Skip to content

docs(screenshots): add a reusable toolkit to seed data and capture UI shots#6524

Open
otavio wants to merge 1 commit into
masterfrom
docs/screenshot-automation
Open

docs(screenshots): add a reusable toolkit to seed data and capture UI shots#6524
otavio wants to merge 1 commit into
masterfrom
docs/screenshot-automation

Conversation

@otavio

@otavio otavio commented Jun 22, 2026

Copy link
Copy Markdown
Member

What

Adds ui/apps/docs/screenshots/ — a reusable toolkit that seeds demo data
and re-captures the dashboard screenshots used throughout the documentation.
Re-run it whenever the UI changes instead of hand-rebuilding shots.

It drives a headless Chromium (playwright-core) against a local ShellHub dev
environment, browsing through the branded host shellhub.example.com so the
UI rebrands itself (SSHIDs, agent install command, etc.) with no backend change.

File Purpose
config.mjs / lib.mjs / auth.mjs env-driven config, browser + REST helpers, cached auth state
seed.mjs idempotent API seeding — namespace, devices (one left pending), public key, and (enterprise) firewall rules + a web endpoint/tunnel
manifest.mjs / capture.mjs declarative list of shots + the runner (--ce-only, --only=)
env.override.example / README.md setup template + docs

Enterprise setup is pure env-vars

Everything an enterprise capture needs is driven by shellhub/.env.override
(gitignored) and consumed by the existing enterprise/cloud compose files —
no docker-compose.override.yml:

  • SHELLHUB_ENTERPRISE / SHELLHUB_WEB_ENDPOINTS / SHELLHUB_DOMAIN — flags + branding
  • SHELLHUB_LICENSE_FILE — the license path, mounted via the env-driven mount added in shellhub-io/cloud#2409
  • SHELLHUB_MAXMIND_MIRROR= (empty) — disables GeoIP (the cloud default mirror 404s for local dev and would otherwise FATAL the api at boot); geo data is unused by the screenshots

Gated steps degrade gracefully on plain CE — a 402/404/405 is logged as a skip,
so seed.mjs also works against a Community Edition install.

Security

The enterprise license is private. Nothing here references a real license path
— only the placeholder in env.override.example. .env.override and the
license file are gitignored and never committed.

Verification

  • seed.mjs runs end-to-end against the consolidated env; the enterprise
    steps succeed
    (firewall rules + web endpoint/tunnel created, not
    402-skipped), confirming the license loads through .env.override alone.
  • The enterprise api boots clean with the override file removed: GeoIP locator
    disabled, license evaluator initialized, license persisted to Postgres.

@otavio otavio requested a review from a team as a code owner June 22, 2026 18:33
@github-actions

github-actions Bot commented Jun 22, 2026

Copy link
Copy Markdown

Claude finished @otavio's task in 10m 11s —— View job


Code Review Complete

Reviewed 11 files across code quality, security, testing, language patterns, and architecture. 2 inline comments posted (1 medium, 1 low).

Security review confirmed no hardcoded secrets, proper use of environment variables for credentials, and safe subprocess invocation (execFileSync with array args). Architecture review verified all REST API contracts (/devices/auth, /firewall/rules, /sshkeys/public-keys, etc.) match the actual codebase, and the docker-compose override template is correct.


To request another review round, comment /review.

Comment thread ui/apps/docs/screenshots/capture.mjs
Comment thread ui/apps/docs/screenshots/seed.mjs
otavio added a commit that referenced this pull request Jun 22, 2026
Use fs.readFileSync/fs.rmSync instead of shelling out to cat/rm in the
public-key seed, and log a warning when a shot's waitForText never
appears instead of silently swallowing the timeout.
@otavio

otavio commented Jun 22, 2026

Copy link
Copy Markdown
Member Author

/review

@github-actions

github-actions Bot commented Jun 22, 2026

Copy link
Copy Markdown

Claude finished @otavio's task in 5m 57s —— View job


Code Review Complete

Reviewed 11 files across code quality, security, testing, language patterns, and architecture — no issues found.

Security review confirmed no hardcoded secrets, proper use of environment variables for credentials, and safe subprocess invocation (execFileSync with array args). Architecture review verified all REST API contracts (/devices/auth, /firewall/rules, /sshkeys/public-keys, /devices/{uid}/tunnels, /namespaces/{tenant}, /login, etc.) match the actual Go codebase, all Docker Compose env vars (SHELLHUB_ENTERPRISE, SHELLHUB_WEB_ENDPOINTS, SHELLHUB_DOMAIN, ADMIN_API_LICENSE_FILE) are correct, and the previous review findings (waitForText warning, fs.readFileSync switch) were properly addressed in 7c3318c.

To request another review round, comment /review.


@otavio otavio force-pushed the docs/screenshot-automation branch from df43c3e to 08e405c Compare June 22, 2026 20:03
… shots

Adds ui/apps/docs/screenshots/, automation that seeds demo data and
re-captures the dashboard screenshots used throughout the documentation. It
drives a headless Chromium (playwright-core) against a local dev environment
through the branded host shellhub.example.com so the UI rebrands itself with
no backend change. seed.mjs does idempotent API seeding (devices, a public
key, firewall rules, a web endpoint/tunnel); manifest.mjs and capture.mjs are
the declarative shot list and runner. Enterprise screens are enabled entirely
through .env.override environment variables consumed by the existing
enterprise and cloud compose files, with no docker-compose.override.yml: the
license is a single SHELLHUB_LICENSE_FILE var and GeoIP is disabled with an
empty SHELLHUB_MAXMIND_MIRROR. Gated steps degrade gracefully on plain CE.
@otavio otavio force-pushed the docs/screenshot-automation branch from 08e405c to c7f95bc Compare June 22, 2026 20:16
@otavio

otavio commented Jun 22, 2026

Copy link
Copy Markdown
Member Author

/review

@github-actions

github-actions Bot commented Jun 22, 2026

Copy link
Copy Markdown

Claude finished @otavio's task in 11m 53s —— View job


Code Review Complete

Reviewed 11 files across code quality, security, testing, language patterns, and architecture — no issues found.

Security review confirmed no hardcoded secrets, proper use of environment variables for credentials, and safe subprocess invocation (execFileSync with array args). Architecture review verified all REST API contracts (/devices/auth, /firewall/rules, /sshkeys/public-keys, /devices/{uid}/tunnels, /namespaces/{tenant}, /login, etc.) match the actual Go codebase, all Docker Compose env vars (SHELLHUB_ENTERPRISE, SHELLHUB_WEB_ENDPOINTS, SHELLHUB_DOMAIN, SHELLHUB_MAXMIND_MIRROR, SHELLHUB_LICENSE_FILE) are correct, and the previous review findings (waitForText warning, fs.readFileSync switch) were properly addressed in 7c3318c.


To request another review round, comment /review.

@otavio otavio requested a review from gustavosbarreto June 22, 2026 20:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant