mc/mcr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Phases 11, 12: mcrctl CLI tool and mcr-web UI

Browse Source 
Phase 11 implements the admin CLI with dual REST/gRPC transport,
global flags (--server, --grpc, --token, --ca-cert, --json), and
all commands: status, repo list/delete, policy CRUD, audit tail,
gc trigger/status/reconcile, and snapshot.

Phase 12 implements the HTMX web UI with chi router, session-based
auth (HttpOnly/Secure/SameSite=Strict cookies), CSRF protection
(HMAC-SHA256 signed double-submit), and pages for dashboard,
repositories, manifest detail, policy management, and audit log.

Security: CSRF via signed double-submit cookie, session cookies
with HttpOnly/Secure/SameSite=Strict, TLS 1.3 minimum on all
connections, form body size limits via http.MaxBytesReader.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-03-20 10:14:38 -07:00
parent 185b68ff6d
commit 593da3975d
23 changed files with 3737 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
web/templates/audit.html Normal file
View File

@@ -0,0 +1,80 @@
{{define "title"}}Audit Log{{end}}
{{define "content"}}
<h1>Audit Log</h1>
{{if .Error}}
<div class="error">{{.Error}}</div>
{{end}}
<form method="GET" action="/audit" class="filters">
<div class="form-group">
<label for="event_type">Event Type</label>
<select id="event_type" name="event_type">
<option value="">All</option>
<option value="manifest_pushed" {{if eq .FilterType "manifest_pushed"}}selected{{end}}>Manifest Pushed</option>
<option value="manifest_deleted" {{if eq .FilterType "manifest_deleted"}}selected{{end}}>Manifest Deleted</option>
<option value="blob_uploaded" {{if eq .FilterType "blob_uploaded"}}selected{{end}}>Blob Uploaded</option>
<option value="blob_deleted" {{if eq .FilterType "blob_deleted"}}selected{{end}}>Blob Deleted</option>
<option value="repo_deleted" {{if eq .FilterType "repo_deleted"}}selected{{end}}>Repo Deleted</option>
<option value="gc_started" {{if eq .FilterType "gc_started"}}selected{{end}}>GC Started</option>
<option value="gc_completed" {{if eq .FilterType "gc_completed"}}selected{{end}}>GC Completed</option>
<option value="policy_created" {{if eq .FilterType "policy_created"}}selected{{end}}>Policy Created</option>
<option value="policy_updated" {{if eq .FilterType "policy_updated"}}selected{{end}}>Policy Updated</option>
<option value="policy_deleted" {{if eq .FilterType "policy_deleted"}}selected{{end}}>Policy Deleted</option>
</select>
</div>
<div class="form-group">
<label for="repository">Repository</label>
<input type="text" id="repository" name="repository" value="{{.FilterRepo}}" placeholder="e.g. library/nginx">
</div>
<div class="form-group">
<label for="since">Since</label>
<input type="date" id="since" name="since" value="{{.FilterSince}}">
</div>
<div class="form-group">
<label for="until">Until</label>
<input type="date" id="until" name="until" value="{{.FilterUntil}}">
</div>
<button type="submit">Filter</button>
</form>
{{if .Events}}
<table>
<thead>
<tr>
<th>Time</th>
<th>Type</th>
<th>Actor</th>
<th>Repository</th>
<th>Digest</th>
<th>IP Address</th>
</tr>
</thead>
<tbody>
{{range .Events}}
<tr>
<td>{{formatTime .EventTime}}</td>
<td>{{.EventType}}</td>
<td>{{.ActorId}}</td>
<td>{{.Repository}}</td>
<td class="truncated">{{truncate .Digest 24}}</td>
<td>{{.IpAddress}}</td>
</tr>
{{end}}
</tbody>
</table>
<div class="pagination">
{{if gt .Page 1}}
<a href="{{.PrevURL}}">Previous</a>
{{end}}
<span>Page {{.Page}}</span>
{{if .HasNext}}
<a href="{{.NextURL}}">Next</a>
{{end}}
</div>
{{else}}
<p>No audit events found.</p>
{{end}}
{{end}}

44
web/templates/dashboard.html Normal file
View File

@@ -0,0 +1,44 @@
{{define "title"}}Dashboard{{end}}
{{define "content"}}
<h1>Dashboard</h1>
<div class="stats">
<div class="stat-card">
<div class="label">Repositories</div>
<div class="value">{{.RepoCount}}</div>
</div>
<div class="stat-card">
<div class="label">Total Size</div>
<div class="value">{{.TotalSize}}</div>
</div>
</div>
<h2>Recent Activity</h2>
{{if .Events}}
<table>
<thead>
<tr>
<th>Time</th>
<th>Type</th>
<th>Actor</th>
<th>Repository</th>
<th>Digest</th>
</tr>
</thead>
<tbody>
{{range .Events}}
<tr>
<td>{{formatTime .EventTime}}</td>
<td>{{.EventType}}</td>
<td>{{.ActorId}}</td>
<td>{{.Repository}}</td>
<td class="truncated">{{truncate .Digest 24}}</td>
</tr>
{{end}}
</tbody>
</table>
{{else}}
<p>No recent activity.</p>
{{end}}
{{end}}

26
web/templates/layout.html Normal file
View File

@@ -0,0 +1,26 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>MCR - {{template "title" .}}</title>
<link rel="stylesheet" href="/static/style.css">
<script src="https://unpkg.com/htmx.org@2.0.4"></script>
</head>
<body>
{{if .Session}}
<nav>
<span class="brand">MCR</span>
<a href="/">Dashboard</a>
<a href="/repositories">Repositories</a>
<a href="/policies">Policies</a>
<a href="/audit">Audit</a>
<span class="spacer"></span>
<a href="/logout" class="logout">Logout</a>
</nav>
{{end}}
<div class="container">
{{template "content" .}}
</div>
</body>
</html>

22
web/templates/login.html Normal file
View File

@@ -0,0 +1,22 @@
{{define "title"}}Login{{end}}
{{define "content"}}
<div class="login-container">
<h1>MCR Login</h1>
{{if .Error}}
<div class="error">{{.Error}}</div>
{{end}}
<form method="POST" action="/login">
<input type="hidden" name="_csrf" value="{{.CSRFToken}}">
<div class="form-group">
<label for="username">Username</label>
<input type="text" id="username" name="username" required autofocus>
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" id="password" name="password" required>
</div>
<button type="submit">Sign In</button>
</form>
</div>
{{end}}

28
web/templates/manifest_detail.html Normal file
View File

@@ -0,0 +1,28 @@
{{define "title"}}Manifest Detail{{end}}
{{define "content"}}
<h1>Manifest Detail</h1>
{{if .Error}}
<div class="error">{{.Error}}</div>
{{else}}
<div class="stats">
<div class="stat-card">
<div class="label">Digest</div>
<div class="value truncated" style="font-size: 0.875rem;">{{.Manifest.Digest}}</div>
</div>
<div class="stat-card">
<div class="label">Media Type</div>
<div class="value" style="font-size: 1rem;">{{.Manifest.MediaType}}</div>
</div>
<div class="stat-card">
<div class="label">Size</div>
<div class="value">{{formatSize .Manifest.Size}}</div>
</div>
</div>
<p><a href="/repositories/{{.RepoName}}">Back to {{.RepoName}}</a></p>
{{end}}
{{end}}

92
web/templates/policies.html Normal file
View File

@@ -0,0 +1,92 @@
{{define "title"}}Policies{{end}}
{{define "content"}}
<h1>Policy Rules</h1>
{{if .Error}}
<div class="error">{{.Error}}</div>
{{end}}
<h2>Create Policy Rule</h2>
<form method="POST" action="/policies">
<input type="hidden" name="_csrf" value="{{.CSRFToken}}">
<div class="form-row">
<div class="form-group">
<label for="priority">Priority</label>
<input type="number" id="priority" name="priority" value="100" required>
</div>
<div class="form-group">
<label for="description">Description</label>
<input type="text" id="description" name="description" required>
</div>
<div class="form-group">
<label for="effect">Effect</label>
<select id="effect" name="effect">
<option value="allow">Allow</option>
<option value="deny">Deny</option>
</select>
</div>
<div class="form-group">
<label for="actions">Actions (comma-sep)</label>
<input type="text" id="actions" name="actions" placeholder="pull,push">
</div>
<div class="form-group">
<label for="repositories">Repositories (comma-sep)</label>
<input type="text" id="repositories" name="repositories" placeholder="*">
</div>
<button type="submit">Create</button>
</div>
</form>
<div id="policy-table">
{{if .Policies}}
<table>
<thead>
<tr>
<th>ID</th>
<th>Priority</th>
<th>Description</th>
<th>Effect</th>
<th>Actions</th>
<th>Repositories</th>
<th>Enabled</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
{{range .Policies}}
<tr id="policy-{{.Id}}">
<td>{{.Id}}</td>
<td>{{.Priority}}</td>
<td>{{.Description}}</td>
<td><span class="badge badge-{{.Effect}}">{{.Effect}}</span></td>
<td>{{joinStrings .Actions ", "}}</td>
<td>{{joinStrings .Repositories ", "}}</td>
<td>
{{if .Enabled}}
<span class="badge badge-enabled">Enabled</span>
{{else}}
<span class="badge badge-disabled">Disabled</span>
{{end}}
</td>
<td>
<form method="POST" action="/policies/{{.Id}}/toggle" style="display:inline;">
<input type="hidden" name="_csrf" value="{{$.CSRFToken}}">
<button type="submit" class="small secondary">
{{if .Enabled}}Disable{{else}}Enable{{end}}
</button>
</form>
<form method="POST" action="/policies/{{.Id}}/delete" style="display:inline;">
<input type="hidden" name="_csrf" value="{{$.CSRFToken}}">
<button type="submit" class="small danger">Delete</button>
</form>
</td>
</tr>
{{end}}
</tbody>
</table>
{{else}}
<p>No policy rules configured.</p>
{{end}}
</div>
{{end}}

36
web/templates/repositories.html Normal file
View File

@@ -0,0 +1,36 @@
{{define "title"}}Repositories{{end}}
{{define "content"}}
<h1>Repositories</h1>
{{if .Error}}
<div class="error">{{.Error}}</div>
{{end}}
{{if .Repositories}}
<table>
<thead>
<tr>
<th>Name</th>
<th>Tags</th>
<th>Manifests</th>
<th>Size</th>
<th>Created</th>
</tr>
</thead>
<tbody>
{{range .Repositories}}
<tr>
<td><a href="/repositories/{{.Name}}">{{.Name}}</a></td>
<td>{{.TagCount}}</td>
<td>{{.ManifestCount}}</td>
<td>{{formatSize .TotalSize}}</td>
<td>{{formatTime .CreatedAt}}</td>
</tr>
{{end}}
</tbody>
</table>
{{else}}
<p>No repositories found.</p>
{{end}}
{{end}}

74
web/templates/repository_detail.html Normal file
View File

@@ -0,0 +1,74 @@
{{define "title"}}{{.Name}}{{end}}
{{define "content"}}
<h1>{{.Name}}</h1>
{{if .Error}}
<div class="error">{{.Error}}</div>
{{else}}
<div class="stats">
<div class="stat-card">
<div class="label">Total Size</div>
<div class="value">{{formatSize .TotalSize}}</div>
</div>
<div class="stat-card">
<div class="label">Tags</div>
<div class="value">{{len .Tags}}</div>
</div>
<div class="stat-card">
<div class="label">Manifests</div>
<div class="value">{{len .Manifests}}</div>
</div>
</div>
<h2>Tags</h2>
{{if .Tags}}
<table>
<thead>
<tr>
<th>Tag</th>
<th>Digest</th>
</tr>
</thead>
<tbody>
{{range .Tags}}
<tr>
<td>{{.Name}}</td>
<td class="truncated"><a href="/repositories/{{$.Name}}/manifests/{{.Digest}}">{{truncate .Digest 24}}</a></td>
</tr>
{{end}}
</tbody>
</table>
{{else}}
<p>No tags.</p>
{{end}}
<h2>Manifests</h2>
{{if .Manifests}}
<table>
<thead>
<tr>
<th>Digest</th>
<th>Media Type</th>
<th>Size</th>
<th>Created</th>
</tr>
</thead>
<tbody>
{{range .Manifests}}
<tr>
<td class="truncated"><a href="/repositories/{{$.Name}}/manifests/{{.Digest}}">{{truncate .Digest 24}}</a></td>
<td>{{.MediaType}}</td>
<td>{{formatSize .Size}}</td>
<td>{{formatTime .CreatedAt}}</td>
</tr>
{{end}}
</tbody>
</table>
{{else}}
<p>No manifests.</p>
{{end}}
{{end}}
{{end}}