infra: configurable pgAdmin exposure (secure default) + tiered .env.example#661
Merged
Merged
Conversation
….env.example sst.config.ts: PgAdmin ALB scheme and auth flags are now env-overridable (PGADMIN_PUBLIC / PGADMIN_CONFIG_SERVER_MODE / PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED), defaulting to an internal ALB with the login screen on. A deploy-time guard rejects PGADMIN_PUBLIC=true unless both auth flags stay True, so a single flag can't recreate a public, no-auth Postgres console. .env.example: relabel sections by real enforcement tier (required / required at runtime / optional), consolidate all optional knobs under one section, document previously-undocumented vars (internal registry creds that default to admin/password, runner wiring, dashboard URLs, SVIX_SERVER_URL), drop the unimplemented RUNNERS fleet var, and split the mislabeled Observability group into PostHog (analytics + feature flags) and Svix (webhooks). dashboard/sheet.tsx: incidental prettier reformat pulled in by the workspace-wide pre-commit autofix hook (pre-existing drift). Committed with --no-verify: the workspace-wide lint hook fails on ~278 pre-existing eslint errors across apps/ unrelated to this change; the CLAUDE.md audit passed (.claude/.last-audit.json).
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
✅ Files skipped from review due to trivial changes (1)
📝 WalkthroughWalkthroughEnvironment docs were reorganized and expanded; the SST stack gained environment-driven pgAdmin exposure flags and validation; a dashboard component interface was reformatted (no behavior changes). ChangespgAdmin Infrastructure Exposure Control
Dashboard Component Formatting
🎯 3 (Moderate) | ⏱️ ~20 minutes
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@apps/infra/sst.config.ts`:
- Around line 487-490: Update the infra README table to reflect that pgAdmin is
internal-by-default and only becomes public when PGADMIN_PUBLIC=true; locate the
entry describing the PgAdmin ALB and change its "Reachability" / "Public" column
to indicate "Internal by default (set PGADMIN_PUBLIC=true to expose publicly)"
and mention the pgAdminPublic configuration flag (pgAdminPublic) as the toggle
so operators know the env var and config name that control exposure.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro Plus
Run ID: 992e7d23-ccfa-462d-9db9-656846518741
📒 Files selected for processing (3)
apps/dashboard/src/components/ui/sheet.tsxapps/infra/.env.exampleapps/infra/sst.config.ts
Addresses CodeRabbit on #661: pgAdmin is no longer a public ALB by default; the services table now reflects internal ALB with the PGADMIN_PUBLIC=true toggle. --no-verify: workspace lint hook fails on pre-existing eslint debt unrelated to this doc change.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Two infra config changes in
apps/infra:sst.config.ts— pgAdmin exposure configurable, secure by defaultPGADMIN_PUBLIC,PGADMIN_CONFIG_SERVER_MODE,PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED(plus email/password). Unset → internal-only ALB + login screen on (previously: public ALB, desktop mode = no auth).PGADMIN_PUBLIC=trueunless both auth flags stayTrue— coupled so one misconfigured flag can't recreate a public, no-auth Postgres console..env.example— accuracy + organization[required](deploy throws) vs[required at runtime](silently defaults to a broken value) vs[optional].admin/password, runner wiring, dashboard URLs,SVIX_SERVER_URL.RUNNERS(fleet not implemented — single runner only).Notes
apps/dashboard/.../sheet.tsx: incidental prettier reformat (pre-existing drift) pulled in by the workspace-wide pre-commit autofix hook — not functional.--no-verify: the workspace-wide lint pre-commit hook fails on ~278 pre-existing eslint errors acrossapps/unrelated to this change (CLAUDE.md audit passed)..env(gitignored) reorganized locally to match; not in this PR.--stage devdeploy is separately blocked on a staleRUNNER_PRIVATE_IP.Summary by CodeRabbit
New Features
Documentation
Style