30 days', value: '30d' },
];
function downloadFile(content: string, filename: string, type: string) {
const blob = new Blob([content], { type });
const url = URL.createObjectURL(blob);
const a = document.createElement('a');
a.href = url;
a.download = filename;
document.body.appendChild(a);
a.click();
document.body.removeChild(a);
URL.revokeObjectURL(url);
}
function exportCSV(events: AuditEvent[]) {
const headers = ['ID', 'Action', 'Actor', 'Actor Type', 'Resource Type', 'Resource ID', 'Details', 'Timestamp'];
const rows = events.map(e => [
e.id,
e.action,
e.actor,
e.actor_type,
e.resource_type,
e.resource_id,
JSON.stringify(e.details || {}),
e.timestamp,
]);
const csv = [headers, ...rows].map(row => row.map(cell => `"${String(cell).replace(/"/g, '""')}"`).join(',')).join('\n');
downloadFile(csv, `audit-trail-${new Date().toISOString().slice(0, 10)}.csv`, 'text/csv');
}
function exportJSON(events: AuditEvent[]) {
const json = JSON.stringify(events, null, 2);
downloadFile(json, `audit-trail-${new Date().toISOString().slice(0, 10)}.json`, 'application/json');
}
export default function AuditPage() {
const [resourceType, setResourceType] = useState('');
const [actorFilter, setActorFilter] = useState('');
const [timeRange, setTimeRange] = useState('');
const [actionFilter, setActionFilter] = useState('');
const params: Record<string, string> = {};
if (resourceType) params.resource_type = resourceType;
if (actorFilter) params.actor = actorFilter;
if (actionFilter) params.action = actionFilter;
const { data, isLoading, error, refetch } = useQuery({
queryKey: ['audit', params],
@@ -98,9 +134,26 @@ export default function AuditPage() {
{ key: 'time', label: 'Time', render: (e) => <span className="text-xs text-slate-400">{formatDateTime(e.timestamp)}</span> },
];
const hasFilters = resourceType || actorFilter || timeRange || actionFilter;
return (
<>
<PageHeader title="Audit Trail" subtitle={data ? `${filtered.length} events` : undefined} />
<PageHeader
title="Audit Trail"
subtitle={data ? `${filtered.length} events` : undefined}
action={
filtered.length > 0 ? (
<div className="flex gap-2">
<button onClick={() => exportCSV(filtered)} className="btn btn-ghost text-xs border border-slate-600">
Export CSV
</button>
<button onClick={() => exportJSON(filtered)} className="btn btn-ghost text-xs border border-slate-600">
Export JSON
</button>
</div>
) : undefined
}
/>
<div className="px-4 py-3 flex flex-wrap gap-3 border-b border-slate-700/50">
<select
value={resourceType}
@@ -119,6 +172,13 @@ export default function AuditPage() {
onChange={(e) => setActorFilter(e.target.value)}
className="bg-slate-800 border border-slate-600 rounded px-3 py-1.5 text-xs text-slate-300 placeholder-slate-500 focus:outline-none focus:border-blue-500 w-40"
/>
<input
type="text"
placeholder="Filter by action..."
value={actionFilter}
onChange={(e) => setActionFilter(e.target.value)}
className="bg-slate-800 border border-slate-600 rounded px-3 py-1.5 text-xs text-slate-300 placeholder-slate-500 focus:outline-none focus:border-blue-500 w-40"
/>
<select
value={timeRange}
onChange={(e) => setTimeRange(e.target.value)}
@@ -128,9 +188,9 @@ export default function AuditPage() {
<option key={r.value} value={r.value}>{r.label}</option>
))}
</select>
{(resourceType || actorFilter || timeRange) && (
{hasFilters && (
<button
onClick={() => { setResourceType(''); setActorFilter(''); setTimeRange(''); }}
onClick={() => { setResourceType(''); setActorFilter(''); setTimeRange(''); setActionFilter(''); }}
className="text-xs text-slate-400 hover:text-slate-200 transition-colors"
>
Clear filters
web/src/pages/CertificateDetailPage.tsx
+216 -7
View File
@@ -1,18 +1,219 @@
import { useState } from 'react';
import { useParams, useNavigate } from 'react-router-dom';
import { useQuery, useMutation, useQueryClient } from '@tanstack/react-query';
import { getCertificate, getCertificateVersions, triggerRenewal, triggerDeployment, archiveCertificate, revokeCertificate, getTargets } from '../api/client';
import { getCertificate, getCertificateVersions, triggerRenewal, triggerDeployment, archiveCertificate, revokeCertificate, updateCertificate, getTargets, getJobs, getPolicies, getProfiles } from '../api/client';
import { REVOCATION_REASONS } from '../api/types';
import PageHeader from '../components/PageHeader';
import StatusBadge from '../components/StatusBadge';
import ErrorState from '../components/ErrorState';
import { formatDate, formatDateTime, daysUntil, expiryColor } from '../api/utils';
import { formatDate, formatDateTime, daysUntil, expiryColor, timeAgo } from '../api/utils';
import type { Job } from '../api/types';
function InfoRow({ label, value }: { label: string; value: React.ReactNode }) {
function InfoRow({ label, value, editable, onEdit }: { label: string; value: React.ReactNode; editable?: boolean; onEdit?: () => void }) {
return (
<div className="flex justify-between py-2 border-b border-slate-700/50">
<div className="flex justify-between py-2 border-b border-slate-700/50 group">
<span className="text-sm text-slate-400">{label}</span>
<span className="text-sm text-slate-200">{value}</span>
<div className="flex items-center gap-2">
<span className="text-sm text-slate-200">{value}</span>
{editable && onEdit && (
<button onClick={onEdit} className="opacity-0 group-hover:opacity-100 transition-opacity text-xs text-blue-400 hover:text-blue-300">
Edit
</button>
)}
</div>
</div>
);
}
// Timeline step component for deployment status
function TimelineStep({ label, status, time, isLast }: { label: string; status: 'completed' | 'active' | 'pending' | 'failed'; time?: string; isLast?: boolean }) {
const dotStyles = {
completed: 'bg-emerald-500 ring-emerald-500/30',
active: 'bg-blue-500 ring-blue-500/30 animate-pulse',
pending: 'bg-slate-600 ring-slate-600/30',
failed: 'bg-red-500 ring-red-500/30',
};
const lineStyles = {
completed: 'bg-emerald-500/50',
active: 'bg-blue-500/30',
pending: 'bg-slate-700',
failed: 'bg-red-500/30',
};
const textStyles = {
completed: 'text-emerald-400',
active: 'text-blue-400',
pending: 'text-slate-500',
failed: 'text-red-400',
};
return (
<div className="flex items-start gap-3 relative">
<div className="flex flex-col items-center">
<div className={`w-3 h-3 rounded-full ring-4 ${dotStyles[status]} flex-shrink-0 mt-0.5`} />
{!isLast && <div className={`w-0.5 h-8 ${lineStyles[status]}`} />}
</div>
<div className="pb-6">
<div className={`text-sm font-medium ${textStyles[status]}`}>{label}</div>
{time && <div className="text-xs text-slate-500 mt-0.5">{time}</div>}
</div>
</div>
);
}
function DeploymentTimeline({ certId, certStatus, createdAt, issuedAt }: { certId: string; certStatus: string; createdAt: string; issuedAt: string }) {
const { data: jobsData } = useQuery({
queryKey: ['jobs', { certificate_id: certId }],
queryFn: () => getJobs({ certificate_id: certId }),
});
const jobs = jobsData?.data || [];
const issuanceJobs = jobs.filter((j: Job) => j.type === 'Issuance' || j.type === 'Renewal');
const deployJobs = jobs.filter((j: Job) => j.type === 'Deployment');
const latestIssuance = issuanceJobs[0];
const latestDeploy = deployJobs[0];
// Determine step statuses
const getRequestedStatus = () => 'completed' as const;
const getRequestedTime = () => formatDateTime(createdAt);
const getIssuedStatus = () => {
if (issuedAt) return 'completed' as const;
if (latestIssuance?.status === 'Running' || latestIssuance?.status === 'AwaitingCSR' || latestIssuance?.status === 'AwaitingApproval') return 'active' as const;
if (latestIssuance?.status === 'Failed') return 'failed' as const;
return 'pending' as const;
};
const getIssuedTime = () => {
if (issuedAt) return formatDateTime(issuedAt);
if (latestIssuance) return `${latestIssuance.status}${timeAgo(latestIssuance.created_at)}`;
return undefined;
};
const getDeployStatus = () => {
if (!issuedAt) return 'pending' as const;
if (latestDeploy?.status === 'Completed') return 'completed' as const;
if (latestDeploy?.status === 'Running') return 'active' as const;
if (latestDeploy?.status === 'Failed') return 'failed' as const;
if (latestDeploy?.status === 'Pending') return 'active' as const;
return 'pending' as const;
};
const getDeployTime = () => {
if (latestDeploy?.status === 'Completed') return formatDateTime(latestDeploy.completed_at);
if (latestDeploy) return `${latestDeploy.status}${timeAgo(latestDeploy.created_at)}`;
return undefined;
};
const getActiveStatus = () => {
if (certStatus === 'Active') return 'completed' as const;
if (certStatus === 'Revoked') return 'failed' as const;
if (certStatus === 'Expired') return 'failed' as const;
if (latestDeploy?.status === 'Completed') return 'completed' as const;
return 'pending' as const;
};
const getActiveTime = () => {
if (certStatus === 'Revoked') return 'Revoked';
if (certStatus === 'Expired') return 'Expired';
if (certStatus === 'Active') return 'Currently active';
return undefined;
};
return (
<div className="card p-5">
<h3 className="text-sm font-semibold text-slate-300 mb-4">Lifecycle Timeline</h3>
<div className="pl-1">
<TimelineStep label="Requested" status={getRequestedStatus()} time={getRequestedTime()} />
<TimelineStep label="Issued" status={getIssuedStatus()} time={getIssuedTime()} />
<TimelineStep label="Deploying" status={getDeployStatus()} time={getDeployTime()} />
<TimelineStep label={certStatus === 'Revoked' ? 'Revoked' : certStatus === 'Expired' ? 'Expired' : 'Active'}
status={getActiveStatus()} time={getActiveTime()} isLast />
</div>
</div>
);
}
function InlinePolicyEditor({ certId, currentPolicyId, currentProfileId }: { certId: string; currentPolicyId: string; currentProfileId: string }) {
const queryClient = useQueryClient();
const [editing, setEditing] = useState(false);
const [policyId, setPolicyId] = useState(currentPolicyId);
const [profileId, setProfileId] = useState(currentProfileId);
const { data: policies } = useQuery({
queryKey: ['policies'],
queryFn: () => getPolicies(),
enabled: editing,
});
const { data: profiles } = useQuery({
queryKey: ['profiles'],
queryFn: () => getProfiles(),
enabled: editing,
});
const saveMutation = useMutation({
mutationFn: () => updateCertificate(certId, {
renewal_policy_id: policyId,
certificate_profile_id: profileId,
}),
onSuccess: () => {
queryClient.invalidateQueries({ queryKey: ['certificate', certId] });
setEditing(false);
},
});
if (!editing) {
return (
<div className="card p-5">
<div className="flex items-center justify-between mb-4">
<h3 className="text-sm font-semibold text-slate-300">Policy & Profile</h3>
<button onClick={() => setEditing(true)} className="text-xs text-blue-400 hover:text-blue-300 transition-colors">
Edit
</button>
</div>
<InfoRow label="Renewal Policy" value={currentPolicyId || '—'} />
<InfoRow label="Certificate Profile" value={currentProfileId || '—'} />
</div>
);
}
return (
<div className="card p-5 border-blue-500/30">
<div className="flex items-center justify-between mb-4">
<h3 className="text-sm font-semibold text-blue-400">Edit Policy & Profile</h3>
<div className="flex gap-2">
<button onClick={() => { setEditing(false); setPolicyId(currentPolicyId); setProfileId(currentProfileId); }}
className="text-xs text-slate-400 hover:text-slate-300">Cancel</button>
<button onClick={() => saveMutation.mutate()} disabled={saveMutation.isPending}
className="text-xs text-blue-400 hover:text-blue-300 font-medium disabled:opacity-50">
{saveMutation.isPending ? 'Saving...' : 'Save'}
</button>
</div>
</div>
{saveMutation.isError && (
<div className="bg-red-500/10 border border-red-500/20 text-red-400 rounded-lg px-3 py-2 text-sm mb-3">
{saveMutation.error instanceof Error ? saveMutation.error.message : 'Failed to save'}
</div>
)}
<div className="space-y-3">
<div>
<label className="text-xs text-slate-400 block mb-1">Renewal Policy</label>
<select value={policyId} onChange={e => setPolicyId(e.target.value)}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200">
<option value="">None</option>
{policies?.data?.map(p => (
<option key={p.id} value={p.id}>{p.name} ({p.type})</option>
))}
</select>
</div>
<div>
<label className="text-xs text-slate-400 block mb-1">Certificate Profile</label>
<select value={profileId} onChange={e => setProfileId(e.target.value)}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200">
<option value="">None</option>
{profiles?.data?.map(p => (
<option key={p.id} value={p.id}>{p.name} max TTL {p.max_ttl_seconds ? `${Math.round(p.max_ttl_seconds / 86400)}d` : '∞'}</option>
))}
</select>
</div>
</div>
</div>
);
}
@@ -203,6 +404,9 @@ export default function CertificateDetailPage() {
</div>
)}
{/* Deployment Status Timeline */}
<DeploymentTimeline certId={id!} certStatus={cert.status} createdAt={cert.created_at} issuedAt={cert.issued_at} />
<div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
{/* Certificate Info */}
<div className="card p-5">
@@ -229,8 +433,6 @@ export default function CertificateDetailPage() {
} />
<InfoRow label="Environment" value={cert.environment || '—'} />
<InfoRow label="Issuer" value={cert.issuer_id} />
<InfoRow label="Profile" value={cert.certificate_profile_id || '—'} />
<InfoRow label="Renewal Policy" value={cert.renewal_policy_id || '—'} />
<InfoRow label="Owner" value={cert.owner_id} />
<InfoRow label="Team" value={cert.team_id} />
{isRevoked && (
@@ -250,6 +452,13 @@ export default function CertificateDetailPage() {
</div>
</div>
{/* Inline Policy Editor */}
<InlinePolicyEditor
certId={id!}
currentPolicyId={cert.renewal_policy_id || ''}
currentProfileId={cert.certificate_profile_id || ''}
/>
{/* Tags */}
{cert.tags && Object.keys(cert.tags).length > 0 && (
<div className="card p-5">
web/src/pages/CertificatesPage.tsx
+220 -1
View File
@@ -1,7 +1,8 @@
import { useState } from 'react';
import { useQuery, useMutation, useQueryClient } from '@tanstack/react-query';
import { useNavigate } from 'react-router-dom';
import { getCertificates, createCertificate } from '../api/client';
import { getCertificates, createCertificate, triggerRenewal, revokeCertificate, updateCertificate, getOwners } from '../api/client';
import { REVOCATION_REASONS } from '../api/types';
import PageHeader from '../components/PageHeader';
import DataTable from '../components/DataTable';
import type { Column } from '../components/DataTable';
@@ -99,12 +100,149 @@ function CreateCertificateModal({ onClose, onSuccess }: { onClose: () => void; o
);
}
function BulkRevokeModal({ ids, onClose, onSuccess }: { ids: string[]; onClose: () => void; onSuccess: () => void }) {
const [reason, setReason] = useState('unspecified');
const [progress, setProgress] = useState(0);
const [error, setError] = useState('');
const [running, setRunning] = useState(false);
const handleRevoke = async () => {
setRunning(true);
setError('');
let succeeded = 0;
for (const id of ids) {
try {
await revokeCertificate(id, reason);
succeeded++;
setProgress(succeeded);
} catch (err) {
setError(`Failed on ${id}: ${err instanceof Error ? err.message : 'Unknown error'}`);
break;
}
}
if (!error) onSuccess();
};
return (
<div className="fixed inset-0 bg-black/60 flex items-center justify-center z-50" onClick={onClose}>
<div className="bg-slate-800 border border-slate-600 rounded-xl p-6 w-full max-w-md shadow-2xl" onClick={e => e.stopPropagation()}>
<h2 className="text-lg font-semibold text-red-400 mb-2">Bulk Revoke</h2>
<p className="text-sm text-slate-400 mb-4">
Revoke {ids.length} certificate{ids.length > 1 ? 's' : ''}. This cannot be undone.
</p>
{error && <div className="bg-red-500/10 border border-red-500/20 text-red-400 rounded-lg px-3 py-2 text-sm mb-3">{error}</div>}
{running && (
<div className="mb-3">
<div className="flex justify-between text-xs text-slate-400 mb-1">
<span>Progress</span>
<span>{progress}/{ids.length}</span>
</div>
<div className="w-full bg-slate-700 rounded-full h-2">
<div className="bg-red-500 h-2 rounded-full transition-all" style={{ width: `${(progress / ids.length) * 100}%` }} />
</div>
</div>
)}
<label className="text-xs text-slate-400 block mb-2">Revocation Reason (RFC 5280)</label>
<select value={reason} onChange={e => setReason(e.target.value)}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200 mb-4"
disabled={running}
>
{REVOCATION_REASONS.map(r => (
<option key={r.value} value={r.value}>{r.label}</option>
))}
</select>
<div className="flex justify-end gap-3">
<button onClick={onClose} className="btn btn-ghost text-sm" disabled={running}>Cancel</button>
<button onClick={handleRevoke} disabled={running}
className="btn text-sm bg-red-600 hover:bg-red-500 text-white disabled:opacity-50">
{running ? `Revoking (${progress}/${ids.length})...` : `Revoke ${ids.length} Certificates`}
</button>
</div>
</div>
</div>
);
}
function BulkReassignModal({ ids, onClose, onSuccess }: { ids: string[]; onClose: () => void; onSuccess: () => void }) {
const [ownerId, setOwnerId] = useState('');
const [progress, setProgress] = useState(0);
const [error, setError] = useState('');
const [running, setRunning] = useState(false);
const { data: owners } = useQuery({
queryKey: ['owners'],
queryFn: () => getOwners(),
});
const handleReassign = async () => {
if (!ownerId) return;
setRunning(true);
setError('');
let succeeded = 0;
for (const id of ids) {
try {
await updateCertificate(id, { owner_id: ownerId } as Partial<Certificate>);
succeeded++;
setProgress(succeeded);
} catch (err) {
setError(`Failed on ${id}: ${err instanceof Error ? err.message : 'Unknown error'}`);
break;
}
}
if (!error) onSuccess();
};
return (
<div className="fixed inset-0 bg-black/60 flex items-center justify-center z-50" onClick={onClose}>
<div className="bg-slate-800 border border-slate-600 rounded-xl p-6 w-full max-w-md shadow-2xl" onClick={e => e.stopPropagation()}>
<h2 className="text-lg font-semibold text-slate-200 mb-2">Reassign Owner</h2>
<p className="text-sm text-slate-400 mb-4">
Reassign {ids.length} certificate{ids.length > 1 ? 's' : ''} to a new owner.
</p>
{error && <div className="bg-red-500/10 border border-red-500/20 text-red-400 rounded-lg px-3 py-2 text-sm mb-3">{error}</div>}
{running && (
<div className="mb-3">
<div className="flex justify-between text-xs text-slate-400 mb-1">
<span>Progress</span>
<span>{progress}/{ids.length}</span>
</div>
<div className="w-full bg-slate-700 rounded-full h-2">
<div className="bg-blue-500 h-2 rounded-full transition-all" style={{ width: `${(progress / ids.length) * 100}%` }} />
</div>
</div>
)}
<label className="text-xs text-slate-400 block mb-2">New Owner</label>
<select value={ownerId} onChange={e => setOwnerId(e.target.value)}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200 mb-4"
disabled={running}
>
<option value="">Select owner...</option>
{owners?.data?.map(o => (
<option key={o.id} value={o.id}>{o.name} ({o.email})</option>
))}
</select>
<div className="flex justify-end gap-3">
<button onClick={onClose} className="btn btn-ghost text-sm" disabled={running}>Cancel</button>
<button onClick={handleReassign} disabled={running || !ownerId}
className="btn btn-primary text-sm disabled:opacity-50">
{running ? `Reassigning (${progress}/${ids.length})...` : `Reassign ${ids.length} Certificates`}
</button>
</div>
</div>
</div>
);
}
export default function CertificatesPage() {
const navigate = useNavigate();
const queryClient = useQueryClient();
const [statusFilter, setStatusFilter] = useState('');
const [envFilter, setEnvFilter] = useState('');
const [showCreate, setShowCreate] = useState(false);
const [selectedIds, setSelectedIds] = useState<Set<string>>(new Set());
const [showBulkRevoke, setShowBulkRevoke] = useState(false);
const [showBulkReassign, setShowBulkReassign] = useState(false);
const [bulkRenewProgress, setBulkRenewProgress] = useState<{ done: number; total: number; running: boolean } | null>(null);
const params: Record<string, string> = {};
if (statusFilter) params.status = statusFilter;
@@ -116,6 +254,22 @@ export default function CertificatesPage() {
refetchInterval: 30000,
});
const handleBulkRenewal = async () => {
const ids = Array.from(selectedIds);
setBulkRenewProgress({ done: 0, total: ids.length, running: true });
for (let i = 0; i < ids.length; i++) {
try {
await triggerRenewal(ids[i]);
} catch {
// continue on individual failures
}
setBulkRenewProgress({ done: i + 1, total: ids.length, running: i + 1 < ids.length });
}
queryClient.invalidateQueries({ queryKey: ['certificates'] });
setSelectedIds(new Set());
setTimeout(() => setBulkRenewProgress(null), 3000);
};
const columns: Column<Certificate>[] = [
{
key: 'name',
@@ -146,6 +300,9 @@ export default function CertificatesPage() {
{ key: 'owner', label: 'Owner', render: (c) => <span className="text-slate-400 text-xs">{c.owner_id}</span> },
];
const selectedArray = Array.from(selectedIds);
const hasSelection = selectedArray.length > 0;
return (
<>
<PageHeader
@@ -157,6 +314,43 @@ export default function CertificatesPage() {
</button>
}
/>
{/* Bulk Action Bar */}
{hasSelection && (
<div className="px-6 py-3 bg-blue-500/10 border-b border-blue-500/20 flex items-center justify-between">
<span className="text-sm text-blue-400 font-medium">{selectedArray.length} selected</span>
<div className="flex gap-2">
<button onClick={handleBulkRenewal} disabled={bulkRenewProgress?.running}
className="btn btn-primary text-xs disabled:opacity-50">
{bulkRenewProgress?.running
? `Renewing (${bulkRenewProgress.done}/${bulkRenewProgress.total})...`
: 'Trigger Renewal'}
</button>
<button onClick={() => setShowBulkRevoke(true)}
className="btn btn-ghost text-xs text-amber-400 hover:text-amber-300 border border-amber-600/50">
Revoke
</button>
<button onClick={() => setShowBulkReassign(true)}
className="btn btn-ghost text-xs text-blue-400 hover:text-blue-300 border border-blue-600/50">
Reassign Owner
</button>
<button onClick={() => setSelectedIds(new Set())}
className="btn btn-ghost text-xs text-slate-400">
Clear
</button>
</div>
</div>
)}
{/* Bulk Renewal Success */}
{bulkRenewProgress && !bulkRenewProgress.running && (
<div className="px-6 py-2 bg-emerald-500/10 border-b border-emerald-500/20">
<span className="text-sm text-emerald-400">
Triggered renewal for {bulkRenewProgress.done} certificate{bulkRenewProgress.done > 1 ? 's' : ''}.
</span>
</div>
)}
<div className="px-6 py-3 flex gap-3 border-b border-slate-700/50">
<select
value={statusFilter}
@@ -192,6 +386,9 @@ export default function CertificatesPage() {
isLoading={isLoading}
onRowClick={(c) => navigate(`/certificates/${c.id}`)}
emptyMessage="No certificates found"
selectable
selectedKeys={selectedIds}
onSelectionChange={setSelectedIds}
/>
)}
</div>
@@ -204,6 +401,28 @@ export default function CertificatesPage() {
}}
/>
)}
{showBulkRevoke && (
<BulkRevokeModal
ids={selectedArray}
onClose={() => setShowBulkRevoke(false)}
onSuccess={() => {
setShowBulkRevoke(false);
setSelectedIds(new Set());
queryClient.invalidateQueries({ queryKey: ['certificates'] });
}}
/>
)}
{showBulkReassign && (
<BulkReassignModal
ids={selectedArray}
onClose={() => setShowBulkReassign(false)}
onSuccess={() => {
setShowBulkReassign(false);
setSelectedIds(new Set());
queryClient.invalidateQueries({ queryKey: ['certificates'] });
}}
/>
)}
</>
);
}
web/src/pages/ShortLivedPage.tsx
+156
View File
@@ -0,0 +1,156 @@
import { useQuery } from '@tanstack/react-query';
import { useNavigate } from 'react-router-dom';
import { getCertificates, getProfiles } from '../api/client';
import PageHeader from '../components/PageHeader';
import DataTable from '../components/DataTable';
import type { Column } from '../components/DataTable';
import StatusBadge from '../components/StatusBadge';
import ErrorState from '../components/ErrorState';
import { formatDateTime, daysUntil } from '../api/utils';
import type { Certificate, CertificateProfile } from '../api/types';
function formatTTL(seconds: number): string {
if (seconds < 60) return `${seconds}s`;
if (seconds < 3600) return `${Math.round(seconds / 60)}m`;
if (seconds < 86400) return `${Math.round(seconds / 3600)}h`;
return `${Math.round(seconds / 86400)}d`;
}
function ttlRemaining(expiresAt: string): { text: string; color: string; seconds: number } {
const diff = new Date(expiresAt).getTime() - Date.now();
const secs = Math.floor(diff / 1000);
if (secs <= 0) return { text: 'Expired', color: 'text-red-400', seconds: 0 };
if (secs < 300) return { text: `${secs}s`, color: 'text-red-400', seconds: secs };
if (secs < 1800) return { text: `${Math.round(secs / 60)}m`, color: 'text-amber-400', seconds: secs };
return { text: formatTTL(secs), color: 'text-emerald-400', seconds: secs };
}
export default function ShortLivedPage() {
const navigate = useNavigate();
const { data: certsData, isLoading: certsLoading, error: certsError, refetch } = useQuery({
queryKey: ['certificates', {}],
queryFn: () => getCertificates(),
refetchInterval: 10000, // Refresh every 10s for short-lived certs
});
const { data: profilesData } = useQuery({
queryKey: ['profiles'],
queryFn: () => getProfiles(),
});
// Build profile lookup
const profileMap = new Map<string, CertificateProfile>();
profilesData?.data?.forEach(p => profileMap.set(p.id, p));
// Filter to short-lived certificates (profile with allow_short_lived and max_ttl < 1 hour)
const shortLivedProfileIds = new Set(
(profilesData?.data || [])
.filter(p => p.allow_short_lived && p.max_ttl_seconds > 0 && p.max_ttl_seconds < 3600)
.map(p => p.id)
);
// Include certs that match short-lived profiles OR certs that expire within 1 hour
const allCerts = certsData?.data || [];
const shortLivedCerts = allCerts.filter(c => {
if (c.status === 'Archived') return false;
if (shortLivedProfileIds.has(c.certificate_profile_id)) return true;
// Also include any cert with < 1 hour of life remaining that is active
const secsRemaining = (new Date(c.expires_at).getTime() - Date.now()) / 1000;
if (secsRemaining > 0 && secsRemaining < 3600 && c.status === 'Active') return true;
return false;
});
// Sort by expiration (soonest first)
shortLivedCerts.sort((a, b) => new Date(a.expires_at).getTime() - new Date(b.expires_at).getTime());
// Stats
const active = shortLivedCerts.filter(c => c.status === 'Active' && daysUntil(c.expires_at) >= 0).length;
const expired = shortLivedCerts.filter(c => c.status === 'Expired' || daysUntil(c.expires_at) < 0).length;
const profiles = new Set(shortLivedCerts.map(c => c.certificate_profile_id).filter(Boolean));
const columns: Column<Certificate>[] = [
{
key: 'name',
label: 'Certificate',
render: (c) => (
<div>
<div className="font-medium text-slate-200">{c.common_name}</div>
<div className="text-xs text-slate-500 mt-0.5">{c.id}</div>
</div>
),
},
{ key: 'status', label: 'Status', render: (c) => <StatusBadge status={c.status} /> },
{
key: 'ttl',
label: 'TTL Remaining',
render: (c) => {
const ttl = ttlRemaining(c.expires_at);
return (
<div className="flex items-center gap-2">
<div className={`font-mono text-sm font-medium ${ttl.color}`}>{ttl.text}</div>
{ttl.seconds > 0 && ttl.seconds < 300 && (
<div className="w-2 h-2 rounded-full bg-red-500 animate-pulse" />
)}
</div>
);
},
},
{
key: 'profile',
label: 'Profile',
render: (c) => {
const profile = profileMap.get(c.certificate_profile_id);
return (
<div>
<div className="text-sm text-slate-300">{profile?.name || c.certificate_profile_id || '—'}</div>
{profile && <div className="text-xs text-slate-500">Max TTL: {formatTTL(profile.max_ttl_seconds)}</div>}
</div>
);
},
},
{ key: 'env', label: 'Environment', render: (c) => <span className="text-slate-300">{c.environment || '—'}</span> },
{ key: 'issuer', label: 'Issuer', render: (c) => <span className="text-slate-400 text-xs">{c.issuer_id}</span> },
{ key: 'expires', label: 'Expires At', render: (c) => <span className="text-xs text-slate-400">{formatDateTime(c.expires_at)}</span> },
];
return (
<>
<PageHeader
title="Short-Lived Credentials"
subtitle={`${shortLivedCerts.length} active ephemeral certificates`}
/>
{/* Stats bar */}
<div className="px-6 py-3 flex gap-6 border-b border-slate-700/50">
<div className="flex items-center gap-2">
<div className="w-2 h-2 rounded-full bg-emerald-400" />
<span className="text-xs text-slate-400">Active:</span>
<span className="text-xs font-medium text-emerald-400">{active}</span>
</div>
<div className="flex items-center gap-2">
<div className="w-2 h-2 rounded-full bg-red-400" />
<span className="text-xs text-slate-400">Expired:</span>
<span className="text-xs font-medium text-red-400">{expired}</span>
</div>
<div className="flex items-center gap-2">
<div className="w-2 h-2 rounded-full bg-blue-400" />
<span className="text-xs text-slate-400">Profiles:</span>
<span className="text-xs font-medium text-blue-400">{profiles.size}</span>
</div>
</div>
<div className="flex-1 overflow-y-auto">
{certsError ? (
<ErrorState error={certsError as Error} onRetry={() => refetch()} />
) : (
<DataTable
columns={columns}
data={shortLivedCerts}
isLoading={certsLoading}
onRowClick={(c) => navigate(`/certificates/${c.id}`)}
emptyMessage="No short-lived credentials found. Certificates with profiles that have TTL < 1 hour will appear here."
/>
)}
</div>
</>
);
}
web/src/pages/TargetsPage.tsx
+234 -2
View File
@@ -1,5 +1,6 @@
import { useState } from 'react';
import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query';
import { getTargets, deleteTarget } from '../api/client';
import { getTargets, createTarget, deleteTarget } from '../api/client';
import PageHeader from '../components/PageHeader';
import DataTable from '../components/DataTable';
import type { Column } from '../components/DataTable';
@@ -16,8 +17,222 @@ const typeLabels: Record<string, string> = {
haproxy: 'HAProxy',
};
const TARGET_TYPES = [
{ value: 'nginx', label: 'NGINX', description: 'Deploy to NGINX web server via file write + config validation + reload' },
{ value: 'apache', label: 'Apache httpd', description: 'Separate cert/chain/key files, apachectl configtest, graceful reload' },
{ value: 'haproxy', label: 'HAProxy', description: 'Combined PEM file (cert+chain+key), optional validate, reload' },
{ value: 'f5_bigip', label: 'F5 BIG-IP', description: 'iControl REST via proxy agent (V3 implementation)' },
{ value: 'iis', label: 'IIS', description: 'Windows IIS via agent-local PowerShell or proxy WinRM (V3 implementation)' },
];
const CONFIG_FIELDS: Record<string, { key: string; label: string; placeholder: string; required?: boolean }[]> = {
nginx: [
{ key: 'cert_path', label: 'Certificate Path', placeholder: '/etc/nginx/ssl/cert.pem', required: true },
{ key: 'key_path', label: 'Key Path', placeholder: '/etc/nginx/ssl/key.pem', required: true },
{ key: 'chain_path', label: 'Chain Path', placeholder: '/etc/nginx/ssl/chain.pem' },
{ key: 'reload_cmd', label: 'Reload Command', placeholder: 'nginx -t && systemctl reload nginx' },
],
apache: [
{ key: 'cert_path', label: 'Certificate Path', placeholder: '/etc/apache2/ssl/cert.pem', required: true },
{ key: 'key_path', label: 'Key Path', placeholder: '/etc/apache2/ssl/key.pem', required: true },
{ key: 'chain_path', label: 'Chain Path', placeholder: '/etc/apache2/ssl/chain.pem' },
{ key: 'reload_cmd', label: 'Reload Command', placeholder: 'apachectl configtest && apachectl graceful' },
],
haproxy: [
{ key: 'pem_path', label: 'Combined PEM Path', placeholder: '/etc/haproxy/certs/combined.pem', required: true },
{ key: 'reload_cmd', label: 'Reload Command', placeholder: 'systemctl reload haproxy' },
{ key: 'validate_cmd', label: 'Validate Command (optional)', placeholder: 'haproxy -c -f /etc/haproxy/haproxy.cfg' },
],
f5_bigip: [
{ key: 'management_ip', label: 'Management IP', placeholder: '192.168.1.100', required: true },
{ key: 'partition', label: 'Partition', placeholder: 'Common' },
{ key: 'proxy_agent_id', label: 'Proxy Agent ID', placeholder: 'agent-f5-proxy' },
],
iis: [
{ key: 'site_name', label: 'IIS Site Name', placeholder: 'Default Web Site', required: true },
{ key: 'binding_ip', label: 'Binding IP', placeholder: '*' },
{ key: 'binding_port', label: 'Binding Port', placeholder: '443' },
{ key: 'cert_store', label: 'Certificate Store', placeholder: 'My' },
],
};
function CreateTargetWizard({ onClose, onSuccess }: { onClose: () => void; onSuccess: () => void }) {
const [step, setStep] = useState<'type' | 'config' | 'review'>('type');
const [targetType, setTargetType] = useState('');
const [name, setName] = useState('');
const [hostname, setHostname] = useState('');
const [agentId, setAgentId] = useState('');
const [config, setConfig] = useState<Record<string, string>>({});
const [error, setError] = useState('');
const mutation = useMutation({
mutationFn: () => createTarget({
name,
type: targetType,
hostname,
agent_id: agentId,
config: Object.fromEntries(Object.entries(config).filter(([, v]) => v)),
}),
onSuccess: () => onSuccess(),
onError: (err: Error) => setError(err.message),
});
const fields = CONFIG_FIELDS[targetType] || [];
const canProceedToReview = name && targetType && fields.filter(f => f.required).every(f => config[f.key]);
return (
<div className="fixed inset-0 bg-black/60 flex items-center justify-center z-50" onClick={onClose}>
<div className="bg-slate-800 border border-slate-600 rounded-xl p-6 w-full max-w-lg shadow-2xl" onClick={e => e.stopPropagation()}>
{/* Step indicators */}
<div className="flex items-center gap-3 mb-6">
{['Select Type', 'Configure', 'Review'].map((label, i) => {
const stepNames = ['type', 'config', 'review'] as const;
const currentIdx = stepNames.indexOf(step);
const isActive = i === currentIdx;
const isDone = i < currentIdx;
return (
<div key={label} className="flex items-center gap-2">
<div className={`w-6 h-6 rounded-full flex items-center justify-center text-xs font-medium ${
isDone ? 'bg-emerald-500 text-white' : isActive ? 'bg-blue-500 text-white' : 'bg-slate-700 text-slate-400'
}`}>
{isDone ? '✓' : i + 1}
</div>
<span className={`text-xs ${isActive ? 'text-slate-200' : 'text-slate-500'}`}>{label}</span>
{i < 2 && <div className="w-8 h-px bg-slate-700" />}
</div>
);
})}
</div>
{error && <div className="bg-red-500/10 border border-red-500/20 text-red-400 rounded-lg px-3 py-2 text-sm mb-4">{error}</div>}
{/* Step 1: Select Type */}
{step === 'type' && (
<div>
<h2 className="text-lg font-semibold text-slate-200 mb-4">Select Target Type</h2>
<div className="space-y-2">
{TARGET_TYPES.map(t => (
<button
key={t.value}
onClick={() => { setTargetType(t.value); setConfig({}); }}
className={`w-full text-left px-4 py-3 rounded-lg border transition-colors ${
targetType === t.value
? 'border-blue-500 bg-blue-500/10'
: 'border-slate-600 hover:border-slate-500 bg-slate-900'
}`}
>
<div className="text-sm font-medium text-slate-200">{t.label}</div>
<div className="text-xs text-slate-400 mt-0.5">{t.description}</div>
</button>
))}
</div>
<div className="flex justify-end gap-3 mt-6">
<button onClick={onClose} className="btn btn-ghost text-sm">Cancel</button>
<button onClick={() => setStep('config')} disabled={!targetType}
className="btn btn-primary text-sm disabled:opacity-50">Next</button>
</div>
</div>
)}
{/* Step 2: Configure */}
{step === 'config' && (
<div>
<h2 className="text-lg font-semibold text-slate-200 mb-4">
Configure {typeLabels[targetType] || targetType} Target
</h2>
<div className="space-y-3">
<div>
<label className="text-xs text-slate-400 block mb-1">Target Name *</label>
<input value={name} onChange={e => setName(e.target.value)}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200 focus:outline-none focus:border-blue-500"
placeholder="web-server-1" />
</div>
<div className="grid grid-cols-2 gap-3">
<div>
<label className="text-xs text-slate-400 block mb-1">Hostname</label>
<input value={hostname} onChange={e => setHostname(e.target.value)}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200 focus:outline-none focus:border-blue-500"
placeholder="web1.example.com" />
</div>
<div>
<label className="text-xs text-slate-400 block mb-1">Agent ID</label>
<input value={agentId} onChange={e => setAgentId(e.target.value)}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200 focus:outline-none focus:border-blue-500"
placeholder="agent-web1" />
</div>
</div>
{fields.map(f => (
<div key={f.key}>
<label className="text-xs text-slate-400 block mb-1">{f.label} {f.required ? '*' : ''}</label>
<input value={config[f.key] || ''} onChange={e => setConfig(c => ({ ...c, [f.key]: e.target.value }))}
className="w-full bg-slate-900 border border-slate-600 rounded-lg px-3 py-2 text-sm text-slate-200 focus:outline-none focus:border-blue-500"
placeholder={f.placeholder} />
</div>
))}
</div>
<div className="flex justify-between gap-3 mt-6">
<button onClick={() => setStep('type')} className="btn btn-ghost text-sm">Back</button>
<div className="flex gap-3">
<button onClick={onClose} className="btn btn-ghost text-sm">Cancel</button>
<button onClick={() => setStep('review')} disabled={!canProceedToReview}
className="btn btn-primary text-sm disabled:opacity-50">Review</button>
</div>
</div>
</div>
)}
{/* Step 3: Review */}
{step === 'review' && (
<div>
<h2 className="text-lg font-semibold text-slate-200 mb-4">Review Target</h2>
<div className="bg-slate-900 rounded-lg p-4 space-y-2 text-sm">
<div className="flex justify-between">
<span className="text-slate-400">Name</span>
<span className="text-slate-200">{name}</span>
</div>
<div className="flex justify-between">
<span className="text-slate-400">Type</span>
<span className="text-slate-200">{typeLabels[targetType] || targetType}</span>
</div>
{hostname && (
<div className="flex justify-between">
<span className="text-slate-400">Hostname</span>
<span className="text-slate-200 font-mono text-xs">{hostname}</span>
</div>
)}
{agentId && (
<div className="flex justify-between">
<span className="text-slate-400">Agent</span>
<span className="text-slate-200 font-mono text-xs">{agentId}</span>
</div>
)}
{Object.entries(config).filter(([, v]) => v).map(([k, v]) => (
<div key={k} className="flex justify-between">
<span className="text-slate-400">{k.replace(/_/g, ' ')}</span>
<span className="text-slate-200 font-mono text-xs truncate max-w-xs">{v}</span>
</div>
))}
</div>
<div className="flex justify-between gap-3 mt-6">
<button onClick={() => setStep('config')} className="btn btn-ghost text-sm">Back</button>
<div className="flex gap-3">
<button onClick={onClose} className="btn btn-ghost text-sm">Cancel</button>
<button onClick={() => mutation.mutate()} disabled={mutation.isPending}
className="btn btn-primary text-sm disabled:opacity-50">
{mutation.isPending ? 'Creating...' : 'Create Target'}
</button>
</div>
</div>
</div>
)}
</div>
</div>
);
}
export default function TargetsPage() {
const queryClient = useQueryClient();
const [showCreate, setShowCreate] = useState(false);
const { data, isLoading, error, refetch } = useQuery({
queryKey: ['targets'],
@@ -83,7 +298,15 @@ export default function TargetsPage() {
return (
<>
<PageHeader title="Deployment Targets" subtitle={data ? `${data.total} targets` : undefined} />
<PageHeader
title="Deployment Targets"
subtitle={data ? `${data.total} targets` : undefined}
action={
<button onClick={() => setShowCreate(true)} className="btn btn-primary text-xs">
+ New Target
</button>
}
/>
<div className="flex-1 overflow-y-auto">
{error ? (
<ErrorState error={error as Error} onRetry={() => refetch()} />
@@ -91,6 +314,15 @@ export default function TargetsPage() {
<DataTable columns={columns} data={data?.data || []} isLoading={isLoading} emptyMessage="No deployment targets" />
)}
</div>
{showCreate && (
<CreateTargetWizard
onClose={() => setShowCreate(false)}
onSuccess={() => {
setShowCreate(false);
queryClient.invalidateQueries({ queryKey: ['targets'] });
}}
/>
)}
</>
);
}