DeployCreatePage: private deploys + IP allow-list UI (Pro+)#44
Merged
Conversation
Track B for the private-deploy feature. Surfaces an opt-in "Private deploy" toggle on /app/deployments and renders the privacy state + Pro+ editor on /app/deployments/:id. Pro/Team/Growth get the live configurator; hobby / free / anonymous get the feature-specific UpgradePromptCard via the new `private_deploy` key in upgradeCopy.ts. - api: createDeploy() + updateDeploymentAccess(); private/allowed_ips on DashboardDeployment + adapter. private defaults to false on older API builds so the UI never silently inherits stale state. PATCH endpoint is Track A's responsibility — a 404 surfaces a friendly "edits pending backend" hint instead of a raw error. - IpAllowList: reusable tag input. Enter / comma / space commits; Backspace on empty pops; chips with × removal; loose IPv4 + IPv6 + CIDR regex with red-border feedback (server has the real validator); max 32 entries matching backend cap. - DeploymentsPage: PrivateDeployConfigurator (Pro+) builds a precise agent prompt mirroring the createDeploy() wire shape — consistent with the read-only / agent-driven dashboard pattern. - DeployDetailPage: header gains a `private` badge; PrivacyPanel section on the Overview tab shows public-hint or allowed_ips list; Pro+ edit affordance with save / cancel + tier + 404 error handling. - Tests: 45 new tests across IpAllowList (19), DeploymentsPage tier-gate + toggle behaviour (5), DeployDetailPage privacy panel (6), and api contract coverage for createDeploy + updateDeploymentAccess (10). 329/329 pass; 3 pre-existing skips. Build clean. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Track B for the private-deploy feature (Track A ships the backend in parallel). Adds an opt-in "Private deploy" toggle on
/app/deploymentsand the privacy state + Pro+ inline editor on/app/deployments/:id. Hobby / free / anonymous see a feature-specificUpgradePromptCardfor the newprivate_deploykey.createDeploy()andupdateDeploymentAccess()lock the wire shape (private: boolean,allowed_ips: string[]) for both the agent prompt and the future PATCH path.DashboardDeploymentgainsprivate(defaults false) +allowed_ips(defaults []) so older API responses never silently inherit stale privacy state.IpAllowList(new reusable tag input): Enter / comma / space commits, Backspace-on-empty pops the last chip, × on each chip removes, loose IPv4 + IPv6 + CIDR regex gives red-border feedback on bogus entries (server has the real validator), 32-entry cap matches the backend.PrivateDeployConfigurator(toggle + IP allow-list +PromptCardwhose body mirrorscreateDeploy()'s wire shape — keeps the dashboard's read-only / agent-driven pattern). Hobby / free / anonymous renderUpgradePromptCard feature="private_deploy".privatebadge;PrivacyPanelsurfaces the public / private state; Pro+ tier gets an inline editor (toggle + IpAllowList + save/cancel). The editor callsupdateDeploymentAccess()and on 404 surfaces "edits pending backend" copy (Track A's PATCH is still rolling out) — no fake confirmation when the change didn't land.private_deploykey per U2 pattern.Test plan
npm test— 329 / 329 pass, 3 pre-existing skips (45 new tests added)npm run buildcleanIpAllowListunit tests: add/remove/Backspace/validate/max-32/disabled modeDeploymentsPagetier-gate + toggle behaviour testsDeployDetailPageprivacy panel: public hint, private + allow-list display, edit flow, 404 hint, disabled save when private+emptycreateDeploy+updateDeploymentAccesscontract tests (status codes 200/400/402/404, field names, URI encoding)Backend assumptions (Track A)
POST /deploy/newaccepts{ private?: boolean, allowed_ips?: string[] }GET /api/v1/deployments/:idreturns{ private: boolean, allowed_ips: string[] }PATCH /api/v1/deployments/:idwith same body for updates (this PR returns 404 → friendly hint until shipped)agent_actionfor upgradeallowed_ipswhenprivate=true🤖 Generated with Claude Code