Show warning when VCS integration is not authorized for auto-deployments

[hmacr]

Towards SER-1129

Summary by CodeRabbit

• New Features

  • VCS deployment authorization is checked on page load; a loading placeholder appears while status is fetched.

• Improvements

  • Unauthorized deployments show a visible warning with guidance.
  • Deployment and site views surface richer context (site, region, project) for clearer management.

• Chores

  • Component interfaces updated to accept additional context for consistent behavior across pages.

[appwrite]

Console (appwrite/console)

Project ID: 688b7bf400350cbd60e9

Sites (1)

Site	Status	Logs	Preview	QR
console-stage 688b7cf6003b1842c9dc	Ready	View Logs	Preview URL

Tip

HTTPS and SSL certificates are handled automatically for all your Sites

[coderabbitai]

Walkthrough

Adds VCS authorization checks to src/lib/components/git/deploymentSource.svelte: new optional props resource, region, and project; on-mount async load via sdk.forProject(region, project).vcs.getRepository to set an authorized state; shows a Skeleton while loading and conditionally renders an Exclamation tooltip when unauthorized. Updates call sites: siteCard.svelte gains a new optional site prop and passes resource={site}, region, and project into DeploymentSource; deploymentCard.svelte passes resource={$func}, region, and project; the page passes site={data.site} into SiteCard.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and clearly describes the main objective of the PR: showing a warning when VCS integration is not authorized for auto-deployments, which is consistently reflected across all file changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch ser-1129

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

Added VCS authorization checking for deployments to warn users when their repository integration isn't authorized for auto-deployments. The warning appears as an icon next to the GitHub source link with a tooltip explaining how to fix it.

Key changes:

• DeploymentSource component now accepts optional resource, region, and project props to fetch authorization status
• Authorization is checked async on mount via VCS API
• Warning icon displays when authorized === false
• DeploymentCard and SiteCard updated to pass required props

Critical issue:

• SiteCard component now requires a site prop, but two existing pages weren't updated and will break at runtime

Confidence Score: 2/5

• This PR introduces a breaking change that will cause runtime errors on two pages
• The site prop was made required in SiteCard but two existing pages (deployment-[deployment]/+page.svelte and create-site/finish/+page.svelte) were not updated to pass this prop, which will cause runtime errors
• siteCard.svelte requires immediate attention - the site prop should either be made optional or all call sites must be updated

Important Files Changed

Filename	Overview
src/lib/components/git/deploymentSource.svelte	Added authorization check for VCS deployments with warning indicator; requires new optional props (resource, region, project)
src/routes/(console)/project-[region]-[project]/sites/(components)/siteCard.svelte	Added required site prop and passes it to DeploymentSource; breaks two existing pages that call this component

Sequence Diagram

sequenceDiagram
    participant Page as Site/Function Page
    participant Card as DeploymentCard/SiteCard
    participant DS as DeploymentSource
    participant API as VCS API
    
    Page->>Card: Pass deployment + resource + region + project
    Card->>DS: Pass all props
    Note over DS: onMount()
    DS->>DS: Check if resource has installationId & providerRepositoryId
    alt Has required data
        DS->>API: getRepository(installationId, providerRepositoryId)
        API-->>DS: { authorized: boolean }
        DS->>DS: Set authorized state
        alt authorized === false
            DS->>DS: Render warning icon with tooltip
        end
    else Missing data
        DS->>DS: authorized stays null (no warning shown)
    end

Loading

_{Last reviewed commit: ba7e9ce}

[greptile-apps]

_{4 files reviewed, 5 comments}

_{Edit Code Review Agent Settings | Greptile}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

src/routes/(console)/project-[region]-[project]/sites/site-[site]/+page.ts (1)

103-110: Avoid swallowing all fetch errors silently.

At Line 108 and Line 129, returning null for every exception hides operational failures. Consider at least logging unexpected errors so production issues remain debuggable.

Suggested pattern

 async function loadDeployment({
@@
 }): Promise<Models.Deployment | null> {
     try {
         return await sdk.forProject(region, project).sites.getDeployment({
             siteId,
             deploymentId
         });
     } catch (error) {
+        console.error('Failed to load site deployment', { siteId, deploymentId, error });
         return null;
     }
 }
@@
 }): Promise<Models.ProviderRepository | null> {
     try {
         return await sdk.forProject(region, project).vcs.getRepository({
             installationId,
             providerRepositoryId
         });
     } catch (error) {
+        console.error('Failed to load site repository', {
+            installationId,
+            providerRepositoryId,
+            error
+        });
         return null;
     }
 }

Also applies to: 124-131

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/routes/`(console)/project-[region]-[project]/sites/site-[site]/+page.ts
around lines 103 - 110, The catch block that wraps
sdk.forProject(...).sites.getDeployment currently swallows all errors and
returns null; change it to detect and handle expected "not found" responses
(e.g., check error.status === 404 or SDK-specific NotFound error) returning null
only in that case, but for all other exceptions log the error with context
(include region, project, siteId, deploymentId) using the project's logger (or
console.error if no logger available) and rethrow or return a meaningful error;
update the catch around sdk.forProject(...).sites.getDeployment (and the similar
block calling the same method) accordingly so operational failures are not
silently hidden.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@src/routes/`(console)/project-[region]-[project]/functions/function-[function]/+page.ts:
- Around line 69-70: The load function currently mutates the module-scoped
queries store by calling queries.set(parsedQueries) after computing
parsedQueries with queryParamToMap(query || '[]'); remove that mutation from the
load function and instead return parsedQueries as part of the load data payload
(e.g., return { parsedQueries }). Then initialize the queries store on the
client: subscribe/ set it inside a client-only context such as a +page.svelte
onMount or a script tag with context="module" avoided—use onMount to call
queries.set(data.parsedQueries) or otherwise subscribe to load data; update the
+page.svelte to read the returned parsedQueries and set the queries store there
so SSR does not mutate shared module state.

In
`@src/routes/`(console)/project-[region]-[project]/sites/site-[site]/+page.svelte:
- Around line 39-44: Replace the generic link text "here" in the Link component
with descriptive copy that conveys the destination (e.g., "Manage GitHub App
installation" or "View GitHub installation settings") and update the Link
(component named Link, href constructed with
data.repository.providerInstallationId) to include an accessible label if
additional context is needed (aria-label) so screen readers see the destination
out of context; ensure the text mentions GitHub and installation/settings to
match the URL.

---

Nitpick comments:
In `@src/routes/`(console)/project-[region]-[project]/sites/site-[site]/+page.ts:
- Around line 103-110: The catch block that wraps
sdk.forProject(...).sites.getDeployment currently swallows all errors and
returns null; change it to detect and handle expected "not found" responses
(e.g., check error.status === 404 or SDK-specific NotFound error) returning null
only in that case, but for all other exceptions log the error with context
(include region, project, siteId, deploymentId) using the project's logger (or
console.error if no logger available) and rethrow or return a meaningful error;
update the catch around sdk.forProject(...).sites.getDeployment (and the similar
block calling the same method) accordingly so operational failures are not
silently hidden.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6965800 and 1e3b03a.

📒 Files selected for processing (4)

• src/routes/(console)/project-[region]-[project]/functions/function-[function]/+page.svelte
• src/routes/(console)/project-[region]-[project]/functions/function-[function]/+page.ts
• src/routes/(console)/project-[region]-[project]/sites/site-[site]/+page.svelte
• src/routes/(console)/project-[region]-[project]/sites/site-[site]/+page.ts

[coderabbitai]

🧹 Nitpick comments (1)

src/lib/components/git/deploymentSource.svelte (1)

29-41: Optional: Add explicit type to authorized for consistency.

TypeScript strict null checks are currently disabled in this project, so the current declaration works without issues. However, for consistency with similar state declarations elsewhere (e.g., multiSelectTable.svelte), consider explicitly typing the state:

♻️ Proposed fix

-    let authorized = $state(null);
+    let authorized = $state<boolean | null>(null);

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/lib/components/git/deploymentSource.svelte` around lines 29 - 41, The
local state variable authorized is declared without an explicit type; update the
declaration of authorized to include an explicit type (matching other components
like multiSelectTable.svelte) such as boolean | null (or the specific
Writable/State type you use) so its intended shape is clear and consistent,
leaving the existing initializer ($state(null)) and keeping loadAuthorized and
its assignment (authorized = repository.authorized) unchanged.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@src/lib/components/git/deploymentSource.svelte`:
- Around line 29-41: The local state variable authorized is declared without an
explicit type; update the declaration of authorized to include an explicit type
(matching other components like multiSelectTable.svelte) such as boolean | null
(or the specific Writable/State type you use) so its intended shape is clear and
consistent, leaving the existing initializer ($state(null)) and keeping
loadAuthorized and its assignment (authorized = repository.authorized)
unchanged.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1e3b03a and de1ef99.

📒 Files selected for processing (4)

• src/lib/components/git/deploymentSource.svelte
• src/routes/(console)/project-[region]-[project]/functions/function-[function]/(components)/deploymentCard.svelte
• src/routes/(console)/project-[region]-[project]/sites/(components)/siteCard.svelte
• src/routes/(console)/project-[region]-[project]/sites/site-[site]/+page.svelte

[Meldiron]

Lets consider CTA, dont use "here"

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/lib/components/git/deploymentSource.svelte`:
- Around line 30-44: The template is calling loadAuthorized() inside a {`#await`
...} which recreates the Promise on every render; move the auth check out of the
template and invoke loadAuthorized imperatively only when inputs change (e.g.,
in an onMount and/or a reactive statement that watches resource.installationId,
resource.providerRepositoryId, region, and project) so it only calls
sdk.forProject(...).vcs.getRepository once per actual dependency change; keep
the function loadAuthorized and its try/catch as-is but stop calling it from the
template and ensure authorized is updated only by that controlled invocation.

In
`@src/routes/`(console)/project-[region]-[project]/sites/(components)/siteCard.svelte:
- Around line 32-39: The SiteCard currently declares the prop "site" as optional
but the VCS warning (which relies on DeploymentSource needing
resource.installationId and resource.providerRepositoryId) requires those
identifiers; either make "site" required by changing the prop type from site?:
Models.Site to site: Models.Site in SiteCard (and also update the other prop
declaration block around lines 213-217) and update the two callers in
sites/site-[site]/deployments/.../+page.svelte and
sites/create-site/finish/+page.svelte to pass the site object, OR implement a
fallback inside SiteCard to compute installationId/providerRepositoryId from
other available data (e.g., deployment.resource or proxyRuleList) and use that
when site is undefined; reference the prop declaration in siteCard.svelte and
ensure all callsites that previously omitted site are updated if you choose the
required-route.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 194dfd33-46f9-476c-9fb4-547ded63a6c6

📥 Commits

Reviewing files that changed from the base of the PR and between a95a9c3 and 0353c0b.

📒 Files selected for processing (2)

• src/lib/components/git/deploymentSource.svelte
• src/routes/(console)/project-[region]-[project]/sites/(components)/siteCard.svelte