console/packages/web/app/README.md

# `@hive/app`

The Hive application as seen on https://app.graphql-hive.com/.

## Configuration

The following environment variables configure the application.

| Name                                    | Required                                   | Description                                                                                   | Example Value                                        |
| --------------------------------------- | ------------------------------------------ | --------------------------------------------------------------------------------------------- | ---------------------------------------------------- |
| `APP_BASE_URL`                          | **Yes**                                    | The base url of the app,                                                                      | `https://app.graphql-hive.com`                       |
| `GRAPHQL_PUBLIC_ENDPOINT`               | **Yes**                                    | The public endpoint of the Hive GraphQL API.                                                  | `http://127.0.0.1:4000/graphql`                      |
| `GRAPHQL_PUBLIC_ORIGIN`                 | **Yes**                                    | The http address origin of the Hive GraphQL server.                                           | `http://127.0.0.1:4000/`                             |
| `INTEGRATION_SLACK`                     | No                                         | Whether the Slack integration is enabled or disabled.                                         | `1` (enabled) or `0` (disabled)                      |
| `INTEGRATION_SLACK_SLACK_CLIENT_ID`     | No (**Yes** if `INTEGRATION_SLACK` is set) | The Slack client ID.                                                                          | `g6aff8102efda5e1d12e`                               |
| `INTEGRATION_SLACK_SLACK_CLIENT_SECRET` | No (**Yes** if `INTEGRATION_SLACK` is set) | The Slack client secret.                                                                      | `g12e552xx54xx2b127821dc4abc4491dxxxa6b187`          |
| `INTEGRATION_GITHUB_APP_NAME`           | No                                         | The GitHub application name.                                                                  | `graphql-hive-self-hosted`                           |
| `AUTH_GITHUB`                           | No                                         | Whether login via GitHub should be allowed                                                    | `1` (enabled) or `0` (disabled)                      |
| `AUTH_GOOGLE`                           | No                                         | Whether login via Google should be allowed                                                    | `1` (enabled) or `0` (disabled)                      |
| `AUTH_ORGANIZATION_OIDC`                | No                                         | Whether linking a Hive organization to an Open ID Connect provider is allowed. (Default: `0`) | `1` (enabled) or `0` (disabled)                      |
| `AUTH_OKTA`                             | No                                         | Whether login via Okta should be allowed                                                      | `1` (enabled) or `0` (disabled)                      |
| `AUTH_OKTA_HIDDEN`                      | No                                         | Whether the Okta login button should be hidden. (Default: `0`)                                | `1` (enabled) or `0` (disabled)                      |
| `AUTH_REQUIRE_EMAIL_VERIFICATION`       | No                                         | Whether verifying the email address is mandatory.                                             | `1` (enabled) or `0` (disabled)                      |
| `ENVIRONMENT`                           | No                                         | The environment of your Hive app. (**Note:** This will be used for Sentry reporting.)         | `staging`                                            |
| `SENTRY_DSN`                            | No                                         | The DSN for reporting errors to Sentry.                                                       | `https://dooobars@o557896.ingest.sentry.io/12121212` |
| `SENTRY_ENABLED`                        | No                                         | Whether Sentry error reporting should be enabled.                                             | `1` (enabled) or `0` (disabled)                      |
| `DOCS_URL`                              | No                                         | The URL of the Hive Docs                                                                      | `https://the-guild.dev/graphql/hive/docs`            |
| `NODE_ENV`                              | No                                         | The `NODE_ENV` value.                                                                         | `production`                                         |
| `GRAPHQL_PERSISTED_OPERATIONS`          | No                                         | Send persisted operation hashes instead of documents to the server.                           | `1` (enabled) or `0` (disabled)                      |

## Hive Hosted Configuration

This is only important if you are hosting Hive for getting 💰.

### Payments

| Name                | Required | Description            | Example Value          |
| ------------------- | -------- | ---------------------- | ---------------------- |
| `STRIPE_PUBLIC_KEY` | No       | The Stripe Public Key. | `g6aff8102efda5e1d12e` |

### Building the Docker Image

**Prerequisites:** Make sure you built the mono-repository using `pnpm build`.

```bash
docker build . --build-arg RELEASE=stable-main -t graphql-hive/app
```
feat: remove app next.js built-time environment variable requirement (#382) * feat: retreive stripe public key via runtime environment variable instead of a build-time environment variable * feat: retreive google and github enabled environment variable via runtime environment variable instead of a build-time environment variable * feat: retreive app base url environment variable via runtime environment variable instead of a build-time environment variable * feat: retreive mixpanel token environment variable via runtime environment variable instead of a build-time environment variable * lazy initialize app info * feat: provide ga tarcking id and crisp website id via environment variable * make docs url optional * feat: load sentry config from environment variables * document hive app environment variables * add application dockerfile * add docker build instructions * lul * set working directory * pls fix * lol this is apollo-router not graphql-hive * feat: only show sentry stuff if sentry environment variables are set * use LTS node version * No mixpanel * Fallback Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> 2022-09-21 10:47:40 +00:00			# `@hive/app`

			`The Hive application as seen on https://app.graphql-hive.com/.`

			`## Configuration`

			`The following environment variables configure the application.`

feat: OIDC organisation integration (#524) * feat: support login via okta * add deployment config * feat: automatically start okta login when visiting /auth with okta provider query parameter * remove trailing slash from base url * laurin pls * ... * adjust deployment url * we dont need this * docs: document how to enabled Google and GitHub social login (#511) * docs: document how to enabled Google and GitHub social login * Apply suggestions from code review * Apply suggestions from code review * docs: add Okta instructions * fix typo * add database migration * feat: env decoding * auto generate id * add generates types for the postgres table * implement crud graphql fields for the oidc integration entites * add unique constraint for the oidc domain column * use correct sql query for updating an oidc integration * return organization from deleteOIDCIntegration ok result * add crud forms to the settings page * update integration test fixture value * drop unique constraint for oidc_integrations.domain as this would allow a malicous user to block another account from using a domain * move notice to isolated component * apply url normalization in a central place * implement supertokens provider and overrides for dynamic oidc provider integrations * relocate code to correct files * prettify oidc crud forms * replace Query.isOIDCIntegrationFeatureEnabled with the Organization.viewerCanManageOIDCIntegration field * do not show oidc integrations for personal organizations + disable crud endpoints if the feature is disabled * load oidc integration for the supertokens flow via trpc from the server * prepare encryption secret within constructor * add user to organization upon oidc login * login via oidc does not create a personal organization * redirect oidc user to oidc organization * disallow oidc users to create an organization * disallow oidc accounts joining another organization * add test for updating an oidc integration * enhance ui * add documentation for OIDC SSO * add more tests * import Callout component * update snapshots * rename field User.isLinkedToOIDCIntegration to User.canSwitchOrganization to be more decriptive * add traling new line * gracefully handle unique constraint * upgrade supertokens-auth-react and adjust the code in order to remove the global preApiHook * sync image versions with tests * remove obsolete comment * rename database column * bruv * add test for oidc user deletion 2022-11-03 15:45:17 +00:00			`\| Name \| Required \| Description \| Example Value \|`
			`\| --------------------------------------- \| ------------------------------------------ \| --------------------------------------------------------------------------------------------- \| ---------------------------------------------------- \|`
			\| `APP_BASE_URL` \| Yes \| The base url of the app, \| `https://app.graphql-hive.com` \|
Move SuperTokens-node to GraphQL server (#4288) 2024-03-26 12:42:56 +00:00			\| `GRAPHQL_PUBLIC_ENDPOINT` \| Yes \| The public endpoint of the Hive GraphQL API. \| `http://127.0.0.1:4000/graphql` \|
			\| `GRAPHQL_PUBLIC_ORIGIN` \| Yes \| The http address origin of the Hive GraphQL server. \| `http://127.0.0.1:4000/` \|
feat: OIDC organisation integration (#524) * feat: support login via okta * add deployment config * feat: automatically start okta login when visiting /auth with okta provider query parameter * remove trailing slash from base url * laurin pls * ... * adjust deployment url * we dont need this * docs: document how to enabled Google and GitHub social login (#511) * docs: document how to enabled Google and GitHub social login * Apply suggestions from code review * Apply suggestions from code review * docs: add Okta instructions * fix typo * add database migration * feat: env decoding * auto generate id * add generates types for the postgres table * implement crud graphql fields for the oidc integration entites * add unique constraint for the oidc domain column * use correct sql query for updating an oidc integration * return organization from deleteOIDCIntegration ok result * add crud forms to the settings page * update integration test fixture value * drop unique constraint for oidc_integrations.domain as this would allow a malicous user to block another account from using a domain * move notice to isolated component * apply url normalization in a central place * implement supertokens provider and overrides for dynamic oidc provider integrations * relocate code to correct files * prettify oidc crud forms * replace Query.isOIDCIntegrationFeatureEnabled with the Organization.viewerCanManageOIDCIntegration field * do not show oidc integrations for personal organizations + disable crud endpoints if the feature is disabled * load oidc integration for the supertokens flow via trpc from the server * prepare encryption secret within constructor * add user to organization upon oidc login * login via oidc does not create a personal organization * redirect oidc user to oidc organization * disallow oidc users to create an organization * disallow oidc accounts joining another organization * add test for updating an oidc integration * enhance ui * add documentation for OIDC SSO * add more tests * import Callout component * update snapshots * rename field User.isLinkedToOIDCIntegration to User.canSwitchOrganization to be more decriptive * add traling new line * gracefully handle unique constraint * upgrade supertokens-auth-react and adjust the code in order to remove the global preApiHook * sync image versions with tests * remove obsolete comment * rename database column * bruv * add test for oidc user deletion 2022-11-03 15:45:17 +00:00			\| `INTEGRATION_SLACK` \| No \| Whether the Slack integration is enabled or disabled. \| `1` (enabled) or `0` (disabled) \|
			\| `INTEGRATION_SLACK_SLACK_CLIENT_ID` \| No (Yes if `INTEGRATION_SLACK` is set) \| The Slack client ID. \| `g6aff8102efda5e1d12e` \|
			\| `INTEGRATION_SLACK_SLACK_CLIENT_SECRET` \| No (Yes if `INTEGRATION_SLACK` is set) \| The Slack client secret. \| `g12e552xx54xx2b127821dc4abc4491dxxxa6b187` \|
			\| `INTEGRATION_GITHUB_APP_NAME` \| No \| The GitHub application name. \| `graphql-hive-self-hosted` \|
			\| `AUTH_GITHUB` \| No \| Whether login via GitHub should be allowed \| `1` (enabled) or `0` (disabled) \|
			\| `AUTH_GOOGLE` \| No \| Whether login via Google should be allowed \| `1` (enabled) or `0` (disabled) \|
enable organization <-> oidc linking feature (#605) 2022-11-07 10:51:01 +00:00			\| `AUTH_ORGANIZATION_OIDC` \| No \| Whether linking a Hive organization to an Open ID Connect provider is allowed. (Default: `0`) \| `1` (enabled) or `0` (disabled) \|
feat: OIDC organisation integration (#524) * feat: support login via okta * add deployment config * feat: automatically start okta login when visiting /auth with okta provider query parameter * remove trailing slash from base url * laurin pls * ... * adjust deployment url * we dont need this * docs: document how to enabled Google and GitHub social login (#511) * docs: document how to enabled Google and GitHub social login * Apply suggestions from code review * Apply suggestions from code review * docs: add Okta instructions * fix typo * add database migration * feat: env decoding * auto generate id * add generates types for the postgres table * implement crud graphql fields for the oidc integration entites * add unique constraint for the oidc domain column * use correct sql query for updating an oidc integration * return organization from deleteOIDCIntegration ok result * add crud forms to the settings page * update integration test fixture value * drop unique constraint for oidc_integrations.domain as this would allow a malicous user to block another account from using a domain * move notice to isolated component * apply url normalization in a central place * implement supertokens provider and overrides for dynamic oidc provider integrations * relocate code to correct files * prettify oidc crud forms * replace Query.isOIDCIntegrationFeatureEnabled with the Organization.viewerCanManageOIDCIntegration field * do not show oidc integrations for personal organizations + disable crud endpoints if the feature is disabled * load oidc integration for the supertokens flow via trpc from the server * prepare encryption secret within constructor * add user to organization upon oidc login * login via oidc does not create a personal organization * redirect oidc user to oidc organization * disallow oidc users to create an organization * disallow oidc accounts joining another organization * add test for updating an oidc integration * enhance ui * add documentation for OIDC SSO * add more tests * import Callout component * update snapshots * rename field User.isLinkedToOIDCIntegration to User.canSwitchOrganization to be more decriptive * add traling new line * gracefully handle unique constraint * upgrade supertokens-auth-react and adjust the code in order to remove the global preApiHook * sync image versions with tests * remove obsolete comment * rename database column * bruv * add test for oidc user deletion 2022-11-03 15:45:17 +00:00			\| `AUTH_OKTA` \| No \| Whether login via Okta should be allowed \| `1` (enabled) or `0` (disabled) \|
			\| `AUTH_OKTA_HIDDEN` \| No \| Whether the Okta login button should be hidden. (Default: `0`) \| `1` (enabled) or `0` (disabled) \|
			\| `AUTH_REQUIRE_EMAIL_VERIFICATION` \| No \| Whether verifying the email address is mandatory. \| `1` (enabled) or `0` (disabled) \|
			\| `ENVIRONMENT` \| No \| The environment of your Hive app. (Note: This will be used for Sentry reporting.) \| `staging` \|
			\| `SENTRY_DSN` \| No \| The DSN for reporting errors to Sentry. \| `https://dooobars@o557896.ingest.sentry.io/12121212` \|
			\| `SENTRY_ENABLED` \| No \| Whether Sentry error reporting should be enabled. \| `1` (enabled) or `0` (disabled) \|
Unify landing page and docs into a single deployment (#1847) 2023-03-27 14:23:44 +00:00			\| `DOCS_URL` \| No \| The URL of the Hive Docs \| `https://the-guild.dev/graphql/hive/docs` \|
feat: OIDC organisation integration (#524) * feat: support login via okta * add deployment config * feat: automatically start okta login when visiting /auth with okta provider query parameter * remove trailing slash from base url * laurin pls * ... * adjust deployment url * we dont need this * docs: document how to enabled Google and GitHub social login (#511) * docs: document how to enabled Google and GitHub social login * Apply suggestions from code review * Apply suggestions from code review * docs: add Okta instructions * fix typo * add database migration * feat: env decoding * auto generate id * add generates types for the postgres table * implement crud graphql fields for the oidc integration entites * add unique constraint for the oidc domain column * use correct sql query for updating an oidc integration * return organization from deleteOIDCIntegration ok result * add crud forms to the settings page * update integration test fixture value * drop unique constraint for oidc_integrations.domain as this would allow a malicous user to block another account from using a domain * move notice to isolated component * apply url normalization in a central place * implement supertokens provider and overrides for dynamic oidc provider integrations * relocate code to correct files * prettify oidc crud forms * replace Query.isOIDCIntegrationFeatureEnabled with the Organization.viewerCanManageOIDCIntegration field * do not show oidc integrations for personal organizations + disable crud endpoints if the feature is disabled * load oidc integration for the supertokens flow via trpc from the server * prepare encryption secret within constructor * add user to organization upon oidc login * login via oidc does not create a personal organization * redirect oidc user to oidc organization * disallow oidc users to create an organization * disallow oidc accounts joining another organization * add test for updating an oidc integration * enhance ui * add documentation for OIDC SSO * add more tests * import Callout component * update snapshots * rename field User.isLinkedToOIDCIntegration to User.canSwitchOrganization to be more decriptive * add traling new line * gracefully handle unique constraint * upgrade supertokens-auth-react and adjust the code in order to remove the global preApiHook * sync image versions with tests * remove obsolete comment * rename database column * bruv * add test for oidc user deletion 2022-11-03 15:45:17 +00:00			\| `NODE_ENV` \| No \| The `NODE_ENV` value. \| `production` \|
feat: opt-in app deployments persisted documents for hive app (#4866) 2024-07-23 06:45:04 +00:00			\| `GRAPHQL_PERSISTED_OPERATIONS` \| No \| Send persisted operation hashes instead of documents to the server. \| `1` (enabled) or `0` (disabled) \|
feat: remove app next.js built-time environment variable requirement (#382) * feat: retreive stripe public key via runtime environment variable instead of a build-time environment variable * feat: retreive google and github enabled environment variable via runtime environment variable instead of a build-time environment variable * feat: retreive app base url environment variable via runtime environment variable instead of a build-time environment variable * feat: retreive mixpanel token environment variable via runtime environment variable instead of a build-time environment variable * lazy initialize app info * feat: provide ga tarcking id and crisp website id via environment variable * make docs url optional * feat: load sentry config from environment variables * document hive app environment variables * add application dockerfile * add docker build instructions * lul * set working directory * pls fix * lol this is apollo-router not graphql-hive * feat: only show sentry stuff if sentry environment variables are set * use LTS node version * No mixpanel * Fallback Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> 2022-09-21 10:47:40 +00:00
			`## Hive Hosted Configuration`

			`This is only important if you are hosting Hive for getting 💰.`

			`### Payments`

			`\| Name \| Required \| Description \| Example Value \|`
			`\| ------------------- \| -------- \| ---------------------- \| ---------------------- \|`
			\| `STRIPE_PUBLIC_KEY` \| No \| The Stripe Public Key. \| `g6aff8102efda5e1d12e` \|

			`### Building the Docker Image`

Use pnpm instead of yarn (#477) Co-authored-by: enisdenjo <badurinadenis@gmail.com> Co-authored-by: Denis Badurina <denis@domonda.com> 2022-11-01 00:11:53 +00:00			Prerequisites: Make sure you built the mono-repository using `pnpm build`.
feat: remove app next.js built-time environment variable requirement (#382) * feat: retreive stripe public key via runtime environment variable instead of a build-time environment variable * feat: retreive google and github enabled environment variable via runtime environment variable instead of a build-time environment variable * feat: retreive app base url environment variable via runtime environment variable instead of a build-time environment variable * feat: retreive mixpanel token environment variable via runtime environment variable instead of a build-time environment variable * lazy initialize app info * feat: provide ga tarcking id and crisp website id via environment variable * make docs url optional * feat: load sentry config from environment variables * document hive app environment variables * add application dockerfile * add docker build instructions * lul * set working directory * pls fix * lol this is apollo-router not graphql-hive * feat: only show sentry stuff if sentry environment variables are set * use LTS node version * No mixpanel * Fallback Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> 2022-09-21 10:47:40 +00:00
			```bash
			`docker build . --build-arg RELEASE=stable-main -t graphql-hive/app`
			```