df0063abc0
CI / Check (push) Has been skipped
CI / Detect Changes (push) Successful in 5s
CI / Deploy Agent (push) Successful in 9m41s
CI / Deploy Dashboard (push) Successful in 15m19s
CI / Deploy Docs (push) Has been skipped
CI / Deploy MCP (push) Successful in 3m7s
## Summary - **Scan produces no results in Orca** — semgrep (`--config=auto`, unbounded memory) and syft (remote license network calls) were getting OOM-killed or hanging in resource-constrained Orca containers. Scan would "complete" with 0 findings/SBOMs silently because each scanner failure is caught and logged as a warning. - **Dashboard Script error spam** — `document::Script` in Dioxus 0.7 needs a single text node child for inline scripts; `dangerous_inner_html` was invalid and spammed the error log on every unauthenticated page load. ## Changes | File | Change | |------|--------| | `semgrep.rs` | Add `--max-memory 500 --jobs 1`; 10-minute timeout | | `syft.rs` | Remove remote license lookup env vars; 5-minute timeout | | `gitleaks.rs` | 5-minute timeout | | `app_shell.rs` | Fix `dangerous_inner_html` → text child in `document::Script` | ## Test plan - [ ] Trigger a scan on a repo in Orca — findings and SBOM entries should now appear - [ ] Agent logs should show timeout/error warnings rather than silent empty results when tools are killed - [ ] Navigate to dashboard unauthenticated — Script error gone from logs - [ ] Verify scans work end-to-end with `docker compose up` --------- Co-authored-by: Sharang Parnerkar <30073382+mighty840@users.noreply.github.com> Reviewed-on: #78
48 lines
1.4 KiB
Rust
48 lines
1.4 KiB
Rust
use dioxus::prelude::*;
|
|
|
|
use crate::app::Route;
|
|
use crate::components::help_chat::HelpChat;
|
|
use crate::components::notification_bell::NotificationBell;
|
|
use crate::components::sidebar::Sidebar;
|
|
use crate::components::toast::{ToastContainer, Toasts};
|
|
use crate::infrastructure::auth_check::check_auth;
|
|
|
|
#[component]
|
|
pub fn AppShell() -> Element {
|
|
use_context_provider(Toasts::new);
|
|
|
|
let auth = use_server_future(check_auth)?;
|
|
|
|
match auth() {
|
|
Some(Ok(info)) if info.authenticated => {
|
|
use_context_provider(|| Signal::new(info.clone()));
|
|
rsx! {
|
|
div { class: "app-shell",
|
|
Sidebar {}
|
|
main { class: "main-content",
|
|
Outlet::<Route> {}
|
|
}
|
|
NotificationBell {}
|
|
ToastContainer {}
|
|
HelpChat {}
|
|
}
|
|
}
|
|
}
|
|
Some(Ok(_)) | Some(Err(_)) => {
|
|
// Not authenticated — redirect to Keycloak login
|
|
rsx! {
|
|
document::Script {
|
|
"window.location.href = '/auth';"
|
|
}
|
|
}
|
|
}
|
|
None => {
|
|
rsx! {
|
|
div { class: "flex items-center justify-center h-screen bg-gray-950",
|
|
p { class: "text-gray-400", "Loading..." }
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|