Kyle Isom
593da3975d
Phase 11 implements the admin CLI with dual REST/gRPC transport, global flags (--server, --grpc, --token, --ca-cert, --json), and all commands: status, repo list/delete, policy CRUD, audit tail, gc trigger/status/reconcile, and snapshot. Phase 12 implements the HTMX web UI with chi router, session-based auth (HttpOnly/Secure/SameSite=Strict cookies), CSRF protection (HMAC-SHA256 signed double-submit), and pages for dashboard, repositories, manifest detail, policy management, and audit log. Security: CSRF via signed double-submit cookie, session cookies with HttpOnly/Secure/SameSite=Strict, TLS 1.3 minimum on all connections, form body size limits via http.MaxBytesReader. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
27 lines
747 B
HTML
27 lines
747 B
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>MCR - {{template "title" .}}</title>
|
|
<link rel="stylesheet" href="/static/style.css">
|
|
<script src="https://unpkg.com/htmx.org@2.0.4"></script>
|
|
</head>
|
|
<body>
|
|
{{if .Session}}
|
|
<nav>
|
|
<span class="brand">MCR</span>
|
|
<a href="/">Dashboard</a>
|
|
<a href="/repositories">Repositories</a>
|
|
<a href="/policies">Policies</a>
|
|
<a href="/audit">Audit</a>
|
|
<span class="spacer"></span>
|
|
<a href="/logout" class="logout">Logout</a>
|
|
</nav>
|
|
{{end}}
|
|
<div class="container">
|
|
{{template "content" .}}
|
|
</div>
|
|
</body>
|
|
</html>
|